Traffic Trace Info
DumpFile: 201004150400.dump
FileSize: 1935.60MB
Id: 201004150400
StartTime: Thu Apr 15 04:00:01 2010
EndTime: Thu Apr 15 04:15:00 2010
TotalTime: 899.37 seconds
TotalCapSize: 1520.14MB CapLen: 96 bytes
# of packets: 27227052 (16779.32MB)
AvgRate: 156.53Mbps stddev:15.09M
IP flow (unique src/dst pair) Information
# of flows: 1240727 (avg. 21.94 pkts/flow)
Top 10 big flow size (bytes/total in %):
1.9% 1.8% 1.4% 0.9% 0.7% 0.6% 0.5% 0.5% 0.5% 0.5%
IP address Information
# of IPv4 addresses: 671939
Top 10 bandwidth usage (bytes/total in %):
20.2% 11.4% 8.4% 6.9% 6.4% 5.6% 4.3% 3.6% 2.8% 2.5%
# of IPv6 addresses: 1016
Top 10 bandwidth usage (bytes/total in %):
24.4% 12.2% 12.0% 6.1% 5.8% 5.2% 5.1% 4.3% 4.1% 2.9%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004150400.pktlen.png)
detailed numbers
[ 32- 63]: 4326993
[ 64- 127]: 7605539
[ 128- 255]: 2295650
[ 256- 511]: 1659268
[ 512- 1023]: 619567
[ 1024- 2047]: 10720035
Protocol Breakdown
![[protocol breakdown chart]](201004150400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 27227052 (100.00%) 17594392409 (100.00%) 646.21
ip 27157951 ( 99.75%) 17584147876 ( 99.94%) 647.48
tcp 15462865 ( 56.79%) 11404110969 ( 64.82%) 737.52
http(s) 6946539 ( 25.51%) 9654240389 ( 54.87%) 1389.79
http(c) 4107957 ( 15.09%) 318472911 ( 1.81%) 77.53
squid 315463 ( 1.16%) 105989792 ( 0.60%) 335.98
smtp 320916 ( 1.18%) 80048684 ( 0.45%) 249.44
ftp 13586 ( 0.05%) 1305457 ( 0.01%) 96.09
pop3 8194 ( 0.03%) 4294738 ( 0.02%) 524.13
imap 1088 ( 0.00%) 469482 ( 0.00%) 431.51
telnet 1838 ( 0.01%) 153860 ( 0.00%) 83.71
ssh 688227 ( 2.53%) 112079980 ( 0.64%) 162.85
dns 51807 ( 0.19%) 3570210 ( 0.02%) 68.91
bgp 174 ( 0.00%) 69786 ( 0.00%) 401.07
napster 17 ( 0.00%) 3757 ( 0.00%) 221.00
realaud 1 ( 0.00%) 62 ( 0.00%) 62.00
rtsp 320 ( 0.00%) 62379 ( 0.00%) 194.93
icecast 8483 ( 0.03%) 558620 ( 0.00%) 65.85
hotline 3 ( 0.00%) 186 ( 0.00%) 62.00
other 2998250 ( 11.01%) 1122790556 ( 6.38%) 374.48
udp 7125612 ( 26.17%) 3948970917 ( 22.44%) 554.19
dns 721391 ( 2.65%) 125634690 ( 0.71%) 174.16
realaud 42 ( 0.00%) 4708 ( 0.00%) 112.10
halflif 145 ( 0.00%) 20147 ( 0.00%) 138.94
starcra 279 ( 0.00%) 30885 ( 0.00%) 110.70
everque 478 ( 0.00%) 87197 ( 0.00%) 182.42
unreal 170 ( 0.00%) 28383 ( 0.00%) 166.96
quake 29 ( 0.00%) 2692 ( 0.00%) 92.83
cuseeme 1 ( 0.00%) 109 ( 0.00%) 109.00
other 6402676 ( 23.52%) 3822975859 ( 21.73%) 597.09
icmp 1232614 ( 4.53%) 206514276 ( 1.17%) 167.54
ipip 341 ( 0.00%) 40858 ( 0.00%) 119.82
ipsec 3533 ( 0.01%) 1145142 ( 0.01%) 324.13
ip6 3317879 ( 12.19%) 2015217289 ( 11.45%) 607.38
other 15107 ( 0.06%) 8148425 ( 0.05%) 539.38
frag 1718 ( 0.01%) 1700066 ( 0.01%) 989.56
ip6 69101 ( 0.25%) 10244533 ( 0.06%) 148.25
tcp6 29583 ( 0.11%) 2860820 ( 0.02%) 96.70
http(s) 28 ( 0.00%) 15908 ( 0.00%) 568.14
http(c) 10580 ( 0.04%) 944132 ( 0.01%) 89.24
smtp 402 ( 0.00%) 187450 ( 0.00%) 466.29
ftp 1350 ( 0.00%) 136057 ( 0.00%) 100.78
ssh 3210 ( 0.01%) 266168 ( 0.00%) 82.92
dns 159 ( 0.00%) 41374 ( 0.00%) 260.21
bgp 116 ( 0.00%) 15224 ( 0.00%) 131.24
other 13738 ( 0.05%) 1254507 ( 0.01%) 91.32
udp6 32011 ( 0.12%) 6288003 ( 0.04%) 196.43
dns 31835 ( 0.12%) 6262408 ( 0.04%) 196.71
other 176 ( 0.00%) 25595 ( 0.00%) 145.43
icmp6 7266 ( 0.03%) 883097 ( 0.01%) 121.54
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 211 ( 0.00%) 208533 ( 0.00%) 988.31
tcpdump file: 201004150400.dump.gz (699.52 MB)