Traffic Trace Info
DumpFile: 200801051400.dump
FileSize: 1081.27MB
Id: 200801051400
StartTime: Sat Jan 5 14:00:00 2008
EndTime: Sat Jan 5 14:15:00 2008
TotalTime: 900.29 seconds
TotalCapSize: 847.44MB CapLen: 96 bytes
# of packets: 15323947 (6607.13MB)
AvgRate: 61.56Mbps stddev:11.67M
IP flow (unique src/dst pair) Information
# of flows: 793715 (avg. 19.31 pkts/flow)
Top 10 big flow size (bytes/total in %):
3.1% 2.9% 2.6% 1.2% 1.1% 1.1% 0.9% 0.9% 0.9% 0.8%
IP address Information
# of IPv4 addresses: 463821
Top 10 bandwidth usage (bytes/total in %):
6.8% 5.7% 3.9% 3.7% 3.7% 3.1% 3.0% 2.9% 2.8% 2.8%
# of IPv6 addresses: 3039
Top 10 bandwidth usage (bytes/total in %):
16.5% 7.4% 6.6% 6.6% 5.8% 5.7% 5.6% 5.1% 5.1% 3.7%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](200801051400.pktlen.png)
detailed numbers
[ 32- 63]: 2767997
[ 64- 127]: 5577007
[ 128- 255]: 2478347
[ 256- 511]: 425162
[ 512- 1023]: 355877
[ 1024- 2047]: 3719557
Protocol Breakdown
![[protocol breakdown chart]](200801051400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 15323947 (100.00%) 6928074340 (100.00%) 452.11
ip 15296536 ( 99.82%) 6924262484 ( 99.94%) 452.67
tcp 10516291 ( 68.63%) 6175052653 ( 89.13%) 587.19
http(s) 3095335 ( 20.20%) 4135331213 ( 59.69%) 1335.99
http(c) 1753479 ( 11.44%) 164445727 ( 2.37%) 93.78
squid 795163 ( 5.19%) 517010856 ( 7.46%) 650.19
smtp 652096 ( 4.26%) 121400470 ( 1.75%) 186.17
nntp 2 ( 0.00%) 120 ( 0.00%) 60.00
ftp 19347 ( 0.13%) 1805120 ( 0.03%) 93.30
pop3 12311 ( 0.08%) 8706990 ( 0.13%) 707.25
imap 2841 ( 0.02%) 661607 ( 0.01%) 232.88
telnet 337 ( 0.00%) 21420 ( 0.00%) 63.56
ssh 2197187 ( 14.34%) 291224065 ( 4.20%) 132.54
dns 5006 ( 0.03%) 346448 ( 0.01%) 69.21
bgp 186 ( 0.00%) 43631 ( 0.00%) 234.58
napster 4 ( 0.00%) 240 ( 0.00%) 60.00
realaud 11 ( 0.00%) 1288 ( 0.00%) 117.09
rtsp 29571 ( 0.19%) 31986534 ( 0.46%) 1081.69
icecast 2279 ( 0.01%) 681450 ( 0.01%) 299.01
hotline 12 ( 0.00%) 810 ( 0.00%) 67.50
other 1951114 ( 12.73%) 901384064 ( 13.01%) 461.98
udp 3501643 ( 22.85%) 624249345 ( 9.01%) 178.27
dns 1398667 ( 9.13%) 173395083 ( 2.50%) 123.97
realaud 10810 ( 0.07%) 7865527 ( 0.11%) 727.62
halflif 15 ( 0.00%) 1937 ( 0.00%) 129.13
starcra 31 ( 0.00%) 4780 ( 0.00%) 154.19
everque 50 ( 0.00%) 9314 ( 0.00%) 186.28
unreal 28 ( 0.00%) 5892 ( 0.00%) 210.43
quake 26 ( 0.00%) 3056 ( 0.00%) 117.54
cuseeme 6 ( 0.00%) 753 ( 0.00%) 125.50
other 2091958 ( 13.65%) 442957048 ( 6.39%) 211.74
icmp 1269500 ( 8.28%) 121883278 ( 1.76%) 96.01
ipip 372 ( 0.00%) 45124 ( 0.00%) 121.30
ipsec 2120 ( 0.01%) 2065616 ( 0.03%) 974.35
ip6 871 ( 0.01%) 105941 ( 0.00%) 121.63
other 5739 ( 0.04%) 860527 ( 0.01%) 149.94
frag 3081 ( 0.02%) 2542868 ( 0.04%) 825.34
ip6 27411 ( 0.18%) 3811856 ( 0.06%) 139.06
tcp6 6159 ( 0.04%) 758708 ( 0.01%) 123.19
http(s) 153 ( 0.00%) 126425 ( 0.00%) 826.31
http(c) 139 ( 0.00%) 14623 ( 0.00%) 105.20
smtp 208 ( 0.00%) 55704 ( 0.00%) 267.81
ftp 107 ( 0.00%) 12422 ( 0.00%) 116.09
ssh 30 ( 0.00%) 7788 ( 0.00%) 259.60
bgp 76 ( 0.00%) 9268 ( 0.00%) 121.95
other 5446 ( 0.04%) 532478 ( 0.01%) 97.77
udp6 12350 ( 0.08%) 2039045 ( 0.03%) 165.10
dns 8395 ( 0.05%) 1492433 ( 0.02%) 177.78
starcra 2 ( 0.00%) 278 ( 0.00%) 139.00
other 3953 ( 0.03%) 546334 ( 0.01%) 138.21
icmp6 8854 ( 0.06%) 993000 ( 0.01%) 112.15
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 18 ( 0.00%) 17023 ( 0.00%) 945.72
tcpdump file: 200801051400.dump.gz (404.46 MB)