Traffic Trace Info
DumpFile: 201004081400.dump
FileSize: 2498.21MB
Id: 201004081400
StartTime: Thu Apr 8 14:00:01 2010
EndTime: Thu Apr 8 14:15:00 2010
TotalTime: 899.81 seconds
TotalCapSize: 1947.92MB CapLen: 96 bytes
# of packets: 36063193 (20760.68MB)
AvgRate: 193.54Mbps stddev:16.28M
IP flow (unique src/dst pair) Information
# of flows: 918976 (avg. 39.24 pkts/flow)
Top 10 big flow size (bytes/total in %):
2.3% 1.9% 1.7% 1.2% 1.1% 1.0% 1.0% 0.9% 0.9% 0.9%
IP address Information
# of IPv4 addresses: 498203
Top 10 bandwidth usage (bytes/total in %):
25.6% 9.2% 5.9% 4.4% 2.8% 2.4% 2.4% 2.1% 2.0% 2.0%
# of IPv6 addresses: 1161
Top 10 bandwidth usage (bytes/total in %):
96.6% 96.6% 0.7% 0.3% 0.3% 0.2% 0.2% 0.2% 0.2% 0.2%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004081400.pktlen.png)
detailed numbers
[ 32- 63]: 4818930
[ 64- 127]: 11129497
[ 128- 255]: 3499672
[ 256- 511]: 2698384
[ 512- 1023]: 1090137
[ 1024- 2047]: 12826573
Protocol Breakdown
![[protocol breakdown chart]](201004081400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 36063193 (100.00%) 21769149786 (100.00%) 603.64
ip 35839570 ( 99.38%) 21494244583 ( 98.74%) 599.74
tcp 19314821 ( 53.56%) 13305731725 ( 61.12%) 688.89
http(s) 6786296 ( 18.82%) 8900910573 ( 40.89%) 1311.60
http(c) 5001726 ( 13.87%) 897173730 ( 4.12%) 179.37
squid 267117 ( 0.74%) 83242187 ( 0.38%) 311.63
smtp 401256 ( 1.11%) 158272432 ( 0.73%) 394.44
nntp 2 ( 0.00%) 124 ( 0.00%) 62.00
ftp 76163 ( 0.21%) 13936711 ( 0.06%) 182.99
pop3 20943 ( 0.06%) 7787990 ( 0.04%) 371.87
imap 3532 ( 0.01%) 1201109 ( 0.01%) 340.06
telnet 605 ( 0.00%) 82347 ( 0.00%) 136.11
ssh 1835178 ( 5.09%) 261481350 ( 1.20%) 142.48
dns 75543 ( 0.21%) 5147356 ( 0.02%) 68.14
bgp 188 ( 0.00%) 71256 ( 0.00%) 379.02
napster 203 ( 0.00%) 31805 ( 0.00%) 156.67
realaud 143 ( 0.00%) 14101 ( 0.00%) 98.61
rtsp 176004 ( 0.49%) 18352220 ( 0.08%) 104.27
icecast 44383 ( 0.12%) 24203959 ( 0.11%) 545.34
hotline 17 ( 0.00%) 2172 ( 0.00%) 127.76
other 4625519 ( 12.83%) 2933820045 ( 13.48%) 634.27
udp 12694967 ( 35.20%) 6164778841 ( 28.32%) 485.61
dns 709217 ( 1.97%) 119110226 ( 0.55%) 167.95
realaud 905 ( 0.00%) 56328 ( 0.00%) 62.24
halflif 96 ( 0.00%) 14392 ( 0.00%) 149.92
starcra 407 ( 0.00%) 37717 ( 0.00%) 92.67
everque 541 ( 0.00%) 105592 ( 0.00%) 195.18
unreal 101 ( 0.00%) 15274 ( 0.00%) 151.23
quake 41 ( 0.00%) 3896 ( 0.00%) 95.02
cuseeme 4 ( 0.00%) 341 ( 0.00%) 85.25
other 11981264 ( 33.22%) 6045228347 ( 27.77%) 504.56
icmp 442113 ( 1.23%) 36107253 ( 0.17%) 81.67
ipip 326 ( 0.00%) 40296 ( 0.00%) 123.61
ipsec 776 ( 0.00%) 207296 ( 0.00%) 267.13
ip6 3383937 ( 9.38%) 1987066772 ( 9.13%) 587.21
other 2630 ( 0.01%) 312400 ( 0.00%) 118.78
frag 6190 ( 0.02%) 4534242 ( 0.02%) 732.51
ip6 223623 ( 0.62%) 274905203 ( 1.26%) 1229.32
tcp6 185485 ( 0.51%) 267368120 ( 1.23%) 1441.45
http(s) 707 ( 0.00%) 839404 ( 0.00%) 1187.28
http(c) 3816 ( 0.01%) 354608 ( 0.00%) 92.93
smtp 341 ( 0.00%) 123643 ( 0.00%) 362.59
imap 381 ( 0.00%) 44257 ( 0.00%) 116.16
ssh 3277 ( 0.01%) 276006 ( 0.00%) 84.23
dns 136 ( 0.00%) 30982 ( 0.00%) 227.81
bgp 129 ( 0.00%) 20183 ( 0.00%) 156.46
other 176698 ( 0.49%) 265679037 ( 1.22%) 1503.58
udp6 30712 ( 0.09%) 6547644 ( 0.03%) 213.19
dns 30342 ( 0.08%) 6472126 ( 0.03%) 213.31
other 370 ( 0.00%) 75518 ( 0.00%) 204.10
icmp6 7283 ( 0.02%) 878640 ( 0.00%) 120.64
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 113 ( 0.00%) 106719 ( 0.00%) 944.42
tcpdump file: 201004081400.dump.gz (913.38 MB)