Traffic Trace Info
DumpFile: 201004141000.dump
FileSize: 2205.79MB
Id: 201004141000
StartTime: Wed Apr 14 10:00:01 2010
EndTime: Wed Apr 14 10:15:00 2010
TotalTime: 899.41 seconds
TotalCapSize: 1725.14MB CapLen: 96 bytes
# of packets: 31499750 (19975.07MB)
AvgRate: 186.26Mbps stddev:21.02M
IP flow (unique src/dst pair) Information
# of flows: 920634 (avg. 34.22 pkts/flow)
Top 10 big flow size (bytes/total in %):
10.4% 2.3% 2.0% 1.6% 1.4% 1.3% 1.2% 1.0% 1.0% 0.9%
IP address Information
# of IPv4 addresses: 523281
Top 10 bandwidth usage (bytes/total in %):
15.5% 11.2% 10.7% 9.7% 3.2% 3.2% 3.1% 2.8% 2.6% 2.5%
# of IPv6 addresses: 994
Top 10 bandwidth usage (bytes/total in %):
46.0% 13.9% 8.1% 5.6% 4.7% 4.4% 4.1% 4.1% 4.1% 3.8%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004141000.pktlen.png)
detailed numbers
[ 32- 63]: 4829281
[ 64- 127]: 8221330
[ 128- 255]: 2537856
[ 256- 511]: 2292748
[ 512- 1023]: 1098726
[ 1024- 2047]: 12519809
Protocol Breakdown
![[protocol breakdown chart]](201004141000.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 31499750 (100.00%) 20945383449 (100.00%) 664.94
ip 31444405 ( 99.82%) 20929676237 ( 99.93%) 665.61
tcp 18119036 ( 57.52%) 13827861671 ( 66.02%) 763.17
http(s) 6741578 ( 21.40%) 8906000432 ( 42.52%) 1321.06
http(c) 5189282 ( 16.47%) 715143228 ( 3.41%) 137.81
squid 255487 ( 0.81%) 97023773 ( 0.46%) 379.76
smtp 296285 ( 0.94%) 77058505 ( 0.37%) 260.08
ftp 23447 ( 0.07%) 2278342 ( 0.01%) 97.17
pop3 13164 ( 0.04%) 6485359 ( 0.03%) 492.66
imap 6534 ( 0.02%) 2936236 ( 0.01%) 449.38
telnet 93 ( 0.00%) 10133 ( 0.00%) 108.96
ssh 27588 ( 0.09%) 4648946 ( 0.02%) 168.51
dns 54390 ( 0.17%) 3778906 ( 0.02%) 69.48
bgp 134 ( 0.00%) 43929 ( 0.00%) 327.83
napster 262 ( 0.00%) 30682 ( 0.00%) 117.11
realaud 17 ( 0.00%) 4120 ( 0.00%) 242.35
rtsp 98832 ( 0.31%) 6232122 ( 0.03%) 63.06
icecast 8296 ( 0.03%) 567134 ( 0.00%) 68.36
hotline 135 ( 0.00%) 9252 ( 0.00%) 68.53
other 5403504 ( 17.15%) 4005610092 ( 19.12%) 741.30
udp 8450680 ( 26.83%) 4515494231 ( 21.56%) 534.34
dns 683981 ( 2.17%) 117660636 ( 0.56%) 172.02
realaud 39 ( 0.00%) 4442 ( 0.00%) 113.90
halflif 171 ( 0.00%) 26254 ( 0.00%) 153.53
starcra 173 ( 0.00%) 18626 ( 0.00%) 107.66
everque 592 ( 0.00%) 111539 ( 0.00%) 188.41
unreal 143 ( 0.00%) 23986 ( 0.00%) 167.73
quake 35 ( 0.00%) 3467 ( 0.00%) 99.06
cuseeme 2 ( 0.00%) 199 ( 0.00%) 99.50
other 7764951 ( 24.65%) 4397379644 ( 20.99%) 566.31
icmp 530648 ( 1.68%) 68850496 ( 0.33%) 129.75
ipip 356 ( 0.00%) 45646 ( 0.00%) 128.22
ipsec 875505 ( 2.78%) 429457372 ( 2.05%) 490.53
ip6 3462323 ( 10.99%) 2087077619 ( 9.96%) 602.80
other 5857 ( 0.02%) 889202 ( 0.00%) 151.82
frag 2109 ( 0.01%) 2066840 ( 0.01%) 980.01
ip6 55345 ( 0.18%) 15707212 ( 0.07%) 283.81
tcp6 21928 ( 0.07%) 9593751 ( 0.05%) 437.51
http(s) 7301 ( 0.02%) 8103271 ( 0.04%) 1109.89
http(c) 4163 ( 0.01%) 373857 ( 0.00%) 89.80
smtp 328 ( 0.00%) 123384 ( 0.00%) 376.17
ftp 2678 ( 0.01%) 278801 ( 0.00%) 104.11
imap 398 ( 0.00%) 46326 ( 0.00%) 116.40
ssh 3236 ( 0.01%) 272808 ( 0.00%) 84.30
dns 127 ( 0.00%) 28720 ( 0.00%) 226.14
bgp 128 ( 0.00%) 24497 ( 0.00%) 191.38
other 3569 ( 0.01%) 342087 ( 0.00%) 95.85
udp6 27235 ( 0.09%) 5291236 ( 0.03%) 194.28
dns 27046 ( 0.09%) 5260357 ( 0.03%) 194.50
other 189 ( 0.00%) 30879 ( 0.00%) 163.38
icmp6 6060 ( 0.02%) 738538 ( 0.00%) 121.87
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 92 ( 0.00%) 79607 ( 0.00%) 865.29
tcpdump file: 201004141000.dump.gz (762.13 MB)