Traffic Trace Info
DumpFile: 201001221400.dump
FileSize: 2586.51MB
Id: 201001221400
StartTime: Fri Jan 22 14:00:01 2010
EndTime: Fri Jan 22 14:15:01 2010
TotalTime: 899.60 seconds
TotalCapSize: 2013.25MB CapLen: 96 bytes
# of packets: 37568877 (23606.59MB)
AvgRate: 220.14Mbps stddev:21.95M
IP flow (unique src/dst pair) Information
# of flows: 1045359 (avg. 35.94 pkts/flow)
Top 10 big flow size (bytes/total in %):
5.2% 4.4% 3.4% 1.9% 1.3% 0.9% 0.9% 0.8% 0.8% 0.7%
IP address Information
# of IPv4 addresses: 617578
Top 10 bandwidth usage (bytes/total in %):
25.2% 5.7% 5.4% 4.8% 3.4% 3.4% 3.4% 2.8% 2.7% 2.1%
# of IPv6 addresses: 916
Top 10 bandwidth usage (bytes/total in %):
34.4% 32.0% 24.3% 24.2% 5.0% 3.4% 2.8% 2.4% 2.3% 2.2%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201001221400.pktlen.png)
detailed numbers
[ 32- 63]: 5746512
[ 64- 127]: 12442328
[ 128- 255]: 1548656
[ 256- 511]: 1269607
[ 512- 1023]: 1337575
[ 1024- 2047]: 15224199
Protocol Breakdown
![[protocol breakdown chart]](201001221400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 37568877 (100.00%) 24753299682 (100.00%) 658.88
ip 37511391 ( 99.85%) 24742464620 ( 99.96%) 659.60
tcp 24149395 ( 64.28%) 16590629305 ( 67.02%) 687.00
http(s) 9733956 ( 25.91%) 12207536579 ( 49.32%) 1254.12
http(c) 7826819 ( 20.83%) 1161353951 ( 4.69%) 148.38
squid 489352 ( 1.30%) 127912016 ( 0.52%) 261.39
smtp 237188 ( 0.63%) 86594467 ( 0.35%) 365.09
ftp 33988 ( 0.09%) 3137634 ( 0.01%) 92.32
pop3 27663 ( 0.07%) 17508059 ( 0.07%) 632.91
imap 2724 ( 0.01%) 381472 ( 0.00%) 140.04
telnet 1540 ( 0.00%) 98803 ( 0.00%) 64.16
ssh 929371 ( 2.47%) 203504837 ( 0.82%) 218.97
dns 47440 ( 0.13%) 6876302 ( 0.03%) 144.95
bgp 142 ( 0.00%) 41821 ( 0.00%) 294.51
napster 179 ( 0.00%) 59835 ( 0.00%) 334.27
realaud 38 ( 0.00%) 3444 ( 0.00%) 90.63
rtsp 71672 ( 0.19%) 31466311 ( 0.13%) 439.03
icecast 19975 ( 0.05%) 1272226 ( 0.01%) 63.69
hotline 19 ( 0.00%) 1543 ( 0.00%) 81.21
other 4727268 ( 12.58%) 2742869855 ( 11.08%) 580.22
udp 11441034 ( 30.45%) 7350017527 ( 29.69%) 642.43
dns 905698 ( 2.41%) 136351427 ( 0.55%) 150.55
rip 2 ( 0.00%) 285 ( 0.00%) 142.50
realaud 39 ( 0.00%) 6282 ( 0.00%) 161.08
halflif 4688 ( 0.01%) 340267 ( 0.00%) 72.58
starcra 148 ( 0.00%) 26464 ( 0.00%) 178.81
everque 271 ( 0.00%) 50726 ( 0.00%) 187.18
unreal 96 ( 0.00%) 17971 ( 0.00%) 187.20
quake 26 ( 0.00%) 2903 ( 0.00%) 111.65
cuseeme 11 ( 0.00%) 1109 ( 0.00%) 100.82
other 10526736 ( 28.02%) 7212941217 ( 29.14%) 685.20
icmp 567547 ( 1.51%) 80021019 ( 0.32%) 140.99
ipip 323 ( 0.00%) 41286 ( 0.00%) 127.82
ipsec 2106 ( 0.01%) 938292 ( 0.00%) 445.53
ip6 1211650 ( 3.23%) 671369979 ( 2.71%) 554.10
other 139336 ( 0.37%) 49447212 ( 0.20%) 354.88
frag 12584 ( 0.03%) 9846138 ( 0.04%) 782.43
ip6 57486 ( 0.15%) 10835062 ( 0.04%) 188.48
tcp6 37818 ( 0.10%) 3982420 ( 0.02%) 105.30
http(s) 335 ( 0.00%) 226496 ( 0.00%) 676.11
http(c) 6426 ( 0.02%) 588421 ( 0.00%) 91.57
smtp 277 ( 0.00%) 127367 ( 0.00%) 459.81
ssh 29 ( 0.00%) 3182 ( 0.00%) 109.72
dns 277 ( 0.00%) 70339 ( 0.00%) 253.93
bgp 128 ( 0.00%) 18223 ( 0.00%) 142.37
other 30346 ( 0.08%) 2948392 ( 0.01%) 97.16
udp6 11882 ( 0.03%) 2805135 ( 0.01%) 236.08
dns 11855 ( 0.03%) 2801661 ( 0.01%) 236.33
other 27 ( 0.00%) 3474 ( 0.00%) 128.67
icmp6 7727 ( 0.02%) 4013922 ( 0.02%) 519.47
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 29 ( 0.00%) 29505 ( 0.00%) 1017.41
tcpdump file: 201001221400.dump.gz (893.39 MB)