Traffic Trace Info
DumpFile: 201004151530.dump
FileSize: 2476.65MB
Id: 201004151530
StartTime: Thu Apr 15 15:30:01 2010
EndTime: Thu Apr 15 15:45:01 2010
TotalTime: 899.62 seconds
TotalCapSize: 1935.72MB CapLen: 96 bytes
# of packets: 35432449 (22821.78MB)
AvgRate: 212.81Mbps stddev:26.04M
IP flow (unique src/dst pair) Information
# of flows: 1033955 (avg. 34.27 pkts/flow)
Top 10 big flow size (bytes/total in %):
5.2% 2.0% 1.4% 1.3% 1.2% 0.9% 0.9% 0.8% 0.8% 0.8%
IP address Information
# of IPv4 addresses: 548856
Top 10 bandwidth usage (bytes/total in %):
13.9% 7.2% 5.3% 5.3% 3.9% 3.8% 3.3% 3.2% 2.6% 2.5%
# of IPv6 addresses: 1155
Top 10 bandwidth usage (bytes/total in %):
23.3% 9.6% 6.2% 5.4% 4.9% 4.8% 3.5% 3.4% 3.4% 3.4%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004151530.pktlen.png)
detailed numbers
[ 32- 63]: 6372225
[ 64- 127]: 9243812
[ 128- 255]: 2225266
[ 256- 511]: 1871574
[ 512- 1023]: 1033265
[ 1024- 2047]: 14686307
Protocol Breakdown
![[protocol breakdown chart]](201004151530.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 35432449 (100.00%) 23930375089 (100.00%) 675.38
ip 35371137 ( 99.83%) 23920727246 ( 99.96%) 676.28
tcp 22898889 ( 64.63%) 17369294955 ( 72.58%) 758.52
http(s) 9418362 ( 26.58%) 12764666296 ( 53.34%) 1355.30
http(c) 6723396 ( 18.98%) 853634405 ( 3.57%) 126.96
squid 423914 ( 1.20%) 188456940 ( 0.79%) 444.56
smtp 385276 ( 1.09%) 126490348 ( 0.53%) 328.31
nntp 69 ( 0.00%) 4310 ( 0.00%) 62.46
ftp 1322173 ( 3.73%) 1269203194 ( 5.30%) 959.94
pop3 32607 ( 0.09%) 14229976 ( 0.06%) 436.41
imap 4433 ( 0.01%) 1922579 ( 0.01%) 433.70
telnet 1431 ( 0.00%) 129838 ( 0.00%) 90.73
ssh 620925 ( 1.75%) 92027131 ( 0.38%) 148.21
dns 56368 ( 0.16%) 3888559 ( 0.02%) 68.99
bgp 160 ( 0.00%) 59713 ( 0.00%) 373.21
napster 60 ( 0.00%) 5539 ( 0.00%) 92.32
realaud 36 ( 0.00%) 12088 ( 0.00%) 335.78
rtsp 132521 ( 0.37%) 36625348 ( 0.15%) 276.37
icecast 24183 ( 0.07%) 1631141 ( 0.01%) 67.45
hotline 1 ( 0.00%) 66 ( 0.00%) 66.00
other 3752971 ( 10.59%) 2016307304 ( 8.43%) 537.26
udp 8807906 ( 24.86%) 4696254965 ( 19.62%) 533.19
dns 852681 ( 2.41%) 144327193 ( 0.60%) 169.26
realaud 1867 ( 0.01%) 113044 ( 0.00%) 60.55
halflif 94 ( 0.00%) 14162 ( 0.00%) 150.66
starcra 170 ( 0.00%) 17642 ( 0.00%) 103.78
everque 583 ( 0.00%) 109580 ( 0.00%) 187.96
unreal 51 ( 0.00%) 7407 ( 0.00%) 145.24
quake 28 ( 0.00%) 2495 ( 0.00%) 89.11
cuseeme 3 ( 0.00%) 306 ( 0.00%) 102.00
other 7952078 ( 22.44%) 4551466369 ( 19.02%) 572.36
icmp 576267 ( 1.63%) 73236556 ( 0.31%) 127.09
ipip 351 ( 0.00%) 44290 ( 0.00%) 126.18
ipsec 6016 ( 0.02%) 2096244 ( 0.01%) 348.44
ip6 2998030 ( 8.46%) 1741235008 ( 7.28%) 580.79
other 83678 ( 0.24%) 38565228 ( 0.16%) 460.88
frag 1712 ( 0.00%) 1725611 ( 0.01%) 1007.95
ip6 61312 ( 0.17%) 9647843 ( 0.04%) 157.36
tcp6 24351 ( 0.07%) 3151762 ( 0.01%) 129.43
http(s) 581 ( 0.00%) 718886 ( 0.00%) 1237.33
http(c) 7469 ( 0.02%) 645514 ( 0.00%) 86.43
smtp 461 ( 0.00%) 224914 ( 0.00%) 487.88
ftp 5299 ( 0.01%) 530194 ( 0.00%) 100.06
imap 417 ( 0.00%) 48943 ( 0.00%) 117.37
ssh 3703 ( 0.01%) 336246 ( 0.00%) 90.80
dns 14 ( 0.00%) 4072 ( 0.00%) 290.86
bgp 125 ( 0.00%) 16613 ( 0.00%) 132.90
other 6282 ( 0.02%) 626380 ( 0.00%) 99.71
udp6 29674 ( 0.08%) 5511558 ( 0.02%) 185.74
dns 29473 ( 0.08%) 5475477 ( 0.02%) 185.78
realaud 1 ( 0.00%) 168 ( 0.00%) 168.00
everque 1 ( 0.00%) 112 ( 0.00%) 112.00
other 199 ( 0.00%) 35801 ( 0.00%) 179.90
icmp6 7204 ( 0.02%) 933668 ( 0.00%) 129.60
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 53 ( 0.00%) 46775 ( 0.00%) 882.55
tcpdump file: 201004151530.dump.gz (892.28 MB)