Traffic Trace Info
DumpFile: 201006151400.dump
FileSize: 2183.74MB
Id: 201006151400
StartTime: Tue Jun 15 14:00:01 2010
EndTime: Tue Jun 15 14:15:00 2010
TotalTime: 899.26 seconds
TotalCapSize: 1717.63MB CapLen: 96 bytes
# of packets: 30546339 (18511.39MB)
AvgRate: 172.70Mbps stddev:14.87M
IP flow (unique src/dst pair) Information
# of flows: 752904 (avg. 40.57 pkts/flow)
Top 10 big flow size (bytes/total in %):
2.2% 1.5% 1.4% 1.3% 1.3% 1.0% 1.0% 0.8% 0.8% 0.8%
IP address Information
# of IPv4 addresses: 428882
Top 10 bandwidth usage (bytes/total in %):
13.4% 12.3% 3.9% 3.9% 3.6% 3.5% 3.1% 2.4% 2.4% 2.2%
# of IPv6 addresses: 1121
Top 10 bandwidth usage (bytes/total in %):
26.6% 22.6% 10.1% 7.5% 7.3% 5.5% 4.3% 4.0% 3.9% 2.8%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201006151400.pktlen.png)
detailed numbers
[ 32- 63]: 5092930
[ 64- 127]: 8586592
[ 128- 255]: 2434193
[ 256- 511]: 1485812
[ 512- 1023]: 1124557
[ 1024- 2047]: 11822255
Protocol Breakdown
![[protocol breakdown chart]](201006151400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 30546339 (100.00%) 19410599945 (100.00%) 635.45
ip 30514221 ( 99.89%) 19402366279 ( 99.96%) 635.85
tcp 18364749 ( 60.12%) 13112604111 ( 67.55%) 714.01
http(s) 7356012 ( 24.08%) 9484210753 ( 48.86%) 1289.31
http(c) 5728437 ( 18.75%) 808794627 ( 4.17%) 141.19
squid 217669 ( 0.71%) 94267108 ( 0.49%) 433.08
smtp 287008 ( 0.94%) 86023138 ( 0.44%) 299.72
nntp 2 ( 0.00%) 122 ( 0.00%) 61.00
ftp 22975 ( 0.08%) 7388690 ( 0.04%) 321.60
pop3 14546 ( 0.05%) 4162011 ( 0.02%) 286.13
imap 3466 ( 0.01%) 1382445 ( 0.01%) 398.86
telnet 607 ( 0.00%) 42517 ( 0.00%) 70.04
ssh 919657 ( 3.01%) 131635702 ( 0.68%) 143.14
dns 48366 ( 0.16%) 3315788 ( 0.02%) 68.56
bgp 152 ( 0.00%) 57138 ( 0.00%) 375.91
napster 44 ( 0.00%) 6371 ( 0.00%) 144.80
realaud 26 ( 0.00%) 7611 ( 0.00%) 292.73
rtsp 17070 ( 0.06%) 15668453 ( 0.08%) 917.89
icecast 29346 ( 0.10%) 27566011 ( 0.14%) 939.34
hotline 30 ( 0.00%) 4848 ( 0.00%) 161.60
other 3719335 ( 12.18%) 2448070718 ( 12.61%) 658.20
udp 7910528 ( 25.90%) 3865785637 ( 19.92%) 488.69
dns 834736 ( 2.73%) 173273623 ( 0.89%) 207.58
realaud 18 ( 0.00%) 3002 ( 0.00%) 166.78
halflif 491 ( 0.00%) 50031 ( 0.00%) 101.90
starcra 78 ( 0.00%) 10623 ( 0.00%) 136.19
everque 13605 ( 0.04%) 3059795 ( 0.02%) 224.90
unreal 19 ( 0.00%) 3732 ( 0.00%) 196.42
quake 24 ( 0.00%) 2070 ( 0.00%) 86.25
cuseeme 2 ( 0.00%) 218 ( 0.00%) 109.00
other 7061321 ( 23.12%) 3689303046 ( 19.01%) 522.47
icmp 264255 ( 0.87%) 21563340 ( 0.11%) 81.60
ipip 159 ( 0.00%) 20018 ( 0.00%) 125.90
ipsec 854 ( 0.00%) 460320 ( 0.00%) 539.02
ip6 3968187 ( 12.99%) 2401155263 ( 12.37%) 605.10
other 5489 ( 0.02%) 777590 ( 0.00%) 141.66
frag 1169 ( 0.00%) 1083653 ( 0.01%) 926.99
ip6 32118 ( 0.11%) 8233666 ( 0.04%) 256.36
tcp6 11187 ( 0.04%) 3124882 ( 0.02%) 279.33
http(s) 168 ( 0.00%) 139693 ( 0.00%) 831.51
http(c) 1687 ( 0.01%) 163291 ( 0.00%) 96.79
smtp 250 ( 0.00%) 88815 ( 0.00%) 355.26
imap 308 ( 0.00%) 34528 ( 0.00%) 112.10
ssh 4590 ( 0.02%) 2202820 ( 0.01%) 479.92
dns 247 ( 0.00%) 51078 ( 0.00%) 206.79
bgp 118 ( 0.00%) 16192 ( 0.00%) 137.22
other 3819 ( 0.01%) 428465 ( 0.00%) 112.19
udp6 16271 ( 0.05%) 4293371 ( 0.02%) 263.87
dns 15997 ( 0.05%) 4246757 ( 0.02%) 265.47
other 274 ( 0.00%) 46614 ( 0.00%) 170.12
icmp6 4536 ( 0.01%) 728942 ( 0.00%) 160.70
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 94 ( 0.00%) 82391 ( 0.00%) 876.50
tcpdump file: 201006151400.dump.gz (797.68 MB)