Traffic Trace Info
DumpFile: 201002221400.dump
FileSize: 1983.43MB
Id: 201002221400
StartTime: Mon Feb 22 14:00:01 2010
EndTime: Mon Feb 22 14:15:01 2010
TotalTime: 900.07 seconds
TotalCapSize: 1536.38MB CapLen: 96 bytes
# of packets: 29297587 (15801.33MB)
AvgRate: 147.26Mbps stddev:11.77M
IP flow (unique src/dst pair) Information
# of flows: 866951 (avg. 33.79 pkts/flow)
Top 10 big flow size (bytes/total in %):
2.3% 1.8% 1.3% 1.2% 1.1% 1.0% 1.0% 0.9% 0.9% 0.9%
IP address Information
# of IPv4 addresses: 514826
Top 10 bandwidth usage (bytes/total in %):
26.3% 6.2% 4.7% 3.4% 2.6% 2.5% 2.5% 2.5% 2.4% 2.3%
# of IPv6 addresses: 896
Top 10 bandwidth usage (bytes/total in %):
28.5% 5.5% 5.0% 5.0% 4.2% 3.6% 3.2% 3.1% 3.1% 3.0%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201002221400.pktlen.png)
detailed numbers
[ 32- 63]: 5152383
[ 64- 127]: 9130790
[ 128- 255]: 2252479
[ 256- 511]: 2170104
[ 512- 1023]: 882856
[ 1024- 2047]: 9708975
Protocol Breakdown
![[protocol breakdown chart]](201002221400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 29297587 (100.00%) 16568890613 (100.00%) 565.54
ip 29265916 ( 99.89%) 16562535545 ( 99.96%) 565.93
tcp 16069877 ( 54.85%) 9884939236 ( 59.66%) 615.12
http(s) 5205465 ( 17.77%) 6645585922 ( 40.11%) 1276.66
http(c) 4407760 ( 15.04%) 759958879 ( 4.59%) 172.41
squid 685132 ( 2.34%) 119820941 ( 0.72%) 174.89
smtp 269258 ( 0.92%) 63221676 ( 0.38%) 234.80
nntp 3 ( 0.00%) 186 ( 0.00%) 62.00
ftp 14412 ( 0.05%) 1559150 ( 0.01%) 108.18
pop3 24693 ( 0.08%) 15428607 ( 0.09%) 624.82
imap 4399 ( 0.02%) 2171135 ( 0.01%) 493.55
telnet 15925 ( 0.05%) 1176658 ( 0.01%) 73.89
ssh 731112 ( 2.50%) 128555345 ( 0.78%) 175.84
dns 62799 ( 0.21%) 4278995 ( 0.03%) 68.14
bgp 135 ( 0.00%) 44128 ( 0.00%) 326.87
napster 59 ( 0.00%) 4836 ( 0.00%) 81.97
rtsp 266976 ( 0.91%) 25230634 ( 0.15%) 94.51
icecast 50952 ( 0.17%) 17669211 ( 0.11%) 346.78
other 4330794 ( 14.78%) 2100232753 ( 12.68%) 484.95
udp 10509888 ( 35.87%) 5282748283 ( 31.88%) 502.65
dns 936085 ( 3.20%) 141795356 ( 0.86%) 151.48
rip 8 ( 0.00%) 600 ( 0.00%) 75.00
realaud 1222 ( 0.00%) 75601 ( 0.00%) 61.87
halflif 52 ( 0.00%) 7363 ( 0.00%) 141.60
starcra 162 ( 0.00%) 19036 ( 0.00%) 117.51
everque 199 ( 0.00%) 45420 ( 0.00%) 228.24
unreal 30 ( 0.00%) 3768 ( 0.00%) 125.60
quake 26 ( 0.00%) 2481 ( 0.00%) 95.42
cuseeme 5 ( 0.00%) 484 ( 0.00%) 96.80
other 9571925 ( 32.67%) 5140709134 ( 31.03%) 537.06
icmp 495628 ( 1.69%) 38150723 ( 0.23%) 76.97
ipip 340 ( 0.00%) 41382 ( 0.00%) 121.71
ipsec 343081 ( 1.17%) 319365946 ( 1.93%) 930.88
ip6 1843216 ( 6.29%) 1036716474 ( 6.26%) 562.45
other 3886 ( 0.01%) 573501 ( 0.00%) 147.58
frag 1740 ( 0.01%) 1526175 ( 0.01%) 877.11
ip6 31671 ( 0.11%) 6355068 ( 0.04%) 200.66
tcp6 6232 ( 0.02%) 1573958 ( 0.01%) 252.56
http(s) 669 ( 0.00%) 810047 ( 0.00%) 1210.83
http(c) 2243 ( 0.01%) 205253 ( 0.00%) 91.51
smtp 336 ( 0.00%) 135933 ( 0.00%) 404.56
ssh 584 ( 0.00%) 181104 ( 0.00%) 310.11
dns 24 ( 0.00%) 8101 ( 0.00%) 337.54
bgp 125 ( 0.00%) 16346 ( 0.00%) 130.77
other 2251 ( 0.01%) 217174 ( 0.00%) 96.48
udp6 22476 ( 0.08%) 4383813 ( 0.03%) 195.04
dns 22452 ( 0.08%) 4378661 ( 0.03%) 195.02
other 24 ( 0.00%) 5152 ( 0.00%) 214.67
icmp6 2887 ( 0.01%) 348318 ( 0.00%) 120.65
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 46 ( 0.00%) 44899 ( 0.00%) 976.07
tcpdump file: 201002221400.dump.gz (736.52 MB)