Traffic Trace Info
DumpFile: 201004061400.dump
FileSize: 2668.52MB
Id: 201004061400
StartTime: Tue Apr 6 14:00:01 2010
EndTime: Tue Apr 6 14:15:01 2010
TotalTime: 899.90 seconds
TotalCapSize: -2018.39MB CapLen: 96 bytes
# of packets: 38725552 (22145.51MB)
AvgRate: 206.43Mbps stddev:28.22M
IP flow (unique src/dst pair) Information
# of flows: 698472 (avg. 55.44 pkts/flow)
Top 10 big flow size (bytes/total in %):
6.0% 2.3% 1.9% 1.4% 1.0% 1.0% 1.0% 1.0% 1.0% 1.0%
IP address Information
# of IPv4 addresses: 404861
Top 10 bandwidth usage (bytes/total in %):
25.3% 13.1% 7.7% 6.2% 5.6% 2.7% 2.6% 2.3% 2.2% 2.2%
# of IPv6 addresses: 974
Top 10 bandwidth usage (bytes/total in %):
19.2% 11.5% 10.6% 9.5% 6.5% 5.7% 4.7% 4.7% 4.2% 3.5%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004061400.pktlen.png)
detailed numbers
[ 32- 63]: 4999336
[ 64- 127]: 13648002
[ 128- 255]: 3152788
[ 256- 511]: 2148938
[ 512- 1023]: 850791
[ 1024- 2047]: 13925697
Protocol Breakdown
![[protocol breakdown chart]](201004061400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 38725552 (100.00%) 23221254102 (100.00%) 599.64
ip 38682351 ( 99.89%) 23211405442 ( 99.96%) 600.05
tcp 21294490 ( 54.99%) 14886431630 ( 64.11%) 699.07
http(s) 6925482 ( 17.88%) 9189587296 ( 39.57%) 1326.92
http(c) 6179724 ( 15.96%) 1296854292 ( 5.58%) 209.86
squid 322562 ( 0.83%) 81995469 ( 0.35%) 254.20
smtp 299674 ( 0.77%) 131207349 ( 0.57%) 437.83
nntp 4 ( 0.00%) 296 ( 0.00%) 74.00
ftp 25656 ( 0.07%) 2523910 ( 0.01%) 98.38
pop3 24572 ( 0.06%) 16785587 ( 0.07%) 683.12
imap 2235 ( 0.01%) 1063280 ( 0.00%) 475.74
telnet 385 ( 0.00%) 63247 ( 0.00%) 164.28
ssh 1769886 ( 4.57%) 249626934 ( 1.07%) 141.04
dns 62775 ( 0.16%) 4236546 ( 0.02%) 67.49
bgp 158 ( 0.00%) 53812 ( 0.00%) 340.58
napster 226 ( 0.00%) 23585 ( 0.00%) 104.36
realaud 8 ( 0.00%) 2698 ( 0.00%) 337.25
rtsp 58333 ( 0.15%) 3738716 ( 0.02%) 64.09
icecast 6520 ( 0.02%) 409049 ( 0.00%) 62.74
other 5616284 ( 14.50%) 3908259126 ( 16.83%) 695.88
udp 14553030 ( 37.58%) 6970588844 ( 30.02%) 478.98
dns 772344 ( 1.99%) 123486224 ( 0.53%) 159.89
realaud 94 ( 0.00%) 14872 ( 0.00%) 158.21
halflif 50 ( 0.00%) 5824 ( 0.00%) 116.48
starcra 162 ( 0.00%) 16340 ( 0.00%) 100.86
everque 205 ( 0.00%) 41318 ( 0.00%) 201.55
unreal 143 ( 0.00%) 28744 ( 0.00%) 201.01
quake 40 ( 0.00%) 3929 ( 0.00%) 98.22
cuseeme 2 ( 0.00%) 235 ( 0.00%) 117.50
other 13779254 ( 35.58%) 6846901901 ( 29.49%) 496.90
icmp 350327 ( 0.90%) 29591821 ( 0.13%) 84.47
ipip 309 ( 0.00%) 38214 ( 0.00%) 123.67
ipsec 326 ( 0.00%) 57060 ( 0.00%) 175.03
ip6 2475050 ( 6.39%) 1322045046 ( 5.69%) 534.15
other 8819 ( 0.02%) 2652827 ( 0.01%) 300.81
frag 10204 ( 0.03%) 10871276 ( 0.05%) 1065.39
ip6 43201 ( 0.11%) 9848660 ( 0.04%) 227.97
tcp6 12515 ( 0.03%) 3161223 ( 0.01%) 252.59
http(s) 1163 ( 0.00%) 1333026 ( 0.01%) 1146.20
http(c) 5124 ( 0.01%) 498723 ( 0.00%) 97.33
smtp 265 ( 0.00%) 101579 ( 0.00%) 383.32
imap 352 ( 0.00%) 41081 ( 0.00%) 116.71
ssh 4864 ( 0.01%) 1048420 ( 0.00%) 215.55
dns 158 ( 0.00%) 43677 ( 0.00%) 276.44
bgp 153 ( 0.00%) 51690 ( 0.00%) 337.84
other 436 ( 0.00%) 43027 ( 0.00%) 98.69
udp6 25598 ( 0.07%) 5867297 ( 0.03%) 229.21
dns 25462 ( 0.07%) 5827960 ( 0.03%) 228.89
everque 1 ( 0.00%) 108 ( 0.00%) 108.00
other 135 ( 0.00%) 39229 ( 0.00%) 290.59
icmp6 4958 ( 0.01%) 713863 ( 0.00%) 143.98
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 100 ( 0.00%) 102197 ( 0.00%) 1021.97
tcpdump file: 201004061400.dump.gz (947.65 MB)