Traffic Trace Info
DumpFile: 200801011400.dump
FileSize: 850.80MB
Id: 200801011400
StartTime: Tue Jan 1 14:00:00 2008
EndTime: Tue Jan 1 14:15:00 2008
TotalTime: 899.71 seconds
TotalCapSize: 668.27MB CapLen: 96 bytes
# of packets: 11961250 (5026.64MB)
AvgRate: 46.87Mbps stddev:10.29M
IP flow (unique src/dst pair) Information
# of flows: 667378 (avg. 17.92 pkts/flow)
Top 10 big flow size (bytes/total in %):
3.9% 2.8% 1.6% 1.2% 0.9% 0.9% 0.9% 0.9% 0.9% 0.8%
IP address Information
# of IPv4 addresses: 403419
Top 10 bandwidth usage (bytes/total in %):
9.1% 6.3% 6.1% 5.9% 4.0% 4.0% 4.0% 2.8% 2.8% 2.8%
# of IPv6 addresses: 2073
Top 10 bandwidth usage (bytes/total in %):
57.2% 57.2% 5.5% 3.3% 3.3% 2.7% 2.6% 2.4% 1.9% 1.9%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](200801011400.pktlen.png)
detailed numbers
[ 32- 63]: 2218216
[ 64- 127]: 5268089
[ 128- 255]: 736875
[ 256- 511]: 467957
[ 512- 1023]: 485326
[ 1024- 2047]: 2784787
Protocol Breakdown
![[protocol breakdown chart]](200801011400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 11961250 (100.00%) 5270810775 (100.00%) 440.66
ip 11940619 ( 99.83%) 5264008623 ( 99.87%) 440.85
tcp 8944404 ( 74.78%) 4662660075 ( 88.46%) 521.29
http(s) 1656230 ( 13.85%) 2237311357 ( 42.45%) 1350.85
http(c) 899391 ( 7.52%) 83585751 ( 1.59%) 92.94
squid 516656 ( 4.32%) 402038775 ( 7.63%) 778.16
smtp 668038 ( 5.59%) 104214445 ( 1.98%) 156.00
ftp 172420 ( 1.44%) 17233582 ( 0.33%) 99.95
pop3 11445 ( 0.10%) 7666411 ( 0.15%) 669.85
imap 1380 ( 0.01%) 203469 ( 0.00%) 147.44
telnet 563 ( 0.00%) 37096 ( 0.00%) 65.89
ssh 2954703 ( 24.70%) 480144613 ( 9.11%) 162.50
dns 1678 ( 0.01%) 138901 ( 0.00%) 82.78
bgp 204 ( 0.00%) 54219 ( 0.00%) 265.78
napster 5 ( 0.00%) 300 ( 0.00%) 60.00
rtsp 124 ( 0.00%) 19090 ( 0.00%) 153.95
icecast 101 ( 0.00%) 18301 ( 0.00%) 181.20
hotline 19 ( 0.00%) 5226 ( 0.00%) 275.05
other 2061445 ( 17.23%) 1329988419 ( 25.23%) 645.17
udp 2240419 ( 18.73%) 533022790 ( 10.11%) 237.91
dns 1189423 ( 9.94%) 146733584 ( 2.78%) 123.37
realaud 12 ( 0.00%) 1317 ( 0.00%) 109.75
halflif 14 ( 0.00%) 1467 ( 0.00%) 104.79
starcra 24 ( 0.00%) 4073 ( 0.00%) 169.71
everque 61 ( 0.00%) 11829 ( 0.00%) 193.92
unreal 4 ( 0.00%) 570 ( 0.00%) 142.50
quake 15 ( 0.00%) 1207 ( 0.00%) 80.47
cuseeme 9 ( 0.00%) 750 ( 0.00%) 83.33
other 1050761 ( 8.78%) 386252338 ( 7.33%) 367.59
icmp 750055 ( 6.27%) 67357048 ( 1.28%) 89.80
ipip 366 ( 0.00%) 43024 ( 0.00%) 117.55
ipsec 181 ( 0.00%) 19910 ( 0.00%) 110.00
ip6 846 ( 0.01%) 103448 ( 0.00%) 122.28
other 4348 ( 0.04%) 802328 ( 0.02%) 184.53
frag 1544 ( 0.01%) 1360670 ( 0.03%) 881.26
ip6 20631 ( 0.17%) 6802152 ( 0.13%) 329.71
tcp6 6161 ( 0.05%) 4399760 ( 0.08%) 714.13
http(s) 65 ( 0.00%) 53605 ( 0.00%) 824.69
http(c) 44 ( 0.00%) 5138 ( 0.00%) 116.77
smtp 280 ( 0.00%) 85862 ( 0.00%) 306.65
ssh 15 ( 0.00%) 3894 ( 0.00%) 259.60
dns 7 ( 0.00%) 635 ( 0.00%) 90.71
bgp 86 ( 0.00%) 10394 ( 0.00%) 120.86
other 5664 ( 0.05%) 4240232 ( 0.08%) 748.63
udp6 10092 ( 0.08%) 1882659 ( 0.04%) 186.55
dns 7070 ( 0.06%) 1320375 ( 0.03%) 186.76
starcra 4 ( 0.00%) 458 ( 0.00%) 114.50
other 3018 ( 0.03%) 561826 ( 0.01%) 186.16
icmp6 4268 ( 0.04%) 441098 ( 0.01%) 103.35
pim6 31 ( 0.00%) 4216 ( 0.00%) 136.00
other6 79 ( 0.00%) 74419 ( 0.00%) 942.01
tcpdump file: 200801011400.dump.gz (335.94 MB)