Traffic Trace Info
DumpFile: 201004151215.dump
FileSize: 2126.30MB
Id: 201004151215
StartTime: Thu Apr 15 12:15:01 2010
EndTime: Thu Apr 15 12:30:00 2010
TotalTime: 899.74 seconds
TotalCapSize: 1665.17MB CapLen: 96 bytes
# of packets: 30193333 (17901.56MB)
AvgRate: 166.89Mbps stddev:16.63M
IP flow (unique src/dst pair) Information
# of flows: 1005918 (avg. 30.02 pkts/flow)
Top 10 big flow size (bytes/total in %):
2.3% 1.5% 1.3% 1.1% 1.1% 1.0% 0.9% 0.9% 0.8% 0.7%
IP address Information
# of IPv4 addresses: 572289
Top 10 bandwidth usage (bytes/total in %):
18.9% 10.8% 3.9% 3.7% 3.4% 3.3% 3.2% 2.8% 2.4% 2.4%
# of IPv6 addresses: 1004
Top 10 bandwidth usage (bytes/total in %):
25.1% 9.2% 7.5% 6.4% 6.4% 6.0% 5.2% 4.7% 4.6% 3.5%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004151215.pktlen.png)
detailed numbers
[ 32- 63]: 5775146
[ 64- 127]: 8167450
[ 128- 255]: 2325022
[ 256- 511]: 1802415
[ 512- 1023]: 809817
[ 1024- 2047]: 11313483
Protocol Breakdown
![[protocol breakdown chart]](201004151215.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 30193333 (100.00%) 18771150351 (100.00%) 621.70
ip 30133787 ( 99.80%) 18761174657 ( 99.95%) 622.60
tcp 18108537 ( 59.98%) 12392779926 ( 66.02%) 684.36
http(s) 7170196 ( 23.75%) 9463668663 ( 50.42%) 1319.86
http(c) 6073112 ( 20.11%) 700179229 ( 3.73%) 115.29
squid 222854 ( 0.74%) 75884871 ( 0.40%) 340.51
smtp 331465 ( 1.10%) 103542529 ( 0.55%) 312.38
ftp 16283 ( 0.05%) 1867955 ( 0.01%) 114.72
pop3 21373 ( 0.07%) 10579195 ( 0.06%) 494.98
imap 5003 ( 0.02%) 2543527 ( 0.01%) 508.40
telnet 480 ( 0.00%) 53598 ( 0.00%) 111.66
ssh 690849 ( 2.29%) 103543244 ( 0.55%) 149.88
dns 55816 ( 0.18%) 3866427 ( 0.02%) 69.27
bgp 154 ( 0.00%) 50189 ( 0.00%) 325.90
napster 35 ( 0.00%) 3349 ( 0.00%) 95.69
realaud 20 ( 0.00%) 2579 ( 0.00%) 128.95
rtsp 106354 ( 0.35%) 6827503 ( 0.04%) 64.20
icecast 34706 ( 0.11%) 2295529 ( 0.01%) 66.14
hotline 11 ( 0.00%) 938 ( 0.00%) 85.27
other 3379820 ( 11.19%) 1917870241 ( 10.22%) 567.45
udp 8056841 ( 26.68%) 4230515851 ( 22.54%) 525.08
dns 690607 ( 2.29%) 118019741 ( 0.63%) 170.89
realaud 53 ( 0.00%) 5989 ( 0.00%) 113.00
halflif 208 ( 0.00%) 30971 ( 0.00%) 148.90
starcra 188 ( 0.00%) 20144 ( 0.00%) 107.15
everque 724 ( 0.00%) 129464 ( 0.00%) 178.82
unreal 201 ( 0.00%) 36736 ( 0.00%) 182.77
quake 23 ( 0.00%) 2506 ( 0.00%) 108.96
cuseeme 3 ( 0.00%) 275 ( 0.00%) 91.67
other 7364754 ( 24.39%) 4112207844 ( 21.91%) 558.36
icmp 584786 ( 1.94%) 84922488 ( 0.45%) 145.22
ipip 349 ( 0.00%) 44164 ( 0.00%) 126.54
ipsec 1821 ( 0.01%) 484538 ( 0.00%) 266.08
ip6 3347632 ( 11.09%) 2047874445 ( 10.91%) 611.74
other 33821 ( 0.11%) 4553245 ( 0.02%) 134.63
frag 683 ( 0.00%) 703862 ( 0.00%) 1030.54
ip6 59546 ( 0.20%) 9975694 ( 0.05%) 167.53
tcp6 21190 ( 0.07%) 2731687 ( 0.01%) 128.91
http(s) 45 ( 0.00%) 26126 ( 0.00%) 580.58
http(c) 4061 ( 0.01%) 369255 ( 0.00%) 90.93
smtp 316 ( 0.00%) 112746 ( 0.00%) 356.79
ftp 5339 ( 0.02%) 533024 ( 0.00%) 99.84
imap 348 ( 0.00%) 39661 ( 0.00%) 113.97
ssh 4565 ( 0.02%) 933242 ( 0.00%) 204.43
dns 155 ( 0.00%) 55992 ( 0.00%) 361.24
bgp 106 ( 0.00%) 13063 ( 0.00%) 123.24
other 6255 ( 0.02%) 648578 ( 0.00%) 103.69
udp6 30901 ( 0.10%) 6171747 ( 0.03%) 199.73
dns 30623 ( 0.10%) 6122830 ( 0.03%) 199.94
other 278 ( 0.00%) 48917 ( 0.00%) 175.96
icmp6 7327 ( 0.02%) 982534 ( 0.01%) 134.10
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 98 ( 0.00%) 85646 ( 0.00%) 873.94
tcpdump file: 201004151215.dump.gz (772.58 MB)