Traffic Trace Info
DumpFile: 201004142215.dump
FileSize: 2418.74MB
Id: 201004142215
StartTime: Wed Apr 14 22:15:01 2010
EndTime: Wed Apr 14 22:30:00 2010
TotalTime: 899.47 seconds
TotalCapSize: 1891.22MB CapLen: 96 bytes
# of packets: 34571194 (22457.22MB)
AvgRate: 209.47Mbps stddev:28.07M
IP flow (unique src/dst pair) Information
# of flows: 1128456 (avg. 30.64 pkts/flow)
Top 10 big flow size (bytes/total in %):
3.4% 2.2% 1.2% 1.0% 0.7% 0.7% 0.7% 0.7% 0.7% 0.7%
IP address Information
# of IPv4 addresses: 621325
Top 10 bandwidth usage (bytes/total in %):
13.1% 5.9% 5.6% 5.6% 5.6% 4.8% 4.7% 4.6% 3.5% 3.5%
# of IPv6 addresses: 1015
Top 10 bandwidth usage (bytes/total in %):
25.2% 9.4% 6.9% 6.0% 5.5% 5.4% 4.7% 3.9% 3.7% 3.7%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004142215.pktlen.png)
detailed numbers
[ 32- 63]: 5374828
[ 64- 127]: 9905021
[ 128- 255]: 2335379
[ 256- 511]: 1589062
[ 512- 1023]: 977844
[ 1024- 2047]: 14389060
Protocol Breakdown
![[protocol breakdown chart]](201004142215.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 34571194 (100.00%) 23548101157 (100.00%) 681.15
ip 34515813 ( 99.84%) 23539543766 ( 99.96%) 681.99
tcp 22601935 ( 65.38%) 17973615325 ( 76.33%) 795.22
http(s) 10269524 ( 29.71%) 14080420778 ( 59.79%) 1371.09
http(c) 5960308 ( 17.24%) 785524176 ( 3.34%) 131.79
squid 292561 ( 0.85%) 147769598 ( 0.63%) 505.09
smtp 446368 ( 1.29%) 92760085 ( 0.39%) 207.81
nntp 10 ( 0.00%) 744 ( 0.00%) 74.40
ftp 31341 ( 0.09%) 3450305 ( 0.01%) 110.09
pop3 13466 ( 0.04%) 9598258 ( 0.04%) 712.78
imap 5635 ( 0.02%) 4281520 ( 0.02%) 759.81
telnet 140 ( 0.00%) 16649 ( 0.00%) 118.92
ssh 1168081 ( 3.38%) 175324663 ( 0.74%) 150.10
dns 53783 ( 0.16%) 3694053 ( 0.02%) 68.68
bgp 178 ( 0.00%) 79538 ( 0.00%) 446.84
napster 12 ( 0.00%) 1959 ( 0.00%) 163.25
realaud 8 ( 0.00%) 2257 ( 0.00%) 282.12
rtsp 253 ( 0.00%) 57051 ( 0.00%) 225.50
icecast 29639 ( 0.09%) 16160532 ( 0.07%) 545.25
hotline 22 ( 0.00%) 1655 ( 0.00%) 75.23
other 4330601 ( 12.53%) 2654471204 ( 11.27%) 612.96
udp 8365109 ( 24.20%) 4037108806 ( 17.14%) 482.61
dns 820509 ( 2.37%) 142288875 ( 0.60%) 173.42
rip 1 ( 0.00%) 109 ( 0.00%) 109.00
realaud 49645 ( 0.14%) 25237499 ( 0.11%) 508.36
halflif 131 ( 0.00%) 19045 ( 0.00%) 145.38
starcra 313 ( 0.00%) 36638 ( 0.00%) 117.05
everque 702 ( 0.00%) 144913 ( 0.00%) 206.43
unreal 186 ( 0.00%) 30797 ( 0.00%) 165.58
quake 94 ( 0.00%) 8000 ( 0.00%) 85.11
cuseeme 5 ( 0.00%) 504 ( 0.00%) 100.80
other 7493143 ( 21.67%) 3869142380 ( 16.43%) 516.36
icmp 921698 ( 2.67%) 148670505 ( 0.63%) 161.30
ipip 343 ( 0.00%) 42270 ( 0.00%) 123.24
ipsec 10205 ( 0.03%) 5591086 ( 0.02%) 547.88
ip6 2492069 ( 7.21%) 1344403680 ( 5.71%) 539.47
other 124454 ( 0.36%) 30112094 ( 0.13%) 241.95
frag 1820 ( 0.01%) 1902870 ( 0.01%) 1045.53
ip6 55379 ( 0.16%) 8557271 ( 0.04%) 154.52
tcp6 18164 ( 0.05%) 1844977 ( 0.01%) 101.57
http(s) 40 ( 0.00%) 25234 ( 0.00%) 630.85
http(c) 7786 ( 0.02%) 646366 ( 0.00%) 83.02
smtp 249 ( 0.00%) 150786 ( 0.00%) 605.57
ftp 2630 ( 0.01%) 273948 ( 0.00%) 104.16
imap 360 ( 0.00%) 41950 ( 0.00%) 116.53
ssh 3238 ( 0.01%) 273780 ( 0.00%) 84.55
dns 85 ( 0.00%) 23716 ( 0.00%) 279.01
bgp 104 ( 0.00%) 13346 ( 0.00%) 128.33
other 3672 ( 0.01%) 395851 ( 0.00%) 107.80
udp6 30706 ( 0.09%) 5892647 ( 0.03%) 191.91
dns 30274 ( 0.09%) 5823167 ( 0.02%) 192.35
other 432 ( 0.00%) 69480 ( 0.00%) 160.83
icmp6 6438 ( 0.02%) 778699 ( 0.00%) 120.95
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 41 ( 0.00%) 36868 ( 0.00%) 899.22
tcpdump file: 201004142215.dump.gz (906.23 MB)