Traffic Trace Info
DumpFile: 201003251400.dump
FileSize: 2379.35MB
Id: 201003251400
StartTime: Thu Mar 25 14:00:00 2010
EndTime: Thu Mar 25 14:15:00 2010
TotalTime: 900.21 seconds
TotalCapSize: 1857.58MB CapLen: 96 bytes
# of packets: 34193938 (22099.32MB)
AvgRate: 205.90Mbps stddev:26.70M
IP flow (unique src/dst pair) Information
# of flows: 832420 (avg. 41.08 pkts/flow)
Top 10 big flow size (bytes/total in %):
13.8% 6.7% 4.7% 1.7% 1.6% 1.4% 1.3% 1.1% 1.0% 0.9%
IP address Information
# of IPv4 addresses: 483635
Top 10 bandwidth usage (bytes/total in %):
20.5% 20.5% 17.5% 7.1% 6.2% 4.8% 2.8% 2.6% 2.2% 2.0%
# of IPv6 addresses: 1113
Top 10 bandwidth usage (bytes/total in %):
71.8% 71.8% 9.0% 2.3% 1.3% 1.2% 1.0% 1.0% 0.9% 0.8%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201003251400.pktlen.png)
detailed numbers
[ 32- 63]: 3807487
[ 64- 127]: 10948192
[ 128- 255]: 2417461
[ 256- 511]: 2124458
[ 512- 1023]: 711734
[ 1024- 2047]: 14184606
Protocol Breakdown
![[protocol breakdown chart]](201003251400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 34193938 (100.00%) 23172819302 (100.00%) 677.69
ip 34141943 ( 99.85%) 23148396125 ( 99.89%) 678.00
tcp 19637418 ( 57.43%) 16139614005 ( 69.65%) 821.88
http(s) 6767923 ( 19.79%) 9110079056 ( 39.31%) 1346.07
http(c) 4523707 ( 13.23%) 602055751 ( 2.60%) 133.09
squid 264920 ( 0.77%) 71328703 ( 0.31%) 269.25
smtp 243777 ( 0.71%) 73885073 ( 0.32%) 303.08
ftp 112276 ( 0.33%) 13841646 ( 0.06%) 123.28
pop3 27618 ( 0.08%) 17779373 ( 0.08%) 643.76
imap 4252 ( 0.01%) 1581139 ( 0.01%) 371.86
telnet 294 ( 0.00%) 21461 ( 0.00%) 73.00
ssh 103295 ( 0.30%) 15634065 ( 0.07%) 151.35
dns 53855 ( 0.16%) 3681352 ( 0.02%) 68.36
bgp 153 ( 0.00%) 56308 ( 0.00%) 368.03
napster 10 ( 0.00%) 2224 ( 0.00%) 222.40
realaud 6 ( 0.00%) 2620 ( 0.00%) 436.67
rtsp 51506 ( 0.15%) 3205739 ( 0.01%) 62.24
icecast 7030 ( 0.02%) 427932 ( 0.00%) 60.87
hotline 6 ( 0.00%) 572 ( 0.00%) 95.33
other 7476787 ( 21.87%) 6226030811 ( 26.87%) 832.71
udp 11390861 ( 33.31%) 5519160627 ( 23.82%) 484.53
dns 1023721 ( 2.99%) 151702888 ( 0.65%) 148.19
realaud 19 ( 0.00%) 2429 ( 0.00%) 127.84
halflif 48 ( 0.00%) 9799 ( 0.00%) 204.15
starcra 164 ( 0.00%) 20969 ( 0.00%) 127.86
everque 218 ( 0.00%) 44350 ( 0.00%) 203.44
unreal 20 ( 0.00%) 2484 ( 0.00%) 124.20
quake 70 ( 0.00%) 7384 ( 0.00%) 105.49
cuseeme 3 ( 0.00%) 244 ( 0.00%) 81.33
other 10366479 ( 30.32%) 5367299149 ( 23.16%) 517.76
icmp 331177 ( 0.97%) 27051622 ( 0.12%) 81.68
ipip 308 ( 0.00%) 35596 ( 0.00%) 115.57
ipsec 1230 ( 0.00%) 275924 ( 0.00%) 224.33
ip6 2626105 ( 7.68%) 1438121449 ( 6.21%) 547.63
other 154844 ( 0.45%) 24136902 ( 0.10%) 155.88
frag 1363 ( 0.00%) 1266051 ( 0.01%) 928.87
ip6 51995 ( 0.15%) 24423177 ( 0.11%) 469.72
tcp6 22796 ( 0.07%) 18815056 ( 0.08%) 825.37
http(s) 12261 ( 0.04%) 17570922 ( 0.08%) 1433.07
http(c) 3577 ( 0.01%) 333320 ( 0.00%) 93.18
smtp 112 ( 0.00%) 33218 ( 0.00%) 296.59
ftp 312 ( 0.00%) 35747 ( 0.00%) 114.57
ssh 3601 ( 0.01%) 522686 ( 0.00%) 145.15
dns 29 ( 0.00%) 4391 ( 0.00%) 151.41
bgp 143 ( 0.00%) 42981 ( 0.00%) 300.57
other 2761 ( 0.01%) 271791 ( 0.00%) 98.44
udp6 25633 ( 0.07%) 5135850 ( 0.02%) 200.36
dns 25417 ( 0.07%) 5079546 ( 0.02%) 199.85
quake 1 ( 0.00%) 101 ( 0.00%) 101.00
other 215 ( 0.00%) 56203 ( 0.00%) 261.41
icmp6 3495 ( 0.01%) 432646 ( 0.00%) 123.79
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 41 ( 0.00%) 35545 ( 0.00%) 866.95
tcpdump file: 201003251400.dump.gz (818.75 MB)