Traffic Trace Info
DumpFile: 201004160230.dump
FileSize: 2149.83MB
Id: 201004160230
StartTime: Fri Apr 16 02:30:00 2010
EndTime: Fri Apr 16 02:45:00 2010
TotalTime: 900.17 seconds
TotalCapSize: 1680.69MB CapLen: 96 bytes
# of packets: 30744544 (19826.20MB)
AvgRate: 184.79Mbps stddev:21.69M
IP flow (unique src/dst pair) Information
# of flows: 989324 (avg. 31.08 pkts/flow)
Top 10 big flow size (bytes/total in %):
3.8% 2.5% 1.7% 1.7% 1.7% 1.3% 1.3% 0.9% 0.7% 0.7%
IP address Information
# of IPv4 addresses: 519793
Top 10 bandwidth usage (bytes/total in %):
13.8% 7.8% 6.2% 6.1% 6.0% 5.9% 4.0% 3.9% 3.9% 3.7%
# of IPv6 addresses: 966
Top 10 bandwidth usage (bytes/total in %):
31.6% 8.9% 7.5% 7.0% 4.2% 4.2% 4.2% 3.1% 3.0% 3.0%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004160230.pktlen.png)
detailed numbers
[ 32- 63]: 5107323
[ 64- 127]: 8581399
[ 128- 255]: 2220668
[ 256- 511]: 1473223
[ 512- 1023]: 660558
[ 1024- 2047]: 12701373
Protocol Breakdown
![[protocol breakdown chart]](201004160230.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 30744544 (100.00%) 20789273153 (100.00%) 676.19
ip 30695904 ( 99.84%) 20781362312 ( 99.96%) 677.01
tcp 19615320 ( 63.80%) 15758632656 ( 75.80%) 803.38
http(s) 9270752 ( 30.15%) 13073977448 ( 62.89%) 1410.24
http(c) 4981230 ( 16.20%) 467580522 ( 2.25%) 93.87
squid 364838 ( 1.19%) 140206735 ( 0.67%) 384.30
smtp 331776 ( 1.08%) 57006956 ( 0.27%) 171.82
nntp 1 ( 0.00%) 62 ( 0.00%) 62.00
ftp 36420 ( 0.12%) 3462550 ( 0.02%) 95.07
pop3 8708 ( 0.03%) 6146066 ( 0.03%) 705.80
imap 1939 ( 0.01%) 644248 ( 0.00%) 332.26
telnet 1497 ( 0.00%) 146610 ( 0.00%) 97.94
ssh 820908 ( 2.67%) 123726457 ( 0.60%) 150.72
dns 54900 ( 0.18%) 3789757 ( 0.02%) 69.03
bgp 152 ( 0.00%) 57301 ( 0.00%) 376.98
napster 10 ( 0.00%) 1761 ( 0.00%) 176.10
realaud 15 ( 0.00%) 1334 ( 0.00%) 88.93
rtsp 3849 ( 0.01%) 4200363 ( 0.02%) 1091.29
icecast 653 ( 0.00%) 73441 ( 0.00%) 112.47
hotline 3 ( 0.00%) 186 ( 0.00%) 62.00
other 3737669 ( 12.16%) 1877610859 ( 9.03%) 502.35
udp 7277031 ( 23.67%) 3430643511 ( 16.50%) 471.43
dns 725902 ( 2.36%) 130334490 ( 0.63%) 179.55
rip 5 ( 0.00%) 409 ( 0.00%) 81.80
realaud 26 ( 0.00%) 2279 ( 0.00%) 87.65
halflif 90 ( 0.00%) 8163 ( 0.00%) 90.70
starcra 262 ( 0.00%) 24833 ( 0.00%) 94.78
everque 510 ( 0.00%) 98954 ( 0.00%) 194.03
unreal 47 ( 0.00%) 5153 ( 0.00%) 109.64
quake 55 ( 0.00%) 4851 ( 0.00%) 88.20
cuseeme 7 ( 0.00%) 600 ( 0.00%) 85.71
other 6549860 ( 21.30%) 3299993392 ( 15.87%) 503.83
icmp 1007389 ( 3.28%) 168218390 ( 0.81%) 166.98
ipip 369 ( 0.00%) 44590 ( 0.00%) 120.84
ipsec 2456 ( 0.01%) 879884 ( 0.00%) 358.26
ip6 2323960 ( 7.56%) 1246284029 ( 5.99%) 536.28
other 469379 ( 1.53%) 176659252 ( 0.85%) 376.37
frag 2093 ( 0.01%) 2135174 ( 0.01%) 1020.15
ip6 48640 ( 0.16%) 7910841 ( 0.04%) 162.64
tcp6 12927 ( 0.04%) 1633568 ( 0.01%) 126.37
http(s) 30 ( 0.00%) 16100 ( 0.00%) 536.67
http(c) 4804 ( 0.02%) 449273 ( 0.00%) 93.52
smtp 579 ( 0.00%) 287818 ( 0.00%) 497.09
ftp 25 ( 0.00%) 2274 ( 0.00%) 90.96
imap 340 ( 0.00%) 40148 ( 0.00%) 118.08
ssh 5056 ( 0.02%) 599108 ( 0.00%) 118.49
dns 137 ( 0.00%) 37526 ( 0.00%) 273.91
bgp 109 ( 0.00%) 14405 ( 0.00%) 132.16
other 1847 ( 0.01%) 186916 ( 0.00%) 101.20
udp6 28437 ( 0.09%) 5360022 ( 0.03%) 188.49
dns 28094 ( 0.09%) 5304818 ( 0.03%) 188.82
other 343 ( 0.00%) 55204 ( 0.00%) 160.94
icmp6 7194 ( 0.02%) 866105 ( 0.00%) 120.39
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 52 ( 0.00%) 47066 ( 0.00%) 905.12
tcpdump file: 201004160230.dump.gz (782.06 MB)