Traffic Trace Info
DumpFile: 201004160845.dump
FileSize: 2074.23MB
Id: 201004160845
StartTime: Fri Apr 16 08:45:00 2010
EndTime: Fri Apr 16 09:00:00 2010
TotalTime: 899.85 seconds
TotalCapSize: 1624.11MB CapLen: 96 bytes
# of packets: 29498509 (18319.82MB)
AvgRate: 170.80Mbps stddev:14.92M
IP flow (unique src/dst pair) Information
# of flows: 925647 (avg. 31.87 pkts/flow)
Top 10 big flow size (bytes/total in %):
3.2% 2.7% 1.8% 1.7% 1.3% 1.2% 1.2% 1.2% 1.1% 1.0%
IP address Information
# of IPv4 addresses: 517601
Top 10 bandwidth usage (bytes/total in %):
16.7% 12.6% 8.2% 4.1% 3.8% 3.7% 3.7% 3.6% 3.6% 3.4%
# of IPv6 addresses: 935
Top 10 bandwidth usage (bytes/total in %):
24.7% 12.5% 7.8% 7.0% 6.5% 6.2% 4.5% 4.4% 4.4% 3.8%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004160845.pktlen.png)
detailed numbers
[ 32- 63]: 4374046
[ 64- 127]: 8029792
[ 128- 255]: 2524396
[ 256- 511]: 2080218
[ 512- 1023]: 1054989
[ 1024- 2047]: 11435068
Protocol Breakdown
![[protocol breakdown chart]](201004160845.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 29498509 (100.00%) 19209725607 (100.00%) 651.21
ip 29446565 ( 99.82%) 19202140683 ( 99.96%) 652.10
tcp 16364242 ( 55.47%) 12446630038 ( 64.79%) 760.60
http(s) 6051337 ( 20.51%) 8274218293 ( 43.07%) 1367.34
http(c) 3837621 ( 13.01%) 492082766 ( 2.56%) 128.23
squid 309126 ( 1.05%) 93379298 ( 0.49%) 302.08
smtp 312587 ( 1.06%) 104713438 ( 0.55%) 334.99
ftp 13659 ( 0.05%) 1379283 ( 0.01%) 100.98
pop3 45151 ( 0.15%) 8708872 ( 0.05%) 192.88
imap 1787 ( 0.01%) 796426 ( 0.00%) 445.68
telnet 703 ( 0.00%) 63701 ( 0.00%) 90.61
ssh 889275 ( 3.01%) 128637803 ( 0.67%) 144.65
dns 52972 ( 0.18%) 3688695 ( 0.02%) 69.63
bgp 148 ( 0.00%) 53562 ( 0.00%) 361.91
napster 96 ( 0.00%) 10415 ( 0.00%) 108.49
realaud 4502 ( 0.02%) 297160 ( 0.00%) 66.01
rtsp 169 ( 0.00%) 50704 ( 0.00%) 300.02
icecast 395 ( 0.00%) 57461 ( 0.00%) 145.47
hotline 6 ( 0.00%) 388 ( 0.00%) 64.67
other 4844343 ( 16.42%) 3338469873 ( 17.38%) 689.15
udp 8102004 ( 27.47%) 4095503108 ( 21.32%) 505.49
dns 589243 ( 2.00%) 106328483 ( 0.55%) 180.45
realaud 247 ( 0.00%) 16013 ( 0.00%) 64.83
halflif 97 ( 0.00%) 8931 ( 0.00%) 92.07
starcra 195 ( 0.00%) 27523 ( 0.00%) 141.14
everque 644 ( 0.00%) 124623 ( 0.00%) 193.51
unreal 59 ( 0.00%) 6689 ( 0.00%) 113.37
quake 31 ( 0.00%) 2995 ( 0.00%) 96.61
cuseeme 18 ( 0.00%) 1533 ( 0.00%) 85.17
other 7511203 ( 25.46%) 3988867372 ( 20.76%) 531.06
icmp 531081 ( 1.80%) 98888556 ( 0.51%) 186.20
ipip 336 ( 0.00%) 43612 ( 0.00%) 129.80
ipsec 227913 ( 0.77%) 96534778 ( 0.50%) 423.56
ip6 3934436 ( 13.34%) 2435057597 ( 12.68%) 618.91
other 286553 ( 0.97%) 29482994 ( 0.15%) 102.89
frag 2122 ( 0.01%) 1950422 ( 0.01%) 919.14
ip6 51944 ( 0.18%) 7584924 ( 0.04%) 146.02
tcp6 22491 ( 0.08%) 2528791 ( 0.01%) 112.44
http(s) 28 ( 0.00%) 15908 ( 0.00%) 568.14
http(c) 3824 ( 0.01%) 344918 ( 0.00%) 90.20
smtp 385 ( 0.00%) 211994 ( 0.00%) 550.63
ftp 5235 ( 0.02%) 532054 ( 0.00%) 101.63
imap 386 ( 0.00%) 42561 ( 0.00%) 110.26
ssh 5081 ( 0.02%) 601826 ( 0.00%) 118.45
dns 92 ( 0.00%) 24470 ( 0.00%) 265.98
bgp 117 ( 0.00%) 16618 ( 0.00%) 142.03
other 7343 ( 0.02%) 738442 ( 0.00%) 100.56
udp6 23184 ( 0.08%) 4247776 ( 0.02%) 183.22
dns 23007 ( 0.08%) 4216152 ( 0.02%) 183.26
other 177 ( 0.00%) 31624 ( 0.00%) 178.67
icmp6 6174 ( 0.02%) 743858 ( 0.00%) 120.48
pim6 31 ( 0.00%) 4216 ( 0.00%) 136.00
other6 64 ( 0.00%) 60283 ( 0.00%) 941.92
tcpdump file: 201004160845.dump.gz (727.54 MB)