Traffic Trace Info
DumpFile: 201004141600.dump
FileSize: 2656.24MB
Id: 201004141600
StartTime: Wed Apr 14 16:00:01 2010
EndTime: Wed Apr 14 16:15:00 2010
TotalTime: 899.65 seconds
TotalCapSize: -2018.61MB CapLen: 96 bytes
# of packets: 37934912 (23863.97MB)
AvgRate: 222.53Mbps stddev:20.95M
IP flow (unique src/dst pair) Information
# of flows: 1155280 (avg. 32.84 pkts/flow)
Top 10 big flow size (bytes/total in %):
2.5% 1.6% 1.4% 1.0% 0.9% 0.8% 0.8% 0.8% 0.7% 0.7%
IP address Information
# of IPv4 addresses: 667507
Top 10 bandwidth usage (bytes/total in %):
14.4% 8.3% 5.1% 4.9% 4.6% 3.7% 3.6% 2.9% 2.5% 2.4%
# of IPv6 addresses: 1136
Top 10 bandwidth usage (bytes/total in %):
43.4% 43.4% 9.6% 8.7% 6.1% 2.9% 2.8% 2.8% 2.6% 2.5%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004141600.pktlen.png)
detailed numbers
[ 32- 63]: 6415308
[ 64- 127]: 10048526
[ 128- 255]: 2993485
[ 256- 511]: 1999989
[ 512- 1023]: 1320975
[ 1024- 2047]: 15156629
Protocol Breakdown
![[protocol breakdown chart]](201004141600.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 37934912 (100.00%) 25023190882 (100.00%) 659.63
ip 37862377 ( 99.81%) 25000721639 ( 99.91%) 660.31
tcp 23409765 ( 61.71%) 17642021155 ( 70.50%) 753.62
http(s) 9998496 ( 26.36%) 13642362554 ( 54.52%) 1364.44
http(c) 7884053 ( 20.78%) 918673152 ( 3.67%) 116.52
squid 269102 ( 0.71%) 76324593 ( 0.31%) 283.63
smtp 367915 ( 0.97%) 97991121 ( 0.39%) 266.34
nntp 2 ( 0.00%) 124 ( 0.00%) 62.00
ftp 30079 ( 0.08%) 8457918 ( 0.03%) 281.19
pop3 29425 ( 0.08%) 10797670 ( 0.04%) 366.96
imap 2707 ( 0.01%) 852341 ( 0.00%) 314.87
telnet 535 ( 0.00%) 40868 ( 0.00%) 76.39
ssh 186170 ( 0.49%) 38141125 ( 0.15%) 204.87
dns 55659 ( 0.15%) 3848259 ( 0.02%) 69.14
bgp 145 ( 0.00%) 57063 ( 0.00%) 393.54
napster 22 ( 0.00%) 3823 ( 0.00%) 173.77
realaud 37 ( 0.00%) 3016 ( 0.00%) 81.51
rtsp 70960 ( 0.19%) 14343381 ( 0.06%) 202.13
icecast 9892 ( 0.03%) 3807067 ( 0.02%) 384.86
hotline 9 ( 0.00%) 1326 ( 0.00%) 147.33
other 4504553 ( 11.87%) 2826315514 ( 11.29%) 627.44
udp 10283422 ( 27.11%) 5175915601 ( 20.68%) 503.33
dns 999668 ( 2.64%) 197352360 ( 0.79%) 197.42
rip 17 ( 0.00%) 1309 ( 0.00%) 77.00
realaud 39 ( 0.00%) 4634 ( 0.00%) 118.82
halflif 739 ( 0.00%) 49098 ( 0.00%) 66.44
starcra 1424 ( 0.00%) 422296 ( 0.00%) 296.56
everque 761 ( 0.00%) 143830 ( 0.00%) 189.00
unreal 99 ( 0.00%) 14240 ( 0.00%) 143.84
quake 58 ( 0.00%) 5865 ( 0.00%) 101.12
cuseeme 6 ( 0.00%) 538 ( 0.00%) 89.67
other 9280097 ( 24.46%) 4977657139 ( 19.89%) 536.38
icmp 573888 ( 1.51%) 73529770 ( 0.29%) 128.13
ipip 338 ( 0.00%) 42364 ( 0.00%) 125.34
ipsec 2883 ( 0.01%) 1738354 ( 0.01%) 602.97
ip6 3398780 ( 8.96%) 2082492932 ( 8.32%) 612.72
other 193301 ( 0.51%) 24981463 ( 0.10%) 129.24
frag 2482 ( 0.01%) 2534202 ( 0.01%) 1021.03
ip6 72535 ( 0.19%) 22469243 ( 0.09%) 309.77
tcp6 25796 ( 0.07%) 12808902 ( 0.05%) 496.55
http(s) 961 ( 0.00%) 934174 ( 0.00%) 972.09
http(c) 5428 ( 0.01%) 503659 ( 0.00%) 92.79
smtp 151 ( 0.00%) 39885 ( 0.00%) 264.14
ftp 2711 ( 0.01%) 281434 ( 0.00%) 103.81
imap 462 ( 0.00%) 53558 ( 0.00%) 115.93
ssh 3853 ( 0.01%) 487826 ( 0.00%) 126.61
dns 229 ( 0.00%) 56638 ( 0.00%) 247.33
bgp 121 ( 0.00%) 16874 ( 0.00%) 139.45
other 11880 ( 0.03%) 10434854 ( 0.04%) 878.35
udp6 40105 ( 0.11%) 8804217 ( 0.04%) 219.53
dns 39759 ( 0.10%) 8745650 ( 0.03%) 219.97
everque 1 ( 0.00%) 110 ( 0.00%) 110.00
quake 1 ( 0.00%) 105 ( 0.00%) 105.00
other 344 ( 0.00%) 58352 ( 0.00%) 169.63
icmp6 6532 ( 0.02%) 788681 ( 0.00%) 120.74
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 72 ( 0.00%) 63363 ( 0.00%) 880.04
tcpdump file: 201004141600.dump.gz (950.21 MB)