Traffic Trace Info
DumpFile: 201004140215.dump
FileSize: 2044.42MB
Id: 201004140215
StartTime: Wed Apr 14 02:15:00 2010
EndTime: Wed Apr 14 02:30:00 2010
TotalTime: 899.91 seconds
TotalCapSize: 1595.24MB CapLen: 96 bytes
# of packets: 29436493 (18460.22MB)
AvgRate: 172.05Mbps stddev:11.88M
IP flow (unique src/dst pair) Information
# of flows: 1594474 (avg. 18.46 pkts/flow)
Top 10 big flow size (bytes/total in %):
2.9% 2.0% 1.9% 1.6% 1.5% 1.4% 1.2% 1.1% 1.0% 0.7%
IP address Information
# of IPv4 addresses: 854300
Top 10 bandwidth usage (bytes/total in %):
18.8% 7.7% 7.0% 6.6% 5.5% 5.0% 4.9% 3.6% 3.3% 3.1%
# of IPv6 addresses: 957
Top 10 bandwidth usage (bytes/total in %):
26.6% 13.5% 6.0% 5.9% 5.9% 5.8% 4.5% 4.1% 4.0% 3.9%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004140215.pktlen.png)
detailed numbers
[ 32- 63]: 5013677
[ 64- 127]: 8041609
[ 128- 255]: 2087842
[ 256- 511]: 1878410
[ 512- 1023]: 687130
[ 1024- 2047]: 11727825
Protocol Breakdown
![[protocol breakdown chart]](201004140215.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 29436493 (100.00%) 19356940890 (100.00%) 657.58
ip 29387169 ( 99.83%) 19348714341 ( 99.96%) 658.41
tcp 17100173 ( 58.09%) 13172346172 ( 68.05%) 770.30
http(s) 7549433 ( 25.65%) 10409068389 ( 53.77%) 1378.79
http(c) 4520795 ( 15.36%) 424838288 ( 2.19%) 93.97
squid 321722 ( 1.09%) 99958760 ( 0.52%) 310.70
smtp 313633 ( 1.07%) 61191477 ( 0.32%) 195.11
ftp 21828 ( 0.07%) 1951435 ( 0.01%) 89.40
pop3 8272 ( 0.03%) 6002261 ( 0.03%) 725.61
imap 1556 ( 0.01%) 829094 ( 0.00%) 532.84
telnet 2894 ( 0.01%) 204681 ( 0.00%) 70.73
ssh 59530 ( 0.20%) 26724307 ( 0.14%) 448.92
dns 49857 ( 0.17%) 3429026 ( 0.02%) 68.78
bgp 143 ( 0.00%) 46282 ( 0.00%) 323.65
napster 3 ( 0.00%) 194 ( 0.00%) 64.67
realaud 7 ( 0.00%) 528 ( 0.00%) 75.43
rtsp 81 ( 0.00%) 5736 ( 0.00%) 70.81
icecast 467 ( 0.00%) 34564 ( 0.00%) 74.01
other 4249951 ( 14.44%) 2138061090 ( 11.05%) 503.08
udp 8358099 ( 28.39%) 4456268341 ( 23.02%) 533.17
dns 659034 ( 2.24%) 114623415 ( 0.59%) 173.93
rip 5 ( 0.00%) 409 ( 0.00%) 81.80
realaud 83 ( 0.00%) 8585 ( 0.00%) 103.43
halflif 102 ( 0.00%) 9824 ( 0.00%) 96.31
starcra 296 ( 0.00%) 29170 ( 0.00%) 98.55
everque 92323 ( 0.31%) 19918621 ( 0.10%) 215.75
unreal 131 ( 0.00%) 20562 ( 0.00%) 156.96
quake 41 ( 0.00%) 3874 ( 0.00%) 94.49
cuseeme 14 ( 0.00%) 1048 ( 0.00%) 74.86
other 7605134 ( 25.84%) 4321421872 ( 22.32%) 568.22
icmp 1033356 ( 3.51%) 162503465 ( 0.84%) 157.26
ipip 353 ( 0.00%) 43086 ( 0.00%) 122.06
ipsec 3573 ( 0.01%) 1516066 ( 0.01%) 424.31
ip6 2755580 ( 9.36%) 1507681775 ( 7.79%) 547.14
other 136035 ( 0.46%) 48355436 ( 0.25%) 355.46
frag 2980 ( 0.01%) 2669437 ( 0.01%) 895.78
ip6 49324 ( 0.17%) 8226549 ( 0.04%) 166.79
tcp6 15012 ( 0.05%) 1859651 ( 0.01%) 123.88
http(s) 76 ( 0.00%) 39406 ( 0.00%) 518.50
http(c) 5629 ( 0.02%) 787716 ( 0.00%) 139.94
smtp 167 ( 0.00%) 69949 ( 0.00%) 418.86
ftp 2734 ( 0.01%) 282334 ( 0.00%) 103.27
imap 279 ( 0.00%) 32123 ( 0.00%) 115.14
ssh 1702 ( 0.01%) 141700 ( 0.00%) 83.25
dns 233 ( 0.00%) 52341 ( 0.00%) 224.64
bgp 116 ( 0.00%) 14881 ( 0.00%) 128.28
other 4076 ( 0.01%) 439201 ( 0.00%) 107.75
udp6 28215 ( 0.10%) 5581510 ( 0.03%) 197.82
dns 27699 ( 0.09%) 5477207 ( 0.03%) 197.74
other 516 ( 0.00%) 104303 ( 0.00%) 202.14
icmp6 5999 ( 0.02%) 720198 ( 0.00%) 120.05
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 68 ( 0.00%) 61110 ( 0.00%) 898.68
tcpdump file: 201004140215.dump.gz (759.16 MB)