Traffic Trace Info
DumpFile: 201004140945.dump
FileSize: 2233.69MB
Id: 201004140945
StartTime: Wed Apr 14 09:45:01 2010
EndTime: Wed Apr 14 10:00:01 2010
TotalTime: 900.27 seconds
TotalCapSize: 1744.06MB CapLen: 96 bytes
# of packets: 32087934 (20334.87MB)
AvgRate: 189.49Mbps stddev:20.18M
IP flow (unique src/dst pair) Information
# of flows: 933687 (avg. 34.37 pkts/flow)
Top 10 big flow size (bytes/total in %):
8.3% 2.5% 2.0% 1.4% 1.1% 1.1% 1.1% 0.9% 0.9% 0.9%
IP address Information
# of IPv4 addresses: 539001
Top 10 bandwidth usage (bytes/total in %):
15.7% 9.5% 9.0% 8.5% 6.1% 3.3% 3.0% 3.0% 2.9% 2.7%
# of IPv6 addresses: 956
Top 10 bandwidth usage (bytes/total in %):
25.7% 13.4% 6.0% 5.9% 5.6% 5.5% 5.4% 4.4% 3.6% 3.5%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004140945.pktlen.png)
detailed numbers
[ 32- 63]: 5346276
[ 64- 127]: 8000345
[ 128- 255]: 2554112
[ 256- 511]: 2335322
[ 512- 1023]: 1101820
[ 1024- 2047]: 12750059
Protocol Breakdown
![[protocol breakdown chart]](201004140945.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 32087934 (100.00%) 21322659552 (100.00%) 664.51
ip 32042362 ( 99.86%) 21314129093 ( 99.96%) 665.19
tcp 18670606 ( 58.19%) 14185286392 ( 66.53%) 759.77
http(s) 7202957 ( 22.45%) 9694432679 ( 45.47%) 1345.90
http(c) 5696153 ( 17.75%) 791103193 ( 3.71%) 138.88
squid 263681 ( 0.82%) 111583534 ( 0.52%) 423.18
smtp 314424 ( 0.98%) 81131945 ( 0.38%) 258.03
nntp 1 ( 0.00%) 62 ( 0.00%) 62.00
ftp 19036 ( 0.06%) 1915283 ( 0.01%) 100.61
pop3 12623 ( 0.04%) 7341284 ( 0.03%) 581.58
imap 3495 ( 0.01%) 1611650 ( 0.01%) 461.13
telnet 390 ( 0.00%) 29524 ( 0.00%) 75.70
ssh 40797 ( 0.13%) 7797748 ( 0.04%) 191.14
dns 55024 ( 0.17%) 3759214 ( 0.02%) 68.32
bgp 152 ( 0.00%) 46834 ( 0.00%) 308.12
napster 28 ( 0.00%) 3126 ( 0.00%) 111.64
realaud 2947 ( 0.01%) 195557 ( 0.00%) 66.36
rtsp 24733 ( 0.08%) 1613870 ( 0.01%) 65.25
icecast 523 ( 0.00%) 38131 ( 0.00%) 72.91
other 5033639 ( 15.69%) 3482682578 ( 16.33%) 691.88
udp 8520393 ( 26.55%) 4591577817 ( 21.53%) 538.89
dns 681152 ( 2.12%) 117405737 ( 0.55%) 172.36
realaud 40 ( 0.00%) 3938 ( 0.00%) 98.45
halflif 145 ( 0.00%) 23426 ( 0.00%) 161.56
starcra 249 ( 0.00%) 25242 ( 0.00%) 101.37
everque 555 ( 0.00%) 108705 ( 0.00%) 195.86
unreal 94 ( 0.00%) 15358 ( 0.00%) 163.38
quake 28 ( 0.00%) 2729 ( 0.00%) 97.46
cuseeme 5 ( 0.00%) 521 ( 0.00%) 104.20
other 7837462 ( 24.42%) 4473640357 ( 20.98%) 570.80
icmp 533619 ( 1.66%) 59886385 ( 0.28%) 112.23
ipip 317 ( 0.00%) 36798 ( 0.00%) 116.08
ipsec 882270 ( 2.75%) 432680196 ( 2.03%) 490.42
ip6 3429096 ( 10.69%) 2043745112 ( 9.58%) 596.00
other 6061 ( 0.02%) 916393 ( 0.00%) 151.20
frag 2610 ( 0.01%) 2706535 ( 0.01%) 1036.99
ip6 45572 ( 0.14%) 8530459 ( 0.04%) 187.19
tcp6 13053 ( 0.04%) 2634742 ( 0.01%) 201.85
http(s) 1246 ( 0.00%) 1277100 ( 0.01%) 1024.96
http(c) 2624 ( 0.01%) 241744 ( 0.00%) 92.13
smtp 445 ( 0.00%) 257898 ( 0.00%) 579.55
ftp 2677 ( 0.01%) 278348 ( 0.00%) 103.98
imap 502 ( 0.00%) 56451 ( 0.00%) 112.45
ssh 1922 ( 0.01%) 159884 ( 0.00%) 83.19
dns 40 ( 0.00%) 13870 ( 0.00%) 346.75
bgp 115 ( 0.00%) 15214 ( 0.00%) 132.30
other 3482 ( 0.01%) 334233 ( 0.00%) 95.99
udp6 26410 ( 0.08%) 5100826 ( 0.02%) 193.14
dns 26355 ( 0.08%) 5084078 ( 0.02%) 192.91
other 55 ( 0.00%) 16748 ( 0.00%) 304.51
icmp6 6008 ( 0.02%) 728531 ( 0.00%) 121.26
pim6 31 ( 0.00%) 4216 ( 0.00%) 136.00
other6 70 ( 0.00%) 62144 ( 0.00%) 887.77
tcpdump file: 201004140945.dump.gz (774.56 MB)