Traffic Trace Info
DumpFile: 201004132145.dump
FileSize: 2382.75MB
Id: 201004132145
StartTime: Tue Apr 13 21:45:01 2010
EndTime: Tue Apr 13 22:00:01 2010
TotalTime: 900.59 seconds
TotalCapSize: 1859.04MB CapLen: 96 bytes
# of packets: 34321093 (21998.77MB)
AvgRate: 204.89Mbps stddev:17.44M
IP flow (unique src/dst pair) Information
# of flows: 1151578 (avg. 29.80 pkts/flow)
Top 10 big flow size (bytes/total in %):
4.2% 1.5% 1.3% 1.0% 0.8% 0.7% 0.7% 0.7% 0.7% 0.6%
IP address Information
# of IPv4 addresses: 656620
Top 10 bandwidth usage (bytes/total in %):
12.6% 7.8% 7.3% 6.9% 6.2% 5.9% 4.3% 4.2% 3.0% 2.6%
# of IPv6 addresses: 992
Top 10 bandwidth usage (bytes/total in %):
21.5% 20.2% 20.2% 6.5% 4.7% 4.6% 4.6% 3.6% 3.3% 3.0%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004132145.pktlen.png)
detailed numbers
[ 32- 63]: 5818090
[ 64- 127]: 9215196
[ 128- 255]: 2481144
[ 256- 511]: 1882582
[ 512- 1023]: 891084
[ 1024- 2047]: 14032997
Protocol Breakdown
![[protocol breakdown chart]](201004132145.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 34321093 (100.00%) 23067387408 (100.00%) 672.11
ip 34267091 ( 99.84%) 23057178311 ( 99.96%) 672.87
tcp 21388506 ( 62.32%) 17174430223 ( 74.45%) 802.97
http(s) 9926245 ( 28.92%) 13742328427 ( 59.57%) 1384.44
http(c) 5725544 ( 16.68%) 790567421 ( 3.43%) 138.08
squid 316063 ( 0.92%) 109476519 ( 0.47%) 346.38
smtp 375548 ( 1.09%) 76861215 ( 0.33%) 204.66
ftp 32085 ( 0.09%) 3163166 ( 0.01%) 98.59
pop3 11596 ( 0.03%) 7786807 ( 0.03%) 671.51
imap 4027 ( 0.01%) 2829734 ( 0.01%) 702.69
telnet 227 ( 0.00%) 34893 ( 0.00%) 153.71
ssh 884186 ( 2.58%) 131311731 ( 0.57%) 148.51
dns 56410 ( 0.16%) 3852411 ( 0.02%) 68.29
bgp 141 ( 0.00%) 53160 ( 0.00%) 377.02
napster 38 ( 0.00%) 11679 ( 0.00%) 307.34
rtsp 240291 ( 0.70%) 171985125 ( 0.75%) 715.74
icecast 312 ( 0.00%) 21415 ( 0.00%) 68.64
hotline 20 ( 0.00%) 1851 ( 0.00%) 92.55
other 3815746 ( 11.12%) 2134143049 ( 9.25%) 559.30
udp 8620975 ( 25.12%) 3968887440 ( 17.21%) 460.38
dns 1004469 ( 2.93%) 228344192 ( 0.99%) 227.33
realaud 960 ( 0.00%) 59581 ( 0.00%) 62.06
halflif 48 ( 0.00%) 5194 ( 0.00%) 108.21
starcra 269 ( 0.00%) 26172 ( 0.00%) 97.29
everque 463 ( 0.00%) 95559 ( 0.00%) 206.39
unreal 152 ( 0.00%) 17275 ( 0.00%) 113.65
quake 57 ( 0.00%) 4982 ( 0.00%) 87.40
cuseeme 7 ( 0.00%) 714 ( 0.00%) 102.00
other 7614465 ( 22.19%) 3740257046 ( 16.21%) 491.20
icmp 907125 ( 2.64%) 152602380 ( 0.66%) 168.23
ipip 337 ( 0.00%) 40931 ( 0.00%) 121.46
ipsec 1406 ( 0.00%) 462868 ( 0.00%) 329.21
ip6 2973213 ( 8.66%) 1701615755 ( 7.38%) 572.32
other 375529 ( 1.09%) 59138714 ( 0.26%) 157.48
frag 788 ( 0.00%) 755764 ( 0.00%) 959.09
ip6 54002 ( 0.16%) 10209097 ( 0.04%) 189.05
tcp6 16522 ( 0.05%) 3589101 ( 0.02%) 217.23
http(s) 20 ( 0.00%) 7526 ( 0.00%) 376.30
http(c) 3339 ( 0.01%) 318891 ( 0.00%) 95.50
smtp 124 ( 0.00%) 55294 ( 0.00%) 445.92
ftp 2702 ( 0.01%) 278780 ( 0.00%) 103.18
imap 248 ( 0.00%) 28548 ( 0.00%) 115.11
ssh 1782 ( 0.01%) 158272 ( 0.00%) 88.82
dns 97 ( 0.00%) 24623 ( 0.00%) 253.85
bgp 103 ( 0.00%) 13185 ( 0.00%) 128.01
other 8107 ( 0.02%) 2703982 ( 0.01%) 333.54
udp6 30915 ( 0.09%) 5776302 ( 0.03%) 186.84
dns 30279 ( 0.09%) 5664248 ( 0.02%) 187.07
quake 1 ( 0.00%) 109 ( 0.00%) 109.00
other 635 ( 0.00%) 111945 ( 0.00%) 176.29
icmp6 6485 ( 0.02%) 795814 ( 0.00%) 122.72
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 50 ( 0.00%) 43800 ( 0.00%) 876.00
tcpdump file: 201004132145.dump.gz (895.28 MB)