Traffic Trace Info
DumpFile: 201004160530.dump
FileSize: 1908.57MB
Id: 201004160530
StartTime: Fri Apr 16 05:30:01 2010
EndTime: Fri Apr 16 05:45:00 2010
TotalTime: 899.44 seconds
TotalCapSize: 1500.25MB CapLen: 96 bytes
# of packets: 26759625 (16948.18MB)
AvgRate: 158.09Mbps stddev:15.39M
IP flow (unique src/dst pair) Information
# of flows: 1137471 (avg. 23.53 pkts/flow)
Top 10 big flow size (bytes/total in %):
2.6% 2.0% 1.9% 1.2% 1.0% 0.9% 0.9% 0.9% 0.7% 0.7%
IP address Information
# of IPv4 addresses: 616800
Top 10 bandwidth usage (bytes/total in %):
16.3% 12.1% 6.0% 5.6% 5.6% 5.1% 4.9% 4.8% 2.7% 2.7%
# of IPv6 addresses: 1017
Top 10 bandwidth usage (bytes/total in %):
23.2% 7.4% 6.8% 6.6% 5.9% 5.8% 5.0% 4.7% 4.7% 4.1%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004160530.pktlen.png)
detailed numbers
[ 32- 63]: 3758341
[ 64- 127]: 7440305
[ 128- 255]: 2167961
[ 256- 511]: 1955117
[ 512- 1023]: 757454
[ 1024- 2047]: 10680447
Protocol Breakdown
![[protocol breakdown chart]](201004160530.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 26759625 (100.00%) 17771454574 (100.00%) 664.11
ip 26708669 ( 99.81%) 17763405603 ( 99.95%) 665.08
tcp 15406801 ( 57.57%) 12128546528 ( 68.25%) 787.22
http(s) 6519867 ( 24.36%) 9102038484 ( 51.22%) 1396.05
http(c) 3373970 ( 12.61%) 339091426 ( 1.91%) 100.50
squid 316177 ( 1.18%) 73337958 ( 0.41%) 231.95
smtp 417117 ( 1.56%) 70218942 ( 0.40%) 168.34
nntp 2 ( 0.00%) 124 ( 0.00%) 62.00
ftp 10901 ( 0.04%) 1130066 ( 0.01%) 103.67
pop3 10982 ( 0.04%) 6318408 ( 0.04%) 575.34
imap 639 ( 0.00%) 84504 ( 0.00%) 132.24
telnet 2959 ( 0.01%) 223995 ( 0.00%) 75.70
ssh 695183 ( 2.60%) 102035564 ( 0.57%) 146.78
dns 54430 ( 0.20%) 3757296 ( 0.02%) 69.03
bgp 178 ( 0.00%) 86145 ( 0.00%) 483.96
napster 841 ( 0.00%) 620155 ( 0.00%) 737.40
realaud 3 ( 0.00%) 194 ( 0.00%) 64.67
rtsp 107 ( 0.00%) 27659 ( 0.00%) 258.50
icecast 558 ( 0.00%) 57151 ( 0.00%) 102.42
other 4002886 ( 14.96%) 2429518397 ( 13.67%) 606.94
udp 6742472 ( 25.20%) 3282252704 ( 18.47%) 486.80
dns 726748 ( 2.72%) 127656510 ( 0.72%) 175.65
rip 8 ( 0.00%) 600 ( 0.00%) 75.00
realaud 45 ( 0.00%) 4097 ( 0.00%) 91.04
halflif 83 ( 0.00%) 7766 ( 0.00%) 93.57
starcra 278 ( 0.00%) 33418 ( 0.00%) 120.21
everque 418 ( 0.00%) 77183 ( 0.00%) 184.65
unreal 66 ( 0.00%) 8997 ( 0.00%) 136.32
quake 34 ( 0.00%) 3657 ( 0.00%) 107.56
cuseeme 12 ( 0.00%) 1238 ( 0.00%) 103.17
other 6014330 ( 22.48%) 3154208767 ( 17.75%) 524.45
icmp 1062496 ( 3.97%) 195214583 ( 1.10%) 183.73
ipip 366 ( 0.00%) 45628 ( 0.00%) 124.67
ipsec 1662 ( 0.01%) 475700 ( 0.00%) 286.22
ip6 3488708 ( 13.04%) 2156011145 ( 12.13%) 618.00
other 6164 ( 0.02%) 859315 ( 0.00%) 139.41
frag 2099 ( 0.01%) 2107196 ( 0.01%) 1003.90
ip6 50956 ( 0.19%) 8048971 ( 0.05%) 157.96
tcp6 17258 ( 0.06%) 2038735 ( 0.01%) 118.13
http(s) 86 ( 0.00%) 39144 ( 0.00%) 455.16
http(c) 4868 ( 0.02%) 440826 ( 0.00%) 90.56
smtp 497 ( 0.00%) 255475 ( 0.00%) 514.03
ftp 2508 ( 0.01%) 262142 ( 0.00%) 104.52
imap 340 ( 0.00%) 40228 ( 0.00%) 118.32
ssh 5019 ( 0.02%) 594314 ( 0.00%) 118.41
dns 81 ( 0.00%) 24463 ( 0.00%) 302.01
bgp 118 ( 0.00%) 21281 ( 0.00%) 180.35
other 3741 ( 0.01%) 360862 ( 0.00%) 96.46
udp6 26544 ( 0.10%) 5091938 ( 0.03%) 191.83
dns 26455 ( 0.10%) 5077222 ( 0.03%) 191.92
other 89 ( 0.00%) 14716 ( 0.00%) 165.35
icmp6 7044 ( 0.03%) 842457 ( 0.00%) 119.60
pim6 31 ( 0.00%) 4216 ( 0.00%) 136.00
other6 79 ( 0.00%) 71625 ( 0.00%) 906.65
tcpdump file: 201004160530.dump.gz (688.67 MB)