Traffic Trace Info
DumpFile: 201003261400.dump
FileSize: 2208.76MB
Id: 201003261400
StartTime: Fri Mar 26 14:00:00 2010
EndTime: Fri Mar 26 14:15:00 2010
TotalTime: 900.12 seconds
TotalCapSize: 1719.55MB CapLen: 96 bytes
# of packets: 32060056 (16974.40MB)
AvgRate: 158.19Mbps stddev:16.74M
IP flow (unique src/dst pair) Information
# of flows: 1101708 (avg. 29.10 pkts/flow)
Top 10 big flow size (bytes/total in %):
2.2% 1.6% 1.6% 1.4% 1.3% 1.3% 1.3% 1.1% 1.1% 1.1%
IP address Information
# of IPv4 addresses: 662016
Top 10 bandwidth usage (bytes/total in %):
27.8% 7.3% 3.0% 2.8% 2.5% 2.3% 2.1% 1.9% 1.9% 1.7%
# of IPv6 addresses: 955
Top 10 bandwidth usage (bytes/total in %):
26.3% 10.4% 9.2% 7.7% 6.4% 4.9% 4.9% 4.8% 4.4% 3.1%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201003261400.pktlen.png)
detailed numbers
[ 32- 63]: 4049800
[ 64- 127]: 11718961
[ 128- 255]: 3235620
[ 256- 511]: 1944579
[ 512- 1023]: 653474
[ 1024- 2047]: 10457622
Protocol Breakdown
![[protocol breakdown chart]](201003261400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 32060056 (100.00%) 17798952751 (100.00%) 555.18
ip 32015135 ( 99.86%) 17790592989 ( 99.95%) 555.69
tcp 16950525 ( 52.87%) 10573799501 ( 59.41%) 623.80
http(s) 5509898 ( 17.19%) 7214459740 ( 40.53%) 1309.36
http(c) 4088037 ( 12.75%) 557624405 ( 3.13%) 136.40
squid 214171 ( 0.67%) 59152321 ( 0.33%) 276.19
smtp 296888 ( 0.93%) 117398189 ( 0.66%) 395.43
nntp 7 ( 0.00%) 420 ( 0.00%) 60.00
ftp 88298 ( 0.28%) 31822034 ( 0.18%) 360.39
pop3 30704 ( 0.10%) 27056402 ( 0.15%) 881.20
imap 2704 ( 0.01%) 810897 ( 0.00%) 299.89
telnet 35 ( 0.00%) 4861 ( 0.00%) 138.89
ssh 2890530 ( 9.02%) 525110536 ( 2.95%) 181.67
dns 63154 ( 0.20%) 4325251 ( 0.02%) 68.49
bgp 171 ( 0.00%) 77413 ( 0.00%) 452.71
napster 42 ( 0.00%) 5967 ( 0.00%) 142.07
realaud 4512 ( 0.01%) 297812 ( 0.00%) 66.00
rtsp 163650 ( 0.51%) 43325259 ( 0.24%) 264.74
icecast 33347 ( 0.10%) 3196510 ( 0.02%) 95.86
hotline 68 ( 0.00%) 4601 ( 0.00%) 67.66
other 3564303 ( 11.12%) 1989126523 ( 11.18%) 558.07
udp 11786897 ( 36.77%) 5804260123 ( 32.61%) 492.43
dns 1053890 ( 3.29%) 161876500 ( 0.91%) 153.60
rip 4 ( 0.00%) 300 ( 0.00%) 75.00
realaud 16 ( 0.00%) 1896 ( 0.00%) 118.50
halflif 1346 ( 0.00%) 238540 ( 0.00%) 177.22
starcra 127 ( 0.00%) 15576 ( 0.00%) 122.65
everque 281 ( 0.00%) 79007 ( 0.00%) 281.16
unreal 79 ( 0.00%) 11011 ( 0.00%) 139.38
quake 52 ( 0.00%) 8006 ( 0.00%) 153.96
cuseeme 5 ( 0.00%) 446 ( 0.00%) 89.20
other 10730867 ( 33.47%) 5641892658 ( 31.70%) 525.76
icmp 546063 ( 1.70%) 60619768 ( 0.34%) 111.01
ipip 343 ( 0.00%) 42006 ( 0.00%) 122.47
ipsec 1792 ( 0.01%) 651328 ( 0.00%) 363.46
ip6 2454970 ( 7.66%) 1315682068 ( 7.39%) 535.93
other 274545 ( 0.86%) 35538195 ( 0.20%) 129.44
frag 1544 ( 0.00%) 1562484 ( 0.01%) 1011.97
ip6 44921 ( 0.14%) 8359762 ( 0.05%) 186.10
tcp6 8994 ( 0.03%) 1506873 ( 0.01%) 167.54
http(s) 226 ( 0.00%) 191982 ( 0.00%) 849.48
http(c) 3713 ( 0.01%) 334627 ( 0.00%) 90.12
smtp 246 ( 0.00%) 101191 ( 0.00%) 411.35
ssh 3969 ( 0.01%) 784582 ( 0.00%) 197.68
dns 71 ( 0.00%) 10922 ( 0.00%) 153.83
bgp 125 ( 0.00%) 18881 ( 0.00%) 151.05
other 644 ( 0.00%) 64688 ( 0.00%) 100.45
udp6 32730 ( 0.10%) 6412005 ( 0.04%) 195.91
dns 32643 ( 0.10%) 6383987 ( 0.04%) 195.57
other 87 ( 0.00%) 28018 ( 0.00%) 322.05
icmp6 3113 ( 0.01%) 385739 ( 0.00%) 123.91
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 54 ( 0.00%) 51065 ( 0.00%) 945.65
tcpdump file: 201003261400.dump.gz (805.58 MB)