Traffic Trace Info
DumpFile: 201004160430.dump
FileSize: 2042.90MB
Id: 201004160430
StartTime: Fri Apr 16 04:30:00 2010
EndTime: Fri Apr 16 04:45:01 2010
TotalTime: 900.23 seconds
TotalCapSize: 1600.12MB CapLen: 96 bytes
# of packets: 29017438 (18646.06MB)
AvgRate: 173.75Mbps stddev:13.84M
IP flow (unique src/dst pair) Information
# of flows: 1125196 (avg. 25.79 pkts/flow)
Top 10 big flow size (bytes/total in %):
2.8% 2.0% 1.8% 1.3% 0.8% 0.8% 0.7% 0.7% 0.7% 0.7%
IP address Information
# of IPv4 addresses: 605902
Top 10 bandwidth usage (bytes/total in %):
16.8% 9.2% 8.6% 7.2% 6.0% 5.9% 5.5% 5.1% 2.9% 2.7%
# of IPv6 addresses: 953
Top 10 bandwidth usage (bytes/total in %):
25.3% 10.9% 8.2% 8.0% 7.0% 6.1% 4.9% 4.4% 4.4% 3.3%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004160430.pktlen.png)
detailed numbers
[ 32- 63]: 4369799
[ 64- 127]: 7598518
[ 128- 255]: 2566477
[ 256- 511]: 1787761
[ 512- 1023]: 873958
[ 1024- 2047]: 11820925
Protocol Breakdown
![[protocol breakdown chart]](201004160430.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 29017438 (100.00%) 19551816003 (100.00%) 673.80
ip 28970242 ( 99.84%) 19544414482 ( 99.96%) 674.64
tcp 17373246 ( 59.87%) 13650112972 ( 69.82%) 785.70
http(s) 6832488 ( 23.55%) 9430611799 ( 48.23%) 1380.26
http(c) 3698274 ( 12.75%) 365538018 ( 1.87%) 98.84
squid 358326 ( 1.23%) 124436341 ( 0.64%) 347.27
smtp 444369 ( 1.53%) 81611160 ( 0.42%) 183.66
ftp 11560 ( 0.04%) 1897185 ( 0.01%) 164.12
pop3 7064 ( 0.02%) 5628437 ( 0.03%) 796.78
imap 748 ( 0.00%) 225386 ( 0.00%) 301.32
telnet 2412 ( 0.01%) 189061 ( 0.00%) 78.38
ssh 791936 ( 2.73%) 114656530 ( 0.59%) 144.78
dns 52872 ( 0.18%) 3639813 ( 0.02%) 68.84
bgp 183 ( 0.00%) 89609 ( 0.00%) 489.67
napster 360 ( 0.00%) 391070 ( 0.00%) 1086.31
realaud 14 ( 0.00%) 2319 ( 0.00%) 165.64
rtsp 218 ( 0.00%) 52532 ( 0.00%) 240.97
icecast 473 ( 0.00%) 55783 ( 0.00%) 117.93
other 5171949 ( 17.82%) 3521087929 ( 18.01%) 680.80
udp 7469786 ( 25.74%) 3847864649 ( 19.68%) 515.12
dns 897335 ( 3.09%) 240215107 ( 1.23%) 267.70
rip 11 ( 0.00%) 825 ( 0.00%) 75.00
realaud 998 ( 0.00%) 64249 ( 0.00%) 64.38
halflif 120 ( 0.00%) 10973 ( 0.00%) 91.44
starcra 293 ( 0.00%) 35312 ( 0.00%) 120.52
everque 500 ( 0.00%) 88132 ( 0.00%) 176.26
unreal 59 ( 0.00%) 7210 ( 0.00%) 122.20
quake 39 ( 0.00%) 3979 ( 0.00%) 102.03
cuseeme 3 ( 0.00%) 311 ( 0.00%) 103.67
other 6564143 ( 22.62%) 3606803909 ( 18.45%) 549.47
icmp 1086584 ( 3.74%) 200618150 ( 1.03%) 184.63
ipip 376 ( 0.00%) 45664 ( 0.00%) 121.45
ipsec 1071 ( 0.00%) 228966 ( 0.00%) 213.79
ip6 2991623 ( 10.31%) 1795574675 ( 9.18%) 600.20
other 47556 ( 0.16%) 49969406 ( 0.26%) 1050.75
frag 77811 ( 0.27%) 91005715 ( 0.47%) 1169.57
ip6 47196 ( 0.16%) 7401521 ( 0.04%) 156.83
tcp6 12120 ( 0.04%) 1379391 ( 0.01%) 113.81
http(s) 18 ( 0.00%) 7659 ( 0.00%) 425.50
http(c) 5018 ( 0.02%) 501910 ( 0.00%) 100.02
smtp 204 ( 0.00%) 61510 ( 0.00%) 301.52
imap 342 ( 0.00%) 40458 ( 0.00%) 118.30
ssh 5041 ( 0.02%) 596326 ( 0.00%) 118.30
dns 52 ( 0.00%) 18161 ( 0.00%) 349.25
bgp 112 ( 0.00%) 15009 ( 0.00%) 134.01
other 1333 ( 0.00%) 138358 ( 0.00%) 103.79
udp6 28264 ( 0.10%) 5170294 ( 0.03%) 182.93
dns 28108 ( 0.10%) 5144616 ( 0.03%) 183.03
other 156 ( 0.00%) 25678 ( 0.00%) 164.60
icmp6 6733 ( 0.02%) 805774 ( 0.00%) 119.68
pim6 31 ( 0.00%) 4216 ( 0.00%) 136.00
other6 48 ( 0.00%) 41846 ( 0.00%) 871.79
tcpdump file: 201004160430.dump.gz (740.68 MB)