Traffic Trace Info
DumpFile: 201004142045.dump
FileSize: 2390.67MB
Id: 201004142045
StartTime: Wed Apr 14 20:45:01 2010
EndTime: Wed Apr 14 21:00:01 2010
TotalTime: 900.10 seconds
TotalCapSize: 1872.23MB CapLen: 96 bytes
# of packets: 33975855 (20939.59MB)
AvgRate: 195.13Mbps stddev:20.54M
IP flow (unique src/dst pair) Information
# of flows: 1243117 (avg. 27.33 pkts/flow)
Top 10 big flow size (bytes/total in %):
3.2% 1.3% 1.2% 1.0% 0.8% 0.7% 0.6% 0.6% 0.5% 0.5%
IP address Information
# of IPv4 addresses: 684444
Top 10 bandwidth usage (bytes/total in %):
13.6% 6.5% 5.4% 4.8% 4.5% 4.5% 3.7% 3.3% 3.3% 2.3%
# of IPv6 addresses: 1042
Top 10 bandwidth usage (bytes/total in %):
23.6% 8.6% 6.4% 5.7% 5.1% 5.0% 4.7% 4.4% 4.2% 4.1%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004142045.pktlen.png)
detailed numbers
[ 32- 63]: 5465273
[ 64- 127]: 10147590
[ 128- 255]: 2471365
[ 256- 511]: 1697101
[ 512- 1023]: 851525
[ 1024- 2047]: 13343001
Protocol Breakdown
![[protocol breakdown chart]](201004142045.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 33975855 (100.00%) 21956756733 (100.00%) 646.25
ip 33920444 ( 99.84%) 21947475585 ( 99.96%) 647.03
tcp 21984643 ( 64.71%) 16320304390 ( 74.33%) 742.35
http(s) 9271908 ( 27.29%) 12711321386 ( 57.89%) 1370.95
http(c) 6405816 ( 18.85%) 693115650 ( 3.16%) 108.20
squid 308521 ( 0.91%) 135416471 ( 0.62%) 438.92
smtp 436938 ( 1.29%) 90125474 ( 0.41%) 206.27
ftp 21620 ( 0.06%) 2138321 ( 0.01%) 98.90
pop3 12894 ( 0.04%) 9796710 ( 0.04%) 759.79
imap 2501 ( 0.01%) 844002 ( 0.00%) 337.47
telnet 291 ( 0.00%) 24436 ( 0.00%) 83.97
ssh 1286699 ( 3.79%) 211652716 ( 0.96%) 164.49
dns 56112 ( 0.17%) 3849512 ( 0.02%) 68.60
bgp 187 ( 0.00%) 82511 ( 0.00%) 441.24
napster 200 ( 0.00%) 20854 ( 0.00%) 104.27
realaud 29 ( 0.00%) 4745 ( 0.00%) 163.62
rtsp 9779 ( 0.03%) 6705723 ( 0.03%) 685.73
icecast 32614 ( 0.10%) 16541427 ( 0.08%) 507.19
hotline 10 ( 0.00%) 878 ( 0.00%) 87.80
other 4138520 ( 12.18%) 2438663334 ( 11.11%) 589.26
udp 8350319 ( 24.58%) 3997320458 ( 18.21%) 478.70
dns 816691 ( 2.40%) 138616867 ( 0.63%) 169.73
rip 5 ( 0.00%) 409 ( 0.00%) 81.80
realaud 8044 ( 0.02%) 7427250 ( 0.03%) 923.33
halflif 87 ( 0.00%) 9398 ( 0.00%) 108.02
starcra 310 ( 0.00%) 33314 ( 0.00%) 107.46
everque 564 ( 0.00%) 105250 ( 0.00%) 186.61
unreal 110 ( 0.00%) 17143 ( 0.00%) 155.85
quake 61 ( 0.00%) 6764 ( 0.00%) 110.89
cuseeme 5 ( 0.00%) 737 ( 0.00%) 147.40
other 7524086 ( 22.15%) 3850917291 ( 17.54%) 511.81
icmp 950295 ( 2.80%) 165538072 ( 0.75%) 174.20
ipip 323 ( 0.00%) 38272 ( 0.00%) 118.49
ipsec 835 ( 0.00%) 375362 ( 0.00%) 449.54
ip6 2574788 ( 7.58%) 1440109043 ( 6.56%) 559.31
other 59241 ( 0.17%) 23789988 ( 0.11%) 401.58
frag 1935 ( 0.01%) 2006488 ( 0.01%) 1036.94
ip6 55411 ( 0.16%) 9281148 ( 0.04%) 167.50
tcp6 15549 ( 0.05%) 1862235 ( 0.01%) 119.77
http(s) 18 ( 0.00%) 7366 ( 0.00%) 409.22
http(c) 4030 ( 0.01%) 368615 ( 0.00%) 91.47
smtp 306 ( 0.00%) 154261 ( 0.00%) 504.12
ftp 2683 ( 0.01%) 275810 ( 0.00%) 102.80
imap 362 ( 0.00%) 42009 ( 0.00%) 116.05
ssh 3266 ( 0.01%) 276660 ( 0.00%) 84.71
dns 128 ( 0.00%) 42488 ( 0.00%) 331.94
bgp 112 ( 0.00%) 17802 ( 0.00%) 158.95
other 4644 ( 0.01%) 677224 ( 0.00%) 145.83
udp6 33085 ( 0.10%) 6502446 ( 0.03%) 196.54
dns 32272 ( 0.09%) 6401234 ( 0.03%) 198.35
other 813 ( 0.00%) 101212 ( 0.00%) 124.49
icmp6 6629 ( 0.02%) 803507 ( 0.00%) 121.21
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 118 ( 0.00%) 108880 ( 0.00%) 922.71
tcpdump file: 201004142045.dump.gz (890.51 MB)