Traffic Trace Info
DumpFile: 201004132315.dump
FileSize: 2276.74MB
Id: 201004132315
StartTime: Tue Apr 13 23:15:01 2010
EndTime: Tue Apr 13 23:30:01 2010
TotalTime: 899.34 seconds
TotalCapSize: 1776.41MB CapLen: 96 bytes
# of packets: 32789124 (20902.98MB)
AvgRate: 194.98Mbps stddev:13.24M
IP flow (unique src/dst pair) Information
# of flows: 1175806 (avg. 27.89 pkts/flow)
Top 10 big flow size (bytes/total in %):
5.0% 1.7% 0.7% 0.6% 0.5% 0.5% 0.5% 0.4% 0.4% 0.4%
IP address Information
# of IPv4 addresses: 649730
Top 10 bandwidth usage (bytes/total in %):
12.9% 8.1% 7.3% 7.2% 6.9% 6.5% 6.2% 5.3% 3.0% 2.3%
# of IPv6 addresses: 1025
Top 10 bandwidth usage (bytes/total in %):
40.3% 40.3% 16.2% 5.5% 3.7% 3.7% 3.5% 2.8% 2.5% 2.3%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004132315.pktlen.png)
detailed numbers
[ 32- 63]: 6354805
[ 64- 127]: 8334066
[ 128- 255]: 2341507
[ 256- 511]: 1690526
[ 512- 1023]: 762773
[ 1024- 2047]: 13305447
Protocol Breakdown
![[protocol breakdown chart]](201004132315.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 32789124 (100.00%) 21918367425 (100.00%) 668.46
ip 32733848 ( 99.83%) 21904852215 ( 99.94%) 669.18
tcp 20878247 ( 63.67%) 16567352932 ( 75.59%) 793.52
http(s) 10316575 ( 31.46%) 14221837155 ( 64.89%) 1378.54
http(c) 6091352 ( 18.58%) 566523223 ( 2.58%) 93.00
squid 322180 ( 0.98%) 98760783 ( 0.45%) 306.54
smtp 445963 ( 1.36%) 108338395 ( 0.49%) 242.93
nntp 1 ( 0.00%) 62 ( 0.00%) 62.00
ftp 31804 ( 0.10%) 2596084 ( 0.01%) 81.63
pop3 17260 ( 0.05%) 15414374 ( 0.07%) 893.07
imap 1649 ( 0.01%) 272290 ( 0.00%) 165.12
telnet 294 ( 0.00%) 38995 ( 0.00%) 132.64
ssh 130559 ( 0.40%) 28553615 ( 0.13%) 218.70
dns 55170 ( 0.17%) 3761273 ( 0.02%) 68.18
bgp 157 ( 0.00%) 62093 ( 0.00%) 395.50
napster 27 ( 0.00%) 2536 ( 0.00%) 93.93
realaud 25 ( 0.00%) 3848 ( 0.00%) 153.92
rtsp 48 ( 0.00%) 3552 ( 0.00%) 74.00
icecast 438 ( 0.00%) 30276 ( 0.00%) 69.12
hotline 149 ( 0.00%) 9779 ( 0.00%) 65.63
other 3464596 ( 10.57%) 1521144599 ( 6.94%) 439.05
udp 7811445 ( 23.82%) 3474629271 ( 15.85%) 444.81
dns 790472 ( 2.41%) 135200599 ( 0.62%) 171.04
rip 1 ( 0.00%) 109 ( 0.00%) 109.00
realaud 28 ( 0.00%) 3189 ( 0.00%) 113.89
halflif 96 ( 0.00%) 8844 ( 0.00%) 92.12
starcra 196 ( 0.00%) 20808 ( 0.00%) 106.16
everque 500 ( 0.00%) 98725 ( 0.00%) 197.45
unreal 98 ( 0.00%) 15749 ( 0.00%) 160.70
quake 39 ( 0.00%) 3425 ( 0.00%) 87.82
cuseeme 1 ( 0.00%) 82 ( 0.00%) 82.00
other 7019928 ( 21.41%) 3339212402 ( 15.23%) 475.68
icmp 902259 ( 2.75%) 149958302 ( 0.68%) 166.20
ipip 310 ( 0.00%) 37838 ( 0.00%) 122.06
ipsec 1469 ( 0.00%) 478958 ( 0.00%) 326.04
ip6 2852933 ( 8.70%) 1615811301 ( 7.37%) 566.37
other 287185 ( 0.88%) 96583613 ( 0.44%) 336.31
frag 9864 ( 0.03%) 8067687 ( 0.04%) 817.89
ip6 55276 ( 0.17%) 13515210 ( 0.06%) 244.50
tcp6 18845 ( 0.06%) 6957140 ( 0.03%) 369.18
http(s) 73 ( 0.00%) 36616 ( 0.00%) 501.59
http(c) 2999 ( 0.01%) 284781 ( 0.00%) 94.96
smtp 331 ( 0.00%) 180380 ( 0.00%) 544.95
ftp 2701 ( 0.01%) 279409 ( 0.00%) 103.45
imap 260 ( 0.00%) 30086 ( 0.00%) 115.72
ssh 1780 ( 0.01%) 156372 ( 0.00%) 87.85
dns 117 ( 0.00%) 30707 ( 0.00%) 262.45
bgp 120 ( 0.00%) 16872 ( 0.00%) 140.60
other 10464 ( 0.03%) 5941917 ( 0.03%) 567.84
udp6 29941 ( 0.09%) 5744244 ( 0.03%) 191.85
dns 29315 ( 0.09%) 5635819 ( 0.03%) 192.25
everque 1 ( 0.00%) 106 ( 0.00%) 106.00
other 625 ( 0.00%) 108319 ( 0.00%) 173.31
icmp6 6399 ( 0.02%) 760306 ( 0.00%) 118.82
pim6 31 ( 0.00%) 4216 ( 0.00%) 136.00
other6 60 ( 0.00%) 49304 ( 0.00%) 821.73
tcpdump file: 201004132315.dump.gz (846.93 MB)