Traffic Trace Info
DumpFile: 201004132200.dump
FileSize: 2470.85MB
Id: 201004132200
StartTime: Tue Apr 13 22:00:01 2010
EndTime: Tue Apr 13 22:15:00 2010
TotalTime: 899.31 seconds
TotalCapSize: 1927.46MB CapLen: 96 bytes
# of packets: 35610686 (23583.91MB)
AvgRate: 219.98Mbps stddev:13.62M
IP flow (unique src/dst pair) Information
# of flows: 1412743 (avg. 25.21 pkts/flow)
Top 10 big flow size (bytes/total in %):
5.6% 2.5% 1.9% 0.7% 0.7% 0.6% 0.6% 0.6% 0.5% 0.5%
IP address Information
# of IPv4 addresses: 731651
Top 10 bandwidth usage (bytes/total in %):
11.8% 8.5% 7.3% 7.1% 6.7% 6.2% 5.8% 5.6% 4.0% 3.5%
# of IPv6 addresses: 1023
Top 10 bandwidth usage (bytes/total in %):
25.2% 10.7% 5.6% 5.3% 5.1% 4.2% 3.7% 3.7% 3.6% 3.5%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004132200.pktlen.png)
detailed numbers
[ 32- 63]: 6313113
[ 64- 127]: 9074802
[ 128- 255]: 2325329
[ 256- 511]: 1820588
[ 512- 1023]: 933253
[ 1024- 2047]: 15143601
Protocol Breakdown
![[protocol breakdown chart]](201004132200.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 35610686 (100.00%) 24729516898 (100.00%) 694.44
ip 35559716 ( 99.86%) 24720831167 ( 99.96%) 695.19
tcp 22708731 ( 63.77%) 18878605325 ( 76.34%) 831.34
http(s) 11371361 ( 31.93%) 15719741509 ( 63.57%) 1382.40
http(c) 6135065 ( 17.23%) 695087313 ( 2.81%) 113.30
squid 318164 ( 0.89%) 94474161 ( 0.38%) 296.94
smtp 379052 ( 1.06%) 71187078 ( 0.29%) 187.80
nntp 1 ( 0.00%) 62 ( 0.00%) 62.00
ftp 35511 ( 0.10%) 3175901 ( 0.01%) 89.43
pop3 11449 ( 0.03%) 9404551 ( 0.04%) 821.43
imap 2945 ( 0.01%) 1282057 ( 0.01%) 435.33
telnet 358 ( 0.00%) 59338 ( 0.00%) 165.75
ssh 287677 ( 0.81%) 42997224 ( 0.17%) 149.46
dns 53429 ( 0.15%) 3650078 ( 0.01%) 68.32
bgp 159 ( 0.00%) 57819 ( 0.00%) 363.64
napster 12 ( 0.00%) 1594 ( 0.00%) 132.83
realaud 92 ( 0.00%) 10447 ( 0.00%) 113.55
rtsp 121930 ( 0.34%) 76400603 ( 0.31%) 626.59
icecast 480 ( 0.00%) 34121 ( 0.00%) 71.09
hotline 23 ( 0.00%) 1809 ( 0.00%) 78.65
other 3991020 ( 11.21%) 2161039480 ( 8.74%) 541.48
udp 8505508 ( 23.88%) 3950500769 ( 15.97%) 464.46
dns 1025275 ( 2.88%) 231497029 ( 0.94%) 225.79
realaud 166 ( 0.00%) 17115 ( 0.00%) 103.10
halflif 174 ( 0.00%) 15426 ( 0.00%) 88.66
starcra 249 ( 0.00%) 24774 ( 0.00%) 99.49
everque 552 ( 0.00%) 114090 ( 0.00%) 206.68
unreal 104 ( 0.00%) 17248 ( 0.00%) 165.85
quake 31 ( 0.00%) 2654 ( 0.00%) 85.61
cuseeme 3 ( 0.00%) 284 ( 0.00%) 94.67
other 7478859 ( 21.00%) 3718741586 ( 15.04%) 497.23
icmp 959976 ( 2.70%) 163288086 ( 0.66%) 170.10
ipip 343 ( 0.00%) 40738 ( 0.00%) 118.77
ipsec 1504 ( 0.00%) 488480 ( 0.00%) 324.79
ip6 2957714 ( 8.31%) 1677637298 ( 6.78%) 567.21
other 425940 ( 1.20%) 50270471 ( 0.20%) 118.02
frag 969 ( 0.00%) 885507 ( 0.00%) 913.84
ip6 50970 ( 0.14%) 8685731 ( 0.04%) 170.41
tcp6 13598 ( 0.04%) 1672849 ( 0.01%) 123.02
http(s) 94 ( 0.00%) 71999 ( 0.00%) 765.95
http(c) 3494 ( 0.01%) 328877 ( 0.00%) 94.13
smtp 426 ( 0.00%) 182844 ( 0.00%) 429.21
ftp 2584 ( 0.01%) 266784 ( 0.00%) 103.24
imap 384 ( 0.00%) 45423 ( 0.00%) 118.29
ssh 1654 ( 0.00%) 146360 ( 0.00%) 88.49
dns 239 ( 0.00%) 111711 ( 0.00%) 467.41
bgp 113 ( 0.00%) 14444 ( 0.00%) 127.82
other 4610 ( 0.01%) 504407 ( 0.00%) 109.42
udp6 31042 ( 0.09%) 6210399 ( 0.03%) 200.06
dns 30408 ( 0.09%) 6094538 ( 0.02%) 200.43
other 634 ( 0.00%) 115861 ( 0.00%) 182.75
icmp6 6241 ( 0.02%) 750999 ( 0.00%) 120.33
pim6 31 ( 0.00%) 4216 ( 0.00%) 136.00
other6 58 ( 0.00%) 47268 ( 0.00%) 814.97
tcpdump file: 201004132200.dump.gz (915.18 MB)