Traffic Trace Info
DumpFile: 201001161400.dump
FileSize: 1341.73MB
Id: 201001161400
StartTime: Sat Jan 16 14:00:01 2010
EndTime: Sat Jan 16 14:15:01 2010
TotalTime: 900.28 seconds
TotalCapSize: 1050.92MB CapLen: 96 bytes
# of packets: 19057987 (11771.46MB)
AvgRate: 109.68Mbps stddev:12.57M
IP flow (unique src/dst pair) Information
# of flows: 839275 (avg. 22.71 pkts/flow)
Top 10 big flow size (bytes/total in %):
2.4% 2.1% 1.8% 1.8% 1.6% 1.5% 1.5% 1.5% 1.3% 1.1%
IP address Information
# of IPv4 addresses: 502049
Top 10 bandwidth usage (bytes/total in %):
7.4% 4.0% 3.6% 3.3% 3.0% 2.9% 2.9% 2.5% 2.4% 2.4%
# of IPv6 addresses: 842
Top 10 bandwidth usage (bytes/total in %):
34.3% 34.1% 9.2% 4.4% 4.1% 3.8% 3.7% 3.5% 3.4% 3.4%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201001161400.pktlen.png)
detailed numbers
[ 32- 63]: 4362717
[ 64- 127]: 5170455
[ 128- 255]: 873280
[ 256- 511]: 540674
[ 512- 1023]: 541881
[ 1024- 2047]: 7568980
Protocol Breakdown
![[protocol breakdown chart]](201001161400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 19057987 (100.00%) 12343268012 (100.00%) 647.67
ip 19018407 ( 99.79%) 12336978087 ( 99.95%) 648.69
tcp 14980344 ( 78.60%) 10756431032 ( 87.14%) 718.04
http(s) 5267904 ( 27.64%) 6984534355 ( 56.59%) 1325.87
http(c) 3606885 ( 18.93%) 395537455 ( 3.20%) 109.66
squid 380205 ( 1.99%) 118825176 ( 0.96%) 312.53
smtp 141706 ( 0.74%) 41562816 ( 0.34%) 293.30
nntp 82 ( 0.00%) 7249 ( 0.00%) 88.40
ftp 41970 ( 0.22%) 6222224 ( 0.05%) 148.25
pop3 14991 ( 0.08%) 10358777 ( 0.08%) 691.00
imap 3472 ( 0.02%) 1290133 ( 0.01%) 371.58
telnet 3725 ( 0.02%) 277759 ( 0.00%) 74.57
ssh 46146 ( 0.24%) 11984326 ( 0.10%) 259.70
dns 47872 ( 0.25%) 6778535 ( 0.05%) 141.60
bgp 215 ( 0.00%) 105796 ( 0.00%) 492.07
napster 14484 ( 0.08%) 14870628 ( 0.12%) 1026.69
realaud 6 ( 0.00%) 997 ( 0.00%) 166.17
rtsp 26368 ( 0.14%) 12383210 ( 0.10%) 469.63
icecast 442 ( 0.00%) 47250 ( 0.00%) 106.90
hotline 1 ( 0.00%) 60 ( 0.00%) 60.00
other 5383867 ( 28.25%) 3151644106 ( 25.53%) 585.39
udp 2926555 ( 15.36%) 1222574532 ( 9.90%) 417.75
dns 802182 ( 4.21%) 116307465 ( 0.94%) 144.99
realaud 378 ( 0.00%) 23952 ( 0.00%) 63.37
halflif 78 ( 0.00%) 6933 ( 0.00%) 88.88
starcra 149 ( 0.00%) 26098 ( 0.00%) 175.15
everque 129 ( 0.00%) 24930 ( 0.00%) 193.26
unreal 97 ( 0.00%) 17995 ( 0.00%) 185.52
quake 24 ( 0.00%) 3313 ( 0.00%) 138.04
cuseeme 9 ( 0.00%) 1047 ( 0.00%) 116.33
other 2123396 ( 11.14%) 1106102091 ( 8.96%) 520.91
icmp 664724 ( 3.49%) 49895050 ( 0.40%) 75.06
ipip 332 ( 0.00%) 42309 ( 0.00%) 127.44
ipsec 130 ( 0.00%) 40348 ( 0.00%) 310.37
ip6 445629 ( 2.34%) 307909656 ( 2.49%) 690.96
other 693 ( 0.00%) 85160 ( 0.00%) 122.89
frag 1459 ( 0.01%) 1282771 ( 0.01%) 879.21
ip6 39580 ( 0.21%) 6289925 ( 0.05%) 158.92
tcp6 24441 ( 0.13%) 3143035 ( 0.03%) 128.60
http(s) 1580 ( 0.01%) 361216 ( 0.00%) 228.62
http(c) 3556 ( 0.02%) 322046 ( 0.00%) 90.56
smtp 110 ( 0.00%) 28960 ( 0.00%) 263.27
ftp 26 ( 0.00%) 2181 ( 0.00%) 83.88
ssh 25 ( 0.00%) 2838 ( 0.00%) 113.52
dns 520 ( 0.00%) 138144 ( 0.00%) 265.66
bgp 121 ( 0.00%) 18203 ( 0.00%) 150.44
other 18503 ( 0.10%) 2269447 ( 0.02%) 122.65
udp6 11599 ( 0.06%) 2700775 ( 0.02%) 232.85
dns 11580 ( 0.06%) 2698613 ( 0.02%) 233.04
other 19 ( 0.00%) 2162 ( 0.00%) 113.79
icmp6 3474 ( 0.02%) 403194 ( 0.00%) 116.06
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 36 ( 0.00%) 38841 ( 0.00%) 1078.92
tcpdump file: 201001161400.dump.gz (483.56 MB)