Traffic Trace Info
DumpFile: 200810301400.dump
FileSize: 1709.51MB
Id: 200810301400
StartTime: Thu Oct 30 14:00:01 2008
EndTime: Thu Oct 30 14:15:00 2008
TotalTime: 899.70 seconds
TotalCapSize: 1332.46MB CapLen: 96 bytes
# of packets: 24709387 (17797.39MB)
AvgRate: 165.91Mbps stddev:19.86M
IP flow (unique src/dst pair) Information
# of flows: 628154 (avg. 39.34 pkts/flow)
Top 10 big flow size (bytes/total in %):
2.5% 2.0% 1.7% 1.7% 1.7% 1.5% 1.0% 0.9% 0.9% 0.9%
IP address Information
# of IPv4 addresses: 302114
Top 10 bandwidth usage (bytes/total in %):
8.9% 7.3% 4.2% 3.6% 3.1% 2.5% 2.1% 2.0% 2.0% 1.8%
# of IPv6 addresses: 852
Top 10 bandwidth usage (bytes/total in %):
55.4% 34.0% 21.4% 12.0% 11.6% 11.2% 4.4% 4.3% 1.9% 1.7%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](200810301400.pktlen.png)
detailed numbers
[ 32- 63]: 6403501
[ 64- 127]: 4520982
[ 128- 255]: 791962
[ 256- 511]: 565124
[ 512- 1023]: 655172
[ 1024- 2047]: 11772646
Protocol Breakdown
![[protocol breakdown chart]](200810301400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 24709387 (100.00%) 18661915683 (100.00%) 755.26
ip 24653152 ( 99.77%) 18647480263 ( 99.92%) 756.39
tcp 21334383 ( 86.34%) 17337309591 ( 92.90%) 812.65
http(s) 9797296 ( 39.65%) 13024680281 ( 69.79%) 1329.42
http(c) 6264747 ( 25.35%) 1246440383 ( 6.68%) 198.96
squid 508761 ( 2.06%) 188885207 ( 1.01%) 371.27
smtp 726917 ( 2.94%) 209543086 ( 1.12%) 288.26
nntp 4 ( 0.00%) 329 ( 0.00%) 82.25
ftp 211019 ( 0.85%) 115993357 ( 0.62%) 549.68
pop3 38679 ( 0.16%) 22231653 ( 0.12%) 574.77
imap 5809 ( 0.02%) 1448096 ( 0.01%) 249.28
telnet 856 ( 0.00%) 67271 ( 0.00%) 78.59
ssh 86325 ( 0.35%) 11481491 ( 0.06%) 133.00
dns 5259 ( 0.02%) 674044 ( 0.00%) 128.17
bgp 401 ( 0.00%) 252561 ( 0.00%) 629.83
napster 84 ( 0.00%) 8518 ( 0.00%) 101.40
realaud 129 ( 0.00%) 15164 ( 0.00%) 117.55
rtsp 363134 ( 1.47%) 326619195 ( 1.75%) 899.45
icecast 46761 ( 0.19%) 38636447 ( 0.21%) 826.25
hotline 6 ( 0.00%) 621 ( 0.00%) 103.50
other 3278195 ( 13.27%) 2150331827 ( 11.52%) 655.95
udp 2964250 ( 12.00%) 1276636549 ( 6.84%) 430.68
dns 934469 ( 3.78%) 195532315 ( 1.05%) 209.24
realaud 22627 ( 0.09%) 7242025 ( 0.04%) 320.06
halflif 31 ( 0.00%) 2936 ( 0.00%) 94.71
starcra 37 ( 0.00%) 6471 ( 0.00%) 174.89
everque 735 ( 0.00%) 584989 ( 0.00%) 795.90
unreal 66 ( 0.00%) 22423 ( 0.00%) 339.74
quake 25 ( 0.00%) 4837 ( 0.00%) 193.48
cuseeme 2 ( 0.00%) 162 ( 0.00%) 81.00
other 2005533 ( 8.12%) 1072199490 ( 5.75%) 534.62
icmp 338928 ( 1.37%) 30929412 ( 0.17%) 91.26
ipip 326 ( 0.00%) 39506 ( 0.00%) 121.18
ipsec 5543 ( 0.02%) 1006914 ( 0.01%) 181.66
ip6 863 ( 0.00%) 107588 ( 0.00%) 124.67
other 8859 ( 0.04%) 1450703 ( 0.01%) 163.75
frag 35641 ( 0.14%) 38840824 ( 0.21%) 1089.78
ip6 56235 ( 0.23%) 14435420 ( 0.08%) 256.70
tcp6 30637 ( 0.12%) 10741345 ( 0.06%) 350.60
http(s) 6640 ( 0.03%) 8465960 ( 0.05%) 1274.99
http(c) 21836 ( 0.09%) 1983573 ( 0.01%) 90.84
smtp 308 ( 0.00%) 105820 ( 0.00%) 343.57
ftp 96 ( 0.00%) 10932 ( 0.00%) 113.88
pop3 30 ( 0.00%) 2604 ( 0.00%) 86.80
ssh 123 ( 0.00%) 21826 ( 0.00%) 177.45
bgp 404 ( 0.00%) 42485 ( 0.00%) 105.16
other 1200 ( 0.00%) 108145 ( 0.00%) 90.12
udp6 8788 ( 0.04%) 1621662 ( 0.01%) 184.53
dns 8771 ( 0.04%) 1619792 ( 0.01%) 184.68
other 17 ( 0.00%) 1870 ( 0.00%) 110.00
icmp6 16703 ( 0.07%) 2042652 ( 0.01%) 122.29
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 77 ( 0.00%) 25681 ( 0.00%) 333.52
tcpdump file: 200810301400.dump.gz (593.49 MB)