Traffic Trace Info
DumpFile: 201004150330.dump
FileSize: 1910.58MB
Id: 201004150330
StartTime: Thu Apr 15 03:30:00 2010
EndTime: Thu Apr 15 03:45:01 2010
TotalTime: 900.29 seconds
TotalCapSize: 1501.23MB CapLen: 96 bytes
# of packets: 26826162 (16940.76MB)
AvgRate: 157.84Mbps stddev:12.97M
IP flow (unique src/dst pair) Information
# of flows: 1142623 (avg. 23.48 pkts/flow)
Top 10 big flow size (bytes/total in %):
1.8% 1.3% 0.9% 0.8% 0.7% 0.7% 0.7% 0.7% 0.6% 0.6%
IP address Information
# of IPv4 addresses: 624837
Top 10 bandwidth usage (bytes/total in %):
19.5% 12.5% 7.3% 6.5% 6.2% 6.2% 3.3% 3.3% 2.1% 1.9%
# of IPv6 addresses: 935
Top 10 bandwidth usage (bytes/total in %):
31.4% 8.0% 7.9% 7.5% 6.3% 6.1% 2.9% 2.9% 2.9% 2.9%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004150330.pktlen.png)
detailed numbers
[ 32- 63]: 4108342
[ 64- 127]: 7316743
[ 128- 255]: 2154084
[ 256- 511]: 1719587
[ 512- 1023]: 691615
[ 1024- 2047]: 10835791
Protocol Breakdown
![[protocol breakdown chart]](201004150330.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 26826162 (100.00%) 17763678979 (100.00%) 662.18
ip 26773859 ( 99.81%) 17755727407 ( 99.96%) 663.17
tcp 15021576 ( 56.00%) 11463477132 ( 64.53%) 763.13
http(s) 6925466 ( 25.82%) 9579334527 ( 53.93%) 1383.20
http(c) 3605349 ( 13.44%) 279054335 ( 1.57%) 77.40
squid 296573 ( 1.11%) 96368393 ( 0.54%) 324.94
smtp 340529 ( 1.27%) 128827593 ( 0.73%) 378.32
nntp 30 ( 0.00%) 3253 ( 0.00%) 108.43
ftp 11781 ( 0.04%) 1145104 ( 0.01%) 97.20
pop3 9390 ( 0.04%) 6362452 ( 0.04%) 677.58
imap 677 ( 0.00%) 103510 ( 0.00%) 152.90
telnet 4478 ( 0.02%) 328261 ( 0.00%) 73.31
ssh 677977 ( 2.53%) 100966374 ( 0.57%) 148.92
dns 54912 ( 0.20%) 5158690 ( 0.03%) 93.94
bgp 198 ( 0.00%) 81508 ( 0.00%) 411.66
napster 32 ( 0.00%) 3296 ( 0.00%) 103.00
realaud 131 ( 0.00%) 8629 ( 0.00%) 65.87
rtsp 2535 ( 0.01%) 2634077 ( 0.01%) 1039.08
icecast 8479 ( 0.03%) 562118 ( 0.00%) 66.30
hotline 22 ( 0.00%) 1642 ( 0.00%) 74.64
other 3083014 ( 11.49%) 1262533190 ( 7.11%) 409.51
udp 7062006 ( 26.33%) 3847531506 ( 21.66%) 544.82
dns 695566 ( 2.59%) 121996567 ( 0.69%) 175.39
realaud 253 ( 0.00%) 16752 ( 0.00%) 66.21
halflif 224 ( 0.00%) 31155 ( 0.00%) 139.08
starcra 237 ( 0.00%) 26806 ( 0.00%) 113.11
everque 635 ( 0.00%) 117725 ( 0.00%) 185.39
unreal 141 ( 0.00%) 23612 ( 0.00%) 167.46
quake 15 ( 0.00%) 1470 ( 0.00%) 98.00
cuseeme 3 ( 0.00%) 260 ( 0.00%) 86.67
other 6363433 ( 23.72%) 3724679521 ( 20.97%) 585.33
icmp 1105871 ( 4.12%) 194811035 ( 1.10%) 176.16
ipip 318 ( 0.00%) 37892 ( 0.00%) 119.16
ipsec 3069 ( 0.01%) 944146 ( 0.01%) 307.64
ip6 3563723 ( 13.28%) 2235463142 ( 12.58%) 627.28
other 17296 ( 0.06%) 13462554 ( 0.08%) 778.36
frag 7019 ( 0.03%) 7886749 ( 0.04%) 1123.63
ip6 52303 ( 0.19%) 7951572 ( 0.04%) 152.03
tcp6 17921 ( 0.07%) 1911931 ( 0.01%) 106.69
http(s) 145 ( 0.00%) 106148 ( 0.00%) 732.06
http(c) 5457 ( 0.02%) 482565 ( 0.00%) 88.43
smtp 100 ( 0.00%) 37820 ( 0.00%) 378.20
ftp 2269 ( 0.01%) 229514 ( 0.00%) 101.15
ssh 3227 ( 0.01%) 267570 ( 0.00%) 82.92
dns 102 ( 0.00%) 22062 ( 0.00%) 216.29
bgp 100 ( 0.00%) 12573 ( 0.00%) 125.73
napster 11 ( 0.00%) 2388 ( 0.00%) 217.09
other 6510 ( 0.02%) 751291 ( 0.00%) 115.41
udp6 27391 ( 0.10%) 5141334 ( 0.03%) 187.70
dns 26772 ( 0.10%) 5076379 ( 0.03%) 189.62
quake 1 ( 0.00%) 105 ( 0.00%) 105.00
other 618 ( 0.00%) 64850 ( 0.00%) 104.94
icmp6 6903 ( 0.03%) 842442 ( 0.00%) 122.04
pim6 31 ( 0.00%) 4216 ( 0.00%) 136.00
other6 57 ( 0.00%) 51649 ( 0.00%) 906.12
tcpdump file: 201004150330.dump.gz (698.83 MB)