Traffic Trace Info
DumpFile: 201004150130.dump
FileSize: 2071.05MB
Id: 201004150130
StartTime: Thu Apr 15 01:30:00 2010
EndTime: Thu Apr 15 01:45:00 2010
TotalTime: 899.96 seconds
TotalCapSize: 1620.22MB CapLen: 96 bytes
# of packets: 29545073 (18340.03MB)
AvgRate: 170.96Mbps stddev:14.94M
IP flow (unique src/dst pair) Information
# of flows: 1215810 (avg. 24.30 pkts/flow)
Top 10 big flow size (bytes/total in %):
5.8% 1.4% 0.7% 0.5% 0.5% 0.5% 0.5% 0.5% 0.5% 0.5%
IP address Information
# of IPv4 addresses: 690175
Top 10 bandwidth usage (bytes/total in %):
14.3% 7.8% 7.1% 6.9% 6.8% 6.4% 6.3% 5.8% 3.4% 2.6%
# of IPv6 addresses: 1046
Top 10 bandwidth usage (bytes/total in %):
29.8% 7.1% 6.5% 5.9% 4.8% 4.7% 4.6% 4.6% 3.2% 3.1%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004150130.pktlen.png)
detailed numbers
[ 32- 63]: 4921513
[ 64- 127]: 8358096
[ 128- 255]: 2269203
[ 256- 511]: 1600941
[ 512- 1023]: 796014
[ 1024- 2047]: 11599306
Protocol Breakdown
![[protocol breakdown chart]](201004150130.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 29545073 (100.00%) 19230910099 (100.00%) 650.90
ip 29493460 ( 99.83%) 19222519370 ( 99.96%) 651.76
tcp 18279295 ( 61.87%) 14047283093 ( 73.05%) 768.48
http(s) 8528011 ( 28.86%) 11681899534 ( 60.75%) 1369.83
http(c) 4420490 ( 14.96%) 422292851 ( 2.20%) 95.53
squid 366342 ( 1.24%) 167040336 ( 0.87%) 455.97
smtp 371320 ( 1.26%) 75204690 ( 0.39%) 202.53
ftp 33681 ( 0.11%) 23818261 ( 0.12%) 707.17
pop3 11859 ( 0.04%) 8639357 ( 0.04%) 728.51
imap 1552 ( 0.01%) 366736 ( 0.00%) 236.30
telnet 1187 ( 0.00%) 111372 ( 0.00%) 93.83
ssh 1142433 ( 3.87%) 172817988 ( 0.90%) 151.27
dns 52803 ( 0.18%) 3615134 ( 0.02%) 68.46
bgp 163 ( 0.00%) 69610 ( 0.00%) 427.06
realaud 45 ( 0.00%) 6238 ( 0.00%) 138.62
rtsp 21936 ( 0.07%) 11408013 ( 0.06%) 520.06
icecast 8369 ( 0.03%) 552477 ( 0.00%) 66.01
hotline 1 ( 0.00%) 60 ( 0.00%) 60.00
other 3319102 ( 11.23%) 1479440376 ( 7.69%) 445.74
udp 7609592 ( 25.76%) 3585308498 ( 18.64%) 471.16
dns 773750 ( 2.62%) 136275599 ( 0.71%) 176.12
rip 9 ( 0.00%) 675 ( 0.00%) 75.00
realaud 46 ( 0.00%) 4057 ( 0.00%) 88.20
halflif 162 ( 0.00%) 24412 ( 0.00%) 150.69
starcra 295 ( 0.00%) 35752 ( 0.00%) 121.19
everque 16190 ( 0.05%) 2772040 ( 0.01%) 171.22
unreal 155 ( 0.00%) 24647 ( 0.00%) 159.01
quake 29 ( 0.00%) 3542 ( 0.00%) 122.14
cuseeme 15 ( 0.00%) 2607 ( 0.00%) 173.80
other 6818491 ( 23.08%) 3445910508 ( 17.92%) 505.38
icmp 1076032 ( 3.64%) 175078592 ( 0.91%) 162.71
ipip 308 ( 0.00%) 37222 ( 0.00%) 120.85
ipsec 2072 ( 0.01%) 771808 ( 0.00%) 372.49
ip6 2492710 ( 8.44%) 1381255466 ( 7.18%) 554.12
other 33451 ( 0.11%) 32784691 ( 0.17%) 980.08
frag 2109 ( 0.01%) 2225714 ( 0.01%) 1055.34
ip6 51613 ( 0.17%) 8390729 ( 0.04%) 162.57
tcp6 15463 ( 0.05%) 2029266 ( 0.01%) 131.23
http(s) 293 ( 0.00%) 378696 ( 0.00%) 1292.48
http(c) 5122 ( 0.02%) 473123 ( 0.00%) 92.37
smtp 245 ( 0.00%) 91750 ( 0.00%) 374.49
ftp 2229 ( 0.01%) 229567 ( 0.00%) 102.99
imap 252 ( 0.00%) 28807 ( 0.00%) 114.31
ssh 3225 ( 0.01%) 267402 ( 0.00%) 82.92
dns 128 ( 0.00%) 29382 ( 0.00%) 229.55
bgp 113 ( 0.00%) 15463 ( 0.00%) 136.84
other 3856 ( 0.01%) 515076 ( 0.00%) 133.58
udp6 28951 ( 0.10%) 5452142 ( 0.03%) 188.32
dns 28170 ( 0.10%) 5361385 ( 0.03%) 190.32
other 781 ( 0.00%) 90757 ( 0.00%) 116.21
icmp6 7112 ( 0.02%) 856511 ( 0.00%) 120.43
pim6 31 ( 0.00%) 4216 ( 0.00%) 136.00
other6 56 ( 0.00%) 48594 ( 0.00%) 867.75
tcpdump file: 201004150130.dump.gz (779.37 MB)