Traffic Trace Info
DumpFile: 201004041400.dump
FileSize: 2013.30MB
Id: 201004041400
StartTime: Sun Apr 4 14:00:01 2010
EndTime: Sun Apr 4 14:15:00 2010
TotalTime: 899.23 seconds
TotalCapSize: 1562.63MB CapLen: 96 bytes
# of packets: 29535029 (17144.75MB)
AvgRate: 159.95Mbps stddev:15.71M
IP flow (unique src/dst pair) Information
# of flows: 610906 (avg. 48.35 pkts/flow)
Top 10 big flow size (bytes/total in %):
6.6% 1.4% 1.4% 1.3% 1.1% 1.0% 1.0% 1.0% 0.9% 0.9%
IP address Information
# of IPv4 addresses: 364870
Top 10 bandwidth usage (bytes/total in %):
28.9% 9.1% 7.7% 6.6% 4.7% 3.6% 3.2% 2.9% 2.4% 2.2%
# of IPv6 addresses: 745
Top 10 bandwidth usage (bytes/total in %):
34.9% 10.3% 9.4% 7.4% 5.8% 5.2% 4.5% 3.6% 3.5% 3.0%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004041400.pktlen.png)
detailed numbers
[ 32- 63]: 3390027
[ 64- 127]: 9671106
[ 128- 255]: 2729902
[ 256- 511]: 2114029
[ 512- 1023]: 1045568
[ 1024- 2047]: 10584397
Protocol Breakdown
![[protocol breakdown chart]](201004041400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 29535029 (100.00%) 17977571014 (100.00%) 608.69
ip 29499299 ( 99.88%) 17971261915 ( 99.96%) 609.21
tcp 14842456 ( 50.25%) 10817037656 ( 60.17%) 728.79
http(s) 5183438 ( 17.55%) 6906239675 ( 38.42%) 1332.37
http(c) 3075361 ( 10.41%) 308481961 ( 1.72%) 100.31
squid 331940 ( 1.12%) 122451657 ( 0.68%) 368.90
smtp 204566 ( 0.69%) 60215122 ( 0.33%) 294.36
ftp 40703 ( 0.14%) 4580191 ( 0.03%) 112.53
pop3 17605 ( 0.06%) 14690647 ( 0.08%) 834.46
imap 668 ( 0.00%) 129229 ( 0.00%) 193.46
telnet 317 ( 0.00%) 55123 ( 0.00%) 173.89
ssh 2139562 ( 7.24%) 312769892 ( 1.74%) 146.18
dns 62044 ( 0.21%) 4206232 ( 0.02%) 67.79
bgp 139 ( 0.00%) 37566 ( 0.00%) 270.26
napster 5 ( 0.00%) 366 ( 0.00%) 73.20
realaud 24 ( 0.00%) 1740 ( 0.00%) 72.50
rtsp 62198 ( 0.21%) 11460033 ( 0.06%) 184.25
icecast 3985 ( 0.01%) 252542 ( 0.00%) 63.37
hotline 3 ( 0.00%) 186 ( 0.00%) 62.00
other 3719898 ( 12.59%) 3071465494 ( 17.08%) 825.69
udp 11728005 ( 39.71%) 5715998831 ( 31.80%) 487.38
dns 417243 ( 1.41%) 66612942 ( 0.37%) 159.65
rip 6 ( 0.00%) 450 ( 0.00%) 75.00
realaud 1802 ( 0.01%) 111166 ( 0.00%) 61.69
halflif 34 ( 0.00%) 4000 ( 0.00%) 117.65
starcra 166 ( 0.00%) 21005 ( 0.00%) 126.54
everque 163 ( 0.00%) 35876 ( 0.00%) 220.10
unreal 128 ( 0.00%) 21885 ( 0.00%) 170.98
quake 17 ( 0.00%) 1871 ( 0.00%) 110.06
cuseeme 4 ( 0.00%) 635 ( 0.00%) 158.75
other 11308326 ( 38.29%) 5649120876 ( 31.42%) 499.55
icmp 370716 ( 1.26%) 29626653 ( 0.16%) 79.92
ipip 336 ( 0.00%) 40707 ( 0.00%) 121.15
ipsec 1096 ( 0.00%) 241808 ( 0.00%) 220.63
ip6 2546997 ( 8.62%) 1401579851 ( 7.80%) 550.29
other 9693 ( 0.03%) 6736409 ( 0.04%) 694.98
frag 2662 ( 0.01%) 2843000 ( 0.02%) 1067.99
ip6 35730 ( 0.12%) 6309099 ( 0.04%) 176.58
tcp6 8154 ( 0.03%) 861737 ( 0.00%) 105.68
http(s) 42 ( 0.00%) 19882 ( 0.00%) 473.38
http(c) 3670 ( 0.01%) 339173 ( 0.00%) 92.42
smtp 95 ( 0.00%) 14835 ( 0.00%) 156.16
imap 217 ( 0.00%) 23653 ( 0.00%) 109.00
ssh 3215 ( 0.01%) 266602 ( 0.00%) 82.92
dns 104 ( 0.00%) 31397 ( 0.00%) 301.89
bgp 90 ( 0.00%) 10738 ( 0.00%) 119.31
other 721 ( 0.00%) 155457 ( 0.00%) 215.61
udp6 23093 ( 0.08%) 4845142 ( 0.03%) 209.81
dns 23058 ( 0.08%) 4838145 ( 0.03%) 209.83
other 35 ( 0.00%) 6997 ( 0.00%) 199.91
icmp6 4393 ( 0.01%) 547865 ( 0.00%) 124.71
pim6 31 ( 0.00%) 4216 ( 0.00%) 136.00
other6 59 ( 0.00%) 50139 ( 0.00%) 849.81
tcpdump file: 201004041400.dump.gz (732.76 MB)