Traffic Trace Info
DumpFile: 201004151030.dump
FileSize: 2018.39MB
Id: 201004151030
StartTime: Thu Apr 15 10:30:01 2010
EndTime: Thu Apr 15 10:45:01 2010
TotalTime: 899.59 seconds
TotalCapSize: 1582.23MB CapLen: 96 bytes
# of packets: 28583414 (17348.65MB)
AvgRate: 161.78Mbps stddev:14.19M
IP flow (unique src/dst pair) Information
# of flows: 986839 (avg. 28.96 pkts/flow)
Top 10 big flow size (bytes/total in %):
1.7% 1.6% 1.4% 1.4% 1.1% 1.0% 0.9% 0.9% 0.9% 0.8%
IP address Information
# of IPv4 addresses: 555158
Top 10 bandwidth usage (bytes/total in %):
19.2% 11.3% 4.8% 4.3% 4.2% 4.1% 2.3% 2.0% 1.8% 1.7%
# of IPv6 addresses: 1003
Top 10 bandwidth usage (bytes/total in %):
25.3% 9.6% 7.3% 6.2% 6.1% 5.3% 4.9% 4.8% 4.8% 3.5%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004151030.pktlen.png)
detailed numbers
[ 32- 63]: 4966679
[ 64- 127]: 7648918
[ 128- 255]: 2492519
[ 256- 511]: 1679588
[ 512- 1023]: 801000
[ 1024- 2047]: 10994710
Protocol Breakdown
![[protocol breakdown chart]](201004151030.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 28583414 (100.00%) 18191381838 (100.00%) 636.43
ip 28525042 ( 99.80%) 18181846100 ( 99.95%) 637.40
tcp 16865803 ( 59.01%) 11920708465 ( 65.53%) 706.80
http(s) 7173035 ( 25.10%) 9566546668 ( 52.59%) 1333.68
http(c) 5378127 ( 18.82%) 711529785 ( 3.91%) 132.30
squid 257688 ( 0.90%) 104646785 ( 0.58%) 406.10
smtp 331925 ( 1.16%) 126168092 ( 0.69%) 380.11
ftp 19126 ( 0.07%) 1959070 ( 0.01%) 102.43
pop3 15242 ( 0.05%) 6720166 ( 0.04%) 440.90
imap 4392 ( 0.02%) 2073054 ( 0.01%) 472.01
telnet 351 ( 0.00%) 58600 ( 0.00%) 166.95
ssh 767617 ( 2.69%) 189196077 ( 1.04%) 246.47
dns 50620 ( 0.18%) 3514496 ( 0.02%) 69.43
bgp 139 ( 0.00%) 38956 ( 0.00%) 280.26
napster 186 ( 0.00%) 130629 ( 0.00%) 702.31
realaud 8 ( 0.00%) 504 ( 0.00%) 63.00
rtsp 20443 ( 0.07%) 2484243 ( 0.01%) 121.52
icecast 15472 ( 0.05%) 1253795 ( 0.01%) 81.04
hotline 1 ( 0.00%) 60 ( 0.00%) 60.00
other 2831427 ( 9.91%) 1204387245 ( 6.62%) 425.36
udp 7773059 ( 27.19%) 4104394506 ( 22.56%) 528.03
dns 662654 ( 2.32%) 114307744 ( 0.63%) 172.50
realaud 12 ( 0.00%) 1366 ( 0.00%) 113.83
halflif 192 ( 0.00%) 28012 ( 0.00%) 145.90
starcra 194 ( 0.00%) 19257 ( 0.00%) 99.26
everque 652 ( 0.00%) 132117 ( 0.00%) 202.63
unreal 150 ( 0.00%) 28173 ( 0.00%) 187.82
quake 20 ( 0.00%) 2216 ( 0.00%) 110.80
cuseeme 5 ( 0.00%) 647 ( 0.00%) 129.40
other 7109098 ( 24.87%) 3989812508 ( 21.93%) 561.23
icmp 581090 ( 2.03%) 88298302 ( 0.49%) 151.95
ipip 365 ( 0.00%) 46586 ( 0.00%) 127.63
ipsec 1944 ( 0.01%) 516736 ( 0.00%) 265.81
ip6 3285646 ( 11.49%) 2059805462 ( 11.32%) 626.91
other 17135 ( 0.06%) 8076043 ( 0.04%) 471.32
frag 1328 ( 0.00%) 1353122 ( 0.01%) 1018.92
ip6 58372 ( 0.20%) 9535738 ( 0.05%) 163.36
tcp6 20945 ( 0.07%) 2369829 ( 0.01%) 113.15
http(s) 248 ( 0.00%) 329881 ( 0.00%) 1330.17
http(c) 3960 ( 0.01%) 362469 ( 0.00%) 91.53
squid 7 ( 0.00%) 1136 ( 0.00%) 162.29
smtp 171 ( 0.00%) 56935 ( 0.00%) 332.95
ftp 5382 ( 0.02%) 535902 ( 0.00%) 99.57
imap 416 ( 0.00%) 48575 ( 0.00%) 116.77
ssh 4204 ( 0.01%) 373580 ( 0.00%) 88.86
dns 98 ( 0.00%) 25880 ( 0.00%) 264.08
bgp 105 ( 0.00%) 13282 ( 0.00%) 126.50
other 6354 ( 0.02%) 622189 ( 0.00%) 97.92
udp6 30246 ( 0.11%) 6235293 ( 0.03%) 206.15
dns 29862 ( 0.10%) 6174558 ( 0.03%) 206.77
other 384 ( 0.00%) 60735 ( 0.00%) 158.16
icmp6 7058 ( 0.02%) 848896 ( 0.00%) 120.27
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 93 ( 0.00%) 77640 ( 0.00%) 834.84
tcpdump file: 201004151030.dump.gz (718.43 MB)