Traffic Trace Info
DumpFile: 201004131545.dump
FileSize: 2809.28MB
Id: 201004131545
StartTime: Tue Apr 13 15:45:00 2010
EndTime: Tue Apr 13 16:00:01 2010
TotalTime: 900.28 seconds
TotalCapSize: -1909.30MB CapLen: 96 bytes
# of packets: 40799406 (25978.21MB)
AvgRate: 242.07Mbps stddev:22.73M
IP flow (unique src/dst pair) Information
# of flows: 1156863 (avg. 35.27 pkts/flow)
Top 10 big flow size (bytes/total in %):
2.2% 1.8% 1.6% 0.8% 0.8% 0.8% 0.8% 0.8% 0.7% 0.7%
IP address Information
# of IPv4 addresses: 634156
Top 10 bandwidth usage (bytes/total in %):
15.8% 5.0% 4.8% 4.4% 4.1% 3.9% 3.4% 2.9% 2.6% 2.3%
# of IPv6 addresses: 1106
Top 10 bandwidth usage (bytes/total in %):
21.1% 9.1% 5.7% 5.3% 5.2% 4.9% 4.8% 4.7% 4.2% 3.4%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004131545.pktlen.png)
detailed numbers
[ 32- 63]: 7118938
[ 64- 127]: 10687746
[ 128- 255]: 3187665
[ 256- 511]: 2049733
[ 512- 1023]: 1140380
[ 1024- 2047]: 16614944
Protocol Breakdown
![[protocol breakdown chart]](201004131545.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 40799406 (100.00%) 27240123861 (100.00%) 667.66
ip 40745838 ( 99.87%) 27230134164 ( 99.96%) 668.29
tcp 25826716 ( 63.30%) 19038598801 ( 69.89%) 737.17
http(s) 10853211 ( 26.60%) 14319620770 ( 52.57%) 1319.39
http(c) 7949303 ( 19.48%) 1432339348 ( 5.26%) 180.18
squid 352491 ( 0.86%) 123249674 ( 0.45%) 349.65
smtp 428166 ( 1.05%) 164556787 ( 0.60%) 384.33
nntp 4 ( 0.00%) 248 ( 0.00%) 62.00
ftp 41927 ( 0.10%) 7856072 ( 0.03%) 187.38
pop3 19968 ( 0.05%) 8507736 ( 0.03%) 426.07
imap 2765 ( 0.01%) 651660 ( 0.00%) 235.68
telnet 557 ( 0.00%) 59371 ( 0.00%) 106.59
ssh 1201959 ( 2.95%) 156336367 ( 0.57%) 130.07
dns 56327 ( 0.14%) 3862036 ( 0.01%) 68.56
bgp 155 ( 0.00%) 55091 ( 0.00%) 355.43
napster 52 ( 0.00%) 5879 ( 0.00%) 113.06
realaud 13 ( 0.00%) 1218 ( 0.00%) 93.69
rtsp 259948 ( 0.64%) 127455207 ( 0.47%) 490.31
icecast 1455 ( 0.00%) 162975 ( 0.00%) 112.01
hotline 19 ( 0.00%) 4416 ( 0.00%) 232.42
other 4658392 ( 11.42%) 2693873706 ( 9.89%) 578.28
udp 11665594 ( 28.59%) 6729486615 ( 24.70%) 576.87
dns 812264 ( 1.99%) 134224332 ( 0.49%) 165.25
rip 5 ( 0.00%) 409 ( 0.00%) 81.80
realaud 291 ( 0.00%) 27619 ( 0.00%) 94.91
halflif 70 ( 0.00%) 7007 ( 0.00%) 100.10
starcra 292 ( 0.00%) 29717 ( 0.00%) 101.77
everque 656 ( 0.00%) 123344 ( 0.00%) 188.02
unreal 478 ( 0.00%) 83763 ( 0.00%) 175.24
quake 53 ( 0.00%) 5359 ( 0.00%) 101.11
cuseeme 7 ( 0.00%) 1050 ( 0.00%) 150.00
other 10754914 ( 26.36%) 6588364789 ( 24.19%) 612.59
icmp 447677 ( 1.10%) 36366257 ( 0.13%) 81.23
ipip 295 ( 0.00%) 35370 ( 0.00%) 119.90
ipsec 1822 ( 0.00%) 690900 ( 0.00%) 379.20
ip6 2611263 ( 6.40%) 1384318923 ( 5.08%) 530.13
other 192471 ( 0.47%) 40637298 ( 0.15%) 211.13
frag 215776 ( 0.53%) 163872598 ( 0.60%) 759.46
ip6 53568 ( 0.13%) 9989697 ( 0.04%) 186.49
tcp6 14217 ( 0.03%) 2337872 ( 0.01%) 164.44
http(s) 776 ( 0.00%) 908796 ( 0.00%) 1171.13
http(c) 3546 ( 0.01%) 331571 ( 0.00%) 93.51
smtp 176 ( 0.00%) 68161 ( 0.00%) 387.28
ftp 2499 ( 0.01%) 252822 ( 0.00%) 101.17
imap 259 ( 0.00%) 29754 ( 0.00%) 114.88
ssh 2420 ( 0.01%) 285576 ( 0.00%) 118.01
dns 110 ( 0.00%) 23999 ( 0.00%) 218.17
bgp 100 ( 0.00%) 12270 ( 0.00%) 122.70
other 4331 ( 0.01%) 424923 ( 0.00%) 98.11
udp6 33153 ( 0.08%) 6838673 ( 0.03%) 206.28
dns 32662 ( 0.08%) 6762285 ( 0.02%) 207.04
other 491 ( 0.00%) 76388 ( 0.00%) 155.58
icmp6 6092 ( 0.01%) 739263 ( 0.00%) 121.35
pim6 31 ( 0.00%) 4216 ( 0.00%) 136.00
other6 75 ( 0.00%) 69673 ( 0.00%) 928.97
tcpdump file: 201004131545.dump.gz (1040.75 MB)