Traffic Trace Info
DumpFile: 201004141830.dump
FileSize: 2331.33MB
Id: 201004141830
StartTime: Wed Apr 14 18:30:00 2010
EndTime: Wed Apr 14 18:45:01 2010
TotalTime: 900.67 seconds
TotalCapSize: 1825.32MB CapLen: 96 bytes
# of packets: 33161298 (20537.86MB)
AvgRate: 191.29Mbps stddev:16.32M
IP flow (unique src/dst pair) Information
# of flows: 1566584 (avg. 21.17 pkts/flow)
Top 10 big flow size (bytes/total in %):
1.9% 1.1% 1.0% 1.0% 0.7% 0.6% 0.6% 0.5% 0.5% 0.5%
IP address Information
# of IPv4 addresses: 907807
Top 10 bandwidth usage (bytes/total in %):
15.3% 9.0% 6.1% 5.8% 5.0% 4.6% 3.0% 2.6% 2.1% 2.1%
# of IPv6 addresses: 1136
Top 10 bandwidth usage (bytes/total in %):
52.7% 50.8% 10.9% 4.2% 3.0% 2.4% 2.3% 2.3% 2.3% 2.2%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004141830.pktlen.png)
detailed numbers
[ 32- 63]: 6200314
[ 64- 127]: 8565661
[ 128- 255]: 2566049
[ 256- 511]: 1945484
[ 512- 1023]: 804559
[ 1024- 2047]: 13079231
Protocol Breakdown
![[protocol breakdown chart]](201004141830.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 33161298 (100.00%) 21535505149 (100.00%) 649.42
ip 33096817 ( 99.81%) 21515373910 ( 99.91%) 650.07
tcp 20616766 ( 62.17%) 15443493187 ( 71.71%) 749.07
http(s) 8619073 ( 25.99%) 11496321574 ( 53.38%) 1333.82
http(c) 6763574 ( 20.40%) 733949028 ( 3.41%) 108.51
squid 304659 ( 0.92%) 108032818 ( 0.50%) 354.60
smtp 421416 ( 1.27%) 189790963 ( 0.88%) 450.36
ftp 23494 ( 0.07%) 5888245 ( 0.03%) 250.63
pop3 16140 ( 0.05%) 8509123 ( 0.04%) 527.21
imap 8877 ( 0.03%) 6312908 ( 0.03%) 711.15
telnet 780 ( 0.00%) 115339 ( 0.00%) 147.87
ssh 195625 ( 0.59%) 245017023 ( 1.14%) 1252.48
dns 54111 ( 0.16%) 3708174 ( 0.02%) 68.53
bgp 153 ( 0.00%) 60779 ( 0.00%) 397.25
napster 8 ( 0.00%) 1880 ( 0.00%) 235.00
realaud 29 ( 0.00%) 4155 ( 0.00%) 143.28
rtsp 62592 ( 0.19%) 4131693 ( 0.02%) 66.01
icecast 18451 ( 0.06%) 3874408 ( 0.02%) 209.98
hotline 2 ( 0.00%) 124 ( 0.00%) 62.00
other 4127781 ( 12.45%) 2637774893 ( 12.25%) 639.03
udp 8254286 ( 24.89%) 3981280867 ( 18.49%) 482.33
dns 798515 ( 2.41%) 134251798 ( 0.62%) 168.13
rip 1 ( 0.00%) 109 ( 0.00%) 109.00
realaud 35 ( 0.00%) 5778 ( 0.00%) 165.09
halflif 64 ( 0.00%) 6541 ( 0.00%) 102.20
starcra 258 ( 0.00%) 29724 ( 0.00%) 115.21
everque 785 ( 0.00%) 138220 ( 0.00%) 176.08
unreal 95 ( 0.00%) 14505 ( 0.00%) 152.68
quake 198 ( 0.00%) 16976 ( 0.00%) 85.74
cuseeme 7 ( 0.00%) 1350 ( 0.00%) 192.86
other 7453986 ( 22.48%) 3846650432 ( 17.86%) 516.05
icmp 1016517 ( 3.07%) 138314550 ( 0.64%) 136.07
ipip 352 ( 0.00%) 41800 ( 0.00%) 118.75
ipsec 711 ( 0.00%) 206746 ( 0.00%) 290.78
ip6 3200101 ( 9.65%) 1950425171 ( 9.06%) 609.49
other 8084 ( 0.02%) 1611589 ( 0.01%) 199.36
frag 1699 ( 0.01%) 1712712 ( 0.01%) 1008.07
ip6 64481 ( 0.19%) 20131239 ( 0.09%) 312.20
tcp6 26044 ( 0.08%) 12923791 ( 0.06%) 496.23
http(s) 7731 ( 0.02%) 10789104 ( 0.05%) 1395.56
http(c) 6038 ( 0.02%) 520432 ( 0.00%) 86.19
smtp 300 ( 0.00%) 131231 ( 0.00%) 437.44
ftp 2661 ( 0.01%) 273391 ( 0.00%) 102.74
imap 1105 ( 0.00%) 115797 ( 0.00%) 104.79
ssh 3255 ( 0.01%) 275258 ( 0.00%) 84.56
dns 143 ( 0.00%) 57273 ( 0.00%) 400.51
bgp 114 ( 0.00%) 15813 ( 0.00%) 138.71
other 4697 ( 0.01%) 745492 ( 0.00%) 158.72
udp6 31944 ( 0.10%) 6352509 ( 0.03%) 198.86
dns 31177 ( 0.09%) 6255725 ( 0.03%) 200.65
other 767 ( 0.00%) 96784 ( 0.00%) 126.19
icmp6 6373 ( 0.02%) 773261 ( 0.00%) 121.33
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 90 ( 0.00%) 77598 ( 0.00%) 862.20
tcpdump file: 201004141830.dump.gz (852.90 MB)