Traffic Trace Info
DumpFile: 201004140430.dump
FileSize: 1769.69MB
Id: 201004140430
StartTime: Wed Apr 14 04:30:01 2010
EndTime: Wed Apr 14 04:45:01 2010
TotalTime: 899.93 seconds
TotalCapSize: 1377.16MB CapLen: 96 bytes
# of packets: 25724118 (15927.32MB)
AvgRate: 148.46Mbps stddev:10.73M
IP flow (unique src/dst pair) Information
# of flows: 1158803 (avg. 22.20 pkts/flow)
Top 10 big flow size (bytes/total in %):
2.8% 1.2% 1.1% 0.9% 0.8% 0.7% 0.7% 0.6% 0.6% 0.6%
IP address Information
# of IPv4 addresses: 639762
Top 10 bandwidth usage (bytes/total in %):
25.7% 8.5% 8.0% 6.5% 5.9% 5.9% 3.3% 3.2% 3.0% 3.0%
# of IPv6 addresses: 964
Top 10 bandwidth usage (bytes/total in %):
25.8% 6.9% 5.8% 5.7% 5.6% 4.9% 4.2% 4.0% 4.0% 4.0%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004140430.pktlen.png)
detailed numbers
[ 32- 63]: 3953043
[ 64- 127]: 7205397
[ 128- 255]: 1979135
[ 256- 511]: 1676145
[ 512- 1023]: 792660
[ 1024- 2047]: 10117738
Protocol Breakdown
![[protocol breakdown chart]](201004140430.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 25724118 (100.00%) 16701007884 (100.00%) 649.24
ip 25672177 ( 99.80%) 16692506752 ( 99.95%) 650.22
tcp 13225590 ( 51.41%) 9870904449 ( 59.10%) 746.35
http(s) 5486508 ( 21.33%) 7561212887 ( 45.27%) 1378.15
http(c) 2910870 ( 11.32%) 284407241 ( 1.70%) 97.71
squid 306733 ( 1.19%) 94064387 ( 0.56%) 306.67
smtp 436901 ( 1.70%) 64894809 ( 0.39%) 148.53
nntp 1 ( 0.00%) 60 ( 0.00%) 60.00
ftp 17042 ( 0.07%) 1554187 ( 0.01%) 91.20
pop3 8444 ( 0.03%) 6985087 ( 0.04%) 827.22
imap 460 ( 0.00%) 49767 ( 0.00%) 108.19
telnet 2273 ( 0.01%) 182165 ( 0.00%) 80.14
ssh 238043 ( 0.93%) 28668142 ( 0.17%) 120.43
dns 54962 ( 0.21%) 3816731 ( 0.02%) 69.44
bgp 150 ( 0.00%) 51479 ( 0.00%) 343.19
napster 112 ( 0.00%) 8366 ( 0.00%) 74.70
realaud 8 ( 0.00%) 942 ( 0.00%) 117.75
rtsp 99 ( 0.00%) 6734 ( 0.00%) 68.02
icecast 231 ( 0.00%) 15240 ( 0.00%) 65.97
other 3762743 ( 14.63%) 1824985625 ( 10.93%) 485.01
udp 8941823 ( 34.76%) 5224662581 ( 31.28%) 584.30
dns 820331 ( 3.19%) 167202147 ( 1.00%) 203.82
realaud 47 ( 0.00%) 6842 ( 0.00%) 145.57
halflif 89 ( 0.00%) 9357 ( 0.00%) 105.13
starcra 327 ( 0.00%) 30136 ( 0.00%) 92.16
everque 465 ( 0.00%) 75998 ( 0.00%) 163.44
unreal 102 ( 0.00%) 16133 ( 0.00%) 158.17
quake 48 ( 0.00%) 4102 ( 0.00%) 85.46
cuseeme 9 ( 0.00%) 1066 ( 0.00%) 118.44
other 8119476 ( 31.56%) 5056623199 ( 30.28%) 622.78
icmp 949831 ( 3.69%) 164456658 ( 0.98%) 173.14
ipip 342 ( 0.00%) 39794 ( 0.00%) 116.36
ipsec 1770 ( 0.01%) 641836 ( 0.00%) 362.62
ip6 2531552 ( 9.84%) 1423965771 ( 8.53%) 562.49
other 21269 ( 0.08%) 7835663 ( 0.05%) 368.41
frag 17853 ( 0.07%) 22085193 ( 0.13%) 1237.06
ip6 51941 ( 0.20%) 8501132 ( 0.05%) 163.67
tcp6 16634 ( 0.06%) 1782105 ( 0.01%) 107.14
http(s) 53 ( 0.00%) 24620 ( 0.00%) 464.53
http(c) 7329 ( 0.03%) 685180 ( 0.00%) 93.49
smtp 259 ( 0.00%) 115380 ( 0.00%) 445.48
ftp 2745 ( 0.01%) 284124 ( 0.00%) 103.51
imap 352 ( 0.00%) 41492 ( 0.00%) 117.88
ssh 1605 ( 0.01%) 133282 ( 0.00%) 83.04
dns 166 ( 0.00%) 49113 ( 0.00%) 295.86
bgp 108 ( 0.00%) 14046 ( 0.00%) 130.06
other 4017 ( 0.02%) 434868 ( 0.00%) 108.26
udp6 29120 ( 0.11%) 5860960 ( 0.04%) 201.27
dns 28793 ( 0.11%) 5797319 ( 0.03%) 201.34
realaud 1 ( 0.00%) 111 ( 0.00%) 111.00
other 326 ( 0.00%) 63530 ( 0.00%) 194.88
icmp6 6046 ( 0.02%) 744401 ( 0.00%) 123.12
pim6 31 ( 0.00%) 4216 ( 0.00%) 136.00
other6 110 ( 0.00%) 109450 ( 0.00%) 995.00
tcpdump file: 201004140430.dump.gz (664.25 MB)