Traffic Trace Info
DumpFile: 200903051400.dump
FileSize: 1658.70MB
Id: 200903051400
StartTime: Thu Mar 5 14:00:00 2009
EndTime: Thu Mar 5 14:15:01 2009
TotalTime: 900.21 seconds
TotalCapSize: 1299.18MB CapLen: 96 bytes
# of packets: 23560922 (16833.48MB)
AvgRate: 156.86Mbps stddev:13.14M
IP flow (unique src/dst pair) Information
# of flows: 715715 (avg. 32.92 pkts/flow)
Top 10 big flow size (bytes/total in %):
4.9% 3.3% 2.4% 2.1% 1.4% 1.4% 1.1% 1.1% 1.0% 0.9%
IP address Information
# of IPv4 addresses: 424453
Top 10 bandwidth usage (bytes/total in %):
14.7% 13.9% 12.7% 7.7% 6.4% 4.4% 3.4% 3.4% 2.4% 1.9%
# of IPv6 addresses: 1138
Top 10 bandwidth usage (bytes/total in %):
93.7% 93.7% 2.1% 2.1% 1.2% 1.2% 0.7% 0.7% 0.7% 0.5%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](200903051400.pktlen.png)
detailed numbers
[ 32- 63]: 5262059
[ 64- 127]: 5294156
[ 128- 255]: 768104
[ 256- 511]: 592990
[ 512- 1023]: 740133
[ 1024- 2047]: 10903480
Protocol Breakdown
![[protocol breakdown chart]](200903051400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 23560922 (100.00%) 17651178905 (100.00%) 749.17
ip 23178137 ( 98.38%) 17264808519 ( 97.81%) 744.87
tcp 19738640 ( 83.78%) 16207305418 ( 91.82%) 821.10
http(s) 8833240 ( 37.49%) 12142250950 ( 68.79%) 1374.61
http(c) 5392032 ( 22.89%) 472826380 ( 2.68%) 87.69
squid 457522 ( 1.94%) 190966414 ( 1.08%) 417.39
smtp 676033 ( 2.87%) 424396235 ( 2.40%) 627.77
nntp 52 ( 0.00%) 3970 ( 0.00%) 76.35
ftp 102006 ( 0.43%) 37265278 ( 0.21%) 365.32
pop3 33275 ( 0.14%) 20081096 ( 0.11%) 603.49
imap 4327 ( 0.02%) 1142548 ( 0.01%) 264.05
telnet 935 ( 0.00%) 69985 ( 0.00%) 74.85
ssh 106436 ( 0.45%) 10387076 ( 0.06%) 97.59
dns 1461 ( 0.01%) 126390 ( 0.00%) 86.51
bgp 137 ( 0.00%) 45951 ( 0.00%) 335.41
napster 18 ( 0.00%) 2771 ( 0.00%) 153.94
realaud 19 ( 0.00%) 3130 ( 0.00%) 164.74
rtsp 101689 ( 0.43%) 6507258 ( 0.04%) 63.99
icecast 4683 ( 0.02%) 291843 ( 0.00%) 62.32
hotline 1 ( 0.00%) 60 ( 0.00%) 60.00
other 4024774 ( 17.08%) 2900938083 ( 16.43%) 720.77
udp 2829435 ( 12.01%) 994043636 ( 5.63%) 351.32
dns 1155470 ( 4.90%) 261834461 ( 1.48%) 226.60
realaud 1859 ( 0.01%) 118047 ( 0.00%) 63.50
halflif 31 ( 0.00%) 6451 ( 0.00%) 208.10
starcra 24 ( 0.00%) 4117 ( 0.00%) 171.54
everque 135 ( 0.00%) 29179 ( 0.00%) 216.14
unreal 9 ( 0.00%) 806 ( 0.00%) 89.56
quake 20 ( 0.00%) 1648 ( 0.00%) 82.40
cuseeme 7 ( 0.00%) 1658 ( 0.00%) 236.86
other 1671760 ( 7.10%) 731971864 ( 4.15%) 437.85
icmp 547825 ( 2.33%) 46700157 ( 0.26%) 85.25
ipip 318 ( 0.00%) 39968 ( 0.00%) 125.69
ipsec 86 ( 0.00%) 13588 ( 0.00%) 158.00
ip6 7090 ( 0.03%) 3922210 ( 0.02%) 553.20
other 54743 ( 0.23%) 12783542 ( 0.07%) 233.52
frag 2034 ( 0.01%) 1841655 ( 0.01%) 905.44
ip6 382785 ( 1.62%) 386370386 ( 2.19%) 1009.37
tcp6 358629 ( 1.52%) 382673308 ( 2.17%) 1067.05
http(s) 8587 ( 0.04%) 8169033 ( 0.05%) 951.33
http(c) 5760 ( 0.02%) 1100299 ( 0.01%) 191.02
smtp 955 ( 0.00%) 297294 ( 0.00%) 311.30
ftp 72 ( 0.00%) 6573 ( 0.00%) 91.29
ssh 4829 ( 0.02%) 2607786 ( 0.01%) 540.03
dns 7 ( 0.00%) 638 ( 0.00%) 91.14
bgp 377 ( 0.00%) 32363 ( 0.00%) 85.84
other 338042 ( 1.43%) 370459322 ( 2.10%) 1095.90
udp6 17787 ( 0.08%) 2850195 ( 0.02%) 160.24
dns 17750 ( 0.08%) 2846123 ( 0.02%) 160.34
realaud 1 ( 0.00%) 112 ( 0.00%) 112.00
other 36 ( 0.00%) 3960 ( 0.00%) 110.00
icmp6 6323 ( 0.03%) 826930 ( 0.00%) 130.78
pim6 31 ( 0.00%) 4216 ( 0.00%) 136.00
other6 15 ( 0.00%) 15737 ( 0.00%) 1049.13
tcpdump file: 200903051400.dump.gz (598.44 MB)