Traffic Trace Info
DumpFile: 201004151630.dump
FileSize: 2634.48MB
Id: 201004151630
StartTime: Thu Apr 15 16:30:00 2010
EndTime: Thu Apr 15 16:45:01 2010
TotalTime: 900.30 seconds
TotalCapSize: -2034.67MB CapLen: 96 bytes
# of packets: 37535672 (23907.80MB)
AvgRate: 222.77Mbps stddev:28.07M
IP flow (unique src/dst pair) Information
# of flows: 964869 (avg. 38.90 pkts/flow)
Top 10 big flow size (bytes/total in %):
4.9% 3.4% 1.3% 1.2% 1.0% 1.0% 1.0% 0.9% 0.9% 0.9%
IP address Information
# of IPv4 addresses: 502725
Top 10 bandwidth usage (bytes/total in %):
13.6% 8.4% 5.0% 5.0% 4.5% 4.3% 3.9% 3.7% 3.5% 3.5%
# of IPv6 addresses: 1134
Top 10 bandwidth usage (bytes/total in %):
21.5% 9.7% 8.4% 8.2% 7.9% 5.1% 4.5% 4.2% 4.0% 2.8%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004151630.pktlen.png)
detailed numbers
[ 32- 63]: 6557856
[ 64- 127]: 9491114
[ 128- 255]: 2618851
[ 256- 511]: 2324685
[ 512- 1023]: 1456329
[ 1024- 2047]: 15086837
Protocol Breakdown
![[protocol breakdown chart]](201004151630.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 37535672 (100.00%) 25069145441 (100.00%) 667.88
ip 37469780 ( 99.82%) 25057540530 ( 99.95%) 668.74
tcp 23661359 ( 63.04%) 17916520987 ( 71.47%) 757.21
http(s) 9553733 ( 25.45%) 12884777437 ( 51.40%) 1348.66
http(c) 6649238 ( 17.71%) 829214160 ( 3.31%) 124.71
squid 518844 ( 1.38%) 224378069 ( 0.90%) 432.46
smtp 424835 ( 1.13%) 149091573 ( 0.59%) 350.94
ftp 1325126 ( 3.53%) 1262677545 ( 5.04%) 952.87
pop3 26649 ( 0.07%) 18985863 ( 0.08%) 712.44
imap 4281 ( 0.01%) 2978483 ( 0.01%) 695.74
telnet 890 ( 0.00%) 107419 ( 0.00%) 120.70
ssh 885645 ( 2.36%) 135720102 ( 0.54%) 153.24
dns 56148 ( 0.15%) 3854058 ( 0.02%) 68.64
bgp 174 ( 0.00%) 64097 ( 0.00%) 368.37
napster 57 ( 0.00%) 22758 ( 0.00%) 399.26
realaud 40 ( 0.00%) 4839 ( 0.00%) 120.97
rtsp 68312 ( 0.18%) 16232770 ( 0.06%) 237.63
icecast 34231 ( 0.09%) 16736971 ( 0.07%) 488.94
other 4113146 ( 10.96%) 2371674243 ( 9.46%) 576.61
udp 9605404 ( 25.59%) 4925078581 ( 19.65%) 512.74
dns 861906 ( 2.30%) 147157393 ( 0.59%) 170.73
rip 4 ( 0.00%) 300 ( 0.00%) 75.00
realaud 53 ( 0.00%) 4946 ( 0.00%) 93.32
halflif 129 ( 0.00%) 18348 ( 0.00%) 142.23
starcra 296 ( 0.00%) 28421 ( 0.00%) 96.02
everque 608 ( 0.00%) 101109 ( 0.00%) 166.30
unreal 126 ( 0.00%) 19654 ( 0.00%) 155.98
quake 44 ( 0.00%) 4619 ( 0.00%) 104.98
cuseeme 8 ( 0.00%) 948 ( 0.00%) 118.50
other 8741832 ( 23.29%) 4777515330 ( 19.06%) 546.51
icmp 592704 ( 1.58%) 78692789 ( 0.31%) 132.77
ipip 355 ( 0.00%) 42504 ( 0.00%) 119.73
ipsec 1994 ( 0.01%) 485436 ( 0.00%) 243.45
ip6 3559000 ( 9.48%) 2128349223 ( 8.49%) 598.02
other 48964 ( 0.13%) 8371010 ( 0.03%) 170.96
frag 2288 ( 0.01%) 2406826 ( 0.01%) 1051.93
ip6 65892 ( 0.18%) 11604911 ( 0.05%) 176.12
tcp6 24482 ( 0.07%) 2991315 ( 0.01%) 122.18
http(s) 372 ( 0.00%) 364844 ( 0.00%) 980.76
http(c) 7295 ( 0.02%) 628188 ( 0.00%) 86.11
smtp 512 ( 0.00%) 254583 ( 0.00%) 497.23
ftp 4883 ( 0.01%) 489079 ( 0.00%) 100.16
imap 494 ( 0.00%) 57761 ( 0.00%) 116.93
ssh 3493 ( 0.01%) 440634 ( 0.00%) 126.15
dns 286 ( 0.00%) 82610 ( 0.00%) 288.85
bgp 102 ( 0.00%) 12744 ( 0.00%) 124.94
other 7045 ( 0.02%) 660872 ( 0.00%) 93.81
udp6 34049 ( 0.09%) 7576285 ( 0.03%) 222.51
dns 33855 ( 0.09%) 7543389 ( 0.03%) 222.81
other 194 ( 0.00%) 32896 ( 0.00%) 169.57
icmp6 7272 ( 0.02%) 982569 ( 0.00%) 135.12
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 59 ( 0.00%) 50662 ( 0.00%) 858.68
tcpdump file: 201004151630.dump.gz (940.05 MB)