Traffic Trace Info
DumpFile: 201004131630.dump
FileSize: 2791.32MB
Id: 201004131630
StartTime: Tue Apr 13 16:30:00 2010
EndTime: Tue Apr 13 16:45:01 2010
TotalTime: 900.22 seconds
TotalCapSize: -1922.76MB CapLen: 96 bytes
# of packets: 40496880 (25406.49MB)
AvgRate: 236.75Mbps stddev:16.46M
IP flow (unique src/dst pair) Information
# of flows: 1235491 (avg. 32.78 pkts/flow)
Top 10 big flow size (bytes/total in %):
2.3% 1.4% 1.1% 0.9% 0.9% 0.8% 0.7% 0.7% 0.6% 0.6%
IP address Information
# of IPv4 addresses: 645266
Top 10 bandwidth usage (bytes/total in %):
15.6% 6.0% 4.7% 4.5% 4.3% 4.1% 4.0% 3.5% 3.0% 2.8%
# of IPv6 addresses: 1094
Top 10 bandwidth usage (bytes/total in %):
65.5% 65.5% 6.3% 5.3% 5.3% 3.8% 2.2% 1.7% 1.4% 1.4%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004131630.pktlen.png)
detailed numbers
[ 32- 63]: 6983296
[ 64- 127]: 11031354
[ 128- 255]: 3108139
[ 256- 511]: 1956927
[ 512- 1023]: 1346855
[ 1024- 2047]: 16070309
Protocol Breakdown
![[protocol breakdown chart]](201004131630.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 40496880 (100.00%) 26640631955 (100.00%) 657.84
ip 40411066 ( 99.79%) 26607011334 ( 99.87%) 658.41
tcp 24603615 ( 60.75%) 17650870537 ( 66.26%) 717.41
http(s) 9842417 ( 24.30%) 12969090004 ( 48.68%) 1317.67
http(c) 7212068 ( 17.81%) 1612089747 ( 6.05%) 223.53
squid 291197 ( 0.72%) 77188255 ( 0.29%) 265.07
smtp 445055 ( 1.10%) 127773336 ( 0.48%) 287.10
nntp 4 ( 0.00%) 240 ( 0.00%) 60.00
ftp 20487 ( 0.05%) 4630753 ( 0.02%) 226.03
pop3 20002 ( 0.05%) 8563635 ( 0.03%) 428.14
imap 5010 ( 0.01%) 847162 ( 0.00%) 169.09
telnet 1195 ( 0.00%) 141515 ( 0.00%) 118.42
ssh 1050414 ( 2.59%) 152907858 ( 0.57%) 145.57
dns 51857 ( 0.13%) 3560237 ( 0.01%) 68.65
bgp 129 ( 0.00%) 43349 ( 0.00%) 336.04
napster 123 ( 0.00%) 9075 ( 0.00%) 73.78
realaud 154 ( 0.00%) 13604 ( 0.00%) 88.34
rtsp 141408 ( 0.35%) 16764944 ( 0.06%) 118.56
icecast 1157 ( 0.00%) 194066 ( 0.00%) 167.73
hotline 160 ( 0.00%) 9907 ( 0.00%) 61.92
other 5520771 ( 13.63%) 2677042430 ( 10.05%) 484.90
udp 12118993 ( 29.93%) 7258018628 ( 27.24%) 598.90
dns 853745 ( 2.11%) 142720272 ( 0.54%) 167.17
rip 3 ( 0.00%) 327 ( 0.00%) 109.00
realaud 62 ( 0.00%) 10147 ( 0.00%) 163.66
halflif 39 ( 0.00%) 4662 ( 0.00%) 119.54
starcra 284 ( 0.00%) 28973 ( 0.00%) 102.02
everque 1953 ( 0.00%) 310623 ( 0.00%) 159.05
unreal 336 ( 0.00%) 52336 ( 0.00%) 155.76
quake 42 ( 0.00%) 3850 ( 0.00%) 91.67
cuseeme 6 ( 0.00%) 474 ( 0.00%) 79.00
other 11257530 ( 27.80%) 7114396393 ( 26.71%) 631.97
icmp 635420 ( 1.57%) 49722470 ( 0.19%) 78.25
ipip 363 ( 0.00%) 44238 ( 0.00%) 121.87
ipsec 1512 ( 0.00%) 520000 ( 0.00%) 343.92
ip6 2859035 ( 7.06%) 1610821701 ( 6.05%) 563.41
other 192128 ( 0.47%) 37013760 ( 0.14%) 192.65
frag 15202 ( 0.04%) 12049679 ( 0.05%) 792.64
ip6 85814 ( 0.21%) 33620621 ( 0.13%) 391.78
tcp6 44172 ( 0.11%) 25580615 ( 0.10%) 579.11
http(s) 15070 ( 0.04%) 22607678 ( 0.08%) 1500.18
http(c) 3246 ( 0.01%) 299896 ( 0.00%) 92.39
smtp 433 ( 0.00%) 203216 ( 0.00%) 469.32
ftp 1434 ( 0.00%) 144470 ( 0.00%) 100.75
imap 514 ( 0.00%) 57604 ( 0.00%) 112.07
ssh 2343 ( 0.01%) 325670 ( 0.00%) 139.00
dns 110 ( 0.00%) 29895 ( 0.00%) 271.77
bgp 96 ( 0.00%) 11701 ( 0.00%) 121.89
other 20926 ( 0.05%) 1900485 ( 0.01%) 90.82
udp6 35405 ( 0.09%) 7199907 ( 0.03%) 203.36
dns 34724 ( 0.09%) 7079410 ( 0.03%) 203.88
other 681 ( 0.00%) 120497 ( 0.00%) 176.94
icmp6 6149 ( 0.02%) 783199 ( 0.00%) 127.37
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 58 ( 0.00%) 52820 ( 0.00%) 910.69
tcpdump file: 201004131630.dump.gz (1036.94 MB)