Traffic Trace Info
DumpFile: 201004141930.dump
FileSize: 2401.25MB
Id: 201004141930
StartTime: Wed Apr 14 19:30:01 2010
EndTime: Wed Apr 14 19:45:01 2010
TotalTime: 899.67 seconds
TotalCapSize: 1879.26MB CapLen: 96 bytes
# of packets: 34205501 (20978.29MB)
AvgRate: 195.59Mbps stddev:16.96M
IP flow (unique src/dst pair) Information
# of flows: 1467821 (avg. 23.30 pkts/flow)
Top 10 big flow size (bytes/total in %):
3.7% 1.9% 1.8% 1.1% 0.8% 0.7% 0.7% 0.7% 0.7% 0.7%
IP address Information
# of IPv4 addresses: 810636
Top 10 bandwidth usage (bytes/total in %):
13.0% 7.8% 6.2% 5.2% 5.0% 4.9% 3.8% 3.8% 3.3% 2.9%
# of IPv6 addresses: 1019
Top 10 bandwidth usage (bytes/total in %):
21.0% 8.2% 5.7% 5.3% 5.1% 4.8% 4.6% 4.5% 4.3% 3.6%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004141930.pktlen.png)
detailed numbers
[ 32- 63]: 5992048
[ 64- 127]: 9548230
[ 128- 255]: 2490185
[ 256- 511]: 1954816
[ 512- 1023]: 897768
[ 1024- 2047]: 13322454
Protocol Breakdown
![[protocol breakdown chart]](201004141930.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 34205501 (100.00%) 21997327648 (100.00%) 643.09
ip 34143153 ( 99.82%) 21986912815 ( 99.95%) 643.96
tcp 21716052 ( 63.49%) 16148332784 ( 73.41%) 743.61
http(s) 9565291 ( 27.96%) 13094810366 ( 59.53%) 1368.99
http(c) 6542402 ( 19.13%) 710622200 ( 3.23%) 108.62
squid 307491 ( 0.90%) 104203700 ( 0.47%) 338.88
smtp 442067 ( 1.29%) 114869534 ( 0.52%) 259.85
nntp 3 ( 0.00%) 186 ( 0.00%) 62.00
ftp 30334 ( 0.09%) 6406270 ( 0.03%) 211.19
pop3 12838 ( 0.04%) 5967596 ( 0.03%) 464.84
imap 2546 ( 0.01%) 567527 ( 0.00%) 222.91
telnet 2887 ( 0.01%) 2304282 ( 0.01%) 798.16
ssh 906212 ( 2.65%) 127382401 ( 0.58%) 140.57
dns 56063 ( 0.16%) 3875935 ( 0.02%) 69.14
bgp 441 ( 0.00%) 286247 ( 0.00%) 649.09
napster 271 ( 0.00%) 98589 ( 0.00%) 363.80
rtsp 150572 ( 0.44%) 59354394 ( 0.27%) 394.19
icecast 13116 ( 0.04%) 870447 ( 0.00%) 66.37
other 3683512 ( 10.77%) 1916712750 ( 8.71%) 520.35
udp 8517273 ( 24.90%) 3957227144 ( 17.99%) 464.61
dns 821634 ( 2.40%) 138865962 ( 0.63%) 169.01
realaud 10504 ( 0.03%) 8639099 ( 0.04%) 822.46
halflif 54 ( 0.00%) 7062 ( 0.00%) 130.78
starcra 230 ( 0.00%) 24608 ( 0.00%) 106.99
everque 749 ( 0.00%) 162788 ( 0.00%) 217.34
unreal 121 ( 0.00%) 18203 ( 0.00%) 150.44
quake 119 ( 0.00%) 12184 ( 0.00%) 102.39
cuseeme 59 ( 0.00%) 5349 ( 0.00%) 90.66
other 7683253 ( 22.46%) 3809103171 ( 17.32%) 495.77
icmp 926619 ( 2.71%) 131211912 ( 0.60%) 141.60
ipip 347 ( 0.00%) 43292 ( 0.00%) 124.76
ipsec 441 ( 0.00%) 82710 ( 0.00%) 187.55
ip6 2919795 ( 8.54%) 1722819546 ( 7.83%) 590.05
other 62626 ( 0.18%) 27195427 ( 0.12%) 434.25
frag 3730 ( 0.01%) 4329275 ( 0.02%) 1160.66
ip6 62348 ( 0.18%) 10414833 ( 0.05%) 167.04
tcp6 21145 ( 0.06%) 2567195 ( 0.01%) 121.41
http(s) 215 ( 0.00%) 186902 ( 0.00%) 869.31
http(c) 9238 ( 0.03%) 762679 ( 0.00%) 82.56
smtp 358 ( 0.00%) 168756 ( 0.00%) 471.39
ftp 2667 ( 0.01%) 279875 ( 0.00%) 104.94
imap 246 ( 0.00%) 28283 ( 0.00%) 114.97
ssh 3742 ( 0.01%) 449676 ( 0.00%) 120.17
dns 177 ( 0.00%) 59244 ( 0.00%) 334.71
bgp 119 ( 0.00%) 22625 ( 0.00%) 190.13
other 4383 ( 0.01%) 609155 ( 0.00%) 138.98
udp6 34395 ( 0.10%) 6917039 ( 0.03%) 201.11
dns 33592 ( 0.10%) 6820550 ( 0.03%) 203.04
other 803 ( 0.00%) 96489 ( 0.00%) 120.16
icmp6 6656 ( 0.02%) 814592 ( 0.00%) 122.38
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 122 ( 0.00%) 111927 ( 0.00%) 917.43
tcpdump file: 201004141930.dump.gz (880.15 MB)