Traffic Trace Info
DumpFile: 201004160515.dump
FileSize: 1958.31MB
Id: 201004160515
StartTime: Fri Apr 16 05:15:01 2010
EndTime: Fri Apr 16 05:30:01 2010
TotalTime: 899.75 seconds
TotalCapSize: 1537.90MB CapLen: 96 bytes
# of packets: 27551230 (17677.26MB)
AvgRate: 164.81Mbps stddev:15.91M
IP flow (unique src/dst pair) Information
# of flows: 1177439 (avg. 23.40 pkts/flow)
Top 10 big flow size (bytes/total in %):
4.0% 1.9% 1.9% 1.7% 0.9% 0.9% 0.9% 0.8% 0.7% 0.7%
IP address Information
# of IPv4 addresses: 628852
Top 10 bandwidth usage (bytes/total in %):
15.6% 10.3% 8.2% 7.0% 6.4% 6.0% 5.2% 5.0% 4.1% 2.3%
# of IPv6 addresses: 974
Top 10 bandwidth usage (bytes/total in %):
23.3% 7.5% 7.4% 7.2% 6.9% 5.7% 5.6% 4.1% 4.1% 3.8%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004160515.pktlen.png)
detailed numbers
[ 32- 63]: 4074775
[ 64- 127]: 7571860
[ 128- 255]: 2154838
[ 256- 511]: 1807679
[ 512- 1023]: 728464
[ 1024- 2047]: 11213614
Protocol Breakdown
![[protocol breakdown chart]](201004160515.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 27551230 (100.00%) 18535946015 (100.00%) 672.78
ip 27502569 ( 99.82%) 18527983735 ( 99.96%) 673.68
tcp 16570259 ( 60.14%) 13087786099 ( 70.61%) 789.84
http(s) 6531053 ( 23.71%) 9106733320 ( 49.13%) 1394.37
http(c) 3381429 ( 12.27%) 343082423 ( 1.85%) 101.46
squid 372429 ( 1.35%) 133185520 ( 0.72%) 357.61
smtp 525904 ( 1.91%) 82879094 ( 0.45%) 157.59
nntp 4 ( 0.00%) 240 ( 0.00%) 60.00
ftp 10169 ( 0.04%) 1031785 ( 0.01%) 101.46
pop3 10834 ( 0.04%) 8880575 ( 0.05%) 819.69
imap 1173 ( 0.00%) 572664 ( 0.00%) 488.20
telnet 2673 ( 0.01%) 190063 ( 0.00%) 71.10
ssh 747048 ( 2.71%) 108718661 ( 0.59%) 145.53
dns 55045 ( 0.20%) 3779975 ( 0.02%) 68.67
bgp 214 ( 0.00%) 103390 ( 0.00%) 483.13
napster 126 ( 0.00%) 9917 ( 0.00%) 78.71
realaud 2 ( 0.00%) 126 ( 0.00%) 63.00
rtsp 146 ( 0.00%) 34602 ( 0.00%) 237.00
icecast 888 ( 0.00%) 77881 ( 0.00%) 87.70
hotline 2 ( 0.00%) 132 ( 0.00%) 66.00
other 4931113 ( 17.90%) 3298505311 ( 17.80%) 668.92
udp 6737119 ( 24.45%) 3336493211 ( 18.00%) 495.24
dns 750873 ( 2.73%) 131546878 ( 0.71%) 175.19
rip 8 ( 0.00%) 600 ( 0.00%) 75.00
realaud 55 ( 0.00%) 5422 ( 0.00%) 98.58
halflif 113 ( 0.00%) 10537 ( 0.00%) 93.25
starcra 288 ( 0.00%) 31740 ( 0.00%) 110.21
everque 471 ( 0.00%) 78398 ( 0.00%) 166.45
unreal 78 ( 0.00%) 10486 ( 0.00%) 134.44
quake 29 ( 0.00%) 2992 ( 0.00%) 103.17
cuseeme 13 ( 0.00%) 1611 ( 0.00%) 123.92
other 5984785 ( 21.72%) 3204548676 ( 17.29%) 535.45
icmp 1044773 ( 3.79%) 184945771 ( 1.00%) 177.02
ipip 317 ( 0.00%) 37624 ( 0.00%) 118.69
ipsec 2153 ( 0.01%) 1143594 ( 0.01%) 531.16
ip6 3142084 ( 11.40%) 1916746513 ( 10.34%) 610.02
other 5864 ( 0.02%) 830923 ( 0.00%) 141.70
frag 2403 ( 0.01%) 2500859 ( 0.01%) 1040.72
ip6 48661 ( 0.18%) 7962280 ( 0.04%) 163.63
tcp6 13517 ( 0.05%) 1546667 ( 0.01%) 114.42
http(s) 55 ( 0.00%) 33296 ( 0.00%) 605.38
http(c) 4757 ( 0.02%) 423977 ( 0.00%) 89.13
smtp 256 ( 0.00%) 102207 ( 0.00%) 399.25
ftp 885 ( 0.00%) 89197 ( 0.00%) 100.79
imap 242 ( 0.00%) 27983 ( 0.00%) 115.63
ssh 5042 ( 0.02%) 596780 ( 0.00%) 118.36
dns 99 ( 0.00%) 35395 ( 0.00%) 357.53
bgp 142 ( 0.00%) 35271 ( 0.00%) 248.39
other 2039 ( 0.01%) 202561 ( 0.00%) 99.34
udp6 27938 ( 0.10%) 5497496 ( 0.03%) 196.77
dns 27802 ( 0.10%) 5475507 ( 0.03%) 196.95
halflif 1 ( 0.00%) 108 ( 0.00%) 108.00
other 135 ( 0.00%) 21881 ( 0.00%) 162.08
icmp6 7108 ( 0.03%) 854960 ( 0.00%) 120.28
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 68 ( 0.00%) 59077 ( 0.00%) 868.78
tcpdump file: 201004160515.dump.gz (711.78 MB)