Traffic Trace Info
DumpFile: 201004141300.dump
FileSize: 3175.48MB
Id: 201004141300
StartTime: Wed Apr 14 13:00:01 2010
EndTime: Wed Apr 14 13:15:00 2010
TotalTime: 899.57 seconds
TotalCapSize: -1591.69MB CapLen: 96 bytes
# of packets: 43971974 (29614.39MB)
AvgRate: 276.11Mbps stddev:30.30M
IP flow (unique src/dst pair) Information
# of flows: 996580 (avg. 44.12 pkts/flow)
Top 10 big flow size (bytes/total in %):
25.9% 1.6% 1.6% 1.4% 1.1% 0.8% 0.7% 0.7% 0.7% 0.6%
IP address Information
# of IPv4 addresses: 552259
Top 10 bandwidth usage (bytes/total in %):
27.0% 26.5% 10.2% 7.6% 3.5% 3.1% 2.5% 2.3% 2.3% 2.3%
# of IPv6 addresses: 999
Top 10 bandwidth usage (bytes/total in %):
68.8% 68.8% 7.1% 3.1% 3.0% 3.0% 1.9% 1.6% 1.5% 1.5%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004141300.pktlen.png)
detailed numbers
[ 32- 63]: 5433775
[ 64- 127]: 13424601
[ 128- 255]: 3035925
[ 256- 511]: 1947908
[ 512- 1023]: 1065259
[ 1024- 2047]: 19064506
Protocol Breakdown
![[protocol breakdown chart]](201004141300.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 43971974 (100.00%) 31052940085 (100.00%) 706.20
ip 43904066 ( 99.85%) 31022874876 ( 99.90%) 706.61
tcp 29119997 ( 66.22%) 23044954663 ( 74.21%) 791.38
http(s) 7970154 ( 18.13%) 10578228235 ( 34.07%) 1327.23
http(c) 6762998 ( 15.38%) 914816710 ( 2.95%) 135.27
squid 228118 ( 0.52%) 74396870 ( 0.24%) 326.13
smtp 316592 ( 0.72%) 111869927 ( 0.36%) 353.36
nntp 2 ( 0.00%) 124 ( 0.00%) 62.00
ftp 22839 ( 0.05%) 3785079 ( 0.01%) 165.73
pop3 22992 ( 0.05%) 6808900 ( 0.02%) 296.14
imap 3387 ( 0.01%) 1555858 ( 0.01%) 459.36
telnet 535 ( 0.00%) 60033 ( 0.00%) 112.21
ssh 734456 ( 1.67%) 112573737 ( 0.36%) 153.27
dns 53912 ( 0.12%) 6173569 ( 0.02%) 114.51
bgp 659 ( 0.00%) 466433 ( 0.00%) 707.79
napster 90 ( 0.00%) 6798 ( 0.00%) 75.53
realaud 38 ( 0.00%) 3173 ( 0.00%) 83.50
rtsp 90441 ( 0.21%) 59594439 ( 0.19%) 658.93
icecast 33144 ( 0.08%) 20439887 ( 0.07%) 616.70
hotline 54 ( 0.00%) 4316 ( 0.00%) 79.93
other 12879575 ( 29.29%) 11154169915 ( 35.92%) 866.04
udp 10021590 ( 22.79%) 5485879860 ( 17.67%) 547.41
dns 783910 ( 1.78%) 151048245 ( 0.49%) 192.69
realaud 28 ( 0.00%) 3259 ( 0.00%) 116.39
halflif 505 ( 0.00%) 35886 ( 0.00%) 71.06
starcra 213 ( 0.00%) 21762 ( 0.00%) 102.17
everque 715 ( 0.00%) 134765 ( 0.00%) 188.48
unreal 63 ( 0.00%) 8070 ( 0.00%) 128.10
quake 7099 ( 0.02%) 5601462 ( 0.02%) 789.05
cuseeme 4 ( 0.00%) 351 ( 0.00%) 87.75
other 9227812 ( 20.99%) 5328600557 ( 17.16%) 577.45
icmp 1096731 ( 2.49%) 120166593 ( 0.39%) 109.57
ipip 348 ( 0.00%) 41324 ( 0.00%) 118.75
ipsec 2155 ( 0.00%) 810466 ( 0.00%) 376.09
ip6 3631536 ( 8.26%) 2364831212 ( 7.62%) 651.19
other 31709 ( 0.07%) 6190758 ( 0.02%) 195.24
frag 3572 ( 0.01%) 3207037 ( 0.01%) 897.83
ip6 67908 ( 0.15%) 30065209 ( 0.10%) 442.73
tcp6 33352 ( 0.08%) 23285996 ( 0.07%) 698.19
http(s) 90 ( 0.00%) 41232 ( 0.00%) 458.13
http(c) 4232 ( 0.01%) 376646 ( 0.00%) 89.00
smtp 107 ( 0.00%) 33589 ( 0.00%) 313.92
ftp 2536 ( 0.01%) 264287 ( 0.00%) 104.21
imap 340 ( 0.00%) 38389 ( 0.00%) 112.91
ssh 3309 ( 0.01%) 311570 ( 0.00%) 94.16
dns 219 ( 0.00%) 58409 ( 0.00%) 266.71
bgp 143 ( 0.00%) 41772 ( 0.00%) 292.11
other 22376 ( 0.05%) 22120102 ( 0.07%) 988.56
udp6 28109 ( 0.06%) 5916025 ( 0.02%) 210.47
dns 27526 ( 0.06%) 5837639 ( 0.02%) 212.08
other 583 ( 0.00%) 78386 ( 0.00%) 134.45
icmp6 6295 ( 0.01%) 758645 ( 0.00%) 120.52
rtopt6 3 ( 0.00%) 426 ( 0.00%) 142.00
pim6 29 ( 0.00%) 3944 ( 0.00%) 136.00
other6 120 ( 0.00%) 100173 ( 0.00%) 834.77
tcpdump file: 201004141300.dump.gz (1086.75 MB)