Traffic Trace Info
DumpFile: 201004152000.dump
FileSize: 2702.49MB
Id: 201004152000
StartTime: Thu Apr 15 20:00:01 2010
EndTime: Thu Apr 15 20:15:01 2010
TotalTime: 899.79 seconds
TotalCapSize: -1975.10MB CapLen: 96 bytes
# of packets: 38114478 (24971.02MB)
AvgRate: 232.80Mbps stddev:20.96M
IP flow (unique src/dst pair) Information
# of flows: 1382313 (avg. 27.57 pkts/flow)
Top 10 big flow size (bytes/total in %):
4.1% 2.9% 1.2% 1.0% 0.9% 0.8% 0.8% 0.8% 0.8% 0.8%
IP address Information
# of IPv4 addresses: 791944
Top 10 bandwidth usage (bytes/total in %):
15.1% 11.4% 5.4% 4.2% 4.2% 4.0% 3.7% 3.5% 3.0% 3.0%
# of IPv6 addresses: 1064
Top 10 bandwidth usage (bytes/total in %):
34.0% 34.0% 14.0% 13.9% 13.4% 4.9% 4.0% 3.2% 2.8% 2.6%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004152000.pktlen.png)
detailed numbers
[ 32- 63]: 6158402
[ 64- 127]: 10691246
[ 128- 255]: 2314139
[ 256- 511]: 2007079
[ 512- 1023]: 926343
[ 1024- 2047]: 16017269
Protocol Breakdown
![[protocol breakdown chart]](201004152000.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 38114478 (100.00%) 26184013799 (100.00%) 686.98
ip 38019597 ( 99.75%) 26165316450 ( 99.93%) 688.21
tcp 25888699 ( 67.92%) 20548347814 ( 78.48%) 793.72
http(s) 11153111 ( 29.26%) 15582897704 ( 59.51%) 1397.18
http(c) 7149340 ( 18.76%) 812901773 ( 3.10%) 113.70
squid 323265 ( 0.85%) 110221328 ( 0.42%) 340.96
smtp 467186 ( 1.23%) 100864560 ( 0.39%) 215.90
nntp 2 ( 0.00%) 124 ( 0.00%) 62.00
ftp 1140621 ( 2.99%) 1099526219 ( 4.20%) 963.97
pop3 18956 ( 0.05%) 9429506 ( 0.04%) 497.44
imap 5254 ( 0.01%) 2381905 ( 0.01%) 453.35
telnet 735 ( 0.00%) 87536 ( 0.00%) 119.10
ssh 1220027 ( 3.20%) 200648973 ( 0.77%) 164.46
dns 54838 ( 0.14%) 3771063 ( 0.01%) 68.77
bgp 161 ( 0.00%) 54903 ( 0.00%) 341.01
napster 49 ( 0.00%) 5635 ( 0.00%) 115.00
realaud 13 ( 0.00%) 1198 ( 0.00%) 92.15
rtsp 128008 ( 0.34%) 32040056 ( 0.12%) 250.30
icecast 855 ( 0.00%) 152607 ( 0.00%) 178.49
hotline 10 ( 0.00%) 878 ( 0.00%) 87.80
other 4226265 ( 11.09%) 2593361666 ( 9.90%) 613.63
udp 8208529 ( 21.54%) 4028725846 ( 15.39%) 490.80
dns 846092 ( 2.22%) 144652851 ( 0.55%) 170.97
realaud 8779 ( 0.02%) 6370233 ( 0.02%) 725.62
halflif 68 ( 0.00%) 6130 ( 0.00%) 90.15
starcra 209 ( 0.00%) 21324 ( 0.00%) 102.03
everque 617 ( 0.00%) 121717 ( 0.00%) 197.27
unreal 51 ( 0.00%) 7386 ( 0.00%) 144.82
quake 193 ( 0.00%) 36557 ( 0.00%) 189.41
cuseeme 414 ( 0.00%) 47277 ( 0.00%) 114.20
other 7351690 ( 19.29%) 3877233948 ( 14.81%) 527.39
icmp 1260871 ( 3.31%) 157435103 ( 0.60%) 124.86
ipip 362 ( 0.00%) 45624 ( 0.00%) 126.03
ipsec 1358 ( 0.00%) 317908 ( 0.00%) 234.10
ip6 2633509 ( 6.91%) 1419451298 ( 5.42%) 539.00
other 26269 ( 0.07%) 10992857 ( 0.04%) 418.47
frag 2164 ( 0.01%) 2182971 ( 0.01%) 1008.77
ip6 94881 ( 0.25%) 18697349 ( 0.07%) 197.06
tcp6 53871 ( 0.14%) 10947563 ( 0.04%) 203.22
http(s) 4393 ( 0.01%) 6380776 ( 0.02%) 1452.49
http(c) 34404 ( 0.09%) 3005974 ( 0.01%) 87.37
smtp 237 ( 0.00%) 114063 ( 0.00%) 481.28
ftp 4570 ( 0.01%) 475663 ( 0.00%) 104.08
imap 314 ( 0.00%) 36378 ( 0.00%) 115.85
ssh 3254 ( 0.01%) 277056 ( 0.00%) 85.14
dns 106 ( 0.00%) 40824 ( 0.00%) 385.13
bgp 111 ( 0.00%) 14235 ( 0.00%) 128.24
other 6482 ( 0.02%) 602594 ( 0.00%) 92.96
udp6 34124 ( 0.09%) 6844095 ( 0.03%) 200.57
dns 33865 ( 0.09%) 6804185 ( 0.03%) 200.92
other 259 ( 0.00%) 39910 ( 0.00%) 154.09
icmp6 6781 ( 0.02%) 838926 ( 0.00%) 123.72
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 75 ( 0.00%) 62685 ( 0.00%) 835.80
tcpdump file: 201004152000.dump.gz (963.08 MB)