Traffic Trace Info
DumpFile: 201004131800.dump
FileSize: 2445.24MB
Id: 201004131800
StartTime: Tue Apr 13 18:00:01 2010
EndTime: Tue Apr 13 18:15:01 2010
TotalTime: 899.62 seconds
TotalCapSize: 1907.57MB CapLen: 96 bytes
# of packets: 35230041 (22689.02MB)
AvgRate: 211.57Mbps stddev:17.97M
IP flow (unique src/dst pair) Information
# of flows: 1144448 (avg. 30.78 pkts/flow)
Top 10 big flow size (bytes/total in %):
2.9% 1.0% 0.8% 0.8% 0.6% 0.6% 0.5% 0.5% 0.5% 0.5%
IP address Information
# of IPv4 addresses: 596545
Top 10 bandwidth usage (bytes/total in %):
15.4% 7.1% 6.4% 5.0% 5.0% 4.6% 4.5% 3.1% 2.4% 2.4%
# of IPv6 addresses: 1105
Top 10 bandwidth usage (bytes/total in %):
22.0% 9.0% 6.0% 5.1% 4.8% 4.8% 4.7% 4.7% 3.3% 3.2%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004131800.pktlen.png)
detailed numbers
[ 32- 63]: 6662145
[ 64- 127]: 8667329
[ 128- 255]: 2437417
[ 256- 511]: 1947178
[ 512- 1023]: 1061482
[ 1024- 2047]: 14454490
Protocol Breakdown
![[protocol breakdown chart]](201004131800.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 35230041 (100.00%) 23791165524 (100.00%) 675.31
ip 35173596 ( 99.84%) 23781222074 ( 99.96%) 676.11
tcp 22340070 ( 63.41%) 17270332419 ( 72.59%) 773.07
http(s) 9181013 ( 26.06%) 12453684715 ( 52.35%) 1356.46
http(c) 6520975 ( 18.51%) 1036819621 ( 4.36%) 159.00
squid 303393 ( 0.86%) 81401429 ( 0.34%) 268.30
smtp 436576 ( 1.24%) 126679048 ( 0.53%) 290.16
ftp 35445 ( 0.10%) 3347100 ( 0.01%) 94.43
pop3 24409 ( 0.07%) 13925836 ( 0.06%) 570.52
imap 12574 ( 0.04%) 1234886 ( 0.01%) 98.21
telnet 1196 ( 0.00%) 114214 ( 0.00%) 95.50
ssh 273014 ( 0.77%) 41221935 ( 0.17%) 150.99
dns 52323 ( 0.15%) 3609672 ( 0.02%) 68.99
bgp 149 ( 0.00%) 48379 ( 0.00%) 324.69
napster 44 ( 0.00%) 4714 ( 0.00%) 107.14
realaud 5 ( 0.00%) 318 ( 0.00%) 63.60
rtsp 214215 ( 0.61%) 92977626 ( 0.39%) 434.04
icecast 1411 ( 0.00%) 132910 ( 0.00%) 94.20
hotline 2 ( 0.00%) 120 ( 0.00%) 60.00
other 5283289 ( 15.00%) 3415127676 ( 14.35%) 646.40
udp 8887740 ( 25.23%) 4682528184 ( 19.68%) 526.85
dns 847424 ( 2.41%) 140367963 ( 0.59%) 165.64
realaud 361 ( 0.00%) 30438 ( 0.00%) 84.32
halflif 43 ( 0.00%) 4188 ( 0.00%) 97.40
starcra 245 ( 0.00%) 23589 ( 0.00%) 96.28
everque 15276 ( 0.04%) 2961641 ( 0.01%) 193.88
unreal 212 ( 0.00%) 33005 ( 0.00%) 155.68
quake 62 ( 0.00%) 6064 ( 0.00%) 97.81
cuseeme 4 ( 0.00%) 325 ( 0.00%) 81.25
other 8023754 ( 22.78%) 4538903836 ( 19.08%) 565.68
icmp 857699 ( 2.43%) 102837132 ( 0.43%) 119.90
ipip 368 ( 0.00%) 43296 ( 0.00%) 117.65
ipsec 1556 ( 0.00%) 510760 ( 0.00%) 328.25
ip6 2967495 ( 8.42%) 1708443341 ( 7.18%) 575.72
other 118668 ( 0.34%) 16526942 ( 0.07%) 139.27
frag 1684 ( 0.00%) 1714496 ( 0.01%) 1018.11
ip6 56445 ( 0.16%) 9943450 ( 0.04%) 176.16
tcp6 17031 ( 0.05%) 2283537 ( 0.01%) 134.08
http(s) 399 ( 0.00%) 450554 ( 0.00%) 1129.21
http(c) 4791 ( 0.01%) 432434 ( 0.00%) 90.26
smtp 249 ( 0.00%) 93837 ( 0.00%) 376.86
ftp 2681 ( 0.01%) 276771 ( 0.00%) 103.23
imap 389 ( 0.00%) 45052 ( 0.00%) 115.81
ssh 3510 ( 0.01%) 438040 ( 0.00%) 124.80
dns 220 ( 0.00%) 55106 ( 0.00%) 250.48
bgp 116 ( 0.00%) 15377 ( 0.00%) 132.56
other 4676 ( 0.01%) 476366 ( 0.00%) 101.87
udp6 32842 ( 0.09%) 6793586 ( 0.03%) 206.86
dns 32355 ( 0.09%) 6709163 ( 0.03%) 207.36
other 487 ( 0.00%) 84423 ( 0.00%) 173.35
icmp6 6489 ( 0.02%) 817590 ( 0.00%) 126.00
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 53 ( 0.00%) 44657 ( 0.00%) 842.58
tcpdump file: 201004131800.dump.gz (911.27 MB)