Traffic Trace Info
DumpFile: 201005111400.dump
FileSize: 2923.94MB
Id: 201005111400
StartTime: Tue May 11 14:00:01 2010
EndTime: Tue May 11 14:15:00 2010
TotalTime: 899.26 seconds
TotalCapSize: -1803.11MB CapLen: 96 bytes
# of packets: 41356011 (27174.41MB)
AvgRate: 253.54Mbps stddev:40.76M
IP flow (unique src/dst pair) Information
# of flows: 945917 (avg. 43.72 pkts/flow)
Top 10 big flow size (bytes/total in %):
4.9% 2.6% 1.5% 1.1% 1.0% 1.0% 1.0% 1.0% 0.9% 0.8%
IP address Information
# of IPv4 addresses: 508869
Top 10 bandwidth usage (bytes/total in %):
12.0% 9.5% 6.8% 5.1% 5.0% 5.0% 4.9% 3.6% 2.7% 1.8%
# of IPv6 addresses: 1130
Top 10 bandwidth usage (bytes/total in %):
17.5% 14.2% 9.6% 8.7% 6.2% 6.0% 5.6% 5.6% 4.8% 4.3%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201005111400.pktlen.png)
detailed numbers
[ 32- 63]: 7098735
[ 64- 127]: 10754502
[ 128- 255]: 2903745
[ 256- 511]: 1996234
[ 512- 1023]: 1018473
[ 1024- 2047]: 17584322
Protocol Breakdown
![[protocol breakdown chart]](201005111400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 41356011 (100.00%) 28494436721 (100.00%) 689.00
ip 41313876 ( 99.90%) 28484143954 ( 99.96%) 689.46
tcp 25936720 ( 62.72%) 20695176655 ( 72.63%) 797.91
http(s) 10020393 ( 24.23%) 13369681534 ( 46.92%) 1334.25
http(c) 8084875 ( 19.55%) 1859633252 ( 6.53%) 230.01
squid 425419 ( 1.03%) 152068298 ( 0.53%) 357.46
smtp 453441 ( 1.10%) 248622846 ( 0.87%) 548.30
ftp 1460808 ( 3.53%) 1417039792 ( 4.97%) 970.04
pop3 19948 ( 0.05%) 8853958 ( 0.03%) 443.85
imap 15006 ( 0.04%) 13169434 ( 0.05%) 877.61
telnet 2255 ( 0.01%) 166960 ( 0.00%) 74.04
ssh 95530 ( 0.23%) 22847634 ( 0.08%) 239.17
dns 21077 ( 0.05%) 1460269 ( 0.01%) 69.28
bgp 200 ( 0.00%) 87990 ( 0.00%) 439.95
napster 151 ( 0.00%) 13553 ( 0.00%) 89.75
realaud 30 ( 0.00%) 3223 ( 0.00%) 107.43
rtsp 169393 ( 0.41%) 10539290 ( 0.04%) 62.22
icecast 27241 ( 0.07%) 23113705 ( 0.08%) 848.49
hotline 14 ( 0.00%) 1915 ( 0.00%) 136.79
other 5140934 ( 12.43%) 3567872702 ( 12.52%) 694.01
udp 10354360 ( 25.04%) 5001008675 ( 17.55%) 482.99
dns 810595 ( 1.96%) 142188866 ( 0.50%) 175.41
realaud 1894 ( 0.00%) 969063 ( 0.00%) 511.65
halflif 1487 ( 0.00%) 336704 ( 0.00%) 226.43
starcra 171 ( 0.00%) 24050 ( 0.00%) 140.64
everque 788 ( 0.00%) 149375 ( 0.00%) 189.56
unreal 53 ( 0.00%) 7271 ( 0.00%) 137.19
quake 18 ( 0.00%) 2305 ( 0.00%) 128.06
cuseeme 330 ( 0.00%) 60199 ( 0.00%) 182.42
other 9538642 ( 23.06%) 4857072394 ( 17.05%) 509.20
icmp 429657 ( 1.04%) 36349222 ( 0.13%) 84.60
ipip 332 ( 0.00%) 39048 ( 0.00%) 117.61
ipsec 147659 ( 0.36%) 18828386 ( 0.07%) 127.51
ip6 4417718 ( 10.68%) 2726344636 ( 9.57%) 617.14
other 27430 ( 0.07%) 6397332 ( 0.02%) 233.22
frag 1921 ( 0.00%) 1915975 ( 0.01%) 997.38
ip6 42135 ( 0.10%) 10292767 ( 0.04%) 244.28
tcp6 8699 ( 0.02%) 3341769 ( 0.01%) 384.16
http(s) 1473 ( 0.00%) 1995968 ( 0.01%) 1355.04
http(c) 2071 ( 0.01%) 199538 ( 0.00%) 96.35
squid 22 ( 0.00%) 1848 ( 0.00%) 84.00
smtp 173 ( 0.00%) 73899 ( 0.00%) 427.16
imap 436 ( 0.00%) 52270 ( 0.00%) 119.89
ssh 909 ( 0.00%) 593390 ( 0.00%) 652.79
dns 207 ( 0.00%) 62214 ( 0.00%) 300.55
bgp 121 ( 0.00%) 19159 ( 0.00%) 158.34
other 3287 ( 0.01%) 343483 ( 0.00%) 104.50
udp6 28326 ( 0.07%) 6260100 ( 0.02%) 221.00
dns 28049 ( 0.07%) 6219610 ( 0.02%) 221.74
other 277 ( 0.00%) 40490 ( 0.00%) 146.17
icmp6 4978 ( 0.01%) 603679 ( 0.00%) 121.27
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 102 ( 0.00%) 83139 ( 0.00%) 815.09
tcpdump file: 201005111400.dump.gz (1037.23 MB)