Traffic Trace Info
DumpFile: 201004151045.dump
FileSize: 2035.43MB
Id: 201004151045
StartTime: Thu Apr 15 10:45:01 2010
EndTime: Thu Apr 15 11:00:00 2010
TotalTime: 899.81 seconds
TotalCapSize: 1594.01MB CapLen: 96 bytes
# of packets: 28923174 (17566.48MB)
AvgRate: 163.76Mbps stddev:16.56M
IP flow (unique src/dst pair) Information
# of flows: 980610 (avg. 29.50 pkts/flow)
Top 10 big flow size (bytes/total in %):
3.2% 1.6% 1.6% 1.4% 1.0% 0.9% 0.9% 0.8% 0.8% 0.7%
IP address Information
# of IPv4 addresses: 563922
Top 10 bandwidth usage (bytes/total in %):
18.3% 10.8% 4.6% 4.0% 4.0% 3.9% 3.2% 3.2% 2.8% 2.2%
# of IPv6 addresses: 1026
Top 10 bandwidth usage (bytes/total in %):
25.0% 10.2% 6.6% 6.3% 5.6% 5.2% 5.1% 4.5% 3.6% 3.6%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004151045.pktlen.png)
detailed numbers
[ 32- 63]: 5254754
[ 64- 127]: 7663036
[ 128- 255]: 2355886
[ 256- 511]: 1725105
[ 512- 1023]: 767198
[ 1024- 2047]: 11157195
Protocol Breakdown
![[protocol breakdown chart]](201004151045.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 28923174 (100.00%) 18419792061 (100.00%) 636.85
ip 28864491 ( 99.80%) 18410814843 ( 99.95%) 637.84
tcp 17255239 ( 59.66%) 12245602553 ( 66.48%) 709.67
http(s) 7473353 ( 25.84%) 10084629107 ( 54.75%) 1349.41
http(c) 6087846 ( 21.05%) 707125024 ( 3.84%) 116.15
squid 277073 ( 0.96%) 122206712 ( 0.66%) 441.06
smtp 324933 ( 1.12%) 108678234 ( 0.59%) 334.46
ftp 17197 ( 0.06%) 1886668 ( 0.01%) 109.71
pop3 27807 ( 0.10%) 10407670 ( 0.06%) 374.28
imap 4941 ( 0.02%) 1296751 ( 0.01%) 262.45
telnet 392 ( 0.00%) 45224 ( 0.00%) 115.37
ssh 690302 ( 2.39%) 102581209 ( 0.56%) 148.60
dns 52995 ( 0.18%) 3654783 ( 0.02%) 68.96
bgp 148 ( 0.00%) 46225 ( 0.00%) 312.33
napster 223 ( 0.00%) 124518 ( 0.00%) 558.38
realaud 9 ( 0.00%) 982 ( 0.00%) 109.11
rtsp 85 ( 0.00%) 21998 ( 0.00%) 258.80
icecast 14815 ( 0.05%) 1052093 ( 0.01%) 71.02
other 2283115 ( 7.89%) 1101844857 ( 5.98%) 482.61
udp 7836421 ( 27.09%) 4064963865 ( 22.07%) 518.73
dns 667552 ( 2.31%) 115192017 ( 0.63%) 172.56
realaud 23 ( 0.00%) 2344 ( 0.00%) 101.91
halflif 187 ( 0.00%) 25294 ( 0.00%) 135.26
starcra 173 ( 0.00%) 18901 ( 0.00%) 109.25
everque 676 ( 0.00%) 126436 ( 0.00%) 187.04
unreal 128 ( 0.00%) 23416 ( 0.00%) 182.94
quake 20 ( 0.00%) 2840 ( 0.00%) 142.00
cuseeme 9 ( 0.00%) 1175 ( 0.00%) 130.56
other 7167569 ( 24.78%) 3949509616 ( 21.44%) 551.02
icmp 582809 ( 2.02%) 84657990 ( 0.46%) 145.26
ipip 314 ( 0.00%) 38784 ( 0.00%) 123.52
ipsec 1882 ( 0.01%) 494564 ( 0.00%) 262.79
ip6 3168483 ( 10.95%) 2006978161 ( 10.90%) 633.42
other 19343 ( 0.07%) 8078926 ( 0.04%) 417.67
frag 1251 ( 0.00%) 1245832 ( 0.01%) 995.87
ip6 58683 ( 0.20%) 8977218 ( 0.05%) 152.98
tcp6 22927 ( 0.08%) 2424646 ( 0.01%) 105.76
http(s) 179 ( 0.00%) 161841 ( 0.00%) 904.14
http(c) 6169 ( 0.02%) 550378 ( 0.00%) 89.22
smtp 447 ( 0.00%) 101549 ( 0.00%) 227.18
ftp 5366 ( 0.02%) 534216 ( 0.00%) 99.56
imap 358 ( 0.00%) 40634 ( 0.00%) 113.50
ssh 3901 ( 0.01%) 380566 ( 0.00%) 97.56
dns 85 ( 0.00%) 23191 ( 0.00%) 272.84
bgp 118 ( 0.00%) 15181 ( 0.00%) 128.65
other 6304 ( 0.02%) 617090 ( 0.00%) 97.89
udp6 28594 ( 0.10%) 5650688 ( 0.03%) 197.62
dns 28177 ( 0.10%) 5585431 ( 0.03%) 198.23
cuseeme 1 ( 0.00%) 115 ( 0.00%) 115.00
other 416 ( 0.00%) 65142 ( 0.00%) 156.59
icmp6 7102 ( 0.02%) 872596 ( 0.00%) 122.87
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 30 ( 0.00%) 25208 ( 0.00%) 840.27
tcpdump file: 201004151045.dump.gz (726.90 MB)