Traffic Trace Info
DumpFile: 201004151945.dump
FileSize: 2576.08MB
Id: 201004151945
StartTime: Thu Apr 15 19:45:01 2010
EndTime: Thu Apr 15 20:00:01 2010
TotalTime: 900.60 seconds
TotalCapSize: 2024.03MB CapLen: 96 bytes
# of packets: 36178451 (24324.97MB)
AvgRate: 226.53Mbps stddev:26.79M
IP flow (unique src/dst pair) Information
# of flows: 1171783 (avg. 30.87 pkts/flow)
Top 10 big flow size (bytes/total in %):
4.5% 1.3% 1.2% 1.2% 0.9% 0.9% 0.9% 0.9% 0.9% 0.9%
IP address Information
# of IPv4 addresses: 645119
Top 10 bandwidth usage (bytes/total in %):
15.8% 11.0% 5.4% 4.7% 4.6% 4.6% 4.0% 3.9% 3.7% 3.6%
# of IPv6 addresses: 1008
Top 10 bandwidth usage (bytes/total in %):
27.1% 10.3% 6.5% 6.4% 5.9% 5.4% 4.5% 3.9% 3.3% 3.1%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004151945.pktlen.png)
detailed numbers
[ 32- 63]: 5294458
[ 64- 127]: 10295743
[ 128- 255]: 2287238
[ 256- 511]: 1719317
[ 512- 1023]: 906466
[ 1024- 2047]: 15675229
Protocol Breakdown
![[protocol breakdown chart]](201004151945.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 36178451 (100.00%) 25506579176 (100.00%) 705.02
ip 36119540 ( 99.84%) 25497509253 ( 99.96%) 705.92
tcp 24880215 ( 68.77%) 20075849952 ( 78.71%) 806.90
http(s) 10725955 ( 29.65%) 14961985510 ( 58.66%) 1394.93
http(c) 6819536 ( 18.85%) 806005481 ( 3.16%) 118.19
squid 283781 ( 0.78%) 80670021 ( 0.32%) 284.27
smtp 470858 ( 1.30%) 175659104 ( 0.69%) 373.06
nntp 7 ( 0.00%) 420 ( 0.00%) 60.00
ftp 1203560 ( 3.33%) 1165649453 ( 4.57%) 968.50
pop3 14209 ( 0.04%) 10705257 ( 0.04%) 753.41
imap 2025 ( 0.01%) 846694 ( 0.00%) 418.12
telnet 649 ( 0.00%) 104582 ( 0.00%) 161.14
ssh 1240903 ( 3.43%) 199756610 ( 0.78%) 160.98
dns 56541 ( 0.16%) 3874241 ( 0.02%) 68.52
bgp 171 ( 0.00%) 59639 ( 0.00%) 348.77
napster 140 ( 0.00%) 14883 ( 0.00%) 106.31
realaud 24 ( 0.00%) 2281 ( 0.00%) 95.04
rtsp 78605 ( 0.22%) 21542625 ( 0.08%) 274.06
icecast 1265 ( 0.00%) 113901 ( 0.00%) 90.04
hotline 4 ( 0.00%) 252 ( 0.00%) 63.00
other 3981978 ( 11.01%) 2648858758 ( 10.39%) 665.21
udp 7733996 ( 21.38%) 3909481273 ( 15.33%) 505.49
dns 766049 ( 2.12%) 130935126 ( 0.51%) 170.92
realaud 35 ( 0.00%) 2929 ( 0.00%) 83.69
halflif 58 ( 0.00%) 5772 ( 0.00%) 99.52
starcra 221 ( 0.00%) 21163 ( 0.00%) 95.76
everque 562 ( 0.00%) 105455 ( 0.00%) 187.64
unreal 59 ( 0.00%) 8217 ( 0.00%) 139.27
quake 171 ( 0.00%) 20910 ( 0.00%) 122.28
cuseeme 232 ( 0.00%) 26254 ( 0.00%) 113.16
other 6965984 ( 19.25%) 3778101959 ( 14.81%) 542.36
icmp 934737 ( 2.58%) 124459100 ( 0.49%) 133.15
ipip 317 ( 0.00%) 38342 ( 0.00%) 120.95
ipsec 1487 ( 0.00%) 343290 ( 0.00%) 230.86
ip6 2547618 ( 7.04%) 1379866330 ( 5.41%) 541.63
other 21170 ( 0.06%) 7470966 ( 0.03%) 352.90
frag 3534 ( 0.01%) 3091045 ( 0.01%) 874.66
ip6 58911 ( 0.16%) 9069923 ( 0.04%) 153.96
tcp6 20885 ( 0.06%) 2152750 ( 0.01%) 103.08
http(s) 87 ( 0.00%) 84043 ( 0.00%) 966.01
http(c) 5304 ( 0.01%) 535952 ( 0.00%) 101.05
smtp 133 ( 0.00%) 54926 ( 0.00%) 412.98
ftp 4377 ( 0.01%) 443473 ( 0.00%) 101.32
imap 248 ( 0.00%) 28447 ( 0.00%) 114.71
ssh 3303 ( 0.01%) 290118 ( 0.00%) 87.83
dns 108 ( 0.00%) 29264 ( 0.00%) 270.96
bgp 106 ( 0.00%) 16313 ( 0.00%) 153.90
hotline 4 ( 0.00%) 356 ( 0.00%) 89.00
other 7215 ( 0.02%) 669858 ( 0.00%) 92.84
udp6 31213 ( 0.09%) 5986653 ( 0.02%) 191.80
dns 30949 ( 0.09%) 5945867 ( 0.02%) 192.12
other 264 ( 0.00%) 40786 ( 0.00%) 154.49
icmp6 6679 ( 0.02%) 821849 ( 0.00%) 123.05
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 104 ( 0.00%) 104591 ( 0.00%) 1005.68
tcpdump file: 201004151945.dump.gz (924.49 MB)