Traffic Trace Info
DumpFile: 201001261400.dump
FileSize: 2244.55MB
Id: 201001261400
StartTime: Tue Jan 26 14:00:01 2010
EndTime: Tue Jan 26 14:15:01 2010
TotalTime: 900.07 seconds
TotalCapSize: 1748.63MB CapLen: 96 bytes
# of packets: 32500127 (20051.66MB)
AvgRate: 186.88Mbps stddev:20.07M
IP flow (unique src/dst pair) Information
# of flows: 972720 (avg. 33.41 pkts/flow)
Top 10 big flow size (bytes/total in %):
1.5% 1.2% 1.1% 1.1% 1.0% 1.0% 1.0% 0.9% 0.9% 0.9%
IP address Information
# of IPv4 addresses: 567172
Top 10 bandwidth usage (bytes/total in %):
15.0% 4.2% 3.6% 3.2% 2.7% 2.7% 2.6% 2.4% 2.3% 2.3%
# of IPv6 addresses: 894
Top 10 bandwidth usage (bytes/total in %):
93.1% 93.1% 1.1% 0.9% 0.9% 0.4% 0.4% 0.4% 0.4% 0.3%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201001261400.pktlen.png)
detailed numbers
[ 32- 63]: 6779199
[ 64- 127]: 9120592
[ 128- 255]: 1460679
[ 256- 511]: 1247495
[ 512- 1023]: 851340
[ 1024- 2047]: 13040822
Protocol Breakdown
![[protocol breakdown chart]](201001261400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 32500127 (100.00%) 21025688745 (100.00%) 646.94
ip 32386784 ( 99.65%) 20920262045 ( 99.50%) 645.95
tcp 22609258 ( 69.57%) 15856186861 ( 75.41%) 701.31
http(s) 7857842 ( 24.18%) 10288849347 ( 48.93%) 1309.37
http(c) 7166873 ( 22.05%) 1058660224 ( 5.04%) 147.72
squid 635897 ( 1.96%) 119776565 ( 0.57%) 188.36
smtp 297343 ( 0.91%) 169046448 ( 0.80%) 568.52
nntp 6 ( 0.00%) 360 ( 0.00%) 60.00
ftp 32828 ( 0.10%) 5732938 ( 0.03%) 174.64
pop3 26702 ( 0.08%) 13841354 ( 0.07%) 518.36
imap 17544 ( 0.05%) 2871276 ( 0.01%) 163.66
telnet 4534 ( 0.01%) 337791 ( 0.00%) 74.50
ssh 37430 ( 0.12%) 12824092 ( 0.06%) 342.62
dns 49457 ( 0.15%) 6884638 ( 0.03%) 139.20
bgp 145 ( 0.00%) 53717 ( 0.00%) 370.46
napster 330 ( 0.00%) 238757 ( 0.00%) 723.51
realaud 36 ( 0.00%) 4728 ( 0.00%) 131.33
rtsp 49534 ( 0.15%) 17855068 ( 0.08%) 360.46
icecast 6096 ( 0.02%) 449342 ( 0.00%) 73.71
other 6426658 ( 19.77%) 4158760036 ( 19.78%) 647.11
udp 8263059 ( 25.42%) 4450784246 ( 21.17%) 538.64
dns 941568 ( 2.90%) 138297664 ( 0.66%) 146.88
rip 1 ( 0.00%) 105 ( 0.00%) 105.00
realaud 74 ( 0.00%) 11075 ( 0.00%) 149.66
halflif 116 ( 0.00%) 12394 ( 0.00%) 106.84
starcra 196 ( 0.00%) 32949 ( 0.00%) 168.11
everque 4532 ( 0.01%) 1089757 ( 0.01%) 240.46
unreal 122 ( 0.00%) 23201 ( 0.00%) 190.17
quake 27 ( 0.00%) 3879 ( 0.00%) 143.67
cuseeme 8 ( 0.00%) 685 ( 0.00%) 85.62
other 7316292 ( 22.51%) 4311202023 ( 20.50%) 589.26
icmp 501373 ( 1.54%) 37139520 ( 0.18%) 74.08
ipip 331 ( 0.00%) 39708 ( 0.00%) 119.96
ipsec 2069 ( 0.01%) 887742 ( 0.00%) 429.07
ip6 969763 ( 2.98%) 567320249 ( 2.70%) 585.01
other 40931 ( 0.13%) 7903719 ( 0.04%) 193.10
frag 3436 ( 0.01%) 3503403 ( 0.02%) 1019.62
ip6 113343 ( 0.35%) 105426700 ( 0.50%) 930.16
tcp6 89148 ( 0.27%) 100943981 ( 0.48%) 1132.32
http(s) 1277 ( 0.00%) 1403979 ( 0.01%) 1099.44
http(c) 3546 ( 0.01%) 321996 ( 0.00%) 90.81
smtp 77 ( 0.00%) 25196 ( 0.00%) 327.22
ftp 48 ( 0.00%) 4002 ( 0.00%) 83.38
ssh 40 ( 0.00%) 4144 ( 0.00%) 103.60
dns 36 ( 0.00%) 15935 ( 0.00%) 442.64
bgp 149 ( 0.00%) 65174 ( 0.00%) 437.41
other 83975 ( 0.26%) 99103555 ( 0.47%) 1180.16
udp6 18440 ( 0.06%) 3825813 ( 0.02%) 207.47
dns 18421 ( 0.06%) 3822750 ( 0.02%) 207.52
other 19 ( 0.00%) 3063 ( 0.00%) 161.21
icmp6 5708 ( 0.02%) 636362 ( 0.00%) 111.49
pim6 29 ( 0.00%) 3944 ( 0.00%) 136.00
other6 18 ( 0.00%) 16600 ( 0.00%) 922.22
tcpdump file: 201001261400.dump.gz (789.93 MB)