Traffic Trace Info
DumpFile: 201004131530.dump
FileSize: 2571.26MB
Id: 201004131530
StartTime: Tue Apr 13 15:30:01 2010
EndTime: Tue Apr 13 15:45:00 2010
TotalTime: 899.62 seconds
TotalCapSize: 2006.63MB CapLen: 96 bytes
# of packets: 36997697 (23336.49MB)
AvgRate: 217.62Mbps stddev:31.73M
IP flow (unique src/dst pair) Information
# of flows: 1079223 (avg. 34.28 pkts/flow)
Top 10 big flow size (bytes/total in %):
3.3% 3.0% 2.3% 1.3% 0.9% 0.9% 0.9% 0.8% 0.6% 0.6%
IP address Information
# of IPv4 addresses: 605769
Top 10 bandwidth usage (bytes/total in %):
17.0% 6.1% 4.4% 3.9% 3.6% 3.6% 3.3% 3.3% 3.1% 3.1%
# of IPv6 addresses: 1066
Top 10 bandwidth usage (bytes/total in %):
20.7% 8.1% 7.7% 7.7% 6.9% 6.9% 5.1% 4.7% 4.5% 4.5%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004131530.pktlen.png)
detailed numbers
[ 32- 63]: 6667298
[ 64- 127]: 9402306
[ 128- 255]: 2835570
[ 256- 511]: 2031052
[ 512- 1023]: 1232040
[ 1024- 2047]: 14829431
Protocol Breakdown
![[protocol breakdown chart]](201004131530.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 36997697 (100.00%) 24470078246 (100.00%) 661.39
ip 36946345 ( 99.86%) 24459942626 ( 99.96%) 662.04
tcp 23643768 ( 63.91%) 17257600710 ( 70.53%) 729.90
http(s) 9761371 ( 26.38%) 12831728379 ( 52.44%) 1314.54
http(c) 7168835 ( 19.38%) 1148641481 ( 4.69%) 160.23
squid 308288 ( 0.83%) 101703067 ( 0.42%) 329.90
smtp 318537 ( 0.86%) 149625556 ( 0.61%) 469.73
ftp 40717 ( 0.11%) 10299908 ( 0.04%) 252.96
pop3 25529 ( 0.07%) 9877860 ( 0.04%) 386.93
imap 2708 ( 0.01%) 886785 ( 0.00%) 327.47
telnet 1259 ( 0.00%) 121247 ( 0.00%) 96.30
ssh 1060432 ( 2.87%) 132077853 ( 0.54%) 124.55
dns 50961 ( 0.14%) 3526272 ( 0.01%) 69.20
bgp 165 ( 0.00%) 67791 ( 0.00%) 410.85
napster 61 ( 0.00%) 6284 ( 0.00%) 103.02
realaud 22 ( 0.00%) 3612 ( 0.00%) 164.18
rtsp 343966 ( 0.93%) 149787654 ( 0.61%) 435.47
icecast 1125 ( 0.00%) 140964 ( 0.00%) 125.30
other 4559788 ( 12.32%) 2719105757 ( 11.11%) 596.32
udp 10020130 ( 27.08%) 5629245221 ( 23.00%) 561.79
dns 698244 ( 1.89%) 114485639 ( 0.47%) 163.96
realaud 210 ( 0.00%) 47838 ( 0.00%) 227.80
halflif 112 ( 0.00%) 15123 ( 0.00%) 135.03
starcra 210 ( 0.00%) 19934 ( 0.00%) 94.92
everque 2077 ( 0.01%) 976581 ( 0.00%) 470.19
unreal 132 ( 0.00%) 23351 ( 0.00%) 176.90
quake 72 ( 0.00%) 7358 ( 0.00%) 102.19
cuseeme 7 ( 0.00%) 1163 ( 0.00%) 166.14
other 9318580 ( 25.19%) 5513442233 ( 22.53%) 591.66
icmp 420018 ( 1.14%) 34051632 ( 0.14%) 81.07
ipip 364 ( 0.00%) 44718 ( 0.00%) 122.85
ipsec 1352 ( 0.00%) 443520 ( 0.00%) 328.05
ip6 2747543 ( 7.43%) 1515457642 ( 6.19%) 551.57
other 113170 ( 0.31%) 23099183 ( 0.09%) 204.11
frag 2046 ( 0.01%) 1898449 ( 0.01%) 927.88
ip6 51352 ( 0.14%) 10135620 ( 0.04%) 197.38
tcp6 15712 ( 0.04%) 3378236 ( 0.01%) 215.01
http(s) 959 ( 0.00%) 1163853 ( 0.00%) 1213.61
http(c) 3823 ( 0.01%) 358169 ( 0.00%) 93.69
smtp 304 ( 0.00%) 165527 ( 0.00%) 544.50
ftp 2371 ( 0.01%) 239310 ( 0.00%) 100.93
imap 367 ( 0.00%) 42982 ( 0.00%) 117.12
ssh 3494 ( 0.01%) 912980 ( 0.00%) 261.30
dns 150 ( 0.00%) 51767 ( 0.00%) 345.11
bgp 103 ( 0.00%) 13181 ( 0.00%) 127.97
other 4141 ( 0.01%) 430467 ( 0.00%) 103.95
udp6 29327 ( 0.08%) 5912170 ( 0.02%) 201.59
dns 28964 ( 0.08%) 5854776 ( 0.02%) 202.14
halflif 1 ( 0.00%) 113 ( 0.00%) 113.00
other 362 ( 0.00%) 57281 ( 0.00%) 158.23
icmp6 6209 ( 0.02%) 770263 ( 0.00%) 124.06
pim6 26 ( 0.00%) 3536 ( 0.00%) 136.00
other6 78 ( 0.00%) 71415 ( 0.00%) 915.58
tcpdump file: 201004131530.dump.gz (945.04 MB)