Traffic Trace Info
DumpFile: 201004140000.dump
FileSize: 2217.93MB
Id: 201004140000
StartTime: Wed Apr 14 00:00:01 2010
EndTime: Wed Apr 14 00:15:01 2010
TotalTime: 899.99 seconds
TotalCapSize: 1729.71MB CapLen: 96 bytes
# of packets: 31995282 (20738.81MB)
AvgRate: 193.30Mbps stddev:14.06M
IP flow (unique src/dst pair) Information
# of flows: 1279656 (avg. 25.00 pkts/flow)
Top 10 big flow size (bytes/total in %):
6.2% 2.3% 2.0% 1.7% 1.7% 0.8% 0.6% 0.5% 0.5% 0.5%
IP address Information
# of IPv4 addresses: 730159
Top 10 bandwidth usage (bytes/total in %):
14.3% 6.6% 6.2% 6.2% 6.1% 6.1% 5.8% 5.2% 4.3% 3.6%
# of IPv6 addresses: 1000
Top 10 bandwidth usage (bytes/total in %):
26.3% 7.5% 7.1% 5.7% 5.7% 4.6% 3.8% 3.6% 3.3% 3.3%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004140000.pktlen.png)
detailed numbers
[ 32- 63]: 5776434
[ 64- 127]: 8303098
[ 128- 255]: 2271070
[ 256- 511]: 1712124
[ 512- 1023]: 705080
[ 1024- 2047]: 13227476
Protocol Breakdown
![[protocol breakdown chart]](201004140000.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 31995282 (100.00%) 21746214583 (100.00%) 679.67
ip 31943457 ( 99.84%) 21737879175 ( 99.96%) 680.51
tcp 19971179 ( 62.42%) 16379025925 ( 75.32%) 820.13
http(s) 9978413 ( 31.19%) 13745703364 ( 63.21%) 1377.54
http(c) 5218644 ( 16.31%) 552857014 ( 2.54%) 105.94
squid 415565 ( 1.30%) 158307065 ( 0.73%) 380.94
smtp 394057 ( 1.23%) 127135856 ( 0.58%) 322.63
ftp 30196 ( 0.09%) 2841698 ( 0.01%) 94.11
pop3 11738 ( 0.04%) 8220041 ( 0.04%) 700.29
imap 3196 ( 0.01%) 1780173 ( 0.01%) 557.00
telnet 446 ( 0.00%) 64595 ( 0.00%) 144.83
ssh 88651 ( 0.28%) 20430282 ( 0.09%) 230.46
dns 55258 ( 0.17%) 3795225 ( 0.02%) 68.68
bgp 154 ( 0.00%) 45323 ( 0.00%) 294.31
napster 42 ( 0.00%) 8510 ( 0.00%) 202.62
rtsp 304 ( 0.00%) 107487 ( 0.00%) 353.58
icecast 229 ( 0.00%) 16906 ( 0.00%) 73.83
hotline 7 ( 0.00%) 450 ( 0.00%) 64.29
other 3774278 ( 11.80%) 1757711876 ( 8.08%) 465.71
udp 8132656 ( 25.42%) 3776957434 ( 17.37%) 464.42
dns 753408 ( 2.35%) 131263200 ( 0.60%) 174.23
realaud 199 ( 0.00%) 16144 ( 0.00%) 81.13
halflif 93 ( 0.00%) 9262 ( 0.00%) 99.59
starcra 215 ( 0.00%) 21017 ( 0.00%) 97.75
everque 503 ( 0.00%) 82234 ( 0.00%) 163.49
unreal 131 ( 0.00%) 20467 ( 0.00%) 156.24
quake 47 ( 0.00%) 4389 ( 0.00%) 93.38
cuseeme 3 ( 0.00%) 283 ( 0.00%) 94.33
other 7377881 ( 23.06%) 3645466817 ( 16.76%) 494.11
icmp 956047 ( 2.99%) 164818020 ( 0.76%) 172.40
ipip 373 ( 0.00%) 45962 ( 0.00%) 123.22
ipsec 8243 ( 0.03%) 2931090 ( 0.01%) 355.59
ip6 2571132 ( 8.04%) 1341511241 ( 6.17%) 521.76
other 303827 ( 0.95%) 72589503 ( 0.33%) 238.92
frag 1161 ( 0.00%) 1130514 ( 0.01%) 973.74
ip6 51825 ( 0.16%) 8335408 ( 0.04%) 160.84
tcp6 16462 ( 0.05%) 1965943 ( 0.01%) 119.42
http(s) 184 ( 0.00%) 151765 ( 0.00%) 824.81
http(c) 3095 ( 0.01%) 286531 ( 0.00%) 92.58
smtp 3390 ( 0.01%) 412980 ( 0.00%) 121.82
ftp 2712 ( 0.01%) 278670 ( 0.00%) 102.75
imap 371 ( 0.00%) 43716 ( 0.00%) 117.83
ssh 1691 ( 0.01%) 149842 ( 0.00%) 88.61
dns 114 ( 0.00%) 28393 ( 0.00%) 249.06
bgp 103 ( 0.00%) 13076 ( 0.00%) 126.95
other 4802 ( 0.02%) 600970 ( 0.00%) 125.15
udp6 29035 ( 0.09%) 5583626 ( 0.03%) 192.31
dns 28407 ( 0.09%) 5476352 ( 0.03%) 192.78
other 628 ( 0.00%) 107274 ( 0.00%) 170.82
icmp6 6268 ( 0.02%) 756716 ( 0.00%) 120.73
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 30 ( 0.00%) 25043 ( 0.00%) 834.77
tcpdump file: 201004140000.dump.gz (822.05 MB)