Traffic Trace Info
DumpFile: 201004142200.dump
FileSize: 2439.39MB
Id: 201004142200
StartTime: Wed Apr 14 22:00:01 2010
EndTime: Wed Apr 14 22:15:01 2010
TotalTime: 899.72 seconds
TotalCapSize: 1904.46MB CapLen: 96 bytes
# of packets: 35056724 (22037.57MB)
AvgRate: 205.46Mbps stddev:15.27M
IP flow (unique src/dst pair) Information
# of flows: 1162025 (avg. 30.17 pkts/flow)
Top 10 big flow size (bytes/total in %):
3.3% 2.0% 1.4% 1.1% 0.9% 0.8% 0.8% 0.8% 0.8% 0.6%
IP address Information
# of IPv4 addresses: 632718
Top 10 bandwidth usage (bytes/total in %):
14.0% 6.5% 6.0% 5.2% 4.7% 4.4% 4.4% 3.4% 3.4% 2.5%
# of IPv6 addresses: 1067
Top 10 bandwidth usage (bytes/total in %):
24.3% 10.7% 6.6% 5.9% 5.3% 5.2% 4.8% 4.5% 3.6% 3.6%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004142200.pktlen.png)
detailed numbers
[ 32- 63]: 5725057
[ 64- 127]: 10145094
[ 128- 255]: 2467668
[ 256- 511]: 1686950
[ 512- 1023]: 962246
[ 1024- 2047]: 14069709
Protocol Breakdown
![[protocol breakdown chart]](201004142200.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 35056724 (100.00%) 23108065290 (100.00%) 659.16
ip 34999487 ( 99.84%) 23099065904 ( 99.96%) 659.98
tcp 22517697 ( 64.23%) 17341712512 ( 75.05%) 770.14
http(s) 10216787 ( 29.14%) 13952115855 ( 60.38%) 1365.61
http(c) 6274439 ( 17.90%) 791141398 ( 3.42%) 126.09
squid 283137 ( 0.81%) 124782995 ( 0.54%) 440.72
smtp 514534 ( 1.47%) 179652045 ( 0.78%) 349.15
nntp 4 ( 0.00%) 410 ( 0.00%) 102.50
ftp 29214 ( 0.08%) 2718616 ( 0.01%) 93.06
pop3 13304 ( 0.04%) 9788596 ( 0.04%) 735.76
imap 3411 ( 0.01%) 2119683 ( 0.01%) 621.43
telnet 92 ( 0.00%) 10144 ( 0.00%) 110.26
ssh 1197917 ( 3.42%) 261276084 ( 1.13%) 218.11
dns 54425 ( 0.16%) 3735957 ( 0.02%) 68.64
bgp 154 ( 0.00%) 71607 ( 0.00%) 464.98
napster 27 ( 0.00%) 3265 ( 0.00%) 120.93
realaud 18 ( 0.00%) 2952 ( 0.00%) 164.00
rtsp 274 ( 0.00%) 74305 ( 0.00%) 271.19
icecast 20004 ( 0.06%) 6777523 ( 0.03%) 338.81
hotline 121 ( 0.00%) 7860 ( 0.00%) 64.96
other 3909829 ( 11.15%) 2007432857 ( 8.69%) 513.43
udp 8756455 ( 24.98%) 4175518326 ( 18.07%) 476.85
dns 856510 ( 2.44%) 148879583 ( 0.64%) 173.82
rip 4 ( 0.00%) 300 ( 0.00%) 75.00
realaud 14301 ( 0.04%) 8699303 ( 0.04%) 608.30
halflif 150 ( 0.00%) 19734 ( 0.00%) 131.56
starcra 261 ( 0.00%) 30153 ( 0.00%) 115.53
everque 682 ( 0.00%) 130062 ( 0.00%) 190.71
unreal 216 ( 0.00%) 37566 ( 0.00%) 173.92
quake 128 ( 0.00%) 13099 ( 0.00%) 102.34
cuseeme 6 ( 0.00%) 1155 ( 0.00%) 192.50
other 7883734 ( 22.49%) 4017431046 ( 17.39%) 509.58
icmp 979074 ( 2.79%) 165011903 ( 0.71%) 168.54
ipip 331 ( 0.00%) 39822 ( 0.00%) 120.31
ipsec 2175 ( 0.01%) 1106714 ( 0.00%) 508.83
ip6 2557692 ( 7.30%) 1389420919 ( 6.01%) 543.23
other 186063 ( 0.53%) 26255708 ( 0.11%) 141.11
frag 2738 ( 0.01%) 3092974 ( 0.01%) 1129.65
ip6 57237 ( 0.16%) 8999386 ( 0.04%) 157.23
tcp6 18009 ( 0.05%) 1824290 ( 0.01%) 101.30
http(s) 33 ( 0.00%) 17744 ( 0.00%) 537.70
http(c) 7382 ( 0.02%) 611131 ( 0.00%) 82.79
smtp 365 ( 0.00%) 185710 ( 0.00%) 508.79
ftp 2660 ( 0.01%) 277230 ( 0.00%) 104.22
imap 262 ( 0.00%) 29827 ( 0.00%) 113.84
ssh 3228 ( 0.01%) 273176 ( 0.00%) 84.63
dns 142 ( 0.00%) 33980 ( 0.00%) 239.30
bgp 110 ( 0.00%) 15166 ( 0.00%) 137.87
other 3827 ( 0.01%) 380326 ( 0.00%) 99.38
udp6 32373 ( 0.09%) 6291771 ( 0.03%) 194.35
dns 31927 ( 0.09%) 6225840 ( 0.03%) 195.00
halflif 1 ( 0.00%) 112 ( 0.00%) 112.00
other 445 ( 0.00%) 65819 ( 0.00%) 147.91
icmp6 6767 ( 0.02%) 829770 ( 0.00%) 122.62
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 58 ( 0.00%) 49475 ( 0.00%) 853.02
tcpdump file: 201004142200.dump.gz (912.92 MB)