Traffic Trace Info
DumpFile: 201004130900.dump
FileSize: 1959.34MB
Id: 201004130900
StartTime: Tue Apr 13 09:00:00 2010
EndTime: Tue Apr 13 09:15:00 2010
TotalTime: 899.91 seconds
TotalCapSize: 1536.31MB CapLen: 96 bytes
# of packets: 27722956 (16555.47MB)
AvgRate: 154.33Mbps stddev:14.04M
IP flow (unique src/dst pair) Information
# of flows: 954780 (avg. 29.04 pkts/flow)
Top 10 big flow size (bytes/total in %):
1.6% 1.4% 1.3% 1.2% 0.9% 0.9% 0.9% 0.8% 0.6% 0.6%
IP address Information
# of IPv4 addresses: 569916
Top 10 bandwidth usage (bytes/total in %):
22.5% 12.6% 4.6% 4.1% 4.0% 3.8% 3.2% 3.1% 1.8% 1.7%
# of IPv6 addresses: 931
Top 10 bandwidth usage (bytes/total in %):
75.1% 75.1% 17.9% 17.9% 1.9% 0.7% 0.7% 0.6% 0.5% 0.4%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004130900.pktlen.png)
detailed numbers
[ 32- 63]: 4037986
[ 64- 127]: 8203301
[ 128- 255]: 2601260
[ 256- 511]: 1654295
[ 512- 1023]: 834662
[ 1024- 2047]: 10391452
Protocol Breakdown
![[protocol breakdown chart]](201004130900.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 27722956 (100.00%) 17359669621 (100.00%) 626.18
ip 27598024 ( 99.55%) 17244057040 ( 99.33%) 624.83
tcp 15323170 ( 55.27%) 10495553795 ( 60.46%) 684.95
http(s) 5755033 ( 20.76%) 7855622565 ( 45.25%) 1365.00
http(c) 4149377 ( 14.97%) 550070807 ( 3.17%) 132.57
squid 220807 ( 0.80%) 92577465 ( 0.53%) 419.27
smtp 384243 ( 1.39%) 234534985 ( 1.35%) 610.38
nntp 3 ( 0.00%) 186 ( 0.00%) 62.00
ftp 12289 ( 0.04%) 1177883 ( 0.01%) 95.85
pop3 14765 ( 0.05%) 7415172 ( 0.04%) 502.21
imap 3017 ( 0.01%) 2398079 ( 0.01%) 794.86
telnet 380 ( 0.00%) 60929 ( 0.00%) 160.34
ssh 1576733 ( 5.69%) 200282732 ( 1.15%) 127.02
dns 56166 ( 0.20%) 3840286 ( 0.02%) 68.37
bgp 166 ( 0.00%) 62689 ( 0.00%) 377.64
napster 17 ( 0.00%) 3542 ( 0.00%) 208.35
realaud 89 ( 0.00%) 73734 ( 0.00%) 828.47
rtsp 75736 ( 0.27%) 45805910 ( 0.26%) 604.81
icecast 8314 ( 0.03%) 565916 ( 0.00%) 68.07
hotline 8 ( 0.00%) 1303 ( 0.00%) 162.88
other 3066027 ( 11.06%) 1501059612 ( 8.65%) 489.58
udp 8084869 ( 29.16%) 4460217555 ( 25.69%) 551.67
dns 595447 ( 2.15%) 105983714 ( 0.61%) 177.99
realaud 38 ( 0.00%) 4209 ( 0.00%) 110.76
halflif 155 ( 0.00%) 18870 ( 0.00%) 121.74
starcra 250 ( 0.00%) 31018 ( 0.00%) 124.07
everque 679 ( 0.00%) 125580 ( 0.00%) 184.95
unreal 101 ( 0.00%) 18783 ( 0.00%) 185.97
quake 28 ( 0.00%) 2441 ( 0.00%) 87.18
cuseeme 6 ( 0.00%) 781 ( 0.00%) 130.17
other 7487776 ( 27.01%) 4353851010 ( 25.08%) 581.46
icmp 458099 ( 1.65%) 82121261 ( 0.47%) 179.27
ipip 345 ( 0.00%) 41822 ( 0.00%) 121.22
ipsec 1524 ( 0.01%) 526600 ( 0.00%) 345.54
ip6 3582886 ( 12.92%) 2187136051 ( 12.60%) 610.44
other 147131 ( 0.53%) 18459956 ( 0.11%) 125.47
frag 1991 ( 0.01%) 2063410 ( 0.01%) 1036.37
ip6 124932 ( 0.45%) 115612581 ( 0.67%) 925.40
tcp6 87660 ( 0.32%) 109161203 ( 0.63%) 1245.28
http(s) 13887 ( 0.05%) 20905952 ( 0.12%) 1505.43
http(c) 3188 ( 0.01%) 290181 ( 0.00%) 91.02
smtp 181 ( 0.00%) 67348 ( 0.00%) 372.09
ftp 2337 ( 0.01%) 242808 ( 0.00%) 103.90
imap 253 ( 0.00%) 30785 ( 0.00%) 121.68
ssh 2648 ( 0.01%) 219640 ( 0.00%) 82.95
dns 153 ( 0.00%) 49135 ( 0.00%) 321.14
bgp 103 ( 0.00%) 13720 ( 0.00%) 133.20
other 64910 ( 0.23%) 87341634 ( 0.50%) 1345.58
udp6 30988 ( 0.11%) 5633323 ( 0.03%) 181.79
dns 25764 ( 0.09%) 5157955 ( 0.03%) 200.20
other 5224 ( 0.02%) 475368 ( 0.00%) 91.00
icmp6 6176 ( 0.02%) 747410 ( 0.00%) 121.02
pim6 31 ( 0.00%) 4216 ( 0.00%) 136.00
other6 77 ( 0.00%) 66429 ( 0.00%) 862.71
tcpdump file: 201004130900.dump.gz (711.75 MB)