Traffic Trace Info
DumpFile: 201004131030.dump
FileSize: 2349.50MB
Id: 201004131030
StartTime: Tue Apr 13 10:30:00 2010
EndTime: Tue Apr 13 10:45:01 2010
TotalTime: 900.27 seconds
TotalCapSize: 1835.39MB CapLen: 96 bytes
# of packets: 33691385 (21175.86MB)
AvgRate: 197.31Mbps stddev:14.24M
IP flow (unique src/dst pair) Information
# of flows: 1143873 (avg. 29.45 pkts/flow)
Top 10 big flow size (bytes/total in %):
4.5% 1.7% 1.3% 1.2% 1.2% 1.1% 1.0% 0.9% 0.8% 0.8%
IP address Information
# of IPv4 addresses: 725827
Top 10 bandwidth usage (bytes/total in %):
18.6% 8.7% 7.8% 4.5% 3.3% 3.2% 3.2% 2.8% 2.6% 1.9%
# of IPv6 addresses: 972
Top 10 bandwidth usage (bytes/total in %):
26.9% 8.2% 7.3% 6.8% 5.9% 5.7% 4.8% 4.7% 3.9% 3.5%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004131030.pktlen.png)
detailed numbers
[ 32- 63]: 5555361
[ 64- 127]: 8965174
[ 128- 255]: 2893786
[ 256- 511]: 1770483
[ 512- 1023]: 1002747
[ 1024- 2047]: 13503834
Protocol Breakdown
![[protocol breakdown chart]](201004131030.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 33691385 (100.00%) 22204498153 (100.00%) 659.06
ip 33642373 ( 99.85%) 22196352842 ( 99.96%) 659.77
tcp 20442763 ( 60.68%) 15005379310 ( 67.58%) 734.02
http(s) 8279212 ( 24.57%) 11191851069 ( 50.40%) 1351.80
http(c) 5782635 ( 17.16%) 1030293641 ( 4.64%) 178.17
squid 303419 ( 0.90%) 120584933 ( 0.54%) 397.42
smtp 384701 ( 1.14%) 216945900 ( 0.98%) 563.93
ftp 16433 ( 0.05%) 2029411 ( 0.01%) 123.50
pop3 15612 ( 0.05%) 5879319 ( 0.03%) 376.59
imap 4127 ( 0.01%) 1330535 ( 0.01%) 322.40
telnet 1086 ( 0.00%) 114322 ( 0.00%) 105.27
ssh 1476562 ( 4.38%) 186224635 ( 0.84%) 126.12
dns 57024 ( 0.17%) 3907310 ( 0.02%) 68.52
bgp 149 ( 0.00%) 44477 ( 0.00%) 298.50
napster 39 ( 0.00%) 3670 ( 0.00%) 94.10
realaud 352 ( 0.00%) 32787 ( 0.00%) 93.14
rtsp 81857 ( 0.24%) 54648631 ( 0.25%) 667.61
icecast 4027 ( 0.01%) 567970 ( 0.00%) 141.04
hotline 39 ( 0.00%) 2647 ( 0.00%) 67.87
other 4035481 ( 11.98%) 2190917573 ( 9.87%) 542.91
udp 9285823 ( 27.56%) 5182740024 ( 23.34%) 558.13
dns 646061 ( 1.92%) 110514322 ( 0.50%) 171.06
realaud 126 ( 0.00%) 16536 ( 0.00%) 131.24
halflif 109 ( 0.00%) 18681 ( 0.00%) 171.39
starcra 177 ( 0.00%) 17825 ( 0.00%) 100.71
everque 668 ( 0.00%) 124319 ( 0.00%) 186.11
unreal 81 ( 0.00%) 12097 ( 0.00%) 149.35
quake 45 ( 0.00%) 4286 ( 0.00%) 95.24
cuseeme 10 ( 0.00%) 1421 ( 0.00%) 142.10
other 8638201 ( 25.64%) 5071852006 ( 22.84%) 587.14
icmp 448545 ( 1.33%) 36160085 ( 0.16%) 80.62
ipip 377 ( 0.00%) 47458 ( 0.00%) 125.88
ipsec 4786 ( 0.01%) 2172812 ( 0.01%) 453.99
ip6 3296068 ( 9.78%) 1952406905 ( 8.79%) 592.34
other 164011 ( 0.49%) 17446248 ( 0.08%) 106.37
frag 2071 ( 0.01%) 1968139 ( 0.01%) 950.33
ip6 49010 ( 0.15%) 8145191 ( 0.04%) 166.19
tcp6 14718 ( 0.04%) 1739367 ( 0.01%) 118.18
http(s) 163 ( 0.00%) 130808 ( 0.00%) 802.50
http(c) 4171 ( 0.01%) 387224 ( 0.00%) 92.84
smtp 23 ( 0.00%) 2799 ( 0.00%) 121.70
ftp 2535 ( 0.01%) 262850 ( 0.00%) 103.69
imap 84 ( 0.00%) 11254 ( 0.00%) 133.98
ssh 3218 ( 0.01%) 266808 ( 0.00%) 82.91
dns 111 ( 0.00%) 29574 ( 0.00%) 266.43
bgp 107 ( 0.00%) 16280 ( 0.00%) 152.15
other 4306 ( 0.01%) 631770 ( 0.00%) 146.72
udp6 27999 ( 0.08%) 5606215 ( 0.03%) 200.23
dns 27752 ( 0.08%) 5563311 ( 0.03%) 200.47
other 247 ( 0.00%) 42904 ( 0.00%) 173.70
icmp6 6217 ( 0.02%) 754555 ( 0.00%) 121.37
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 46 ( 0.00%) 40974 ( 0.00%) 890.74
tcpdump file: 201004131030.dump.gz (860.21 MB)