Traffic Trace Info
DumpFile: 201004160115.dump
FileSize: 2140.20MB
Id: 201004160115
StartTime: Fri Apr 16 01:15:01 2010
EndTime: Fri Apr 16 01:30:01 2010
TotalTime: 900.25 seconds
TotalCapSize: 1668.21MB CapLen: 96 bytes
# of packets: 30931776 (19614.07MB)
AvgRate: 182.73Mbps stddev:16.56M
IP flow (unique src/dst pair) Information
# of flows: 1244039 (avg. 24.86 pkts/flow)
Top 10 big flow size (bytes/total in %):
4.1% 2.8% 1.4% 1.2% 1.1% 1.1% 0.8% 0.7% 0.5% 0.5%
IP address Information
# of IPv4 addresses: 679225
Top 10 bandwidth usage (bytes/total in %):
13.8% 8.3% 7.0% 6.5% 5.9% 5.7% 4.2% 4.1% 3.5% 3.1%
# of IPv6 addresses: 969
Top 10 bandwidth usage (bytes/total in %):
28.4% 8.2% 6.7% 5.6% 5.4% 5.0% 4.2% 3.9% 3.7% 3.7%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004160115.pktlen.png)
detailed numbers
[ 32- 63]: 5199890
[ 64- 127]: 8598918
[ 128- 255]: 2252381
[ 256- 511]: 1642621
[ 512- 1023]: 599211
[ 1024- 2047]: 12638755
Protocol Breakdown
![[protocol breakdown chart]](201004160115.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 30931776 (100.00%) 20566846287 (100.00%) 664.91
ip 30876111 ( 99.82%) 20558009364 ( 99.96%) 665.82
tcp 18843358 ( 60.92%) 15225826435 ( 74.03%) 808.02
http(s) 9502069 ( 30.72%) 13262809751 ( 64.49%) 1395.78
http(c) 5316964 ( 17.19%) 511182836 ( 2.49%) 96.14
squid 261158 ( 0.84%) 84513552 ( 0.41%) 323.61
smtp 373447 ( 1.21%) 65627479 ( 0.32%) 175.73
nntp 3 ( 0.00%) 182 ( 0.00%) 60.67
ftp 9214 ( 0.03%) 1184325 ( 0.01%) 128.54
pop3 9936 ( 0.03%) 8393323 ( 0.04%) 844.74
imap 2331 ( 0.01%) 1307719 ( 0.01%) 561.01
telnet 182 ( 0.00%) 30395 ( 0.00%) 167.01
ssh 381249 ( 1.23%) 55625152 ( 0.27%) 145.90
dns 55709 ( 0.18%) 3823743 ( 0.02%) 68.64
bgp 156 ( 0.00%) 68033 ( 0.00%) 436.11
napster 4 ( 0.00%) 254 ( 0.00%) 63.50
realaud 23 ( 0.00%) 3086 ( 0.00%) 134.17
rtsp 62 ( 0.00%) 6164 ( 0.00%) 99.42
icecast 704 ( 0.00%) 64138 ( 0.00%) 91.11
hotline 13 ( 0.00%) 802 ( 0.00%) 61.69
other 2930131 ( 9.47%) 1231185321 ( 5.99%) 420.18
udp 8460637 ( 27.35%) 3899679165 ( 18.96%) 460.92
dns 758796 ( 2.45%) 135271696 ( 0.66%) 178.27
realaud 29 ( 0.00%) 2725 ( 0.00%) 93.97
halflif 76 ( 0.00%) 7444 ( 0.00%) 97.95
starcra 278 ( 0.00%) 30320 ( 0.00%) 109.06
everque 576 ( 0.00%) 107252 ( 0.00%) 186.20
unreal 72 ( 0.00%) 8931 ( 0.00%) 124.04
quake 46 ( 0.00%) 3877 ( 0.00%) 84.28
cuseeme 90 ( 0.00%) 16374 ( 0.00%) 181.93
other 7700412 ( 24.89%) 3764070790 ( 18.30%) 488.81
icmp 969088 ( 3.13%) 155894925 ( 0.76%) 160.87
ipip 354 ( 0.00%) 42648 ( 0.00%) 120.47
ipsec 1416 ( 0.00%) 360608 ( 0.00%) 254.67
ip6 2309729 ( 7.47%) 1226243602 ( 5.96%) 530.90
other 291529 ( 0.94%) 49961981 ( 0.24%) 171.38
frag 2169 ( 0.01%) 2224544 ( 0.01%) 1025.61
ip6 55665 ( 0.18%) 8836923 ( 0.04%) 158.75
tcp6 17574 ( 0.06%) 1999749 ( 0.01%) 113.79
http(s) 41 ( 0.00%) 25296 ( 0.00%) 616.98
http(c) 9384 ( 0.03%) 842608 ( 0.00%) 89.79
smtp 447 ( 0.00%) 205772 ( 0.00%) 460.34
ftp 9 ( 0.00%) 846 ( 0.00%) 94.00
imap 246 ( 0.00%) 28387 ( 0.00%) 115.39
ssh 5042 ( 0.02%) 596692 ( 0.00%) 118.34
dns 133 ( 0.00%) 31624 ( 0.00%) 237.77
bgp 106 ( 0.00%) 13648 ( 0.00%) 128.75
other 2166 ( 0.01%) 254876 ( 0.00%) 117.67
udp6 31315 ( 0.10%) 5982144 ( 0.03%) 191.03
dns 31080 ( 0.10%) 5942325 ( 0.03%) 191.19
quake 1 ( 0.00%) 116 ( 0.00%) 116.00
other 234 ( 0.00%) 39703 ( 0.00%) 169.67
icmp6 6700 ( 0.02%) 814249 ( 0.00%) 121.53
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 46 ( 0.00%) 36701 ( 0.00%) 797.85
tcpdump file: 201004160115.dump.gz (790.02 MB)