Traffic Trace Info
DumpFile: 200910151400.dump
FileSize: 2434.80MB
Id: 200910151400
StartTime: Thu Oct 15 14:00:00 2009
EndTime: Thu Oct 15 14:15:01 2009
TotalTime: 900.82 seconds
TotalCapSize: 1889.86MB CapLen: 96 bytes
# of packets: 35712914 (19549.34MB)
AvgRate: 182.04Mbps stddev:18.44M
IP flow (unique src/dst pair) Information
# of flows: 1529181 (avg. 23.35 pkts/flow)
Top 10 big flow size (bytes/total in %):
3.6% 1.0% 0.8% 0.8% 0.7% 0.7% 0.7% 0.6% 0.6% 0.6%
IP address Information
# of IPv4 addresses: 897617
Top 10 bandwidth usage (bytes/total in %):
26.0% 7.5% 6.1% 4.0% 3.6% 3.5% 2.9% 2.5% 1.7% 1.4%
# of IPv6 addresses: 974
Top 10 bandwidth usage (bytes/total in %):
32.0% 31.8% 6.2% 5.0% 5.0% 4.3% 4.1% 3.9% 3.5% 3.5%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](200910151400.pktlen.png)
detailed numbers
[ 32- 63]: 9419543
[ 64- 127]: 9607783
[ 128- 255]: 1793262
[ 256- 511]: 1130154
[ 512- 1023]: 1684700
[ 1024- 2047]: 12077472
Protocol Breakdown
![[protocol breakdown chart]](200910151400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 35712914 (100.00%) 20498964126 (100.00%) 573.99
ip 35658067 ( 99.85%) 20489802169 ( 99.96%) 574.62
tcp 26891358 ( 75.30%) 16830328070 ( 82.10%) 625.86
http(s) 8198040 ( 22.96%) 10416933826 ( 50.82%) 1270.66
http(c) 7486735 ( 20.96%) 918282199 ( 4.48%) 122.65
squid 1102783 ( 3.09%) 285892927 ( 1.39%) 259.25
smtp 517216 ( 1.45%) 109323401 ( 0.53%) 211.37
nntp 20 ( 0.00%) 1522 ( 0.00%) 76.10
ftp 74826 ( 0.21%) 54833438 ( 0.27%) 732.81
pop3 17625 ( 0.05%) 6162398 ( 0.03%) 349.64
imap 6889 ( 0.02%) 983404 ( 0.00%) 142.75
telnet 14452 ( 0.04%) 1150171 ( 0.01%) 79.59
ssh 170312 ( 0.48%) 19712994 ( 0.10%) 115.75
dns 6633 ( 0.02%) 6975523 ( 0.03%) 1051.64
bgp 175 ( 0.00%) 73604 ( 0.00%) 420.59
napster 560 ( 0.00%) 139919 ( 0.00%) 249.86
realaud 1062 ( 0.00%) 111472 ( 0.00%) 104.96
rtsp 261225 ( 0.73%) 134084341 ( 0.65%) 513.29
icecast 10973 ( 0.03%) 917205 ( 0.00%) 83.59
hotline 690 ( 0.00%) 65142 ( 0.00%) 94.41
other 9021084 ( 25.26%) 4874681104 ( 23.78%) 540.37
udp 8054122 ( 22.55%) 3593887054 ( 17.53%) 446.22
dns 1422920 ( 3.98%) 276836860 ( 1.35%) 194.56
rip 1 ( 0.00%) 323 ( 0.00%) 323.00
realaud 337 ( 0.00%) 29888 ( 0.00%) 88.69
halflif 1082 ( 0.00%) 84668 ( 0.00%) 78.25
starcra 465 ( 0.00%) 97660 ( 0.00%) 210.02
everque 1307 ( 0.00%) 204675 ( 0.00%) 156.60
unreal 126 ( 0.00%) 23354 ( 0.00%) 185.35
quake 89 ( 0.00%) 16728 ( 0.00%) 187.96
cuseeme 27 ( 0.00%) 4052 ( 0.00%) 150.07
other 6627163 ( 18.56%) 3316368360 ( 16.18%) 500.42
icmp 673572 ( 1.89%) 58695907 ( 0.29%) 87.14
ipip 324 ( 0.00%) 40164 ( 0.00%) 123.96
ipsec 1387 ( 0.00%) 902954 ( 0.00%) 651.01
ip6 36314 ( 0.10%) 5831287 ( 0.03%) 160.58
other 990 ( 0.00%) 116733 ( 0.00%) 117.91
frag 8967 ( 0.03%) 7601924 ( 0.04%) 847.77
ip6 54847 ( 0.15%) 9161957 ( 0.04%) 167.05
tcp6 36928 ( 0.10%) 5416475 ( 0.03%) 146.68
http(s) 1024 ( 0.00%) 1102991 ( 0.01%) 1077.14
http(c) 1834 ( 0.01%) 180573 ( 0.00%) 98.46
smtp 1397 ( 0.00%) 614275 ( 0.00%) 439.71
ftp 2574 ( 0.01%) 264221 ( 0.00%) 102.65
ssh 1 ( 0.00%) 74 ( 0.00%) 74.00
dns 5 ( 0.00%) 1856 ( 0.00%) 371.20
bgp 96 ( 0.00%) 11525 ( 0.00%) 120.05
other 29997 ( 0.08%) 3240960 ( 0.02%) 108.04
udp6 13007 ( 0.04%) 3055291 ( 0.01%) 234.90
dns 12995 ( 0.04%) 3053971 ( 0.01%) 235.01
realaud 1 ( 0.00%) 110 ( 0.00%) 110.00
other 11 ( 0.00%) 1210 ( 0.00%) 110.00
icmp6 4862 ( 0.01%) 668750 ( 0.00%) 137.55
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 20 ( 0.00%) 17361 ( 0.00%) 868.05
tcpdump file: 200910151400.dump.gz (927.86 MB)