Traffic Trace Info
DumpFile: 201004142245.dump
FileSize: 2385.73MB
Id: 201004142245
StartTime: Wed Apr 14 22:45:00 2010
EndTime: Wed Apr 14 23:00:00 2010
TotalTime: 900.28 seconds
TotalCapSize: 1866.12MB CapLen: 96 bytes
# of packets: 34037066 (22329.50MB)
AvgRate: 208.06Mbps stddev:17.33M
IP flow (unique src/dst pair) Information
# of flows: 1147375 (avg. 29.67 pkts/flow)
Top 10 big flow size (bytes/total in %):
3.0% 1.9% 1.7% 1.2% 0.8% 0.8% 0.8% 0.8% 0.8% 0.7%
IP address Information
# of IPv4 addresses: 609726
Top 10 bandwidth usage (bytes/total in %):
12.2% 7.3% 6.3% 5.8% 5.6% 5.5% 5.5% 3.4% 3.1% 2.7%
# of IPv6 addresses: 981
Top 10 bandwidth usage (bytes/total in %):
26.2% 8.0% 7.1% 6.3% 5.6% 5.5% 4.6% 4.3% 4.2% 3.6%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004142245.pktlen.png)
detailed numbers
[ 32- 63]: 5717089
[ 64- 127]: 9222704
[ 128- 255]: 2286091
[ 256- 511]: 1611487
[ 512- 1023]: 874534
[ 1024- 2047]: 14325161
Protocol Breakdown
![[protocol breakdown chart]](201004142245.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 34037066 (100.00%) 23414176336 (100.00%) 687.90
ip 33984320 ( 99.85%) 23405930790 ( 99.96%) 688.73
tcp 22623299 ( 66.47%) 18211355489 ( 77.78%) 804.98
http(s) 10622295 ( 31.21%) 14640661800 ( 62.53%) 1378.30
http(c) 5823434 ( 17.11%) 572919646 ( 2.45%) 98.38
squid 293995 ( 0.86%) 134345928 ( 0.57%) 456.97
smtp 453435 ( 1.33%) 104325345 ( 0.45%) 230.08
nntp 3 ( 0.00%) 186 ( 0.00%) 62.00
ftp 24977 ( 0.07%) 2672551 ( 0.01%) 107.00
pop3 14517 ( 0.04%) 12078962 ( 0.05%) 832.06
imap 4451 ( 0.01%) 3519880 ( 0.02%) 790.81
telnet 93 ( 0.00%) 10738 ( 0.00%) 115.46
ssh 1118146 ( 3.29%) 229813740 ( 0.98%) 205.53
dns 54977 ( 0.16%) 3781517 ( 0.02%) 68.78
bgp 178 ( 0.00%) 72111 ( 0.00%) 405.12
napster 473 ( 0.00%) 156185 ( 0.00%) 330.20
realaud 19 ( 0.00%) 1828 ( 0.00%) 96.21
rtsp 90 ( 0.00%) 16953 ( 0.00%) 188.37
icecast 30910 ( 0.09%) 16260993 ( 0.07%) 526.08
hotline 10 ( 0.00%) 902 ( 0.00%) 90.20
other 4181292 ( 12.28%) 2490715984 ( 10.64%) 595.68
udp 7756384 ( 22.79%) 3648695770 ( 15.58%) 470.41
dns 841923 ( 2.47%) 144745782 ( 0.62%) 171.92
realaud 4263 ( 0.01%) 4436006 ( 0.02%) 1040.58
halflif 111 ( 0.00%) 16157 ( 0.00%) 145.56
starcra 250 ( 0.00%) 26485 ( 0.00%) 105.94
everque 578 ( 0.00%) 109246 ( 0.00%) 189.01
unreal 171 ( 0.00%) 24455 ( 0.00%) 143.01
quake 83 ( 0.00%) 6989 ( 0.00%) 84.20
other 6908557 ( 20.30%) 3499111284 ( 14.94%) 506.49
icmp 1041143 ( 3.06%) 159043612 ( 0.68%) 152.76
ipip 357 ( 0.00%) 44406 ( 0.00%) 124.39
ipsec 667 ( 0.00%) 113882 ( 0.00%) 170.74
ip6 2546463 ( 7.48%) 1381118418 ( 5.90%) 542.37
other 16007 ( 0.05%) 5559213 ( 0.02%) 347.30
frag 1803 ( 0.01%) 1818541 ( 0.01%) 1008.62
ip6 52746 ( 0.15%) 8245546 ( 0.04%) 156.33
tcp6 14529 ( 0.04%) 1471707 ( 0.01%) 101.29
http(s) 36 ( 0.00%) 18021 ( 0.00%) 500.58
http(c) 4549 ( 0.01%) 410516 ( 0.00%) 90.24
smtp 273 ( 0.00%) 107987 ( 0.00%) 395.56
ftp 2583 ( 0.01%) 269651 ( 0.00%) 104.39
imap 338 ( 0.00%) 39007 ( 0.00%) 115.41
ssh 3190 ( 0.01%) 270316 ( 0.00%) 84.74
dns 97 ( 0.00%) 16292 ( 0.00%) 167.96
bgp 103 ( 0.00%) 14156 ( 0.00%) 137.44
other 3360 ( 0.01%) 325761 ( 0.00%) 96.95
udp6 30655 ( 0.09%) 5754727 ( 0.02%) 187.73
dns 30272 ( 0.09%) 5692405 ( 0.02%) 188.04
realaud 1 ( 0.00%) 118 ( 0.00%) 118.00
halflif 1 ( 0.00%) 117 ( 0.00%) 117.00
other 381 ( 0.00%) 62087 ( 0.00%) 162.96
icmp6 7459 ( 0.02%) 949728 ( 0.00%) 127.33
pim6 29 ( 0.00%) 3944 ( 0.00%) 136.00
other6 74 ( 0.00%) 65440 ( 0.00%) 884.32
tcpdump file: 201004142245.dump.gz (887.30 MB)