Traffic Trace Info
DumpFile: 201004151100.dump
FileSize: 2122.87MB
Id: 201004151100
StartTime: Thu Apr 15 11:00:00 2010
EndTime: Thu Apr 15 11:15:01 2010
TotalTime: 900.19 seconds
TotalCapSize: 1663.31MB CapLen: 96 bytes
# of packets: 30069212 (18470.47MB)
AvgRate: 172.11Mbps stddev:16.89M
IP flow (unique src/dst pair) Information
# of flows: 963231 (avg. 31.22 pkts/flow)
Top 10 big flow size (bytes/total in %):
2.0% 1.4% 1.4% 1.2% 1.1% 1.1% 1.0% 1.0% 0.9% 0.7%
IP address Information
# of IPv4 addresses: 538356
Top 10 bandwidth usage (bytes/total in %):
15.9% 11.0% 4.9% 4.5% 4.3% 4.0% 2.9% 2.5% 2.5% 2.0%
# of IPv6 addresses: 1026
Top 10 bandwidth usage (bytes/total in %):
24.0% 9.7% 7.9% 6.1% 5.3% 4.9% 4.8% 4.1% 4.1% 3.9%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004151100.pktlen.png)
detailed numbers
[ 32- 63]: 5064581
[ 64- 127]: 8252310
[ 128- 255]: 2416501
[ 256- 511]: 1729508
[ 512- 1023]: 813796
[ 1024- 2047]: 11792516
Protocol Breakdown
![[protocol breakdown chart]](201004151100.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 30069212 (100.00%) 19367686687 (100.00%) 644.10
ip 30009970 ( 99.80%) 19357995283 ( 99.95%) 645.05
tcp 17747759 ( 59.02%) 13025071981 ( 67.25%) 733.90
http(s) 7938179 ( 26.40%) 10729038738 ( 55.40%) 1351.57
http(c) 5959433 ( 19.82%) 675732749 ( 3.49%) 113.39
squid 293710 ( 0.98%) 134839939 ( 0.70%) 459.09
smtp 300420 ( 1.00%) 87228166 ( 0.45%) 290.35
nntp 15 ( 0.00%) 918 ( 0.00%) 61.20
ftp 12552 ( 0.04%) 1275638 ( 0.01%) 101.63
pop3 25287 ( 0.08%) 14670495 ( 0.08%) 580.16
imap 4435 ( 0.01%) 2273016 ( 0.01%) 512.52
telnet 868 ( 0.00%) 91199 ( 0.00%) 105.07
ssh 688367 ( 2.29%) 102253904 ( 0.53%) 148.55
dns 53305 ( 0.18%) 3658037 ( 0.02%) 68.62
bgp 176 ( 0.00%) 62426 ( 0.00%) 354.69
napster 151 ( 0.00%) 11405 ( 0.00%) 75.53
realaud 22 ( 0.00%) 2972 ( 0.00%) 135.09
rtsp 42698 ( 0.14%) 2614129 ( 0.01%) 61.22
icecast 13952 ( 0.05%) 915446 ( 0.00%) 65.61
other 2414186 ( 8.03%) 1270402624 ( 6.56%) 526.22
udp 8139705 ( 27.07%) 4060144024 ( 20.96%) 498.81
dns 693493 ( 2.31%) 118117138 ( 0.61%) 170.32
realaud 21 ( 0.00%) 1982 ( 0.00%) 94.38
halflif 154 ( 0.00%) 22015 ( 0.00%) 142.95
starcra 180 ( 0.00%) 16053 ( 0.00%) 89.18
everque 664 ( 0.00%) 126001 ( 0.00%) 189.76
unreal 147 ( 0.00%) 27055 ( 0.00%) 184.05
quake 18 ( 0.00%) 1953 ( 0.00%) 108.50
cuseeme 5 ( 0.00%) 498 ( 0.00%) 99.60
other 7444932 ( 24.76%) 3941755485 ( 20.35%) 529.45
icmp 643421 ( 2.14%) 99627939 ( 0.51%) 154.84
ipip 355 ( 0.00%) 45502 ( 0.00%) 128.17
ipsec 1804 ( 0.01%) 468328 ( 0.00%) 259.61
ip6 3439333 ( 11.44%) 2152331024 ( 11.11%) 625.80
other 37593 ( 0.13%) 20306485 ( 0.10%) 540.17
frag 615 ( 0.00%) 642804 ( 0.00%) 1045.21
ip6 59242 ( 0.20%) 9691404 ( 0.05%) 163.59
tcp6 20614 ( 0.07%) 2279895 ( 0.01%) 110.60
http(s) 41 ( 0.00%) 18068 ( 0.00%) 440.68
http(c) 4056 ( 0.01%) 363842 ( 0.00%) 89.70
smtp 488 ( 0.00%) 255025 ( 0.00%) 522.59
ftp 5032 ( 0.02%) 501700 ( 0.00%) 99.70
imap 484 ( 0.00%) 55655 ( 0.00%) 114.99
ssh 3453 ( 0.01%) 310814 ( 0.00%) 90.01
dns 248 ( 0.00%) 55106 ( 0.00%) 222.20
bgp 111 ( 0.00%) 16137 ( 0.00%) 145.38
other 6701 ( 0.02%) 703548 ( 0.00%) 104.99
udp6 30530 ( 0.10%) 6168001 ( 0.03%) 202.03
dns 30243 ( 0.10%) 6119774 ( 0.03%) 202.35
halflif 1 ( 0.00%) 109 ( 0.00%) 109.00
other 286 ( 0.00%) 48118 ( 0.00%) 168.24
icmp6 7961 ( 0.03%) 1146742 ( 0.01%) 144.04
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 107 ( 0.00%) 92686 ( 0.00%) 866.22
tcpdump file: 201004151100.dump.gz (754.76 MB)