Traffic Trace Info
DumpFile: 201004231400.dump
FileSize: 2365.59MB
Id: 201004231400
StartTime: Fri Apr 23 14:00:00 2010
EndTime: Fri Apr 23 14:15:00 2010
TotalTime: 900.03 seconds
TotalCapSize: 1848.59MB CapLen: 96 bytes
# of packets: 33881144 (22586.09MB)
AvgRate: 210.46Mbps stddev:22.63M
IP flow (unique src/dst pair) Information
# of flows: 1142861 (avg. 29.65 pkts/flow)
Top 10 big flow size (bytes/total in %):
4.9% 2.6% 2.3% 1.1% 1.1% 0.9% 0.9% 0.8% 0.8% 0.7%
IP address Information
# of IPv4 addresses: 616189
Top 10 bandwidth usage (bytes/total in %):
16.8% 7.7% 6.6% 5.0% 3.7% 2.7% 2.7% 2.7% 2.6% 2.5%
# of IPv6 addresses: 1107
Top 10 bandwidth usage (bytes/total in %):
26.0% 8.1% 7.8% 7.2% 7.2% 4.2% 4.1% 4.1% 3.7% 3.7%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004231400.pktlen.png)
detailed numbers
[ 32- 63]: 5484450
[ 64- 127]: 8778831
[ 128- 255]: 2077685
[ 256- 511]: 1973597
[ 512- 1023]: 900777
[ 1024- 2047]: 14665804
Protocol Breakdown
![[protocol breakdown chart]](201004231400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 33881144 (100.00%) 23683231147 (100.00%) 699.01
ip 33840261 ( 99.88%) 23674815901 ( 99.96%) 699.61
tcp 20336477 ( 60.02%) 16234443845 ( 68.55%) 798.29
http(s) 9533804 ( 28.14%) 12894146603 ( 54.44%) 1352.47
http(c) 5894474 ( 17.40%) 767630946 ( 3.24%) 130.23
squid 268115 ( 0.79%) 68991676 ( 0.29%) 257.32
smtp 308556 ( 0.91%) 80299960 ( 0.34%) 260.24
ftp 31786 ( 0.09%) 4207060 ( 0.02%) 132.36
pop3 15991 ( 0.05%) 10021078 ( 0.04%) 626.67
imap 2228 ( 0.01%) 1169935 ( 0.00%) 525.11
telnet 9088 ( 0.03%) 722586 ( 0.00%) 79.51
ssh 108053 ( 0.32%) 14165585 ( 0.06%) 131.10
dns 19955 ( 0.06%) 1410001 ( 0.01%) 70.66
bgp 203 ( 0.00%) 89113 ( 0.00%) 438.98
napster 52 ( 0.00%) 7085 ( 0.00%) 136.25
realaud 27 ( 0.00%) 5865 ( 0.00%) 217.22
rtsp 8124 ( 0.02%) 7830375 ( 0.03%) 963.86
icecast 139264 ( 0.41%) 140625895 ( 0.59%) 1009.78
hotline 8 ( 0.00%) 4812 ( 0.00%) 601.50
other 3996744 ( 11.80%) 2243114970 ( 9.47%) 561.24
udp 9947133 ( 29.36%) 5758422680 ( 24.31%) 578.90
dns 683327 ( 2.02%) 119282888 ( 0.50%) 174.56
rip 11 ( 0.00%) 859 ( 0.00%) 78.09
realaud 938 ( 0.00%) 56738 ( 0.00%) 60.49
halflif 49 ( 0.00%) 3850 ( 0.00%) 78.57
starcra 227 ( 0.00%) 22844 ( 0.00%) 100.63
everque 627 ( 0.00%) 106570 ( 0.00%) 169.97
unreal 114 ( 0.00%) 15209 ( 0.00%) 133.41
quake 22 ( 0.00%) 2069 ( 0.00%) 94.05
cuseeme 8 ( 0.00%) 1059 ( 0.00%) 132.38
other 9258531 ( 27.33%) 5637900595 ( 23.81%) 608.94
icmp 672002 ( 1.98%) 75792303 ( 0.32%) 112.79
ipip 345 ( 0.00%) 43022 ( 0.00%) 124.70
ipsec 5508 ( 0.02%) 2764976 ( 0.01%) 501.99
ip6 2847448 ( 8.40%) 1598136435 ( 6.75%) 561.25
other 31348 ( 0.09%) 5212640 ( 0.02%) 166.28
frag 13570 ( 0.04%) 10709813 ( 0.05%) 789.23
ip6 40883 ( 0.12%) 8415246 ( 0.04%) 205.84
tcp6 6374 ( 0.02%) 1948909 ( 0.01%) 305.76
http(s) 772 ( 0.00%) 952899 ( 0.00%) 1234.33
http(c) 1417 ( 0.00%) 137160 ( 0.00%) 96.80
smtp 214 ( 0.00%) 55905 ( 0.00%) 261.24
imap 286 ( 0.00%) 32879 ( 0.00%) 114.96
ssh 1996 ( 0.01%) 345960 ( 0.00%) 173.33
dns 78 ( 0.00%) 20412 ( 0.00%) 261.69
bgp 140 ( 0.00%) 32382 ( 0.00%) 231.30
other 1471 ( 0.00%) 371312 ( 0.00%) 252.42
udp6 28264 ( 0.08%) 5609384 ( 0.02%) 198.46
dns 27985 ( 0.08%) 5551978 ( 0.02%) 198.39
realaud 2 ( 0.00%) 336 ( 0.00%) 168.00
other 277 ( 0.00%) 57070 ( 0.00%) 206.03
icmp6 6151 ( 0.02%) 797448 ( 0.00%) 129.65
pim6 31 ( 0.00%) 4216 ( 0.00%) 136.00
other6 63 ( 0.00%) 55289 ( 0.00%) 877.60
tcpdump file: 201004231400.dump.gz (838.30 MB)