Traffic Trace Info
DumpFile: 201004132100.dump
FileSize: 2192.48MB
Id: 201004132100
StartTime: Tue Apr 13 21:00:01 2010
EndTime: Tue Apr 13 21:15:01 2010
TotalTime: 899.76 seconds
TotalCapSize: 1707.29MB CapLen: 96 bytes
# of packets: 31796279 (19854.30MB)
AvgRate: 185.12Mbps stddev:13.54M
IP flow (unique src/dst pair) Information
# of flows: 1085082 (avg. 29.30 pkts/flow)
Top 10 big flow size (bytes/total in %):
3.3% 1.0% 0.9% 0.8% 0.6% 0.6% 0.6% 0.6% 0.5% 0.4%
IP address Information
# of IPv4 addresses: 593548
Top 10 bandwidth usage (bytes/total in %):
15.2% 8.1% 7.5% 6.0% 5.9% 5.9% 4.1% 3.4% 3.4% 2.6%
# of IPv6 addresses: 1037
Top 10 bandwidth usage (bytes/total in %):
35.8% 35.8% 15.1% 6.8% 4.1% 3.5% 3.3% 3.3% 2.6% 2.5%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004132100.pktlen.png)
detailed numbers
[ 32- 63]: 5716645
[ 64- 127]: 8350495
[ 128- 255]: 2501970
[ 256- 511]: 1714793
[ 512- 1023]: 881485
[ 1024- 2047]: 12630891
Protocol Breakdown
![[protocol breakdown chart]](201004132100.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 31796279 (100.00%) 20818747664 (100.00%) 654.75
ip 31733320 ( 99.80%) 20804211948 ( 99.93%) 655.60
tcp 18783091 ( 59.07%) 14687289504 ( 70.55%) 781.94
http(s) 8768179 ( 27.58%) 11995817235 ( 57.62%) 1368.11
http(c) 5630419 ( 17.71%) 780224582 ( 3.75%) 138.57
squid 330409 ( 1.04%) 96465271 ( 0.46%) 291.96
smtp 406679 ( 1.28%) 132496824 ( 0.64%) 325.80
nntp 18 ( 0.00%) 1080 ( 0.00%) 60.00
ftp 42479 ( 0.13%) 3681939 ( 0.02%) 86.68
pop3 19206 ( 0.06%) 14243196 ( 0.07%) 741.60
imap 2415 ( 0.01%) 287192 ( 0.00%) 118.92
telnet 401 ( 0.00%) 64042 ( 0.00%) 159.71
ssh 124492 ( 0.39%) 18285826 ( 0.09%) 146.88
dns 55533 ( 0.17%) 3771966 ( 0.02%) 67.92
bgp 154 ( 0.00%) 57252 ( 0.00%) 371.77
napster 19 ( 0.00%) 2300 ( 0.00%) 121.05
realaud 13 ( 0.00%) 818 ( 0.00%) 62.92
rtsp 96313 ( 0.30%) 80973252 ( 0.39%) 840.73
icecast 1653 ( 0.01%) 187755 ( 0.00%) 113.58
hotline 5 ( 0.00%) 326 ( 0.00%) 65.20
other 3304698 ( 10.39%) 1560728288 ( 7.50%) 472.28
udp 8677865 ( 27.29%) 4208778382 ( 20.22%) 485.00
dns 1033533 ( 3.25%) 219858738 ( 1.06%) 212.73
realaud 1574 ( 0.00%) 102594 ( 0.00%) 65.18
halflif 104 ( 0.00%) 10432 ( 0.00%) 100.31
starcra 242 ( 0.00%) 22706 ( 0.00%) 93.83
everque 522 ( 0.00%) 93514 ( 0.00%) 179.15
unreal 133 ( 0.00%) 20921 ( 0.00%) 157.30
quake 72 ( 0.00%) 7232 ( 0.00%) 100.44
cuseeme 5 ( 0.00%) 413 ( 0.00%) 82.60
other 7641588 ( 24.03%) 3988584232 ( 19.16%) 521.96
icmp 915459 ( 2.88%) 162181957 ( 0.78%) 177.16
ipip 364 ( 0.00%) 43604 ( 0.00%) 119.79
ipsec 1418 ( 0.00%) 464684 ( 0.00%) 327.70
ip6 2917199 ( 9.17%) 1584864891 ( 7.61%) 543.28
other 437924 ( 1.38%) 160588926 ( 0.77%) 366.71
frag 796 ( 0.00%) 831562 ( 0.00%) 1044.68
ip6 62959 ( 0.20%) 14535716 ( 0.07%) 230.88
tcp6 24293 ( 0.08%) 7218043 ( 0.03%) 297.12
http(s) 131 ( 0.00%) 129863 ( 0.00%) 991.32
http(c) 4923 ( 0.02%) 457229 ( 0.00%) 92.88
smtp 295 ( 0.00%) 105817 ( 0.00%) 358.70
ftp 2663 ( 0.01%) 276543 ( 0.00%) 103.85
imap 357 ( 0.00%) 41988 ( 0.00%) 117.61
ssh 3453 ( 0.01%) 371874 ( 0.00%) 107.70
dns 261 ( 0.00%) 63316 ( 0.00%) 242.59
bgp 114 ( 0.00%) 15913 ( 0.00%) 139.59
other 12096 ( 0.04%) 5755500 ( 0.03%) 475.82
udp6 32163 ( 0.10%) 6480779 ( 0.03%) 201.50
dns 31524 ( 0.10%) 6365383 ( 0.03%) 201.92
starcra 1 ( 0.00%) 107 ( 0.00%) 107.00
quake 1 ( 0.00%) 108 ( 0.00%) 108.00
other 637 ( 0.00%) 115181 ( 0.00%) 180.82
icmp6 6395 ( 0.02%) 767602 ( 0.00%) 120.03
pim6 31 ( 0.00%) 4216 ( 0.00%) 136.00
other6 77 ( 0.00%) 65076 ( 0.00%) 845.14
tcpdump file: 201004132100.dump.gz (819.18 MB)