Traffic Trace Info
DumpFile: 200809141400.dump
FileSize: 842.71MB
Id: 200809141400
StartTime: Sun Sep 14 14:00:01 2008
EndTime: Sun Sep 14 14:15:01 2008
TotalTime: 899.90 seconds
TotalCapSize: 658.09MB CapLen: 96 bytes
# of packets: 12098715 (8045.52MB)
AvgRate: 75.00Mbps stddev:17.35M
IP flow (unique src/dst pair) Information
# of flows: 637001 (avg. 18.99 pkts/flow)
Top 10 big flow size (bytes/total in %):
2.7% 2.5% 1.7% 1.6% 1.3% 1.3% 1.2% 1.1% 1.1% 1.1%
IP address Information
# of IPv4 addresses: 343475
Top 10 bandwidth usage (bytes/total in %):
22.0% 5.5% 5.5% 4.4% 3.7% 3.2% 2.8% 2.7% 2.5% 2.5%
# of IPv6 addresses: 716
Top 10 bandwidth usage (bytes/total in %):
11.0% 9.2% 8.2% 6.5% 6.5% 6.3% 5.6% 5.6% 5.6% 5.1%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](200809141400.pktlen.png)
detailed numbers
[ 32- 63]: 2949360
[ 64- 127]: 2804013
[ 128- 255]: 596518
[ 256- 511]: 299258
[ 512- 1023]: 280015
[ 1024- 2047]: 5169551
Protocol Breakdown
![[protocol breakdown chart]](200809141400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 12098715 (100.00%) 8436342727 (100.00%) 697.29
ip 12079399 ( 99.84%) 8433426885 ( 99.97%) 698.17
tcp 10252003 ( 84.74%) 7999749146 ( 94.82%) 780.31
http(s) 4492765 ( 37.13%) 6170047350 ( 73.14%) 1373.33
http(c) 2872394 ( 23.74%) 306247130 ( 3.63%) 106.62
squid 145448 ( 1.20%) 83280317 ( 0.99%) 572.58
smtp 501990 ( 4.15%) 86160368 ( 1.02%) 171.64
nntp 1 ( 0.00%) 60 ( 0.00%) 60.00
ftp 102819 ( 0.85%) 46770106 ( 0.55%) 454.88
pop3 21880 ( 0.18%) 14121324 ( 0.17%) 645.40
imap 2291 ( 0.02%) 251535 ( 0.00%) 109.79
telnet 66236 ( 0.55%) 4914457 ( 0.06%) 74.20
ssh 19217 ( 0.16%) 5278042 ( 0.06%) 274.65
dns 25999 ( 0.21%) 5263746 ( 0.06%) 202.46
bgp 193 ( 0.00%) 57765 ( 0.00%) 299.30
napster 3 ( 0.00%) 184 ( 0.00%) 61.33
realaud 22 ( 0.00%) 1838 ( 0.00%) 83.55
rtsp 224 ( 0.00%) 58767 ( 0.00%) 262.35
icecast 580 ( 0.00%) 47388 ( 0.00%) 81.70
other 1999933 ( 16.53%) 1277248289 ( 15.14%) 638.65
udp 1575175 ( 13.02%) 405418524 ( 4.81%) 257.38
dns 996500 ( 8.24%) 181311207 ( 2.15%) 181.95
realaud 18027 ( 0.15%) 8260707 ( 0.10%) 458.24
halflif 22 ( 0.00%) 3044 ( 0.00%) 138.36
starcra 37 ( 0.00%) 6037 ( 0.00%) 163.16
everque 42 ( 0.00%) 7096 ( 0.00%) 168.95
unreal 11 ( 0.00%) 1596 ( 0.00%) 145.09
quake 13 ( 0.00%) 1418 ( 0.00%) 109.08
cuseeme 4 ( 0.00%) 458 ( 0.00%) 114.50
other 560510 ( 4.63%) 215823112 ( 2.56%) 385.05
icmp 229393 ( 1.90%) 24374856 ( 0.29%) 106.26
ipip 316 ( 0.00%) 40312 ( 0.00%) 127.57
ipsec 3236 ( 0.03%) 433656 ( 0.01%) 134.01
ip6 984 ( 0.01%) 122252 ( 0.00%) 124.24
other 18292 ( 0.15%) 3288139 ( 0.04%) 179.76
frag 4747 ( 0.04%) 4916652 ( 0.06%) 1035.74
ip6 19316 ( 0.16%) 2915842 ( 0.03%) 150.95
tcp6 4987 ( 0.04%) 686586 ( 0.01%) 137.68
http(s) 120 ( 0.00%) 162244 ( 0.00%) 1352.03
http(c) 2778 ( 0.02%) 254146 ( 0.00%) 91.49
smtp 222 ( 0.00%) 63557 ( 0.00%) 286.29
pop3 103 ( 0.00%) 10362 ( 0.00%) 100.60
ssh 155 ( 0.00%) 29314 ( 0.00%) 189.12
dns 15 ( 0.00%) 2325 ( 0.00%) 155.00
bgp 397 ( 0.00%) 34951 ( 0.00%) 88.04
other 1197 ( 0.01%) 129687 ( 0.00%) 108.34
udp6 9207 ( 0.08%) 1590489 ( 0.02%) 172.75
dns 9193 ( 0.08%) 1588952 ( 0.02%) 172.84
realaud 1 ( 0.00%) 107 ( 0.00%) 107.00
other 13 ( 0.00%) 1430 ( 0.00%) 110.00
icmp6 5089 ( 0.04%) 633345 ( 0.01%) 124.45
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 3 ( 0.00%) 1342 ( 0.00%) 447.33
tcpdump file: 200809141400.dump.gz (297.52 MB)