Traffic Trace Info
DumpFile: 201004150145.dump
FileSize: 2008.17MB
Id: 201004150145
StartTime: Thu Apr 15 01:45:00 2010
EndTime: Thu Apr 15 02:00:00 2010
TotalTime: 899.96 seconds
TotalCapSize: 1571.50MB CapLen: 96 bytes
# of packets: 28617121 (17676.92MB)
AvgRate: 164.75Mbps stddev:12.73M
IP flow (unique src/dst pair) Information
# of flows: 1186777 (avg. 24.11 pkts/flow)
Top 10 big flow size (bytes/total in %):
1.5% 0.7% 0.6% 0.6% 0.5% 0.5% 0.5% 0.5% 0.5% 0.5%
IP address Information
# of IPv4 addresses: 652529
Top 10 bandwidth usage (bytes/total in %):
15.3% 8.7% 7.8% 7.6% 7.5% 7.5% 3.1% 2.5% 2.0% 1.7%
# of IPv6 addresses: 985
Top 10 bandwidth usage (bytes/total in %):
30.4% 7.2% 6.3% 5.9% 5.1% 5.0% 3.2% 3.1% 3.0% 2.8%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004150145.pktlen.png)
detailed numbers
[ 32- 63]: 4726562
[ 64- 127]: 8255062
[ 128- 255]: 2116743
[ 256- 511]: 1572405
[ 512- 1023]: 757523
[ 1024- 2047]: 11188826
Protocol Breakdown
![[protocol breakdown chart]](201004150145.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 28617121 (100.00%) 18535589327 (100.00%) 647.71
ip 28565161 ( 99.82%) 18527379466 ( 99.96%) 648.60
tcp 17583554 ( 61.44%) 13348268703 ( 72.01%) 759.13
http(s) 7891638 ( 27.58%) 10822247352 ( 58.39%) 1371.36
http(c) 4411399 ( 15.42%) 395783649 ( 2.14%) 89.72
squid 395587 ( 1.38%) 199788251 ( 1.08%) 505.04
smtp 325082 ( 1.14%) 59684027 ( 0.32%) 183.60
ftp 18801 ( 0.07%) 1805648 ( 0.01%) 96.04
pop3 12115 ( 0.04%) 8588154 ( 0.05%) 708.89
imap 1608 ( 0.01%) 484634 ( 0.00%) 301.39
telnet 912 ( 0.00%) 78004 ( 0.00%) 85.53
ssh 1018883 ( 3.56%) 153842790 ( 0.83%) 150.99
dns 66029 ( 0.23%) 4475487 ( 0.02%) 67.78
bgp 152 ( 0.00%) 49075 ( 0.00%) 322.86
napster 13 ( 0.00%) 1160 ( 0.00%) 89.23
realaud 3 ( 0.00%) 186 ( 0.00%) 62.00
rtsp 9211 ( 0.03%) 2634584 ( 0.01%) 286.03
icecast 8526 ( 0.03%) 568251 ( 0.00%) 66.65
hotline 1 ( 0.00%) 60 ( 0.00%) 60.00
other 3423592 ( 11.96%) 1698237271 ( 9.16%) 496.04
udp 7380073 ( 25.79%) 3581199396 ( 19.32%) 485.25
dns 751022 ( 2.62%) 130693837 ( 0.71%) 174.02
realaud 20 ( 0.00%) 2789 ( 0.00%) 139.45
halflif 156 ( 0.00%) 24472 ( 0.00%) 156.87
starcra 375 ( 0.00%) 39675 ( 0.00%) 105.80
everque 773 ( 0.00%) 143114 ( 0.00%) 185.14
unreal 162 ( 0.00%) 25040 ( 0.00%) 154.57
quake 20 ( 0.00%) 1608 ( 0.00%) 80.40
cuseeme 11 ( 0.00%) 1986 ( 0.00%) 180.55
other 6627079 ( 23.16%) 3450026014 ( 18.61%) 520.60
icmp 1018423 ( 3.56%) 165751144 ( 0.89%) 162.75
ipip 350 ( 0.00%) 42340 ( 0.00%) 120.97
ipsec 2296 ( 0.01%) 1025816 ( 0.01%) 446.78
ip6 2570919 ( 8.98%) 1428475605 ( 7.71%) 555.63
other 9546 ( 0.03%) 2616462 ( 0.01%) 274.09
frag 1676 ( 0.01%) 1712578 ( 0.01%) 1021.82
ip6 51960 ( 0.18%) 8209861 ( 0.04%) 158.00
tcp6 15709 ( 0.05%) 1822413 ( 0.01%) 116.01
http(s) 93 ( 0.00%) 60987 ( 0.00%) 655.77
http(c) 5058 ( 0.02%) 452953 ( 0.00%) 89.55
smtp 506 ( 0.00%) 215616 ( 0.00%) 426.12
ftp 2294 ( 0.01%) 241131 ( 0.00%) 105.11
imap 353 ( 0.00%) 41406 ( 0.00%) 117.30
ssh 3241 ( 0.01%) 269106 ( 0.00%) 83.03
dns 116 ( 0.00%) 32547 ( 0.00%) 280.58
bgp 107 ( 0.00%) 13526 ( 0.00%) 126.41
other 3941 ( 0.01%) 495141 ( 0.00%) 125.64
udp6 29075 ( 0.10%) 5482467 ( 0.03%) 188.56
dns 28208 ( 0.10%) 5378381 ( 0.03%) 190.67
other 867 ( 0.00%) 104086 ( 0.00%) 120.05
icmp6 7102 ( 0.02%) 864406 ( 0.00%) 121.71
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 44 ( 0.00%) 36495 ( 0.00%) 829.43
tcpdump file: 201004150145.dump.gz (756.79 MB)