Traffic Trace Info
DumpFile: 201004160200.dump
FileSize: 2265.31MB
Id: 201004160200
StartTime: Fri Apr 16 02:00:01 2010
EndTime: Fri Apr 16 02:15:00 2010
TotalTime: 899.26 seconds
TotalCapSize: 1772.72MB CapLen: 96 bytes
# of packets: 32281577 (20984.95MB)
AvgRate: 195.75Mbps stddev:24.37M
IP flow (unique src/dst pair) Information
# of flows: 1042901 (avg. 30.95 pkts/flow)
Top 10 big flow size (bytes/total in %):
3.8% 3.4% 2.6% 1.3% 1.2% 1.0% 0.9% 0.7% 0.7% 0.6%
IP address Information
# of IPv4 addresses: 565400
Top 10 bandwidth usage (bytes/total in %):
12.1% 7.3% 6.8% 6.3% 5.9% 5.9% 3.9% 3.8% 3.6% 3.5%
# of IPv6 addresses: 966
Top 10 bandwidth usage (bytes/total in %):
29.9% 8.8% 7.1% 6.5% 4.0% 4.0% 4.0% 3.3% 3.3% 3.2%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004160200.pktlen.png)
detailed numbers
[ 32- 63]: 5121940
[ 64- 127]: 9238260
[ 128- 255]: 2166302
[ 256- 511]: 1570657
[ 512- 1023]: 713829
[ 1024- 2047]: 13470589
Protocol Breakdown
![[protocol breakdown chart]](201004160200.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 32281577 (100.00%) 22004311787 (100.00%) 681.64
ip 32231162 ( 99.84%) 21995956492 ( 99.96%) 682.44
tcp 21118372 ( 65.42%) 17036013233 ( 77.42%) 806.69
http(s) 10117386 ( 31.34%) 14306811515 ( 65.02%) 1414.08
http(c) 5523538 ( 17.11%) 508273613 ( 2.31%) 92.02
squid 322555 ( 1.00%) 119545185 ( 0.54%) 370.62
smtp 347377 ( 1.08%) 57034372 ( 0.26%) 164.19
nntp 3 ( 0.00%) 186 ( 0.00%) 62.00
ftp 12768 ( 0.04%) 1301028 ( 0.01%) 101.90
pop3 8816 ( 0.03%) 6917042 ( 0.03%) 784.60
imap 5314 ( 0.02%) 3720317 ( 0.02%) 700.10
telnet 1476 ( 0.00%) 129189 ( 0.00%) 87.53
ssh 1202073 ( 3.72%) 180175684 ( 0.82%) 149.89
dns 54358 ( 0.17%) 6245835 ( 0.03%) 114.90
bgp 188 ( 0.00%) 78838 ( 0.00%) 419.35
napster 157 ( 0.00%) 10756 ( 0.00%) 68.51
rtsp 29087 ( 0.09%) 33016925 ( 0.15%) 1135.11
icecast 631 ( 0.00%) 79069 ( 0.00%) 125.31
other 3492643 ( 10.82%) 1812673559 ( 8.24%) 519.00
udp 7246145 ( 22.45%) 3380638750 ( 15.36%) 466.54
dns 724201 ( 2.24%) 129416153 ( 0.59%) 178.70
rip 3 ( 0.00%) 225 ( 0.00%) 75.00
realaud 38 ( 0.00%) 3537 ( 0.00%) 93.08
halflif 133 ( 0.00%) 10757 ( 0.00%) 80.88
starcra 296 ( 0.00%) 26961 ( 0.00%) 91.08
everque 545 ( 0.00%) 112520 ( 0.00%) 206.46
unreal 47 ( 0.00%) 5215 ( 0.00%) 110.96
quake 38 ( 0.00%) 4161 ( 0.00%) 109.50
cuseeme 6 ( 0.00%) 548 ( 0.00%) 91.33
other 6520590 ( 20.20%) 3250908443 ( 14.77%) 498.56
icmp 1034988 ( 3.21%) 170607071 ( 0.78%) 164.84
ipip 355 ( 0.00%) 43226 ( 0.00%) 121.76
ipsec 10546 ( 0.03%) 1720032 ( 0.01%) 163.10
ip6 2438071 ( 7.55%) 1313396769 ( 5.97%) 538.70
other 382685 ( 1.19%) 93537411 ( 0.43%) 244.42
frag 1865 ( 0.01%) 1935166 ( 0.01%) 1037.62
ip6 50415 ( 0.16%) 8355295 ( 0.04%) 165.73
tcp6 14210 ( 0.04%) 1791120 ( 0.01%) 126.05
http(s) 70 ( 0.00%) 51319 ( 0.00%) 733.13
http(c) 6168 ( 0.02%) 555432 ( 0.00%) 90.05
smtp 636 ( 0.00%) 316405 ( 0.00%) 497.49
ftp 15 ( 0.00%) 1150 ( 0.00%) 76.67
imap 401 ( 0.00%) 47158 ( 0.00%) 117.60
ssh 5050 ( 0.02%) 598712 ( 0.00%) 118.56
dns 102 ( 0.00%) 25022 ( 0.00%) 245.31
bgp 115 ( 0.00%) 15652 ( 0.00%) 136.10
other 1653 ( 0.01%) 180270 ( 0.00%) 109.06
udp6 29043 ( 0.09%) 5647621 ( 0.03%) 194.46
dns 28836 ( 0.09%) 5616412 ( 0.03%) 194.77
other 207 ( 0.00%) 31209 ( 0.00%) 150.77
icmp6 7064 ( 0.02%) 857939 ( 0.00%) 121.45
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 68 ( 0.00%) 54535 ( 0.00%) 801.99
tcpdump file: 201004160200.dump.gz (826.49 MB)