Traffic Trace Info
DumpFile: 201003221400.dump
FileSize: 1913.91MB
Id: 201003221400
StartTime: Mon Mar 22 14:00:00 2010
EndTime: Mon Mar 22 14:15:01 2010
TotalTime: 900.26 seconds
TotalCapSize: 1484.09MB CapLen: 96 bytes
# of packets: 28167912 (16084.64MB)
AvgRate: 149.88Mbps stddev:14.82M
IP flow (unique src/dst pair) Information
# of flows: 939661 (avg. 29.98 pkts/flow)
Top 10 big flow size (bytes/total in %):
7.4% 2.2% 1.2% 1.1% 0.9% 0.8% 0.7% 0.7% 0.7% 0.7%
IP address Information
# of IPv4 addresses: 562396
Top 10 bandwidth usage (bytes/total in %):
27.5% 8.1% 7.4% 7.4% 4.0% 2.4% 2.4% 2.3% 2.0% 1.9%
# of IPv6 addresses: 972
Top 10 bandwidth usage (bytes/total in %):
29.3% 19.3% 19.3% 7.4% 3.9% 3.7% 3.6% 3.3% 2.9% 2.9%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201003221400.pktlen.png)
detailed numbers
[ 32- 63]: 4031759
[ 64- 127]: 8970124
[ 128- 255]: 2335934
[ 256- 511]: 1899902
[ 512- 1023]: 731661
[ 1024- 2047]: 10198532
Protocol Breakdown
![[protocol breakdown chart]](201003221400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 28167912 (100.00%) 16865969116 (100.00%) 598.77
ip 28123321 ( 99.84%) 16857929217 ( 99.95%) 599.43
tcp 14237256 ( 50.54%) 9970293724 ( 59.11%) 700.30
http(s) 4801026 ( 17.04%) 6198734705 ( 36.75%) 1291.13
http(c) 3238453 ( 11.50%) 363334299 ( 2.15%) 112.19
squid 693218 ( 2.46%) 143920186 ( 0.85%) 207.61
smtp 239723 ( 0.85%) 52309468 ( 0.31%) 218.21
nntp 1 ( 0.00%) 60 ( 0.00%) 60.00
ftp 32618 ( 0.12%) 8080293 ( 0.05%) 247.72
pop3 20231 ( 0.07%) 17230581 ( 0.10%) 851.69
imap 1424 ( 0.01%) 331378 ( 0.00%) 232.71
telnet 836 ( 0.00%) 58621 ( 0.00%) 70.12
ssh 1043123 ( 3.70%) 212087920 ( 1.26%) 203.32
dns 45779 ( 0.16%) 3139341 ( 0.02%) 68.58
bgp 147 ( 0.00%) 49811 ( 0.00%) 338.85
napster 162 ( 0.00%) 16533 ( 0.00%) 102.06
realaud 22 ( 0.00%) 1907 ( 0.00%) 86.68
rtsp 2880 ( 0.01%) 1974425 ( 0.01%) 685.56
icecast 746 ( 0.00%) 64098 ( 0.00%) 85.92
other 4116863 ( 14.62%) 2968959858 ( 17.60%) 721.17
udp 10734150 ( 38.11%) 5341244372 ( 31.67%) 497.59
dns 878633 ( 3.12%) 132077877 ( 0.78%) 150.32
realaud 66 ( 0.00%) 11914 ( 0.00%) 180.52
halflif 51 ( 0.00%) 5816 ( 0.00%) 114.04
starcra 139 ( 0.00%) 14649 ( 0.00%) 105.39
everque 196 ( 0.00%) 52640 ( 0.00%) 268.57
unreal 87 ( 0.00%) 13030 ( 0.00%) 149.77
quake 13 ( 0.00%) 1494 ( 0.00%) 114.92
cuseeme 4 ( 0.00%) 355 ( 0.00%) 88.75
other 9854901 ( 34.99%) 5209023779 ( 30.88%) 528.57
icmp 532561 ( 1.89%) 39770673 ( 0.24%) 74.68
ipip 368 ( 0.00%) 46106 ( 0.00%) 125.29
ipsec 218357 ( 0.78%) 130311590 ( 0.77%) 596.78
ip6 2373304 ( 8.43%) 1365664686 ( 8.10%) 575.43
other 27325 ( 0.10%) 10598066 ( 0.06%) 387.85
frag 1469 ( 0.01%) 1234076 ( 0.01%) 840.08
ip6 44591 ( 0.16%) 8039899 ( 0.05%) 180.30
tcp6 11299 ( 0.04%) 1055623 ( 0.01%) 93.43
http(s) 48 ( 0.00%) 23249 ( 0.00%) 484.35
http(c) 5884 ( 0.02%) 506067 ( 0.00%) 86.01
smtp 171 ( 0.00%) 41802 ( 0.00%) 244.46
ssh 3230 ( 0.01%) 267812 ( 0.00%) 82.91
dns 11 ( 0.00%) 4662 ( 0.00%) 423.82
bgp 120 ( 0.00%) 15774 ( 0.00%) 131.45
other 1835 ( 0.01%) 196257 ( 0.00%) 106.95
udp6 28222 ( 0.10%) 5476829 ( 0.03%) 194.06
dns 26637 ( 0.09%) 4899105 ( 0.03%) 183.92
other 1585 ( 0.01%) 577724 ( 0.00%) 364.49
icmp6 3505 ( 0.01%) 414661 ( 0.00%) 118.31
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 1535 ( 0.01%) 1088706 ( 0.01%) 709.25
tcpdump file: 201003221400.dump.gz (695.93 MB)