Traffic Trace Info
DumpFile: 200903161400.dump
FileSize: 1255.91MB
Id: 200903161400
StartTime: Mon Mar 16 14:00:01 2009
EndTime: Mon Mar 16 14:15:00 2009
TotalTime: 899.56 seconds
TotalCapSize: 982.25MB CapLen: 96 bytes
# of packets: 17934136 (12766.02MB)
AvgRate: 119.06Mbps stddev:14.58M
IP flow (unique src/dst pair) Information
# of flows: 575787 (avg. 31.15 pkts/flow)
Top 10 big flow size (bytes/total in %):
4.0% 3.0% 2.4% 2.3% 2.1% 1.5% 1.3% 1.2% 1.2% 1.0%
IP address Information
# of IPv4 addresses: 370457
Top 10 bandwidth usage (bytes/total in %):
7.8% 7.5% 7.1% 5.6% 4.3% 4.0% 4.0% 3.1% 3.1% 2.7%
# of IPv6 addresses: 1099
Top 10 bandwidth usage (bytes/total in %):
79.4% 77.7% 8.7% 8.1% 5.3% 3.4% 1.7% 1.2% 1.0% 0.8%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](200903161400.pktlen.png)
detailed numbers
[ 32- 63]: 3961845
[ 64- 127]: 4010898
[ 128- 255]: 585122
[ 256- 511]: 515135
[ 512- 1023]: 567822
[ 1024- 2047]: 8293314
Protocol Breakdown
![[protocol breakdown chart]](200903161400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 17934136 (100.00%) 13386144725 (100.00%) 746.41
ip 17821166 ( 99.37%) 13316565360 ( 99.48%) 747.23
tcp 15450534 ( 86.15%) 12676600579 ( 94.70%) 820.46
http(s) 6448997 ( 35.96%) 8733661132 ( 65.24%) 1354.27
http(c) 3612279 ( 20.14%) 460715378 ( 3.44%) 127.54
squid 576335 ( 3.21%) 289105436 ( 2.16%) 501.63
smtp 477575 ( 2.66%) 387425366 ( 2.89%) 811.23
nntp 139 ( 0.00%) 15754 ( 0.00%) 113.34
ftp 174289 ( 0.97%) 63426319 ( 0.47%) 363.91
pop3 9012 ( 0.05%) 5505412 ( 0.04%) 610.90
imap 4582 ( 0.03%) 1271162 ( 0.01%) 277.43
telnet 3077 ( 0.02%) 525877 ( 0.00%) 170.91
ssh 476994 ( 2.66%) 38496051 ( 0.29%) 80.71
dns 1105 ( 0.01%) 93801 ( 0.00%) 84.89
bgp 136 ( 0.00%) 42299 ( 0.00%) 311.02
napster 1555 ( 0.01%) 206792 ( 0.00%) 132.99
realaud 16 ( 0.00%) 2125 ( 0.00%) 132.81
rtsp 235884 ( 1.32%) 165495524 ( 1.24%) 701.60
icecast 461 ( 0.00%) 43460 ( 0.00%) 94.27
other 3428098 ( 19.11%) 2530568691 ( 18.90%) 738.18
udp 1870141 ( 10.43%) 584995954 ( 4.37%) 312.81
dns 898681 ( 5.01%) 222249689 ( 1.66%) 247.31
realaud 100 ( 0.00%) 8533 ( 0.00%) 85.33
halflif 53 ( 0.00%) 8744 ( 0.00%) 164.98
starcra 24 ( 0.00%) 5324 ( 0.00%) 221.83
everque 67 ( 0.00%) 13702 ( 0.00%) 204.51
unreal 816 ( 0.00%) 340184 ( 0.00%) 416.89
quake 13 ( 0.00%) 1082 ( 0.00%) 83.23
cuseeme 3 ( 0.00%) 587 ( 0.00%) 195.67
other 970177 ( 5.41%) 362342112 ( 2.71%) 373.48
icmp 450813 ( 2.51%) 42855339 ( 0.32%) 95.06
ipip 297 ( 0.00%) 34912 ( 0.00%) 117.55
ip6 9754 ( 0.05%) 2369819 ( 0.02%) 242.96
other 39627 ( 0.22%) 9708757 ( 0.07%) 245.00
frag 41749 ( 0.23%) 32961488 ( 0.25%) 789.52
ip6 112970 ( 0.63%) 69579365 ( 0.52%) 615.91
tcp6 88994 ( 0.50%) 65961121 ( 0.49%) 741.19
http(s) 4974 ( 0.03%) 3501602 ( 0.03%) 703.98
http(c) 44769 ( 0.25%) 6910933 ( 0.05%) 154.37
smtp 487 ( 0.00%) 105347 ( 0.00%) 216.32
ssh 20 ( 0.00%) 2356 ( 0.00%) 117.80
bgp 380 ( 0.00%) 33282 ( 0.00%) 87.58
other 38364 ( 0.21%) 55407601 ( 0.41%) 1444.26
udp6 17100 ( 0.10%) 2703410 ( 0.02%) 158.09
dns 17065 ( 0.10%) 2699574 ( 0.02%) 158.19
everque 1 ( 0.00%) 107 ( 0.00%) 107.00
quake 1 ( 0.00%) 99 ( 0.00%) 99.00
other 33 ( 0.00%) 3630 ( 0.00%) 110.00
icmp6 6839 ( 0.04%) 903384 ( 0.01%) 132.09
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 7 ( 0.00%) 7370 ( 0.00%) 1052.86
tcpdump file: 200903161400.dump.gz (439.69 MB)