Traffic Trace Info
DumpFile: 201005011400.dump
FileSize: 1976.23MB
Id: 201005011400
StartTime: Sat May 1 14:00:01 2010
EndTime: Sat May 1 14:15:01 2010
TotalTime: 899.80 seconds
TotalCapSize: 1547.68MB CapLen: 96 bytes
# of packets: 28085096 (17311.34MB)
AvgRate: 161.37Mbps stddev:13.36M
IP flow (unique src/dst pair) Information
# of flows: 749107 (avg. 37.49 pkts/flow)
Top 10 big flow size (bytes/total in %):
2.9% 2.3% 1.1% 1.0% 0.9% 0.9% 0.7% 0.7% 0.7% 0.7%
IP address Information
# of IPv4 addresses: 420134
Top 10 bandwidth usage (bytes/total in %):
16.5% 10.8% 7.2% 4.1% 3.7% 3.1% 3.0% 3.0% 3.0% 2.9%
# of IPv6 addresses: 1123
Top 10 bandwidth usage (bytes/total in %):
33.0% 7.3% 7.2% 6.0% 4.9% 4.9% 3.9% 3.9% 3.9% 3.7%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201005011400.pktlen.png)
detailed numbers
[ 32- 63]: 4446890
[ 64- 127]: 8309027
[ 128- 255]: 1704717
[ 256- 511]: 1804785
[ 512- 1023]: 842468
[ 1024- 2047]: 10977209
Protocol Breakdown
![[protocol breakdown chart]](201005011400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 28085096 (100.00%) 18152254071 (100.00%) 646.33
ip 28041868 ( 99.85%) 18145633712 ( 99.96%) 647.09
tcp 15474698 ( 55.10%) 12013063653 ( 66.18%) 776.30
http(s) 7060248 ( 25.14%) 9651886192 ( 53.17%) 1367.07
http(c) 4614635 ( 16.43%) 501079753 ( 2.76%) 108.58
squid 341976 ( 1.22%) 65985664 ( 0.36%) 192.95
smtp 255596 ( 0.91%) 49757519 ( 0.27%) 194.67
nntp 1 ( 0.00%) 60 ( 0.00%) 60.00
ftp 18574 ( 0.07%) 2499720 ( 0.01%) 134.58
pop3 8488 ( 0.03%) 6378033 ( 0.04%) 751.42
imap 2495 ( 0.01%) 487679 ( 0.00%) 195.46
telnet 2270 ( 0.01%) 214398 ( 0.00%) 94.45
ssh 20197 ( 0.07%) 2348046 ( 0.01%) 116.26
dns 18701 ( 0.07%) 1315423 ( 0.01%) 70.34
bgp 133 ( 0.00%) 45288 ( 0.00%) 340.51
napster 29 ( 0.00%) 4264 ( 0.00%) 147.03
realaud 100 ( 0.00%) 15001 ( 0.00%) 150.01
rtsp 173974 ( 0.62%) 73042068 ( 0.40%) 419.84
icecast 6139 ( 0.02%) 3082525 ( 0.02%) 502.12
hotline 21 ( 0.00%) 2331 ( 0.00%) 111.00
other 2951117 ( 10.51%) 1654919449 ( 9.12%) 560.78
udp 8337675 ( 29.69%) 4081605995 ( 22.49%) 489.54
dns 606910 ( 2.16%) 111522425 ( 0.61%) 183.75
realaud 7249 ( 0.03%) 5679396 ( 0.03%) 783.47
halflif 35 ( 0.00%) 3654 ( 0.00%) 104.40
starcra 113 ( 0.00%) 11379 ( 0.00%) 100.70
everque 2213 ( 0.01%) 1176536 ( 0.01%) 531.65
unreal 130 ( 0.00%) 23737 ( 0.00%) 182.59
quake 20 ( 0.00%) 2034 ( 0.00%) 101.70
cuseeme 5 ( 0.00%) 508 ( 0.00%) 101.60
other 7720799 ( 27.49%) 3963096677 ( 21.83%) 513.30
icmp 595577 ( 2.12%) 70927086 ( 0.39%) 119.09
ipip 332 ( 0.00%) 43104 ( 0.00%) 129.83
ipsec 852 ( 0.00%) 159592 ( 0.00%) 187.31
ip6 3623998 ( 12.90%) 1972690136 ( 10.87%) 544.34
other 8736 ( 0.03%) 7144146 ( 0.04%) 817.78
frag 1433 ( 0.01%) 1404414 ( 0.01%) 980.05
ip6 43228 ( 0.15%) 6620359 ( 0.04%) 153.15
tcp6 16941 ( 0.06%) 2050397 ( 0.01%) 121.03
http(s) 28 ( 0.00%) 8400 ( 0.00%) 300.00
http(c) 4457 ( 0.02%) 352444 ( 0.00%) 79.08
smtp 46 ( 0.00%) 5012 ( 0.00%) 108.96
ftp 2499 ( 0.01%) 253113 ( 0.00%) 101.29
imap 309 ( 0.00%) 35861 ( 0.00%) 116.06
ssh 1806 ( 0.01%) 328372 ( 0.00%) 181.82
dns 11 ( 0.00%) 4501 ( 0.00%) 409.18
bgp 106 ( 0.00%) 13351 ( 0.00%) 125.95
other 7679 ( 0.03%) 1049343 ( 0.01%) 136.65
udp6 22695 ( 0.08%) 4025119 ( 0.02%) 177.36
dns 22425 ( 0.08%) 3978055 ( 0.02%) 177.39
realaud 3 ( 0.00%) 504 ( 0.00%) 168.00
other 267 ( 0.00%) 46560 ( 0.00%) 174.38
icmp6 3434 ( 0.01%) 414784 ( 0.00%) 120.79
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 128 ( 0.00%) 125979 ( 0.00%) 984.21
tcpdump file: 201005011400.dump.gz (726.90 MB)