Traffic Trace Info
DumpFile: 201004142100.dump
FileSize: 2366.10MB
Id: 201004142100
StartTime: Wed Apr 14 21:00:01 2010
EndTime: Wed Apr 14 21:15:00 2010
TotalTime: 899.81 seconds
TotalCapSize: 1854.12MB CapLen: 96 bytes
# of packets: 33552348 (21203.11MB)
AvgRate: 197.65Mbps stddev:19.28M
IP flow (unique src/dst pair) Information
# of flows: 1113303 (avg. 30.14 pkts/flow)
Top 10 big flow size (bytes/total in %):
3.2% 1.9% 0.9% 0.8% 0.7% 0.6% 0.5% 0.5% 0.5% 0.5%
IP address Information
# of IPv4 addresses: 604689
Top 10 bandwidth usage (bytes/total in %):
12.4% 7.1% 6.3% 5.7% 4.9% 4.8% 4.7% 3.3% 3.3% 2.3%
# of IPv6 addresses: 1082
Top 10 bandwidth usage (bytes/total in %):
15.5% 15.4% 10.9% 10.9% 9.7% 7.7% 6.0% 4.2% 3.9% 3.9%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004142100.pktlen.png)
detailed numbers
[ 32- 63]: 5426948
[ 64- 127]: 9792598
[ 128- 255]: 2274351
[ 256- 511]: 1575444
[ 512- 1023]: 889499
[ 1024- 2047]: 13593508
Protocol Breakdown
![[protocol breakdown chart]](201004142100.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 33552348 (100.00%) 22233070775 (100.00%) 662.64
ip 33484958 ( 99.80%) 22218877901 ( 99.94%) 663.55
tcp 21730803 ( 64.77%) 16561106160 ( 74.49%) 762.10
http(s) 9481999 ( 28.26%) 13056803358 ( 58.73%) 1377.01
http(c) 6238644 ( 18.59%) 626885467 ( 2.82%) 100.48
squid 307241 ( 0.92%) 145641666 ( 0.66%) 474.03
smtp 441169 ( 1.31%) 110204281 ( 0.50%) 249.80
nntp 1 ( 0.00%) 60 ( 0.00%) 60.00
ftp 21760 ( 0.06%) 2116754 ( 0.01%) 97.28
pop3 13299 ( 0.04%) 9094684 ( 0.04%) 683.86
imap 1626 ( 0.00%) 648091 ( 0.00%) 398.58
telnet 580 ( 0.00%) 44264 ( 0.00%) 76.32
ssh 1099795 ( 3.28%) 162409154 ( 0.73%) 147.67
dns 53345 ( 0.16%) 3654869 ( 0.02%) 68.51
bgp 163 ( 0.00%) 63047 ( 0.00%) 386.79
napster 179 ( 0.00%) 19789 ( 0.00%) 110.55
realaud 19 ( 0.00%) 2181 ( 0.00%) 114.79
rtsp 36277 ( 0.11%) 24311471 ( 0.11%) 670.16
icecast 30209 ( 0.09%) 14478018 ( 0.07%) 479.26
hotline 10 ( 0.00%) 899 ( 0.00%) 89.90
other 4004476 ( 11.94%) 2404727291 ( 10.82%) 600.51
udp 8049503 ( 23.99%) 3887210684 ( 17.48%) 482.91
dns 839595 ( 2.50%) 143263569 ( 0.64%) 170.63
rip 2 ( 0.00%) 218 ( 0.00%) 109.00
realaud 10985 ( 0.03%) 8200339 ( 0.04%) 746.50
halflif 105 ( 0.00%) 13548 ( 0.00%) 129.03
starcra 258 ( 0.00%) 30969 ( 0.00%) 120.03
everque 627 ( 0.00%) 107616 ( 0.00%) 171.64
unreal 167 ( 0.00%) 29573 ( 0.00%) 177.08
quake 108 ( 0.00%) 13621 ( 0.00%) 126.12
cuseeme 17 ( 0.00%) 1770 ( 0.00%) 104.12
other 7197191 ( 21.45%) 3735259534 ( 16.80%) 518.99
icmp 889670 ( 2.65%) 156811459 ( 0.71%) 176.26
ipip 360 ( 0.00%) 44866 ( 0.00%) 124.63
ipsec 436 ( 0.00%) 81832 ( 0.00%) 187.69
ip6 2757131 ( 8.22%) 1598768270 ( 7.19%) 579.87
other 57055 ( 0.17%) 14854630 ( 0.07%) 260.36
frag 2996 ( 0.01%) 3459675 ( 0.02%) 1154.76
ip6 67390 ( 0.20%) 14192874 ( 0.06%) 210.61
tcp6 25178 ( 0.08%) 6241492 ( 0.03%) 247.89
http(s) 2164 ( 0.01%) 2246387 ( 0.01%) 1038.07
http(c) 9710 ( 0.03%) 918446 ( 0.00%) 94.59
smtp 392 ( 0.00%) 163110 ( 0.00%) 416.10
ftp 2637 ( 0.01%) 274900 ( 0.00%) 104.25
imap 258 ( 0.00%) 29171 ( 0.00%) 113.07
ssh 3260 ( 0.01%) 276864 ( 0.00%) 84.93
dns 163 ( 0.00%) 39321 ( 0.00%) 241.23
bgp 112 ( 0.00%) 15598 ( 0.00%) 139.27
other 6482 ( 0.02%) 2277695 ( 0.01%) 351.39
udp6 35469 ( 0.11%) 7053766 ( 0.03%) 198.87
dns 34606 ( 0.10%) 6950640 ( 0.03%) 200.85
halflif 1 ( 0.00%) 111 ( 0.00%) 111.00
other 862 ( 0.00%) 103015 ( 0.00%) 119.51
icmp6 6636 ( 0.02%) 822513 ( 0.00%) 123.95
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 77 ( 0.00%) 71023 ( 0.00%) 922.38
tcpdump file: 201004142100.dump.gz (881.07 MB)