Traffic Trace Info
DumpFile: 201004142300.dump
FileSize: 2459.47MB
Id: 201004142300
StartTime: Wed Apr 14 23:00:00 2010
EndTime: Wed Apr 14 23:15:01 2010
TotalTime: 900.11 seconds
TotalCapSize: 1924.47MB CapLen: 96 bytes
# of packets: 35035089 (22752.03MB)
AvgRate: 212.04Mbps stddev:18.83M
IP flow (unique src/dst pair) Information
# of flows: 1258992 (avg. 27.83 pkts/flow)
Top 10 big flow size (bytes/total in %):
3.4% 1.7% 1.1% 1.0% 1.0% 0.8% 0.8% 0.8% 0.7% 0.6%
IP address Information
# of IPv4 addresses: 710224
Top 10 bandwidth usage (bytes/total in %):
12.1% 7.1% 6.8% 6.2% 6.1% 6.1% 6.0% 3.5% 3.3% 2.9%
# of IPv6 addresses: 1019
Top 10 bandwidth usage (bytes/total in %):
24.1% 10.1% 6.5% 5.8% 4.6% 4.5% 4.4% 4.3% 4.1% 3.3%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004142300.pktlen.png)
detailed numbers
[ 32- 63]: 5891829
[ 64- 127]: 9669783
[ 128- 255]: 2306791
[ 256- 511]: 1668020
[ 512- 1023]: 926711
[ 1024- 2047]: 14571955
Protocol Breakdown
![[protocol breakdown chart]](201004142300.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 35035089 (100.00%) 23857235899 (100.00%) 680.95
ip 34982967 ( 99.85%) 23848314659 ( 99.96%) 681.71
tcp 23263392 ( 66.40%) 18453607016 ( 77.35%) 793.25
http(s) 11024166 ( 31.47%) 15234322373 ( 63.86%) 1381.90
http(c) 6347664 ( 18.12%) 674912197 ( 2.83%) 106.32
squid 322752 ( 0.92%) 144776263 ( 0.61%) 448.57
smtp 483994 ( 1.38%) 155874892 ( 0.65%) 322.06
nntp 7 ( 0.00%) 613 ( 0.00%) 87.57
ftp 22976 ( 0.07%) 2067628 ( 0.01%) 89.99
pop3 11942 ( 0.03%) 7680929 ( 0.03%) 643.19
imap 2873 ( 0.01%) 1347456 ( 0.01%) 469.01
telnet 103 ( 0.00%) 11279 ( 0.00%) 109.50
ssh 1058790 ( 3.02%) 158244583 ( 0.66%) 149.46
dns 52740 ( 0.15%) 3595937 ( 0.02%) 68.18
bgp 186 ( 0.00%) 66994 ( 0.00%) 360.18
napster 15 ( 0.00%) 1013 ( 0.00%) 67.53
realaud 6 ( 0.00%) 1934 ( 0.00%) 322.33
rtsp 80 ( 0.00%) 13152 ( 0.00%) 164.40
icecast 30659 ( 0.09%) 16079193 ( 0.07%) 524.45
hotline 6 ( 0.00%) 372 ( 0.00%) 62.00
other 3904429 ( 11.14%) 2054609968 ( 8.61%) 526.23
udp 7863446 ( 22.44%) 3740679374 ( 15.68%) 475.70
dns 841480 ( 2.40%) 145712398 ( 0.61%) 173.16
rip 4 ( 0.00%) 300 ( 0.00%) 75.00
realaud 24 ( 0.00%) 2845 ( 0.00%) 118.54
halflif 113 ( 0.00%) 16537 ( 0.00%) 146.35
starcra 312 ( 0.00%) 35294 ( 0.00%) 113.12
everque 638 ( 0.00%) 104624 ( 0.00%) 163.99
unreal 224 ( 0.00%) 38450 ( 0.00%) 171.65
quake 46 ( 0.00%) 5044 ( 0.00%) 109.65
cuseeme 5 ( 0.00%) 448 ( 0.00%) 89.60
other 7020065 ( 20.04%) 3594489233 ( 15.07%) 512.03
icmp 1002505 ( 2.86%) 165821974 ( 0.70%) 165.41
ipip 313 ( 0.00%) 37590 ( 0.00%) 120.10
ipsec 692 ( 0.00%) 114696 ( 0.00%) 165.75
ip6 2680109 ( 7.65%) 1466561266 ( 6.15%) 547.20
other 172510 ( 0.49%) 21492743 ( 0.09%) 124.59
frag 2158 ( 0.01%) 2157774 ( 0.01%) 999.90
ip6 52122 ( 0.15%) 8921240 ( 0.04%) 171.16
tcp6 13980 ( 0.04%) 1804000 ( 0.01%) 129.04
http(s) 73 ( 0.00%) 30234 ( 0.00%) 414.16
http(c) 4109 ( 0.01%) 376169 ( 0.00%) 91.55
smtp 495 ( 0.00%) 270939 ( 0.00%) 547.35
ftp 2244 ( 0.01%) 232446 ( 0.00%) 103.59
imap 248 ( 0.00%) 28523 ( 0.00%) 115.01
ssh 3500 ( 0.01%) 506712 ( 0.00%) 144.77
dns 151 ( 0.00%) 41511 ( 0.00%) 274.91
bgp 129 ( 0.00%) 24171 ( 0.00%) 187.37
other 3031 ( 0.01%) 293295 ( 0.00%) 96.77
udp6 30522 ( 0.09%) 6021691 ( 0.03%) 197.29
dns 30278 ( 0.09%) 5980453 ( 0.03%) 197.52
other 244 ( 0.00%) 41238 ( 0.00%) 169.01
icmp6 7487 ( 0.02%) 999981 ( 0.00%) 133.56
pim6 28 ( 0.00%) 3808 ( 0.00%) 136.00
other6 105 ( 0.00%) 91760 ( 0.00%) 873.90
tcpdump file: 201004142300.dump.gz (915.11 MB)