Traffic Trace Info
DumpFile: 201004142315.dump
FileSize: 2588.16MB
Id: 201004142315
StartTime: Wed Apr 14 23:15:01 2010
EndTime: Wed Apr 14 23:30:01 2010
TotalTime: 900.43 seconds
TotalCapSize: 2028.66MB CapLen: 96 bytes
# of packets: 36611269 (24320.93MB)
AvgRate: 226.60Mbps stddev:30.30M
IP flow (unique src/dst pair) Information
# of flows: 1100038 (avg. 33.28 pkts/flow)
Top 10 big flow size (bytes/total in %):
4.0% 3.0% 1.5% 1.2% 1.1% 0.9% 0.8% 0.7% 0.7% 0.7%
IP address Information
# of IPv4 addresses: 586221
Top 10 bandwidth usage (bytes/total in %):
12.3% 7.5% 6.9% 5.7% 5.5% 5.3% 5.1% 4.9% 4.2% 4.1%
# of IPv6 addresses: 1033
Top 10 bandwidth usage (bytes/total in %):
24.2% 9.4% 6.6% 6.5% 5.1% 4.5% 4.4% 4.3% 3.7% 3.6%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004142315.pktlen.png)
detailed numbers
[ 32- 63]: 5707204
[ 64- 127]: 10335178
[ 128- 255]: 2333423
[ 256- 511]: 1690688
[ 512- 1023]: 882228
[ 1024- 2047]: 15662548
Protocol Breakdown
![[protocol breakdown chart]](201004142315.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 36611269 (100.00%) 25502347092 (100.00%) 696.57
ip 36557725 ( 99.85%) 25493383247 ( 99.96%) 697.35
tcp 24984024 ( 68.24%) 20165363762 ( 79.07%) 807.13
http(s) 11829016 ( 32.31%) 16359711920 ( 64.15%) 1383.02
http(c) 6973504 ( 19.05%) 760374191 ( 2.98%) 109.04
squid 341697 ( 0.93%) 150239163 ( 0.59%) 439.69
smtp 429543 ( 1.17%) 91168916 ( 0.36%) 212.25
nntp 11 ( 0.00%) 779 ( 0.00%) 70.82
ftp 27904 ( 0.08%) 2660945 ( 0.01%) 95.36
pop3 12044 ( 0.03%) 9425765 ( 0.04%) 782.61
imap 23613 ( 0.06%) 31716460 ( 0.12%) 1343.18
telnet 232 ( 0.00%) 35357 ( 0.00%) 152.40
ssh 1191417 ( 3.25%) 181115524 ( 0.71%) 152.02
dns 55652 ( 0.15%) 3809630 ( 0.01%) 68.45
bgp 171 ( 0.00%) 62272 ( 0.00%) 364.16
napster 46 ( 0.00%) 13600 ( 0.00%) 295.65
realaud 24 ( 0.00%) 2354 ( 0.00%) 98.08
rtsp 162 ( 0.00%) 28653 ( 0.00%) 176.87
icecast 30882 ( 0.08%) 16241244 ( 0.06%) 525.91
hotline 3 ( 0.00%) 186 ( 0.00%) 62.00
other 4068096 ( 11.11%) 2558756305 ( 10.03%) 628.98
udp 7933514 ( 21.67%) 3846849524 ( 15.08%) 484.89
dns 836322 ( 2.28%) 145597931 ( 0.57%) 174.09
realaud 24 ( 0.00%) 3200 ( 0.00%) 133.33
halflif 110 ( 0.00%) 17893 ( 0.00%) 162.66
starcra 278 ( 0.00%) 33845 ( 0.00%) 121.74
everque 6500 ( 0.02%) 3510330 ( 0.01%) 540.05
unreal 170 ( 0.00%) 25972 ( 0.00%) 152.78
quake 56 ( 0.00%) 4700 ( 0.00%) 83.93
cuseeme 10 ( 0.00%) 832 ( 0.00%) 83.20
other 7089572 ( 19.36%) 3697407592 ( 14.50%) 521.53
icmp 945840 ( 2.58%) 151231220 ( 0.59%) 159.89
ipip 347 ( 0.00%) 42254 ( 0.00%) 121.77
ipsec 721 ( 0.00%) 118942 ( 0.00%) 164.97
ip6 2501223 ( 6.83%) 1308283517 ( 5.13%) 523.06
other 192056 ( 0.52%) 21494028 ( 0.08%) 111.92
frag 2455 ( 0.01%) 2549123 ( 0.01%) 1038.34
ip6 53544 ( 0.15%) 8963845 ( 0.04%) 167.41
tcp6 14561 ( 0.04%) 1695282 ( 0.01%) 116.43
http(s) 130 ( 0.00%) 103098 ( 0.00%) 793.06
http(c) 4598 ( 0.01%) 411036 ( 0.00%) 89.39
smtp 358 ( 0.00%) 184977 ( 0.00%) 516.70
ftp 2166 ( 0.01%) 223132 ( 0.00%) 103.02
imap 365 ( 0.00%) 43108 ( 0.00%) 118.10
ssh 3689 ( 0.01%) 394486 ( 0.00%) 106.94
dns 90 ( 0.00%) 29817 ( 0.00%) 331.30
bgp 110 ( 0.00%) 14268 ( 0.00%) 129.71
other 3055 ( 0.01%) 291360 ( 0.00%) 95.37
udp6 31248 ( 0.09%) 6094653 ( 0.02%) 195.04
dns 30894 ( 0.08%) 6035560 ( 0.02%) 195.36
starcra 1 ( 0.00%) 94 ( 0.00%) 94.00
quake 1 ( 0.00%) 104 ( 0.00%) 104.00
other 352 ( 0.00%) 58895 ( 0.00%) 167.32
icmp6 7664 ( 0.02%) 1136716 ( 0.00%) 148.32
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 41 ( 0.00%) 33114 ( 0.00%) 807.66
tcpdump file: 201004142315.dump.gz (956.46 MB)