Traffic Trace Info
DumpFile: 201004131445.dump
FileSize: 2404.50MB
Id: 201004131445
StartTime: Tue Apr 13 14:45:01 2010
EndTime: Tue Apr 13 15:00:00 2010
TotalTime: 899.31 seconds
TotalCapSize: 1878.99MB CapLen: 96 bytes
# of packets: 34439249 (20983.34MB)
AvgRate: 195.74Mbps stddev:16.52M
IP flow (unique src/dst pair) Information
# of flows: 977938 (avg. 35.22 pkts/flow)
Top 10 big flow size (bytes/total in %):
1.3% 1.1% 1.0% 1.0% 0.9% 0.8% 0.8% 0.8% 0.7% 0.7%
IP address Information
# of IPv4 addresses: 535367
Top 10 bandwidth usage (bytes/total in %):
20.9% 6.7% 5.0% 4.6% 3.9% 3.9% 3.6% 2.6% 2.5% 2.0%
# of IPv6 addresses: 993
Top 10 bandwidth usage (bytes/total in %):
24.3% 9.7% 5.5% 5.1% 4.7% 4.2% 3.9% 3.7% 3.4% 3.4%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004131445.pktlen.png)
detailed numbers
[ 32- 63]: 5862429
[ 64- 127]: 9439317
[ 128- 255]: 3108198
[ 256- 511]: 1853867
[ 512- 1023]: 864342
[ 1024- 2047]: 13311096
Protocol Breakdown
![[protocol breakdown chart]](201004131445.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 34439249 (100.00%) 22002627527 (100.00%) 638.88
ip 34391493 ( 99.86%) 21993631613 ( 99.96%) 639.51
tcp 21544457 ( 62.56%) 15082619888 ( 68.55%) 700.07
http(s) 8805479 ( 25.57%) 11782212393 ( 53.55%) 1338.05
http(c) 6507044 ( 18.89%) 791706272 ( 3.60%) 121.67
squid 326413 ( 0.95%) 83238719 ( 0.38%) 255.01
smtp 295638 ( 0.86%) 111484635 ( 0.51%) 377.10
ftp 28999 ( 0.08%) 9276545 ( 0.04%) 319.89
pop3 35604 ( 0.10%) 18956944 ( 0.09%) 532.44
imap 2778 ( 0.01%) 1131779 ( 0.01%) 407.41
telnet 841 ( 0.00%) 80460 ( 0.00%) 95.67
ssh 1498641 ( 4.35%) 176980745 ( 0.80%) 118.09
dns 53624 ( 0.16%) 3716993 ( 0.02%) 69.32
bgp 184 ( 0.00%) 74825 ( 0.00%) 406.66
napster 142 ( 0.00%) 78386 ( 0.00%) 552.01
realaud 80 ( 0.00%) 7926 ( 0.00%) 99.08
rtsp 216866 ( 0.63%) 83885967 ( 0.38%) 386.81
icecast 1501 ( 0.00%) 182409 ( 0.00%) 121.52
hotline 63 ( 0.00%) 6536 ( 0.00%) 103.75
other 3770557 ( 10.95%) 2019598174 ( 9.18%) 535.62
udp 9451309 ( 27.44%) 5343825330 ( 24.29%) 565.41
dns 759316 ( 2.20%) 122200764 ( 0.56%) 160.94
rip 4 ( 0.00%) 300 ( 0.00%) 75.00
realaud 76 ( 0.00%) 12437 ( 0.00%) 163.64
halflif 56 ( 0.00%) 7974 ( 0.00%) 142.39
starcra 215 ( 0.00%) 22442 ( 0.00%) 104.38
everque 190997 ( 0.55%) 51156278 ( 0.23%) 267.84
unreal 77 ( 0.00%) 11740 ( 0.00%) 152.47
quake 43 ( 0.00%) 3769 ( 0.00%) 87.65
cuseeme 9 ( 0.00%) 1371 ( 0.00%) 152.33
other 8499879 ( 24.68%) 5170150480 ( 23.50%) 608.26
icmp 596367 ( 1.73%) 50288983 ( 0.23%) 84.33
ipip 293 ( 0.00%) 35254 ( 0.00%) 120.32
ipsec 1914 ( 0.01%) 731724 ( 0.00%) 382.30
ip6 2671599 ( 7.76%) 1490530727 ( 6.77%) 557.92
other 125554 ( 0.36%) 25599707 ( 0.12%) 203.89
frag 2563 ( 0.01%) 2450535 ( 0.01%) 956.12
ip6 47756 ( 0.14%) 8995914 ( 0.04%) 188.37
tcp6 10962 ( 0.03%) 2106138 ( 0.01%) 192.13
http(s) 593 ( 0.00%) 715647 ( 0.00%) 1206.82
http(c) 2530 ( 0.01%) 235852 ( 0.00%) 93.22
smtp 321 ( 0.00%) 149964 ( 0.00%) 467.18
ftp 1500 ( 0.00%) 152427 ( 0.00%) 101.62
imap 363 ( 0.00%) 40165 ( 0.00%) 110.65
ssh 2176 ( 0.01%) 431672 ( 0.00%) 198.38
dns 156 ( 0.00%) 44540 ( 0.00%) 285.51
bgp 105 ( 0.00%) 13448 ( 0.00%) 128.08
other 3218 ( 0.01%) 322423 ( 0.00%) 100.19
udp6 30474 ( 0.09%) 6066331 ( 0.03%) 199.07
dns 30213 ( 0.09%) 6024635 ( 0.03%) 199.41
other 261 ( 0.00%) 41696 ( 0.00%) 159.75
icmp6 6226 ( 0.02%) 764505 ( 0.00%) 122.79
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 64 ( 0.00%) 54860 ( 0.00%) 857.19
tcpdump file: 201004131445.dump.gz (889.32 MB)