Traffic Trace Info
DumpFile: 201004151600.dump
FileSize: 2536.05MB
Id: 201004151600
StartTime: Thu Apr 15 16:00:01 2010
EndTime: Thu Apr 15 16:15:01 2010
TotalTime: 899.54 seconds
TotalCapSize: 1982.65MB CapLen: 96 bytes
# of packets: 36267158 (22684.05MB)
AvgRate: 211.54Mbps stddev:17.89M
IP flow (unique src/dst pair) Information
# of flows: 950392 (avg. 38.16 pkts/flow)
Top 10 big flow size (bytes/total in %):
5.5% 1.7% 1.0% 1.0% 1.0% 0.9% 0.9% 0.9% 0.8% 0.6%
IP address Information
# of IPv4 addresses: 501336
Top 10 bandwidth usage (bytes/total in %):
12.7% 8.8% 5.6% 5.6% 4.2% 4.1% 3.7% 3.2% 2.6% 2.2%
# of IPv6 addresses: 1165
Top 10 bandwidth usage (bytes/total in %):
27.4% 10.0% 6.5% 5.8% 5.1% 5.0% 3.4% 3.3% 2.9% 2.6%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004151600.pktlen.png)
detailed numbers
[ 32- 63]: 6391318
[ 64- 127]: 9459778
[ 128- 255]: 2657360
[ 256- 511]: 2214198
[ 512- 1023]: 1086048
[ 1024- 2047]: 14458456
Protocol Breakdown
![[protocol breakdown chart]](201004151600.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 36267158 (100.00%) 23785949736 (100.00%) 655.85
ip 36206227 ( 99.83%) 23776818589 ( 99.96%) 656.71
tcp 22411505 ( 61.80%) 16555433693 ( 69.60%) 738.70
http(s) 9156070 ( 25.25%) 12271726664 ( 51.59%) 1340.28
http(c) 6469366 ( 17.84%) 855294338 ( 3.60%) 132.21
squid 563057 ( 1.55%) 255892045 ( 1.08%) 454.47
smtp 373415 ( 1.03%) 119872144 ( 0.50%) 321.02
nntp 16 ( 0.00%) 984 ( 0.00%) 61.50
ftp 1395614 ( 3.85%) 1335668663 ( 5.62%) 957.05
pop3 28034 ( 0.08%) 18636205 ( 0.08%) 664.77
imap 3850 ( 0.01%) 1945688 ( 0.01%) 505.37
telnet 1470 ( 0.00%) 143456 ( 0.00%) 97.59
ssh 906541 ( 2.50%) 146525825 ( 0.62%) 161.63
dns 56073 ( 0.15%) 3870937 ( 0.02%) 69.03
bgp 166 ( 0.00%) 64495 ( 0.00%) 388.52
napster 227 ( 0.00%) 20417 ( 0.00%) 89.94
realaud 59 ( 0.00%) 5233 ( 0.00%) 88.69
rtsp 180679 ( 0.50%) 11393208 ( 0.05%) 63.06
icecast 42964 ( 0.12%) 13928713 ( 0.06%) 324.19
hotline 9 ( 0.00%) 962 ( 0.00%) 106.89
other 3233891 ( 8.92%) 1520443476 ( 6.39%) 470.16
udp 9625818 ( 26.54%) 5019425932 ( 21.10%) 521.45
dns 864000 ( 2.38%) 146579440 ( 0.62%) 169.65
rip 5 ( 0.00%) 366 ( 0.00%) 73.20
realaud 1840 ( 0.01%) 112266 ( 0.00%) 61.01
halflif 139 ( 0.00%) 18699 ( 0.00%) 134.53
starcra 201 ( 0.00%) 18353 ( 0.00%) 91.31
everque 639 ( 0.00%) 113349 ( 0.00%) 177.38
unreal 46 ( 0.00%) 6784 ( 0.00%) 147.48
quake 34 ( 0.00%) 3134 ( 0.00%) 92.18
cuseeme 4 ( 0.00%) 374 ( 0.00%) 93.50
other 8755512 ( 24.14%) 4872145480 ( 20.48%) 556.47
icmp 582303 ( 1.61%) 78722250 ( 0.33%) 135.19
ipip 360 ( 0.00%) 46036 ( 0.00%) 127.88
ipsec 13499 ( 0.04%) 7432250 ( 0.03%) 550.58
ip6 3539010 ( 9.76%) 2109842328 ( 8.87%) 596.17
other 33732 ( 0.09%) 5916100 ( 0.02%) 175.39
frag 8032 ( 0.02%) 6561875 ( 0.03%) 816.97
ip6 60931 ( 0.17%) 9131147 ( 0.04%) 149.86
tcp6 22149 ( 0.06%) 2366693 ( 0.01%) 106.85
http(s) 52 ( 0.00%) 27889 ( 0.00%) 536.33
http(c) 5999 ( 0.02%) 530948 ( 0.00%) 88.51
smtp 603 ( 0.00%) 314315 ( 0.00%) 521.25
ftp 5370 ( 0.01%) 537810 ( 0.00%) 100.15
imap 522 ( 0.00%) 59468 ( 0.00%) 113.92
ssh 3675 ( 0.01%) 337846 ( 0.00%) 91.93
dns 6 ( 0.00%) 2249 ( 0.00%) 374.83
bgp 110 ( 0.00%) 16894 ( 0.00%) 153.58
other 5812 ( 0.02%) 539274 ( 0.00%) 92.79
udp6 31867 ( 0.09%) 5888902 ( 0.02%) 184.80
dns 31633 ( 0.09%) 5841835 ( 0.02%) 184.68
realaud 1 ( 0.00%) 168 ( 0.00%) 168.00
other 233 ( 0.00%) 46899 ( 0.00%) 201.28
icmp6 6842 ( 0.02%) 830162 ( 0.00%) 121.33
pim6 31 ( 0.00%) 4216 ( 0.00%) 136.00
other6 42 ( 0.00%) 41174 ( 0.00%) 980.33
tcpdump file: 201004151600.dump.gz (923.51 MB)