Traffic Trace Info
DumpFile: 200809161400.dump
FileSize: 1699.02MB
Id: 200809161400
StartTime: Tue Sep 16 14:00:01 2008
EndTime: Tue Sep 16 14:15:01 2008
TotalTime: 900.02 seconds
TotalCapSize: 1333.46MB CapLen: 96 bytes
# of packets: 23956113 (17291.40MB)
AvgRate: 161.18Mbps stddev:36.44M
IP flow (unique src/dst pair) Information
# of flows: 801710 (avg. 29.88 pkts/flow)
Top 10 big flow size (bytes/total in %):
2.9% 2.5% 2.0% 2.0% 1.7% 1.6% 1.6% 1.4% 1.4% 1.3%
IP address Information
# of IPv4 addresses: 434071
Top 10 bandwidth usage (bytes/total in %):
6.8% 6.6% 6.4% 4.5% 4.0% 2.9% 2.7% 2.6% 2.6% 2.1%
# of IPv6 addresses: 791
Top 10 bandwidth usage (bytes/total in %):
16.7% 9.4% 6.8% 5.5% 4.3% 4.2% 4.2% 4.2% 4.2% 3.7%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](200809161400.pktlen.png)
detailed numbers
[ 32- 63]: 4977529
[ 64- 127]: 5688716
[ 128- 255]: 888684
[ 256- 511]: 489512
[ 512- 1023]: 573633
[ 1024- 2047]: 11338039
Protocol Breakdown
![[protocol breakdown chart]](200809161400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 23956113 (100.00%) 18131342408 (100.00%) 756.86
ip 23928469 ( 99.88%) 18126954210 ( 99.98%) 757.55
tcp 20998658 ( 87.65%) 17269994433 ( 95.25%) 822.43
http(s) 9998872 ( 41.74%) 13315260765 ( 73.44%) 1331.68
http(c) 5936974 ( 24.78%) 656812116 ( 3.62%) 110.63
squid 163180 ( 0.68%) 72301269 ( 0.40%) 443.08
smtp 781807 ( 3.26%) 266802777 ( 1.47%) 341.26
nntp 97 ( 0.00%) 11078 ( 0.00%) 114.21
ftp 188628 ( 0.79%) 38828680 ( 0.21%) 205.85
pop3 39516 ( 0.16%) 22115968 ( 0.12%) 559.67
imap 5537 ( 0.02%) 969949 ( 0.01%) 175.18
telnet 2627 ( 0.01%) 433500 ( 0.00%) 165.02
ssh 99451 ( 0.42%) 75592799 ( 0.42%) 760.10
dns 11888 ( 0.05%) 3840215 ( 0.02%) 323.03
bgp 201 ( 0.00%) 67681 ( 0.00%) 336.72
napster 319 ( 0.00%) 130295 ( 0.00%) 408.45
realaud 101 ( 0.00%) 47478 ( 0.00%) 470.08
rtsp 718091 ( 3.00%) 789083903 ( 4.35%) 1098.86
icecast 18181 ( 0.08%) 11641754 ( 0.06%) 640.33
hotline 5 ( 0.00%) 774 ( 0.00%) 154.80
other 3033180 ( 12.66%) 2016053252 ( 11.12%) 664.67
udp 2278151 ( 9.51%) 776578209 ( 4.28%) 340.88
dns 1306264 ( 5.45%) 232630912 ( 1.28%) 178.09
rip 1 ( 0.00%) 66 ( 0.00%) 66.00
realaud 5678 ( 0.02%) 2643904 ( 0.01%) 465.64
halflif 32 ( 0.00%) 3633 ( 0.00%) 113.53
starcra 55 ( 0.00%) 7646 ( 0.00%) 139.02
everque 117 ( 0.00%) 15207 ( 0.00%) 129.97
unreal 21 ( 0.00%) 3189 ( 0.00%) 151.86
quake 18 ( 0.00%) 1869 ( 0.00%) 103.83
cuseeme 8 ( 0.00%) 874 ( 0.00%) 109.25
other 965933 ( 4.03%) 541262818 ( 2.99%) 560.35
icmp 541100 ( 2.26%) 61597446 ( 0.34%) 113.84
ipip 323 ( 0.00%) 39662 ( 0.00%) 122.79
ipsec 6456 ( 0.03%) 1258608 ( 0.01%) 194.95
ip6 970 ( 0.00%) 119564 ( 0.00%) 123.26
other 102811 ( 0.43%) 17366288 ( 0.10%) 168.91
frag 4529 ( 0.02%) 4417127 ( 0.02%) 975.30
ip6 27644 ( 0.12%) 4388198 ( 0.02%) 158.74
tcp6 6484 ( 0.03%) 1063611 ( 0.01%) 164.04
http(s) 254 ( 0.00%) 290127 ( 0.00%) 1142.23
http(c) 2927 ( 0.01%) 271454 ( 0.00%) 92.74
smtp 261 ( 0.00%) 116452 ( 0.00%) 446.18
pop3 58 ( 0.00%) 6447 ( 0.00%) 111.16
ssh 376 ( 0.00%) 75084 ( 0.00%) 199.69
dns 8 ( 0.00%) 1624 ( 0.00%) 203.00
bgp 394 ( 0.00%) 34679 ( 0.00%) 88.02
other 2206 ( 0.01%) 267744 ( 0.00%) 121.37
udp6 16046 ( 0.07%) 2646263 ( 0.01%) 164.92
dns 16026 ( 0.07%) 2644063 ( 0.01%) 164.99
other 20 ( 0.00%) 2200 ( 0.00%) 110.00
icmp6 5054 ( 0.02%) 650223 ( 0.00%) 128.66
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 30 ( 0.00%) 24021 ( 0.00%) 800.70
tcpdump file: 200809161400.dump.gz (573.01 MB)