Traffic Trace Info
DumpFile: 201004151800.dump
FileSize: 2480.85MB
Id: 201004151800
StartTime: Thu Apr 15 18:00:00 2010
EndTime: Thu Apr 15 18:15:01 2010
TotalTime: 900.14 seconds
TotalCapSize: 1940.83MB CapLen: 96 bytes
# of packets: 35315012 (23619.13MB)
AvgRate: 220.11Mbps stddev:25.22M
IP flow (unique src/dst pair) Information
# of flows: 1030030 (avg. 34.29 pkts/flow)
Top 10 big flow size (bytes/total in %):
5.1% 4.8% 3.6% 1.3% 0.8% 0.7% 0.7% 0.6% 0.6% 0.6%
IP address Information
# of IPv4 addresses: 557509
Top 10 bandwidth usage (bytes/total in %):
14.0% 7.5% 6.9% 5.3% 4.9% 4.9% 3.9% 3.7% 3.6% 3.0%
# of IPv6 addresses: 1112
Top 10 bandwidth usage (bytes/total in %):
23.6% 8.7% 7.2% 5.6% 5.6% 4.4% 4.4% 3.9% 3.2% 3.2%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004151800.pktlen.png)
detailed numbers
[ 32- 63]: 6112824
[ 64- 127]: 8495261
[ 128- 255]: 2524860
[ 256- 511]: 2070883
[ 512- 1023]: 939461
[ 1024- 2047]: 15171723
Protocol Breakdown
![[protocol breakdown chart]](201004151800.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 35315012 (100.00%) 24766448232 (100.00%) 701.30
ip 35251882 ( 99.82%) 24755926735 ( 99.96%) 702.26
tcp 22922163 ( 64.91%) 18536768461 ( 74.85%) 808.68
http(s) 9039323 ( 25.60%) 12342399928 ( 49.84%) 1365.41
http(c) 5924687 ( 16.78%) 825155511 ( 3.33%) 139.27
squid 307880 ( 0.87%) 83594839 ( 0.34%) 271.52
smtp 359916 ( 1.02%) 90187367 ( 0.36%) 250.58
nntp 59 ( 0.00%) 3730 ( 0.00%) 63.22
ftp 1261074 ( 3.57%) 1207100443 ( 4.87%) 957.20
pop3 34511 ( 0.10%) 10228585 ( 0.04%) 296.39
imap 2832 ( 0.01%) 710456 ( 0.00%) 250.87
telnet 1340 ( 0.00%) 128045 ( 0.00%) 95.56
ssh 886451 ( 2.51%) 132470228 ( 0.53%) 149.44
dns 56313 ( 0.16%) 3913455 ( 0.02%) 69.49
bgp 164 ( 0.00%) 67505 ( 0.00%) 411.62
napster 15 ( 0.00%) 3624 ( 0.00%) 241.60
realaud 45 ( 0.00%) 7497 ( 0.00%) 166.60
rtsp 248848 ( 0.70%) 93975394 ( 0.38%) 377.64
icecast 40372 ( 0.11%) 31332382 ( 0.13%) 776.09
hotline 24 ( 0.00%) 2785 ( 0.00%) 116.04
other 4758306 ( 13.47%) 3715486507 ( 15.00%) 780.84
udp 8227469 ( 23.30%) 4242740103 ( 17.13%) 515.68
dns 813710 ( 2.30%) 140184672 ( 0.57%) 172.28
realaud 38 ( 0.00%) 3262 ( 0.00%) 85.84
halflif 129 ( 0.00%) 19337 ( 0.00%) 149.90
starcra 91970 ( 0.26%) 82188384 ( 0.33%) 893.64
everque 577 ( 0.00%) 105183 ( 0.00%) 182.29
unreal 117 ( 0.00%) 21210 ( 0.00%) 181.28
quake 84 ( 0.00%) 6729 ( 0.00%) 80.11
cuseeme 3 ( 0.00%) 257 ( 0.00%) 85.67
other 7320389 ( 20.73%) 4019991709 ( 16.23%) 549.15
icmp 885731 ( 2.51%) 113453584 ( 0.46%) 128.09
ipip 314 ( 0.00%) 38384 ( 0.00%) 122.24
ipsec 1566 ( 0.00%) 399684 ( 0.00%) 255.23
ip6 3206111 ( 9.08%) 1858965399 ( 7.51%) 579.82
other 8528 ( 0.02%) 3561120 ( 0.01%) 417.58
frag 2238 ( 0.01%) 2210264 ( 0.01%) 987.61
ip6 63130 ( 0.18%) 10521497 ( 0.04%) 166.66
tcp6 20520 ( 0.06%) 2642554 ( 0.01%) 128.78
http(s) 339 ( 0.00%) 419644 ( 0.00%) 1237.89
http(c) 4014 ( 0.01%) 368175 ( 0.00%) 91.72
smtp 308 ( 0.00%) 125801 ( 0.00%) 408.44
ftp 5261 ( 0.01%) 535503 ( 0.00%) 101.79
imap 369 ( 0.00%) 43250 ( 0.00%) 117.21
ssh 3866 ( 0.01%) 495248 ( 0.00%) 128.10
dns 127 ( 0.00%) 56434 ( 0.00%) 444.36
bgp 107 ( 0.00%) 13408 ( 0.00%) 125.31
other 6129 ( 0.02%) 585091 ( 0.00%) 95.46
udp6 34140 ( 0.10%) 6760253 ( 0.03%) 198.02
dns 33851 ( 0.10%) 6715405 ( 0.03%) 198.38
quake 1 ( 0.00%) 118 ( 0.00%) 118.00
other 288 ( 0.00%) 44730 ( 0.00%) 155.31
icmp6 8340 ( 0.02%) 1025728 ( 0.00%) 122.99
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 100 ( 0.00%) 88882 ( 0.00%) 888.82
tcpdump file: 201004151800.dump.gz (896.09 MB)