Traffic Trace Info
DumpFile: 201004191400.dump
FileSize: 2599.76MB
Id: 201004191400
StartTime: Mon Apr 19 14:00:00 2010
EndTime: Mon Apr 19 14:15:00 2010
TotalTime: 900.03 seconds
TotalCapSize: 2040.72MB CapLen: 96 bytes
# of packets: 36636846 (21511.66MB)
AvgRate: 200.52Mbps stddev:22.53M
IP flow (unique src/dst pair) Information
# of flows: 1023633 (avg. 35.79 pkts/flow)
Top 10 big flow size (bytes/total in %):
1.6% 1.3% 1.2% 0.9% 0.7% 0.7% 0.7% 0.7% 0.7% 0.7%
IP address Information
# of IPv4 addresses: 546777
Top 10 bandwidth usage (bytes/total in %):
15.3% 10.9% 5.9% 3.1% 2.9% 2.4% 2.3% 2.3% 1.8% 1.8%
# of IPv6 addresses: 1194
Top 10 bandwidth usage (bytes/total in %):
27.8% 17.5% 10.3% 9.7% 7.8% 7.8% 6.9% 4.2% 4.2% 4.1%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004191400.pktlen.png)
detailed numbers
[ 32- 63]: 6300324
[ 64- 127]: 10145201
[ 128- 255]: 2919020
[ 256- 511]: 2166135
[ 512- 1023]: 1960096
[ 1024- 2047]: 13146070
Protocol Breakdown
![[protocol breakdown chart]](201004191400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 36636846 (100.00%) 22556609401 (100.00%) 615.68
ip 36580811 ( 99.85%) 22541298066 ( 99.93%) 616.21
tcp 22426925 ( 61.21%) 15098097314 ( 66.93%) 673.21
http(s) 8135400 ( 22.21%) 10717341637 ( 47.51%) 1317.37
http(c) 6187537 ( 16.89%) 914382939 ( 4.05%) 147.78
squid 346871 ( 0.95%) 101048666 ( 0.45%) 291.31
smtp 394270 ( 1.08%) 107557112 ( 0.48%) 272.80
nntp 1 ( 0.00%) 60 ( 0.00%) 60.00
ftp 35273 ( 0.10%) 5073520 ( 0.02%) 143.84
pop3 22788 ( 0.06%) 13103285 ( 0.06%) 575.01
imap 3447 ( 0.01%) 1214470 ( 0.01%) 352.33
telnet 1038 ( 0.00%) 145751 ( 0.00%) 140.42
ssh 1662999 ( 4.54%) 247267032 ( 1.10%) 148.69
dns 55003 ( 0.15%) 3803988 ( 0.02%) 69.16
bgp 385 ( 0.00%) 227323 ( 0.00%) 590.45
napster 483 ( 0.00%) 80374 ( 0.00%) 166.41
realaud 140 ( 0.00%) 18906 ( 0.00%) 135.04
rtsp 171488 ( 0.47%) 18073255 ( 0.08%) 105.39
icecast 29239 ( 0.08%) 16391177 ( 0.07%) 560.59
hotline 10 ( 0.00%) 618 ( 0.00%) 61.80
other 5380551 ( 14.69%) 2952367081 ( 13.09%) 548.71
udp 9202476 ( 25.12%) 4882905848 ( 21.65%) 530.61
dns 1149642 ( 3.14%) 436333364 ( 1.93%) 379.54
realaud 208 ( 0.00%) 18445 ( 0.00%) 88.68
halflif 63 ( 0.00%) 7095 ( 0.00%) 112.62
starcra 210 ( 0.00%) 25926 ( 0.00%) 123.46
everque 277477 ( 0.76%) 224290278 ( 0.99%) 808.32
unreal 53 ( 0.00%) 7264 ( 0.00%) 137.06
quake 24 ( 0.00%) 2578 ( 0.00%) 107.42
cuseeme 3 ( 0.00%) 231 ( 0.00%) 77.00
other 7774023 ( 21.22%) 4221889045 ( 18.72%) 543.08
icmp 691291 ( 1.89%) 80392983 ( 0.36%) 116.29
ipip 356 ( 0.00%) 43592 ( 0.00%) 122.45
ipsec 1922 ( 0.01%) 670220 ( 0.00%) 348.71
ip6 4226524 ( 11.54%) 2472952035 ( 10.96%) 585.10
other 31317 ( 0.09%) 6236074 ( 0.03%) 199.13
frag 4975 ( 0.01%) 4518820 ( 0.02%) 908.31
ip6 56035 ( 0.15%) 15311335 ( 0.07%) 273.25
tcp6 19065 ( 0.05%) 8201939 ( 0.04%) 430.21
http(s) 4054 ( 0.01%) 4975640 ( 0.02%) 1227.34
http(c) 3730 ( 0.01%) 340224 ( 0.00%) 91.21
smtp 380 ( 0.00%) 138778 ( 0.00%) 365.21
imap 406 ( 0.00%) 47398 ( 0.00%) 116.74
ssh 7572 ( 0.02%) 2102756 ( 0.01%) 277.70
dns 140 ( 0.00%) 35203 ( 0.00%) 251.45
bgp 127 ( 0.00%) 22954 ( 0.00%) 180.74
other 2656 ( 0.01%) 538986 ( 0.00%) 202.93
udp6 28949 ( 0.08%) 6071929 ( 0.03%) 209.75
dns 28450 ( 0.08%) 5987537 ( 0.03%) 210.46
other 499 ( 0.00%) 84392 ( 0.00%) 169.12
icmp6 7885 ( 0.02%) 946205 ( 0.00%) 120.00
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 106 ( 0.00%) 87182 ( 0.00%) 822.47
tcpdump file: 201004191400.dump.gz (952.91 MB)