Traffic Trace Info
DumpFile: 201004152230.dump
FileSize: 2626.54MB
Id: 201004152230
StartTime: Thu Apr 15 22:30:00 2010
EndTime: Thu Apr 15 22:45:01 2010
TotalTime: 900.61 seconds
TotalCapSize: -2043.81MB CapLen: 96 bytes
# of packets: 37640143 (24782.61MB)
AvgRate: 230.83Mbps stddev:21.65M
IP flow (unique src/dst pair) Information
# of flows: 1243880 (avg. 30.26 pkts/flow)
Top 10 big flow size (bytes/total in %):
4.4% 1.9% 1.8% 1.8% 1.2% 0.7% 0.7% 0.6% 0.5% 0.5%
IP address Information
# of IPv4 addresses: 653486
Top 10 bandwidth usage (bytes/total in %):
12.0% 6.1% 5.6% 5.4% 5.0% 4.8% 4.7% 4.5% 4.4% 4.3%
# of IPv6 addresses: 1041
Top 10 bandwidth usage (bytes/total in %):
24.9% 13.1% 7.2% 6.0% 5.9% 5.2% 4.4% 3.4% 3.2% 2.9%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004152230.pktlen.png)
detailed numbers
[ 32- 63]: 6252338
[ 64- 127]: 10181692
[ 128- 255]: 2736442
[ 256- 511]: 1665761
[ 512- 1023]: 882915
[ 1024- 2047]: 15920995
Protocol Breakdown
![[protocol breakdown chart]](201004152230.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 37640143 (100.00%) 25986446953 (100.00%) 690.39
ip 37579063 ( 99.84%) 25976391828 ( 99.96%) 691.25
tcp 24865590 ( 66.06%) 20233527105 ( 77.86%) 813.72
http(s) 11004405 ( 29.24%) 15348343337 ( 59.06%) 1394.75
http(c) 6105830 ( 16.22%) 616602693 ( 2.37%) 100.99
squid 278602 ( 0.74%) 82074342 ( 0.32%) 294.59
smtp 444347 ( 1.18%) 106952413 ( 0.41%) 240.70
ftp 1196351 ( 3.18%) 1156752668 ( 4.45%) 966.90
pop3 11060 ( 0.03%) 6203446 ( 0.02%) 560.89
imap 14625 ( 0.04%) 16496669 ( 0.06%) 1127.98
telnet 351 ( 0.00%) 60725 ( 0.00%) 173.01
ssh 1577177 ( 4.19%) 211903838 ( 0.82%) 134.36
dns 53122 ( 0.14%) 3663713 ( 0.01%) 68.97
bgp 157 ( 0.00%) 64256 ( 0.00%) 409.27
napster 101 ( 0.00%) 12053 ( 0.00%) 119.34
realaud 25 ( 0.00%) 2700 ( 0.00%) 108.00
rtsp 82907 ( 0.22%) 94412026 ( 0.36%) 1138.77
icecast 844 ( 0.00%) 86775 ( 0.00%) 102.81
hotline 2 ( 0.00%) 156 ( 0.00%) 78.00
other 4095683 ( 10.88%) 2589895197 ( 9.97%) 632.35
udp 8556879 ( 22.73%) 4040406174 ( 15.55%) 472.18
dns 804381 ( 2.14%) 141429808 ( 0.54%) 175.82
realaud 394 ( 0.00%) 28839 ( 0.00%) 73.20
halflif 110 ( 0.00%) 9132 ( 0.00%) 83.02
starcra 3436 ( 0.01%) 2747318 ( 0.01%) 799.57
everque 562 ( 0.00%) 96398 ( 0.00%) 171.53
unreal 54 ( 0.00%) 7265 ( 0.00%) 134.54
quake 81 ( 0.00%) 7076 ( 0.00%) 87.36
cuseeme 98 ( 0.00%) 17002 ( 0.00%) 173.49
other 7747476 ( 20.58%) 3895892826 ( 14.99%) 502.86
icmp 985857 ( 2.62%) 171318404 ( 0.66%) 173.78
ipip 345 ( 0.00%) 40422 ( 0.00%) 117.17
ipsec 1340 ( 0.00%) 320312 ( 0.00%) 239.04
ip6 2812874 ( 7.47%) 1473018155 ( 5.67%) 523.67
other 356178 ( 0.95%) 57761256 ( 0.22%) 162.17
frag 1915 ( 0.01%) 1966948 ( 0.01%) 1027.13
ip6 61080 ( 0.16%) 10055125 ( 0.04%) 164.62
tcp6 17269 ( 0.05%) 2208899 ( 0.01%) 127.91
http(s) 23 ( 0.00%) 7756 ( 0.00%) 337.22
http(c) 9906 ( 0.03%) 843216 ( 0.00%) 85.12
smtp 549 ( 0.00%) 512843 ( 0.00%) 934.14
ftp 4 ( 0.00%) 482 ( 0.00%) 120.50
imap 364 ( 0.00%) 42813 ( 0.00%) 117.62
ssh 4260 ( 0.01%) 506352 ( 0.00%) 118.86
dns 80 ( 0.00%) 32550 ( 0.00%) 406.88
bgp 108 ( 0.00%) 19638 ( 0.00%) 181.83
other 1975 ( 0.01%) 243249 ( 0.00%) 123.16
udp6 36731 ( 0.10%) 6908330 ( 0.03%) 188.08
dns 36421 ( 0.10%) 6858859 ( 0.03%) 188.32
other 310 ( 0.00%) 49471 ( 0.00%) 159.58
icmp6 6976 ( 0.02%) 862451 ( 0.00%) 123.63
pim6 31 ( 0.00%) 4216 ( 0.00%) 136.00
other6 73 ( 0.00%) 71229 ( 0.00%) 975.74
tcpdump file: 201004152230.dump.gz (973.48 MB)