Traffic Trace Info
DumpFile: 201004151500.dump
FileSize: 2549.67MB
Id: 201004151500
StartTime: Thu Apr 15 15:00:01 2010
EndTime: Thu Apr 15 15:15:01 2010
TotalTime: 900.02 seconds
TotalCapSize: 1998.45MB CapLen: 96 bytes
# of packets: 36108210 (23526.29MB)
AvgRate: 219.29Mbps stddev:17.27M
IP flow (unique src/dst pair) Information
# of flows: 956451 (avg. 37.75 pkts/flow)
Top 10 big flow size (bytes/total in %):
5.1% 1.7% 1.3% 0.9% 0.9% 0.8% 0.8% 0.8% 0.8% 0.8%
IP address Information
# of IPv4 addresses: 525983
Top 10 bandwidth usage (bytes/total in %):
14.9% 6.2% 5.2% 5.2% 3.8% 3.8% 3.5% 3.4% 3.2% 2.3%
# of IPv6 addresses: 1073
Top 10 bandwidth usage (bytes/total in %):
20.8% 16.0% 16.0% 7.7% 5.0% 4.2% 4.0% 4.0% 3.9% 3.8%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004151500.pktlen.png)
detailed numbers
[ 32- 63]: 5876080
[ 64- 127]: 9653537
[ 128- 255]: 2365461
[ 256- 511]: 1924049
[ 512- 1023]: 1229767
[ 1024- 2047]: 15059316
Protocol Breakdown
![[protocol breakdown chart]](201004151500.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 36108210 (100.00%) 24669107544 (100.00%) 683.20
ip 36046974 ( 99.83%) 24657098604 ( 99.95%) 684.03
tcp 24009454 ( 66.49%) 18358760569 ( 74.42%) 764.65
http(s) 9969564 ( 27.61%) 13411288846 ( 54.36%) 1345.22
http(c) 7026527 ( 19.46%) 1096116855 ( 4.44%) 156.00
squid 527723 ( 1.46%) 269152345 ( 1.09%) 510.03
smtp 427441 ( 1.18%) 177055983 ( 0.72%) 414.22
nntp 24 ( 0.00%) 1506 ( 0.00%) 62.75
ftp 1334003 ( 3.69%) 1277888888 ( 5.18%) 957.94
pop3 23877 ( 0.07%) 8776242 ( 0.04%) 367.56
imap 4124 ( 0.01%) 598127 ( 0.00%) 145.04
telnet 1688 ( 0.00%) 147686 ( 0.00%) 87.49
ssh 586778 ( 1.63%) 86420264 ( 0.35%) 147.28
dns 54239 ( 0.15%) 3734223 ( 0.02%) 68.85
bgp 157 ( 0.00%) 55713 ( 0.00%) 354.86
napster 2 ( 0.00%) 124 ( 0.00%) 62.00
realaud 365 ( 0.00%) 123673 ( 0.00%) 338.83
rtsp 283000 ( 0.78%) 111779052 ( 0.45%) 394.98
icecast 47364 ( 0.13%) 3141566 ( 0.01%) 66.33
other 3722570 ( 10.31%) 1912478931 ( 7.75%) 513.75
udp 8592480 ( 23.80%) 4668032315 ( 18.92%) 543.27
dns 839500 ( 2.32%) 147676698 ( 0.60%) 175.91
realaud 36 ( 0.00%) 3688 ( 0.00%) 102.44
halflif 96 ( 0.00%) 14494 ( 0.00%) 150.98
starcra 273 ( 0.00%) 25783 ( 0.00%) 94.44
everque 626 ( 0.00%) 117369 ( 0.00%) 187.49
unreal 57 ( 0.00%) 9170 ( 0.00%) 160.88
quake 15 ( 0.00%) 1299 ( 0.00%) 86.60
cuseeme 3 ( 0.00%) 263 ( 0.00%) 87.67
other 7751504 ( 21.47%) 4519945697 ( 18.32%) 583.11
icmp 543523 ( 1.51%) 71517043 ( 0.29%) 131.58
ipip 323 ( 0.00%) 40342 ( 0.00%) 124.90
ipsec 1570 ( 0.00%) 411116 ( 0.00%) 261.86
ip6 2868069 ( 7.94%) 1543581150 ( 6.26%) 538.20
other 31555 ( 0.09%) 14756069 ( 0.06%) 467.63
frag 6190 ( 0.02%) 6848515 ( 0.03%) 1106.38
ip6 61236 ( 0.17%) 12008940 ( 0.05%) 196.11
tcp6 22043 ( 0.06%) 4890321 ( 0.02%) 221.85
http(s) 708 ( 0.00%) 830442 ( 0.00%) 1172.94
http(c) 4072 ( 0.01%) 372237 ( 0.00%) 91.41
smtp 254 ( 0.00%) 122853 ( 0.00%) 483.67
ftp 5377 ( 0.01%) 538319 ( 0.00%) 100.12
imap 336 ( 0.00%) 39604 ( 0.00%) 117.87
ssh 4137 ( 0.01%) 506558 ( 0.00%) 122.45
dns 44 ( 0.00%) 12310 ( 0.00%) 279.77
bgp 112 ( 0.00%) 16030 ( 0.00%) 143.12
other 7003 ( 0.02%) 2451968 ( 0.01%) 350.13
udp6 31977 ( 0.09%) 6117335 ( 0.02%) 191.30
dns 31843 ( 0.09%) 6092690 ( 0.02%) 191.34
other 134 ( 0.00%) 24645 ( 0.00%) 183.92
icmp6 7136 ( 0.02%) 945252 ( 0.00%) 132.46
pim6 31 ( 0.00%) 4216 ( 0.00%) 136.00
other6 49 ( 0.00%) 51816 ( 0.00%) 1057.47
tcpdump file: 201004151500.dump.gz (907.41 MB)