Traffic Trace Info
DumpFile: 200809271400.dump
FileSize: 1001.07MB
Id: 200809271400
StartTime: Sat Sep 27 14:00:01 2008
EndTime: Sat Sep 27 14:15:00 2008
TotalTime: 899.28 seconds
TotalCapSize: 782.58MB CapLen: 96 bytes
# of packets: 14318454 (9795.35MB)
AvgRate: 91.37Mbps stddev:14.53M
IP flow (unique src/dst pair) Information
# of flows: 574000 (avg. 24.95 pkts/flow)
Top 10 big flow size (bytes/total in %):
1.5% 1.4% 1.3% 1.1% 1.0% 0.9% 0.9% 0.9% 0.8% 0.8%
IP address Information
# of IPv4 addresses: 338528
Top 10 bandwidth usage (bytes/total in %):
19.0% 10.9% 4.6% 3.2% 2.9% 2.5% 2.0% 1.9% 1.8% 1.6%
# of IPv6 addresses: 726
Top 10 bandwidth usage (bytes/total in %):
32.7% 30.0% 11.8% 11.8% 5.5% 5.1% 3.5% 3.5% 3.4% 3.3%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](200809271400.pktlen.png)
detailed numbers
[ 32- 63]: 3182459
[ 64- 127]: 3522882
[ 128- 255]: 618869
[ 256- 511]: 332784
[ 512- 1023]: 349223
[ 1024- 2047]: 6312237
Protocol Breakdown
![[protocol breakdown chart]](200809271400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 14318454 (100.00%) 10271168531 (100.00%) 717.34
ip 14274861 ( 99.70%) 10265737076 ( 99.95%) 719.15
tcp 12117711 ( 84.63%) 9786749695 ( 95.28%) 807.64
http(s) 5567229 ( 38.88%) 7598587659 ( 73.98%) 1364.88
http(c) 3589961 ( 25.07%) 331538402 ( 3.23%) 92.35
squid 98114 ( 0.69%) 37159541 ( 0.36%) 378.74
smtp 573428 ( 4.00%) 93433976 ( 0.91%) 162.94
nntp 133 ( 0.00%) 11406 ( 0.00%) 85.76
ftp 72301 ( 0.50%) 63923776 ( 0.62%) 884.13
pop3 25190 ( 0.18%) 20170177 ( 0.20%) 800.72
imap 9454 ( 0.07%) 6220989 ( 0.06%) 658.03
telnet 1502 ( 0.01%) 313451 ( 0.00%) 208.69
ssh 29954 ( 0.21%) 21865898 ( 0.21%) 729.98
dns 7989 ( 0.06%) 705251 ( 0.01%) 88.28
bgp 191 ( 0.00%) 50120 ( 0.00%) 262.41
napster 6 ( 0.00%) 362 ( 0.00%) 60.33
realaud 11 ( 0.00%) 772 ( 0.00%) 70.18
rtsp 734784 ( 5.13%) 746649069 ( 7.27%) 1016.15
icecast 661 ( 0.00%) 45009 ( 0.00%) 68.09
hotline 4 ( 0.00%) 316 ( 0.00%) 79.00
other 1406337 ( 9.82%) 866045801 ( 8.43%) 615.82
udp 1758608 ( 12.28%) 433226020 ( 4.22%) 246.35
dns 1175674 ( 8.21%) 197423958 ( 1.92%) 167.92
realaud 21 ( 0.00%) 2073 ( 0.00%) 98.71
halflif 11 ( 0.00%) 952 ( 0.00%) 86.55
starcra 15 ( 0.00%) 2475 ( 0.00%) 165.00
everque 49 ( 0.00%) 7422 ( 0.00%) 151.47
unreal 11 ( 0.00%) 1222 ( 0.00%) 111.09
quake 23 ( 0.00%) 1972 ( 0.00%) 85.74
cuseeme 9 ( 0.00%) 768 ( 0.00%) 85.33
other 582774 ( 4.07%) 235778504 ( 2.30%) 404.58
icmp 312262 ( 2.18%) 32498477 ( 0.32%) 104.07
ipip 296 ( 0.00%) 36684 ( 0.00%) 123.93
ipsec 5913 ( 0.04%) 1893454 ( 0.02%) 320.22
ip6 879 ( 0.01%) 107280 ( 0.00%) 122.05
other 79192 ( 0.55%) 11225466 ( 0.11%) 141.75
frag 3862 ( 0.03%) 4021331 ( 0.04%) 1041.26
ip6 43593 ( 0.30%) 5431455 ( 0.05%) 124.59
tcp6 29334 ( 0.20%) 3116864 ( 0.03%) 106.25
http(s) 292 ( 0.00%) 340369 ( 0.00%) 1165.65
http(c) 19230 ( 0.13%) 1839893 ( 0.02%) 95.68
smtp 70 ( 0.00%) 16566 ( 0.00%) 236.66
ftp 2834 ( 0.02%) 280741 ( 0.00%) 99.06
pop3 208 ( 0.00%) 18967 ( 0.00%) 91.19
ssh 14 ( 0.00%) 1908 ( 0.00%) 136.29
bgp 393 ( 0.00%) 34833 ( 0.00%) 88.63
other 6293 ( 0.04%) 583587 ( 0.01%) 92.74
udp6 9597 ( 0.07%) 1664024 ( 0.02%) 173.39
dns 9561 ( 0.07%) 1660064 ( 0.02%) 173.63
other 36 ( 0.00%) 3960 ( 0.00%) 110.00
icmp6 4631 ( 0.03%) 646351 ( 0.01%) 139.57
pim6 31 ( 0.00%) 4216 ( 0.00%) 136.00
tcpdump file: 200809271400.dump.gz (371.23 MB)