Traffic Trace Info
DumpFile: 201002261400.dump
FileSize: 2098.05MB
Id: 201002261400
StartTime: Fri Feb 26 14:00:01 2010
EndTime: Fri Feb 26 14:15:00 2010
TotalTime: 899.41 seconds
TotalCapSize: 1622.31MB CapLen: 96 bytes
# of packets: 31177940 (17221.27MB)
AvgRate: 160.63Mbps stddev:13.68M
IP flow (unique src/dst pair) Information
# of flows: 935455 (avg. 33.33 pkts/flow)
Top 10 big flow size (bytes/total in %):
5.5% 2.8% 2.3% 1.4% 1.3% 1.2% 1.1% 1.1% 1.0% 1.0%
IP address Information
# of IPv4 addresses: 552282
Top 10 bandwidth usage (bytes/total in %):
31.1% 7.6% 5.5% 5.5% 2.8% 2.8% 2.7% 2.6% 2.6% 2.4%
# of IPv6 addresses: 946
Top 10 bandwidth usage (bytes/total in %):
25.0% 21.3% 18.2% 18.2% 13.6% 7.2% 4.4% 3.6% 3.0% 2.9%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201002261400.pktlen.png)
detailed numbers
[ 32- 63]: 5026472
[ 64- 127]: 9886162
[ 128- 255]: 2630924
[ 256- 511]: 2144676
[ 512- 1023]: 733234
[ 1024- 2047]: 10756472
Protocol Breakdown
![[protocol breakdown chart]](201002261400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 31177940 (100.00%) 18057815496 (100.00%) 579.19
ip 31070819 ( 99.66%) 18044545891 ( 99.93%) 580.76
tcp 16065761 ( 51.53%) 10580949168 ( 58.59%) 658.60
http(s) 5019110 ( 16.10%) 6367229785 ( 35.26%) 1268.60
http(c) 3725732 ( 11.95%) 568368424 ( 3.15%) 152.55
squid 908786 ( 2.91%) 159000007 ( 0.88%) 174.96
smtp 233508 ( 0.75%) 92202823 ( 0.51%) 394.86
ftp 60181 ( 0.19%) 5801301 ( 0.03%) 96.40
pop3 19468 ( 0.06%) 13290007 ( 0.07%) 682.66
imap 2682 ( 0.01%) 418550 ( 0.00%) 156.06
telnet 22269 ( 0.07%) 1639282 ( 0.01%) 73.61
ssh 447093 ( 1.43%) 580862788 ( 3.22%) 1299.20
dns 61962 ( 0.20%) 4240239 ( 0.02%) 68.43
bgp 162 ( 0.00%) 61468 ( 0.00%) 379.43
napster 38 ( 0.00%) 19831 ( 0.00%) 521.87
realaud 26 ( 0.00%) 11962 ( 0.00%) 460.08
rtsp 111357 ( 0.36%) 7996916 ( 0.04%) 71.81
icecast 17177 ( 0.06%) 1162974 ( 0.01%) 67.71
hotline 6 ( 0.00%) 412 ( 0.00%) 68.67
other 5436203 ( 17.44%) 2778642339 ( 15.39%) 511.14
udp 12526839 ( 40.18%) 6422768500 ( 35.57%) 512.72
dns 896792 ( 2.88%) 138155335 ( 0.77%) 154.06
realaud 21 ( 0.00%) 2327 ( 0.00%) 110.81
halflif 108 ( 0.00%) 17965 ( 0.00%) 166.34
starcra 191 ( 0.00%) 25426 ( 0.00%) 133.12
everque 206 ( 0.00%) 55763 ( 0.00%) 270.69
unreal 371 ( 0.00%) 94328 ( 0.00%) 254.25
quake 43 ( 0.00%) 6845 ( 0.00%) 159.19
cuseeme 2 ( 0.00%) 165 ( 0.00%) 82.50
other 11601478 ( 37.21%) 6282221020 ( 34.79%) 541.50
icmp 542460 ( 1.74%) 41057202 ( 0.23%) 75.69
ipip 359 ( 0.00%) 45274 ( 0.00%) 126.11
ipsec 453 ( 0.00%) 84446 ( 0.00%) 186.42
ip6 1933435 ( 6.20%) 999384121 ( 5.53%) 516.90
other 1512 ( 0.00%) 257180 ( 0.00%) 170.09
frag 61878 ( 0.20%) 45973794 ( 0.25%) 742.97
ip6 107121 ( 0.34%) 13269605 ( 0.07%) 123.87
tcp6 79043 ( 0.25%) 7687058 ( 0.04%) 97.25
http(s) 268 ( 0.00%) 374245 ( 0.00%) 1396.44
http(c) 31552 ( 0.10%) 2736424 ( 0.02%) 86.73
squid 12 ( 0.00%) 948 ( 0.00%) 79.00
smtp 213 ( 0.00%) 96432 ( 0.00%) 452.73
ftp 5467 ( 0.02%) 564798 ( 0.00%) 103.31
ssh 3245 ( 0.01%) 275398 ( 0.00%) 84.87
dns 13 ( 0.00%) 1850 ( 0.00%) 142.31
bgp 123 ( 0.00%) 17794 ( 0.00%) 144.67
icecast 4 ( 0.00%) 296 ( 0.00%) 74.00
other 38146 ( 0.12%) 3618873 ( 0.02%) 94.87
udp6 22530 ( 0.07%) 4866356 ( 0.03%) 215.99
dns 22448 ( 0.07%) 4850688 ( 0.03%) 216.09
other 82 ( 0.00%) 15668 ( 0.00%) 191.07
icmp6 5458 ( 0.02%) 652095 ( 0.00%) 119.48
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 60 ( 0.00%) 60016 ( 0.00%) 1000.27
tcpdump file: 201002261400.dump.gz (765.94 MB)