Traffic Trace Info
DumpFile: 201004131230.dump
FileSize: 2364.35MB
Id: 201004131230
StartTime: Tue Apr 13 12:30:00 2010
EndTime: Tue Apr 13 12:45:01 2010
TotalTime: 900.32 seconds
TotalCapSize: 1845.39MB CapLen: 96 bytes
# of packets: 34009901 (22319.49MB)
AvgRate: 207.96Mbps stddev:19.35M
IP flow (unique src/dst pair) Information
# of flows: 886635 (avg. 38.36 pkts/flow)
Top 10 big flow size (bytes/total in %):
2.4% 1.7% 1.4% 1.1% 1.1% 1.1% 1.1% 1.0% 0.7% 0.7%
IP address Information
# of IPv4 addresses: 490269
Top 10 bandwidth usage (bytes/total in %):
19.0% 6.6% 3.3% 3.2% 3.2% 2.7% 2.6% 2.5% 2.4% 2.4%
# of IPv6 addresses: 939
Top 10 bandwidth usage (bytes/total in %):
26.9% 10.1% 6.2% 6.1% 6.1% 5.8% 5.3% 5.2% 4.6% 4.5%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004131230.pktlen.png)
detailed numbers
[ 32- 63]: 5433873
[ 64- 127]: 8492651
[ 128- 255]: 3023646
[ 256- 511]: 1723645
[ 512- 1023]: 1076708
[ 1024- 2047]: 14259378
Protocol Breakdown
![[protocol breakdown chart]](201004131230.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 34009901 (100.00%) 23403682734 (100.00%) 688.14
ip 33960142 ( 99.85%) 23395533062 ( 99.97%) 688.91
tcp 20896753 ( 61.44%) 16068488704 ( 68.66%) 768.95
http(s) 8942154 ( 26.29%) 11960482205 ( 51.11%) 1337.54
http(c) 5584751 ( 16.42%) 714155757 ( 3.05%) 127.88
squid 251480 ( 0.74%) 100497534 ( 0.43%) 399.62
smtp 223122 ( 0.66%) 63770426 ( 0.27%) 285.81
ftp 20161 ( 0.06%) 3150587 ( 0.01%) 156.27
pop3 26521 ( 0.08%) 16638511 ( 0.07%) 627.37
imap 2739 ( 0.01%) 947736 ( 0.00%) 346.02
telnet 2232 ( 0.01%) 284547 ( 0.00%) 127.49
ssh 1180488 ( 3.47%) 150743950 ( 0.64%) 127.70
dns 57905 ( 0.17%) 3961202 ( 0.02%) 68.41
bgp 150 ( 0.00%) 53459 ( 0.00%) 356.39
napster 274 ( 0.00%) 42152 ( 0.00%) 153.84
realaud 52 ( 0.00%) 10797 ( 0.00%) 207.63
rtsp 73109 ( 0.21%) 4851962 ( 0.02%) 66.37
icecast 846 ( 0.00%) 114438 ( 0.00%) 135.27
hotline 3 ( 0.00%) 194 ( 0.00%) 64.67
other 4530764 ( 13.32%) 3048783127 ( 13.03%) 672.91
udp 9796096 ( 28.80%) 5729033604 ( 24.48%) 584.83
dns 632861 ( 1.86%) 107582969 ( 0.46%) 169.99
realaud 42 ( 0.00%) 5793 ( 0.00%) 137.93
halflif 998 ( 0.00%) 61912 ( 0.00%) 62.04
starcra 213 ( 0.00%) 21143 ( 0.00%) 99.26
everque 679 ( 0.00%) 126940 ( 0.00%) 186.95
unreal 75 ( 0.00%) 12224 ( 0.00%) 162.99
quake 68 ( 0.00%) 5547 ( 0.00%) 81.57
cuseeme 4 ( 0.00%) 393 ( 0.00%) 98.25
other 9160756 ( 26.94%) 5621034950 ( 24.02%) 613.60
icmp 503770 ( 1.48%) 42489667 ( 0.18%) 84.34
ipip 341 ( 0.00%) 39672 ( 0.00%) 116.34
ipsec 1443 ( 0.00%) 474114 ( 0.00%) 328.56
ip6 2755647 ( 8.10%) 1551249980 ( 6.63%) 562.93
other 6092 ( 0.02%) 3757321 ( 0.02%) 616.76
frag 2107 ( 0.01%) 2043354 ( 0.01%) 969.79
ip6 49759 ( 0.15%) 8149672 ( 0.03%) 163.78
tcp6 14436 ( 0.04%) 1461739 ( 0.01%) 101.26
http(s) 44 ( 0.00%) 23976 ( 0.00%) 544.91
http(c) 3537 ( 0.01%) 327023 ( 0.00%) 92.46
smtp 99 ( 0.00%) 25336 ( 0.00%) 255.92
ftp 2441 ( 0.01%) 246750 ( 0.00%) 101.09
imap 256 ( 0.00%) 30125 ( 0.00%) 117.68
ssh 2812 ( 0.01%) 239744 ( 0.00%) 85.26
dns 131 ( 0.00%) 49413 ( 0.00%) 377.20
bgp 118 ( 0.00%) 16124 ( 0.00%) 136.64
other 4998 ( 0.01%) 503248 ( 0.00%) 100.69
udp6 29003 ( 0.09%) 5862680 ( 0.03%) 202.14
dns 28748 ( 0.08%) 5819549 ( 0.02%) 202.43
other 255 ( 0.00%) 43131 ( 0.00%) 169.14
icmp6 6208 ( 0.02%) 742954 ( 0.00%) 119.68
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 82 ( 0.00%) 78219 ( 0.00%) 953.89
tcpdump file: 201004131230.dump.gz (855.84 MB)