Traffic Trace Info
DumpFile: 201004171400.dump
FileSize: 1980.23MB
Id: 201004171400
StartTime: Sat Apr 17 14:00:01 2010
EndTime: Sat Apr 17 14:15:01 2010
TotalTime: 900.00 seconds
TotalCapSize: 1543.99MB CapLen: 96 bytes
# of packets: 28588791 (17984.21MB)
AvgRate: 167.63Mbps stddev:13.68M
IP flow (unique src/dst pair) Information
# of flows: 819378 (avg. 34.89 pkts/flow)
Top 10 big flow size (bytes/total in %):
2.1% 1.7% 1.2% 1.1% 1.0% 0.9% 0.9% 0.7% 0.7% 0.7%
IP address Information
# of IPv4 addresses: 464375
Top 10 bandwidth usage (bytes/total in %):
19.3% 9.2% 3.9% 3.2% 2.8% 2.7% 2.7% 2.6% 2.3% 2.1%
# of IPv6 addresses: 969
Top 10 bandwidth usage (bytes/total in %):
23.2% 10.7% 7.4% 6.2% 5.7% 5.7% 4.8% 3.9% 3.4% 3.2%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004171400.pktlen.png)
detailed numbers
[ 32- 63]: 4693304
[ 64- 127]: 7637297
[ 128- 255]: 2257136
[ 256- 511]: 1700533
[ 512- 1023]: 784070
[ 1024- 2047]: 11516451
Protocol Breakdown
![[protocol breakdown chart]](201004171400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 28588791 (100.00%) 18857808152 (100.00%) 659.62
ip 28537043 ( 99.82%) 18849723374 ( 99.96%) 660.54
tcp 15522172 ( 54.29%) 12046212793 ( 63.88%) 776.06
http(s) 6893435 ( 24.11%) 9262599761 ( 49.12%) 1343.68
http(c) 4320454 ( 15.11%) 506566715 ( 2.69%) 117.25
squid 374848 ( 1.31%) 151944521 ( 0.81%) 405.35
smtp 322739 ( 1.13%) 118464273 ( 0.63%) 367.06
nntp 1 ( 0.00%) 60 ( 0.00%) 60.00
ftp 20391 ( 0.07%) 4593754 ( 0.02%) 225.28
pop3 16867 ( 0.06%) 12222162 ( 0.06%) 724.62
imap 2001 ( 0.01%) 405586 ( 0.00%) 202.69
telnet 676 ( 0.00%) 79838 ( 0.00%) 118.10
ssh 20696 ( 0.07%) 2672936 ( 0.01%) 129.15
dns 50053 ( 0.18%) 3461744 ( 0.02%) 69.16
bgp 182 ( 0.00%) 76846 ( 0.00%) 422.23
napster 123 ( 0.00%) 12169 ( 0.00%) 98.93
realaud 75 ( 0.00%) 5062 ( 0.00%) 67.49
rtsp 78206 ( 0.27%) 5041425 ( 0.03%) 64.46
icecast 8415 ( 0.03%) 576766 ( 0.00%) 68.54
hotline 1 ( 0.00%) 60 ( 0.00%) 60.00
other 3412999 ( 11.94%) 1977488515 ( 10.49%) 579.40
udp 9159093 ( 32.04%) 4943015014 ( 26.21%) 539.68
dns 594489 ( 2.08%) 103927666 ( 0.55%) 174.82
rip 12 ( 0.00%) 900 ( 0.00%) 75.00
realaud 639 ( 0.00%) 45440 ( 0.00%) 71.11
halflif 2260 ( 0.01%) 247457 ( 0.00%) 109.49
starcra 271 ( 0.00%) 28230 ( 0.00%) 104.17
everque 1204 ( 0.00%) 137677 ( 0.00%) 114.35
unreal 36 ( 0.00%) 6054 ( 0.00%) 168.17
quake 147 ( 0.00%) 11565 ( 0.00%) 78.67
cuseeme 4 ( 0.00%) 531 ( 0.00%) 132.75
other 8559593 ( 29.94%) 4838385895 ( 25.66%) 565.26
icmp 522136 ( 1.83%) 68404953 ( 0.36%) 131.01
ipip 344 ( 0.00%) 40932 ( 0.00%) 118.99
ipsec 1839 ( 0.01%) 584810 ( 0.00%) 318.00
ip6 3286877 ( 11.50%) 1741537780 ( 9.24%) 529.85
other 44582 ( 0.16%) 49927092 ( 0.26%) 1119.89
frag 1855 ( 0.01%) 1844519 ( 0.01%) 994.35
ip6 51746 ( 0.18%) 8084658 ( 0.04%) 156.24
tcp6 19019 ( 0.07%) 2224490 ( 0.01%) 116.96
http(s) 28 ( 0.00%) 15908 ( 0.00%) 568.14
http(c) 7524 ( 0.03%) 639841 ( 0.00%) 85.04
smtp 285 ( 0.00%) 119211 ( 0.00%) 418.28
ftp 2645 ( 0.01%) 270757 ( 0.00%) 102.37
imap 465 ( 0.00%) 49471 ( 0.00%) 106.39
ssh 3237 ( 0.01%) 268626 ( 0.00%) 82.99
dns 82 ( 0.00%) 22645 ( 0.00%) 276.16
bgp 141 ( 0.00%) 31192 ( 0.00%) 221.22
other 4612 ( 0.02%) 806839 ( 0.00%) 174.94
udp6 25664 ( 0.09%) 4936577 ( 0.03%) 192.35
dns 25013 ( 0.09%) 4815333 ( 0.03%) 192.51
other 651 ( 0.00%) 121244 ( 0.00%) 186.24
icmp6 6959 ( 0.02%) 842972 ( 0.00%) 121.13
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 74 ( 0.00%) 76539 ( 0.00%) 1034.31
tcpdump file: 201004171400.dump.gz (714.64 MB)