Traffic Trace Info
DumpFile: 201001091400.dump
FileSize: 1504.05MB
Id: 201001091400
StartTime: Sat Jan 9 14:00:01 2010
EndTime: Sat Jan 9 14:15:00 2010
TotalTime: 899.38 seconds
TotalCapSize: 1175.77MB CapLen: 96 bytes
# of packets: 21513995 (13442.10MB)
AvgRate: 125.38Mbps stddev:14.63M
IP flow (unique src/dst pair) Information
# of flows: 815855 (avg. 26.37 pkts/flow)
Top 10 big flow size (bytes/total in %):
4.0% 2.8% 2.2% 1.9% 1.7% 1.6% 1.5% 1.5% 1.4% 1.3%
IP address Information
# of IPv4 addresses: 506762
Top 10 bandwidth usage (bytes/total in %):
10.9% 4.2% 3.9% 3.9% 3.6% 3.2% 2.9% 2.6% 2.5% 2.4%
# of IPv6 addresses: 877
Top 10 bandwidth usage (bytes/total in %):
15.8% 11.7% 8.4% 8.0% 7.8% 6.8% 6.5% 6.0% 5.6% 4.2%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201001091400.pktlen.png)
detailed numbers
[ 32- 63]: 5573014
[ 64- 127]: 5340899
[ 128- 255]: 760380
[ 256- 511]: 649049
[ 512- 1023]: 447811
[ 1024- 2047]: 8742842
Protocol Breakdown
![[protocol breakdown chart]](201001091400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 21513995 (100.00%) 14095065512 (100.00%) 655.16
ip 21474985 ( 99.82%) 14088931925 ( 99.96%) 656.06
tcp 17756604 ( 82.54%) 12631691812 ( 89.62%) 711.38
http(s) 6115833 ( 28.43%) 8199786839 ( 58.17%) 1340.75
http(c) 4761336 ( 22.13%) 1035027600 ( 7.34%) 217.38
squid 586320 ( 2.73%) 95385419 ( 0.68%) 162.68
smtp 253786 ( 1.18%) 73387358 ( 0.52%) 289.17
nntp 9 ( 0.00%) 544 ( 0.00%) 60.44
ftp 77334 ( 0.36%) 10685969 ( 0.08%) 138.18
pop3 20015 ( 0.09%) 14530959 ( 0.10%) 726.00
imap 2622 ( 0.01%) 2367522 ( 0.02%) 902.95
telnet 7065 ( 0.03%) 687610 ( 0.00%) 97.33
ssh 23375 ( 0.11%) 3171237 ( 0.02%) 135.67
dns 17971 ( 0.08%) 4762460 ( 0.03%) 265.01
bgp 161 ( 0.00%) 59386 ( 0.00%) 368.86
napster 152 ( 0.00%) 35456 ( 0.00%) 233.26
realaud 11 ( 0.00%) 662 ( 0.00%) 60.18
rtsp 289383 ( 1.35%) 182898383 ( 1.30%) 632.03
icecast 429 ( 0.00%) 48421 ( 0.00%) 112.87
hotline 1 ( 0.00%) 62 ( 0.00%) 62.00
other 5600798 ( 26.03%) 3008855745 ( 21.35%) 537.22
udp 3123505 ( 14.52%) 1407240106 ( 9.98%) 450.53
dns 877494 ( 4.08%) 127912594 ( 0.91%) 145.77
realaud 3887 ( 0.02%) 236999 ( 0.00%) 60.97
halflif 308 ( 0.00%) 20750 ( 0.00%) 67.37
starcra 51 ( 0.00%) 7139 ( 0.00%) 139.98
everque 213 ( 0.00%) 43818 ( 0.00%) 205.72
unreal 23 ( 0.00%) 4873 ( 0.00%) 211.87
quake 33 ( 0.00%) 2956 ( 0.00%) 89.58
cuseeme 4 ( 0.00%) 313 ( 0.00%) 78.25
other 2241380 ( 10.42%) 1278911595 ( 9.07%) 570.59
icmp 535368 ( 2.49%) 40446245 ( 0.29%) 75.55
ipip 335 ( 0.00%) 40992 ( 0.00%) 122.36
ipsec 2649 ( 0.01%) 1759334 ( 0.01%) 664.15
ip6 55797 ( 0.26%) 7665982 ( 0.05%) 137.39
other 727 ( 0.00%) 87454 ( 0.00%) 120.29
frag 2442 ( 0.01%) 2111234 ( 0.01%) 864.55
ip6 39010 ( 0.18%) 6133587 ( 0.04%) 157.23
tcp6 22790 ( 0.11%) 2533673 ( 0.02%) 111.17
http(s) 23 ( 0.00%) 15421 ( 0.00%) 670.48
http(c) 3627 ( 0.02%) 325581 ( 0.00%) 89.77
smtp 1106 ( 0.01%) 593934 ( 0.00%) 537.01
ftp 5580 ( 0.03%) 572238 ( 0.00%) 102.55
pop3 1752 ( 0.01%) 130593 ( 0.00%) 74.54
ssh 5261 ( 0.02%) 397046 ( 0.00%) 75.47
dns 13 ( 0.00%) 2926 ( 0.00%) 225.08
bgp 109 ( 0.00%) 13603 ( 0.00%) 124.80
other 5319 ( 0.02%) 482331 ( 0.00%) 90.68
udp6 11749 ( 0.05%) 3038837 ( 0.02%) 258.65
dns 11733 ( 0.05%) 3036677 ( 0.02%) 258.82
other 16 ( 0.00%) 2160 ( 0.00%) 135.00
icmp6 4407 ( 0.02%) 519848 ( 0.00%) 117.96
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 34 ( 0.00%) 37149 ( 0.00%) 1092.62
tcpdump file: 201001091400.dump.gz (532.54 MB)