Traffic Trace Info
DumpFile: 201004160500.dump
FileSize: 2047.99MB
Id: 201004160500
StartTime: Fri Apr 16 05:00:00 2010
EndTime: Fri Apr 16 05:15:01 2010
TotalTime: 900.55 seconds
TotalCapSize: 1609.00MB CapLen: 96 bytes
# of packets: 28768876 (18309.36MB)
AvgRate: 170.55Mbps stddev:15.15M
IP flow (unique src/dst pair) Information
# of flows: 1246598 (avg. 23.08 pkts/flow)
Top 10 big flow size (bytes/total in %):
2.5% 2.4% 2.0% 1.8% 1.3% 1.0% 0.8% 0.7% 0.7% 0.7%
IP address Information
# of IPv4 addresses: 689560
Top 10 bandwidth usage (bytes/total in %):
15.4% 10.1% 8.4% 6.8% 5.7% 5.5% 4.7% 4.3% 3.4% 2.6%
# of IPv6 addresses: 1020
Top 10 bandwidth usage (bytes/total in %):
22.7% 12.5% 7.2% 7.0% 6.9% 6.5% 5.7% 5.3% 4.0% 4.0%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004160500.pktlen.png)
detailed numbers
[ 32- 63]: 4302954
[ 64- 127]: 7999895
[ 128- 255]: 2339972
[ 256- 511]: 1743774
[ 512- 1023]: 755920
[ 1024- 2047]: 11626361
Protocol Breakdown
![[protocol breakdown chart]](201004160500.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 28768876 (100.00%) 19198755676 (100.00%) 667.34
ip 28719235 ( 99.83%) 19190505544 ( 99.96%) 668.21
tcp 17586682 ( 61.13%) 13643589618 ( 71.06%) 775.79
http(s) 7010203 ( 24.37%) 9819126518 ( 51.14%) 1400.69
http(c) 4030262 ( 14.01%) 389843438 ( 2.03%) 96.73
squid 300603 ( 1.04%) 78860967 ( 0.41%) 262.34
smtp 478985 ( 1.66%) 84632013 ( 0.44%) 176.69
nntp 8 ( 0.00%) 482 ( 0.00%) 60.25
ftp 13072 ( 0.05%) 1455782 ( 0.01%) 111.37
pop3 7932 ( 0.03%) 5990547 ( 0.03%) 755.24
imap 1058 ( 0.00%) 169009 ( 0.00%) 159.74
telnet 2793 ( 0.01%) 214058 ( 0.00%) 76.64
ssh 776339 ( 2.70%) 114871546 ( 0.60%) 147.97
dns 55047 ( 0.19%) 3791496 ( 0.02%) 68.88
bgp 182 ( 0.00%) 83436 ( 0.00%) 458.44
napster 51 ( 0.00%) 14133 ( 0.00%) 277.12
realaud 126 ( 0.00%) 10417 ( 0.00%) 82.67
rtsp 188 ( 0.00%) 43348 ( 0.00%) 230.57
icecast 795 ( 0.00%) 81374 ( 0.00%) 102.36
hotline 17 ( 0.00%) 2352 ( 0.00%) 138.35
other 4909020 ( 17.06%) 3144398642 ( 16.38%) 640.53
udp 6838040 ( 23.77%) 3404503627 ( 17.73%) 497.88
dns 781261 ( 2.72%) 136356841 ( 0.71%) 174.53
rip 20 ( 0.00%) 1500 ( 0.00%) 75.00
realaud 764 ( 0.00%) 48354 ( 0.00%) 63.29
halflif 68 ( 0.00%) 5530 ( 0.00%) 81.32
starcra 284 ( 0.00%) 32993 ( 0.00%) 116.17
everque 484 ( 0.00%) 94672 ( 0.00%) 195.60
unreal 45 ( 0.00%) 5913 ( 0.00%) 131.40
quake 24 ( 0.00%) 2052 ( 0.00%) 85.50
cuseeme 4 ( 0.00%) 458 ( 0.00%) 114.50
other 6054576 ( 21.05%) 3267608101 ( 17.02%) 539.69
icmp 1083866 ( 3.77%) 197322180 ( 1.03%) 182.05
ipip 380 ( 0.00%) 47070 ( 0.00%) 123.87
ipsec 1055 ( 0.00%) 263062 ( 0.00%) 249.35
ip6 3202376 ( 11.13%) 1943647486 ( 10.12%) 606.94
other 6836 ( 0.02%) 1132501 ( 0.01%) 165.67
frag 2195 ( 0.01%) 2248888 ( 0.01%) 1024.55
ip6 49641 ( 0.17%) 8250132 ( 0.04%) 166.20
tcp6 11982 ( 0.04%) 1341703 ( 0.01%) 111.98
http(s) 35 ( 0.00%) 16720 ( 0.00%) 477.71
http(c) 4688 ( 0.02%) 423126 ( 0.00%) 90.26
smtp 214 ( 0.00%) 45347 ( 0.00%) 211.90
imap 340 ( 0.00%) 40204 ( 0.00%) 118.25
ssh 5023 ( 0.02%) 595162 ( 0.00%) 118.49
dns 156 ( 0.00%) 44194 ( 0.00%) 283.29
bgp 105 ( 0.00%) 20364 ( 0.00%) 193.94
other 1421 ( 0.00%) 156586 ( 0.00%) 110.19
udp6 30734 ( 0.11%) 6030844 ( 0.03%) 196.23
dns 30524 ( 0.11%) 5996570 ( 0.03%) 196.45
other 210 ( 0.00%) 34274 ( 0.00%) 163.21
icmp6 6837 ( 0.02%) 826973 ( 0.00%) 120.96
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 58 ( 0.00%) 46532 ( 0.00%) 802.28
tcpdump file: 201004160500.dump.gz (737.93 MB)