Traffic Trace Info
DumpFile: 201004150600.dump
FileSize: 1724.62MB
Id: 201004150600
StartTime: Thu Apr 15 06:00:01 2010
EndTime: Thu Apr 15 06:15:00 2010
TotalTime: 899.61 seconds
TotalCapSize: 1354.26MB CapLen: 96 bytes
# of packets: 24271448 (15022.91MB)
AvgRate: 140.08Mbps stddev:12.29M
IP flow (unique src/dst pair) Information
# of flows: 985058 (avg. 24.64 pkts/flow)
Top 10 big flow size (bytes/total in %):
2.0% 1.7% 1.6% 1.5% 1.4% 1.2% 1.2% 1.2% 1.0% 0.9%
IP address Information
# of IPv4 addresses: 536190
Top 10 bandwidth usage (bytes/total in %):
21.2% 14.3% 7.3% 6.6% 5.2% 5.1% 3.0% 2.7% 2.5% 2.0%
# of IPv6 addresses: 942
Top 10 bandwidth usage (bytes/total in %):
28.2% 15.1% 9.9% 7.8% 6.7% 6.0% 5.3% 4.9% 4.1% 3.4%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004150600.pktlen.png)
detailed numbers
[ 32- 63]: 3684408
[ 64- 127]: 6615386
[ 128- 255]: 2245057
[ 256- 511]: 1449083
[ 512- 1023]: 670556
[ 1024- 2047]: 9606958
Protocol Breakdown
![[protocol breakdown chart]](201004150600.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 24271448 (100.00%) 15752663206 (100.00%) 649.02
ip 24209415 ( 99.74%) 15743792911 ( 99.94%) 650.32
tcp 13430912 ( 55.34%) 9576022534 ( 60.79%) 712.98
http(s) 5658633 ( 23.31%) 7823894937 ( 49.67%) 1382.65
http(c) 3129018 ( 12.89%) 241377339 ( 1.53%) 77.14
squid 319444 ( 1.32%) 136305193 ( 0.87%) 426.70
smtp 408073 ( 1.68%) 76843153 ( 0.49%) 188.31
ftp 10824 ( 0.04%) 1078827 ( 0.01%) 99.67
pop3 7080 ( 0.03%) 4489382 ( 0.03%) 634.09
imap 648 ( 0.00%) 102834 ( 0.00%) 158.69
telnet 2447 ( 0.01%) 192068 ( 0.00%) 78.49
ssh 1244137 ( 5.13%) 186102713 ( 1.18%) 149.58
dns 55940 ( 0.23%) 3845710 ( 0.02%) 68.75
bgp 154 ( 0.00%) 53857 ( 0.00%) 349.72
napster 16 ( 0.00%) 1400 ( 0.00%) 87.50
rtsp 356 ( 0.00%) 85500 ( 0.00%) 240.17
icecast 8408 ( 0.03%) 555541 ( 0.00%) 66.07
hotline 8 ( 0.00%) 1100 ( 0.00%) 137.50
other 2585726 ( 10.65%) 1101092980 ( 6.99%) 425.84
udp 6520750 ( 26.87%) 3737625987 ( 23.73%) 573.19
dns 700156 ( 2.88%) 125670837 ( 0.80%) 179.49
realaud 29 ( 0.00%) 2832 ( 0.00%) 97.66
halflif 178 ( 0.00%) 25878 ( 0.00%) 145.38
starcra 324 ( 0.00%) 34968 ( 0.00%) 107.93
everque 522 ( 0.00%) 92794 ( 0.00%) 177.77
unreal 211 ( 0.00%) 38119 ( 0.00%) 180.66
quake 20 ( 0.00%) 1844 ( 0.00%) 92.20
cuseeme 9 ( 0.00%) 1240 ( 0.00%) 137.78
other 5819053 ( 23.97%) 3611635395 ( 22.93%) 620.66
icmp 882304 ( 3.64%) 160764145 ( 1.02%) 182.21
ipip 356 ( 0.00%) 44048 ( 0.00%) 123.73
ipsec 1322 ( 0.01%) 360156 ( 0.00%) 272.43
ip6 3361775 ( 13.85%) 2266347415 ( 14.39%) 674.15
other 11996 ( 0.05%) 2628626 ( 0.02%) 219.13
frag 4147 ( 0.02%) 4615575 ( 0.03%) 1112.99
ip6 62033 ( 0.26%) 8870295 ( 0.06%) 142.99
tcp6 24949 ( 0.10%) 2366178 ( 0.02%) 94.84
http(s) 29 ( 0.00%) 9365 ( 0.00%) 322.93
http(c) 5547 ( 0.02%) 489277 ( 0.00%) 88.21
smtp 264 ( 0.00%) 86370 ( 0.00%) 327.16
ftp 4481 ( 0.02%) 455065 ( 0.00%) 101.55
ssh 3226 ( 0.01%) 267472 ( 0.00%) 82.91
dns 141 ( 0.00%) 30110 ( 0.00%) 213.55
bgp 123 ( 0.00%) 16676 ( 0.00%) 135.58
other 11138 ( 0.05%) 1011843 ( 0.01%) 90.85
udp6 29869 ( 0.12%) 5568609 ( 0.04%) 186.43
dns 29705 ( 0.12%) 5542831 ( 0.04%) 186.60
other 164 ( 0.00%) 25778 ( 0.00%) 157.18
icmp6 7116 ( 0.03%) 870727 ( 0.01%) 122.36
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 69 ( 0.00%) 60701 ( 0.00%) 879.72
tcpdump file: 201004150600.dump.gz (620.56 MB)