Traffic Trace Info
DumpFile: 201004151745.dump
FileSize: 2419.88MB
Id: 201004151745
StartTime: Thu Apr 15 17:45:01 2010
EndTime: Thu Apr 15 18:00:00 2010
TotalTime: 899.52 seconds
TotalCapSize: 1893.70MB CapLen: 96 bytes
# of packets: 34444451 (21713.41MB)
AvgRate: 202.48Mbps stddev:16.70M
IP flow (unique src/dst pair) Information
# of flows: 1024341 (avg. 33.63 pkts/flow)
Top 10 big flow size (bytes/total in %):
5.2% 1.5% 1.0% 1.0% 1.0% 0.9% 0.7% 0.6% 0.5% 0.5%
IP address Information
# of IPv4 addresses: 546072
Top 10 bandwidth usage (bytes/total in %):
15.5% 7.7% 5.4% 5.4% 3.6% 3.6% 3.0% 3.0% 2.8% 2.3%
# of IPv6 addresses: 1162
Top 10 bandwidth usage (bytes/total in %):
22.7% 8.5% 6.9% 6.3% 6.3% 5.4% 4.5% 4.3% 4.3% 4.0%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004151745.pktlen.png)
detailed numbers
[ 32- 63]: 6258395
[ 64- 127]: 8910625
[ 128- 255]: 2352435
[ 256- 511]: 1965525
[ 512- 1023]: 1212483
[ 1024- 2047]: 13744988
Protocol Breakdown
![[protocol breakdown chart]](201004151745.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 34444451 (100.00%) 22768158468 (100.00%) 661.01
ip 34382239 ( 99.82%) 22757207713 ( 99.95%) 661.89
tcp 22383951 ( 64.99%) 16573762866 ( 72.79%) 740.43
http(s) 8248821 ( 23.95%) 11138199377 ( 48.92%) 1350.28
http(c) 6372599 ( 18.50%) 935938022 ( 4.11%) 146.87
squid 291413 ( 0.85%) 74278812 ( 0.33%) 254.89
smtp 368740 ( 1.07%) 101428384 ( 0.45%) 275.07
nntp 34 ( 0.00%) 2132 ( 0.00%) 62.71
ftp 1268221 ( 3.68%) 1221680463 ( 5.37%) 963.30
pop3 22779 ( 0.07%) 13944609 ( 0.06%) 612.17
imap 2806 ( 0.01%) 329559 ( 0.00%) 117.45
telnet 1169 ( 0.00%) 104353 ( 0.00%) 89.27
ssh 941886 ( 2.73%) 157126082 ( 0.69%) 166.82
dns 56573 ( 0.16%) 4033266 ( 0.02%) 71.29
bgp 157 ( 0.00%) 69241 ( 0.00%) 441.03
napster 60 ( 0.00%) 4866 ( 0.00%) 81.10
realaud 84 ( 0.00%) 31654 ( 0.00%) 376.83
rtsp 209281 ( 0.61%) 67703989 ( 0.30%) 323.51
icecast 45661 ( 0.13%) 31584187 ( 0.14%) 691.71
other 4553656 ( 13.22%) 2827303210 ( 12.42%) 620.89
udp 8288014 ( 24.06%) 4335461018 ( 19.04%) 523.10
dns 808431 ( 2.35%) 137598317 ( 0.60%) 170.20
rip 1 ( 0.00%) 109 ( 0.00%) 109.00
realaud 142 ( 0.00%) 9809 ( 0.00%) 69.08
halflif 137 ( 0.00%) 19437 ( 0.00%) 141.88
starcra 394 ( 0.00%) 40217 ( 0.00%) 102.07
everque 3013 ( 0.01%) 468521 ( 0.00%) 155.50
unreal 229 ( 0.00%) 27421 ( 0.00%) 119.74
quake 61 ( 0.00%) 6906 ( 0.00%) 113.21
cuseeme 7 ( 0.00%) 604 ( 0.00%) 86.29
other 7475179 ( 21.70%) 4197066115 ( 18.43%) 561.47
icmp 587820 ( 1.71%) 68886264 ( 0.30%) 117.19
ipip 374 ( 0.00%) 48052 ( 0.00%) 128.48
ipsec 12504 ( 0.04%) 9892560 ( 0.04%) 791.15
ip6 3099427 ( 9.00%) 1764782049 ( 7.75%) 569.39
other 10149 ( 0.03%) 4374904 ( 0.02%) 431.07
frag 1974 ( 0.01%) 2022970 ( 0.01%) 1024.81
ip6 62212 ( 0.18%) 10950755 ( 0.05%) 176.02
tcp6 20802 ( 0.06%) 3220983 ( 0.01%) 154.84
http(s) 950 ( 0.00%) 1169072 ( 0.01%) 1230.60
http(c) 4136 ( 0.01%) 391438 ( 0.00%) 94.64
smtp 102 ( 0.00%) 39562 ( 0.00%) 387.86
ftp 5271 ( 0.02%) 540314 ( 0.00%) 102.51
imap 335 ( 0.00%) 36643 ( 0.00%) 109.38
ssh 3493 ( 0.01%) 399650 ( 0.00%) 114.41
dns 94 ( 0.00%) 25623 ( 0.00%) 272.59
bgp 111 ( 0.00%) 15186 ( 0.00%) 136.81
other 6310 ( 0.02%) 603495 ( 0.00%) 95.64
udp6 33750 ( 0.10%) 6760359 ( 0.03%) 200.31
dns 33397 ( 0.10%) 6702560 ( 0.03%) 200.69
other 353 ( 0.00%) 57799 ( 0.00%) 163.74
icmp6 7565 ( 0.02%) 909666 ( 0.00%) 120.25
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 65 ( 0.00%) 55667 ( 0.00%) 856.42
tcpdump file: 201004151745.dump.gz (879.93 MB)