Traffic Trace Info
DumpFile: 201004131345.dump
FileSize: 2553.06MB
Id: 201004131345
StartTime: Tue Apr 13 13:45:01 2010
EndTime: Tue Apr 13 14:00:01 2010
TotalTime: 900.50 seconds
TotalCapSize: 1993.98MB CapLen: 96 bytes
# of packets: 36639092 (23156.75MB)
AvgRate: 215.75Mbps stddev:29.31M
IP flow (unique src/dst pair) Information
# of flows: 974076 (avg. 37.61 pkts/flow)
Top 10 big flow size (bytes/total in %):
3.6% 1.9% 1.2% 1.0% 1.0% 1.0% 1.0% 1.0% 0.9% 0.8%
IP address Information
# of IPv4 addresses: 545747
Top 10 bandwidth usage (bytes/total in %):
19.5% 6.5% 5.3% 4.0% 3.7% 3.6% 3.3% 3.2% 3.1% 2.6%
# of IPv6 addresses: 978
Top 10 bandwidth usage (bytes/total in %):
25.5% 10.4% 5.9% 5.4% 5.3% 4.4% 4.3% 4.3% 3.9% 3.5%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004131345.pktlen.png)
detailed numbers
[ 32- 63]: 5750517
[ 64- 127]: 9827508
[ 128- 255]: 3325335
[ 256- 511]: 1710529
[ 512- 1023]: 945543
[ 1024- 2047]: 15079660
Protocol Breakdown
![[protocol breakdown chart]](201004131345.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 36639092 (100.00%) 24281608727 (100.00%) 662.72
ip 36592124 ( 99.87%) 24273065561 ( 99.96%) 663.34
tcp 22573611 ( 61.61%) 16198075482 ( 66.71%) 717.57
http(s) 9968800 ( 27.21%) 13441884968 ( 55.36%) 1348.40
http(c) 7041872 ( 19.22%) 856281447 ( 3.53%) 121.60
squid 325241 ( 0.89%) 71629127 ( 0.29%) 220.23
smtp 245710 ( 0.67%) 88707307 ( 0.37%) 361.02
nntp 6 ( 0.00%) 378 ( 0.00%) 63.00
ftp 49708 ( 0.14%) 20535366 ( 0.08%) 413.12
pop3 17205 ( 0.05%) 5047763 ( 0.02%) 293.39
imap 2878 ( 0.01%) 556390 ( 0.00%) 193.33
telnet 439 ( 0.00%) 58826 ( 0.00%) 134.00
ssh 1605749 ( 4.38%) 189324404 ( 0.78%) 117.90
dns 62695 ( 0.17%) 6707828 ( 0.03%) 106.99
bgp 164 ( 0.00%) 55201 ( 0.00%) 336.59
napster 128 ( 0.00%) 22458 ( 0.00%) 175.45
realaud 39 ( 0.00%) 4851 ( 0.00%) 124.38
rtsp 79036 ( 0.22%) 30397905 ( 0.13%) 384.61
icecast 1238 ( 0.00%) 143221 ( 0.00%) 115.69
other 3172701 ( 8.66%) 1486717922 ( 6.12%) 468.60
udp 10684882 ( 29.16%) 6423221466 ( 26.45%) 601.15
dns 701995 ( 1.92%) 151117221 ( 0.62%) 215.27
realaud 30 ( 0.00%) 3923 ( 0.00%) 130.77
halflif 40 ( 0.00%) 6805 ( 0.00%) 170.12
starcra 212 ( 0.00%) 21370 ( 0.00%) 100.80
everque 737 ( 0.00%) 143156 ( 0.00%) 194.24
unreal 94 ( 0.00%) 15562 ( 0.00%) 165.55
quake 50 ( 0.00%) 4665 ( 0.00%) 93.30
cuseeme 14 ( 0.00%) 1578 ( 0.00%) 112.71
other 9981263 ( 27.24%) 6271610285 ( 25.83%) 628.34
icmp 445370 ( 1.22%) 39411216 ( 0.16%) 88.49
ipip 320 ( 0.00%) 40014 ( 0.00%) 125.04
ipsec 1399 ( 0.00%) 461738 ( 0.00%) 330.05
ip6 2871941 ( 7.84%) 1606615233 ( 6.62%) 559.42
other 14601 ( 0.04%) 5240412 ( 0.02%) 358.91
frag 33802 ( 0.09%) 41136627 ( 0.17%) 1216.99
ip6 46968 ( 0.13%) 8543166 ( 0.04%) 181.89
tcp6 11154 ( 0.03%) 1759186 ( 0.01%) 157.72
http(s) 374 ( 0.00%) 462938 ( 0.00%) 1237.80
http(c) 2325 ( 0.01%) 215458 ( 0.00%) 92.67
smtp 209 ( 0.00%) 72628 ( 0.00%) 347.50
ftp 1441 ( 0.00%) 145578 ( 0.00%) 101.03
imap 253 ( 0.00%) 29018 ( 0.00%) 114.70
ssh 2524 ( 0.01%) 390100 ( 0.00%) 154.56
dns 82 ( 0.00%) 19913 ( 0.00%) 242.84
bgp 96 ( 0.00%) 11675 ( 0.00%) 121.61
other 3850 ( 0.01%) 411878 ( 0.00%) 106.98
udp6 29712 ( 0.08%) 5984017 ( 0.02%) 201.40
dns 29453 ( 0.08%) 5943105 ( 0.02%) 201.78
other 259 ( 0.00%) 40912 ( 0.00%) 157.96
icmp6 5994 ( 0.02%) 718697 ( 0.00%) 119.90
pim6 29 ( 0.00%) 3944 ( 0.00%) 136.00
other6 79 ( 0.00%) 77322 ( 0.00%) 978.76
tcpdump file: 201004131345.dump.gz (927.58 MB)