Traffic Trace Info
DumpFile: 201003201400.dump
FileSize: 1951.07MB
Id: 201003201400
StartTime: Sat Mar 20 14:00:01 2010
EndTime: Sat Mar 20 14:15:00 2010
TotalTime: 899.45 seconds
TotalCapSize: 1514.02MB CapLen: 96 bytes
# of packets: 28641692 (16116.44MB)
AvgRate: 150.32Mbps stddev:16.62M
IP flow (unique src/dst pair) Information
# of flows: 994524 (avg. 28.80 pkts/flow)
Top 10 big flow size (bytes/total in %):
6.8% 6.4% 2.5% 1.6% 1.3% 1.1% 1.1% 0.9% 0.8% 0.7%
IP address Information
# of IPv4 addresses: 619542
Top 10 bandwidth usage (bytes/total in %):
23.9% 11.3% 7.7% 7.0% 6.6% 6.4% 5.0% 3.1% 2.7% 2.6%
# of IPv6 addresses: 904
Top 10 bandwidth usage (bytes/total in %):
38.2% 9.6% 5.7% 3.8% 3.8% 3.7% 3.1% 3.1% 3.0% 2.9%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201003201400.pktlen.png)
detailed numbers
[ 32- 63]: 4337451
[ 64- 127]: 9601813
[ 128- 255]: 2161318
[ 256- 511]: 1799140
[ 512- 1023]: 643801
[ 1024- 2047]: 10098169
Protocol Breakdown
![[protocol breakdown chart]](201003201400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 28641692 (100.00%) 16899311453 (100.00%) 590.02
ip 28601917 ( 99.86%) 16893154417 ( 99.96%) 590.63
tcp 14995909 ( 52.36%) 10507409843 ( 62.18%) 700.69
http(s) 5077918 ( 17.73%) 6993944092 ( 41.39%) 1377.33
http(c) 3541975 ( 12.37%) 345154083 ( 2.04%) 97.45
squid 413138 ( 1.44%) 82067197 ( 0.49%) 198.64
smtp 240118 ( 0.84%) 55082133 ( 0.33%) 229.40
ftp 18522 ( 0.06%) 1702306 ( 0.01%) 91.91
pop3 40011 ( 0.14%) 17692677 ( 0.10%) 442.20
imap 2766 ( 0.01%) 1813060 ( 0.01%) 655.48
telnet 547 ( 0.00%) 40343 ( 0.00%) 73.75
ssh 226907 ( 0.79%) 18829425 ( 0.11%) 82.98
dns 60790 ( 0.21%) 4134396 ( 0.02%) 68.01
bgp 144 ( 0.00%) 45308 ( 0.00%) 314.64
napster 80 ( 0.00%) 13514 ( 0.00%) 168.93
realaud 65 ( 0.00%) 7478 ( 0.00%) 115.05
rtsp 218 ( 0.00%) 68049 ( 0.00%) 312.15
icecast 418 ( 0.00%) 52226 ( 0.00%) 124.94
hotline 3 ( 0.00%) 186 ( 0.00%) 62.00
other 5372284 ( 18.76%) 2986763070 ( 17.67%) 555.96
udp 11004640 ( 38.42%) 5257914200 ( 31.11%) 477.79
dns 842967 ( 2.94%) 126705836 ( 0.75%) 150.31
realaud 965 ( 0.00%) 59405 ( 0.00%) 61.56
halflif 100 ( 0.00%) 16958 ( 0.00%) 169.58
starcra 217 ( 0.00%) 25349 ( 0.00%) 116.82
everque 190 ( 0.00%) 51850 ( 0.00%) 272.89
unreal 77 ( 0.00%) 14366 ( 0.00%) 186.57
quake 53 ( 0.00%) 7414 ( 0.00%) 139.89
cuseeme 6 ( 0.00%) 807 ( 0.00%) 134.50
other 10159995 ( 35.47%) 5130979818 ( 30.36%) 505.02
icmp 507022 ( 1.77%) 37524410 ( 0.22%) 74.01
ipip 324 ( 0.00%) 40864 ( 0.00%) 126.12
ipsec 798 ( 0.00%) 158244 ( 0.00%) 198.30
ip6 2092423 ( 7.31%) 1090020674 ( 6.45%) 520.94
other 801 ( 0.00%) 86182 ( 0.00%) 107.59
frag 385 ( 0.00%) 394313 ( 0.00%) 1024.19
ip6 39775 ( 0.14%) 6157036 ( 0.04%) 154.80
tcp6 10334 ( 0.04%) 1018252 ( 0.01%) 98.53
http(s) 76 ( 0.00%) 36444 ( 0.00%) 479.53
http(c) 3959 ( 0.01%) 371053 ( 0.00%) 93.72
smtp 171 ( 0.00%) 40667 ( 0.00%) 237.82
ssh 3459 ( 0.01%) 293594 ( 0.00%) 84.88
dns 18 ( 0.00%) 4680 ( 0.00%) 260.00
bgp 120 ( 0.00%) 17245 ( 0.00%) 143.71
other 2531 ( 0.01%) 254569 ( 0.00%) 100.58
udp6 24435 ( 0.09%) 4495425 ( 0.03%) 183.97
dns 23994 ( 0.08%) 4400298 ( 0.03%) 183.39
other 441 ( 0.00%) 95127 ( 0.00%) 215.71
icmp6 4955 ( 0.02%) 621274 ( 0.00%) 125.38
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 21 ( 0.00%) 18005 ( 0.00%) 857.38
tcpdump file: 201003201400.dump.gz (704.72 MB)