Traffic Trace Info
DumpFile: 201004150215.dump
FileSize: 2035.92MB
Id: 201004150215
StartTime: Thu Apr 15 02:15:01 2010
EndTime: Thu Apr 15 02:30:00 2010
TotalTime: 899.86 seconds
TotalCapSize: 1591.22MB CapLen: 96 bytes
# of packets: 29142895 (18672.67MB)
AvgRate: 174.05Mbps stddev:14.81M
IP flow (unique src/dst pair) Information
# of flows: 1316213 (avg. 22.14 pkts/flow)
Top 10 big flow size (bytes/total in %):
1.7% 1.7% 1.6% 1.2% 1.1% 1.1% 0.9% 0.7% 0.6% 0.6%
IP address Information
# of IPv4 addresses: 690011
Top 10 bandwidth usage (bytes/total in %):
18.3% 7.7% 7.2% 6.9% 6.1% 5.8% 2.7% 2.6% 2.5% 2.2%
# of IPv6 addresses: 1007
Top 10 bandwidth usage (bytes/total in %):
30.3% 7.5% 6.8% 6.7% 5.5% 5.4% 3.1% 2.8% 2.8% 2.8%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004150215.pktlen.png)
detailed numbers
[ 32- 63]: 4620619
[ 64- 127]: 7836832
[ 128- 255]: 2219862
[ 256- 511]: 1737552
[ 512- 1023]: 805092
[ 1024- 2047]: 11922938
Protocol Breakdown
![[protocol breakdown chart]](201004150215.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 29142895 (100.00%) 19579708841 (100.00%) 671.85
ip 29090402 ( 99.82%) 19571458029 ( 99.96%) 672.78
tcp 17580765 ( 60.33%) 13683399799 ( 69.89%) 778.32
http(s) 8518398 ( 29.23%) 11722938572 ( 59.87%) 1376.19
http(c) 4400744 ( 15.10%) 357750236 ( 1.83%) 81.29
squid 342119 ( 1.17%) 165736954 ( 0.85%) 484.44
smtp 369205 ( 1.27%) 61660778 ( 0.31%) 167.01
ftp 12354 ( 0.04%) 1230020 ( 0.01%) 99.56
pop3 8992 ( 0.03%) 5066261 ( 0.03%) 563.42
imap 1820 ( 0.01%) 530873 ( 0.00%) 291.69
telnet 2684 ( 0.01%) 193091 ( 0.00%) 71.94
ssh 758793 ( 2.60%) 108493242 ( 0.55%) 142.98
dns 54202 ( 0.19%) 3719371 ( 0.02%) 68.62
bgp 156 ( 0.00%) 64467 ( 0.00%) 413.25
realaud 7 ( 0.00%) 1262 ( 0.00%) 180.29
rtsp 8311 ( 0.03%) 2999377 ( 0.02%) 360.89
icecast 8477 ( 0.03%) 561325 ( 0.00%) 66.22
hotline 12 ( 0.00%) 1033 ( 0.00%) 86.08
other 3094489 ( 10.62%) 1252452817 ( 6.40%) 404.74
udp 8008219 ( 27.48%) 4337816520 ( 22.15%) 541.67
dns 800924 ( 2.75%) 166772985 ( 0.85%) 208.23
rip 12 ( 0.00%) 934 ( 0.00%) 77.83
realaud 965 ( 0.00%) 59699 ( 0.00%) 61.86
halflif 216 ( 0.00%) 32768 ( 0.00%) 151.70
starcra 340 ( 0.00%) 36660 ( 0.00%) 107.82
everque 1469 ( 0.01%) 856256 ( 0.00%) 582.88
unreal 201 ( 0.00%) 31417 ( 0.00%) 156.30
quake 28 ( 0.00%) 2425 ( 0.00%) 86.61
cuseeme 30 ( 0.00%) 3328 ( 0.00%) 110.93
other 7203646 ( 24.72%) 4169812081 ( 21.30%) 578.85
icmp 1031167 ( 3.54%) 181045027 ( 0.92%) 175.57
ipip 346 ( 0.00%) 42314 ( 0.00%) 122.29
ipsec 4899 ( 0.02%) 2378714 ( 0.01%) 485.55
ip6 2459120 ( 8.44%) 1365875667 ( 6.98%) 555.43
other 5886 ( 0.02%) 899988 ( 0.00%) 152.90
frag 21214 ( 0.07%) 26269192 ( 0.13%) 1238.30
ip6 52491 ( 0.18%) 8250692 ( 0.04%) 157.18
tcp6 16475 ( 0.06%) 1893125 ( 0.01%) 114.91
http(s) 47 ( 0.00%) 26999 ( 0.00%) 574.45
http(c) 5321 ( 0.02%) 474038 ( 0.00%) 89.09
smtp 424 ( 0.00%) 172147 ( 0.00%) 406.01
ftp 2555 ( 0.01%) 263334 ( 0.00%) 103.07
imap 360 ( 0.00%) 42116 ( 0.00%) 116.99
ssh 3017 ( 0.01%) 250562 ( 0.00%) 83.05
dns 91 ( 0.00%) 35261 ( 0.00%) 387.48
bgp 108 ( 0.00%) 13874 ( 0.00%) 128.46
other 4552 ( 0.02%) 614794 ( 0.00%) 135.06
udp6 28591 ( 0.10%) 5395618 ( 0.03%) 188.72
dns 27754 ( 0.10%) 5291967 ( 0.03%) 190.67
other 837 ( 0.00%) 103651 ( 0.00%) 123.84
icmp6 7318 ( 0.03%) 883113 ( 0.00%) 120.68
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 77 ( 0.00%) 74756 ( 0.00%) 970.86
tcpdump file: 201004150215.dump.gz (756.93 MB)