Traffic Trace Info
DumpFile: 200809261400.dump
FileSize: 1661.75MB
Id: 200809261400
StartTime: Fri Sep 26 14:00:01 2008
EndTime: Fri Sep 26 14:15:00 2008
TotalTime: 899.72 seconds
TotalCapSize: 1297.04MB CapLen: 96 bytes
# of packets: 23901382 (17370.36MB)
AvgRate: 161.91Mbps stddev:41.44M
IP flow (unique src/dst pair) Information
# of flows: 648401 (avg. 36.86 pkts/flow)
Top 10 big flow size (bytes/total in %):
6.2% 3.8% 2.5% 1.1% 0.9% 0.9% 0.8% 0.8% 0.8% 0.7%
IP address Information
# of IPv4 addresses: 361071
Top 10 bandwidth usage (bytes/total in %):
9.3% 7.9% 6.4% 6.4% 4.0% 3.8% 3.6% 3.3% 2.9% 2.6%
# of IPv6 addresses: 901
Top 10 bandwidth usage (bytes/total in %):
32.9% 30.1% 7.6% 6.9% 3.6% 3.6% 3.5% 3.4% 3.4% 3.4%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](200809261400.pktlen.png)
detailed numbers
[ 32- 63]: 5578529
[ 64- 127]: 4929804
[ 128- 255]: 846614
[ 256- 511]: 592638
[ 512- 1023]: 644900
[ 1024- 2047]: 11308897
Protocol Breakdown
![[protocol breakdown chart]](200809261400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 23901382 (100.00%) 18214143794 (100.00%) 762.05
ip 23861434 ( 99.83%) 18208787414 ( 99.97%) 763.11
tcp 20708767 ( 86.64%) 17291165589 ( 94.93%) 834.97
http(s) 9377164 ( 39.23%) 12691055382 ( 69.68%) 1353.40
http(c) 6131023 ( 25.65%) 690549105 ( 3.79%) 112.63
squid 155723 ( 0.65%) 87733916 ( 0.48%) 563.40
smtp 666841 ( 2.79%) 242676107 ( 1.33%) 363.92
nntp 120 ( 0.00%) 28338 ( 0.00%) 236.15
ftp 10957 ( 0.05%) 1699972 ( 0.01%) 155.15
pop3 55780 ( 0.23%) 38049143 ( 0.21%) 682.13
imap 5409 ( 0.02%) 851447 ( 0.00%) 157.41
telnet 827 ( 0.00%) 66278 ( 0.00%) 80.14
ssh 1281607 ( 5.36%) 1203133807 ( 6.61%) 938.77
dns 8393 ( 0.04%) 708223 ( 0.00%) 84.38
bgp 231 ( 0.00%) 86715 ( 0.00%) 375.39
napster 298 ( 0.00%) 24440 ( 0.00%) 82.01
realaud 17 ( 0.00%) 2892 ( 0.00%) 170.12
rtsp 1098266 ( 4.59%) 1135981549 ( 6.24%) 1034.34
icecast 12640 ( 0.05%) 8048631 ( 0.04%) 636.76
other 1903418 ( 7.96%) 1190466464 ( 6.54%) 625.44
udp 2661871 ( 11.14%) 857256222 ( 4.71%) 322.05
dns 1252366 ( 5.24%) 217070740 ( 1.19%) 173.33
realaud 47326 ( 0.20%) 17314341 ( 0.10%) 365.85
halflif 26 ( 0.00%) 3520 ( 0.00%) 135.38
starcra 94 ( 0.00%) 17313 ( 0.00%) 184.18
everque 19326 ( 0.08%) 10232572 ( 0.06%) 529.47
unreal 35 ( 0.00%) 5387 ( 0.00%) 153.91
quake 32 ( 0.00%) 2480 ( 0.00%) 77.50
cuseeme 9 ( 0.00%) 830 ( 0.00%) 92.22
other 1342645 ( 5.62%) 612601649 ( 3.36%) 456.26
icmp 380490 ( 1.59%) 41399076 ( 0.23%) 108.80
ipip 295 ( 0.00%) 35425 ( 0.00%) 120.08
ipsec 3315 ( 0.01%) 467890 ( 0.00%) 141.14
ip6 869 ( 0.00%) 106540 ( 0.00%) 122.60
other 105827 ( 0.44%) 18356672 ( 0.10%) 173.46
frag 3681 ( 0.02%) 4165291 ( 0.02%) 1131.57
ip6 39946 ( 0.17%) 5356260 ( 0.03%) 134.09
tcp6 21813 ( 0.09%) 2434035 ( 0.01%) 111.59
http(s) 435 ( 0.00%) 396622 ( 0.00%) 911.77
http(c) 19267 ( 0.08%) 1808686 ( 0.01%) 93.87
smtp 159 ( 0.00%) 30740 ( 0.00%) 193.33
pop3 67 ( 0.00%) 7348 ( 0.00%) 109.67
imap 2 ( 0.00%) 225 ( 0.00%) 112.50
ssh 46 ( 0.00%) 9272 ( 0.00%) 201.57
dns 4 ( 0.00%) 553 ( 0.00%) 138.25
bgp 399 ( 0.00%) 36336 ( 0.00%) 91.07
other 1434 ( 0.01%) 144253 ( 0.00%) 100.59
udp6 12621 ( 0.05%) 2199780 ( 0.01%) 174.30
dns 12591 ( 0.05%) 2196481 ( 0.01%) 174.45
everque 1 ( 0.00%) 109 ( 0.00%) 109.00
other 29 ( 0.00%) 3190 ( 0.00%) 110.00
icmp6 5478 ( 0.02%) 715835 ( 0.00%) 130.67
pim6 31 ( 0.00%) 4216 ( 0.00%) 136.00
other6 3 ( 0.00%) 2394 ( 0.00%) 798.00
tcpdump file: 200809261400.dump.gz (586.62 MB)