Traffic Trace Info
DumpFile: 201004140345.dump
FileSize: 1923.65MB
Id: 201004140345
StartTime: Wed Apr 14 03:45:00 2010
EndTime: Wed Apr 14 04:00:01 2010
TotalTime: 900.79 seconds
TotalCapSize: 1502.73MB CapLen: 96 bytes
# of packets: 27585128 (17755.70MB)
AvgRate: 165.54Mbps stddev:12.81M
IP flow (unique src/dst pair) Information
# of flows: 1093745 (avg. 25.22 pkts/flow)
Top 10 big flow size (bytes/total in %):
2.3% 1.4% 0.9% 0.9% 0.7% 0.7% 0.5% 0.5% 0.5% 0.5%
IP address Information
# of IPv4 addresses: 609620
Top 10 bandwidth usage (bytes/total in %):
21.8% 8.8% 8.4% 7.4% 6.8% 6.3% 4.4% 3.8% 3.2% 2.8%
# of IPv6 addresses: 912
Top 10 bandwidth usage (bytes/total in %):
29.1% 11.9% 6.4% 6.4% 6.3% 5.5% 4.9% 4.4% 3.1% 3.1%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004140345.pktlen.png)
detailed numbers
[ 32- 63]: 4259822
[ 64- 127]: 7239051
[ 128- 255]: 2238935
[ 256- 511]: 1748014
[ 512- 1023]: 759252
[ 1024- 2047]: 11340054
Protocol Breakdown
![[protocol breakdown chart]](201004140345.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 27585128 (100.00%) 18618200602 (100.00%) 674.94
ip 27539062 ( 99.83%) 18610678667 ( 99.96%) 675.79
tcp 15339712 ( 55.61%) 12201078836 ( 65.53%) 795.39
http(s) 6948682 ( 25.19%) 9663159598 ( 51.90%) 1390.65
http(c) 3639185 ( 13.19%) 330770587 ( 1.78%) 90.89
squid 277825 ( 1.01%) 93615836 ( 0.50%) 336.96
smtp 294377 ( 1.07%) 43482018 ( 0.23%) 147.71
ftp 20212 ( 0.07%) 1783861 ( 0.01%) 88.26
pop3 6572 ( 0.02%) 4627191 ( 0.02%) 704.08
imap 593 ( 0.00%) 116319 ( 0.00%) 196.15
telnet 10934 ( 0.04%) 688020 ( 0.00%) 62.92
ssh 44409 ( 0.16%) 6497540 ( 0.03%) 146.31
dns 233838 ( 0.85%) 275255001 ( 1.48%) 1177.12
bgp 165 ( 0.00%) 51946 ( 0.00%) 314.82
napster 674 ( 0.00%) 499105 ( 0.00%) 740.51
rtsp 76 ( 0.00%) 5320 ( 0.00%) 70.00
icecast 206 ( 0.00%) 13076 ( 0.00%) 63.48
hotline 2 ( 0.00%) 132 ( 0.00%) 66.00
other 3861959 ( 14.00%) 1780513106 ( 9.56%) 461.04
udp 8237299 ( 29.86%) 4560432007 ( 24.49%) 553.63
dns 645410 ( 2.34%) 114758175 ( 0.62%) 177.81
rip 11 ( 0.00%) 859 ( 0.00%) 78.09
realaud 43 ( 0.00%) 5070 ( 0.00%) 117.91
halflif 103 ( 0.00%) 10869 ( 0.00%) 105.52
starcra 322 ( 0.00%) 32343 ( 0.00%) 100.44
everque 322 ( 0.00%) 61398 ( 0.00%) 190.68
unreal 142 ( 0.00%) 17221 ( 0.00%) 121.27
quake 57 ( 0.00%) 8551 ( 0.00%) 150.02
cuseeme 9 ( 0.00%) 1026 ( 0.00%) 114.00
other 7590205 ( 27.52%) 4445167560 ( 23.88%) 585.65
icmp 1137153 ( 4.12%) 178277935 ( 0.96%) 156.78
ipip 363 ( 0.00%) 46234 ( 0.00%) 127.37
ipsec 3309 ( 0.01%) 1111794 ( 0.01%) 335.99
ip6 2788283 ( 10.11%) 1645515108 ( 8.84%) 590.15
other 32943 ( 0.12%) 24216753 ( 0.13%) 735.11
frag 2875 ( 0.01%) 2965952 ( 0.02%) 1031.64
ip6 46066 ( 0.17%) 7521935 ( 0.04%) 163.29
tcp6 12774 ( 0.05%) 1516089 ( 0.01%) 118.69
http(s) 227 ( 0.00%) 199772 ( 0.00%) 880.05
http(c) 3479 ( 0.01%) 311626 ( 0.00%) 89.57
smtp 160 ( 0.00%) 66398 ( 0.00%) 414.99
ftp 2739 ( 0.01%) 284452 ( 0.00%) 103.85
imap 254 ( 0.00%) 29252 ( 0.00%) 115.17
ssh 1714 ( 0.01%) 142684 ( 0.00%) 83.25
dns 159 ( 0.00%) 40107 ( 0.00%) 252.25
bgp 107 ( 0.00%) 14597 ( 0.00%) 136.42
other 3935 ( 0.01%) 427201 ( 0.00%) 108.56
udp6 26905 ( 0.10%) 5161891 ( 0.03%) 191.86
dns 26622 ( 0.10%) 5090743 ( 0.03%) 191.22
realaud 1 ( 0.00%) 118 ( 0.00%) 118.00
other 282 ( 0.00%) 71030 ( 0.00%) 251.88
icmp6 6267 ( 0.02%) 755550 ( 0.00%) 120.56
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 90 ( 0.00%) 84325 ( 0.00%) 936.94
tcpdump file: 201004140345.dump.gz (711.82 MB)