Traffic Trace Info
DumpFile: 200901011400.dump
FileSize: 674.15MB
Id: 200901011400
StartTime: Thu Jan 1 14:00:01 2009
EndTime: Thu Jan 1 14:15:00 2009
TotalTime: 899.33 seconds
TotalCapSize: 527.45MB CapLen: 96 bytes
# of packets: 9614026 (5980.70MB)
AvgRate: 55.77Mbps stddev:11.46M
IP flow (unique src/dst pair) Information
# of flows: 530582 (avg. 18.12 pkts/flow)
Top 10 big flow size (bytes/total in %):
3.4% 2.7% 2.7% 2.2% 1.7% 1.4% 1.3% 1.3% 1.1% 1.1%
IP address Information
# of IPv4 addresses: 338287
Top 10 bandwidth usage (bytes/total in %):
13.4% 10.8% 5.5% 4.9% 3.7% 3.2% 2.7% 2.7% 2.5% 2.4%
# of IPv6 addresses: 1032
Top 10 bandwidth usage (bytes/total in %):
99.1% 49.7% 49.3% 0.2% 0.1% 0.1% 0.1% 0.0% 0.0% 0.0%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](200901011400.pktlen.png)
detailed numbers
[ 32- 63]: 2171017
[ 64- 127]: 2519797
[ 128- 255]: 574504
[ 256- 511]: 297002
[ 512- 1023]: 251686
[ 1024- 2047]: 3800020
Protocol Breakdown
![[protocol breakdown chart]](200901011400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 9614026 (100.00%) 6271213480 (100.00%) 652.30
ip 9363019 ( 97.39%) 5928189181 ( 94.53%) 633.15
tcp 7258605 ( 75.50%) 5292178013 ( 84.39%) 729.09
http(s) 2949198 ( 30.68%) 3968115531 ( 63.28%) 1345.49
http(c) 1645876 ( 17.12%) 136817168 ( 2.18%) 83.13
squid 427069 ( 4.44%) 344447392 ( 5.49%) 806.54
smtp 306307 ( 3.19%) 48765217 ( 0.78%) 159.20
nntp 1 ( 0.00%) 60 ( 0.00%) 60.00
ftp 126224 ( 1.31%) 63211821 ( 1.01%) 500.79
pop3 9374 ( 0.10%) 3111390 ( 0.05%) 331.92
imap 838 ( 0.01%) 101222 ( 0.00%) 120.79
telnet 18011 ( 0.19%) 1351883 ( 0.02%) 75.06
ssh 297633 ( 3.10%) 78933027 ( 1.26%) 265.20
dns 1911 ( 0.02%) 355166 ( 0.01%) 185.85
bgp 155 ( 0.00%) 54661 ( 0.00%) 352.65
napster 13 ( 0.00%) 1020 ( 0.00%) 78.46
realaud 80 ( 0.00%) 10216 ( 0.00%) 127.70
rtsp 162 ( 0.00%) 39825 ( 0.00%) 245.83
icecast 5064 ( 0.05%) 318237 ( 0.01%) 62.84
hotline 3 ( 0.00%) 186 ( 0.00%) 62.00
other 1470686 ( 15.30%) 646543991 ( 10.31%) 439.62
udp 1700792 ( 17.69%) 592709956 ( 9.45%) 348.49
dns 823200 ( 8.56%) 158432444 ( 2.53%) 192.46
realaud 7772 ( 0.08%) 6705318 ( 0.11%) 862.75
halflif 13 ( 0.00%) 1701 ( 0.00%) 130.85
starcra 22 ( 0.00%) 3906 ( 0.00%) 177.55
everque 64 ( 0.00%) 12045 ( 0.00%) 188.20
unreal 18 ( 0.00%) 3008 ( 0.00%) 167.11
quake 9 ( 0.00%) 758 ( 0.00%) 84.22
cuseeme 5 ( 0.00%) 662 ( 0.00%) 132.40
other 869640 ( 9.05%) 427534917 ( 6.82%) 491.62
icmp 374919 ( 3.90%) 34229199 ( 0.55%) 91.30
ipip 321 ( 0.00%) 40006 ( 0.00%) 124.63
ipsec 72 ( 0.00%) 11376 ( 0.00%) 158.00
ip6 7591 ( 0.08%) 6012997 ( 0.10%) 792.12
other 20719 ( 0.22%) 3007634 ( 0.05%) 145.16
frag 4205 ( 0.04%) 3332944 ( 0.05%) 792.61
ip6 251007 ( 2.61%) 343024299 ( 5.47%) 1366.59
tcp6 233795 ( 2.43%) 340620797 ( 5.43%) 1456.92
http(s) 166 ( 0.00%) 70102 ( 0.00%) 422.30
http(c) 3400 ( 0.04%) 344119 ( 0.01%) 101.21
smtp 737 ( 0.01%) 226022 ( 0.00%) 306.68
ftp 37 ( 0.00%) 3402 ( 0.00%) 91.95
pop3 28 ( 0.00%) 2330 ( 0.00%) 83.21
ssh 192 ( 0.00%) 17420 ( 0.00%) 90.73
bgp 363 ( 0.00%) 30422 ( 0.00%) 83.81
other 228872 ( 2.38%) 339926980 ( 5.42%) 1485.23
udp6 9693 ( 0.10%) 1445774 ( 0.02%) 149.16
dns 9641 ( 0.10%) 1440062 ( 0.02%) 149.37
quake 1 ( 0.00%) 102 ( 0.00%) 102.00
other 51 ( 0.00%) 5610 ( 0.00%) 110.00
icmp6 7485 ( 0.08%) 950198 ( 0.02%) 126.95
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 4 ( 0.00%) 3450 ( 0.00%) 862.50
tcpdump file: 200901011400.dump.gz (240.15 MB)