Traffic Trace Info
DumpFile: 200810161400.dump
FileSize: 2064.40MB
Id: 200810161400
StartTime: Thu Oct 16 14:00:01 2008
EndTime: Thu Oct 16 14:15:00 2008
TotalTime: 899.16 seconds
TotalCapSize: 1615.09MB CapLen: 96 bytes
# of packets: 29445808 (20446.10MB)
AvgRate: 190.78Mbps stddev:33.49M
IP flow (unique src/dst pair) Information
# of flows: 942671 (avg. 31.24 pkts/flow)
Top 10 big flow size (bytes/total in %):
7.7% 2.6% 2.6% 1.2% 1.1% 1.1% 1.1% 0.8% 0.7% 0.7%
IP address Information
# of IPv4 addresses: 491699
Top 10 bandwidth usage (bytes/total in %):
10.2% 7.9% 6.3% 4.0% 3.6% 3.5% 2.7% 2.7% 2.7% 2.6%
# of IPv6 addresses: 800
Top 10 bandwidth usage (bytes/total in %):
37.4% 33.0% 20.9% 19.1% 4.4% 4.0% 2.9% 2.3% 2.3% 2.2%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](200810161400.pktlen.png)
detailed numbers
[ 32- 63]: 7876709
[ 64- 127]: 5876780
[ 128- 255]: 1161429
[ 256- 511]: 533830
[ 512- 1023]: 606290
[ 1024- 2047]: 13390770
Protocol Breakdown
![[protocol breakdown chart]](200810161400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 29445808 (100.00%) 21439291073 (100.00%) 728.09
ip 29405295 ( 99.86%) 21430812019 ( 99.96%) 728.81
tcp 25527117 ( 86.69%) 20361544692 ( 94.97%) 797.64
http(s) 11448474 ( 38.88%) 15426840116 ( 71.96%) 1347.50
http(c) 7383066 ( 25.07%) 720643552 ( 3.36%) 97.61
squid 221768 ( 0.75%) 142940461 ( 0.67%) 644.55
smtp 844318 ( 2.87%) 251195923 ( 1.17%) 297.51
nntp 34 ( 0.00%) 2835 ( 0.00%) 83.38
ftp 100080 ( 0.34%) 62674185 ( 0.29%) 626.24
pop3 56109 ( 0.19%) 42895983 ( 0.20%) 764.51
imap 5960 ( 0.02%) 1233441 ( 0.01%) 206.95
telnet 91477 ( 0.31%) 6723573 ( 0.03%) 73.50
ssh 20485 ( 0.07%) 8850023 ( 0.04%) 432.02
dns 5388 ( 0.02%) 517124 ( 0.00%) 95.98
bgp 188 ( 0.00%) 49343 ( 0.00%) 262.46
napster 48 ( 0.00%) 3116 ( 0.00%) 64.92
realaud 124 ( 0.00%) 12109 ( 0.00%) 97.65
rtsp 867718 ( 2.95%) 884155311 ( 4.12%) 1018.94
icecast 7132 ( 0.02%) 3889571 ( 0.02%) 545.37
other 4474746 ( 15.20%) 2808917906 ( 13.10%) 627.73
udp 2837198 ( 9.64%) 864713129 ( 4.03%) 304.78
dns 1567369 ( 5.32%) 254185649 ( 1.19%) 162.17
realaud 13372 ( 0.05%) 15189154 ( 0.07%) 1135.89
halflif 30 ( 0.00%) 3521 ( 0.00%) 117.37
starcra 50 ( 0.00%) 9369 ( 0.00%) 187.38
everque 74 ( 0.00%) 10456 ( 0.00%) 141.30
unreal 259 ( 0.00%) 78344 ( 0.00%) 302.49
quake 29 ( 0.00%) 2417 ( 0.00%) 83.34
cuseeme 9 ( 0.00%) 1025 ( 0.00%) 113.89
other 1255978 ( 4.27%) 595218093 ( 2.78%) 473.91
icmp 766373 ( 2.60%) 82862595 ( 0.39%) 108.12
ipip 292 ( 0.00%) 35240 ( 0.00%) 120.68
ipsec 189940 ( 0.65%) 102767744 ( 0.48%) 541.05
ip6 926 ( 0.00%) 125923 ( 0.00%) 135.99
other 83449 ( 0.28%) 18762696 ( 0.09%) 224.84
frag 21478 ( 0.07%) 19094102 ( 0.09%) 889.01
ip6 40513 ( 0.14%) 8479054 ( 0.04%) 209.29
tcp6 26592 ( 0.09%) 5939127 ( 0.03%) 223.34
http(s) 470 ( 0.00%) 498324 ( 0.00%) 1060.26
http(c) 19550 ( 0.07%) 1837626 ( 0.01%) 94.00
smtp 277 ( 0.00%) 113512 ( 0.00%) 409.79
pop3 31 ( 0.00%) 2686 ( 0.00%) 86.65
ssh 772 ( 0.00%) 132980 ( 0.00%) 172.25
dns 1 ( 0.00%) 86 ( 0.00%) 86.00
bgp 390 ( 0.00%) 34702 ( 0.00%) 88.98
other 5101 ( 0.02%) 3319211 ( 0.02%) 650.70
udp6 9634 ( 0.03%) 1978350 ( 0.01%) 205.35
dns 9595 ( 0.03%) 1972655 ( 0.01%) 205.59
everque 1 ( 0.00%) 101 ( 0.00%) 101.00
other 38 ( 0.00%) 5594 ( 0.00%) 147.21
icmp6 4255 ( 0.01%) 555666 ( 0.00%) 130.59
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 2 ( 0.00%) 1831 ( 0.00%) 915.50
tcpdump file: 200810161400.dump.gz (704.86 MB)