Traffic Trace Info
DumpFile: 201003161400.dump
FileSize: 2126.30MB
Id: 201003161400
StartTime: Tue Mar 16 14:00:01 2010
EndTime: Tue Mar 16 14:15:01 2010
TotalTime: 900.25 seconds
TotalCapSize: 1647.52MB CapLen: 96 bytes
# of packets: 31376878 (16880.97MB)
AvgRate: 157.29Mbps stddev:14.75M
IP flow (unique src/dst pair) Information
# of flows: 890034 (avg. 35.25 pkts/flow)
Top 10 big flow size (bytes/total in %):
2.4% 1.5% 1.3% 1.0% 0.9% 0.9% 0.9% 0.9% 0.8% 0.7%
IP address Information
# of IPv4 addresses: 535562
Top 10 bandwidth usage (bytes/total in %):
29.3% 7.7% 5.1% 4.8% 2.4% 2.4% 2.3% 2.3% 2.2% 2.1%
# of IPv6 addresses: 1030
Top 10 bandwidth usage (bytes/total in %):
28.7% 7.7% 5.5% 3.9% 3.8% 3.8% 3.5% 3.5% 3.1% 2.9%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201003161400.pktlen.png)
detailed numbers
[ 32- 63]: 4937224
[ 64- 127]: 10143820
[ 128- 255]: 2928436
[ 256- 511]: 1967357
[ 512- 1023]: 975491
[ 1024- 2047]: 10424550
Protocol Breakdown
![[protocol breakdown chart]](201003161400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 31376878 (100.00%) 17700978450 (100.00%) 564.14
ip 31331786 ( 99.86%) 17693329541 ( 99.96%) 564.71
tcp 15915709 ( 50.72%) 9602722967 ( 54.25%) 603.35
http(s) 4704013 ( 14.99%) 6027767313 ( 34.05%) 1281.41
http(c) 4331021 ( 13.80%) 947576843 ( 5.35%) 218.79
squid 809764 ( 2.58%) 120427586 ( 0.68%) 148.72
smtp 298786 ( 0.95%) 73394430 ( 0.41%) 245.64
ftp 108353 ( 0.35%) 80277884 ( 0.45%) 740.89
pop3 20892 ( 0.07%) 14599853 ( 0.08%) 698.83
imap 2587 ( 0.01%) 907811 ( 0.01%) 350.91
telnet 642 ( 0.00%) 44081 ( 0.00%) 68.66
ssh 343881 ( 1.10%) 52477421 ( 0.30%) 152.60
dns 58776 ( 0.19%) 4002749 ( 0.02%) 68.10
bgp 157 ( 0.00%) 63917 ( 0.00%) 407.11
napster 650 ( 0.00%) 405382 ( 0.00%) 623.66
realaud 54 ( 0.00%) 6896 ( 0.00%) 127.70
rtsp 145125 ( 0.46%) 27417452 ( 0.15%) 188.92
icecast 6463 ( 0.02%) 394605 ( 0.00%) 61.06
hotline 6 ( 0.00%) 508 ( 0.00%) 84.67
other 5084539 ( 16.20%) 2252958236 ( 12.73%) 443.10
udp 12360606 ( 39.39%) 6664026423 ( 37.65%) 539.13
dns 960327 ( 3.06%) 143419272 ( 0.81%) 149.34
rip 1 ( 0.00%) 109 ( 0.00%) 109.00
realaud 2806 ( 0.01%) 178784 ( 0.00%) 63.71
halflif 51 ( 0.00%) 6002 ( 0.00%) 117.69
starcra 159 ( 0.00%) 19645 ( 0.00%) 123.55
everque 127 ( 0.00%) 22283 ( 0.00%) 175.46
unreal 215 ( 0.00%) 41057 ( 0.00%) 190.96
quake 32 ( 0.00%) 6474 ( 0.00%) 202.31
cuseeme 8 ( 0.00%) 975 ( 0.00%) 121.88
other 11396808 ( 36.32%) 6520272047 ( 36.84%) 572.11
icmp 516901 ( 1.65%) 38515976 ( 0.22%) 74.51
ipip 325 ( 0.00%) 40742 ( 0.00%) 125.36
ipsec 606 ( 0.00%) 133292 ( 0.00%) 219.95
ip6 2459435 ( 7.84%) 1373815542 ( 7.76%) 558.59
other 78204 ( 0.25%) 14074599 ( 0.08%) 179.97
frag 1964 ( 0.01%) 1646546 ( 0.01%) 838.36
ip6 45092 ( 0.14%) 7648909 ( 0.04%) 169.63
tcp6 13529 ( 0.04%) 1694428 ( 0.01%) 125.24
http(s) 288 ( 0.00%) 261104 ( 0.00%) 906.61
http(c) 3813 ( 0.01%) 377741 ( 0.00%) 99.07
smtp 343 ( 0.00%) 31763 ( 0.00%) 92.60
ssh 5023 ( 0.02%) 537334 ( 0.00%) 106.97
dns 27 ( 0.00%) 12610 ( 0.00%) 467.04
bgp 124 ( 0.00%) 16768 ( 0.00%) 135.23
other 3911 ( 0.01%) 457108 ( 0.00%) 116.88
udp6 25663 ( 0.08%) 5178439 ( 0.03%) 201.79
dns 24940 ( 0.08%) 5056631 ( 0.03%) 202.75
quake 1 ( 0.00%) 101 ( 0.00%) 101.00
other 722 ( 0.00%) 121707 ( 0.00%) 168.57
icmp6 5810 ( 0.02%) 719021 ( 0.00%) 123.76
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 60 ( 0.00%) 52941 ( 0.00%) 882.35
tcpdump file: 201003161400.dump.gz (777.85 MB)