Traffic Trace Info
DumpFile: 201003151400.dump
FileSize: 2209.17MB
Id: 201003151400
StartTime: Mon Mar 15 14:00:00 2010
EndTime: Mon Mar 15 14:15:01 2010
TotalTime: 900.28 seconds
TotalCapSize: 1713.44MB CapLen: 96 bytes
# of packets: 32487408 (18167.61MB)
AvgRate: 169.29Mbps stddev:18.24M
IP flow (unique src/dst pair) Information
# of flows: 927691 (avg. 35.02 pkts/flow)
Top 10 big flow size (bytes/total in %):
2.3% 2.1% 1.9% 1.2% 1.1% 1.1% 1.0% 1.0% 0.9% 0.9%
IP address Information
# of IPv4 addresses: 550409
Top 10 bandwidth usage (bytes/total in %):
28.1% 8.7% 4.0% 3.9% 3.1% 3.0% 2.4% 2.3% 2.3% 2.2%
# of IPv6 addresses: 1062
Top 10 bandwidth usage (bytes/total in %):
21.9% 9.5% 9.4% 6.1% 6.0% 5.3% 4.8% 4.6% 4.6% 3.9%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201003151400.pktlen.png)
detailed numbers
[ 32- 63]: 4731104
[ 64- 127]: 10492200
[ 128- 255]: 3005723
[ 256- 511]: 2083002
[ 512- 1023]: 745296
[ 1024- 2047]: 11430083
Protocol Breakdown
![[protocol breakdown chart]](201003151400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 32487408 (100.00%) 19050119312 (100.00%) 586.38
ip 32436366 ( 99.84%) 19040413627 ( 99.95%) 587.01
tcp 16399342 ( 50.48%) 10951324749 ( 57.49%) 667.79
http(s) 5834325 ( 17.96%) 7622674426 ( 40.01%) 1306.52
http(c) 4609882 ( 14.19%) 800943792 ( 4.20%) 173.74
squid 732309 ( 2.25%) 130364360 ( 0.68%) 178.02
smtp 298244 ( 0.92%) 110273668 ( 0.58%) 369.74
ftp 67730 ( 0.21%) 11696409 ( 0.06%) 172.69
pop3 23195 ( 0.07%) 11780077 ( 0.06%) 507.87
imap 3989 ( 0.01%) 1307575 ( 0.01%) 327.80
telnet 417 ( 0.00%) 32545 ( 0.00%) 78.05
ssh 20928 ( 0.06%) 5319017 ( 0.03%) 254.16
dns 62737 ( 0.19%) 4267265 ( 0.02%) 68.02
bgp 235 ( 0.00%) 112973 ( 0.00%) 480.74
napster 37 ( 0.00%) 3225 ( 0.00%) 87.16
realaud 8 ( 0.00%) 1175 ( 0.00%) 146.88
rtsp 195127 ( 0.60%) 20077192 ( 0.11%) 102.89
icecast 49034 ( 0.15%) 22425667 ( 0.12%) 457.35
other 4501142 ( 13.86%) 2210045203 ( 11.60%) 491.00
udp 12538535 ( 38.60%) 6356916790 ( 33.37%) 506.99
dns 967242 ( 2.98%) 145344559 ( 0.76%) 150.27
realaud 979 ( 0.00%) 62779 ( 0.00%) 64.13
halflif 103 ( 0.00%) 14751 ( 0.00%) 143.21
starcra 191 ( 0.00%) 22409 ( 0.00%) 117.32
everque 128 ( 0.00%) 22948 ( 0.00%) 179.28
unreal 103 ( 0.00%) 19626 ( 0.00%) 190.54
quake 49 ( 0.00%) 4954 ( 0.00%) 101.10
cuseeme 64 ( 0.00%) 5763 ( 0.00%) 90.05
other 11569576 ( 35.61%) 6211360960 ( 32.61%) 536.87
icmp 579676 ( 1.78%) 42927987 ( 0.23%) 74.06
ipip 327 ( 0.00%) 41540 ( 0.00%) 127.03
ipsec 556 ( 0.00%) 113512 ( 0.00%) 204.16
ip6 2784614 ( 8.57%) 1672435912 ( 8.78%) 600.60
other 133316 ( 0.41%) 16653137 ( 0.09%) 124.91
frag 1512 ( 0.00%) 1224380 ( 0.01%) 809.78
ip6 51042 ( 0.16%) 9705685 ( 0.05%) 190.15
tcp6 13898 ( 0.04%) 2870575 ( 0.02%) 206.55
http(s) 581 ( 0.00%) 641066 ( 0.00%) 1103.38
http(c) 3244 ( 0.01%) 356925 ( 0.00%) 110.03
smtp 781 ( 0.00%) 966977 ( 0.01%) 1238.13
ssh 3224 ( 0.01%) 267324 ( 0.00%) 82.92
dns 785 ( 0.00%) 75575 ( 0.00%) 96.27
bgp 119 ( 0.00%) 15429 ( 0.00%) 129.66
other 5164 ( 0.02%) 547279 ( 0.00%) 105.98
udp6 31680 ( 0.10%) 6112590 ( 0.03%) 192.95
dns 31470 ( 0.10%) 6060211 ( 0.03%) 192.57
other 210 ( 0.00%) 52379 ( 0.00%) 249.42
icmp6 5380 ( 0.02%) 670123 ( 0.00%) 124.56
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 54 ( 0.00%) 48317 ( 0.00%) 894.76
tcpdump file: 201003151400.dump.gz (803.31 MB)