Traffic Trace Info
DumpFile: 201004160900.dump
FileSize: 2052.87MB
Id: 201004160900
StartTime: Fri Apr 16 09:00:00 2010
EndTime: Fri Apr 16 09:15:01 2010
TotalTime: 900.33 seconds
TotalCapSize: 1600.62MB CapLen: 96 bytes
# of packets: 29638453 (18187.18MB)
AvgRate: 169.47Mbps stddev:13.03M
IP flow (unique src/dst pair) Information
# of flows: 839858 (avg. 35.29 pkts/flow)
Top 10 big flow size (bytes/total in %):
5.1% 2.4% 1.8% 1.7% 1.4% 1.3% 1.2% 1.1% 1.1% 0.8%
IP address Information
# of IPv4 addresses: 442007
Top 10 bandwidth usage (bytes/total in %):
20.4% 12.4% 8.7% 6.2% 4.1% 3.3% 3.2% 3.1% 2.5% 2.5%
# of IPv6 addresses: 949
Top 10 bandwidth usage (bytes/total in %):
23.1% 11.8% 7.3% 6.4% 6.3% 6.0% 5.8% 4.3% 4.2% 4.1%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004160900.pktlen.png)
detailed numbers
[ 32- 63]: 4328672
[ 64- 127]: 7383500
[ 128- 255]: 2694896
[ 256- 511]: 2848630
[ 512- 1023]: 1264057
[ 1024- 2047]: 11118698
Protocol Breakdown
![[protocol breakdown chart]](201004160900.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 29638453 (100.00%) 19070642775 (100.00%) 643.44
ip 29584847 ( 99.82%) 19062555060 ( 99.96%) 644.34
tcp 15542803 ( 52.44%) 11737488937 ( 61.55%) 755.17
http(s) 5614106 ( 18.94%) 7590082250 ( 39.80%) 1351.97
http(c) 3876908 ( 13.08%) 613967851 ( 3.22%) 158.37
squid 328210 ( 1.11%) 125424148 ( 0.66%) 382.15
smtp 313819 ( 1.06%) 85630158 ( 0.45%) 272.86
nntp 1 ( 0.00%) 62 ( 0.00%) 62.00
ftp 13216 ( 0.04%) 1313757 ( 0.01%) 99.41
pop3 35938 ( 0.12%) 9754677 ( 0.05%) 271.43
imap 1806 ( 0.01%) 580523 ( 0.00%) 321.44
telnet 674 ( 0.00%) 77776 ( 0.00%) 115.39
ssh 660936 ( 2.23%) 96567514 ( 0.51%) 146.11
dns 49999 ( 0.17%) 3502073 ( 0.02%) 70.04
bgp 138 ( 0.00%) 43400 ( 0.00%) 314.49
napster 13 ( 0.00%) 1637 ( 0.00%) 125.92
realaud 4551 ( 0.02%) 304651 ( 0.00%) 66.94
rtsp 2955 ( 0.01%) 2689659 ( 0.01%) 910.21
icecast 439 ( 0.00%) 42791 ( 0.00%) 97.47
hotline 19 ( 0.00%) 2455 ( 0.00%) 129.21
other 4639073 ( 15.65%) 3207503435 ( 16.82%) 691.41
udp 8542194 ( 28.82%) 4477409137 ( 23.48%) 524.15
dns 628838 ( 2.12%) 112409713 ( 0.59%) 178.76
realaud 65 ( 0.00%) 5772 ( 0.00%) 88.80
halflif 105 ( 0.00%) 9673 ( 0.00%) 92.12
starcra 173 ( 0.00%) 20236 ( 0.00%) 116.97
everque 660 ( 0.00%) 115540 ( 0.00%) 175.06
unreal 50 ( 0.00%) 6718 ( 0.00%) 134.36
quake 44 ( 0.00%) 3725 ( 0.00%) 84.66
cuseeme 7 ( 0.00%) 737 ( 0.00%) 105.29
other 7911892 ( 26.69%) 4364691848 ( 22.89%) 551.66
icmp 509279 ( 1.72%) 69961335 ( 0.37%) 137.37
ipip 348 ( 0.00%) 39951 ( 0.00%) 114.80
ipsec 924238 ( 3.12%) 384753464 ( 2.02%) 416.29
ip6 3856775 ( 13.01%) 2370735038 ( 12.43%) 614.69
other 209210 ( 0.71%) 22167198 ( 0.12%) 105.96
frag 1999 ( 0.01%) 1905727 ( 0.01%) 953.34
ip6 53606 ( 0.18%) 8087715 ( 0.04%) 150.87
tcp6 22659 ( 0.08%) 2498769 ( 0.01%) 110.28
http(s) 37 ( 0.00%) 23236 ( 0.00%) 628.00
http(c) 3910 ( 0.01%) 354304 ( 0.00%) 90.61
smtp 342 ( 0.00%) 144512 ( 0.00%) 422.55
ftp 5179 ( 0.02%) 527955 ( 0.00%) 101.94
imap 564 ( 0.00%) 63992 ( 0.00%) 113.46
ssh 5064 ( 0.02%) 600176 ( 0.00%) 118.52
dns 74 ( 0.00%) 19182 ( 0.00%) 259.22
bgp 130 ( 0.00%) 24302 ( 0.00%) 186.94
other 7359 ( 0.02%) 741110 ( 0.00%) 100.71
udp6 24722 ( 0.08%) 4782884 ( 0.03%) 193.47
dns 24518 ( 0.08%) 4750318 ( 0.02%) 193.75
other 204 ( 0.00%) 32566 ( 0.00%) 159.64
icmp6 6122 ( 0.02%) 741833 ( 0.00%) 121.17
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 73 ( 0.00%) 60149 ( 0.00%) 823.96
tcpdump file: 201004160900.dump.gz (713.10 MB)