Traffic Trace Info
DumpFile: 200901161400.dump
FileSize: 1305.89MB
Id: 200901161400
StartTime: Fri Jan 16 14:00:00 2009
EndTime: Fri Jan 16 14:15:01 2009
TotalTime: 900.64 seconds
TotalCapSize: 1020.97MB CapLen: 96 bytes
# of packets: 18671299 (10967.84MB)
AvgRate: 102.15Mbps stddev:14.34M
IP flow (unique src/dst pair) Information
# of flows: 649253 (avg. 28.76 pkts/flow)
Top 10 big flow size (bytes/total in %):
2.9% 1.9% 1.6% 1.6% 1.5% 1.1% 1.1% 1.0% 0.9% 0.9%
IP address Information
# of IPv4 addresses: 373892
Top 10 bandwidth usage (bytes/total in %):
10.0% 8.6% 6.1% 4.0% 3.2% 3.1% 3.0% 2.7% 2.7% 2.4%
# of IPv6 addresses: 1183
Top 10 bandwidth usage (bytes/total in %):
95.2% 95.2% 1.3% 1.2% 0.9% 0.9% 0.3% 0.3% 0.2% 0.2%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](200901161400.pktlen.png)
detailed numbers
[ 32- 63]: 4509282
[ 64- 127]: 5139711
[ 128- 255]: 923746
[ 256- 511]: 535588
[ 512- 1023]: 660633
[ 1024- 2047]: 6902339
Protocol Breakdown
![[protocol breakdown chart]](200901161400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 18671299 (100.00%) 11500610686 (100.00%) 615.95
ip 18502927 ( 99.10%) 11320174505 ( 98.43%) 611.80
tcp 14864390 ( 79.61%) 10446302817 ( 90.83%) 702.77
http(s) 5870955 ( 31.44%) 7592264727 ( 66.02%) 1293.19
http(c) 4186469 ( 22.42%) 461223501 ( 4.01%) 110.17
squid 464861 ( 2.49%) 295061993 ( 2.57%) 634.73
smtp 538872 ( 2.89%) 279814621 ( 2.43%) 519.26
nntp 187 ( 0.00%) 19881 ( 0.00%) 106.32
ftp 133225 ( 0.71%) 65410979 ( 0.57%) 490.98
pop3 22650 ( 0.12%) 5467370 ( 0.05%) 241.38
imap 6244 ( 0.03%) 914324 ( 0.01%) 146.43
telnet 3525 ( 0.02%) 511457 ( 0.00%) 145.09
ssh 289307 ( 1.55%) 33282832 ( 0.29%) 115.04
dns 8892 ( 0.05%) 878728 ( 0.01%) 98.82
bgp 140 ( 0.00%) 45546 ( 0.00%) 325.33
napster 765 ( 0.00%) 495638 ( 0.00%) 647.89
realaud 21 ( 0.00%) 2063 ( 0.00%) 98.24
rtsp 119378 ( 0.64%) 43100517 ( 0.37%) 361.04
icecast 12351 ( 0.07%) 841481 ( 0.01%) 68.13
hotline 3 ( 0.00%) 186 ( 0.00%) 62.00
other 3206541 ( 17.17%) 1666966733 ( 14.49%) 519.86
udp 2709212 ( 14.51%) 752401579 ( 6.54%) 277.72
dns 1221847 ( 6.54%) 233107961 ( 2.03%) 190.78
realaud 25 ( 0.00%) 5529 ( 0.00%) 221.16
halflif 45 ( 0.00%) 4880 ( 0.00%) 108.44
starcra 59 ( 0.00%) 10825 ( 0.00%) 183.47
everque 112 ( 0.00%) 23763 ( 0.00%) 212.17
unreal 52 ( 0.00%) 14473 ( 0.00%) 278.33
quake 33 ( 0.00%) 3773 ( 0.00%) 114.33
cuseeme 7 ( 0.00%) 617 ( 0.00%) 88.14
other 1486908 ( 7.96%) 519180543 ( 4.51%) 349.17
icmp 639134 ( 3.42%) 63269041 ( 0.55%) 98.99
ipip 323 ( 0.00%) 48420 ( 0.00%) 149.91
ipsec 439 ( 0.00%) 67594 ( 0.00%) 153.97
ip6 42128 ( 0.23%) 13115301 ( 0.11%) 311.32
other 247301 ( 1.32%) 44969753 ( 0.39%) 181.84
frag 47249 ( 0.25%) 42171117 ( 0.37%) 892.53
ip6 168372 ( 0.90%) 180436181 ( 1.57%) 1071.65
tcp6 148096 ( 0.79%) 177205086 ( 1.54%) 1196.56
http(s) 1941 ( 0.01%) 2143673 ( 0.02%) 1104.42
http(c) 2710 ( 0.01%) 335666 ( 0.00%) 123.86
smtp 1126 ( 0.01%) 527593 ( 0.00%) 468.56
ftp 36 ( 0.00%) 3308 ( 0.00%) 91.89
pop3 11 ( 0.00%) 1018 ( 0.00%) 92.55
ssh 167 ( 0.00%) 21898 ( 0.00%) 131.13
dns 12 ( 0.00%) 1182 ( 0.00%) 98.50
bgp 405 ( 0.00%) 37187 ( 0.00%) 91.82
other 141688 ( 0.76%) 174133561 ( 1.51%) 1228.99
udp6 14562 ( 0.08%) 2299853 ( 0.02%) 157.94
dns 14530 ( 0.08%) 2296336 ( 0.02%) 158.04
everque 1 ( 0.00%) 105 ( 0.00%) 105.00
quake 1 ( 0.00%) 112 ( 0.00%) 112.00
other 30 ( 0.00%) 3300 ( 0.00%) 110.00
icmp6 5677 ( 0.03%) 922640 ( 0.01%) 162.52
pim6 31 ( 0.00%) 4216 ( 0.00%) 136.00
other6 6 ( 0.00%) 4386 ( 0.00%) 731.00
tcpdump file: 200901161400.dump.gz (457.04 MB)