Traffic Trace Info
DumpFile: 201001281400.dump
FileSize: 1966.80MB
Id: 201001281400
StartTime: Thu Jan 28 14:00:00 2010
EndTime: Thu Jan 28 14:15:00 2010
TotalTime: 900.01 seconds
TotalCapSize: 1533.52MB CapLen: 96 bytes
# of packets: 28394640 (17577.28MB)
AvgRate: 163.84Mbps stddev:21.94M
IP flow (unique src/dst pair) Information
# of flows: 956528 (avg. 29.69 pkts/flow)
Top 10 big flow size (bytes/total in %):
4.1% 1.7% 1.4% 1.1% 1.1% 1.0% 1.0% 1.0% 0.8% 0.8%
IP address Information
# of IPv4 addresses: 561674
Top 10 bandwidth usage (bytes/total in %):
15.6% 4.3% 4.2% 4.0% 3.9% 2.8% 2.7% 2.6% 2.5% 2.5%
# of IPv6 addresses: 916
Top 10 bandwidth usage (bytes/total in %):
66.8% 57.3% 17.1% 15.2% 9.6% 2.7% 2.4% 2.2% 1.8% 0.9%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201001281400.pktlen.png)
detailed numbers
[ 32- 63]: 5176110
[ 64- 127]: 8397774
[ 128- 255]: 1142039
[ 256- 511]: 1300245
[ 512- 1023]: 1117482
[ 1024- 2047]: 11260990
Protocol Breakdown
![[protocol breakdown chart]](201001281400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 28394640 (100.00%) 18431119178 (100.00%) 649.11
ip 28291389 ( 99.64%) 18388248676 ( 99.77%) 649.96
tcp 18775553 ( 66.12%) 13282144249 ( 72.06%) 707.42
http(s) 7310872 ( 25.75%) 9427716760 ( 51.15%) 1289.55
http(c) 5586397 ( 19.67%) 729578521 ( 3.96%) 130.60
squid 489079 ( 1.72%) 97946392 ( 0.53%) 200.27
smtp 268916 ( 0.95%) 141234140 ( 0.77%) 525.20
ftp 36228 ( 0.13%) 9448682 ( 0.05%) 260.81
pop3 30787 ( 0.11%) 21925921 ( 0.12%) 712.18
imap 3009 ( 0.01%) 1235997 ( 0.01%) 410.77
telnet 4629 ( 0.02%) 341498 ( 0.00%) 73.77
ssh 29762 ( 0.10%) 14759502 ( 0.08%) 495.92
dns 65514 ( 0.23%) 8042186 ( 0.04%) 122.76
bgp 210 ( 0.00%) 97797 ( 0.00%) 465.70
napster 5 ( 0.00%) 308 ( 0.00%) 61.60
realaud 13 ( 0.00%) 1844 ( 0.00%) 141.85
rtsp 109013 ( 0.38%) 70706612 ( 0.38%) 648.61
icecast 17949 ( 0.06%) 15617989 ( 0.08%) 870.13
hotline 21 ( 0.00%) 2352 ( 0.00%) 112.00
other 4823143 ( 16.99%) 2743487388 ( 14.89%) 568.82
udp 7882342 ( 27.76%) 4284796078 ( 23.25%) 543.59
dns 1169912 ( 4.12%) 171442631 ( 0.93%) 146.54
realaud 54802 ( 0.19%) 17754182 ( 0.10%) 323.97
halflif 91 ( 0.00%) 15232 ( 0.00%) 167.38
starcra 187 ( 0.00%) 31240 ( 0.00%) 167.06
everque 2015 ( 0.01%) 1026909 ( 0.01%) 509.63
unreal 62 ( 0.00%) 11339 ( 0.00%) 182.89
quake 19 ( 0.00%) 1996 ( 0.00%) 105.05
cuseeme 6 ( 0.00%) 682 ( 0.00%) 113.67
other 6654042 ( 23.43%) 4094377624 ( 22.21%) 615.32
icmp 608412 ( 2.14%) 90495991 ( 0.49%) 148.74
ipip 317 ( 0.00%) 38302 ( 0.00%) 120.83
ipsec 2799 ( 0.01%) 1035114 ( 0.01%) 369.82
ip6 1013501 ( 3.57%) 728018951 ( 3.95%) 718.32
other 8465 ( 0.03%) 1719991 ( 0.01%) 203.19
frag 6818 ( 0.02%) 5101436 ( 0.03%) 748.23
ip6 103251 ( 0.36%) 42870502 ( 0.23%) 415.21
tcp6 77989 ( 0.27%) 38051779 ( 0.21%) 487.91
http(s) 5981 ( 0.02%) 7415103 ( 0.04%) 1239.78
http(c) 3600 ( 0.01%) 325506 ( 0.00%) 90.42
smtp 164 ( 0.00%) 63079 ( 0.00%) 384.63
ssh 12 ( 0.00%) 1736 ( 0.00%) 144.67
dns 10 ( 0.00%) 2802 ( 0.00%) 280.20
bgp 280 ( 0.00%) 33098 ( 0.00%) 118.21
other 67942 ( 0.24%) 30210455 ( 0.16%) 444.65
udp6 21105 ( 0.07%) 4316803 ( 0.02%) 204.54
dns 21074 ( 0.07%) 4311021 ( 0.02%) 204.57
everque 1 ( 0.00%) 104 ( 0.00%) 104.00
cuseeme 1 ( 0.00%) 104 ( 0.00%) 104.00
other 29 ( 0.00%) 5574 ( 0.00%) 192.21
icmp6 4059 ( 0.01%) 423714 ( 0.00%) 104.39
pim6 31 ( 0.00%) 4216 ( 0.00%) 136.00
other6 67 ( 0.00%) 73990 ( 0.00%) 1104.33
tcpdump file: 201001281400.dump.gz (702.80 MB)