Traffic Trace Info
DumpFile: 201004141745.dump
FileSize: 2539.53MB
Id: 201004141745
StartTime: Wed Apr 14 17:45:01 2010
EndTime: Wed Apr 14 18:00:00 2010
TotalTime: 899.32 seconds
TotalCapSize: 1990.70MB CapLen: 96 bytes
# of packets: 35967439 (23778.63MB)
AvgRate: 221.79Mbps stddev:21.63M
IP flow (unique src/dst pair) Information
# of flows: 1387697 (avg. 25.92 pkts/flow)
Top 10 big flow size (bytes/total in %):
1.7% 1.5% 1.5% 1.4% 1.2% 1.1% 1.1% 0.8% 0.8% 0.8%
IP address Information
# of IPv4 addresses: 782033
Top 10 bandwidth usage (bytes/total in %):
14.3% 8.2% 5.4% 4.7% 4.6% 3.9% 3.7% 3.2% 2.7% 2.6%
# of IPv6 addresses: 1119
Top 10 bandwidth usage (bytes/total in %):
21.7% 9.9% 5.9% 5.0% 4.8% 4.7% 4.6% 4.6% 3.7% 3.4%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004141745.pktlen.png)
detailed numbers
[ 32- 63]: 5845744
[ 64- 127]: 9177540
[ 128- 255]: 2687573
[ 256- 511]: 1954119
[ 512- 1023]: 1075225
[ 1024- 2047]: 15227238
Protocol Breakdown
![[protocol breakdown chart]](201004141745.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 35967439 (100.00%) 24933695911 (100.00%) 693.23
ip 35909430 ( 99.84%) 24923600960 ( 99.96%) 694.07
tcp 23045306 ( 64.07%) 18163405772 ( 72.85%) 788.16
http(s) 10372268 ( 28.84%) 13952995126 ( 55.96%) 1345.22
http(c) 7411866 ( 20.61%) 1043985408 ( 4.19%) 140.85
squid 333303 ( 0.93%) 122456385 ( 0.49%) 367.40
smtp 340291 ( 0.95%) 93164117 ( 0.37%) 273.78
ftp 37168 ( 0.10%) 7134965 ( 0.03%) 191.97
pop3 20689 ( 0.06%) 11350282 ( 0.05%) 548.61
imap 3364 ( 0.01%) 666671 ( 0.00%) 198.18
telnet 1330 ( 0.00%) 89606 ( 0.00%) 67.37
ssh 46783 ( 0.13%) 18046764 ( 0.07%) 385.75
dns 56532 ( 0.16%) 4030304 ( 0.02%) 71.29
bgp 172 ( 0.00%) 68878 ( 0.00%) 400.45
napster 28 ( 0.00%) 3358 ( 0.00%) 119.93
realaud 30 ( 0.00%) 6827 ( 0.00%) 227.57
rtsp 229 ( 0.00%) 83498 ( 0.00%) 364.62
icecast 17487 ( 0.05%) 3806850 ( 0.02%) 217.70
hotline 151 ( 0.00%) 11059 ( 0.00%) 73.24
other 4403611 ( 12.24%) 2905505434 ( 11.65%) 659.80
udp 8944022 ( 24.87%) 4607863563 ( 18.48%) 515.19
dns 803741 ( 2.23%) 135107323 ( 0.54%) 168.10
realaud 37 ( 0.00%) 5436 ( 0.00%) 146.92
halflif 58 ( 0.00%) 7219 ( 0.00%) 124.47
starcra 315 ( 0.00%) 34569 ( 0.00%) 109.74
everque 672 ( 0.00%) 165318 ( 0.00%) 246.01
unreal 85 ( 0.00%) 14183 ( 0.00%) 166.86
quake 41 ( 0.00%) 4915 ( 0.00%) 119.88
cuseeme 3 ( 0.00%) 271 ( 0.00%) 90.33
other 8138635 ( 22.63%) 4472306128 ( 17.94%) 549.52
icmp 693549 ( 1.93%) 94589388 ( 0.38%) 136.38
ipip 366 ( 0.00%) 45791 ( 0.00%) 125.11
ipsec 2573 ( 0.01%) 1259950 ( 0.01%) 489.68
ip6 3215559 ( 8.94%) 2054819418 ( 8.24%) 639.02
other 8055 ( 0.02%) 1617078 ( 0.01%) 200.75
frag 1995 ( 0.01%) 1995783 ( 0.01%) 1000.39
ip6 58009 ( 0.16%) 10094951 ( 0.04%) 174.02
tcp6 17358 ( 0.05%) 2174401 ( 0.01%) 125.27
http(s) 159 ( 0.00%) 90339 ( 0.00%) 568.17
http(c) 4699 ( 0.01%) 427379 ( 0.00%) 90.95
squid 7 ( 0.00%) 1522 ( 0.00%) 217.43
smtp 308 ( 0.00%) 165338 ( 0.00%) 536.81
ftp 2623 ( 0.01%) 272392 ( 0.00%) 103.85
imap 444 ( 0.00%) 51065 ( 0.00%) 115.01
ssh 4835 ( 0.01%) 544370 ( 0.00%) 112.59
dns 166 ( 0.00%) 57270 ( 0.00%) 345.00
bgp 107 ( 0.00%) 15436 ( 0.00%) 144.26
other 4010 ( 0.01%) 549290 ( 0.00%) 136.98
udp6 34044 ( 0.09%) 7034852 ( 0.03%) 206.64
dns 33533 ( 0.09%) 6962037 ( 0.03%) 207.62
other 511 ( 0.00%) 72815 ( 0.00%) 142.50
icmp6 6480 ( 0.02%) 795325 ( 0.00%) 122.74
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 97 ( 0.00%) 86293 ( 0.00%) 889.62
tcpdump file: 201004141745.dump.gz (917.77 MB)