Traffic Trace Info
DumpFile: 201004140200.dump
FileSize: 2375.97MB
Id: 201004140200
StartTime: Wed Apr 14 02:00:01 2010
EndTime: Wed Apr 14 02:15:00 2010
TotalTime: 899.47 seconds
TotalCapSize: 1855.42MB CapLen: 96 bytes
# of packets: 34113717 (22328.70MB)
AvgRate: 208.24Mbps stddev:19.82M
IP flow (unique src/dst pair) Information
# of flows: 1294064 (avg. 26.36 pkts/flow)
Top 10 big flow size (bytes/total in %):
3.4% 1.8% 1.7% 1.3% 1.2% 1.1% 1.0% 0.9% 0.9% 0.9%
IP address Information
# of IPv4 addresses: 720470
Top 10 bandwidth usage (bytes/total in %):
15.6% 10.3% 6.6% 6.4% 5.8% 5.6% 5.3% 4.6% 3.6% 2.7%
# of IPv6 addresses: 949
Top 10 bandwidth usage (bytes/total in %):
25.9% 11.7% 7.8% 5.7% 5.5% 5.2% 4.3% 4.3% 4.2% 3.8%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004140200.pktlen.png)
detailed numbers
[ 32- 63]: 5435595
[ 64- 127]: 9749373
[ 128- 255]: 2002333
[ 256- 511]: 1819629
[ 512- 1023]: 709438
[ 1024- 2047]: 14397349
Protocol Breakdown
![[protocol breakdown chart]](201004140200.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 34113717 (100.00%) 23413338634 (100.00%) 686.33
ip 34058805 ( 99.84%) 23404874126 ( 99.96%) 687.19
tcp 20694740 ( 60.66%) 16577317169 ( 70.80%) 801.04
http(s) 10129346 ( 29.69%) 14359379541 ( 61.33%) 1417.60
http(c) 6330663 ( 18.56%) 556453540 ( 2.38%) 87.90
squid 351642 ( 1.03%) 123470366 ( 0.53%) 351.13
smtp 311852 ( 0.91%) 52942619 ( 0.23%) 169.77
ftp 23821 ( 0.07%) 2166498 ( 0.01%) 90.95
pop3 7327 ( 0.02%) 4996480 ( 0.02%) 681.93
imap 5568 ( 0.02%) 4499154 ( 0.02%) 808.04
telnet 2301 ( 0.01%) 182445 ( 0.00%) 79.29
ssh 15640 ( 0.05%) 2558782 ( 0.01%) 163.60
dns 51684 ( 0.15%) 3542210 ( 0.02%) 68.54
bgp 163 ( 0.00%) 51728 ( 0.00%) 317.35
napster 141 ( 0.00%) 12390 ( 0.00%) 87.87
realaud 13 ( 0.00%) 918 ( 0.00%) 70.62
rtsp 72 ( 0.00%) 5060 ( 0.00%) 70.28
icecast 327 ( 0.00%) 20516 ( 0.00%) 62.74
hotline 1 ( 0.00%) 62 ( 0.00%) 62.00
other 3464178 ( 10.15%) 1467034800 ( 6.27%) 423.49
udp 9148350 ( 26.82%) 5033601511 ( 21.50%) 550.22
dns 671562 ( 1.97%) 116343339 ( 0.50%) 173.24
rip 2 ( 0.00%) 218 ( 0.00%) 109.00
realaud 73 ( 0.00%) 8358 ( 0.00%) 114.49
halflif 94 ( 0.00%) 9260 ( 0.00%) 98.51
starcra 185 ( 0.00%) 19133 ( 0.00%) 103.42
everque 123006 ( 0.36%) 27448910 ( 0.12%) 223.15
unreal 115 ( 0.00%) 16778 ( 0.00%) 145.90
quake 45 ( 0.00%) 4039 ( 0.00%) 89.76
cuseeme 2 ( 0.00%) 171 ( 0.00%) 85.50
other 8352805 ( 24.49%) 4889546961 ( 20.88%) 585.38
icmp 1045227 ( 3.06%) 171198528 ( 0.73%) 163.79
ipip 337 ( 0.00%) 39896 ( 0.00%) 118.39
ipsec 4301 ( 0.01%) 1883822 ( 0.01%) 438.00
ip6 2852908 ( 8.36%) 1562762208 ( 6.67%) 547.78
other 312942 ( 0.92%) 58070992 ( 0.25%) 185.56
frag 2098 ( 0.01%) 2048902 ( 0.01%) 976.60
ip6 54912 ( 0.16%) 8464508 ( 0.04%) 154.15
tcp6 20703 ( 0.06%) 2267304 ( 0.01%) 109.52
http(s) 191 ( 0.00%) 166621 ( 0.00%) 872.36
http(c) 11120 ( 0.03%) 1039547 ( 0.00%) 93.48
smtp 287 ( 0.00%) 101727 ( 0.00%) 354.45
ftp 2677 ( 0.01%) 277277 ( 0.00%) 103.58
imap 377 ( 0.00%) 43733 ( 0.00%) 116.00
ssh 1589 ( 0.00%) 131954 ( 0.00%) 83.04
dns 121 ( 0.00%) 27913 ( 0.00%) 230.69
bgp 102 ( 0.00%) 12720 ( 0.00%) 124.71
other 4239 ( 0.01%) 465812 ( 0.00%) 109.89
udp6 27994 ( 0.08%) 5398137 ( 0.02%) 192.83
dns 27340 ( 0.08%) 5284280 ( 0.02%) 193.28
quake 1 ( 0.00%) 116 ( 0.00%) 116.00
other 653 ( 0.00%) 113741 ( 0.00%) 174.18
icmp6 6124 ( 0.02%) 738390 ( 0.00%) 120.57
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 61 ( 0.00%) 56597 ( 0.00%) 927.82
tcpdump file: 201004140200.dump.gz (868.53 MB)