Traffic Trace Info
DumpFile: 200903101400.dump
FileSize: 1461.75MB
Id: 200903101400
StartTime: Tue Mar 10 14:00:01 2009
EndTime: Tue Mar 10 14:15:01 2009
TotalTime: 900.08 seconds
TotalCapSize: 1149.82MB CapLen: 96 bytes
# of packets: 20442207 (15178.95MB)
AvgRate: 141.43Mbps stddev:19.36M
IP flow (unique src/dst pair) Information
# of flows: 701582 (avg. 29.14 pkts/flow)
Top 10 big flow size (bytes/total in %):
27.0% 1.6% 1.6% 1.1% 0.9% 0.9% 0.8% 0.7% 0.6% 0.6%
IP address Information
# of IPv4 addresses: 415694
Top 10 bandwidth usage (bytes/total in %):
27.0% 27.0% 6.8% 6.1% 5.3% 4.5% 2.9% 2.5% 2.3% 1.6%
# of IPv6 addresses: 1100
Top 10 bandwidth usage (bytes/total in %):
64.7% 58.3% 7.6% 5.3% 3.7% 3.5% 3.2% 3.1% 3.0% 2.4%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](200903101400.pktlen.png)
detailed numbers
[ 32- 63]: 3895451
[ 64- 127]: 4238128
[ 128- 255]: 748174
[ 256- 511]: 860480
[ 512- 1023]: 535227
[ 1024- 2047]: 10164747
Protocol Breakdown
![[protocol breakdown chart]](200903101400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 20442207 (100.00%) 15916282813 (100.00%) 778.60
ip 20400110 ( 99.79%) 15894753238 ( 99.86%) 779.15
tcp 17250573 ( 84.39%) 14860509296 ( 93.37%) 861.45
http(s) 5523968 ( 27.02%) 7343729825 ( 46.14%) 1329.43
http(c) 3619223 ( 17.70%) 401398337 ( 2.52%) 110.91
squid 680038 ( 3.33%) 365542445 ( 2.30%) 537.53
smtp 296927 ( 1.45%) 122158093 ( 0.77%) 411.41
nntp 1 ( 0.00%) 60 ( 0.00%) 60.00
ftp 100799 ( 0.49%) 8166602 ( 0.05%) 81.02
pop3 22639 ( 0.11%) 17911848 ( 0.11%) 791.19
imap 5333 ( 0.03%) 893274 ( 0.01%) 167.50
telnet 541 ( 0.00%) 43947 ( 0.00%) 81.23
ssh 3754783 ( 18.37%) 4550818821 ( 28.59%) 1212.01
dns 5020 ( 0.02%) 479230 ( 0.00%) 95.46
bgp 158 ( 0.00%) 58895 ( 0.00%) 372.75
napster 24 ( 0.00%) 2104 ( 0.00%) 87.67
realaud 7 ( 0.00%) 440 ( 0.00%) 62.86
rtsp 257505 ( 1.26%) 22980034 ( 0.14%) 89.24
icecast 737 ( 0.00%) 73632 ( 0.00%) 99.91
hotline 2 ( 0.00%) 120 ( 0.00%) 60.00
other 2982867 ( 14.59%) 2026251529 ( 12.73%) 679.30
udp 2459056 ( 12.03%) 937479531 ( 5.89%) 381.24
dns 993786 ( 4.86%) 233297570 ( 1.47%) 234.76
realaud 935 ( 0.00%) 81255 ( 0.00%) 86.90
halflif 19 ( 0.00%) 1501 ( 0.00%) 79.00
starcra 34 ( 0.00%) 6088 ( 0.00%) 179.06
everque 77 ( 0.00%) 13647 ( 0.00%) 177.23
unreal 16 ( 0.00%) 2705 ( 0.00%) 169.06
quake 18 ( 0.00%) 2049 ( 0.00%) 113.83
cuseeme 7 ( 0.00%) 874 ( 0.00%) 124.86
other 1464026 ( 7.16%) 704024110 ( 4.42%) 480.88
icmp 639036 ( 3.13%) 52573151 ( 0.33%) 82.27
ipip 301 ( 0.00%) 36306 ( 0.00%) 120.62
ipsec 82 ( 0.00%) 12956 ( 0.00%) 158.00
ip6 47180 ( 0.23%) 43064581 ( 0.27%) 912.77
other 3882 ( 0.02%) 1077417 ( 0.01%) 277.54
frag 48622 ( 0.24%) 41691602 ( 0.26%) 857.46
ip6 42097 ( 0.21%) 21529575 ( 0.14%) 511.43
tcp6 17501 ( 0.09%) 17667929 ( 0.11%) 1009.54
http(s) 11409 ( 0.06%) 15798582 ( 0.10%) 1384.75
http(c) 2833 ( 0.01%) 563593 ( 0.00%) 198.94
smtp 408 ( 0.00%) 138635 ( 0.00%) 339.79
ftp 14 ( 0.00%) 1157 ( 0.00%) 82.64
imap 553 ( 0.00%) 677053 ( 0.00%) 1224.33
ssh 873 ( 0.00%) 348882 ( 0.00%) 399.64
bgp 404 ( 0.00%) 42001 ( 0.00%) 103.96
other 1007 ( 0.00%) 98026 ( 0.00%) 97.34
udp6 17796 ( 0.09%) 2920450 ( 0.02%) 164.11
dns 17783 ( 0.09%) 2919013 ( 0.02%) 164.15
realaud 1 ( 0.00%) 117 ( 0.00%) 117.00
other 12 ( 0.00%) 1320 ( 0.00%) 110.00
icmp6 6764 ( 0.03%) 930903 ( 0.01%) 137.63
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 6 ( 0.00%) 6213 ( 0.00%) 1035.50
tcpdump file: 200903101400.dump.gz (487.38 MB)