Traffic Trace Info
DumpFile: 201003011400.dump
FileSize: 2015.26MB
Id: 201003011400
StartTime: Mon Mar 1 14:00:00 2010
EndTime: Mon Mar 1 14:15:00 2010
TotalTime: 899.65 seconds
TotalCapSize: 1559.00MB CapLen: 96 bytes
# of packets: 29900688 (15628.12MB)
AvgRate: 145.73Mbps stddev:11.95M
IP flow (unique src/dst pair) Information
# of flows: 979540 (avg. 30.53 pkts/flow)
Top 10 big flow size (bytes/total in %):
5.1% 2.6% 1.4% 1.4% 1.1% 1.0% 0.9% 0.7% 0.7% 0.6%
IP address Information
# of IPv4 addresses: 546275
Top 10 bandwidth usage (bytes/total in %):
27.6% 8.0% 5.4% 5.4% 3.6% 3.0% 2.6% 2.6% 2.3% 2.2%
# of IPv6 addresses: 975
Top 10 bandwidth usage (bytes/total in %):
13.7% 13.6% 12.7% 12.6% 12.5% 11.0% 11.0% 7.7% 7.7% 6.3%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201003011400.pktlen.png)
detailed numbers
[ 32- 63]: 4919255
[ 64- 127]: 9689530
[ 128- 255]: 2505894
[ 256- 511]: 2389714
[ 512- 1023]: 906376
[ 1024- 2047]: 9489919
Protocol Breakdown
![[protocol breakdown chart]](201003011400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 29900688 (100.00%) 16387274548 (100.00%) 548.06
ip 29834786 ( 99.78%) 16372813693 ( 99.91%) 548.78
tcp 14842429 ( 49.64%) 9017235043 ( 55.03%) 607.53
http(s) 4329602 ( 14.48%) 5539910331 ( 33.81%) 1279.54
http(c) 3491152 ( 11.68%) 429124764 ( 2.62%) 122.92
squid 781529 ( 2.61%) 137574874 ( 0.84%) 176.03
smtp 226296 ( 0.76%) 74858707 ( 0.46%) 330.80
nntp 1 ( 0.00%) 74 ( 0.00%) 74.00
ftp 88327 ( 0.30%) 11723004 ( 0.07%) 132.72
pop3 28849 ( 0.10%) 17353982 ( 0.11%) 601.55
imap 3088 ( 0.01%) 892627 ( 0.01%) 289.06
telnet 1877 ( 0.01%) 140899 ( 0.00%) 75.07
ssh 149641 ( 0.50%) 54096218 ( 0.33%) 361.51
dns 64670 ( 0.22%) 4397948 ( 0.03%) 68.01
bgp 149 ( 0.00%) 51882 ( 0.00%) 348.20
napster 98 ( 0.00%) 14089 ( 0.00%) 143.77
realaud 137 ( 0.00%) 13312 ( 0.00%) 97.17
rtsp 452643 ( 1.51%) 114833099 ( 0.70%) 253.69
icecast 7623 ( 0.03%) 501286 ( 0.00%) 65.76
hotline 1 ( 0.00%) 62 ( 0.00%) 62.00
other 5216740 ( 17.45%) 2631747525 ( 16.06%) 504.48
udp 11071625 ( 37.03%) 5105782080 ( 31.16%) 461.16
dns 1189892 ( 3.98%) 243884915 ( 1.49%) 204.96
realaud 2810 ( 0.01%) 169826 ( 0.00%) 60.44
halflif 1902 ( 0.01%) 120269 ( 0.00%) 63.23
starcra 244 ( 0.00%) 38109 ( 0.00%) 156.18
everque 194 ( 0.00%) 48203 ( 0.00%) 248.47
unreal 59 ( 0.00%) 8683 ( 0.00%) 147.17
quake 20 ( 0.00%) 1969 ( 0.00%) 98.45
cuseeme 2 ( 0.00%) 167 ( 0.00%) 83.50
other 9875276 ( 33.03%) 4860833718 ( 29.66%) 492.22
icmp 507267 ( 1.70%) 37252061 ( 0.23%) 73.44
ipip 365 ( 0.00%) 45716 ( 0.00%) 125.25
ipsec 938390 ( 3.14%) 881968100 ( 5.38%) 939.87
ip6 2426196 ( 8.11%) 1323826963 ( 8.08%) 545.64
other 48514 ( 0.16%) 6703730 ( 0.04%) 138.18
frag 14047 ( 0.05%) 7588563 ( 0.05%) 540.23
ip6 65902 ( 0.22%) 14460855 ( 0.09%) 219.43
tcp6 40394 ( 0.14%) 9647978 ( 0.06%) 238.85
http(s) 5395 ( 0.02%) 5778092 ( 0.04%) 1071.01
http(c) 3290 ( 0.01%) 296548 ( 0.00%) 90.14
smtp 496 ( 0.00%) 143057 ( 0.00%) 288.42
ssh 7668 ( 0.03%) 1154184 ( 0.01%) 150.52
dns 22 ( 0.00%) 9056 ( 0.00%) 411.64
bgp 118 ( 0.00%) 15326 ( 0.00%) 129.88
other 23405 ( 0.08%) 2251715 ( 0.01%) 96.21
udp6 21912 ( 0.07%) 4341076 ( 0.03%) 198.11
dns 21890 ( 0.07%) 4337792 ( 0.03%) 198.16
other 22 ( 0.00%) 3284 ( 0.00%) 149.27
icmp6 3512 ( 0.01%) 412477 ( 0.00%) 117.45
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 54 ( 0.00%) 55244 ( 0.00%) 1023.04
tcpdump file: 201003011400.dump.gz (732.82 MB)