Traffic Trace Info
DumpFile: 200812161400.dump
FileSize: 1622.69MB
Id: 200812161400
StartTime: Tue Dec 16 14:00:01 2008
EndTime: Tue Dec 16 14:15:01 2008
TotalTime: 900.45 seconds
TotalCapSize: 1261.56MB CapLen: 96 bytes
# of packets: 23666438 (13940.88MB)
AvgRate: 129.87Mbps stddev:16.67M
IP flow (unique src/dst pair) Information
# of flows: 670398 (avg. 35.30 pkts/flow)
Top 10 big flow size (bytes/total in %):
4.2% 2.9% 2.5% 2.2% 1.1% 0.8% 0.8% 0.8% 0.8% 0.8%
IP address Information
# of IPv4 addresses: 402687
Top 10 bandwidth usage (bytes/total in %):
9.2% 9.0% 5.1% 4.3% 4.2% 3.9% 3.8% 3.0% 3.0% 2.8%
# of IPv6 addresses: 1155
Top 10 bandwidth usage (bytes/total in %):
24.5% 22.7% 21.7% 21.7% 6.9% 4.8% 4.1% 3.8% 3.4% 3.2%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](200812161400.pktlen.png)
detailed numbers
[ 32- 63]: 5384631
[ 64- 127]: 6716167
[ 128- 255]: 1256350
[ 256- 511]: 727199
[ 512- 1023]: 891474
[ 1024- 2047]: 8690617
Protocol Breakdown
![[protocol breakdown chart]](200812161400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 23666438 (100.00%) 14618076846 (100.00%) 617.67
ip 23602516 ( 99.73%) 14610903625 ( 99.95%) 619.04
tcp 17438683 ( 73.69%) 12191138079 ( 83.40%) 699.09
http(s) 7253356 ( 30.65%) 9498385336 ( 64.98%) 1309.52
http(c) 4856569 ( 20.52%) 560558609 ( 3.83%) 115.42
squid 501604 ( 2.12%) 269797711 ( 1.85%) 537.87
smtp 331611 ( 1.40%) 96133654 ( 0.66%) 289.90
nntp 55 ( 0.00%) 5753 ( 0.00%) 104.60
ftp 106055 ( 0.45%) 60484622 ( 0.41%) 570.31
pop3 21655 ( 0.09%) 4523551 ( 0.03%) 208.89
imap 6711 ( 0.03%) 841887 ( 0.01%) 125.45
telnet 2634 ( 0.01%) 378527 ( 0.00%) 143.71
ssh 956140 ( 4.04%) 165029718 ( 1.13%) 172.60
dns 1389 ( 0.01%) 95387 ( 0.00%) 68.67
bgp 147 ( 0.00%) 53083 ( 0.00%) 361.11
napster 22 ( 0.00%) 2033 ( 0.00%) 92.41
realaud 28 ( 0.00%) 2729 ( 0.00%) 97.46
rtsp 197589 ( 0.83%) 19749359 ( 0.14%) 99.95
icecast 10191 ( 0.04%) 4502422 ( 0.03%) 441.80
other 3192926 ( 13.49%) 1510593638 ( 10.33%) 473.11
udp 4611122 ( 19.48%) 2124295416 ( 14.53%) 460.69
dns 1227532 ( 5.19%) 189669798 ( 1.30%) 154.51
realaud 25326 ( 0.11%) 20695329 ( 0.14%) 817.16
halflif 26 ( 0.00%) 2530 ( 0.00%) 97.31
starcra 59 ( 0.00%) 7621 ( 0.00%) 129.17
everque 78 ( 0.00%) 14247 ( 0.00%) 182.65
unreal 92 ( 0.00%) 21929 ( 0.00%) 238.36
quake 30 ( 0.00%) 3893 ( 0.00%) 129.77
cuseeme 1 ( 0.00%) 79 ( 0.00%) 79.00
other 3357584 ( 14.19%) 1913651326 ( 13.09%) 569.95
icmp 1110521 ( 4.69%) 90396591 ( 0.62%) 81.40
ipip 296 ( 0.00%) 35752 ( 0.00%) 120.78
ipsec 355995 ( 1.50%) 191213826 ( 1.31%) 537.13
ip6 882 ( 0.00%) 106188 ( 0.00%) 120.39
other 85017 ( 0.36%) 13717773 ( 0.09%) 161.35
frag 2121 ( 0.01%) 1377996 ( 0.01%) 649.69
ip6 63922 ( 0.27%) 7173221 ( 0.05%) 112.22
tcp6 43441 ( 0.18%) 4010438 ( 0.03%) 92.32
http(s) 49 ( 0.00%) 24095 ( 0.00%) 491.73
http(c) 40313 ( 0.17%) 3380006 ( 0.02%) 83.84
smtp 530 ( 0.00%) 229623 ( 0.00%) 433.25
ftp 36 ( 0.00%) 3308 ( 0.00%) 91.89
ssh 296 ( 0.00%) 143728 ( 0.00%) 485.57
bgp 396 ( 0.00%) 36217 ( 0.00%) 91.46
other 1821 ( 0.01%) 193461 ( 0.00%) 106.24
udp6 15366 ( 0.06%) 2457608 ( 0.02%) 159.94
dns 15300 ( 0.06%) 2450360 ( 0.02%) 160.15
starcra 1 ( 0.00%) 99 ( 0.00%) 99.00
quake 1 ( 0.00%) 109 ( 0.00%) 109.00
other 64 ( 0.00%) 7040 ( 0.00%) 110.00
icmp6 5067 ( 0.02%) 688645 ( 0.00%) 135.91
pim6 31 ( 0.00%) 4216 ( 0.00%) 136.00
other6 17 ( 0.00%) 12314 ( 0.00%) 724.35
tcpdump file: 200812161400.dump.gz (571.82 MB)