Traffic Trace Info
DumpFile: 201004130915.dump
FileSize: 1929.87MB
Id: 201004130915
StartTime: Tue Apr 13 09:15:00 2010
EndTime: Tue Apr 13 09:30:01 2010
TotalTime: 900.47 seconds
TotalCapSize: 1511.82MB CapLen: 96 bytes
# of packets: 27396925 (16158.46MB)
AvgRate: 150.53Mbps stddev:11.99M
IP flow (unique src/dst pair) Information
# of flows: 928544 (avg. 29.51 pkts/flow)
Top 10 big flow size (bytes/total in %):
1.4% 1.4% 1.0% 1.0% 1.0% 0.9% 0.9% 0.9% 0.8% 0.7%
IP address Information
# of IPv4 addresses: 538506
Top 10 bandwidth usage (bytes/total in %):
23.0% 12.8% 5.1% 4.4% 4.1% 4.0% 3.3% 2.9% 1.7% 1.6%
# of IPv6 addresses: 952
Top 10 bandwidth usage (bytes/total in %):
90.4% 90.4% 2.6% 0.8% 0.7% 0.6% 0.5% 0.5% 0.5% 0.4%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004130915.pktlen.png)
detailed numbers
[ 32- 63]: 3933920
[ 64- 127]: 8160860
[ 128- 255]: 2587871
[ 256- 511]: 1766198
[ 512- 1023]: 855977
[ 1024- 2047]: 10092099
Protocol Breakdown
![[protocol breakdown chart]](201004130915.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 27396925 (100.00%) 16943372542 (100.00%) 618.44
ip 27289491 ( 99.61%) 16858970384 ( 99.50%) 617.78
tcp 14859064 ( 54.24%) 10062996448 ( 59.39%) 677.23
http(s) 5759787 ( 21.02%) 7800640568 ( 46.04%) 1354.33
http(c) 3998235 ( 14.59%) 490957104 ( 2.90%) 122.79
squid 192479 ( 0.70%) 67447106 ( 0.40%) 350.41
smtp 269407 ( 0.98%) 95619663 ( 0.56%) 354.93
ftp 10308 ( 0.04%) 935627 ( 0.01%) 90.77
pop3 11565 ( 0.04%) 4294030 ( 0.03%) 371.30
imap 1738 ( 0.01%) 799580 ( 0.00%) 460.06
telnet 350 ( 0.00%) 47704 ( 0.00%) 136.30
ssh 1451496 ( 5.30%) 184954104 ( 1.09%) 127.42
dns 57082 ( 0.21%) 3896417 ( 0.02%) 68.26
bgp 134 ( 0.00%) 44455 ( 0.00%) 331.75
napster 40 ( 0.00%) 5421 ( 0.00%) 135.53
realaud 8 ( 0.00%) 884 ( 0.00%) 110.50
rtsp 44388 ( 0.16%) 43982781 ( 0.26%) 990.87
icecast 9693 ( 0.04%) 662130 ( 0.00%) 68.31
hotline 1 ( 0.00%) 62 ( 0.00%) 62.00
other 3052353 ( 11.14%) 1368708812 ( 8.08%) 448.41
udp 8254345 ( 30.13%) 4548637113 ( 26.85%) 551.06
dns 591872 ( 2.16%) 104638889 ( 0.62%) 176.79
realaud 32 ( 0.00%) 3346 ( 0.00%) 104.56
halflif 111 ( 0.00%) 14662 ( 0.00%) 132.09
starcra 194 ( 0.00%) 19284 ( 0.00%) 99.40
everque 687 ( 0.00%) 119933 ( 0.00%) 174.57
unreal 79 ( 0.00%) 13553 ( 0.00%) 171.56
quake 30 ( 0.00%) 2977 ( 0.00%) 99.23
cuseeme 4 ( 0.00%) 372 ( 0.00%) 93.00
other 7661055 ( 27.96%) 4443703824 ( 26.23%) 580.04
icmp 492815 ( 1.80%) 62782050 ( 0.37%) 127.39
ipip 308 ( 0.00%) 37318 ( 0.00%) 121.16
ipsec 1718 ( 0.01%) 604836 ( 0.00%) 352.06
ip6 3556509 ( 12.98%) 2170500145 ( 12.81%) 610.29
other 124732 ( 0.46%) 13412474 ( 0.08%) 107.53
frag 1744 ( 0.01%) 1708680 ( 0.01%) 979.75
ip6 107434 ( 0.39%) 84402158 ( 0.50%) 785.62
tcp6 69634 ( 0.25%) 78106856 ( 0.46%) 1121.68
http(s) 80 ( 0.00%) 55649 ( 0.00%) 695.61
http(c) 8915 ( 0.03%) 739623 ( 0.00%) 82.96
squid 2 ( 0.00%) 148 ( 0.00%) 74.00
smtp 359 ( 0.00%) 140224 ( 0.00%) 390.60
ftp 2232 ( 0.01%) 229151 ( 0.00%) 102.67
imap 996 ( 0.00%) 92832 ( 0.00%) 93.20
ssh 3039 ( 0.01%) 252354 ( 0.00%) 83.04
dns 79 ( 0.00%) 19191 ( 0.00%) 242.92
bgp 120 ( 0.00%) 16608 ( 0.00%) 138.40
icecast 1 ( 0.00%) 74 ( 0.00%) 74.00
other 53811 ( 0.20%) 76561002 ( 0.45%) 1422.78
udp6 31689 ( 0.12%) 5514976 ( 0.03%) 174.03
dns 26730 ( 0.10%) 5071423 ( 0.03%) 189.73
other 4959 ( 0.02%) 443553 ( 0.00%) 89.44
icmp6 6015 ( 0.02%) 715972 ( 0.00%) 119.03
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 66 ( 0.00%) 60274 ( 0.00%) 913.24
tcpdump file: 201004130915.dump.gz (703.07 MB)