Traffic Trace Info
DumpFile: 200811201400.dump
FileSize: 1561.82MB
Id: 200811201400
StartTime: Thu Nov 20 14:00:01 2008
EndTime: Thu Nov 20 14:15:00 2008
TotalTime: 899.26 seconds
TotalCapSize: 1221.83MB CapLen: 96 bytes
# of packets: 22281006 (15344.91MB)
AvgRate: 143.14Mbps stddev:12.52M
IP flow (unique src/dst pair) Information
# of flows: 765866 (avg. 29.09 pkts/flow)
Top 10 big flow size (bytes/total in %):
2.0% 1.9% 1.6% 1.5% 1.2% 1.1% 1.1% 1.0% 1.0% 0.9%
IP address Information
# of IPv4 addresses: 414097
Top 10 bandwidth usage (bytes/total in %):
11.0% 8.8% 6.0% 4.6% 4.2% 3.8% 2.8% 2.7% 2.7% 2.3%
# of IPv6 addresses: 1027
Top 10 bandwidth usage (bytes/total in %):
28.5% 26.5% 17.1% 17.0% 9.1% 6.9% 4.2% 3.3% 2.7% 2.2%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](200811201400.pktlen.png)
detailed numbers
[ 32- 63]: 4863715
[ 64- 127]: 5354226
[ 128- 255]: 974967
[ 256- 511]: 517647
[ 512- 1023]: 634241
[ 1024- 2047]: 9936210
Protocol Breakdown
![[protocol breakdown chart]](200811201400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 22281006 (100.00%) 16090299429 (100.00%) 722.15
ip 22237850 ( 99.81%) 16084163827 ( 99.96%) 723.28
tcp 18621683 ( 83.58%) 14929770540 ( 92.79%) 801.74
http(s) 8308787 ( 37.29%) 11405891038 ( 70.89%) 1372.75
http(c) 4688709 ( 21.04%) 565436520 ( 3.51%) 120.60
squid 686508 ( 3.08%) 446746243 ( 2.78%) 650.75
smtp 329822 ( 1.48%) 161646531 ( 1.00%) 490.10
nntp 164 ( 0.00%) 31928 ( 0.00%) 194.68
ftp 75028 ( 0.34%) 33269861 ( 0.21%) 443.43
pop3 20504 ( 0.09%) 5084960 ( 0.03%) 248.00
imap 8355 ( 0.04%) 2543760 ( 0.02%) 304.46
telnet 1943 ( 0.01%) 255494 ( 0.00%) 131.49
ssh 985775 ( 4.42%) 141656643 ( 0.88%) 143.70
dns 4884 ( 0.02%) 514405 ( 0.00%) 105.32
bgp 148 ( 0.00%) 55767 ( 0.00%) 376.80
napster 24146 ( 0.11%) 23896517 ( 0.15%) 989.67
realaud 33 ( 0.00%) 3017 ( 0.00%) 91.42
rtsp 58185 ( 0.26%) 69414149 ( 0.43%) 1192.99
icecast 26155 ( 0.12%) 19317426 ( 0.12%) 738.57
hotline 2 ( 0.00%) 134 ( 0.00%) 67.00
other 3402530 ( 15.27%) 2054005847 ( 12.77%) 603.67
udp 2617819 ( 11.75%) 1067680831 ( 6.64%) 407.85
dns 963089 ( 4.32%) 191965558 ( 1.19%) 199.32
realaud 2551 ( 0.01%) 1027952 ( 0.01%) 402.96
halflif 43 ( 0.00%) 4752 ( 0.00%) 110.51
starcra 83 ( 0.00%) 15274 ( 0.00%) 184.02
everque 121 ( 0.00%) 19910 ( 0.00%) 164.55
unreal 269 ( 0.00%) 80201 ( 0.00%) 298.14
quake 27 ( 0.00%) 4137 ( 0.00%) 153.22
cuseeme 3 ( 0.00%) 267 ( 0.00%) 89.00
other 1651600 ( 7.41%) 874542664 ( 5.44%) 529.51
icmp 930583 ( 4.18%) 75533469 ( 0.47%) 81.17
ipip 314 ( 0.00%) 38840 ( 0.00%) 123.69
ipsec 5179 ( 0.02%) 646770 ( 0.00%) 124.88
ip6 1382 ( 0.01%) 454584 ( 0.00%) 328.93
other 60890 ( 0.27%) 10038793 ( 0.06%) 164.87
frag 24617 ( 0.11%) 24871525 ( 0.15%) 1010.34
ip6 43156 ( 0.19%) 6135602 ( 0.04%) 142.17
tcp6 25061 ( 0.11%) 3549192 ( 0.02%) 141.62
http(s) 186 ( 0.00%) 260707 ( 0.00%) 1401.65
http(c) 19217 ( 0.09%) 1807254 ( 0.01%) 94.04
smtp 487 ( 0.00%) 216194 ( 0.00%) 443.93
ftp 34 ( 0.00%) 3136 ( 0.00%) 92.24
pop3 33 ( 0.00%) 2850 ( 0.00%) 86.36
ssh 3337 ( 0.01%) 1061205 ( 0.01%) 318.01
bgp 409 ( 0.00%) 37013 ( 0.00%) 90.50
other 1358 ( 0.01%) 160833 ( 0.00%) 118.43
udp6 12485 ( 0.06%) 1860871 ( 0.01%) 149.05
dns 12465 ( 0.06%) 1858671 ( 0.01%) 149.11
other 20 ( 0.00%) 2200 ( 0.00%) 110.00
icmp6 5576 ( 0.03%) 718305 ( 0.00%) 128.82
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 4 ( 0.00%) 3154 ( 0.00%) 788.50
tcpdump file: 200811201400.dump.gz (560.39 MB)