Traffic Trace Info
DumpFile: 201004130845.dump
FileSize: 1939.86MB
Id: 201004130845
StartTime: Tue Apr 13 08:45:01 2010
EndTime: Tue Apr 13 09:00:00 2010
TotalTime: 899.67 seconds
TotalCapSize: 1519.16MB CapLen: 96 bytes
# of packets: 27570487 (16882.60MB)
AvgRate: 157.45Mbps stddev:12.64M
IP flow (unique src/dst pair) Information
# of flows: 984323 (avg. 28.01 pkts/flow)
Top 10 big flow size (bytes/total in %):
1.8% 1.8% 1.5% 1.3% 1.3% 0.9% 0.9% 0.8% 0.7% 0.7%
IP address Information
# of IPv4 addresses: 561653
Top 10 bandwidth usage (bytes/total in %):
23.9% 12.3% 4.3% 3.9% 3.8% 3.7% 3.2% 2.1% 1.8% 1.8%
# of IPv6 addresses: 871
Top 10 bandwidth usage (bytes/total in %):
32.5% 8.4% 8.2% 7.0% 5.0% 4.9% 4.4% 3.5% 3.5% 3.4%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004130845.pktlen.png)
detailed numbers
[ 32- 63]: 3988284
[ 64- 127]: 7734579
[ 128- 255]: 2734173
[ 256- 511]: 1644137
[ 512- 1023]: 756612
[ 1024- 2047]: 10712702
Protocol Breakdown
![[protocol breakdown chart]](201004130845.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 27570487 (100.00%) 17702688957 (100.00%) 642.09
ip 27527501 ( 99.84%) 17695942555 ( 99.96%) 642.85
tcp 14930403 ( 54.15%) 10705392498 ( 60.47%) 717.02
http(s) 6173562 ( 22.39%) 8490823231 ( 47.96%) 1375.35
http(c) 3965803 ( 14.38%) 526181146 ( 2.97%) 132.68
squid 211276 ( 0.77%) 75089282 ( 0.42%) 355.41
smtp 264822 ( 0.96%) 92167627 ( 0.52%) 348.04
nntp 7 ( 0.00%) 434 ( 0.00%) 62.00
ftp 14129 ( 0.05%) 1436119 ( 0.01%) 101.64
pop3 18868 ( 0.07%) 15891885 ( 0.09%) 842.27
imap 2504 ( 0.01%) 741231 ( 0.00%) 296.02
telnet 246 ( 0.00%) 36894 ( 0.00%) 149.98
ssh 1409998 ( 5.11%) 182917154 ( 1.03%) 129.73
dns 57513 ( 0.21%) 3931615 ( 0.02%) 68.36
bgp 172 ( 0.00%) 68403 ( 0.00%) 397.69
napster 26 ( 0.00%) 3266 ( 0.00%) 125.62
realaud 9 ( 0.00%) 1001 ( 0.00%) 111.22
rtsp 19743 ( 0.07%) 3775756 ( 0.02%) 191.25
icecast 334 ( 0.00%) 21688 ( 0.00%) 64.93
hotline 2 ( 0.00%) 132 ( 0.00%) 66.00
other 2791388 ( 10.12%) 1312305574 ( 7.41%) 470.13
udp 8295410 ( 30.09%) 4684611245 ( 26.46%) 564.72
dns 570172 ( 2.07%) 100676519 ( 0.57%) 176.57
realaud 150 ( 0.00%) 16811 ( 0.00%) 112.07
halflif 134 ( 0.00%) 18484 ( 0.00%) 137.94
starcra 322 ( 0.00%) 40332 ( 0.00%) 125.25
everque 621 ( 0.00%) 109154 ( 0.00%) 175.77
unreal 65 ( 0.00%) 10130 ( 0.00%) 155.85
quake 12 ( 0.00%) 1336 ( 0.00%) 111.33
cuseeme 1 ( 0.00%) 113 ( 0.00%) 113.00
other 7723595 ( 28.01%) 4583573334 ( 25.89%) 593.45
icmp 491926 ( 1.78%) 92240291 ( 0.52%) 187.51
ipip 321 ( 0.00%) 39754 ( 0.00%) 123.84
ipsec 6739 ( 0.02%) 2709998 ( 0.02%) 402.14
ip6 3668345 ( 13.31%) 2196527278 ( 12.41%) 598.78
other 134357 ( 0.49%) 14421491 ( 0.08%) 107.34
frag 1710 ( 0.01%) 1723530 ( 0.01%) 1007.91
ip6 42986 ( 0.16%) 6746402 ( 0.04%) 156.94
tcp6 12291 ( 0.04%) 1248629 ( 0.01%) 101.59
http(s) 60 ( 0.00%) 28508 ( 0.00%) 475.13
http(c) 3343 ( 0.01%) 303327 ( 0.00%) 90.73
smtp 246 ( 0.00%) 81222 ( 0.00%) 330.17
ftp 1618 ( 0.01%) 164628 ( 0.00%) 101.75
imap 173 ( 0.00%) 20477 ( 0.00%) 118.36
ssh 2975 ( 0.01%) 247066 ( 0.00%) 83.05
dns 138 ( 0.00%) 29590 ( 0.00%) 214.42
bgp 110 ( 0.00%) 14150 ( 0.00%) 128.64
other 3628 ( 0.01%) 359661 ( 0.00%) 99.13
udp6 24617 ( 0.09%) 4673975 ( 0.03%) 189.87
dns 24301 ( 0.09%) 4620397 ( 0.03%) 190.13
quake 1 ( 0.00%) 106 ( 0.00%) 106.00
other 315 ( 0.00%) 53472 ( 0.00%) 169.75
icmp6 5924 ( 0.02%) 706094 ( 0.00%) 119.19
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 124 ( 0.00%) 113624 ( 0.00%) 916.32
tcpdump file: 201004130845.dump.gz (699.07 MB)