Traffic Trace Info
DumpFile: 201004141845.dump
FileSize: 2310.80MB
Id: 201004141845
StartTime: Wed Apr 14 18:45:01 2010
EndTime: Wed Apr 14 19:00:00 2010
TotalTime: 899.25 seconds
TotalCapSize: 1809.71MB CapLen: 96 bytes
# of packets: 32838932 (20455.33MB)
AvgRate: 190.81Mbps stddev:19.20M
IP flow (unique src/dst pair) Information
# of flows: 1457991 (avg. 22.52 pkts/flow)
Top 10 big flow size (bytes/total in %):
1.7% 1.4% 1.3% 1.0% 0.9% 0.9% 0.8% 0.7% 0.6% 0.6%
IP address Information
# of IPv4 addresses: 819322
Top 10 bandwidth usage (bytes/total in %):
13.4% 9.1% 5.6% 5.0% 4.9% 4.1% 3.5% 3.2% 2.1% 2.0%
# of IPv6 addresses: 1091
Top 10 bandwidth usage (bytes/total in %):
20.5% 14.5% 14.4% 7.5% 5.6% 5.3% 4.5% 4.2% 4.1% 3.8%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004141845.pktlen.png)
detailed numbers
[ 32- 63]: 6019252
[ 64- 127]: 8562161
[ 128- 255]: 2430243
[ 256- 511]: 1897873
[ 512- 1023]: 949004
[ 1024- 2047]: 12980399
Protocol Breakdown
![[protocol breakdown chart]](201004141845.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 32838932 (100.00%) 21448970904 (100.00%) 653.16
ip 32780706 ( 99.82%) 21438269324 ( 99.95%) 653.99
tcp 20572131 ( 62.65%) 15579521573 ( 72.64%) 757.31
http(s) 8734467 ( 26.60%) 11783613755 ( 54.94%) 1349.09
http(c) 6576130 ( 20.03%) 858254124 ( 4.00%) 130.51
squid 289188 ( 0.88%) 92722682 ( 0.43%) 320.63
smtp 427531 ( 1.30%) 118915239 ( 0.55%) 278.14
nntp 2 ( 0.00%) 124 ( 0.00%) 62.00
ftp 39958 ( 0.12%) 18623522 ( 0.09%) 466.08
pop3 19150 ( 0.06%) 9276972 ( 0.04%) 484.44
imap 16798 ( 0.05%) 1778798 ( 0.01%) 105.89
telnet 721 ( 0.00%) 56128 ( 0.00%) 77.85
ssh 30482 ( 0.09%) 3929253 ( 0.02%) 128.90
dns 55680 ( 0.17%) 3801008 ( 0.02%) 68.27
bgp 318 ( 0.00%) 181158 ( 0.00%) 569.68
napster 24 ( 0.00%) 3738 ( 0.00%) 155.75
realaud 13 ( 0.00%) 1217 ( 0.00%) 93.62
rtsp 116720 ( 0.36%) 7376262 ( 0.03%) 63.20
icecast 18388 ( 0.06%) 3870002 ( 0.02%) 210.46
hotline 35 ( 0.00%) 2461 ( 0.00%) 70.31
other 4246524 ( 12.93%) 2677115010 ( 12.48%) 630.43
udp 8069517 ( 24.57%) 3774776517 ( 17.60%) 467.78
dns 790557 ( 2.41%) 134958832 ( 0.63%) 170.71
realaud 38 ( 0.00%) 5262 ( 0.00%) 138.47
halflif 59 ( 0.00%) 6473 ( 0.00%) 109.71
starcra 266 ( 0.00%) 30411 ( 0.00%) 114.33
everque 775 ( 0.00%) 144104 ( 0.00%) 185.94
unreal 123 ( 0.00%) 17792 ( 0.00%) 144.65
quake 64 ( 0.00%) 5948 ( 0.00%) 92.94
cuseeme 23 ( 0.00%) 2615 ( 0.00%) 113.70
other 7277200 ( 22.16%) 3639416838 ( 16.97%) 500.11
icmp 905212 ( 2.76%) 119039425 ( 0.55%) 131.50
ipip 329 ( 0.00%) 41418 ( 0.00%) 125.89
ipsec 1136 ( 0.00%) 342720 ( 0.00%) 301.69
ip6 3218926 ( 9.80%) 1957903373 ( 9.13%) 608.25
other 13455 ( 0.04%) 6644298 ( 0.03%) 493.82
frag 1909 ( 0.01%) 1893483 ( 0.01%) 991.87
ip6 58226 ( 0.18%) 10701580 ( 0.05%) 183.79
tcp6 20100 ( 0.06%) 3869401 ( 0.02%) 192.51
http(s) 30 ( 0.00%) 13329 ( 0.00%) 444.30
http(c) 7116 ( 0.02%) 741212 ( 0.00%) 104.16
smtp 1933 ( 0.01%) 1625765 ( 0.01%) 841.06
ftp 2587 ( 0.01%) 267514 ( 0.00%) 103.41
imap 369 ( 0.00%) 42686 ( 0.00%) 115.68
ssh 3440 ( 0.01%) 386568 ( 0.00%) 112.37
dns 72 ( 0.00%) 14375 ( 0.00%) 199.65
bgp 123 ( 0.00%) 22702 ( 0.00%) 184.57
other 4430 ( 0.01%) 755250 ( 0.00%) 170.49
udp6 31644 ( 0.10%) 5999551 ( 0.03%) 189.60
dns 30805 ( 0.09%) 5889883 ( 0.03%) 191.20
other 839 ( 0.00%) 109668 ( 0.00%) 130.71
icmp6 6420 ( 0.02%) 802434 ( 0.00%) 124.99
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 32 ( 0.00%) 26114 ( 0.00%) 816.06
tcpdump file: 201004141845.dump.gz (845.07 MB)