Traffic Trace Info
DumpFile: 201004131515.dump
FileSize: 2723.03MB
Id: 201004131515
StartTime: Tue Apr 13 15:15:00 2010
EndTime: Tue Apr 13 15:30:01 2010
TotalTime: 900.44 seconds
TotalCapSize: -1963.37MB CapLen: 96 bytes
# of packets: 38691544 (25058.09MB)
AvgRate: 233.45Mbps stddev:28.65M
IP flow (unique src/dst pair) Information
# of flows: 973357 (avg. 39.75 pkts/flow)
Top 10 big flow size (bytes/total in %):
4.6% 2.6% 2.2% 1.1% 1.1% 0.9% 0.9% 0.9% 0.9% 0.8%
IP address Information
# of IPv4 addresses: 529733
Top 10 bandwidth usage (bytes/total in %):
15.7% 6.4% 5.6% 4.7% 4.7% 4.5% 3.8% 3.6% 3.5% 3.4%
# of IPv6 addresses: 1041
Top 10 bandwidth usage (bytes/total in %):
26.1% 26.1% 15.2% 15.2% 15.0% 6.0% 3.4% 3.4% 3.3% 3.2%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004131515.pktlen.png)
detailed numbers
[ 32- 63]: 6630877
[ 64- 127]: 10165890
[ 128- 255]: 2803978
[ 256- 511]: 2007309
[ 512- 1023]: 908577
[ 1024- 2047]: 16174913
Protocol Breakdown
![[protocol breakdown chart]](201004131515.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 38691544 (100.00%) 26275306750 (100.00%) 679.10
ip 38637433 ( 99.86%) 26260882680 ( 99.95%) 679.67
tcp 25834909 ( 66.77%) 19382366255 ( 73.77%) 750.24
http(s) 11454238 ( 29.60%) 15274407543 ( 58.13%) 1333.52
http(c) 8257679 ( 21.34%) 1428688518 ( 5.44%) 173.01
squid 319251 ( 0.83%) 103760796 ( 0.39%) 325.01
smtp 283522 ( 0.73%) 92317635 ( 0.35%) 325.61
nntp 2 ( 0.00%) 124 ( 0.00%) 62.00
ftp 35657 ( 0.09%) 6311322 ( 0.02%) 177.00
pop3 19732 ( 0.05%) 9548537 ( 0.04%) 483.91
imap 2243 ( 0.01%) 716083 ( 0.00%) 319.25
telnet 1035 ( 0.00%) 87409 ( 0.00%) 84.45
ssh 1188365 ( 3.07%) 139965326 ( 0.53%) 117.78
dns 54550 ( 0.14%) 3764705 ( 0.01%) 69.01
bgp 183 ( 0.00%) 71441 ( 0.00%) 390.39
napster 78 ( 0.00%) 7272 ( 0.00%) 93.23
realaud 93 ( 0.00%) 45928 ( 0.00%) 493.85
rtsp 228703 ( 0.59%) 81458587 ( 0.31%) 356.18
icecast 1239 ( 0.00%) 143258 ( 0.00%) 115.62
hotline 14 ( 0.00%) 1278 ( 0.00%) 91.29
other 3988318 ( 10.31%) 2241070073 ( 8.53%) 561.91
udp 9375103 ( 24.23%) 5133988620 ( 19.54%) 547.62
dns 764419 ( 1.98%) 123526963 ( 0.47%) 161.60
realaud 200 ( 0.00%) 20649 ( 0.00%) 103.25
halflif 60 ( 0.00%) 5857 ( 0.00%) 97.62
starcra 232 ( 0.00%) 22780 ( 0.00%) 98.19
everque 679 ( 0.00%) 146108 ( 0.00%) 215.18
unreal 143 ( 0.00%) 24794 ( 0.00%) 173.38
quake 36 ( 0.00%) 5914 ( 0.00%) 164.28
cuseeme 9 ( 0.00%) 1446 ( 0.00%) 160.67
other 8608257 ( 22.25%) 5010009151 ( 19.07%) 582.00
icmp 410533 ( 1.06%) 33474693 ( 0.13%) 81.54
ipip 305 ( 0.00%) 36838 ( 0.00%) 120.78
ipsec 1414 ( 0.00%) 465524 ( 0.00%) 329.22
ip6 2918940 ( 7.54%) 1693112646 ( 6.44%) 580.04
other 96229 ( 0.25%) 17438104 ( 0.07%) 181.21
frag 3547 ( 0.01%) 3012919 ( 0.01%) 849.43
ip6 54111 ( 0.14%) 14424070 ( 0.05%) 266.56
tcp6 17116 ( 0.04%) 7549850 ( 0.03%) 441.10
http(s) 2872 ( 0.01%) 4168778 ( 0.02%) 1451.52
http(c) 2895 ( 0.01%) 279826 ( 0.00%) 96.66
smtp 223 ( 0.00%) 75587 ( 0.00%) 338.96
ftp 2524 ( 0.01%) 256523 ( 0.00%) 101.63
imap 293 ( 0.00%) 32059 ( 0.00%) 109.42
ssh 1748 ( 0.00%) 149528 ( 0.00%) 85.54
dns 91 ( 0.00%) 36099 ( 0.00%) 396.69
bgp 108 ( 0.00%) 14223 ( 0.00%) 131.69
other 6362 ( 0.02%) 2537227 ( 0.01%) 398.81
udp6 30635 ( 0.08%) 6056966 ( 0.02%) 197.71
dns 30406 ( 0.08%) 6018678 ( 0.02%) 197.94
everque 2 ( 0.00%) 210 ( 0.00%) 105.00
other 227 ( 0.00%) 38078 ( 0.00%) 167.74
icmp6 6280 ( 0.02%) 767901 ( 0.00%) 122.28
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 50 ( 0.00%) 45273 ( 0.00%) 905.46
tcpdump file: 201004131515.dump.gz (981.41 MB)