Traffic Trace Info
DumpFile: 201004150100.dump
FileSize: 2109.21MB
Id: 201004150100
StartTime: Thu Apr 15 01:00:01 2010
EndTime: Thu Apr 15 01:15:01 2010
TotalTime: 899.67 seconds
TotalCapSize: 1646.36MB CapLen: 96 bytes
# of packets: 30332619 (18111.22MB)
AvgRate: 168.88Mbps stddev:15.43M
IP flow (unique src/dst pair) Information
# of flows: 1180880 (avg. 25.69 pkts/flow)
Top 10 big flow size (bytes/total in %):
2.4% 1.9% 0.9% 0.6% 0.6% 0.5% 0.5% 0.5% 0.5% 0.4%
IP address Information
# of IPv4 addresses: 643564
Top 10 bandwidth usage (bytes/total in %):
16.4% 7.9% 6.8% 6.0% 5.9% 5.5% 3.4% 2.9% 2.6% 2.6%
# of IPv6 addresses: 1001
Top 10 bandwidth usage (bytes/total in %):
48.4% 48.3% 14.3% 5.1% 3.5% 3.4% 2.2% 2.2% 2.1% 1.7%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004150100.pktlen.png)
detailed numbers
[ 32- 63]: 5055629
[ 64- 127]: 9014351
[ 128- 255]: 2400553
[ 256- 511]: 1624421
[ 512- 1023]: 860621
[ 1024- 2047]: 11377044
Protocol Breakdown
![[protocol breakdown chart]](201004150100.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 30332619 (100.00%) 18990994255 (100.00%) 626.09
ip 30255129 ( 99.74%) 18973502287 ( 99.91%) 627.12
tcp 18492850 ( 60.97%) 13499926363 ( 71.09%) 730.01
http(s) 7900310 ( 26.05%) 10731026775 ( 56.51%) 1358.30
http(c) 4617996 ( 15.22%) 449676112 ( 2.37%) 97.37
squid 446186 ( 1.47%) 216025153 ( 1.14%) 484.16
smtp 450000 ( 1.48%) 144411640 ( 0.76%) 320.91
ftp 19196 ( 0.06%) 2153919 ( 0.01%) 112.21
pop3 12665 ( 0.04%) 9888094 ( 0.05%) 780.74
imap 2796 ( 0.01%) 1387848 ( 0.01%) 496.37
telnet 568 ( 0.00%) 71475 ( 0.00%) 125.84
ssh 1440059 ( 4.75%) 217259208 ( 1.14%) 150.87
dns 54740 ( 0.18%) 3798810 ( 0.02%) 69.40
bgp 147 ( 0.00%) 55202 ( 0.00%) 375.52
napster 15 ( 0.00%) 1050 ( 0.00%) 70.00
realaud 54 ( 0.00%) 8868 ( 0.00%) 164.22
rtsp 6402 ( 0.02%) 493827 ( 0.00%) 77.14
icecast 8460 ( 0.03%) 559214 ( 0.00%) 66.10
hotline 2 ( 0.00%) 132 ( 0.00%) 66.00
other 3533251 ( 11.65%) 1723108856 ( 9.07%) 487.68
udp 7959154 ( 26.24%) 3932897746 ( 20.71%) 494.14
dns 784090 ( 2.58%) 136493736 ( 0.72%) 174.08
realaud 19 ( 0.00%) 2244 ( 0.00%) 118.11
halflif 145 ( 0.00%) 23433 ( 0.00%) 161.61
starcra 305 ( 0.00%) 37400 ( 0.00%) 122.62
everque 1300 ( 0.00%) 457087 ( 0.00%) 351.61
unreal 234 ( 0.00%) 39654 ( 0.00%) 169.46
quake 32 ( 0.00%) 2717 ( 0.00%) 84.91
cuseeme 2 ( 0.00%) 164 ( 0.00%) 82.00
other 7172718 ( 23.65%) 3795652648 ( 19.99%) 529.18
icmp 1090079 ( 3.59%) 171591491 ( 0.90%) 157.41
ipip 316 ( 0.00%) 40422 ( 0.00%) 127.92
ipsec 691 ( 0.00%) 113434 ( 0.00%) 164.16
ip6 2395894 ( 7.90%) 1301142051 ( 6.85%) 543.07
other 316145 ( 1.04%) 67790780 ( 0.36%) 214.43
frag 1527 ( 0.01%) 1617403 ( 0.01%) 1059.20
ip6 77490 ( 0.26%) 17491968 ( 0.09%) 225.73
tcp6 38740 ( 0.13%) 10455277 ( 0.06%) 269.88
http(s) 45 ( 0.00%) 32521 ( 0.00%) 722.69
http(c) 4973 ( 0.02%) 453820 ( 0.00%) 91.26
smtp 528 ( 0.00%) 256623 ( 0.00%) 486.03
ftp 2133 ( 0.01%) 219615 ( 0.00%) 102.96
imap 267 ( 0.00%) 30289 ( 0.00%) 113.44
ssh 3210 ( 0.01%) 266140 ( 0.00%) 82.91
dns 205 ( 0.00%) 67824 ( 0.00%) 330.85
bgp 122 ( 0.00%) 16737 ( 0.00%) 137.19
other 27257 ( 0.09%) 9111708 ( 0.05%) 334.29
udp6 30778 ( 0.10%) 5965537 ( 0.03%) 193.82
dns 29966 ( 0.10%) 5871287 ( 0.03%) 195.93
other 812 ( 0.00%) 94250 ( 0.00%) 116.07
icmp6 7816 ( 0.03%) 958170 ( 0.01%) 122.59
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 126 ( 0.00%) 108904 ( 0.00%) 864.32
tcpdump file: 201004150100.dump.gz (800.06 MB)