Traffic Trace Info
DumpFile: 201004161045.dump
FileSize: 2142.45MB
Id: 201004161045
StartTime: Fri Apr 16 10:45:01 2010
EndTime: Fri Apr 16 11:00:01 2010
TotalTime: 900.01 seconds
TotalCapSize: 1676.43MB CapLen: 96 bytes
# of packets: 30540112 (18925.48MB)
AvgRate: 176.43Mbps stddev:13.16M
IP flow (unique src/dst pair) Information
# of flows: 942734 (avg. 32.40 pkts/flow)
Top 10 big flow size (bytes/total in %):
2.4% 1.7% 1.4% 1.1% 1.1% 1.0% 0.9% 0.9% 0.8% 0.6%
IP address Information
# of IPv4 addresses: 504044
Top 10 bandwidth usage (bytes/total in %):
18.1% 10.6% 5.0% 3.9% 3.8% 3.8% 3.6% 3.6% 2.6% 2.5%
# of IPv6 addresses: 1030
Top 10 bandwidth usage (bytes/total in %):
21.4% 10.7% 8.5% 6.8% 6.0% 5.5% 5.4% 5.4% 4.2% 3.8%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004161045.pktlen.png)
detailed numbers
[ 32- 63]: 4977483
[ 64- 127]: 8207044
[ 128- 255]: 2453458
[ 256- 511]: 1912418
[ 512- 1023]: 1018302
[ 1024- 2047]: 11971407
Protocol Breakdown
![[protocol breakdown chart]](201004161045.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 30540112 (100.00%) 19844804548 (100.00%) 649.79
ip 30483535 ( 99.81%) 19836082493 ( 99.96%) 650.71
tcp 17492760 ( 57.28%) 12895843821 ( 64.98%) 737.21
http(s) 7029029 ( 23.02%) 9466411123 ( 47.70%) 1346.76
http(c) 4868141 ( 15.94%) 695777266 ( 3.51%) 142.92
squid 241200 ( 0.79%) 65962766 ( 0.33%) 273.48
smtp 376150 ( 1.23%) 159909313 ( 0.81%) 425.12
nntp 1 ( 0.00%) 62 ( 0.00%) 62.00
ftp 25931 ( 0.08%) 2436152 ( 0.01%) 93.95
pop3 15988 ( 0.05%) 7163151 ( 0.04%) 448.03
imap 5301 ( 0.02%) 2896390 ( 0.01%) 546.39
telnet 580 ( 0.00%) 55857 ( 0.00%) 96.31
ssh 642586 ( 2.10%) 97000745 ( 0.49%) 150.95
dns 55566 ( 0.18%) 6318609 ( 0.03%) 113.71
bgp 130 ( 0.00%) 38640 ( 0.00%) 297.23
napster 2 ( 0.00%) 120 ( 0.00%) 60.00
realaud 46 ( 0.00%) 6760 ( 0.00%) 146.96
rtsp 49331 ( 0.16%) 3470922 ( 0.02%) 70.36
icecast 6230 ( 0.02%) 399594 ( 0.00%) 64.14
hotline 11 ( 0.00%) 2471 ( 0.00%) 224.64
other 4176532 ( 13.68%) 2387993580 ( 12.03%) 571.76
udp 8964891 ( 29.35%) 4772090134 ( 24.05%) 532.31
dns 676383 ( 2.21%) 120207758 ( 0.61%) 177.72
realaud 40 ( 0.00%) 4123 ( 0.00%) 103.08
halflif 102 ( 0.00%) 11014 ( 0.00%) 107.98
starcra 174 ( 0.00%) 25190 ( 0.00%) 144.77
everque 696 ( 0.00%) 145181 ( 0.00%) 208.59
unreal 116 ( 0.00%) 15784 ( 0.00%) 136.07
quake 61 ( 0.00%) 6639 ( 0.00%) 108.84
cuseeme 4 ( 0.00%) 362 ( 0.00%) 90.50
other 8286870 ( 27.13%) 4651488891 ( 23.44%) 561.31
icmp 563027 ( 1.84%) 60355013 ( 0.30%) 107.20
ipip 284 ( 0.00%) 33080 ( 0.00%) 116.48
ipsec 2345 ( 0.01%) 688990 ( 0.00%) 293.81
ip6 3447825 ( 11.29%) 2104598917 ( 10.61%) 610.41
other 12403 ( 0.04%) 2472538 ( 0.01%) 199.35
frag 2263 ( 0.01%) 2147935 ( 0.01%) 949.15
ip6 56577 ( 0.19%) 8722055 ( 0.04%) 154.16
tcp6 23402 ( 0.08%) 2697633 ( 0.01%) 115.27
http(s) 155 ( 0.00%) 190291 ( 0.00%) 1227.68
http(c) 4077 ( 0.01%) 383624 ( 0.00%) 94.09
squid 19 ( 0.00%) 1610 ( 0.00%) 84.74
smtp 1141 ( 0.00%) 127959 ( 0.00%) 112.15
ftp 5182 ( 0.02%) 534120 ( 0.00%) 103.07
imap 304 ( 0.00%) 34989 ( 0.00%) 115.10
ssh 5148 ( 0.02%) 627088 ( 0.00%) 121.81
dns 120 ( 0.00%) 27389 ( 0.00%) 228.24
bgp 118 ( 0.00%) 18797 ( 0.00%) 159.30
other 7138 ( 0.02%) 751766 ( 0.00%) 105.32
udp6 27027 ( 0.09%) 5243124 ( 0.03%) 194.00
dns 26863 ( 0.09%) 5217123 ( 0.03%) 194.21
other 164 ( 0.00%) 26001 ( 0.00%) 158.54
icmp6 6061 ( 0.02%) 722940 ( 0.00%) 119.28
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 57 ( 0.00%) 54278 ( 0.00%) 952.25
tcpdump file: 201004161045.dump.gz (766.92 MB)