Traffic Trace Info
DumpFile: 201004131215.dump
FileSize: 2398.29MB
Id: 201004131215
StartTime: Tue Apr 13 12:15:01 2010
EndTime: Tue Apr 13 12:30:00 2010
TotalTime: 899.44 seconds
TotalCapSize: 1871.07MB CapLen: 96 bytes
# of packets: 34550822 (22282.53MB)
AvgRate: 207.82Mbps stddev:19.57M
IP flow (unique src/dst pair) Information
# of flows: 934439 (avg. 36.97 pkts/flow)
Top 10 big flow size (bytes/total in %):
1.9% 1.6% 1.5% 1.4% 1.2% 1.0% 0.9% 0.8% 0.8% 0.7%
IP address Information
# of IPv4 addresses: 512749
Top 10 bandwidth usage (bytes/total in %):
18.2% 6.6% 4.5% 4.4% 3.7% 2.9% 2.8% 2.7% 2.6% 2.4%
# of IPv6 addresses: 983
Top 10 bandwidth usage (bytes/total in %):
23.7% 11.1% 11.1% 8.4% 6.4% 5.4% 5.3% 5.2% 5.1% 4.8%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004131215.pktlen.png)
detailed numbers
[ 32- 63]: 5686551
[ 64- 127]: 8972135
[ 128- 255]: 2900634
[ 256- 511]: 1732334
[ 512- 1023]: 981383
[ 1024- 2047]: 14277785
Protocol Breakdown
![[protocol breakdown chart]](201004131215.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 34550822 (100.00%) 23364921755 (100.00%) 676.25
ip 34498131 ( 99.85%) 23355677494 ( 99.96%) 677.01
tcp 21200143 ( 61.36%) 15966546987 ( 68.34%) 753.13
http(s) 8672387 ( 25.10%) 11677649977 ( 49.98%) 1346.53
http(c) 6035174 ( 17.47%) 778135710 ( 3.33%) 128.93
squid 288885 ( 0.84%) 119016910 ( 0.51%) 411.99
smtp 255747 ( 0.74%) 83825942 ( 0.36%) 327.77
ftp 26690 ( 0.08%) 3974473 ( 0.02%) 148.91
pop3 22626 ( 0.07%) 10566183 ( 0.05%) 466.99
imap 3937 ( 0.01%) 1257941 ( 0.01%) 319.52
telnet 1840 ( 0.01%) 226961 ( 0.00%) 123.35
ssh 1220651 ( 3.53%) 155347718 ( 0.66%) 127.27
dns 57983 ( 0.17%) 3982967 ( 0.02%) 68.69
bgp 136 ( 0.00%) 46473 ( 0.00%) 341.71
napster 42 ( 0.00%) 5212 ( 0.00%) 124.10
realaud 239 ( 0.00%) 190881 ( 0.00%) 798.67
rtsp 82745 ( 0.24%) 40687125 ( 0.17%) 491.72
icecast 787 ( 0.00%) 112205 ( 0.00%) 142.57
hotline 30 ( 0.00%) 2815 ( 0.00%) 93.83
other 4530244 ( 13.11%) 3091517494 ( 13.23%) 682.42
udp 9926372 ( 28.73%) 5791432692 ( 24.79%) 583.44
dns 647739 ( 1.87%) 109639559 ( 0.47%) 169.27
realaud 63 ( 0.00%) 6920 ( 0.00%) 109.84
halflif 91 ( 0.00%) 7909 ( 0.00%) 86.91
starcra 196 ( 0.00%) 19843 ( 0.00%) 101.24
everque 819 ( 0.00%) 173810 ( 0.00%) 212.22
unreal 142 ( 0.00%) 29423 ( 0.00%) 207.20
quake 26 ( 0.00%) 3209 ( 0.00%) 123.42
cuseeme 2 ( 0.00%) 152 ( 0.00%) 76.00
other 9276809 ( 26.85%) 5681332974 ( 24.32%) 612.42
icmp 540622 ( 1.56%) 46264069 ( 0.20%) 85.58
ipip 348 ( 0.00%) 44196 ( 0.00%) 127.00
ipsec 1440 ( 0.00%) 465648 ( 0.00%) 323.37
ip6 2817847 ( 8.16%) 1548321124 ( 6.63%) 549.47
other 11359 ( 0.03%) 2602778 ( 0.01%) 229.14
frag 2808 ( 0.01%) 2733736 ( 0.01%) 973.55
ip6 52691 ( 0.15%) 9244261 ( 0.04%) 175.44
tcp6 17255 ( 0.05%) 2646301 ( 0.01%) 153.36
http(s) 76 ( 0.00%) 51320 ( 0.00%) 675.26
http(c) 4180 ( 0.01%) 387948 ( 0.00%) 92.81
smtp 360 ( 0.00%) 157359 ( 0.00%) 437.11
ftp 2470 ( 0.01%) 249350 ( 0.00%) 100.95
imap 215 ( 0.00%) 28357 ( 0.00%) 131.89
ssh 3264 ( 0.01%) 276400 ( 0.00%) 84.68
dns 126 ( 0.00%) 27901 ( 0.00%) 221.44
bgp 102 ( 0.00%) 12478 ( 0.00%) 122.33
other 6462 ( 0.02%) 1455188 ( 0.01%) 225.19
udp6 29240 ( 0.08%) 5806927 ( 0.02%) 198.60
dns 28960 ( 0.08%) 5761430 ( 0.02%) 198.94
other 280 ( 0.00%) 45497 ( 0.00%) 162.49
icmp6 6106 ( 0.02%) 738877 ( 0.00%) 121.01
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 60 ( 0.00%) 48076 ( 0.00%) 801.27
tcpdump file: 201004131215.dump.gz (873.34 MB)