Traffic Trace Info
DumpFile: 201004160545.dump
FileSize: 1809.47MB
Id: 201004160545
StartTime: Fri Apr 16 05:45:00 2010
EndTime: Fri Apr 16 06:00:00 2010
TotalTime: 900.24 seconds
TotalCapSize: 1421.90MB CapLen: 96 bytes
# of packets: 25398799 (15693.66MB)
AvgRate: 146.22Mbps stddev:12.16M
IP flow (unique src/dst pair) Information
# of flows: 1090755 (avg. 23.29 pkts/flow)
Top 10 big flow size (bytes/total in %):
2.0% 1.5% 1.2% 1.0% 0.9% 0.8% 0.7% 0.6% 0.6% 0.6%
IP address Information
# of IPv4 addresses: 594134
Top 10 bandwidth usage (bytes/total in %):
18.0% 13.9% 6.4% 5.9% 5.8% 5.1% 5.0% 4.0% 2.2% 2.2%
# of IPv6 addresses: 944
Top 10 bandwidth usage (bytes/total in %):
23.4% 7.4% 7.4% 6.6% 6.2% 6.1% 4.8% 4.2% 4.1% 4.1%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004160545.pktlen.png)
detailed numbers
[ 32- 63]: 3504116
[ 64- 127]: 7130089
[ 128- 255]: 2263572
[ 256- 511]: 1935299
[ 512- 1023]: 722630
[ 1024- 2047]: 9843093
Protocol Breakdown
![[protocol breakdown chart]](201004160545.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 25398799 (100.00%) 16455994897 (100.00%) 647.90
ip 25346103 ( 99.79%) 16447991257 ( 99.95%) 648.94
tcp 13850469 ( 54.53%) 10633724170 ( 64.62%) 767.75
http(s) 5578968 ( 21.97%) 7731275497 ( 46.98%) 1385.79
http(c) 2950311 ( 11.62%) 310009934 ( 1.88%) 105.08
squid 299702 ( 1.18%) 69694219 ( 0.42%) 232.55
smtp 376649 ( 1.48%) 67918014 ( 0.41%) 180.32
nntp 2 ( 0.00%) 124 ( 0.00%) 62.00
ftp 9179 ( 0.04%) 1216125 ( 0.01%) 132.49
pop3 8600 ( 0.03%) 6793500 ( 0.04%) 789.94
imap 743 ( 0.00%) 102031 ( 0.00%) 137.32
telnet 2168 ( 0.01%) 157941 ( 0.00%) 72.85
ssh 701310 ( 2.76%) 102129530 ( 0.62%) 145.63
dns 53561 ( 0.21%) 3867495 ( 0.02%) 72.21
bgp 193 ( 0.00%) 87267 ( 0.00%) 452.16
napster 23 ( 0.00%) 1466 ( 0.00%) 63.74
realaud 12 ( 0.00%) 1299 ( 0.00%) 108.25
rtsp 91 ( 0.00%) 23192 ( 0.00%) 254.86
icecast 549 ( 0.00%) 61110 ( 0.00%) 111.31
hotline 21 ( 0.00%) 1746 ( 0.00%) 83.14
other 3868346 ( 15.23%) 2340381220 ( 14.22%) 605.01
udp 6850080 ( 26.97%) 3318101357 ( 20.16%) 484.39
dns 705174 ( 2.78%) 122329671 ( 0.74%) 173.47
rip 1 ( 0.00%) 109 ( 0.00%) 109.00
realaud 37 ( 0.00%) 3257 ( 0.00%) 88.03
halflif 80 ( 0.00%) 7808 ( 0.00%) 97.60
starcra 278 ( 0.00%) 33786 ( 0.00%) 121.53
everque 581 ( 0.00%) 118390 ( 0.00%) 203.77
unreal 91 ( 0.00%) 11499 ( 0.00%) 126.36
quake 22 ( 0.00%) 1880 ( 0.00%) 85.45
cuseeme 13 ( 0.00%) 1126 ( 0.00%) 86.62
other 6143540 ( 24.19%) 3195459837 ( 19.42%) 520.13
icmp 1002913 ( 3.95%) 183537717 ( 1.12%) 183.00
ipip 293 ( 0.00%) 34710 ( 0.00%) 118.46
ipsec 5444 ( 0.02%) 2560592 ( 0.02%) 470.35
ip6 3629556 ( 14.29%) 2308982815 ( 14.03%) 636.16
other 7348 ( 0.03%) 1049896 ( 0.01%) 142.88
frag 1453 ( 0.01%) 1425724 ( 0.01%) 981.23
ip6 52696 ( 0.21%) 8003640 ( 0.05%) 151.88
tcp6 20831 ( 0.08%) 2381658 ( 0.01%) 114.33
http(s) 259 ( 0.00%) 223461 ( 0.00%) 862.78
http(c) 8206 ( 0.03%) 719423 ( 0.00%) 87.67
smtp 259 ( 0.00%) 111133 ( 0.00%) 429.08
ftp 2507 ( 0.01%) 262752 ( 0.00%) 104.81
imap 242 ( 0.00%) 27951 ( 0.00%) 115.50
ssh 5077 ( 0.02%) 601130 ( 0.00%) 118.40
dns 27 ( 0.00%) 7463 ( 0.00%) 276.41
bgp 116 ( 0.00%) 15820 ( 0.00%) 136.38
other 4138 ( 0.02%) 412525 ( 0.00%) 99.69
udp6 25044 ( 0.10%) 4759088 ( 0.03%) 190.03
dns 24897 ( 0.10%) 4738959 ( 0.03%) 190.34
other 147 ( 0.00%) 20129 ( 0.00%) 136.93
icmp6 6732 ( 0.03%) 806598 ( 0.00%) 119.82
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 59 ( 0.00%) 52216 ( 0.00%) 885.02
tcpdump file: 201004160545.dump.gz (652.06 MB)