Traffic Trace Info
DumpFile: 201001051400.dump
FileSize: 1271.95MB
Id: 201001051400
StartTime: Tue Jan 5 14:00:01 2010
EndTime: Tue Jan 5 14:15:00 2010
TotalTime: 899.32 seconds
TotalCapSize: 995.37MB CapLen: 96 bytes
# of packets: 18125026 (10897.43MB)
AvgRate: 101.67Mbps stddev:11.51M
IP flow (unique src/dst pair) Information
# of flows: 899642 (avg. 20.15 pkts/flow)
Top 10 big flow size (bytes/total in %):
2.7% 1.8% 1.8% 1.7% 1.6% 1.5% 1.4% 1.2% 1.0% 1.0%
IP address Information
# of IPv4 addresses: 524436
Top 10 bandwidth usage (bytes/total in %):
9.4% 7.3% 4.9% 3.2% 3.2% 3.0% 3.0% 2.9% 2.7% 2.7%
# of IPv6 addresses: 997
Top 10 bandwidth usage (bytes/total in %):
16.9% 15.2% 15.2% 5.1% 4.8% 4.8% 4.6% 4.3% 4.1% 3.9%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201001051400.pktlen.png)
detailed numbers
[ 32- 63]: 4883413
[ 64- 127]: 4538231
[ 128- 255]: 779682
[ 256- 511]: 509067
[ 512- 1023]: 498836
[ 1024- 2047]: 6915797
Protocol Breakdown
![[protocol breakdown chart]](201001051400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 18125026 (100.00%) 11426780213 (100.00%) 630.44
ip 18096256 ( 99.84%) 11420142923 ( 99.94%) 631.08
tcp 15353000 ( 84.71%) 10535043872 ( 92.20%) 686.19
http(s) 6005022 ( 33.13%) 7558852800 ( 66.15%) 1258.76
http(c) 4359594 ( 24.05%) 772552312 ( 6.76%) 177.21
squid 865941 ( 4.78%) 145412602 ( 1.27%) 167.92
smtp 303888 ( 1.68%) 134422383 ( 1.18%) 442.34
nntp 50 ( 0.00%) 3999 ( 0.00%) 79.98
ftp 32663 ( 0.18%) 3710864 ( 0.03%) 113.61
pop3 24257 ( 0.13%) 12926946 ( 0.11%) 532.92
imap 2394 ( 0.01%) 1205583 ( 0.01%) 503.59
telnet 705 ( 0.00%) 50446 ( 0.00%) 71.55
ssh 78230 ( 0.43%) 15170937 ( 0.13%) 193.93
dns 26811 ( 0.15%) 1928045 ( 0.02%) 71.91
bgp 137 ( 0.00%) 44784 ( 0.00%) 326.89
napster 26 ( 0.00%) 1953 ( 0.00%) 75.12
realaud 286 ( 0.00%) 215595 ( 0.00%) 753.83
rtsp 17899 ( 0.10%) 17178680 ( 0.15%) 959.76
icecast 10981 ( 0.06%) 697344 ( 0.01%) 63.50
hotline 1 ( 0.00%) 62 ( 0.00%) 62.00
other 3624110 ( 20.00%) 1870668237 ( 16.37%) 516.17
udp 2244511 ( 12.38%) 837706524 ( 7.33%) 373.22
dns 1096266 ( 6.05%) 168177907 ( 1.47%) 153.41
realaud 2746 ( 0.02%) 165074 ( 0.00%) 60.11
halflif 74 ( 0.00%) 6024 ( 0.00%) 81.41
starcra 90 ( 0.00%) 16973 ( 0.00%) 188.59
everque 192 ( 0.00%) 28681 ( 0.00%) 149.38
unreal 43 ( 0.00%) 7723 ( 0.00%) 179.60
quake 23 ( 0.00%) 2301 ( 0.00%) 100.04
cuseeme 2 ( 0.00%) 216 ( 0.00%) 108.00
other 1144635 ( 6.32%) 669176197 ( 5.86%) 584.62
icmp 396235 ( 2.19%) 32095304 ( 0.28%) 81.00
ipip 339 ( 0.00%) 41596 ( 0.00%) 122.70
ipsec 1258 ( 0.01%) 426236 ( 0.00%) 338.82
ip6 58235 ( 0.32%) 9116579 ( 0.08%) 156.55
other 42678 ( 0.24%) 5712812 ( 0.05%) 133.86
frag 1924 ( 0.01%) 1699686 ( 0.01%) 883.41
ip6 28770 ( 0.16%) 6637290 ( 0.06%) 230.70
tcp6 7378 ( 0.04%) 1800393 ( 0.02%) 244.02
http(s) 41 ( 0.00%) 19941 ( 0.00%) 486.37
http(c) 3319 ( 0.02%) 298932 ( 0.00%) 90.07
smtp 804 ( 0.00%) 348166 ( 0.00%) 433.04
ssh 1956 ( 0.01%) 1012712 ( 0.01%) 517.75
dns 4 ( 0.00%) 1688 ( 0.00%) 422.00
bgp 120 ( 0.00%) 15096 ( 0.00%) 125.80
other 1134 ( 0.01%) 103858 ( 0.00%) 91.59
udp6 16657 ( 0.09%) 4222315 ( 0.04%) 253.49
dns 16641 ( 0.09%) 4220555 ( 0.04%) 253.62
other 16 ( 0.00%) 1760 ( 0.00%) 110.00
icmp6 4644 ( 0.03%) 539903 ( 0.00%) 116.26
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 61 ( 0.00%) 70599 ( 0.00%) 1157.36
tcpdump file: 201001051400.dump.gz (461.43 MB)