Traffic Trace Info
DumpFile: 201004160915.dump
FileSize: 2088.59MB
Id: 201004160915
StartTime: Fri Apr 16 09:15:01 2010
EndTime: Fri Apr 16 09:30:01 2010
TotalTime: 900.62 seconds
TotalCapSize: 1628.01MB CapLen: 96 bytes
# of packets: 30184372 (18640.40MB)
AvgRate: 173.59Mbps stddev:33.97M
IP flow (unique src/dst pair) Information
# of flows: 929687 (avg. 32.47 pkts/flow)
Top 10 big flow size (bytes/total in %):
1.8% 1.8% 1.7% 1.6% 1.4% 1.3% 1.3% 1.2% 1.2% 1.2%
IP address Information
# of IPv4 addresses: 517728
Top 10 bandwidth usage (bytes/total in %):
21.3% 11.4% 7.9% 4.0% 3.0% 2.6% 2.6% 2.5% 2.5% 2.3%
# of IPv6 addresses: 953
Top 10 bandwidth usage (bytes/total in %):
20.2% 13.1% 10.1% 6.4% 6.4% 5.5% 5.1% 5.1% 3.8% 3.6%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004160915.pktlen.png)
detailed numbers
[ 32- 63]: 4577773
[ 64- 127]: 7202191
[ 128- 255]: 2712445
[ 256- 511]: 3125389
[ 512- 1023]: 1075892
[ 1024- 2047]: 11490682
Protocol Breakdown
![[protocol breakdown chart]](201004160915.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 30184372 (100.00%) 19545880714 (100.00%) 647.55
ip 30130273 ( 99.82%) 19536610256 ( 99.95%) 648.40
tcp 15886223 ( 52.63%) 11971328299 ( 61.25%) 753.57
http(s) 6498315 ( 21.53%) 8796861769 ( 45.01%) 1353.71
http(c) 4172115 ( 13.82%) 640833614 ( 3.28%) 153.60
squid 351837 ( 1.17%) 136888250 ( 0.70%) 389.07
smtp 324293 ( 1.07%) 89506384 ( 0.46%) 276.00
nntp 2 ( 0.00%) 124 ( 0.00%) 62.00
ftp 11884 ( 0.04%) 1122438 ( 0.01%) 94.45
pop3 27340 ( 0.09%) 12704437 ( 0.06%) 464.68
imap 3217 ( 0.01%) 1351719 ( 0.01%) 420.18
telnet 629 ( 0.00%) 59265 ( 0.00%) 94.22
ssh 783139 ( 2.59%) 105602977 ( 0.54%) 134.85
dns 51094 ( 0.17%) 3538840 ( 0.02%) 69.26
bgp 151 ( 0.00%) 56302 ( 0.00%) 372.86
napster 182 ( 0.00%) 12135 ( 0.00%) 66.68
realaud 770 ( 0.00%) 51828 ( 0.00%) 67.31
rtsp 99 ( 0.00%) 27746 ( 0.00%) 280.26
icecast 27189 ( 0.09%) 1789103 ( 0.01%) 65.80
hotline 3 ( 0.00%) 186 ( 0.00%) 62.00
other 3633909 ( 12.04%) 2180917882 ( 11.16%) 600.16
udp 8947328 ( 29.64%) 4811651136 ( 24.62%) 537.78
dns 680939 ( 2.26%) 118589892 ( 0.61%) 174.16
realaud 73 ( 0.00%) 6194 ( 0.00%) 84.85
halflif 90 ( 0.00%) 9139 ( 0.00%) 101.54
starcra 149 ( 0.00%) 20142 ( 0.00%) 135.18
everque 632 ( 0.00%) 123045 ( 0.00%) 194.69
unreal 90 ( 0.00%) 12561 ( 0.00%) 139.57
quake 34 ( 0.00%) 3277 ( 0.00%) 96.38
cuseeme 8 ( 0.00%) 729 ( 0.00%) 91.12
other 8264895 ( 27.38%) 4692691116 ( 24.01%) 567.79
icmp 472453 ( 1.57%) 53442333 ( 0.27%) 113.12
ipip 320 ( 0.00%) 39744 ( 0.00%) 124.20
ipsec 1093291 ( 3.62%) 451812414 ( 2.31%) 413.26
ip6 3693120 ( 12.24%) 2229057215 ( 11.40%) 603.57
other 37538 ( 0.12%) 19279115 ( 0.10%) 513.59
frag 2502 ( 0.01%) 2489384 ( 0.01%) 994.96
ip6 54099 ( 0.18%) 9270458 ( 0.05%) 171.36
tcp6 23056 ( 0.08%) 3587811 ( 0.02%) 155.61
http(s) 33 ( 0.00%) 20570 ( 0.00%) 623.33
http(c) 3857 ( 0.01%) 350303 ( 0.00%) 90.82
smtp 1123 ( 0.00%) 1258096 ( 0.01%) 1120.30
ftp 4991 ( 0.02%) 507614 ( 0.00%) 101.71
imap 356 ( 0.00%) 40967 ( 0.00%) 115.08
ssh 5081 ( 0.02%) 602042 ( 0.00%) 118.49
dns 119 ( 0.00%) 46335 ( 0.00%) 389.37
bgp 117 ( 0.00%) 21376 ( 0.00%) 182.70
other 7379 ( 0.02%) 740508 ( 0.00%) 100.35
udp6 24976 ( 0.08%) 4889977 ( 0.03%) 195.79
dns 24791 ( 0.08%) 4862263 ( 0.02%) 196.13
other 185 ( 0.00%) 27714 ( 0.00%) 149.81
icmp6 5952 ( 0.02%) 714177 ( 0.00%) 119.99
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 85 ( 0.00%) 74413 ( 0.00%) 875.45
tcpdump file: 201004160915.dump.gz (725.13 MB)