Traffic Trace Info
DumpFile: 201004140030.dump
FileSize: 2176.88MB
Id: 201004140030
StartTime: Wed Apr 14 00:30:01 2010
EndTime: Wed Apr 14 00:45:00 2010
TotalTime: 899.08 seconds
TotalCapSize: 1699.39MB CapLen: 96 bytes
# of packets: 31291148 (19901.53MB)
AvgRate: 185.67Mbps stddev:15.72M
IP flow (unique src/dst pair) Information
# of flows: 1133470 (avg. 27.61 pkts/flow)
Top 10 big flow size (bytes/total in %):
4.0% 2.4% 2.2% 1.1% 1.0% 0.9% 0.7% 0.6% 0.6% 0.5%
IP address Information
# of IPv4 addresses: 642265
Top 10 bandwidth usage (bytes/total in %):
15.1% 7.2% 6.9% 6.3% 6.1% 5.7% 4.1% 4.1% 3.9% 3.3%
# of IPv6 addresses: 988
Top 10 bandwidth usage (bytes/total in %):
20.3% 16.4% 8.6% 6.8% 4.9% 4.7% 4.6% 4.4% 4.2% 3.9%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004140030.pktlen.png)
detailed numbers
[ 32- 63]: 5413739
[ 64- 127]: 8626779
[ 128- 255]: 2147647
[ 256- 511]: 1740902
[ 512- 1023]: 685831
[ 1024- 2047]: 12676250
Protocol Breakdown
![[protocol breakdown chart]](201004140030.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 31291148 (100.00%) 20868270263 (100.00%) 666.91
ip 31235413 ( 99.82%) 20857474710 ( 99.95%) 667.75
tcp 19140860 ( 61.17%) 15250215241 ( 73.08%) 796.74
http(s) 9164874 ( 29.29%) 12701420634 ( 60.86%) 1385.88
http(c) 5334683 ( 17.05%) 519960249 ( 2.49%) 97.47
squid 405613 ( 1.30%) 159045286 ( 0.76%) 392.11
smtp 354120 ( 1.13%) 92143554 ( 0.44%) 260.20
ftp 30394 ( 0.10%) 2899425 ( 0.01%) 95.39
pop3 18849 ( 0.06%) 16892076 ( 0.08%) 896.18
imap 524432 ( 1.68%) 510448492 ( 2.45%) 973.34
telnet 3943 ( 0.01%) 2703099 ( 0.01%) 685.54
ssh 31185 ( 0.10%) 6207643 ( 0.03%) 199.06
dns 56707 ( 0.18%) 4853586 ( 0.02%) 85.59
bgp 141 ( 0.00%) 47570 ( 0.00%) 337.38
napster 24 ( 0.00%) 2322 ( 0.00%) 96.75
realaud 13 ( 0.00%) 1927 ( 0.00%) 148.23
rtsp 92 ( 0.00%) 14271 ( 0.00%) 155.12
icecast 617 ( 0.00%) 44663 ( 0.00%) 72.39
hotline 20 ( 0.00%) 1522 ( 0.00%) 76.10
other 3215147 ( 10.27%) 1233528562 ( 5.91%) 383.66
udp 8093100 ( 25.86%) 3926655369 ( 18.82%) 485.19
dns 726552 ( 2.32%) 125391859 ( 0.60%) 172.58
rip 4 ( 0.00%) 300 ( 0.00%) 75.00
realaud 38 ( 0.00%) 3476 ( 0.00%) 91.47
halflif 79 ( 0.00%) 8227 ( 0.00%) 104.14
starcra 187 ( 0.00%) 18719 ( 0.00%) 100.10
everque 485 ( 0.00%) 97748 ( 0.00%) 201.54
unreal 107 ( 0.00%) 16841 ( 0.00%) 157.39
quake 52 ( 0.00%) 4656 ( 0.00%) 89.54
cuseeme 5 ( 0.00%) 479 ( 0.00%) 95.80
other 7365489 ( 23.54%) 3801028429 ( 18.21%) 516.06
icmp 954558 ( 3.05%) 163687147 ( 0.78%) 171.48
ipip 386 ( 0.00%) 47284 ( 0.00%) 122.50
ipsec 1639 ( 0.01%) 546714 ( 0.00%) 333.57
ip6 2713447 ( 8.67%) 1460227070 ( 7.00%) 538.14
other 331423 ( 1.06%) 56095885 ( 0.27%) 169.26
frag 966 ( 0.00%) 1101072 ( 0.01%) 1139.83
ip6 55735 ( 0.18%) 10795553 ( 0.05%) 193.69
tcp6 19715 ( 0.06%) 4219414 ( 0.02%) 214.02
http(s) 449 ( 0.00%) 552333 ( 0.00%) 1230.14
http(c) 3322 ( 0.01%) 328870 ( 0.00%) 99.00
smtp 5824 ( 0.02%) 1544887 ( 0.01%) 265.26
ftp 2681 ( 0.01%) 279475 ( 0.00%) 104.24
imap 417 ( 0.00%) 48595 ( 0.00%) 116.53
ssh 1598 ( 0.01%) 132740 ( 0.00%) 83.07
dns 114 ( 0.00%) 38642 ( 0.00%) 338.96
bgp 107 ( 0.00%) 13548 ( 0.00%) 126.62
other 5203 ( 0.02%) 1280324 ( 0.01%) 246.07
udp6 29812 ( 0.10%) 5784988 ( 0.03%) 194.05
dns 29073 ( 0.09%) 5659466 ( 0.03%) 194.66
quake 1 ( 0.00%) 111 ( 0.00%) 111.00
other 738 ( 0.00%) 125411 ( 0.00%) 169.93
icmp6 6129 ( 0.02%) 743905 ( 0.00%) 121.37
pim6 31 ( 0.00%) 4216 ( 0.00%) 136.00
other6 48 ( 0.00%) 43030 ( 0.00%) 896.46
tcpdump file: 201004140030.dump.gz (809.58 MB)