Traffic Trace Info
DumpFile: 201004131000.dump
FileSize: 2389.98MB
Id: 201004131000
StartTime: Tue Apr 13 10:00:01 2010
EndTime: Tue Apr 13 10:15:01 2010
TotalTime: 900.17 seconds
TotalCapSize: 1869.28MB CapLen: 96 bytes
# of packets: 34123105 (19461.47MB)
AvgRate: 181.37Mbps stddev:20.38M
IP flow (unique src/dst pair) Information
# of flows: 1034982 (avg. 32.97 pkts/flow)
Top 10 big flow size (bytes/total in %):
3.0% 1.2% 1.2% 1.1% 0.9% 0.9% 0.7% 0.7% 0.7% 0.7%
IP address Information
# of IPv4 addresses: 577440
Top 10 bandwidth usage (bytes/total in %):
18.2% 9.8% 4.5% 4.1% 3.7% 3.6% 3.5% 3.0% 2.7% 2.2%
# of IPv6 addresses: 959
Top 10 bandwidth usage (bytes/total in %):
24.0% 10.2% 6.2% 5.2% 5.1% 5.1% 5.0% 4.9% 4.9% 4.7%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004131000.pktlen.png)
detailed numbers
[ 32- 63]: 5219434
[ 64- 127]: 9849483
[ 128- 255]: 3920172
[ 256- 511]: 2206174
[ 512- 1023]: 989945
[ 1024- 2047]: 11937897
Protocol Breakdown
![[protocol breakdown chart]](201004131000.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 34123105 (100.00%) 20406829968 (100.00%) 598.04
ip 34072929 ( 99.85%) 20397686196 ( 99.96%) 598.65
tcp 19019683 ( 55.74%) 13384018234 ( 65.59%) 703.69
http(s) 7724866 ( 22.64%) 10459558177 ( 51.26%) 1354.01
http(c) 4996666 ( 14.64%) 664728467 ( 3.26%) 133.03
squid 194788 ( 0.57%) 67242271 ( 0.33%) 345.21
smtp 314231 ( 0.92%) 133816871 ( 0.66%) 425.86
ftp 22837 ( 0.07%) 2231417 ( 0.01%) 97.71
pop3 13627 ( 0.04%) 5891040 ( 0.03%) 432.31
imap 12129 ( 0.04%) 9966298 ( 0.05%) 821.69
telnet 627 ( 0.00%) 76921 ( 0.00%) 122.68
ssh 1809169 ( 5.30%) 231345672 ( 1.13%) 127.87
dns 57457 ( 0.17%) 3979179 ( 0.02%) 69.25
bgp 142 ( 0.00%) 43176 ( 0.00%) 304.06
napster 519 ( 0.00%) 309687 ( 0.00%) 596.70
realaud 349 ( 0.00%) 36637 ( 0.00%) 104.98
rtsp 190278 ( 0.56%) 60827594 ( 0.30%) 319.68
icecast 9428 ( 0.03%) 635672 ( 0.00%) 67.42
hotline 15 ( 0.00%) 3032 ( 0.00%) 202.13
other 3672552 ( 10.76%) 1743325943 ( 8.54%) 474.69
udp 9742081 ( 28.55%) 4748337334 ( 23.27%) 487.40
dns 629084 ( 1.84%) 107828386 ( 0.53%) 171.41
realaud 47 ( 0.00%) 4803 ( 0.00%) 102.19
halflif 129 ( 0.00%) 19452 ( 0.00%) 150.79
starcra 177 ( 0.00%) 17507 ( 0.00%) 98.91
everque 624 ( 0.00%) 123338 ( 0.00%) 197.66
unreal 114 ( 0.00%) 18194 ( 0.00%) 159.60
quake 30 ( 0.00%) 2573 ( 0.00%) 85.77
cuseeme 6 ( 0.00%) 903 ( 0.00%) 150.50
other 9111598 ( 26.70%) 4640167673 ( 22.74%) 509.26
icmp 1712120 ( 5.02%) 156463986 ( 0.77%) 91.39
ipip 368 ( 0.00%) 46140 ( 0.00%) 125.38
ipsec 127719 ( 0.37%) 74501394 ( 0.37%) 583.32
ip6 3326321 ( 9.75%) 2019019949 ( 9.89%) 606.98
other 144637 ( 0.42%) 15299159 ( 0.07%) 105.78
frag 1535 ( 0.00%) 1636273 ( 0.01%) 1065.98
ip6 50176 ( 0.15%) 9143772 ( 0.04%) 182.23
tcp6 15584 ( 0.05%) 2619365 ( 0.01%) 168.08
http(s) 731 ( 0.00%) 768590 ( 0.00%) 1051.42
http(c) 4292 ( 0.01%) 383679 ( 0.00%) 89.39
smtp 95 ( 0.00%) 31499 ( 0.00%) 331.57
ftp 2537 ( 0.01%) 263592 ( 0.00%) 103.90
imap 121 ( 0.00%) 16620 ( 0.00%) 137.36
ssh 3068 ( 0.01%) 254404 ( 0.00%) 82.92
dns 96 ( 0.00%) 37214 ( 0.00%) 387.65
bgp 100 ( 0.00%) 12269 ( 0.00%) 122.69
other 4544 ( 0.01%) 851498 ( 0.00%) 187.39
udp6 28315 ( 0.08%) 5716493 ( 0.03%) 201.89
dns 27989 ( 0.08%) 5673846 ( 0.03%) 202.72
quake 1 ( 0.00%) 118 ( 0.00%) 118.00
other 325 ( 0.00%) 42529 ( 0.00%) 130.86
icmp6 6181 ( 0.02%) 748209 ( 0.00%) 121.05
pim6 31 ( 0.00%) 4216 ( 0.00%) 136.00
other6 65 ( 0.00%) 55489 ( 0.00%) 853.68
tcpdump file: 201004131000.dump.gz (872.49 MB)