Traffic Trace Info
DumpFile: 201004131600.dump
FileSize: 2845.68MB
Id: 201004131600
StartTime: Tue Apr 13 16:00:01 2010
EndTime: Tue Apr 13 16:15:00 2010
TotalTime: 899.76 seconds
TotalCapSize: -1880.70MB CapLen: 96 bytes
# of packets: 41310017 (26548.56MB)
AvgRate: 247.52Mbps stddev:22.98M
IP flow (unique src/dst pair) Information
# of flows: 1069654 (avg. 38.62 pkts/flow)
Top 10 big flow size (bytes/total in %):
2.2% 1.6% 1.1% 1.1% 1.1% 1.0% 0.9% 0.8% 0.7% 0.7%
IP address Information
# of IPv4 addresses: 563215
Top 10 bandwidth usage (bytes/total in %):
14.7% 5.2% 5.1% 4.8% 4.6% 3.9% 3.6% 3.5% 2.6% 2.5%
# of IPv6 addresses: 1119
Top 10 bandwidth usage (bytes/total in %):
18.5% 13.4% 13.4% 8.0% 6.1% 5.5% 4.5% 4.4% 4.2% 3.9%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004131600.pktlen.png)
detailed numbers
[ 32- 63]: 7730874
[ 64- 127]: 10413607
[ 128- 255]: 3103018
[ 256- 511]: 1978703
[ 512- 1023]: 1150130
[ 1024- 2047]: 16933685
Protocol Breakdown
![[protocol breakdown chart]](201004131600.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 41310017 (100.00%) 27838186634 (100.00%) 673.88
ip 41254941 ( 99.87%) 27827118671 ( 99.96%) 674.52
tcp 27053256 ( 65.49%) 20085286305 ( 72.15%) 742.44
http(s) 11342725 ( 27.46%) 15122400896 ( 54.32%) 1333.22
http(c) 8349319 ( 20.21%) 1624814070 ( 5.84%) 194.60
squid 292195 ( 0.71%) 86424581 ( 0.31%) 295.78
smtp 469020 ( 1.14%) 158304811 ( 0.57%) 337.52
ftp 34622 ( 0.08%) 10830081 ( 0.04%) 312.81
pop3 23218 ( 0.06%) 10121238 ( 0.04%) 435.92
imap 4344 ( 0.01%) 1156384 ( 0.00%) 266.20
telnet 357 ( 0.00%) 58158 ( 0.00%) 162.91
ssh 1429867 ( 3.46%) 201224598 ( 0.72%) 140.73
dns 52197 ( 0.13%) 3623132 ( 0.01%) 69.41
bgp 177 ( 0.00%) 71221 ( 0.00%) 402.38
napster 29 ( 0.00%) 5561 ( 0.00%) 191.76
realaud 77 ( 0.00%) 6663 ( 0.00%) 86.53
rtsp 361147 ( 0.87%) 155319054 ( 0.56%) 430.07
icecast 1129 ( 0.00%) 135818 ( 0.00%) 120.30
other 4692817 ( 11.36%) 2710779349 ( 9.74%) 577.64
udp 10978489 ( 26.58%) 6307335168 ( 22.66%) 574.52
dns 852868 ( 2.06%) 141323562 ( 0.51%) 165.70
rip 3 ( 0.00%) 225 ( 0.00%) 75.00
realaud 71 ( 0.00%) 10869 ( 0.00%) 153.08
halflif 95 ( 0.00%) 29697 ( 0.00%) 312.60
starcra 191 ( 0.00%) 18365 ( 0.00%) 96.15
everque 725 ( 0.00%) 143302 ( 0.00%) 197.66
unreal 284 ( 0.00%) 48252 ( 0.00%) 169.90
quake 35 ( 0.00%) 3581 ( 0.00%) 102.31
cuseeme 24 ( 0.00%) 2844 ( 0.00%) 118.50
other 10088626 ( 24.42%) 6163268870 ( 22.14%) 610.91
icmp 468256 ( 1.13%) 37966625 ( 0.14%) 81.08
ipip 383 ( 0.00%) 47584 ( 0.00%) 124.24
ipsec 1429 ( 0.00%) 465894 ( 0.00%) 326.03
ip6 2598006 ( 6.29%) 1360961611 ( 4.89%) 523.85
other 155122 ( 0.38%) 35055484 ( 0.13%) 225.99
frag 88367 ( 0.21%) 67260249 ( 0.24%) 761.15
ip6 55076 ( 0.13%) 11067963 ( 0.04%) 200.96
tcp6 14631 ( 0.04%) 3259731 ( 0.01%) 222.80
http(s) 1408 ( 0.00%) 1872896 ( 0.01%) 1330.18
http(c) 3359 ( 0.01%) 313383 ( 0.00%) 93.30
smtp 272 ( 0.00%) 75713 ( 0.00%) 278.36
ftp 2478 ( 0.01%) 251091 ( 0.00%) 101.33
imap 476 ( 0.00%) 52757 ( 0.00%) 110.83
ssh 1760 ( 0.00%) 176676 ( 0.00%) 100.38
dns 136 ( 0.00%) 45559 ( 0.00%) 334.99
bgp 97 ( 0.00%) 11971 ( 0.00%) 123.41
other 4645 ( 0.01%) 459685 ( 0.00%) 98.96
udp6 33938 ( 0.08%) 6957606 ( 0.02%) 205.01
dns 33360 ( 0.08%) 6861443 ( 0.02%) 205.68
quake 1 ( 0.00%) 97 ( 0.00%) 97.00
other 577 ( 0.00%) 96066 ( 0.00%) 166.49
icmp6 6397 ( 0.02%) 778547 ( 0.00%) 121.71
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 80 ( 0.00%) 67999 ( 0.00%) 849.99
tcpdump file: 201004131600.dump.gz (1054.65 MB)