Traffic Trace Info
DumpFile: 201004291400.dump
FileSize: 1966.03MB
Id: 201004291400
StartTime: Thu Apr 29 14:00:01 2010
EndTime: Thu Apr 29 14:15:01 2010
TotalTime: 900.27 seconds
TotalCapSize: 1540.38MB CapLen: 96 bytes
# of packets: 27894830 (16847.41MB)
AvgRate: 156.98Mbps stddev:11.49M
IP flow (unique src/dst pair) Information
# of flows: 759271 (avg. 36.74 pkts/flow)
Top 10 big flow size (bytes/total in %):
1.4% 1.2% 1.0% 1.0% 0.7% 0.7% 0.7% 0.7% 0.7% 0.6%
IP address Information
# of IPv4 addresses: 424356
Top 10 bandwidth usage (bytes/total in %):
17.8% 12.8% 6.2% 5.5% 4.8% 4.1% 2.9% 1.9% 1.9% 1.7%
# of IPv6 addresses: 1141
Top 10 bandwidth usage (bytes/total in %):
23.3% 15.0% 9.1% 6.9% 6.0% 5.2% 3.5% 3.5% 3.3% 3.2%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004291400.pktlen.png)
detailed numbers
[ 32- 63]: 4333840
[ 64- 127]: 7804999
[ 128- 255]: 2367699
[ 256- 511]: 1938934
[ 512- 1023]: 928136
[ 1024- 2047]: 10521222
Protocol Breakdown
![[protocol breakdown chart]](201004291400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 27894830 (100.00%) 17665790447 (100.00%) 633.30
ip 27847920 ( 99.83%) 17656385724 ( 99.95%) 634.03
tcp 15216531 ( 54.55%) 11288055504 ( 63.90%) 741.83
http(s) 6579272 ( 23.59%) 8920918557 ( 50.50%) 1355.91
http(c) 4545614 ( 16.30%) 496919465 ( 2.81%) 109.32
squid 542201 ( 1.94%) 288261635 ( 1.63%) 531.65
smtp 284309 ( 1.02%) 55394426 ( 0.31%) 194.84
nntp 206 ( 0.00%) 75341 ( 0.00%) 365.73
ftp 10473 ( 0.04%) 1225959 ( 0.01%) 117.06
pop3 13234 ( 0.05%) 8997888 ( 0.05%) 679.91
imap 3972 ( 0.01%) 2964939 ( 0.02%) 746.46
telnet 3196 ( 0.01%) 274420 ( 0.00%) 85.86
ssh 611891 ( 2.19%) 92945661 ( 0.53%) 151.90
dns 18395 ( 0.07%) 1301778 ( 0.01%) 70.77
bgp 160 ( 0.00%) 62679 ( 0.00%) 391.74
napster 36 ( 0.00%) 4267 ( 0.00%) 118.53
realaud 94 ( 0.00%) 15436 ( 0.00%) 164.21
rtsp 13702 ( 0.05%) 13728136 ( 0.08%) 1001.91
icecast 22307 ( 0.08%) 16983645 ( 0.10%) 761.36
hotline 6 ( 0.00%) 428 ( 0.00%) 71.33
other 2567457 ( 9.20%) 1387980484 ( 7.86%) 540.61
udp 8250565 ( 29.58%) 4048629080 ( 22.92%) 490.71
dns 674661 ( 2.42%) 127180863 ( 0.72%) 188.51
realaud 3904 ( 0.01%) 2363748 ( 0.01%) 605.47
halflif 60 ( 0.00%) 6332 ( 0.00%) 105.53
starcra 277 ( 0.00%) 38368 ( 0.00%) 138.51
everque 365 ( 0.00%) 57759 ( 0.00%) 158.24
unreal 91 ( 0.00%) 18392 ( 0.00%) 202.11
quake 19 ( 0.00%) 1842 ( 0.00%) 96.95
cuseeme 5 ( 0.00%) 784 ( 0.00%) 156.80
other 7570109 ( 27.14%) 3918558258 ( 22.18%) 517.64
icmp 449840 ( 1.61%) 57342137 ( 0.32%) 127.47
ipip 386 ( 0.00%) 48100 ( 0.00%) 124.61
ipsec 908 ( 0.00%) 183680 ( 0.00%) 202.29
ip6 3925215 ( 14.07%) 2261534077 ( 12.80%) 576.16
other 4475 ( 0.02%) 593146 ( 0.00%) 132.55
frag 5428 ( 0.02%) 5235771 ( 0.03%) 964.59
ip6 46910 ( 0.17%) 9404723 ( 0.05%) 200.48
tcp6 14331 ( 0.05%) 1995391 ( 0.01%) 139.24
http(s) 56 ( 0.00%) 14546 ( 0.00%) 259.75
http(c) 1165 ( 0.00%) 109580 ( 0.00%) 94.06
smtp 59 ( 0.00%) 28916 ( 0.00%) 490.10
ftp 1653 ( 0.01%) 159678 ( 0.00%) 96.60
ssh 1843 ( 0.01%) 333282 ( 0.00%) 180.84
dns 225 ( 0.00%) 94955 ( 0.00%) 422.02
bgp 119 ( 0.00%) 16906 ( 0.00%) 142.07
other 9211 ( 0.03%) 1237528 ( 0.01%) 134.35
udp6 28942 ( 0.10%) 6698228 ( 0.04%) 231.44
dns 28593 ( 0.10%) 6640672 ( 0.04%) 232.25
realaud 1 ( 0.00%) 168 ( 0.00%) 168.00
other 348 ( 0.00%) 57388 ( 0.00%) 164.91
icmp6 3329 ( 0.01%) 418680 ( 0.00%) 125.77
pim6 31 ( 0.00%) 4216 ( 0.00%) 136.00
other6 277 ( 0.00%) 288208 ( 0.00%) 1040.46
tcpdump file: 201004291400.dump.gz (727.51 MB)