Traffic Trace Info
DumpFile: 201004150730.dump
FileSize: 1775.90MB
Id: 201004150730
StartTime: Thu Apr 15 07:30:00 2010
EndTime: Thu Apr 15 07:45:01 2010
TotalTime: 900.10 seconds
TotalCapSize: 1395.19MB CapLen: 96 bytes
# of packets: 24949354 (16113.66MB)
AvgRate: 150.17Mbps stddev:16.05M
IP flow (unique src/dst pair) Information
# of flows: 805015 (avg. 30.99 pkts/flow)
Top 10 big flow size (bytes/total in %):
4.8% 4.1% 2.2% 2.1% 1.6% 1.0% 0.9% 0.8% 0.7% 0.7%
IP address Information
# of IPv4 addresses: 439250
Top 10 bandwidth usage (bytes/total in %):
21.1% 13.8% 4.9% 4.9% 4.9% 4.5% 4.3% 4.1% 4.0% 3.8%
# of IPv6 addresses: 880
Top 10 bandwidth usage (bytes/total in %):
30.2% 11.1% 7.3% 6.7% 6.4% 5.8% 5.5% 4.2% 3.8% 2.9%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004150730.pktlen.png)
detailed numbers
[ 32- 63]: 2893078
[ 64- 127]: 6945052
[ 128- 255]: 2557882
[ 256- 511]: 1602496
[ 512- 1023]: 621547
[ 1024- 2047]: 10329299
Protocol Breakdown
![[protocol breakdown chart]](201004150730.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 24949354 (100.00%) 16896395411 (100.00%) 677.23
ip 24894419 ( 99.78%) 16888229155 ( 99.95%) 678.39
tcp 12771888 ( 51.19%) 10006348632 ( 59.22%) 783.47
http(s) 5650970 ( 22.65%) 7837693936 ( 46.39%) 1386.96
http(c) 3051115 ( 12.23%) 261579769 ( 1.55%) 85.73
squid 252273 ( 1.01%) 114555949 ( 0.68%) 454.10
smtp 301350 ( 1.21%) 59823064 ( 0.35%) 198.52
ftp 9235 ( 0.04%) 1198632 ( 0.01%) 129.79
pop3 11408 ( 0.05%) 7385292 ( 0.04%) 647.38
imap 1314 ( 0.01%) 358062 ( 0.00%) 272.50
telnet 1153 ( 0.00%) 109295 ( 0.00%) 94.79
ssh 623846 ( 2.50%) 92788057 ( 0.55%) 148.74
dns 50508 ( 0.20%) 3505177 ( 0.02%) 69.40
bgp 153 ( 0.00%) 52724 ( 0.00%) 344.60
napster 5 ( 0.00%) 318 ( 0.00%) 63.60
rtsp 224 ( 0.00%) 50214 ( 0.00%) 224.17
icecast 8629 ( 0.03%) 580922 ( 0.00%) 67.32
hotline 12 ( 0.00%) 1130 ( 0.00%) 94.17
other 2809691 ( 11.26%) 1626665971 ( 9.63%) 578.95
udp 7717406 ( 30.93%) 4369428089 ( 25.86%) 566.18
dns 650336 ( 2.61%) 126343256 ( 0.75%) 194.27
realaud 20 ( 0.00%) 2705 ( 0.00%) 135.25
halflif 173 ( 0.00%) 27166 ( 0.00%) 157.03
starcra 166 ( 0.00%) 19041 ( 0.00%) 114.70
everque 522 ( 0.00%) 102725 ( 0.00%) 196.79
unreal 189 ( 0.00%) 33540 ( 0.00%) 177.46
quake 40 ( 0.00%) 3222 ( 0.00%) 80.55
cuseeme 5 ( 0.00%) 452 ( 0.00%) 90.40
other 7065575 ( 28.32%) 4242639791 ( 25.11%) 600.47
icmp 810323 ( 3.25%) 153138741 ( 0.91%) 188.98
ipip 320 ( 0.00%) 37940 ( 0.00%) 118.56
ipsec 2062 ( 0.01%) 678484 ( 0.00%) 329.04
ip6 3566942 ( 14.30%) 2340898126 ( 13.85%) 656.28
other 25478 ( 0.10%) 17699143 ( 0.10%) 694.68
frag 9709 ( 0.04%) 10900504 ( 0.06%) 1122.72
ip6 54935 ( 0.22%) 8166256 ( 0.05%) 148.65
tcp6 20292 ( 0.08%) 2292209 ( 0.01%) 112.96
http(s) 50 ( 0.00%) 32516 ( 0.00%) 650.32
http(c) 4824 ( 0.02%) 494625 ( 0.00%) 102.53
smtp 517 ( 0.00%) 219845 ( 0.00%) 425.23
ftp 5292 ( 0.02%) 529217 ( 0.00%) 100.00
ssh 3227 ( 0.01%) 267570 ( 0.00%) 82.92
dns 105 ( 0.00%) 20513 ( 0.00%) 195.36
bgp 110 ( 0.00%) 13886 ( 0.00%) 126.24
other 6167 ( 0.02%) 714037 ( 0.00%) 115.78
udp6 26719 ( 0.11%) 4877714 ( 0.03%) 182.56
dns 26179 ( 0.10%) 4817223 ( 0.03%) 184.01
other 540 ( 0.00%) 60491 ( 0.00%) 112.02
icmp6 7857 ( 0.03%) 959140 ( 0.01%) 122.07
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 37 ( 0.00%) 33113 ( 0.00%) 894.95
tcpdump file: 201004150730.dump.gz (614.16 MB)