Traffic Trace Info
DumpFile: 201004131130.dump
FileSize: 2324.53MB
Id: 201004131130
StartTime: Tue Apr 13 11:30:01 2010
EndTime: Tue Apr 13 11:45:01 2010
TotalTime: 900.18 seconds
TotalCapSize: 1814.34MB CapLen: 96 bytes
# of packets: 33429957 (21079.61MB)
AvgRate: 196.42Mbps stddev:16.34M
IP flow (unique src/dst pair) Information
# of flows: 895747 (avg. 37.32 pkts/flow)
Top 10 big flow size (bytes/total in %):
1.3% 1.2% 1.0% 0.9% 0.9% 0.7% 0.7% 0.7% 0.7% 0.7%
IP address Information
# of IPv4 addresses: 505263
Top 10 bandwidth usage (bytes/total in %):
19.8% 7.5% 5.6% 4.9% 3.7% 3.4% 3.3% 3.1% 2.5% 1.7%
# of IPv6 addresses: 955
Top 10 bandwidth usage (bytes/total in %):
31.7% 31.7% 16.7% 5.3% 4.9% 4.9% 4.3% 4.3% 3.8% 3.6%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004131130.pktlen.png)
detailed numbers
[ 32- 63]: 5134982
[ 64- 127]: 9165280
[ 128- 255]: 3009256
[ 256- 511]: 1730167
[ 512- 1023]: 1014947
[ 1024- 2047]: 13375325
Protocol Breakdown
![[protocol breakdown chart]](201004131130.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 33429957 (100.00%) 22103571993 (100.00%) 661.19
ip 33372844 ( 99.83%) 22090403717 ( 99.94%) 661.93
tcp 19645453 ( 58.77%) 14212271085 ( 64.30%) 723.44
http(s) 8143212 ( 24.36%) 10979851031 ( 49.67%) 1348.34
http(c) 5556485 ( 16.62%) 698754271 ( 3.16%) 125.75
squid 203880 ( 0.61%) 66239626 ( 0.30%) 324.90
smtp 315677 ( 0.94%) 164460885 ( 0.74%) 520.98
ftp 32271 ( 0.10%) 13430110 ( 0.06%) 416.17
pop3 35392 ( 0.11%) 15741899 ( 0.07%) 444.79
imap 21382 ( 0.06%) 3091221 ( 0.01%) 144.57
telnet 805 ( 0.00%) 87834 ( 0.00%) 109.11
ssh 1381055 ( 4.13%) 170633667 ( 0.77%) 123.55
dns 57374 ( 0.17%) 3913491 ( 0.02%) 68.21
bgp 136 ( 0.00%) 44278 ( 0.00%) 325.57
napster 11 ( 0.00%) 1318 ( 0.00%) 119.82
realaud 119 ( 0.00%) 11663 ( 0.00%) 98.01
rtsp 140562 ( 0.42%) 35860035 ( 0.16%) 255.12
icecast 1105 ( 0.00%) 166397 ( 0.00%) 150.59
hotline 5 ( 0.00%) 314 ( 0.00%) 62.80
other 3755977 ( 11.24%) 2059982349 ( 9.32%) 548.45
udp 10306539 ( 30.83%) 6174784300 ( 27.94%) 599.11
dns 635502 ( 1.90%) 107517524 ( 0.49%) 169.19
realaud 33 ( 0.00%) 3729 ( 0.00%) 113.00
halflif 145 ( 0.00%) 21692 ( 0.00%) 149.60
starcra 183 ( 0.00%) 19374 ( 0.00%) 105.87
everque 654 ( 0.00%) 118116 ( 0.00%) 180.61
unreal 113 ( 0.00%) 18896 ( 0.00%) 167.22
quake 279 ( 0.00%) 61654 ( 0.00%) 220.98
cuseeme 1 ( 0.00%) 84 ( 0.00%) 84.00
other 9669322 ( 28.92%) 6066877874 ( 27.45%) 627.44
icmp 413958 ( 1.24%) 34041282 ( 0.15%) 82.23
ipip 349 ( 0.00%) 44962 ( 0.00%) 128.83
ipsec 8407 ( 0.03%) 3092422 ( 0.01%) 367.84
ip6 2986833 ( 8.93%) 1664552386 ( 7.53%) 557.30
other 11305 ( 0.03%) 1617280 ( 0.01%) 143.06
frag 1600 ( 0.00%) 1550503 ( 0.01%) 969.06
ip6 57113 ( 0.17%) 13168276 ( 0.06%) 230.57
tcp6 21471 ( 0.06%) 6723902 ( 0.03%) 313.16
http(s) 101 ( 0.00%) 59035 ( 0.00%) 584.50
http(c) 4603 ( 0.01%) 458221 ( 0.00%) 99.55
smtp 418 ( 0.00%) 273351 ( 0.00%) 653.95
ftp 2395 ( 0.01%) 243989 ( 0.00%) 101.87
imap 336 ( 0.00%) 39627 ( 0.00%) 117.94
ssh 4142 ( 0.01%) 904012 ( 0.00%) 218.25
dns 168 ( 0.00%) 38408 ( 0.00%) 228.62
bgp 103 ( 0.00%) 14473 ( 0.00%) 140.51
other 9205 ( 0.03%) 4692786 ( 0.02%) 509.81
udp6 29255 ( 0.09%) 5612948 ( 0.03%) 191.86
dns 29006 ( 0.09%) 5575836 ( 0.03%) 192.23
halflif 1 ( 0.00%) 108 ( 0.00%) 108.00
other 248 ( 0.00%) 37004 ( 0.00%) 149.21
icmp6 6306 ( 0.02%) 779332 ( 0.00%) 123.59
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 51 ( 0.00%) 48014 ( 0.00%) 941.45
tcpdump file: 201004131130.dump.gz (855.41 MB)