Traffic Trace Info
DumpFile: 201004150230.dump
FileSize: 2050.62MB
Id: 201004150230
StartTime: Thu Apr 15 02:30:00 2010
EndTime: Thu Apr 15 02:45:00 2010
TotalTime: 900.01 seconds
TotalCapSize: 1603.08MB CapLen: 96 bytes
# of packets: 29329630 (18888.21MB)
AvgRate: 176.04Mbps stddev:13.87M
IP flow (unique src/dst pair) Information
# of flows: 1387334 (avg. 21.14 pkts/flow)
Top 10 big flow size (bytes/total in %):
1.7% 1.3% 1.1% 0.9% 0.8% 0.8% 0.7% 0.6% 0.5% 0.5%
IP address Information
# of IPv4 addresses: 755987
Top 10 bandwidth usage (bytes/total in %):
17.5% 8.5% 7.0% 6.6% 6.5% 6.3% 2.9% 2.6% 2.5% 2.3%
# of IPv6 addresses: 980
Top 10 bandwidth usage (bytes/total in %):
29.3% 7.0% 6.2% 6.1% 5.4% 5.3% 4.4% 4.4% 2.9% 2.9%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004150230.pktlen.png)
detailed numbers
[ 32- 63]: 4922449
[ 64- 127]: 7791440
[ 128- 255]: 2116606
[ 256- 511]: 1665199
[ 512- 1023]: 717719
[ 1024- 2047]: 12116217
Protocol Breakdown
![[protocol breakdown chart]](201004150230.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 29329630 (100.00%) 19805724379 (100.00%) 675.28
ip 29277383 ( 99.82%) 19797207745 ( 99.96%) 676.19
tcp 18248811 ( 62.22%) 14243862289 ( 71.92%) 780.54
http(s) 8746758 ( 29.82%) 12058155600 ( 60.88%) 1378.59
http(c) 4454273 ( 15.19%) 339840525 ( 1.72%) 76.30
squid 339180 ( 1.16%) 158851977 ( 0.80%) 468.34
smtp 359395 ( 1.23%) 66369475 ( 0.34%) 184.67
nntp 8 ( 0.00%) 606 ( 0.00%) 75.75
ftp 12554 ( 0.04%) 1237534 ( 0.01%) 98.58
pop3 9387 ( 0.03%) 5504275 ( 0.03%) 586.37
imap 1278 ( 0.00%) 300995 ( 0.00%) 235.52
telnet 3490 ( 0.01%) 259105 ( 0.00%) 74.24
ssh 841409 ( 2.87%) 124492438 ( 0.63%) 147.96
dns 52800 ( 0.18%) 3629036 ( 0.02%) 68.73
bgp 147 ( 0.00%) 47947 ( 0.00%) 326.17
napster 23 ( 0.00%) 1987 ( 0.00%) 86.39
realaud 6 ( 0.00%) 430 ( 0.00%) 71.67
rtsp 3056 ( 0.01%) 2683061 ( 0.01%) 877.96
icecast 8496 ( 0.03%) 563900 ( 0.00%) 66.37
hotline 2 ( 0.00%) 124 ( 0.00%) 62.00
other 3416542 ( 11.65%) 1481922854 ( 7.48%) 433.75
udp 7545241 ( 25.73%) 4029528412 ( 20.35%) 534.05
dns 742705 ( 2.53%) 138049865 ( 0.70%) 185.87
rip 15 ( 0.00%) 1159 ( 0.00%) 77.27
realaud 962 ( 0.00%) 60319 ( 0.00%) 62.70
halflif 158 ( 0.00%) 24057 ( 0.00%) 152.26
starcra 314 ( 0.00%) 34608 ( 0.00%) 110.22
everque 3317 ( 0.01%) 2698166 ( 0.01%) 813.44
unreal 229 ( 0.00%) 35659 ( 0.00%) 155.72
quake 26 ( 0.00%) 2829 ( 0.00%) 108.81
cuseeme 4 ( 0.00%) 458 ( 0.00%) 114.50
other 6797130 ( 23.17%) 3888392235 ( 19.63%) 572.06
icmp 1078197 ( 3.68%) 194014971 ( 0.98%) 179.94
ipip 317 ( 0.00%) 37878 ( 0.00%) 119.49
ipsec 3047 ( 0.01%) 788378 ( 0.00%) 258.74
ip6 2342542 ( 7.99%) 1259472628 ( 6.36%) 537.65
other 59228 ( 0.20%) 69503189 ( 0.35%) 1173.49
frag 7037 ( 0.02%) 8504723 ( 0.04%) 1208.57
ip6 52247 ( 0.18%) 8516634 ( 0.04%) 163.01
tcp6 17652 ( 0.06%) 2383186 ( 0.01%) 135.01
http(s) 18 ( 0.00%) 7366 ( 0.00%) 409.22
http(c) 6147 ( 0.02%) 603900 ( 0.00%) 98.24
smtp 571 ( 0.00%) 273849 ( 0.00%) 479.60
ftp 2555 ( 0.01%) 264247 ( 0.00%) 103.42
imap 246 ( 0.00%) 28363 ( 0.00%) 115.30
ssh 3228 ( 0.01%) 267668 ( 0.00%) 82.92
dns 131 ( 0.00%) 32638 ( 0.00%) 249.15
bgp 104 ( 0.00%) 13402 ( 0.00%) 128.87
other 4652 ( 0.02%) 891753 ( 0.00%) 191.69
udp6 27487 ( 0.09%) 5237227 ( 0.03%) 190.53
dns 26667 ( 0.09%) 5134453 ( 0.03%) 192.54
quake 1 ( 0.00%) 103 ( 0.00%) 103.00
other 819 ( 0.00%) 102671 ( 0.00%) 125.36
icmp6 7035 ( 0.02%) 857521 ( 0.00%) 121.89
pim6 31 ( 0.00%) 4216 ( 0.00%) 136.00
other6 42 ( 0.00%) 34484 ( 0.00%) 821.05
tcpdump file: 201004150230.dump.gz (761.82 MB)