Traffic Trace Info
DumpFile: 201004150445.dump
FileSize: 1797.36MB
Id: 201004150445
StartTime: Thu Apr 15 04:45:01 2010
EndTime: Thu Apr 15 05:00:01 2010
TotalTime: 900.27 seconds
TotalCapSize: 1407.53MB CapLen: 96 bytes
# of packets: 25547154 (16336.86MB)
AvgRate: 152.24Mbps stddev:13.51M
IP flow (unique src/dst pair) Information
# of flows: 1128835 (avg. 22.63 pkts/flow)
Top 10 big flow size (bytes/total in %):
2.2% 1.9% 1.2% 1.1% 1.1% 0.9% 0.8% 0.8% 0.7% 0.7%
IP address Information
# of IPv4 addresses: 616145
Top 10 bandwidth usage (bytes/total in %):
21.4% 10.8% 7.4% 6.2% 6.2% 5.8% 3.3% 2.9% 2.5% 2.2%
# of IPv6 addresses: 931
Top 10 bandwidth usage (bytes/total in %):
26.6% 12.3% 11.2% 8.9% 6.3% 6.0% 5.7% 4.8% 4.0% 3.6%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004150445.pktlen.png)
detailed numbers
[ 32- 63]: 3895264
[ 64- 127]: 6829601
[ 128- 255]: 2266749
[ 256- 511]: 1427296
[ 512- 1023]: 568678
[ 1024- 2047]: 10559566
Protocol Breakdown
![[protocol breakdown chart]](201004150445.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 25547154 (100.00%) 17130434809 (100.00%) 670.54
ip 25484278 ( 99.75%) 17121019950 ( 99.95%) 671.83
tcp 14453849 ( 56.58%) 10875141393 ( 63.48%) 752.40
http(s) 6412095 ( 25.10%) 8865212436 ( 51.75%) 1382.58
http(c) 3287297 ( 12.87%) 252535985 ( 1.47%) 76.82
squid 259865 ( 1.02%) 74944516 ( 0.44%) 288.40
smtp 435657 ( 1.71%) 72514660 ( 0.42%) 166.45
nntp 2 ( 0.00%) 120 ( 0.00%) 60.00
ftp 7758 ( 0.03%) 796348 ( 0.00%) 102.65
pop3 6822 ( 0.03%) 3541911 ( 0.02%) 519.19
imap 664 ( 0.00%) 110489 ( 0.00%) 166.40
telnet 2238 ( 0.01%) 162123 ( 0.00%) 72.44
ssh 828222 ( 3.24%) 121814864 ( 0.71%) 147.08
dns 55042 ( 0.22%) 3759809 ( 0.02%) 68.31
bgp 161 ( 0.00%) 59238 ( 0.00%) 367.94
napster 61 ( 0.00%) 26889 ( 0.00%) 440.80
realaud 5 ( 0.00%) 304 ( 0.00%) 60.80
rtsp 377 ( 0.00%) 84454 ( 0.00%) 224.02
icecast 8405 ( 0.03%) 553524 ( 0.00%) 65.86
other 3149168 ( 12.33%) 1479023123 ( 8.63%) 469.66
udp 7154879 ( 28.01%) 4198350094 ( 24.51%) 586.78
dns 787582 ( 3.08%) 134234670 ( 0.78%) 170.44
realaud 23 ( 0.00%) 2998 ( 0.00%) 130.35
halflif 213 ( 0.00%) 30996 ( 0.00%) 145.52
starcra 291 ( 0.00%) 28737 ( 0.00%) 98.75
everque 400 ( 0.00%) 69525 ( 0.00%) 173.81
unreal 166 ( 0.00%) 28231 ( 0.00%) 170.07
quake 39 ( 0.00%) 3427 ( 0.00%) 87.87
cuseeme 237 ( 0.00%) 100014 ( 0.00%) 422.00
other 6365477 ( 24.92%) 4063600234 ( 23.72%) 638.38
icmp 1000484 ( 3.92%) 179503216 ( 1.05%) 179.42
ipip 341 ( 0.00%) 40584 ( 0.00%) 119.01
ipsec 4436 ( 0.02%) 1935344 ( 0.01%) 436.28
ip6 2863929 ( 11.21%) 1865022096 ( 10.89%) 651.21
other 6360 ( 0.02%) 1027223 ( 0.01%) 161.51
frag 2568 ( 0.01%) 2842668 ( 0.02%) 1106.96
ip6 62876 ( 0.25%) 9414859 ( 0.05%) 149.74
tcp6 22324 ( 0.09%) 2080419 ( 0.01%) 93.19
http(s) 28 ( 0.00%) 15907 ( 0.00%) 568.11
http(c) 4664 ( 0.02%) 423043 ( 0.00%) 90.70
smtp 163 ( 0.00%) 46972 ( 0.00%) 288.17
ftp 2011 ( 0.01%) 199544 ( 0.00%) 99.23
ssh 3242 ( 0.01%) 269164 ( 0.00%) 83.02
dns 63 ( 0.00%) 20444 ( 0.00%) 324.51
bgp 120 ( 0.00%) 16493 ( 0.00%) 137.44
other 12033 ( 0.05%) 1088852 ( 0.01%) 90.49
udp6 33302 ( 0.13%) 6387511 ( 0.04%) 191.81
dns 33109 ( 0.13%) 6358743 ( 0.04%) 192.05
other 193 ( 0.00%) 28768 ( 0.00%) 149.06
icmp6 7130 ( 0.03%) 862562 ( 0.01%) 120.98
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 90 ( 0.00%) 80287 ( 0.00%) 892.08
tcpdump file: 201004150445.dump.gz (652.51 MB)