Traffic Trace Info
DumpFile: 201004031400.dump
FileSize: 1613.03MB
Id: 201004031400
StartTime: Sat Apr 3 14:00:00 2010
EndTime: Sat Apr 3 14:15:01 2010
TotalTime: 900.28 seconds
TotalCapSize: 1253.37MB CapLen: 96 bytes
# of packets: 23570009 (13532.89MB)
AvgRate: 126.10Mbps stddev:21.17M
IP flow (unique src/dst pair) Information
# of flows: 627372 (avg. 37.57 pkts/flow)
Top 10 big flow size (bytes/total in %):
2.8% 2.4% 2.2% 1.5% 1.4% 1.2% 1.1% 1.1% 1.1% 1.1%
IP address Information
# of IPv4 addresses: 373833
Top 10 bandwidth usage (bytes/total in %):
18.8% 8.9% 5.2% 4.4% 3.8% 3.6% 3.4% 3.1% 2.8% 2.6%
# of IPv6 addresses: 824
Top 10 bandwidth usage (bytes/total in %):
33.5% 12.5% 9.0% 8.1% 5.2% 4.9% 4.3% 3.6% 3.4% 3.4%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004031400.pktlen.png)
detailed numbers
[ 32- 63]: 3960093
[ 64- 127]: 7718420
[ 128- 255]: 1596403
[ 256- 511]: 1293337
[ 512- 1023]: 518235
[ 1024- 2047]: 8483521
Protocol Breakdown
![[protocol breakdown chart]](201004031400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 23570009 (100.00%) 14190268055 (100.00%) 602.05
ip 23531829 ( 99.84%) 14183678647 ( 99.95%) 602.74
tcp 15830265 ( 67.16%) 10504602064 ( 74.03%) 663.58
http(s) 5380641 ( 22.83%) 7292855907 ( 51.39%) 1355.39
http(c) 4484772 ( 19.03%) 397796836 ( 2.80%) 88.70
squid 335068 ( 1.42%) 83796116 ( 0.59%) 250.09
smtp 232701 ( 0.99%) 55860759 ( 0.39%) 240.05
ftp 49238 ( 0.21%) 7186789 ( 0.05%) 145.96
pop3 17936 ( 0.08%) 12566763 ( 0.09%) 700.64
imap 1507 ( 0.01%) 450922 ( 0.00%) 299.22
telnet 799 ( 0.00%) 107885 ( 0.00%) 135.03
ssh 1769367 ( 7.51%) 252864966 ( 1.78%) 142.91
dns 64264 ( 0.27%) 4338150 ( 0.03%) 67.51
bgp 135 ( 0.00%) 39622 ( 0.00%) 293.50
napster 13 ( 0.00%) 1808 ( 0.00%) 139.08
realaud 28 ( 0.00%) 4983 ( 0.00%) 177.96
rtsp 110293 ( 0.47%) 41755009 ( 0.29%) 378.58
icecast 4939 ( 0.02%) 330538 ( 0.00%) 66.92
hotline 17 ( 0.00%) 1876 ( 0.00%) 110.35
other 3378540 ( 14.33%) 2354642715 ( 16.59%) 696.94
udp 6685291 ( 28.36%) 3382367639 ( 23.84%) 505.94
dns 449804 ( 1.91%) 73040490 ( 0.51%) 162.38
rip 1 ( 0.00%) 109 ( 0.00%) 109.00
realaud 73 ( 0.00%) 6857 ( 0.00%) 93.93
halflif 56 ( 0.00%) 6165 ( 0.00%) 110.09
starcra 149 ( 0.00%) 17645 ( 0.00%) 118.42
everque 268 ( 0.00%) 43208 ( 0.00%) 161.22
unreal 41 ( 0.00%) 7303 ( 0.00%) 178.12
quake 38 ( 0.00%) 3363 ( 0.00%) 88.50
cuseeme 6 ( 0.00%) 831 ( 0.00%) 138.50
other 6234785 ( 26.45%) 3309190798 ( 23.32%) 530.76
icmp 345878 ( 1.47%) 28034084 ( 0.20%) 81.05
ipip 325 ( 0.00%) 38442 ( 0.00%) 118.28
ipsec 597 ( 0.00%) 99038 ( 0.00%) 165.89
ip6 441677 ( 1.87%) 222922406 ( 1.57%) 504.72
other 227796 ( 0.97%) 45614974 ( 0.32%) 200.24
frag 1143 ( 0.00%) 1185024 ( 0.01%) 1036.77
ip6 38180 ( 0.16%) 6589408 ( 0.05%) 172.59
tcp6 10260 ( 0.04%) 986550 ( 0.01%) 96.15
http(s) 73 ( 0.00%) 34083 ( 0.00%) 466.89
http(c) 3665 ( 0.02%) 339548 ( 0.00%) 92.65
smtp 120 ( 0.00%) 29547 ( 0.00%) 246.22
imap 208 ( 0.00%) 22638 ( 0.00%) 108.84
ssh 3223 ( 0.01%) 267234 ( 0.00%) 82.91
dns 108 ( 0.00%) 25947 ( 0.00%) 240.25
bgp 112 ( 0.00%) 14877 ( 0.00%) 132.83
other 2751 ( 0.01%) 252676 ( 0.00%) 91.85
udp6 23600 ( 0.10%) 5051292 ( 0.04%) 214.04
dns 23550 ( 0.10%) 5041468 ( 0.04%) 214.08
other 50 ( 0.00%) 9824 ( 0.00%) 196.48
icmp6 4252 ( 0.02%) 516273 ( 0.00%) 121.42
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 38 ( 0.00%) 31213 ( 0.00%) 821.39
tcpdump file: 201004031400.dump.gz (569.59 MB)