Traffic Trace Info
DumpFile: 201004140815.dump
FileSize: 1871.12MB
Id: 201004140815
StartTime: Wed Apr 14 08:15:01 2010
EndTime: Wed Apr 14 08:30:01 2010
TotalTime: 900.21 seconds
TotalCapSize: 1468.08MB CapLen: 96 bytes
# of packets: 26413067 (15487.72MB)
AvgRate: 144.34Mbps stddev:11.02M
IP flow (unique src/dst pair) Information
# of flows: 989328 (avg. 26.70 pkts/flow)
Top 10 big flow size (bytes/total in %):
4.8% 2.2% 2.0% 1.9% 1.8% 1.6% 1.1% 1.1% 1.0% 0.9%
IP address Information
# of IPv4 addresses: 611768
Top 10 bandwidth usage (bytes/total in %):
18.8% 14.4% 5.3% 4.9% 4.3% 3.2% 3.2% 3.1% 2.5% 2.5%
# of IPv6 addresses: 901
Top 10 bandwidth usage (bytes/total in %):
33.5% 7.5% 7.3% 7.2% 7.1% 5.1% 3.6% 3.6% 3.5% 3.2%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004140815.pktlen.png)
detailed numbers
[ 32- 63]: 3962733
[ 64- 127]: 7776591
[ 128- 255]: 2504640
[ 256- 511]: 1686811
[ 512- 1023]: 830865
[ 1024- 2047]: 9651427
Protocol Breakdown
![[protocol breakdown chart]](201004140815.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 26413067 (100.00%) 16240053422 (100.00%) 614.85
ip 26371070 ( 99.84%) 16233497942 ( 99.96%) 615.58
tcp 13979752 ( 52.93%) 9708718660 ( 59.78%) 694.48
http(s) 5003785 ( 18.94%) 6667855940 ( 41.06%) 1332.56
http(c) 3576763 ( 13.54%) 449104461 ( 2.77%) 125.56
squid 315564 ( 1.19%) 104030165 ( 0.64%) 329.66
smtp 319975 ( 1.21%) 60564184 ( 0.37%) 189.28
ftp 20383 ( 0.08%) 2091323 ( 0.01%) 102.60
pop3 15866 ( 0.06%) 12971986 ( 0.08%) 817.60
imap 1778 ( 0.01%) 700972 ( 0.00%) 394.25
telnet 1029 ( 0.00%) 85200 ( 0.00%) 82.80
ssh 911741 ( 3.45%) 172217110 ( 1.06%) 188.89
dns 64029 ( 0.24%) 4299632 ( 0.03%) 67.15
bgp 141 ( 0.00%) 42206 ( 0.00%) 299.33
napster 9 ( 0.00%) 747 ( 0.00%) 83.00
realaud 26 ( 0.00%) 2097 ( 0.00%) 80.65
rtsp 125 ( 0.00%) 28288 ( 0.00%) 226.30
icecast 279 ( 0.00%) 20755 ( 0.00%) 74.39
hotline 8 ( 0.00%) 486 ( 0.00%) 60.75
other 3748247 ( 14.19%) 2234702868 ( 13.76%) 596.20
udp 7744205 ( 29.32%) 4035995032 ( 24.85%) 521.16
dns 605996 ( 2.29%) 110433647 ( 0.68%) 182.23
realaud 38 ( 0.00%) 3925 ( 0.00%) 103.29
halflif 125 ( 0.00%) 22229 ( 0.00%) 177.83
starcra 165 ( 0.00%) 16972 ( 0.00%) 102.86
everque 432 ( 0.00%) 81209 ( 0.00%) 187.98
unreal 128 ( 0.00%) 22265 ( 0.00%) 173.95
quake 27 ( 0.00%) 2702 ( 0.00%) 100.07
cuseeme 3 ( 0.00%) 249 ( 0.00%) 83.00
other 7136652 ( 27.02%) 3925142129 ( 24.17%) 550.00
icmp 829695 ( 3.14%) 139221009 ( 0.86%) 167.80
ipip 343 ( 0.00%) 43240 ( 0.00%) 126.06
ipsec 4091 ( 0.02%) 1307046 ( 0.01%) 319.49
ip6 3801192 ( 14.39%) 2345635081 ( 14.44%) 617.08
other 11792 ( 0.04%) 2577874 ( 0.02%) 218.61
frag 2451 ( 0.01%) 2385957 ( 0.01%) 973.46
ip6 41997 ( 0.16%) 6555480 ( 0.04%) 156.09
tcp6 11229 ( 0.04%) 1246975 ( 0.01%) 111.05
http(s) 122 ( 0.00%) 115830 ( 0.00%) 949.43
http(c) 2749 ( 0.01%) 261760 ( 0.00%) 95.22
smtp 220 ( 0.00%) 77720 ( 0.00%) 353.27
ftp 2697 ( 0.01%) 278442 ( 0.00%) 103.24
imap 253 ( 0.00%) 29023 ( 0.00%) 114.72
ssh 1715 ( 0.01%) 142718 ( 0.00%) 83.22
dns 44 ( 0.00%) 12799 ( 0.00%) 290.89
bgp 105 ( 0.00%) 13160 ( 0.00%) 125.33
other 3324 ( 0.01%) 315523 ( 0.00%) 94.92
udp6 24691 ( 0.09%) 4550628 ( 0.03%) 184.30
dns 24027 ( 0.09%) 4479122 ( 0.03%) 186.42
quake 1 ( 0.00%) 108 ( 0.00%) 108.00
other 663 ( 0.00%) 71398 ( 0.00%) 107.69
icmp6 6005 ( 0.02%) 718859 ( 0.00%) 119.71
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 42 ( 0.00%) 34938 ( 0.00%) 831.86
tcpdump file: 201004140815.dump.gz (658.51 MB)