Traffic Trace Info
DumpFile: 201004160745.dump
FileSize: 1805.30MB
Id: 201004160745
StartTime: Fri Apr 16 07:45:01 2010
EndTime: Fri Apr 16 08:00:01 2010
TotalTime: 900.39 seconds
TotalCapSize: 1414.80MB CapLen: 96 bytes
# of packets: 25590979 (15730.62MB)
AvgRate: 146.55Mbps stddev:14.69M
IP flow (unique src/dst pair) Information
# of flows: 886360 (avg. 28.87 pkts/flow)
Top 10 big flow size (bytes/total in %):
3.2% 3.2% 2.6% 2.2% 1.7% 1.5% 1.3% 1.2% 0.9% 0.9%
IP address Information
# of IPv4 addresses: 474176
Top 10 bandwidth usage (bytes/total in %):
17.9% 15.1% 8.9% 4.2% 4.0% 3.4% 3.3% 3.3% 3.2% 3.0%
# of IPv6 addresses: 893
Top 10 bandwidth usage (bytes/total in %):
25.3% 16.3% 8.1% 6.7% 6.3% 6.3% 4.5% 4.5% 4.0% 3.8%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004160745.pktlen.png)
detailed numbers
[ 32- 63]: 3409340
[ 64- 127]: 7180041
[ 128- 255]: 2550259
[ 256- 511]: 1886843
[ 512- 1023]: 692416
[ 1024- 2047]: 9872080
Protocol Breakdown
![[protocol breakdown chart]](201004160745.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 25590979 (100.00%) 16494752977 (100.00%) 644.55
ip 25537915 ( 99.79%) 16487364635 ( 99.96%) 645.60
tcp 12770998 ( 49.90%) 9895663006 ( 59.99%) 774.85
http(s) 5231046 ( 20.44%) 7245204311 ( 43.92%) 1385.04
http(c) 2853334 ( 11.15%) 334690012 ( 2.03%) 117.30
squid 289347 ( 1.13%) 75927522 ( 0.46%) 262.41
smtp 319988 ( 1.25%) 62561740 ( 0.38%) 195.51
nntp 3 ( 0.00%) 196 ( 0.00%) 65.33
ftp 11480 ( 0.04%) 1081008 ( 0.01%) 94.16
pop3 8786 ( 0.03%) 6419336 ( 0.04%) 730.63
imap 48568 ( 0.19%) 66389321 ( 0.40%) 1366.94
telnet 439 ( 0.00%) 47153 ( 0.00%) 107.41
ssh 660719 ( 2.58%) 94521287 ( 0.57%) 143.06
dns 59051 ( 0.23%) 6535796 ( 0.04%) 110.68
bgp 160 ( 0.00%) 54960 ( 0.00%) 343.50
napster 6 ( 0.00%) 366 ( 0.00%) 61.00
rtsp 114 ( 0.00%) 28100 ( 0.00%) 246.49
icecast 318 ( 0.00%) 38583 ( 0.00%) 121.33
hotline 16 ( 0.00%) 1448 ( 0.00%) 90.50
other 3287619 ( 12.85%) 2002161231 ( 12.14%) 609.00
udp 7811075 ( 30.52%) 3937655052 ( 23.87%) 504.11
dns 597271 ( 2.33%) 109551696 ( 0.66%) 183.42
realaud 31 ( 0.00%) 3693 ( 0.00%) 119.13
halflif 53 ( 0.00%) 5605 ( 0.00%) 105.75
starcra 455 ( 0.00%) 45645 ( 0.00%) 100.32
everque 479 ( 0.00%) 86752 ( 0.00%) 181.11
unreal 42 ( 0.00%) 5420 ( 0.00%) 129.05
quake 37 ( 0.00%) 3601 ( 0.00%) 97.32
cuseeme 15 ( 0.00%) 1296 ( 0.00%) 86.40
other 7212222 ( 28.18%) 3827742573 ( 23.21%) 530.73
icmp 664900 ( 2.60%) 126295807 ( 0.77%) 189.95
ipip 313 ( 0.00%) 39774 ( 0.00%) 127.07
ipsec 6699 ( 0.03%) 3006382 ( 0.02%) 448.78
ip6 3980190 ( 15.55%) 2493458422 ( 15.12%) 626.47
other 303740 ( 1.19%) 31246192 ( 0.19%) 102.87
frag 2255 ( 0.01%) 2169006 ( 0.01%) 961.87
ip6 53064 ( 0.21%) 7388342 ( 0.04%) 139.23
tcp6 24903 ( 0.10%) 2656139 ( 0.02%) 106.66
http(s) 35 ( 0.00%) 24567 ( 0.00%) 701.91
http(c) 4006 ( 0.02%) 377714 ( 0.00%) 94.29
smtp 209 ( 0.00%) 93630 ( 0.00%) 447.99
ftp 6562 ( 0.03%) 659686 ( 0.00%) 100.53
imap 246 ( 0.00%) 28443 ( 0.00%) 115.62
ssh 5087 ( 0.02%) 602462 ( 0.00%) 118.43
dns 66 ( 0.00%) 16013 ( 0.00%) 242.62
bgp 111 ( 0.00%) 14348 ( 0.00%) 129.26
other 8581 ( 0.03%) 839276 ( 0.01%) 97.81
udp6 22216 ( 0.09%) 4005667 ( 0.02%) 180.31
dns 22068 ( 0.09%) 3982285 ( 0.02%) 180.46
other 148 ( 0.00%) 23382 ( 0.00%) 157.99
icmp6 5895 ( 0.02%) 706717 ( 0.00%) 119.88
pim6 31 ( 0.00%) 4216 ( 0.00%) 136.00
other6 19 ( 0.00%) 15603 ( 0.00%) 821.21
tcpdump file: 201004160745.dump.gz (635.16 MB)