Traffic Trace Info
DumpFile: 201001141400.dump
FileSize: 2118.19MB
Id: 201001141400
StartTime: Thu Jan 14 14:00:01 2010
EndTime: Thu Jan 14 14:15:00 2010
TotalTime: 899.45 seconds
TotalCapSize: 1654.14MB CapLen: 96 bytes
# of packets: 30411677 (22769.43MB)
AvgRate: 212.32Mbps stddev:20.54M
IP flow (unique src/dst pair) Information
# of flows: 1132149 (avg. 26.86 pkts/flow)
Top 10 big flow size (bytes/total in %):
14.0% 4.7% 3.5% 3.3% 1.6% 1.1% 1.0% 1.0% 0.8% 0.8%
IP address Information
# of IPv4 addresses: 667632
Top 10 bandwidth usage (bytes/total in %):
21.6% 14.0% 9.2% 4.7% 4.7% 3.9% 3.5% 3.3% 2.9% 2.5%
# of IPv6 addresses: 991
Top 10 bandwidth usage (bytes/total in %):
12.9% 12.9% 10.4% 6.1% 5.9% 5.9% 4.2% 3.9% 3.6% 3.6%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201001141400.pktlen.png)
detailed numbers
[ 32- 63]: 6520306
[ 64- 127]: 6238549
[ 128- 255]: 1012628
[ 256- 511]: 739715
[ 512- 1023]: 1051015
[ 1024- 2047]: 14849464
Protocol Breakdown
![[protocol breakdown chart]](201001141400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 30411677 (100.00%) 23875475930 (100.00%) 785.08
ip 30378907 ( 99.89%) 23868008611 ( 99.97%) 785.68
tcp 25835616 ( 84.95%) 21957456065 ( 91.97%) 849.89
http(s) 10727771 ( 35.28%) 14642753964 ( 61.33%) 1364.94
http(c) 6207345 ( 20.41%) 839125775 ( 3.51%) 135.18
squid 350700 ( 1.15%) 126956277 ( 0.53%) 362.01
smtp 249515 ( 0.82%) 138911612 ( 0.58%) 556.73
ftp 39227 ( 0.13%) 4661235 ( 0.02%) 118.83
pop3 36625 ( 0.12%) 15126463 ( 0.06%) 413.01
imap 2563 ( 0.01%) 311250 ( 0.00%) 121.44
telnet 18094 ( 0.06%) 1339122 ( 0.01%) 74.01
ssh 84335 ( 0.28%) 14341830 ( 0.06%) 170.06
dns 50328 ( 0.17%) 6899322 ( 0.03%) 137.09
bgp 135 ( 0.00%) 39136 ( 0.00%) 289.90
napster 125 ( 0.00%) 19436 ( 0.00%) 155.49
realaud 495 ( 0.00%) 45071 ( 0.00%) 91.05
rtsp 127750 ( 0.42%) 67088941 ( 0.28%) 525.16
icecast 69597 ( 0.23%) 33242622 ( 0.14%) 477.64
hotline 19 ( 0.00%) 3234 ( 0.00%) 170.21
other 7870992 ( 25.88%) 6066590775 ( 25.41%) 770.75
udp 3802718 ( 12.50%) 1802713251 ( 7.55%) 474.06
dns 951921 ( 3.13%) 138773443 ( 0.58%) 145.78
realaud 37 ( 0.00%) 7673 ( 0.00%) 207.38
halflif 174 ( 0.00%) 15057 ( 0.00%) 86.53
starcra 874 ( 0.00%) 600662 ( 0.00%) 687.26
everque 356 ( 0.00%) 59014 ( 0.00%) 165.77
unreal 41 ( 0.00%) 6319 ( 0.00%) 154.12
quake 40 ( 0.00%) 4736 ( 0.00%) 118.40
cuseeme 4 ( 0.00%) 815 ( 0.00%) 203.75
other 2843261 ( 9.35%) 1662730128 ( 6.96%) 584.80
icmp 647972 ( 2.13%) 94589763 ( 0.40%) 145.98
ipip 317 ( 0.00%) 39470 ( 0.00%) 124.51
ipsec 58 ( 0.00%) 9372 ( 0.00%) 161.59
ip6 68414 ( 0.22%) 9851595 ( 0.04%) 144.00
other 23812 ( 0.08%) 3349095 ( 0.01%) 140.65
frag 41464 ( 0.14%) 31590785 ( 0.13%) 761.88
ip6 32770 ( 0.11%) 7467319 ( 0.03%) 227.87
tcp6 10128 ( 0.03%) 2494169 ( 0.01%) 246.26
http(s) 2281 ( 0.01%) 1409387 ( 0.01%) 617.88
http(c) 5197 ( 0.02%) 544740 ( 0.00%) 104.82
smtp 232 ( 0.00%) 65694 ( 0.00%) 283.16
ssh 47 ( 0.00%) 9894 ( 0.00%) 210.51
dns 1149 ( 0.00%) 301465 ( 0.00%) 262.37
bgp 113 ( 0.00%) 14367 ( 0.00%) 127.14
other 1109 ( 0.00%) 148622 ( 0.00%) 134.01
udp6 17377 ( 0.06%) 4312575 ( 0.02%) 248.18
dns 17349 ( 0.06%) 4309516 ( 0.02%) 248.40
other 28 ( 0.00%) 3059 ( 0.00%) 109.25
icmp6 5174 ( 0.02%) 591277 ( 0.00%) 114.28
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 61 ( 0.00%) 65218 ( 0.00%) 1069.15
tcpdump file: 201001141400.dump.gz (728.55 MB)