Traffic Trace Info
DumpFile: 201004150415.dump
FileSize: 1897.36MB
Id: 201004150415
StartTime: Thu Apr 15 04:15:00 2010
EndTime: Thu Apr 15 04:30:01 2010
TotalTime: 900.46 seconds
TotalCapSize: 1488.00MB CapLen: 96 bytes
# of packets: 26827364 (17159.21MB)
AvgRate: 159.87Mbps stddev:13.96M
IP flow (unique src/dst pair) Information
# of flows: 1270272 (avg. 21.12 pkts/flow)
Top 10 big flow size (bytes/total in %):
2.2% 1.8% 1.1% 0.9% 0.7% 0.6% 0.6% 0.6% 0.6% 0.6%
IP address Information
# of IPv4 addresses: 716945
Top 10 bandwidth usage (bytes/total in %):
18.3% 10.8% 8.8% 7.4% 7.1% 6.2% 2.9% 2.8% 2.5% 2.4%
# of IPv6 addresses: 924
Top 10 bandwidth usage (bytes/total in %):
33.2% 8.8% 7.9% 6.9% 6.6% 6.4% 3.9% 3.3% 3.1% 3.1%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004150415.pktlen.png)
detailed numbers
[ 32- 63]: 4487704
[ 64- 127]: 6899837
[ 128- 255]: 2252957
[ 256- 511]: 1508637
[ 512- 1023]: 649355
[ 1024- 2047]: 11028874
Protocol Breakdown
![[protocol breakdown chart]](201004150415.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 26827364 (100.00%) 17992731824 (100.00%) 670.69
ip 26777337 ( 99.81%) 17985187048 ( 99.96%) 671.66
tcp 15773630 ( 58.80%) 11994093950 ( 66.66%) 760.39
http(s) 7403659 ( 27.60%) 10181294363 ( 56.59%) 1375.17
http(c) 3952279 ( 14.73%) 304959238 ( 1.69%) 77.16
squid 303859 ( 1.13%) 100064209 ( 0.56%) 329.31
smtp 321706 ( 1.20%) 55949822 ( 0.31%) 173.92
nntp 1 ( 0.00%) 60 ( 0.00%) 60.00
ftp 11414 ( 0.04%) 1112525 ( 0.01%) 97.47
pop3 8265 ( 0.03%) 5428891 ( 0.03%) 656.85
imap 640 ( 0.00%) 152025 ( 0.00%) 237.54
telnet 1930 ( 0.01%) 142823 ( 0.00%) 74.00
ssh 619951 ( 2.31%) 93179762 ( 0.52%) 150.30
dns 48878 ( 0.18%) 3355171 ( 0.02%) 68.64
bgp 164 ( 0.00%) 61494 ( 0.00%) 374.96
napster 9 ( 0.00%) 980 ( 0.00%) 108.89
rtsp 382 ( 0.00%) 85903 ( 0.00%) 224.88
icecast 8453 ( 0.03%) 556636 ( 0.00%) 65.85
hotline 3 ( 0.00%) 186 ( 0.00%) 62.00
other 3092033 ( 11.53%) 1247749622 ( 6.93%) 403.54
udp 6742909 ( 25.13%) 3840650266 ( 21.35%) 569.58
dns 666031 ( 2.48%) 117968160 ( 0.66%) 177.12
realaud 20 ( 0.00%) 1754 ( 0.00%) 87.70
halflif 206 ( 0.00%) 30766 ( 0.00%) 149.35
starcra 233 ( 0.00%) 29648 ( 0.00%) 127.24
everque 491 ( 0.00%) 91353 ( 0.00%) 186.05
unreal 165 ( 0.00%) 28882 ( 0.00%) 175.04
quake 34 ( 0.00%) 3099 ( 0.00%) 91.15
cuseeme 4 ( 0.00%) 398 ( 0.00%) 99.50
other 6075347 ( 22.65%) 3722297302 ( 20.69%) 612.69
icmp 1037077 ( 3.87%) 183841624 ( 1.02%) 177.27
ipip 334 ( 0.00%) 40888 ( 0.00%) 122.42
ipsec 2152 ( 0.01%) 771708 ( 0.00%) 358.60
ip6 3203351 ( 11.94%) 1953915630 ( 10.86%) 609.96
other 17884 ( 0.07%) 11872982 ( 0.07%) 663.89
frag 2824 ( 0.01%) 3062951 ( 0.02%) 1084.61
ip6 50027 ( 0.19%) 7544776 ( 0.04%) 150.81
tcp6 15257 ( 0.06%) 1520604 ( 0.01%) 99.67
http(s) 47 ( 0.00%) 26998 ( 0.00%) 574.43
http(c) 5242 ( 0.02%) 482431 ( 0.00%) 92.03
smtp 195 ( 0.00%) 92196 ( 0.00%) 472.80
ftp 2447 ( 0.01%) 242654 ( 0.00%) 99.16
ssh 3246 ( 0.01%) 269496 ( 0.00%) 83.02
dns 38 ( 0.00%) 11218 ( 0.00%) 295.21
bgp 104 ( 0.00%) 13012 ( 0.00%) 125.12
other 3938 ( 0.01%) 382599 ( 0.00%) 97.16
udp6 27591 ( 0.10%) 5109711 ( 0.03%) 185.19
dns 27383 ( 0.10%) 5077993 ( 0.03%) 185.44
other 208 ( 0.00%) 31718 ( 0.00%) 152.49
icmp6 7080 ( 0.03%) 849672 ( 0.00%) 120.01
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 69 ( 0.00%) 60709 ( 0.00%) 879.84
tcpdump file: 201004150415.dump.gz (682.64 MB)