Traffic Trace Info
DumpFile: 201004151345.dump
FileSize: 2551.54MB
Id: 201004151345
StartTime: Thu Apr 15 13:45:01 2010
EndTime: Thu Apr 15 14:00:01 2010
TotalTime: 899.38 seconds
TotalCapSize: 1998.74MB CapLen: 96 bytes
# of packets: 36228045 (23180.96MB)
AvgRate: 216.21Mbps stddev:16.95M
IP flow (unique src/dst pair) Information
# of flows: 1204188 (avg. 30.09 pkts/flow)
Top 10 big flow size (bytes/total in %):
2.1% 1.9% 1.8% 1.5% 1.3% 1.3% 1.0% 0.9% 0.9% 0.8%
IP address Information
# of IPv4 addresses: 669799
Top 10 bandwidth usage (bytes/total in %):
14.3% 7.6% 3.7% 3.6% 3.1% 3.1% 2.7% 2.6% 2.5% 2.4%
# of IPv6 addresses: 1045
Top 10 bandwidth usage (bytes/total in %):
24.4% 8.8% 7.9% 5.8% 5.0% 4.6% 4.5% 4.3% 3.3% 2.9%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004151345.pktlen.png)
detailed numbers
[ 32- 63]: 6579674
[ 64- 127]: 9380795
[ 128- 255]: 2282731
[ 256- 511]: 2012005
[ 512- 1023]: 1166188
[ 1024- 2047]: 14806652
Protocol Breakdown
![[protocol breakdown chart]](201004151345.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 36228045 (100.00%) 24306995302 (100.00%) 670.94
ip 36168942 ( 99.84%) 24296754751 ( 99.96%) 671.76
tcp 23431106 ( 64.68%) 17585478631 ( 72.35%) 750.52
http(s) 9313338 ( 25.71%) 12186090859 ( 50.13%) 1308.46
http(c) 7140202 ( 19.71%) 1446080506 ( 5.95%) 202.53
squid 299747 ( 0.83%) 100903251 ( 0.42%) 336.63
smtp 362973 ( 1.00%) 155489245 ( 0.64%) 428.38
ftp 20737 ( 0.06%) 4683943 ( 0.02%) 225.87
pop3 23643 ( 0.07%) 15038340 ( 0.06%) 636.06
imap 5660 ( 0.02%) 2932943 ( 0.01%) 518.19
telnet 573 ( 0.00%) 60572 ( 0.00%) 105.71
ssh 683670 ( 1.89%) 102587454 ( 0.42%) 150.05
dns 56597 ( 0.16%) 3900195 ( 0.02%) 68.91
bgp 148 ( 0.00%) 46605 ( 0.00%) 314.90
napster 18 ( 0.00%) 2146 ( 0.00%) 119.22
realaud 60 ( 0.00%) 4769 ( 0.00%) 79.48
rtsp 127293 ( 0.35%) 8056756 ( 0.03%) 63.29
icecast 66952 ( 0.18%) 18886776 ( 0.08%) 282.09
hotline 35 ( 0.00%) 7635 ( 0.00%) 218.14
other 5329456 ( 14.71%) 3540706396 ( 14.57%) 664.37
udp 8800864 ( 24.29%) 4763346589 ( 19.60%) 541.24
dns 716745 ( 1.98%) 121201045 ( 0.50%) 169.10
realaud 27 ( 0.00%) 2610 ( 0.00%) 96.67
halflif 202 ( 0.00%) 32558 ( 0.00%) 161.18
starcra 170 ( 0.00%) 18580 ( 0.00%) 109.29
everque 758 ( 0.00%) 130349 ( 0.00%) 171.96
unreal 116 ( 0.00%) 18702 ( 0.00%) 161.22
quake 38 ( 0.00%) 3575 ( 0.00%) 94.08
cuseeme 3 ( 0.00%) 274 ( 0.00%) 91.33
other 8082734 ( 22.31%) 4641888355 ( 19.10%) 574.30
icmp 617441 ( 1.70%) 74369624 ( 0.31%) 120.45
ipip 348 ( 0.00%) 43808 ( 0.00%) 125.89
ipsec 1609 ( 0.00%) 402814 ( 0.00%) 250.35
ip6 3294867 ( 9.09%) 1865052268 ( 7.67%) 566.05
other 22707 ( 0.06%) 8061017 ( 0.03%) 355.00
frag 600 ( 0.00%) 661241 ( 0.00%) 1102.07
ip6 59103 ( 0.16%) 10240551 ( 0.04%) 173.27
tcp6 19886 ( 0.05%) 2691193 ( 0.01%) 135.33
http(s) 322 ( 0.00%) 325844 ( 0.00%) 1011.94
http(c) 3842 ( 0.01%) 350050 ( 0.00%) 91.11
smtp 647 ( 0.00%) 475003 ( 0.00%) 734.16
ftp 5296 ( 0.01%) 526517 ( 0.00%) 99.42
imap 275 ( 0.00%) 31372 ( 0.00%) 114.08
ssh 3602 ( 0.01%) 402544 ( 0.00%) 111.76
dns 83 ( 0.00%) 34271 ( 0.00%) 412.90
bgp 112 ( 0.00%) 13983 ( 0.00%) 124.85
other 5707 ( 0.02%) 531609 ( 0.00%) 93.15
udp6 32230 ( 0.09%) 6590213 ( 0.03%) 204.47
dns 31973 ( 0.09%) 6551034 ( 0.03%) 204.89
other 257 ( 0.00%) 39179 ( 0.00%) 152.45
icmp6 6839 ( 0.02%) 836275 ( 0.00%) 122.28
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 118 ( 0.00%) 118790 ( 0.00%) 1006.69
tcpdump file: 201004151345.dump.gz (926.48 MB)