Traffic Trace Info
DumpFile: 200810231400.dump
FileSize: 2777.35MB
Id: 200810231400
StartTime: Thu Oct 23 14:00:01 2008
EndTime: Thu Oct 23 14:15:01 2008
TotalTime: 899.47 seconds
TotalCapSize: -1954.23MB CapLen: 96 bytes
# of packets: 41652775 (30158.74MB)
AvgRate: 281.27Mbps stddev:28.50M
IP flow (unique src/dst pair) Information
# of flows: 640987 (avg. 64.98 pkts/flow)
Top 10 big flow size (bytes/total in %):
21.5% 6.0% 3.3% 2.5% 0.8% 0.6% 0.6% 0.6% 0.5% 0.5%
IP address Information
# of IPv4 addresses: 325643
Top 10 bandwidth usage (bytes/total in %):
21.5% 21.5% 6.1% 6.0% 6.0% 3.4% 3.4% 3.3% 3.3% 2.8%
# of IPv6 addresses: 812
Top 10 bandwidth usage (bytes/total in %):
22.6% 20.7% 14.9% 14.8% 9.7% 9.6% 8.3% 8.2% 4.5% 4.4%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](200810231400.pktlen.png)
detailed numbers
[ 32- 63]: 7729113
[ 64- 127]: 8352520
[ 128- 255]: 1302591
[ 256- 511]: 949505
[ 512- 1023]: 2161183
[ 1024- 2047]: 21157863
Protocol Breakdown
![[protocol breakdown chart]](200810231400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 41652775 (100.00%) 31623734805 (100.00%) 759.22
ip 41602419 ( 99.88%) 31615909807 ( 99.98%) 759.95
tcp 26946702 ( 64.69%) 21609531528 ( 68.33%) 801.94
http(s) 11129947 ( 26.72%) 14611777161 ( 46.21%) 1312.83
http(c) 5450598 ( 13.09%) 584938472 ( 1.85%) 107.32
squid 410218 ( 0.98%) 219308290 ( 0.69%) 534.61
smtp 810416 ( 1.95%) 189965678 ( 0.60%) 234.41
nntp 106 ( 0.00%) 9604 ( 0.00%) 90.60
ftp 123992 ( 0.30%) 42745368 ( 0.14%) 344.74
pop3 33377 ( 0.08%) 20902086 ( 0.07%) 626.24
imap 5532 ( 0.01%) 1486864 ( 0.00%) 268.78
telnet 1614 ( 0.00%) 184810 ( 0.00%) 114.50
ssh 1387330 ( 3.33%) 1949736363 ( 6.17%) 1405.39
dns 2545696 ( 6.11%) 271158629 ( 0.86%) 106.52
bgp 388 ( 0.00%) 207312 ( 0.00%) 534.31
napster 51 ( 0.00%) 3334 ( 0.00%) 65.37
realaud 295 ( 0.00%) 27115 ( 0.00%) 91.92
rtsp 710344 ( 1.71%) 722582122 ( 2.28%) 1017.23
icecast 8919 ( 0.02%) 4262480 ( 0.01%) 477.91
hotline 53 ( 0.00%) 5393 ( 0.00%) 101.75
other 4327824 ( 10.39%) 2990230327 ( 9.46%) 690.93
udp 7757479 ( 18.62%) 3129753915 ( 9.90%) 403.45
dns 5053773 ( 12.13%) 1798852830 ( 5.69%) 355.94
realaud 3343 ( 0.01%) 231505 ( 0.00%) 69.25
halflif 74 ( 0.00%) 7543 ( 0.00%) 101.93
starcra 86 ( 0.00%) 13624 ( 0.00%) 158.42
everque 133 ( 0.00%) 16077 ( 0.00%) 120.88
unreal 167 ( 0.00%) 44359 ( 0.00%) 265.62
quake 114 ( 0.00%) 10100 ( 0.00%) 88.60
cuseeme 33 ( 0.00%) 3137 ( 0.00%) 95.06
other 2699627 ( 6.48%) 1330487554 ( 4.21%) 492.84
icmp 6865099 ( 16.48%) 6857414698 ( 21.68%) 998.88
ipip 316 ( 0.00%) 38242 ( 0.00%) 121.02
ipsec 22352 ( 0.05%) 16269862 ( 0.05%) 727.89
ip6 949 ( 0.00%) 147490 ( 0.00%) 155.42
other 9522 ( 0.02%) 2754072 ( 0.01%) 289.23
frag 664376 ( 1.60%) 726980380 ( 2.30%) 1094.23
ip6 50356 ( 0.12%) 7824998 ( 0.02%) 155.39
tcp6 32109 ( 0.08%) 4526340 ( 0.01%) 140.97
http(s) 451 ( 0.00%) 530742 ( 0.00%) 1176.81
http(c) 27917 ( 0.07%) 2554108 ( 0.01%) 91.49
smtp 129 ( 0.00%) 44109 ( 0.00%) 341.93
ftp 184 ( 0.00%) 21615 ( 0.00%) 117.47
pop3 33 ( 0.00%) 2850 ( 0.00%) 86.36
imap 2 ( 0.00%) 225 ( 0.00%) 112.50
ssh 96 ( 0.00%) 12128 ( 0.00%) 126.33
dns 821 ( 0.00%) 60916 ( 0.00%) 74.20
bgp 399 ( 0.00%) 39473 ( 0.00%) 98.93
other 2077 ( 0.00%) 1260174 ( 0.00%) 606.73
udp6 8901 ( 0.02%) 1495291 ( 0.00%) 167.99
dns 8857 ( 0.02%) 1489094 ( 0.00%) 168.13
everque 1 ( 0.00%) 107 ( 0.00%) 107.00
other 43 ( 0.00%) 6090 ( 0.00%) 141.63
icmp6 9308 ( 0.02%) 1792387 ( 0.01%) 192.56
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 8 ( 0.00%) 6900 ( 0.00%) 862.50
tcpdump file: 200810231400.dump.gz (905.71 MB)