Traffic Trace Info
DumpFile: 201004141045.dump
FileSize: 2281.41MB
Id: 201004141045
StartTime: Wed Apr 14 10:45:01 2010
EndTime: Wed Apr 14 11:00:00 2010
TotalTime: 899.25 seconds
TotalCapSize: 1784.17MB CapLen: 96 bytes
# of packets: 32586336 (19901.54MB)
AvgRate: 185.63Mbps stddev:15.02M
IP flow (unique src/dst pair) Information
# of flows: 895342 (avg. 36.40 pkts/flow)
Top 10 big flow size (bytes/total in %):
12.5% 2.2% 1.2% 1.2% 0.8% 0.8% 0.8% 0.8% 0.8% 0.7%
IP address Information
# of IPv4 addresses: 501112
Top 10 bandwidth usage (bytes/total in %):
16.3% 13.4% 12.9% 8.8% 3.3% 3.3% 3.1% 2.9% 2.9% 2.8%
# of IPv6 addresses: 996
Top 10 bandwidth usage (bytes/total in %):
25.7% 6.9% 6.6% 5.6% 5.6% 5.0% 4.1% 4.1% 4.1% 4.0%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004141045.pktlen.png)
detailed numbers
[ 32- 63]: 4413503
[ 64- 127]: 9541653
[ 128- 255]: 3165777
[ 256- 511]: 2170783
[ 512- 1023]: 781739
[ 1024- 2047]: 12512881
Protocol Breakdown
![[protocol breakdown chart]](201004141045.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 32586336 (100.00%) 20868274079 (100.00%) 640.40
ip 32539421 ( 99.86%) 20859839873 ( 99.96%) 641.06
tcp 17904630 ( 54.95%) 13475279595 ( 64.57%) 752.61
http(s) 6329236 ( 19.42%) 8317689907 ( 39.86%) 1314.17
http(c) 4920224 ( 15.10%) 666168941 ( 3.19%) 135.39
squid 218257 ( 0.67%) 66403607 ( 0.32%) 304.25
smtp 272241 ( 0.84%) 69271474 ( 0.33%) 254.45
ftp 28764 ( 0.09%) 5363157 ( 0.03%) 186.45
pop3 22316 ( 0.07%) 17059456 ( 0.08%) 764.45
imap 4892 ( 0.02%) 2196178 ( 0.01%) 448.93
telnet 1093 ( 0.00%) 76701 ( 0.00%) 70.17
ssh 183473 ( 0.56%) 20694225 ( 0.10%) 112.79
dns 56869 ( 0.17%) 6865520 ( 0.03%) 120.73
bgp 136 ( 0.00%) 44112 ( 0.00%) 324.35
napster 32 ( 0.00%) 4761 ( 0.00%) 148.78
realaud 7051 ( 0.02%) 10669688 ( 0.05%) 1513.22
rtsp 36559 ( 0.11%) 2305165 ( 0.01%) 63.05
icecast 10153 ( 0.03%) 705152 ( 0.00%) 69.45
hotline 2 ( 0.00%) 122 ( 0.00%) 61.00
other 5813323 ( 17.84%) 4289759485 ( 20.56%) 737.92
udp 10469368 ( 32.13%) 5423135300 ( 25.99%) 518.00
dns 741066 ( 2.27%) 151338024 ( 0.73%) 204.22
realaud 73 ( 0.00%) 6363 ( 0.00%) 87.16
halflif 160 ( 0.00%) 24933 ( 0.00%) 155.83
starcra 140 ( 0.00%) 15398 ( 0.00%) 109.99
everque 634 ( 0.00%) 129060 ( 0.00%) 203.56
unreal 103 ( 0.00%) 16264 ( 0.00%) 157.90
quake 13982 ( 0.04%) 9946370 ( 0.05%) 711.37
cuseeme 5 ( 0.00%) 474 ( 0.00%) 94.80
other 9712578 ( 29.81%) 5261370765 ( 25.21%) 541.71
icmp 1003592 ( 3.08%) 101368502 ( 0.49%) 101.01
ipip 322 ( 0.00%) 38932 ( 0.00%) 120.91
ipsec 6867 ( 0.02%) 2442976 ( 0.01%) 355.76
ip6 3097613 ( 9.51%) 1848973797 ( 8.86%) 596.90
other 57029 ( 0.18%) 8600771 ( 0.04%) 150.81
frag 11976 ( 0.04%) 14070388 ( 0.07%) 1174.88
ip6 46915 ( 0.14%) 8434206 ( 0.04%) 179.78
tcp6 12734 ( 0.04%) 2126851 ( 0.01%) 167.02
http(s) 1076 ( 0.00%) 786449 ( 0.00%) 730.90
http(c) 2664 ( 0.01%) 249325 ( 0.00%) 93.59
smtp 297 ( 0.00%) 142276 ( 0.00%) 479.04
ftp 2695 ( 0.01%) 277434 ( 0.00%) 102.94
imap 353 ( 0.00%) 40534 ( 0.00%) 114.83
ssh 1770 ( 0.01%) 228036 ( 0.00%) 128.83
dns 88 ( 0.00%) 24011 ( 0.00%) 272.85
bgp 112 ( 0.00%) 16943 ( 0.00%) 151.28
other 3679 ( 0.01%) 361843 ( 0.00%) 98.35
udp6 28073 ( 0.09%) 5513156 ( 0.03%) 196.39
dns 27761 ( 0.09%) 5459038 ( 0.03%) 196.64
starcra 1 ( 0.00%) 109 ( 0.00%) 109.00
quake 1 ( 0.00%) 103 ( 0.00%) 103.00
other 310 ( 0.00%) 53906 ( 0.00%) 173.89
icmp6 6005 ( 0.02%) 722591 ( 0.00%) 120.33
pim6 31 ( 0.00%) 4216 ( 0.00%) 136.00
other6 72 ( 0.00%) 67392 ( 0.00%) 936.00
tcpdump file: 201004141045.dump.gz (809.45 MB)