Traffic Trace Info
DumpFile: 201004160945.dump
FileSize: 2465.48MB
Id: 201004160945
StartTime: Fri Apr 16 09:45:01 2010
EndTime: Fri Apr 16 10:00:00 2010
TotalTime: 899.49 seconds
TotalCapSize: 1931.51MB CapLen: 96 bytes
# of packets: 34993759 (22629.98MB)
AvgRate: 211.11Mbps stddev:32.83M
IP flow (unique src/dst pair) Information
# of flows: 868714 (avg. 40.28 pkts/flow)
Top 10 big flow size (bytes/total in %):
2.2% 1.3% 1.3% 1.2% 1.0% 0.9% 0.9% 0.9% 0.9% 0.9%
IP address Information
# of IPv4 addresses: 458287
Top 10 bandwidth usage (bytes/total in %):
18.2% 16.9% 8.6% 2.9% 2.8% 2.3% 2.2% 2.2% 2.2% 2.1%
# of IPv6 addresses: 950
Top 10 bandwidth usage (bytes/total in %):
21.8% 11.7% 7.6% 7.4% 6.3% 5.9% 5.9% 4.9% 4.1% 4.1%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004160945.pktlen.png)
detailed numbers
[ 32- 63]: 4394255
[ 64- 127]: 9770705
[ 128- 255]: 2669331
[ 256- 511]: 2835792
[ 512- 1023]: 1154826
[ 1024- 2047]: 14168850
Protocol Breakdown
![[protocol breakdown chart]](201004160945.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 34993759 (100.00%) 23729249485 (100.00%) 678.10
ip 34940261 ( 99.85%) 23721209058 ( 99.97%) 678.91
tcp 21098683 ( 60.29%) 16310091584 ( 68.73%) 773.04
http(s) 9643916 ( 27.56%) 13482733091 ( 56.82%) 1398.06
http(c) 6224033 ( 17.79%) 661375100 ( 2.79%) 106.26
squid 374319 ( 1.07%) 151764407 ( 0.64%) 405.44
smtp 293630 ( 0.84%) 78114062 ( 0.33%) 266.03
nntp 1 ( 0.00%) 62 ( 0.00%) 62.00
ftp 11637 ( 0.03%) 1443164 ( 0.01%) 124.02
pop3 27573 ( 0.08%) 13295450 ( 0.06%) 482.19
imap 2325 ( 0.01%) 914264 ( 0.00%) 393.23
telnet 427 ( 0.00%) 46237 ( 0.00%) 108.28
ssh 1191175 ( 3.40%) 166326962 ( 0.70%) 139.63
dns 52769 ( 0.15%) 3815083 ( 0.02%) 72.30
bgp 153 ( 0.00%) 54734 ( 0.00%) 357.74
napster 220 ( 0.00%) 103516 ( 0.00%) 470.53
realaud 10 ( 0.00%) 644 ( 0.00%) 64.40
rtsp 67773 ( 0.19%) 4289832 ( 0.02%) 63.30
icecast 6086 ( 0.02%) 400226 ( 0.00%) 65.76
hotline 3 ( 0.00%) 186 ( 0.00%) 62.00
other 3202632 ( 9.15%) 1745414504 ( 7.36%) 544.99
udp 9022475 ( 25.78%) 4869637471 ( 20.52%) 539.72
dns 833864 ( 2.38%) 171074706 ( 0.72%) 205.16
realaud 64 ( 0.00%) 5191 ( 0.00%) 81.11
halflif 76 ( 0.00%) 7462 ( 0.00%) 98.18
starcra 231 ( 0.00%) 27551 ( 0.00%) 119.27
everque 658 ( 0.00%) 135120 ( 0.00%) 205.35
unreal 83 ( 0.00%) 10329 ( 0.00%) 124.45
quake 61 ( 0.00%) 5589 ( 0.00%) 91.62
cuseeme 20 ( 0.00%) 1925 ( 0.00%) 96.25
other 8187023 ( 23.40%) 4698215930 ( 19.80%) 573.86
icmp 496275 ( 1.42%) 54754994 ( 0.23%) 110.33
ipip 300 ( 0.00%) 37032 ( 0.00%) 123.44
ipsec 1038594 ( 2.97%) 435480632 ( 1.84%) 419.30
ip6 3271457 ( 9.35%) 2048984567 ( 8.63%) 626.32
other 12477 ( 0.04%) 2222778 ( 0.01%) 178.15
frag 2096 ( 0.01%) 1984281 ( 0.01%) 946.70
ip6 53498 ( 0.15%) 8040427 ( 0.03%) 150.29
tcp6 22571 ( 0.06%) 2453001 ( 0.01%) 108.68
http(s) 58 ( 0.00%) 38330 ( 0.00%) 660.86
http(c) 4431 ( 0.01%) 421943 ( 0.00%) 95.23
smtp 168 ( 0.00%) 60734 ( 0.00%) 361.51
ftp 5044 ( 0.01%) 517672 ( 0.00%) 102.63
imap 272 ( 0.00%) 31769 ( 0.00%) 116.80
ssh 5083 ( 0.01%) 601842 ( 0.00%) 118.40
dns 107 ( 0.00%) 31876 ( 0.00%) 297.91
bgp 100 ( 0.00%) 12999 ( 0.00%) 129.99
other 7308 ( 0.02%) 735836 ( 0.00%) 100.69
udp6 24794 ( 0.07%) 4818522 ( 0.02%) 194.34
dns 24693 ( 0.07%) 4803614 ( 0.02%) 194.53
realaud 1 ( 0.00%) 105 ( 0.00%) 105.00
other 100 ( 0.00%) 14803 ( 0.00%) 148.03
icmp6 6065 ( 0.02%) 729566 ( 0.00%) 120.29
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 38 ( 0.00%) 35258 ( 0.00%) 927.84
tcpdump file: 201004160945.dump.gz (849.58 MB)