Traffic Trace Info
DumpFile: 201004131330.dump
FileSize: 2667.73MB
Id: 201004131330
StartTime: Tue Apr 13 13:30:01 2010
EndTime: Tue Apr 13 13:45:01 2010
TotalTime: 899.68 seconds
TotalCapSize: -2006.87MB CapLen: 96 bytes
# of packets: 37918660 (23745.56MB)
AvgRate: 221.40Mbps stddev:21.76M
IP flow (unique src/dst pair) Information
# of flows: 917625 (avg. 41.32 pkts/flow)
Top 10 big flow size (bytes/total in %):
3.1% 2.7% 2.1% 1.5% 1.2% 1.1% 1.0% 1.0% 1.0% 0.9%
IP address Information
# of IPv4 addresses: 509972
Top 10 bandwidth usage (bytes/total in %):
17.1% 8.0% 6.5% 5.2% 3.2% 3.1% 2.7% 2.6% 2.5% 2.3%
# of IPv6 addresses: 992
Top 10 bandwidth usage (bytes/total in %):
24.6% 9.4% 9.4% 8.4% 5.5% 5.3% 4.4% 3.7% 3.6% 3.6%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004131330.pktlen.png)
detailed numbers
[ 32- 63]: 6056110
[ 64- 127]: 10420718
[ 128- 255]: 3339162
[ 256- 511]: 1816239
[ 512- 1023]: 1017298
[ 1024- 2047]: 15269133
Protocol Breakdown
![[protocol breakdown chart]](201004131330.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 37918660 (100.00%) 24899019512 (100.00%) 656.64
ip 37871380 ( 99.88%) 24890148261 ( 99.96%) 657.23
tcp 24243594 ( 63.94%) 17480397620 ( 70.21%) 721.03
http(s) 10219580 ( 26.95%) 13772804683 ( 55.31%) 1347.69
http(c) 7448759 ( 19.64%) 854823292 ( 3.43%) 114.76
squid 272228 ( 0.72%) 68925434 ( 0.28%) 253.19
smtp 272987 ( 0.72%) 132940378 ( 0.53%) 486.98
ftp 30545 ( 0.08%) 8153021 ( 0.03%) 266.92
pop3 20401 ( 0.05%) 8994102 ( 0.04%) 440.87
imap 2957 ( 0.01%) 1264175 ( 0.01%) 427.52
telnet 6084 ( 0.02%) 4448910 ( 0.02%) 731.25
ssh 1778169 ( 4.69%) 208819598 ( 0.84%) 117.44
dns 56154 ( 0.15%) 3823492 ( 0.02%) 68.09
bgp 146 ( 0.00%) 52576 ( 0.00%) 360.11
napster 24 ( 0.00%) 2310 ( 0.00%) 96.25
realaud 14 ( 0.00%) 1641 ( 0.00%) 117.21
rtsp 95613 ( 0.25%) 23968678 ( 0.10%) 250.68
icecast 1412 ( 0.00%) 164732 ( 0.00%) 116.67
hotline 10 ( 0.00%) 1412 ( 0.00%) 141.20
other 4038509 ( 10.65%) 2391209066 ( 9.60%) 592.10
udp 10147137 ( 26.76%) 5725255505 ( 22.99%) 564.22
dns 671779 ( 1.77%) 119386632 ( 0.48%) 177.72
realaud 38 ( 0.00%) 4829 ( 0.00%) 127.08
halflif 58 ( 0.00%) 5630 ( 0.00%) 97.07
starcra 207 ( 0.00%) 21102 ( 0.00%) 101.94
everque 643 ( 0.00%) 111049 ( 0.00%) 172.70
unreal 79 ( 0.00%) 12564 ( 0.00%) 159.04
quake 22 ( 0.00%) 1970 ( 0.00%) 89.55
cuseeme 2 ( 0.00%) 211 ( 0.00%) 105.50
other 9473897 ( 24.98%) 5605488016 ( 22.51%) 591.68
icmp 515535 ( 1.36%) 46282903 ( 0.19%) 89.78
ipip 353 ( 0.00%) 42306 ( 0.00%) 119.85
ipsec 1639 ( 0.00%) 544970 ( 0.00%) 332.50
ip6 2959127 ( 7.80%) 1636395715 ( 6.57%) 553.00
other 3995 ( 0.01%) 1229242 ( 0.00%) 307.70
frag 7990 ( 0.02%) 9449514 ( 0.04%) 1182.67
ip6 47280 ( 0.12%) 8871251 ( 0.04%) 187.63
tcp6 12433 ( 0.03%) 2253560 ( 0.01%) 181.26
http(s) 240 ( 0.00%) 180731 ( 0.00%) 753.05
http(c) 2247 ( 0.01%) 212794 ( 0.00%) 94.70
smtp 218 ( 0.00%) 92034 ( 0.00%) 422.17
ftp 1535 ( 0.00%) 155398 ( 0.00%) 101.24
imap 557 ( 0.00%) 59380 ( 0.00%) 106.61
ssh 3330 ( 0.01%) 1039944 ( 0.00%) 312.30
dns 151 ( 0.00%) 76654 ( 0.00%) 507.64
bgp 113 ( 0.00%) 14785 ( 0.00%) 130.84
other 4042 ( 0.01%) 421840 ( 0.00%) 104.36
udp6 28547 ( 0.08%) 5803574 ( 0.02%) 203.30
dns 28200 ( 0.07%) 5747925 ( 0.02%) 203.83
other 347 ( 0.00%) 55649 ( 0.00%) 160.37
icmp6 6208 ( 0.02%) 754827 ( 0.00%) 121.59
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 62 ( 0.00%) 55210 ( 0.00%) 890.48
tcpdump file: 201004131330.dump.gz (965.02 MB)