Traffic Trace Info
DumpFile: 201004151830.dump
FileSize: 2580.53MB
Id: 201004151830
StartTime: Thu Apr 15 18:30:00 2010
EndTime: Thu Apr 15 18:45:01 2010
TotalTime: 900.75 seconds
TotalCapSize: 2023.25MB CapLen: 96 bytes
# of packets: 36478684 (24417.25MB)
AvgRate: 227.41Mbps stddev:29.43M
IP flow (unique src/dst pair) Information
# of flows: 1061821 (avg. 34.35 pkts/flow)
Top 10 big flow size (bytes/total in %):
5.2% 4.5% 2.4% 1.3% 0.7% 0.6% 0.6% 0.6% 0.5% 0.5%
IP address Information
# of IPv4 addresses: 573631
Top 10 bandwidth usage (bytes/total in %):
11.5% 6.6% 5.5% 5.4% 5.2% 4.7% 4.6% 4.6% 3.9% 3.8%
# of IPv6 addresses: 1102
Top 10 bandwidth usage (bytes/total in %):
25.7% 9.3% 6.4% 6.1% 6.1% 4.8% 4.7% 4.7% 3.3% 3.2%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004151830.pktlen.png)
detailed numbers
[ 32- 63]: 6009090
[ 64- 127]: 9515766
[ 128- 255]: 2352037
[ 256- 511]: 1947999
[ 512- 1023]: 1036465
[ 1024- 2047]: 15617327
Protocol Breakdown
![[protocol breakdown chart]](201004151830.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 36478684 (100.00%) 25603345752 (100.00%) 701.87
ip 36418305 ( 99.83%) 25593670602 ( 99.96%) 702.77
tcp 24699524 ( 67.71%) 20076162059 ( 78.41%) 812.82
http(s) 10189733 ( 27.93%) 13993485610 ( 54.65%) 1373.29
http(c) 6717839 ( 18.42%) 875008088 ( 3.42%) 130.25
squid 297121 ( 0.81%) 77071584 ( 0.30%) 259.39
smtp 414035 ( 1.14%) 170404692 ( 0.67%) 411.57
nntp 3 ( 0.00%) 194 ( 0.00%) 64.67
ftp 1210008 ( 3.32%) 1170381681 ( 4.57%) 967.25
pop3 23920 ( 0.07%) 13793981 ( 0.05%) 576.67
imap 2599 ( 0.01%) 711717 ( 0.00%) 273.84
telnet 497 ( 0.00%) 73575 ( 0.00%) 148.04
ssh 960452 ( 2.63%) 141354710 ( 0.55%) 147.18
dns 51917 ( 0.14%) 3578510 ( 0.01%) 68.93
bgp 189 ( 0.00%) 77246 ( 0.00%) 408.71
napster 55 ( 0.00%) 6838 ( 0.00%) 124.33
realaud 30 ( 0.00%) 4418 ( 0.00%) 147.27
rtsp 124837 ( 0.34%) 60037140 ( 0.23%) 480.92
icecast 40418 ( 0.11%) 31200463 ( 0.12%) 771.94
hotline 8 ( 0.00%) 494 ( 0.00%) 61.75
other 4665856 ( 12.79%) 3538970698 ( 13.82%) 758.48
udp 7753171 ( 21.25%) 3706932616 ( 14.48%) 478.12
dns 797798 ( 2.19%) 136834923 ( 0.53%) 171.52
realaud 18 ( 0.00%) 2390 ( 0.00%) 132.78
halflif 135 ( 0.00%) 17211 ( 0.00%) 127.49
starcra 257 ( 0.00%) 28916 ( 0.00%) 112.51
everque 594 ( 0.00%) 139911 ( 0.00%) 235.54
unreal 113 ( 0.00%) 20020 ( 0.00%) 177.17
quake 55 ( 0.00%) 7160 ( 0.00%) 130.18
cuseeme 3 ( 0.00%) 581 ( 0.00%) 193.67
other 6953023 ( 19.06%) 3569567158 ( 13.94%) 513.38
icmp 914146 ( 2.51%) 119450956 ( 0.47%) 130.67
ipip 346 ( 0.00%) 41864 ( 0.00%) 120.99
ipsec 1663 ( 0.00%) 426170 ( 0.00%) 256.27
ip6 3042742 ( 8.34%) 1688890533 ( 6.60%) 555.06
other 6713 ( 0.02%) 1766404 ( 0.01%) 263.13
frag 5603 ( 0.02%) 4928842 ( 0.02%) 879.68
ip6 60379 ( 0.17%) 9675150 ( 0.04%) 160.24
tcp6 19932 ( 0.05%) 2141560 ( 0.01%) 107.44
http(s) 41 ( 0.00%) 23278 ( 0.00%) 567.76
http(c) 4308 ( 0.01%) 394047 ( 0.00%) 91.47
smtp 604 ( 0.00%) 212823 ( 0.00%) 352.36
ftp 5241 ( 0.01%) 525581 ( 0.00%) 100.28
imap 352 ( 0.00%) 41303 ( 0.00%) 117.34
ssh 3224 ( 0.01%) 273712 ( 0.00%) 84.90
dns 130 ( 0.00%) 51541 ( 0.00%) 396.47
bgp 110 ( 0.00%) 20618 ( 0.00%) 187.44
other 5922 ( 0.02%) 598657 ( 0.00%) 101.09
udp6 31975 ( 0.09%) 6465829 ( 0.03%) 202.22
dns 31780 ( 0.09%) 6435911 ( 0.03%) 202.51
other 195 ( 0.00%) 29918 ( 0.00%) 153.43
icmp6 8396 ( 0.02%) 1023295 ( 0.00%) 121.88
pim6 29 ( 0.00%) 3944 ( 0.00%) 136.00
other6 47 ( 0.00%) 40522 ( 0.00%) 862.17
tcpdump file: 201004151830.dump.gz (935.66 MB)