Traffic Trace Info
DumpFile: 201004150530.dump
FileSize: 1755.00MB
Id: 201004150530
StartTime: Thu Apr 15 05:30:01 2010
EndTime: Thu Apr 15 05:45:01 2010
TotalTime: 900.21 seconds
TotalCapSize: 1373.69MB CapLen: 96 bytes
# of packets: 24989345 (15834.25MB)
AvgRate: 147.56Mbps stddev:12.75M
IP flow (unique src/dst pair) Information
# of flows: 1155926 (avg. 21.62 pkts/flow)
Top 10 big flow size (bytes/total in %):
2.1% 2.1% 1.8% 1.6% 1.2% 1.1% 0.9% 0.8% 0.7% 0.6%
IP address Information
# of IPv4 addresses: 658236
Top 10 bandwidth usage (bytes/total in %):
21.9% 11.4% 8.2% 7.1% 6.8% 6.3% 2.7% 2.6% 2.3% 2.1%
# of IPv6 addresses: 951
Top 10 bandwidth usage (bytes/total in %):
28.7% 12.7% 7.4% 6.8% 6.2% 5.9% 5.4% 4.4% 4.2% 4.1%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004150530.pktlen.png)
detailed numbers
[ 32- 63]: 3722749
[ 64- 127]: 6784083
[ 128- 255]: 2127808
[ 256- 511]: 1479583
[ 512- 1023]: 707257
[ 1024- 2047]: 10167865
Protocol Breakdown
![[protocol breakdown chart]](201004150530.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 24989345 (100.00%) 16603410297 (100.00%) 664.42
ip 24930199 ( 99.76%) 16594728092 ( 99.95%) 665.65
tcp 13712405 ( 54.87%) 10214365490 ( 61.52%) 744.90
http(s) 6242959 ( 24.98%) 8637321478 ( 52.02%) 1383.53
http(c) 3369124 ( 13.48%) 257296088 ( 1.55%) 76.37
squid 208230 ( 0.83%) 59514840 ( 0.36%) 285.81
smtp 463259 ( 1.85%) 84383235 ( 0.51%) 182.15
nntp 2 ( 0.00%) 120 ( 0.00%) 60.00
ftp 7860 ( 0.03%) 822243 ( 0.00%) 104.61
pop3 7222 ( 0.03%) 3719002 ( 0.02%) 514.95
imap 760 ( 0.00%) 242047 ( 0.00%) 318.48
telnet 2168 ( 0.01%) 174586 ( 0.00%) 80.53
ssh 645525 ( 2.58%) 94973859 ( 0.57%) 147.13
dns 57333 ( 0.23%) 6400399 ( 0.04%) 111.64
bgp 182 ( 0.00%) 68668 ( 0.00%) 377.30
napster 23 ( 0.00%) 3273 ( 0.00%) 142.30
realaud 2 ( 0.00%) 120 ( 0.00%) 60.00
rtsp 298 ( 0.00%) 77244 ( 0.00%) 259.21
icecast 8346 ( 0.03%) 551884 ( 0.00%) 66.13
other 2699108 ( 10.80%) 1068816164 ( 6.44%) 395.99
udp 7321889 ( 29.30%) 4284330070 ( 25.80%) 585.14
dns 735367 ( 2.94%) 127509790 ( 0.77%) 173.40
realaud 32 ( 0.00%) 3307 ( 0.00%) 103.34
halflif 164 ( 0.00%) 23502 ( 0.00%) 143.30
starcra 200 ( 0.00%) 22201 ( 0.00%) 111.00
everque 459 ( 0.00%) 88628 ( 0.00%) 193.09
unreal 207 ( 0.00%) 37673 ( 0.00%) 182.00
quake 29 ( 0.00%) 5681 ( 0.00%) 195.90
cuseeme 4 ( 0.00%) 416 ( 0.00%) 104.00
other 6585020 ( 26.35%) 4156419790 ( 25.03%) 631.19
icmp 927031 ( 3.71%) 170759302 ( 1.03%) 184.20
ipip 364 ( 0.00%) 46300 ( 0.00%) 127.20
ipsec 4539 ( 0.02%) 1758554 ( 0.01%) 387.43
ip6 2940698 ( 11.77%) 1903916881 ( 11.47%) 647.44
other 23273 ( 0.09%) 19551495 ( 0.12%) 840.09
frag 1931 ( 0.01%) 2033430 ( 0.01%) 1053.05
ip6 59146 ( 0.24%) 8682205 ( 0.05%) 146.79
tcp6 22192 ( 0.09%) 2211036 ( 0.01%) 99.63
http(s) 31 ( 0.00%) 16785 ( 0.00%) 541.45
http(c) 5310 ( 0.02%) 481262 ( 0.00%) 90.63
smtp 329 ( 0.00%) 142402 ( 0.00%) 432.83
ftp 5033 ( 0.02%) 509809 ( 0.00%) 101.29
ssh 3223 ( 0.01%) 267230 ( 0.00%) 82.91
dns 76 ( 0.00%) 18597 ( 0.00%) 244.70
bgp 122 ( 0.00%) 17844 ( 0.00%) 146.26
other 8068 ( 0.03%) 757107 ( 0.00%) 93.84
udp6 29916 ( 0.12%) 5587534 ( 0.03%) 186.77
dns 29718 ( 0.12%) 5553892 ( 0.03%) 186.89
other 198 ( 0.00%) 33642 ( 0.00%) 169.91
icmp6 6968 ( 0.03%) 843532 ( 0.01%) 121.06
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 40 ( 0.00%) 36023 ( 0.00%) 900.58
tcpdump file: 201004150530.dump.gz (629.54 MB)