Traffic Trace Info
DumpFile: 201004140800.dump
FileSize: 1801.63MB
Id: 201004140800
StartTime: Wed Apr 14 08:00:01 2010
EndTime: Wed Apr 14 08:15:01 2010
TotalTime: 899.75 seconds
TotalCapSize: 1412.60MB CapLen: 96 bytes
# of packets: 25495224 (15600.58MB)
AvgRate: 145.44Mbps stddev:13.59M
IP flow (unique src/dst pair) Information
# of flows: 869320 (avg. 29.33 pkts/flow)
Top 10 big flow size (bytes/total in %):
5.3% 2.8% 2.5% 1.9% 1.9% 1.7% 1.3% 1.2% 0.7% 0.7%
IP address Information
# of IPv4 addresses: 525514
Top 10 bandwidth usage (bytes/total in %):
20.5% 14.5% 5.8% 5.4% 4.4% 3.7% 3.4% 3.2% 2.8% 2.6%
# of IPv6 addresses: 902
Top 10 bandwidth usage (bytes/total in %):
32.7% 7.1% 7.0% 6.9% 6.5% 4.7% 3.9% 3.7% 3.5% 3.5%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004140800.pktlen.png)
detailed numbers
[ 32- 63]: 3504244
[ 64- 127]: 6979742
[ 128- 255]: 2718047
[ 256- 511]: 1738381
[ 512- 1023]: 716805
[ 1024- 2047]: 9838005
Protocol Breakdown
![[protocol breakdown chart]](201004140800.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 25495224 (100.00%) 16358390243 (100.00%) 641.63
ip 25452507 ( 99.83%) 16351683039 ( 99.96%) 642.44
tcp 12681190 ( 49.74%) 9586537153 ( 58.60%) 755.97
http(s) 4751393 ( 18.64%) 6415682913 ( 39.22%) 1350.27
http(c) 3028175 ( 11.88%) 407586269 ( 2.49%) 134.60
squid 311898 ( 1.22%) 100359709 ( 0.61%) 321.77
smtp 311131 ( 1.22%) 87586064 ( 0.54%) 281.51
ftp 15468 ( 0.06%) 1452125 ( 0.01%) 93.88
pop3 10623 ( 0.04%) 6785900 ( 0.04%) 638.79
imap 2820 ( 0.01%) 1670299 ( 0.01%) 592.30
telnet 983 ( 0.00%) 98425 ( 0.00%) 100.13
ssh 265150 ( 1.04%) 48415740 ( 0.30%) 182.60
dns 56519 ( 0.22%) 6336113 ( 0.04%) 112.11
bgp 147 ( 0.00%) 49015 ( 0.00%) 333.44
napster 23 ( 0.00%) 2485 ( 0.00%) 108.04
realaud 10 ( 0.00%) 1031 ( 0.00%) 103.10
rtsp 102 ( 0.00%) 21148 ( 0.00%) 207.33
icecast 273 ( 0.00%) 21096 ( 0.00%) 77.27
hotline 11 ( 0.00%) 954 ( 0.00%) 86.73
other 3926461 ( 15.40%) 2510467687 ( 15.35%) 639.37
udp 7920266 ( 31.07%) 4205646333 ( 25.71%) 531.00
dns 596163 ( 2.34%) 107935016 ( 0.66%) 181.05
realaud 90 ( 0.00%) 6973 ( 0.00%) 77.48
halflif 172 ( 0.00%) 28673 ( 0.00%) 166.70
starcra 243 ( 0.00%) 24586 ( 0.00%) 101.18
everque 407 ( 0.00%) 87038 ( 0.00%) 213.85
unreal 103 ( 0.00%) 20139 ( 0.00%) 195.52
quake 16 ( 0.00%) 1647 ( 0.00%) 102.94
cuseeme 6 ( 0.00%) 839 ( 0.00%) 139.83
other 7322409 ( 28.72%) 4097165748 ( 25.05%) 559.54
icmp 995478 ( 3.90%) 168411533 ( 1.03%) 169.18
ipip 340 ( 0.00%) 40012 ( 0.00%) 117.68
ipsec 3557 ( 0.01%) 1346962 ( 0.01%) 378.68
ip6 3839608 ( 15.06%) 2387435626 ( 14.59%) 621.79
other 12068 ( 0.05%) 2265420 ( 0.01%) 187.72
frag 3817 ( 0.01%) 4338386 ( 0.03%) 1136.60
ip6 42717 ( 0.17%) 6707204 ( 0.04%) 157.01
tcp6 11486 ( 0.05%) 1206510 ( 0.01%) 105.04
http(s) 89 ( 0.00%) 66928 ( 0.00%) 752.00
http(c) 3046 ( 0.01%) 277765 ( 0.00%) 91.19
smtp 171 ( 0.00%) 69227 ( 0.00%) 404.84
ftp 2663 ( 0.01%) 273946 ( 0.00%) 102.87
imap 504 ( 0.00%) 54961 ( 0.00%) 109.05
ssh 1582 ( 0.01%) 131376 ( 0.00%) 83.04
dns 37 ( 0.00%) 7769 ( 0.00%) 209.97
bgp 129 ( 0.00%) 18545 ( 0.00%) 143.76
other 3265 ( 0.01%) 305993 ( 0.00%) 93.72
udp6 25094 ( 0.10%) 4704525 ( 0.03%) 187.48
dns 24914 ( 0.10%) 4675012 ( 0.03%) 187.65
other 180 ( 0.00%) 29513 ( 0.00%) 163.96
icmp6 6030 ( 0.02%) 728787 ( 0.00%) 120.86
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 77 ( 0.00%) 63302 ( 0.00%) 822.10
tcpdump file: 201004140800.dump.gz (630.87 MB)