Traffic Trace Info
DumpFile: 201004150200.dump
FileSize: 2064.39MB
Id: 201004150200
StartTime: Thu Apr 15 02:00:00 2010
EndTime: Thu Apr 15 02:15:01 2010
TotalTime: 900.18 seconds
TotalCapSize: 1614.24MB CapLen: 96 bytes
# of packets: 29500462 (18753.33MB)
AvgRate: 174.76Mbps stddev:13.54M
IP flow (unique src/dst pair) Information
# of flows: 1289460 (avg. 22.88 pkts/flow)
Top 10 big flow size (bytes/total in %):
1.9% 1.5% 1.1% 0.9% 0.9% 0.8% 0.6% 0.6% 0.6% 0.5%
IP address Information
# of IPv4 addresses: 715538
Top 10 bandwidth usage (bytes/total in %):
16.9% 9.3% 7.1% 7.0% 6.9% 6.2% 2.8% 2.6% 2.0% 2.0%
# of IPv6 addresses: 971
Top 10 bandwidth usage (bytes/total in %):
28.9% 7.1% 6.8% 5.7% 4.9% 4.8% 3.8% 3.5% 3.5% 3.1%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004150200.pktlen.png)
detailed numbers
[ 32- 63]: 4762202
[ 64- 127]: 8055084
[ 128- 255]: 2206096
[ 256- 511]: 1722116
[ 512- 1023]: 846906
[ 1024- 2047]: 11908058
Protocol Breakdown
![[protocol breakdown chart]](201004150200.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 29500462 (100.00%) 19664288688 (100.00%) 666.58
ip 29444057 ( 99.81%) 19655628335 ( 99.96%) 667.56
tcp 17982224 ( 60.96%) 13916516779 ( 70.77%) 773.90
http(s) 8321275 ( 28.21%) 11386169829 ( 57.90%) 1368.32
http(c) 4399872 ( 14.91%) 356066856 ( 1.81%) 80.93
squid 374549 ( 1.27%) 184479455 ( 0.94%) 492.54
smtp 343644 ( 1.16%) 68154043 ( 0.35%) 198.33
ftp 19453 ( 0.07%) 1899777 ( 0.01%) 97.66
pop3 9773 ( 0.03%) 5852405 ( 0.03%) 598.83
imap 2183 ( 0.01%) 579215 ( 0.00%) 265.33
telnet 1605 ( 0.01%) 140462 ( 0.00%) 87.52
ssh 871120 ( 2.95%) 133544553 ( 0.68%) 153.30
dns 52471 ( 0.18%) 3597055 ( 0.02%) 68.55
bgp 162 ( 0.00%) 56185 ( 0.00%) 346.82
napster 18 ( 0.00%) 1767 ( 0.00%) 98.17
realaud 4 ( 0.00%) 296 ( 0.00%) 74.00
rtsp 8142 ( 0.03%) 3056038 ( 0.02%) 375.34
icecast 8435 ( 0.03%) 556110 ( 0.00%) 65.93
other 3569518 ( 12.10%) 1772362733 ( 9.01%) 496.53
udp 7870996 ( 26.68%) 4111019854 ( 20.91%) 522.30
dns 785091 ( 2.66%) 155764077 ( 0.79%) 198.40
rip 6 ( 0.00%) 450 ( 0.00%) 75.00
realaud 670 ( 0.00%) 44262 ( 0.00%) 66.06
halflif 151 ( 0.00%) 24867 ( 0.00%) 164.68
starcra 407 ( 0.00%) 44842 ( 0.00%) 110.18
everque 809 ( 0.00%) 207725 ( 0.00%) 256.77
unreal 254 ( 0.00%) 41086 ( 0.00%) 161.76
quake 23 ( 0.00%) 2483 ( 0.00%) 107.96
cuseeme 15 ( 0.00%) 1885 ( 0.00%) 125.67
other 7083211 ( 24.01%) 3954707142 ( 20.11%) 558.32
icmp 1079914 ( 3.66%) 192961889 ( 0.98%) 178.68
ipip 333 ( 0.00%) 40244 ( 0.00%) 120.85
ipsec 1134 ( 0.00%) 258268 ( 0.00%) 227.75
ip6 2485384 ( 8.42%) 1418860854 ( 7.22%) 570.88
other 24072 ( 0.08%) 15970447 ( 0.08%) 663.44
frag 18835 ( 0.06%) 22585349 ( 0.11%) 1199.12
ip6 56405 ( 0.19%) 8660353 ( 0.04%) 153.54
tcp6 20663 ( 0.07%) 2405672 ( 0.01%) 116.42
http(s) 28 ( 0.00%) 15908 ( 0.00%) 568.14
http(c) 9633 ( 0.03%) 830800 ( 0.00%) 86.25
smtp 241 ( 0.00%) 99711 ( 0.00%) 413.74
ftp 2368 ( 0.01%) 243479 ( 0.00%) 102.82
imap 323 ( 0.00%) 35628 ( 0.00%) 110.30
ssh 3215 ( 0.01%) 266538 ( 0.00%) 82.90
dns 112 ( 0.00%) 22685 ( 0.00%) 202.54
bgp 105 ( 0.00%) 13598 ( 0.00%) 129.50
other 4638 ( 0.02%) 877325 ( 0.00%) 189.16
udp6 28600 ( 0.10%) 5351848 ( 0.03%) 187.13
dns 27828 ( 0.09%) 5258167 ( 0.03%) 188.95
other 772 ( 0.00%) 93681 ( 0.00%) 121.35
icmp6 7062 ( 0.02%) 855577 ( 0.00%) 121.15
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 50 ( 0.00%) 43176 ( 0.00%) 863.52
tcpdump file: 201004150200.dump.gz (771.70 MB)