Traffic Trace Info
DumpFile: 201001041400.dump
FileSize: 1128.35MB
Id: 201001041400
StartTime: Mon Jan 4 14:00:01 2010
EndTime: Mon Jan 4 14:15:01 2010
TotalTime: 899.96 seconds
TotalCapSize: 882.86MB CapLen: 96 bytes
# of packets: 16087550 (10712.38MB)
AvgRate: 99.85Mbps stddev:13.19M
IP flow (unique src/dst pair) Information
# of flows: 684240 (avg. 23.51 pkts/flow)
Top 10 big flow size (bytes/total in %):
3.3% 2.9% 2.3% 2.1% 2.0% 1.8% 1.7% 1.5% 1.4% 1.2%
IP address Information
# of IPv4 addresses: 416602
Top 10 bandwidth usage (bytes/total in %):
8.4% 8.1% 8.0% 5.0% 3.4% 3.4% 3.0% 3.0% 2.9% 2.3%
# of IPv6 addresses: 969
Top 10 bandwidth usage (bytes/total in %):
23.3% 17.3% 17.2% 8.2% 6.2% 4.8% 4.5% 4.3% 4.2% 3.9%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201001041400.pktlen.png)
detailed numbers
[ 32- 63]: 3873201
[ 64- 127]: 3836158
[ 128- 255]: 658757
[ 256- 511]: 441135
[ 512- 1023]: 310083
[ 1024- 2047]: 6968216
Protocol Breakdown
![[protocol breakdown chart]](201001041400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 16087550 (100.00%) 11232744923 (100.00%) 698.23
ip 16041500 ( 99.71%) 11225412221 ( 99.93%) 699.77
tcp 13789038 ( 85.71%) 10724481949 ( 95.48%) 777.75
http(s) 5938879 ( 36.92%) 7710663740 ( 68.64%) 1298.34
http(c) 3916130 ( 24.34%) 504544587 ( 4.49%) 128.84
squid 249148 ( 1.55%) 58408045 ( 0.52%) 234.43
smtp 241005 ( 1.50%) 60712407 ( 0.54%) 251.91
nntp 15 ( 0.00%) 1629 ( 0.00%) 108.60
ftp 39662 ( 0.25%) 5023879 ( 0.04%) 126.67
pop3 6526 ( 0.04%) 2895427 ( 0.03%) 443.68
imap 2726 ( 0.02%) 1540591 ( 0.01%) 565.15
telnet 69 ( 0.00%) 7380 ( 0.00%) 106.96
ssh 153146 ( 0.95%) 176062429 ( 1.57%) 1149.64
dns 18366 ( 0.11%) 4797533 ( 0.04%) 261.22
bgp 168 ( 0.00%) 42902 ( 0.00%) 255.37
napster 1 ( 0.00%) 62 ( 0.00%) 62.00
realaud 360 ( 0.00%) 306506 ( 0.00%) 851.41
rtsp 144898 ( 0.90%) 140954580 ( 1.25%) 972.78
icecast 24181 ( 0.15%) 16891191 ( 0.15%) 698.53
hotline 1 ( 0.00%) 60 ( 0.00%) 60.00
other 3053751 ( 18.98%) 2041628641 ( 18.18%) 668.56
udp 1801102 ( 11.20%) 454153100 ( 4.04%) 252.15
dns 951862 ( 5.92%) 141942375 ( 1.26%) 149.12
realaud 20 ( 0.00%) 2615 ( 0.00%) 130.75
halflif 65 ( 0.00%) 4669 ( 0.00%) 71.83
starcra 39 ( 0.00%) 5796 ( 0.00%) 148.62
everque 203 ( 0.00%) 34760 ( 0.00%) 171.23
unreal 24 ( 0.00%) 4941 ( 0.00%) 205.88
quake 24 ( 0.00%) 2207 ( 0.00%) 91.96
cuseeme 1 ( 0.00%) 76 ( 0.00%) 76.00
other 848484 ( 5.27%) 311929501 ( 2.78%) 367.63
icmp 320438 ( 1.99%) 27031289 ( 0.24%) 84.36
ipip 1990 ( 0.01%) 310860 ( 0.00%) 156.21
ipsec 999 ( 0.01%) 385850 ( 0.00%) 386.24
ip6 57331 ( 0.36%) 10399130 ( 0.09%) 181.39
other 70602 ( 0.44%) 8650043 ( 0.08%) 122.52
frag 1680 ( 0.01%) 1722312 ( 0.02%) 1025.19
ip6 46050 ( 0.29%) 7332702 ( 0.07%) 159.23
tcp6 22553 ( 0.14%) 1790092 ( 0.02%) 79.37
http(s) 57 ( 0.00%) 18315 ( 0.00%) 321.32
http(c) 3491 ( 0.02%) 315088 ( 0.00%) 90.26
squid 14 ( 0.00%) 1036 ( 0.00%) 74.00
smtp 106 ( 0.00%) 16007 ( 0.00%) 151.01
ftp 57 ( 0.00%) 4970 ( 0.00%) 87.19
ssh 8 ( 0.00%) 1024 ( 0.00%) 128.00
dns 8 ( 0.00%) 3849 ( 0.00%) 481.12
bgp 108 ( 0.00%) 15558 ( 0.00%) 144.06
icecast 7 ( 0.00%) 518 ( 0.00%) 74.00
other 18697 ( 0.12%) 1413727 ( 0.01%) 75.61
udp6 19071 ( 0.12%) 4990738 ( 0.04%) 261.69
dns 19042 ( 0.12%) 4985496 ( 0.04%) 261.82
other 29 ( 0.00%) 5242 ( 0.00%) 180.76
icmp6 4363 ( 0.03%) 512786 ( 0.00%) 117.53
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 33 ( 0.00%) 35006 ( 0.00%) 1060.79
tcpdump file: 201001041400.dump.gz (396.26 MB)