Traffic Trace Info
DumpFile: 201004141800.dump
FileSize: 2639.00MB
Id: 201004141800
StartTime: Wed Apr 14 18:00:00 2010
EndTime: Wed Apr 14 18:15:01 2010
TotalTime: 900.47 seconds
TotalCapSize: -2023.07MB CapLen: 96 bytes
# of packets: 37096885 (24654.37MB)
AvgRate: 229.67Mbps stddev:20.45M
IP flow (unique src/dst pair) Information
# of flows: 1345531 (avg. 27.57 pkts/flow)
Top 10 big flow size (bytes/total in %):
4.6% 1.4% 1.3% 1.3% 1.0% 0.9% 0.8% 0.8% 0.7% 0.7%
IP address Information
# of IPv4 addresses: 757433
Top 10 bandwidth usage (bytes/total in %):
13.6% 8.7% 5.4% 4.9% 4.8% 4.8% 4.5% 4.2% 3.8% 3.3%
# of IPv6 addresses: 1166
Top 10 bandwidth usage (bytes/total in %):
21.5% 11.1% 5.8% 5.8% 4.7% 4.6% 4.5% 4.4% 4.2% 3.7%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004141800.pktlen.png)
detailed numbers
[ 32- 63]: 5971278
[ 64- 127]: 9663422
[ 128- 255]: 2745021
[ 256- 511]: 1936293
[ 512- 1023]: 797527
[ 1024- 2047]: 15983344
Protocol Breakdown
![[protocol breakdown chart]](201004141800.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 37096885 (100.00%) 25851979736 (100.00%) 696.88
ip 37039852 ( 99.85%) 25841768756 ( 99.96%) 697.67
tcp 24313155 ( 65.54%) 19337506443 ( 74.80%) 795.35
http(s) 11185767 ( 30.15%) 15240074627 ( 58.95%) 1362.45
http(c) 7617597 ( 20.53%) 814033582 ( 3.15%) 106.86
squid 394509 ( 1.06%) 141725327 ( 0.55%) 359.24
smtp 342791 ( 0.92%) 88319679 ( 0.34%) 257.65
nntp 2 ( 0.00%) 124 ( 0.00%) 62.00
ftp 44751 ( 0.12%) 8217241 ( 0.03%) 183.62
pop3 36873 ( 0.10%) 27968805 ( 0.11%) 758.52
imap 5235 ( 0.01%) 2839519 ( 0.01%) 542.41
telnet 746 ( 0.00%) 56215 ( 0.00%) 75.36
ssh 26369 ( 0.07%) 6089910 ( 0.02%) 230.95
dns 54194 ( 0.15%) 3724516 ( 0.01%) 68.73
bgp 187 ( 0.00%) 86488 ( 0.00%) 462.50
napster 26 ( 0.00%) 4904 ( 0.00%) 188.62
realaud 22 ( 0.00%) 2153 ( 0.00%) 97.86
rtsp 130288 ( 0.35%) 83616546 ( 0.32%) 641.78
icecast 18670 ( 0.05%) 3900957 ( 0.02%) 208.94
hotline 3 ( 0.00%) 180 ( 0.00%) 60.00
other 4455119 ( 12.01%) 2916845310 ( 11.28%) 654.72
udp 8243284 ( 22.22%) 4102161440 ( 15.87%) 497.64
dns 818511 ( 2.21%) 138540602 ( 0.54%) 169.26
realaud 29 ( 0.00%) 5761 ( 0.00%) 198.66
halflif 88 ( 0.00%) 10057 ( 0.00%) 114.28
starcra 343 ( 0.00%) 38701 ( 0.00%) 112.83
everque 639 ( 0.00%) 122543 ( 0.00%) 191.77
unreal 101 ( 0.00%) 15003 ( 0.00%) 148.54
quake 62 ( 0.00%) 6484 ( 0.00%) 104.58
cuseeme 9 ( 0.00%) 1078 ( 0.00%) 119.78
other 7422992 ( 20.01%) 3963161067 ( 15.33%) 533.90
icmp 916547 ( 2.47%) 129402869 ( 0.50%) 141.19
ipip 331 ( 0.00%) 38306 ( 0.00%) 115.73
ipsec 7996 ( 0.02%) 4951064 ( 0.02%) 619.19
ip6 3543766 ( 9.55%) 2262203812 ( 8.75%) 638.36
other 14773 ( 0.04%) 5504822 ( 0.02%) 372.63
frag 2141 ( 0.01%) 2180842 ( 0.01%) 1018.61
ip6 57033 ( 0.15%) 10210980 ( 0.04%) 179.04
tcp6 16031 ( 0.04%) 2093858 ( 0.01%) 130.61
http(s) 139 ( 0.00%) 131270 ( 0.00%) 944.39
http(c) 4425 ( 0.01%) 424361 ( 0.00%) 95.90
smtp 546 ( 0.00%) 190617 ( 0.00%) 349.12
ftp 2553 ( 0.01%) 267973 ( 0.00%) 104.96
imap 355 ( 0.00%) 40894 ( 0.00%) 115.19
ssh 3459 ( 0.01%) 293210 ( 0.00%) 84.77
dns 254 ( 0.00%) 66569 ( 0.00%) 262.08
bgp 117 ( 0.00%) 16775 ( 0.00%) 143.38
other 4183 ( 0.01%) 662189 ( 0.00%) 158.30
udp6 34481 ( 0.09%) 7273981 ( 0.03%) 210.96
dns 33896 ( 0.09%) 7192279 ( 0.03%) 212.19
quake 1 ( 0.00%) 111 ( 0.00%) 111.00
other 584 ( 0.00%) 81591 ( 0.00%) 139.71
icmp6 6417 ( 0.02%) 777360 ( 0.00%) 121.14
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 74 ( 0.00%) 61701 ( 0.00%) 833.80
tcpdump file: 201004141800.dump.gz (936.89 MB)