Traffic Trace Info
DumpFile: 201004142145.dump
FileSize: 2579.78MB
Id: 201004142145
StartTime: Wed Apr 14 21:45:00 2010
EndTime: Wed Apr 14 22:00:01 2010
TotalTime: 900.76 seconds
TotalCapSize: 2015.89MB CapLen: 96 bytes
# of packets: 36954235 (23181.98MB)
AvgRate: 215.88Mbps stddev:22.66M
IP flow (unique src/dst pair) Information
# of flows: 1154772 (avg. 32.00 pkts/flow)
Top 10 big flow size (bytes/total in %):
3.3% 3.2% 1.4% 1.2% 0.7% 0.7% 0.7% 0.6% 0.6% 0.5%
IP address Information
# of IPv4 addresses: 629943
Top 10 bandwidth usage (bytes/total in %):
13.4% 6.8% 6.7% 6.0% 5.3% 5.3% 4.7% 3.4% 3.4% 3.3%
# of IPv6 addresses: 1006
Top 10 bandwidth usage (bytes/total in %):
23.2% 7.8% 6.3% 6.1% 6.1% 5.5% 5.2% 5.0% 4.6% 3.9%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004142145.pktlen.png)
detailed numbers
[ 32- 63]: 7125078
[ 64- 127]: 10156349
[ 128- 255]: 2276043
[ 256- 511]: 1617564
[ 512- 1023]: 941631
[ 1024- 2047]: 14837570
Protocol Breakdown
![[protocol breakdown chart]](201004142145.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 36954235 (100.00%) 24308063540 (100.00%) 657.79
ip 36899916 ( 99.85%) 24298736652 ( 99.96%) 658.50
tcp 25063840 ( 67.82%) 18631561780 ( 76.65%) 743.36
http(s) 11145043 ( 30.16%) 15429939003 ( 63.48%) 1384.47
http(c) 7846614 ( 21.23%) 779091145 ( 3.21%) 99.29
squid 267495 ( 0.72%) 123304318 ( 0.51%) 460.96
smtp 471792 ( 1.28%) 110468157 ( 0.45%) 234.15
nntp 12 ( 0.00%) 1034 ( 0.00%) 86.17
ftp 25157 ( 0.07%) 2285406 ( 0.01%) 90.85
pop3 19416 ( 0.05%) 17006054 ( 0.07%) 875.88
imap 5188 ( 0.01%) 1672290 ( 0.01%) 322.34
telnet 126 ( 0.00%) 13350 ( 0.00%) 105.95
ssh 1163123 ( 3.15%) 195313886 ( 0.80%) 167.92
dns 56551 ( 0.15%) 3859282 ( 0.02%) 68.24
bgp 182 ( 0.00%) 79566 ( 0.00%) 437.18
napster 33 ( 0.00%) 2696 ( 0.00%) 81.70
realaud 27 ( 0.00%) 3370 ( 0.00%) 124.81
rtsp 15274 ( 0.04%) 1164225 ( 0.00%) 76.22
icecast 12810 ( 0.03%) 846242 ( 0.00%) 66.06
hotline 39 ( 0.00%) 3048 ( 0.00%) 78.15
other 4034955 ( 10.92%) 1966508528 ( 8.09%) 487.37
udp 8387671 ( 22.70%) 4147542991 ( 17.06%) 494.48
dns 840916 ( 2.28%) 144307005 ( 0.59%) 171.61
rip 1 ( 0.00%) 109 ( 0.00%) 109.00
realaud 23920 ( 0.06%) 17630999 ( 0.07%) 737.08
halflif 141 ( 0.00%) 19200 ( 0.00%) 136.17
starcra 263 ( 0.00%) 27694 ( 0.00%) 105.30
everque 698 ( 0.00%) 127584 ( 0.00%) 182.79
unreal 162 ( 0.00%) 22383 ( 0.00%) 138.17
quake 348 ( 0.00%) 29001 ( 0.00%) 83.34
cuseeme 7 ( 0.00%) 640 ( 0.00%) 91.43
other 7520811 ( 20.35%) 3985158004 ( 16.39%) 529.88
icmp 914067 ( 2.47%) 149360345 ( 0.61%) 163.40
ipip 333 ( 0.00%) 39670 ( 0.00%) 119.13
ipsec 6110 ( 0.02%) 3495380 ( 0.01%) 572.08
ip6 2405978 ( 6.51%) 1318779495 ( 5.43%) 548.13
other 121917 ( 0.33%) 47956991 ( 0.20%) 393.36
frag 2229 ( 0.01%) 2283392 ( 0.01%) 1024.40
ip6 54319 ( 0.15%) 9326888 ( 0.04%) 171.71
tcp6 16212 ( 0.04%) 2345563 ( 0.01%) 144.68
http(s) 29 ( 0.00%) 15993 ( 0.00%) 551.48
http(c) 4563 ( 0.01%) 412601 ( 0.00%) 90.42
smtp 304 ( 0.00%) 169089 ( 0.00%) 556.21
ftp 2669 ( 0.01%) 281168 ( 0.00%) 105.35
imap 366 ( 0.00%) 42628 ( 0.00%) 116.47
ssh 3251 ( 0.01%) 276434 ( 0.00%) 85.03
dns 137 ( 0.00%) 44968 ( 0.00%) 328.23
bgp 102 ( 0.00%) 12768 ( 0.00%) 125.18
other 4791 ( 0.01%) 1089914 ( 0.00%) 227.49
udp6 31552 ( 0.09%) 6125205 ( 0.03%) 194.13
dns 31123 ( 0.08%) 6054872 ( 0.02%) 194.55
other 429 ( 0.00%) 70333 ( 0.00%) 163.95
icmp6 6456 ( 0.02%) 793090 ( 0.00%) 122.85
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 69 ( 0.00%) 58950 ( 0.00%) 854.35
tcpdump file: 201004142145.dump.gz (955.40 MB)