Traffic Trace Info
DumpFile: 201004131745.dump
FileSize: 2545.65MB
Id: 201004131745
StartTime: Tue Apr 13 17:45:01 2010
EndTime: Tue Apr 13 18:00:01 2010
TotalTime: 900.49 seconds
TotalCapSize: 1988.85MB CapLen: 96 bytes
# of packets: 36490201 (23507.70MB)
AvgRate: 218.96Mbps stddev:23.41M
IP flow (unique src/dst pair) Information
# of flows: 1058445 (avg. 34.48 pkts/flow)
Top 10 big flow size (bytes/total in %):
1.3% 1.2% 0.8% 0.8% 0.8% 0.8% 0.7% 0.7% 0.6% 0.5%
IP address Information
# of IPv4 addresses: 559920
Top 10 bandwidth usage (bytes/total in %):
15.0% 6.7% 5.2% 4.8% 4.2% 3.9% 3.6% 2.6% 2.4% 2.4%
# of IPv6 addresses: 1071
Top 10 bandwidth usage (bytes/total in %):
21.4% 7.3% 6.3% 5.1% 5.1% 5.0% 5.0% 5.0% 3.5% 3.4%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004131745.pktlen.png)
detailed numbers
[ 32- 63]: 7066688
[ 64- 127]: 9136945
[ 128- 255]: 2297732
[ 256- 511]: 1911301
[ 512- 1023]: 1071080
[ 1024- 2047]: 15006455
Protocol Breakdown
![[protocol breakdown chart]](201004131745.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 36490201 (100.00%) 24649611715 (100.00%) 675.51
ip 36436429 ( 99.85%) 24640224127 ( 99.96%) 676.25
tcp 24056398 ( 65.93%) 18283072023 ( 74.17%) 760.01
http(s) 9805368 ( 26.87%) 13314163748 ( 54.01%) 1357.84
http(c) 6986006 ( 19.14%) 1065335042 ( 4.32%) 152.50
squid 304652 ( 0.83%) 76627272 ( 0.31%) 251.52
smtp 547543 ( 1.50%) 213868757 ( 0.87%) 390.60
nntp 4 ( 0.00%) 248 ( 0.00%) 62.00
ftp 27387 ( 0.08%) 2569425 ( 0.01%) 93.82
pop3 16318 ( 0.04%) 7434348 ( 0.03%) 455.59
imap 3289 ( 0.01%) 1013683 ( 0.00%) 308.20
telnet 829 ( 0.00%) 74916 ( 0.00%) 90.37
ssh 214343 ( 0.59%) 76730055 ( 0.31%) 357.98
dns 54139 ( 0.15%) 3869321 ( 0.02%) 71.47
bgp 152 ( 0.00%) 57786 ( 0.00%) 380.17
napster 17 ( 0.00%) 1566 ( 0.00%) 92.12
realaud 13 ( 0.00%) 1750 ( 0.00%) 134.62
rtsp 246628 ( 0.68%) 151217962 ( 0.61%) 613.14
icecast 1401 ( 0.00%) 178286 ( 0.00%) 127.26
hotline 52 ( 0.00%) 3428 ( 0.00%) 65.92
other 5848250 ( 16.03%) 3369924010 ( 13.67%) 576.23
udp 8794497 ( 24.10%) 4633024541 ( 18.80%) 526.81
dns 834508 ( 2.29%) 138430231 ( 0.56%) 165.88
realaud 67 ( 0.00%) 12021 ( 0.00%) 179.42
halflif 36 ( 0.00%) 6856 ( 0.00%) 190.44
starcra 198 ( 0.00%) 20152 ( 0.00%) 101.78
everque 2647 ( 0.01%) 376628 ( 0.00%) 142.28
unreal 196 ( 0.00%) 29412 ( 0.00%) 150.06
quake 67 ( 0.00%) 6740 ( 0.00%) 100.60
cuseeme 6 ( 0.00%) 578 ( 0.00%) 96.33
other 7956436 ( 21.80%) 4493955712 ( 18.23%) 564.82
icmp 634514 ( 1.74%) 66302814 ( 0.27%) 104.49
ipip 337 ( 0.00%) 41898 ( 0.00%) 124.33
ipsec 1405 ( 0.00%) 463614 ( 0.00%) 329.97
ip6 2935764 ( 8.05%) 1653836714 ( 6.71%) 563.34
other 13514 ( 0.04%) 3482523 ( 0.01%) 257.70
frag 1577 ( 0.00%) 1606220 ( 0.01%) 1018.53
ip6 53772 ( 0.15%) 9387588 ( 0.04%) 174.58
tcp6 16382 ( 0.04%) 2156811 ( 0.01%) 131.66
http(s) 384 ( 0.00%) 488128 ( 0.00%) 1271.17
http(c) 4879 ( 0.01%) 444120 ( 0.00%) 91.03
smtp 353 ( 0.00%) 137280 ( 0.00%) 388.90
ftp 2692 ( 0.01%) 278998 ( 0.00%) 103.64
imap 349 ( 0.00%) 37572 ( 0.00%) 107.66
ssh 3288 ( 0.01%) 282808 ( 0.00%) 86.01
dns 202 ( 0.00%) 55115 ( 0.00%) 272.85
bgp 100 ( 0.00%) 12628 ( 0.00%) 126.28
other 4135 ( 0.01%) 420162 ( 0.00%) 101.61
udp6 31094 ( 0.09%) 6416577 ( 0.03%) 206.36
dns 30674 ( 0.08%) 6340811 ( 0.03%) 206.72
other 420 ( 0.00%) 75766 ( 0.00%) 180.40
icmp6 6200 ( 0.02%) 749024 ( 0.00%) 120.81
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 66 ( 0.00%) 61096 ( 0.00%) 925.70
tcpdump file: 201004131745.dump.gz (936.85 MB)