Traffic Trace Info
DumpFile: 201003231400.dump
FileSize: 2170.66MB
Id: 201003231400
StartTime: Tue Mar 23 14:00:01 2010
EndTime: Tue Mar 23 14:15:01 2010
TotalTime: 900.24 seconds
TotalCapSize: 1685.01MB CapLen: 96 bytes
# of packets: 31827012 (18219.73MB)
AvgRate: 169.76Mbps stddev:18.59M
IP flow (unique src/dst pair) Information
# of flows: 876769 (avg. 36.30 pkts/flow)
Top 10 big flow size (bytes/total in %):
3.3% 2.1% 1.5% 1.2% 1.2% 1.2% 1.2% 1.2% 1.1% 0.9%
IP address Information
# of IPv4 addresses: 520583
Top 10 bandwidth usage (bytes/total in %):
25.6% 9.2% 4.5% 3.8% 3.4% 3.4% 3.1% 2.5% 2.5% 2.3%
# of IPv6 addresses: 1054
Top 10 bandwidth usage (bytes/total in %):
42.6% 42.6% 34.8% 34.8% 6.4% 6.4% 5.3% 1.3% 0.8% 0.7%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201003231400.pktlen.png)
detailed numbers
[ 32- 63]: 5347824
[ 64- 127]: 9294317
[ 128- 255]: 2932831
[ 256- 511]: 1993256
[ 512- 1023]: 697787
[ 1024- 2047]: 11560997
Protocol Breakdown
![[protocol breakdown chart]](201003231400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 31827012 (100.00%) 19104768228 (100.00%) 600.27
ip 31757786 ( 99.78%) 19060363600 ( 99.77%) 600.18
tcp 16931186 ( 53.20%) 11494839763 ( 60.17%) 678.92
http(s) 5882869 ( 18.48%) 7596179458 ( 39.76%) 1291.24
http(c) 4585639 ( 14.41%) 549289184 ( 2.88%) 119.78
squid 840339 ( 2.64%) 141984584 ( 0.74%) 168.96
smtp 247477 ( 0.78%) 94058502 ( 0.49%) 380.07
ftp 154238 ( 0.48%) 21329636 ( 0.11%) 138.29
pop3 25239 ( 0.08%) 14954402 ( 0.08%) 592.51
imap 2372 ( 0.01%) 410003 ( 0.00%) 172.85
telnet 166 ( 0.00%) 13289 ( 0.00%) 80.05
ssh 74192 ( 0.23%) 39875373 ( 0.21%) 537.46
dns 48147 ( 0.15%) 3280642 ( 0.02%) 68.14
bgp 160 ( 0.00%) 60429 ( 0.00%) 377.68
napster 96 ( 0.00%) 16364 ( 0.00%) 170.46
realaud 66 ( 0.00%) 14769 ( 0.00%) 223.77
rtsp 153074 ( 0.48%) 117805910 ( 0.62%) 769.60
icecast 41774 ( 0.13%) 28658709 ( 0.15%) 686.04
hotline 11 ( 0.00%) 764 ( 0.00%) 69.45
other 4875322 ( 15.32%) 2886906055 ( 15.11%) 592.15
udp 11582779 ( 36.39%) 5770816169 ( 30.21%) 498.22
dns 1072381 ( 3.37%) 159813519 ( 0.84%) 149.03
rip 18 ( 0.00%) 1350 ( 0.00%) 75.00
realaud 74 ( 0.00%) 10772 ( 0.00%) 145.57
halflif 36 ( 0.00%) 4262 ( 0.00%) 118.39
starcra 160 ( 0.00%) 15056 ( 0.00%) 94.10
everque 234 ( 0.00%) 56731 ( 0.00%) 242.44
unreal 90 ( 0.00%) 15378 ( 0.00%) 170.87
quake 29 ( 0.00%) 3892 ( 0.00%) 134.21
cuseeme 5 ( 0.00%) 607 ( 0.00%) 121.40
other 10509621 ( 33.02%) 5610837597 ( 29.37%) 533.88
icmp 338191 ( 1.06%) 27422846 ( 0.14%) 81.09
ipip 327 ( 0.00%) 40186 ( 0.00%) 122.89
ipsec 2969 ( 0.01%) 692686 ( 0.00%) 233.31
ip6 2901081 ( 9.12%) 1766359402 ( 9.25%) 608.86
other 1253 ( 0.00%) 192548 ( 0.00%) 153.67
frag 1534 ( 0.00%) 1292730 ( 0.01%) 842.72
ip6 69226 ( 0.22%) 44404628 ( 0.23%) 641.44
tcp6 36853 ( 0.12%) 38654456 ( 0.20%) 1048.88
http(s) 12884 ( 0.04%) 18482083 ( 0.10%) 1434.50
http(c) 4248 ( 0.01%) 391546 ( 0.00%) 92.17
smtp 538 ( 0.00%) 227752 ( 0.00%) 423.33
ssh 15676 ( 0.05%) 19189728 ( 0.10%) 1224.15
dns 18 ( 0.00%) 8448 ( 0.00%) 469.33
bgp 130 ( 0.00%) 23399 ( 0.00%) 179.99
other 3359 ( 0.01%) 331500 ( 0.00%) 98.69
udp6 28830 ( 0.09%) 5268299 ( 0.03%) 182.74
dns 28622 ( 0.09%) 5221503 ( 0.03%) 182.43
other 208 ( 0.00%) 46796 ( 0.00%) 224.98
icmp6 3439 ( 0.01%) 410971 ( 0.00%) 119.50
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 74 ( 0.00%) 66822 ( 0.00%) 903.00
tcpdump file: 201003231400.dump.gz (776.66 MB)