Traffic Trace Info
DumpFile: 201004151115.dump
FileSize: 2134.71MB
Id: 201004151115
StartTime: Thu Apr 15 11:15:01 2010
EndTime: Thu Apr 15 11:30:00 2010
TotalTime: 899.95 seconds
TotalCapSize: 1671.08MB CapLen: 96 bytes
# of packets: 30380441 (18546.52MB)
AvgRate: 172.83Mbps stddev:14.29M
IP flow (unique src/dst pair) Information
# of flows: 1000389 (avg. 30.37 pkts/flow)
Top 10 big flow size (bytes/total in %):
1.6% 1.4% 1.2% 1.1% 1.1% 1.1% 1.0% 1.0% 0.9% 0.8%
IP address Information
# of IPv4 addresses: 570471
Top 10 bandwidth usage (bytes/total in %):
16.6% 10.3% 4.3% 3.8% 3.7% 3.6% 3.3% 2.5% 2.2% 2.2%
# of IPv6 addresses: 994
Top 10 bandwidth usage (bytes/total in %):
25.0% 9.6% 7.6% 6.3% 5.3% 4.9% 4.8% 3.8% 3.8% 3.6%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004151115.pktlen.png)
detailed numbers
[ 32- 63]: 5278793
[ 64- 127]: 8115313
[ 128- 255]: 2577057
[ 256- 511]: 1801398
[ 512- 1023]: 819119
[ 1024- 2047]: 11788761
Protocol Breakdown
![[protocol breakdown chart]](201004151115.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 30380441 (100.00%) 19447435800 (100.00%) 640.13
ip 30322670 ( 99.81%) 19437951196 ( 99.95%) 641.04
tcp 18082504 ( 59.52%) 13073539746 ( 67.23%) 722.99
http(s) 7992734 ( 26.31%) 10589378860 ( 54.45%) 1324.88
http(c) 5973276 ( 19.66%) 740662030 ( 3.81%) 124.00
squid 287642 ( 0.95%) 128941982 ( 0.66%) 448.27
smtp 322137 ( 1.06%) 99871767 ( 0.51%) 310.03
nntp 1 ( 0.00%) 60 ( 0.00%) 60.00
ftp 13097 ( 0.04%) 1268561 ( 0.01%) 96.86
pop3 21875 ( 0.07%) 12382547 ( 0.06%) 566.06
imap 3017 ( 0.01%) 1092569 ( 0.01%) 362.14
telnet 1046 ( 0.00%) 88427 ( 0.00%) 84.54
ssh 688574 ( 2.27%) 102612374 ( 0.53%) 149.02
dns 56251 ( 0.19%) 3870838 ( 0.02%) 68.81
bgp 140 ( 0.00%) 45082 ( 0.00%) 322.01
napster 20 ( 0.00%) 2656 ( 0.00%) 132.80
realaud 6 ( 0.00%) 388 ( 0.00%) 64.67
rtsp 67285 ( 0.22%) 48472948 ( 0.25%) 720.41
icecast 14742 ( 0.05%) 968615 ( 0.00%) 65.70
hotline 31 ( 0.00%) 2478 ( 0.00%) 79.94
other 2640628 ( 8.69%) 1343877444 ( 6.91%) 508.92
udp 8349235 ( 27.48%) 4260469795 ( 21.91%) 510.28
dns 681941 ( 2.24%) 115369087 ( 0.59%) 169.18
realaud 28 ( 0.00%) 2761 ( 0.00%) 98.61
halflif 177 ( 0.00%) 27555 ( 0.00%) 155.68
starcra 125 ( 0.00%) 11738 ( 0.00%) 93.90
everque 722 ( 0.00%) 132927 ( 0.00%) 184.11
unreal 161 ( 0.00%) 30192 ( 0.00%) 187.53
quake 23 ( 0.00%) 3431 ( 0.00%) 149.17
cuseeme 2 ( 0.00%) 418 ( 0.00%) 209.00
other 7665976 ( 25.23%) 4144828389 ( 21.31%) 540.68
icmp 581895 ( 1.92%) 85330033 ( 0.44%) 146.64
ipip 316 ( 0.00%) 39299 ( 0.00%) 124.36
ipsec 1756 ( 0.01%) 423152 ( 0.00%) 240.97
ip6 3285955 ( 10.82%) 2009161673 ( 10.33%) 611.44
other 21009 ( 0.07%) 8987498 ( 0.05%) 427.79
frag 703 ( 0.00%) 730356 ( 0.00%) 1038.91
ip6 57771 ( 0.19%) 9484604 ( 0.05%) 164.18
tcp6 21262 ( 0.07%) 2722897 ( 0.01%) 128.06
http(s) 209 ( 0.00%) 256173 ( 0.00%) 1225.71
http(c) 4991 ( 0.02%) 452726 ( 0.00%) 90.71
smtp 558 ( 0.00%) 462979 ( 0.00%) 829.71
ftp 5294 ( 0.02%) 524958 ( 0.00%) 99.16
imap 307 ( 0.00%) 34489 ( 0.00%) 112.34
ssh 3508 ( 0.01%) 313556 ( 0.00%) 89.38
dns 95 ( 0.00%) 31817 ( 0.00%) 334.92
bgp 111 ( 0.00%) 14580 ( 0.00%) 131.35
other 6189 ( 0.02%) 631619 ( 0.00%) 102.06
udp6 29612 ( 0.10%) 5903297 ( 0.03%) 199.35
dns 29347 ( 0.10%) 5863135 ( 0.03%) 199.79
quake 1 ( 0.00%) 107 ( 0.00%) 107.00
other 264 ( 0.00%) 40055 ( 0.00%) 151.72
icmp6 6842 ( 0.02%) 834365 ( 0.00%) 121.95
pim6 31 ( 0.00%) 4216 ( 0.00%) 136.00
other6 24 ( 0.00%) 19829 ( 0.00%) 826.21
tcpdump file: 201004151115.dump.gz (767.37 MB)