Traffic Trace Info
DumpFile: 201004141415.dump
FileSize: 3020.76MB
Id: 201004141415
StartTime: Wed Apr 14 14:15:01 2010
EndTime: Wed Apr 14 14:30:01 2010
TotalTime: 899.54 seconds
TotalCapSize: -1718.02MB CapLen: 96 bytes
# of packets: 42124247 (28471.06MB)
AvgRate: 265.48Mbps stddev:29.45M
IP flow (unique src/dst pair) Information
# of flows: 1087111 (avg. 38.75 pkts/flow)
Top 10 big flow size (bytes/total in %):
26.8% 1.4% 1.2% 1.2% 0.8% 0.8% 0.7% 0.7% 0.7% 0.6%
IP address Information
# of IPv4 addresses: 568398
Top 10 bandwidth usage (bytes/total in %):
28.1% 27.5% 12.6% 7.7% 2.8% 2.3% 2.1% 2.0% 1.7% 1.6%
# of IPv6 addresses: 1044
Top 10 bandwidth usage (bytes/total in %):
82.5% 82.4% 3.8% 2.0% 2.0% 1.9% 1.0% 0.9% 0.9% 0.8%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004141415.pktlen.png)
detailed numbers
[ 32- 63]: 5693082
[ 64- 127]: 11960607
[ 128- 255]: 3078380
[ 256- 511]: 2035813
[ 512- 1023]: 1029467
[ 1024- 2047]: 18326898
Protocol Breakdown
![[protocol breakdown chart]](201004141415.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 42124247 (100.00%) 29854074951 (100.00%) 708.71
ip 42038692 ( 99.80%) 29797291969 ( 99.81%) 708.81
tcp 27684342 ( 65.72%) 21935962978 ( 73.48%) 792.36
http(s) 7695592 ( 18.27%) 10141544254 ( 33.97%) 1317.84
http(c) 6215480 ( 14.76%) 863815448 ( 2.89%) 138.98
squid 254504 ( 0.60%) 76137835 ( 0.26%) 299.16
smtp 392060 ( 0.93%) 163124365 ( 0.55%) 416.07
ftp 28802 ( 0.07%) 4679584 ( 0.02%) 162.47
pop3 23754 ( 0.06%) 14571470 ( 0.05%) 613.43
imap 3174 ( 0.01%) 534193 ( 0.00%) 168.30
telnet 965 ( 0.00%) 86185 ( 0.00%) 89.31
ssh 856024 ( 2.03%) 240387023 ( 0.81%) 280.82
dns 54352 ( 0.13%) 3727400 ( 0.01%) 68.58
bgp 136 ( 0.00%) 46415 ( 0.00%) 341.29
napster 5 ( 0.00%) 362 ( 0.00%) 72.40
realaud 28 ( 0.00%) 4804 ( 0.00%) 171.57
rtsp 109355 ( 0.26%) 21322671 ( 0.07%) 194.99
icecast 4997 ( 0.01%) 332530 ( 0.00%) 66.55
hotline 13 ( 0.00%) 875 ( 0.00%) 67.31
other 12045090 ( 28.59%) 10405646904 ( 34.86%) 863.89
udp 10124637 ( 24.04%) 5479513335 ( 18.35%) 541.21
dns 925648 ( 2.20%) 162545003 ( 0.54%) 175.60
realaud 32 ( 0.00%) 4111 ( 0.00%) 128.47
halflif 84 ( 0.00%) 10407 ( 0.00%) 123.89
starcra 350 ( 0.00%) 40490 ( 0.00%) 115.69
everque 777 ( 0.00%) 144782 ( 0.00%) 186.33
unreal 81 ( 0.00%) 12173 ( 0.00%) 150.28
quake 5959 ( 0.01%) 3842361 ( 0.01%) 644.80
cuseeme 9 ( 0.00%) 1157 ( 0.00%) 128.56
other 9190857 ( 21.82%) 5312673571 ( 17.80%) 578.04
icmp 480865 ( 1.14%) 55482537 ( 0.19%) 115.38
ipip 306 ( 0.00%) 37204 ( 0.00%) 121.58
ipsec 1675 ( 0.00%) 509138 ( 0.00%) 303.96
ip6 3668655 ( 8.71%) 2316168382 ( 7.76%) 631.34
other 78212 ( 0.19%) 9618395 ( 0.03%) 122.98
frag 3167 ( 0.01%) 2861513 ( 0.01%) 903.54
ip6 85553 ( 0.20%) 56782862 ( 0.19%) 663.72
tcp6 47608 ( 0.11%) 49467968 ( 0.17%) 1039.07
http(s) 162 ( 0.00%) 128944 ( 0.00%) 795.95
http(c) 3818 ( 0.01%) 347679 ( 0.00%) 91.06
smtp 197 ( 0.00%) 60941 ( 0.00%) 309.35
ftp 2698 ( 0.01%) 280276 ( 0.00%) 103.88
imap 369 ( 0.00%) 42929 ( 0.00%) 116.34
ssh 36835 ( 0.09%) 48245738 ( 0.16%) 1309.78
dns 98 ( 0.00%) 28831 ( 0.00%) 294.19
bgp 113 ( 0.00%) 14822 ( 0.00%) 131.17
other 3318 ( 0.01%) 317808 ( 0.00%) 95.78
udp6 31742 ( 0.08%) 6536751 ( 0.02%) 205.93
dns 31629 ( 0.08%) 6519873 ( 0.02%) 206.14
other 113 ( 0.00%) 16878 ( 0.00%) 149.36
icmp6 6134 ( 0.01%) 740670 ( 0.00%) 120.75
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 39 ( 0.00%) 33393 ( 0.00%) 856.23
tcpdump file: 201004141415.dump.gz (1044.74 MB)