Traffic Trace Info
DumpFile: 201005211400.dump
FileSize: 3073.55MB
Id: 201005211400
StartTime: Fri May 21 14:00:01 2010
EndTime: Fri May 21 14:15:00 2010
TotalTime: 898.79 seconds
TotalCapSize: -1680.87MB CapLen: 96 bytes
# of packets: 43147978 (29026.23MB)
AvgRate: 270.96Mbps stddev:41.57M
IP flow (unique src/dst pair) Information
# of flows: 1062093 (avg. 40.63 pkts/flow)
Top 10 big flow size (bytes/total in %):
13.9% 2.4% 2.0% 1.4% 1.2% 1.0% 0.7% 0.7% 0.7% 0.5%
IP address Information
# of IPv4 addresses: 592913
Top 10 bandwidth usage (bytes/total in %):
13.9% 13.9% 10.6% 7.2% 6.7% 4.9% 2.7% 2.4% 2.4% 2.1%
# of IPv6 addresses: 1060
Top 10 bandwidth usage (bytes/total in %):
12.5% 12.5% 11.6% 10.9% 9.5% 8.0% 4.5% 4.1% 4.0% 3.7%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201005211400.pktlen.png)
detailed numbers
[ 32- 63]: 6540967
[ 64- 127]: 11847398
[ 128- 255]: 2612601
[ 256- 511]: 2150570
[ 512- 1023]: 1527589
[ 1024- 2047]: 18468853
Protocol Breakdown
![[protocol breakdown chart]](201005211400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 43147978 (100.00%) 30436206722 (100.00%) 705.39
ip 43114836 ( 99.92%) 30429241682 ( 99.98%) 705.77
tcp 28976408 ( 67.16%) 23381551572 ( 76.82%) 806.92
http(s) 12564160 ( 29.12%) 17276960581 ( 56.76%) 1375.10
http(c) 8050205 ( 18.66%) 1763938696 ( 5.80%) 219.12
squid 518938 ( 1.20%) 168204855 ( 0.55%) 324.13
smtp 356517 ( 0.83%) 161387555 ( 0.53%) 452.68
nntp 107 ( 0.00%) 7519 ( 0.00%) 70.27
ftp 26222 ( 0.06%) 7236670 ( 0.02%) 275.98
pop3 13623 ( 0.03%) 4756996 ( 0.02%) 349.19
imap 3637 ( 0.01%) 1077494 ( 0.00%) 296.26
telnet 1724 ( 0.00%) 127858 ( 0.00%) 74.16
ssh 1679293 ( 3.89%) 318700566 ( 1.05%) 189.78
dns 653651 ( 1.51%) 644290113 ( 2.12%) 985.68
bgp 186 ( 0.00%) 91702 ( 0.00%) 493.02
napster 48 ( 0.00%) 5934 ( 0.00%) 123.62
realaud 124 ( 0.00%) 11861 ( 0.00%) 95.65
rtsp 113758 ( 0.26%) 19191922 ( 0.06%) 168.71
icecast 37678 ( 0.09%) 23853111 ( 0.08%) 633.08
hotline 17 ( 0.00%) 3008 ( 0.00%) 176.94
other 4956515 ( 11.49%) 2991704831 ( 9.83%) 603.59
udp 9571539 ( 22.18%) 4764854892 ( 15.66%) 497.81
dns 794619 ( 1.84%) 146501118 ( 0.48%) 184.37
realaud 2677 ( 0.01%) 3030215 ( 0.01%) 1131.94
halflif 101 ( 0.00%) 13675 ( 0.00%) 135.40
starcra 128 ( 0.00%) 22061 ( 0.00%) 172.35
everque 608 ( 0.00%) 112417 ( 0.00%) 184.90
unreal 101 ( 0.00%) 15955 ( 0.00%) 157.97
quake 36 ( 0.00%) 4525 ( 0.00%) 125.69
cuseeme 3 ( 0.00%) 326 ( 0.00%) 108.67
other 8773002 ( 20.33%) 4615065129 ( 15.16%) 526.05
icmp 505820 ( 1.17%) 75135542 ( 0.25%) 148.54
ipip 355 ( 0.00%) 42808 ( 0.00%) 120.59
ipsec 633 ( 0.00%) 153206 ( 0.00%) 242.03
ip6 4048918 ( 9.38%) 2204743659 ( 7.24%) 544.53
other 11163 ( 0.03%) 2760003 ( 0.01%) 247.25
frag 1890 ( 0.00%) 1776578 ( 0.01%) 939.99
ip6 33142 ( 0.08%) 6965040 ( 0.02%) 210.16
tcp6 6229 ( 0.01%) 769831 ( 0.00%) 123.59
http(s) 57 ( 0.00%) 28067 ( 0.00%) 492.40
http(c) 1593 ( 0.00%) 157889 ( 0.00%) 99.11
smtp 262 ( 0.00%) 102962 ( 0.00%) 392.98
imap 370 ( 0.00%) 43637 ( 0.00%) 117.94
ssh 45 ( 0.00%) 11518 ( 0.00%) 255.96
dns 293 ( 0.00%) 57564 ( 0.00%) 196.46
bgp 125 ( 0.00%) 20253 ( 0.00%) 162.02
other 3484 ( 0.01%) 347941 ( 0.00%) 99.87
udp6 20364 ( 0.05%) 5228846 ( 0.02%) 256.77
dns 20116 ( 0.05%) 5184178 ( 0.02%) 257.71
other 248 ( 0.00%) 44668 ( 0.00%) 180.11
icmp6 6410 ( 0.01%) 865263 ( 0.00%) 134.99
pim6 31 ( 0.00%) 4216 ( 0.00%) 136.00
other6 108 ( 0.00%) 96884 ( 0.00%) 897.07
tcpdump file: 201005211400.dump.gz (1130.57 MB)