Traffic Trace Info
DumpFile: 201004142130.dump
FileSize: 2352.82MB
Id: 201004142130
StartTime: Wed Apr 14 21:30:01 2010
EndTime: Wed Apr 14 21:45:00 2010
TotalTime: 899.37 seconds
TotalCapSize: 1841.05MB CapLen: 96 bytes
# of packets: 33538789 (21298.43MB)
AvgRate: 198.63Mbps stddev:19.62M
IP flow (unique src/dst pair) Information
# of flows: 1176364 (avg. 28.51 pkts/flow)
Top 10 big flow size (bytes/total in %):
3.0% 1.9% 1.8% 1.8% 0.9% 0.8% 0.8% 0.8% 0.8% 0.8%
IP address Information
# of IPv4 addresses: 635190
Top 10 bandwidth usage (bytes/total in %):
11.4% 6.2% 5.8% 5.6% 5.5% 5.2% 4.8% 3.4% 3.1% 3.1%
# of IPv6 addresses: 1091
Top 10 bandwidth usage (bytes/total in %):
22.1% 7.4% 6.0% 5.3% 4.9% 4.7% 4.2% 3.9% 3.6% 3.6%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004142130.pktlen.png)
detailed numbers
[ 32- 63]: 5754555
[ 64- 127]: 9455552
[ 128- 255]: 2282071
[ 256- 511]: 1581175
[ 512- 1023]: 882231
[ 1024- 2047]: 13583205
Protocol Breakdown
![[protocol breakdown chart]](201004142130.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 33538789 (100.00%) 22333020519 (100.00%) 665.89
ip 33478985 ( 99.82%) 22323100689 ( 99.96%) 666.78
tcp 22677563 ( 67.62%) 17475145074 ( 78.25%) 770.59
http(s) 10442591 ( 31.14%) 14356628571 ( 64.28%) 1374.81
http(c) 6490637 ( 19.35%) 775895474 ( 3.47%) 119.54
squid 278960 ( 0.83%) 127968003 ( 0.57%) 458.73
smtp 502510 ( 1.50%) 108868344 ( 0.49%) 216.65
nntp 4 ( 0.00%) 353 ( 0.00%) 88.25
ftp 18406 ( 0.05%) 1741611 ( 0.01%) 94.62
pop3 19006 ( 0.06%) 18949972 ( 0.08%) 997.05
imap 2765 ( 0.01%) 1047412 ( 0.00%) 378.81
telnet 451 ( 0.00%) 36180 ( 0.00%) 80.22
ssh 1159679 ( 3.46%) 174305291 ( 0.78%) 150.30
dns 53730 ( 0.16%) 3744441 ( 0.02%) 69.69
bgp 153 ( 0.00%) 51297 ( 0.00%) 335.27
napster 2 ( 0.00%) 124 ( 0.00%) 62.00
realaud 26 ( 0.00%) 4654 ( 0.00%) 179.00
rtsp 27018 ( 0.08%) 1727427 ( 0.01%) 63.94
icecast 13029 ( 0.04%) 871467 ( 0.00%) 66.89
hotline 8 ( 0.00%) 858 ( 0.00%) 107.25
other 3668578 ( 10.94%) 1903302995 ( 8.52%) 518.81
udp 7332587 ( 21.86%) 3315974734 ( 14.85%) 452.22
dns 865621 ( 2.58%) 148760644 ( 0.67%) 171.85
rip 3 ( 0.00%) 225 ( 0.00%) 75.00
realaud 1306 ( 0.00%) 823199 ( 0.00%) 630.32
halflif 127 ( 0.00%) 19767 ( 0.00%) 155.65
starcra 268 ( 0.00%) 28299 ( 0.00%) 105.59
everque 748 ( 0.00%) 125722 ( 0.00%) 168.08
unreal 154 ( 0.00%) 26343 ( 0.00%) 171.06
quake 92 ( 0.00%) 9399 ( 0.00%) 102.16
cuseeme 6 ( 0.00%) 507 ( 0.00%) 84.50
other 6463904 ( 19.27%) 3165993331 ( 14.18%) 489.80
icmp 980024 ( 2.92%) 167253939 ( 0.75%) 170.66
ipip 332 ( 0.00%) 40150 ( 0.00%) 120.93
ipsec 440 ( 0.00%) 82096 ( 0.00%) 186.58
ip6 2327111 ( 6.94%) 1313288089 ( 5.88%) 564.34
other 160928 ( 0.48%) 51316607 ( 0.23%) 318.88
frag 2174 ( 0.01%) 2176120 ( 0.01%) 1000.98
ip6 59804 ( 0.18%) 9919830 ( 0.04%) 165.87
tcp6 19622 ( 0.06%) 2471476 ( 0.01%) 125.95
http(s) 77 ( 0.00%) 58443 ( 0.00%) 759.00
http(c) 8030 ( 0.02%) 693661 ( 0.00%) 86.38
smtp 398 ( 0.00%) 214455 ( 0.00%) 538.83
ftp 2686 ( 0.01%) 279437 ( 0.00%) 104.03
imap 256 ( 0.00%) 29141 ( 0.00%) 113.83
ssh 3277 ( 0.01%) 277926 ( 0.00%) 84.81
dns 109 ( 0.00%) 35326 ( 0.00%) 324.09
bgp 115 ( 0.00%) 15270 ( 0.00%) 132.78
other 4674 ( 0.01%) 867817 ( 0.00%) 185.67
udp6 33177 ( 0.10%) 6551489 ( 0.03%) 197.47
dns 32753 ( 0.10%) 6483364 ( 0.03%) 197.95
other 424 ( 0.00%) 68125 ( 0.00%) 160.67
icmp6 6924 ( 0.02%) 848081 ( 0.00%) 122.48
pim6 31 ( 0.00%) 4216 ( 0.00%) 136.00
other6 50 ( 0.00%) 44568 ( 0.00%) 891.36
tcpdump file: 201004142130.dump.gz (881.01 MB)