Traffic Trace Info
DumpFile: 201007271400.dump
FileSize: 2548.87MB
Id: 201007271400
StartTime: Tue Jul 27 14:00:01 2010
EndTime: Tue Jul 27 14:15:01 2010
TotalTime: 900.18 seconds
TotalCapSize: 2000.52MB CapLen: 96 bytes
# of packets: 35935828 (22931.94MB)
AvgRate: 213.72Mbps stddev:18.88M
IP flow (unique src/dst pair) Information
# of flows: 891849 (avg. 40.29 pkts/flow)
Top 10 big flow size (bytes/total in %):
2.4% 2.2% 1.8% 1.3% 1.1% 1.0% 0.9% 0.9% 0.7% 0.7%
IP address Information
# of IPv4 addresses: 478968
Top 10 bandwidth usage (bytes/total in %):
12.2% 8.6% 7.9% 4.3% 2.7% 2.7% 2.5% 2.5% 2.4% 2.4%
# of IPv6 addresses: 2097
Top 10 bandwidth usage (bytes/total in %):
35.1% 35.1% 14.6% 14.5% 12.0% 12.0% 7.3% 7.2% 3.1% 3.1%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201007271400.pktlen.png)
detailed numbers
[ 32- 63]: 5508079
[ 64- 127]: 10868604
[ 128- 255]: 2198661
[ 256- 511]: 1740509
[ 512- 1023]: 991485
[ 1024- 2047]: 14628490
Protocol Breakdown
![[protocol breakdown chart]](201007271400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 35935828 (100.00%) 24045880787 (100.00%) 669.13
ip 35820084 ( 99.68%) 23969578163 ( 99.68%) 669.17
tcp 22732449 ( 63.26%) 17757830387 ( 73.85%) 781.17
http(s) 9620033 ( 26.77%) 12874187932 ( 53.54%) 1338.27
http(c) 6985215 ( 19.44%) 869124164 ( 3.61%) 124.42
squid 854537 ( 2.38%) 708610775 ( 2.95%) 829.23
smtp 531355 ( 1.48%) 150734178 ( 0.63%) 283.68
nntp 57 ( 0.00%) 5883 ( 0.00%) 103.21
ftp 78290 ( 0.22%) 11807931 ( 0.05%) 150.82
pop3 14127 ( 0.04%) 5540825 ( 0.02%) 392.22
imap 53083 ( 0.15%) 72449826 ( 0.30%) 1364.84
telnet 2111 ( 0.01%) 188177 ( 0.00%) 89.14
ssh 92288 ( 0.26%) 17247204 ( 0.07%) 186.88
dns 3133 ( 0.01%) 236028 ( 0.00%) 75.34
bgp 170 ( 0.00%) 65888 ( 0.00%) 387.58
napster 19 ( 0.00%) 1956 ( 0.00%) 102.95
realaud 54 ( 0.00%) 9737 ( 0.00%) 180.31
rtsp 16399 ( 0.05%) 15642267 ( 0.07%) 953.85
icecast 32891 ( 0.09%) 23594686 ( 0.10%) 717.36
hotline 89 ( 0.00%) 7006 ( 0.00%) 78.72
other 4448595 ( 12.38%) 3008375744 ( 12.51%) 676.25
udp 8454100 ( 23.53%) 4184423331 ( 17.40%) 494.96
dns 1046459 ( 2.91%) 205942645 ( 0.86%) 196.80
rip 1 ( 0.00%) 60 ( 0.00%) 60.00
realaud 27 ( 0.00%) 3575 ( 0.00%) 132.41
halflif 264 ( 0.00%) 19618 ( 0.00%) 74.31
starcra 50 ( 0.00%) 6161 ( 0.00%) 123.22
everque 15739 ( 0.04%) 3244032 ( 0.01%) 206.11
unreal 38 ( 0.00%) 5242 ( 0.00%) 137.95
quake 1959 ( 0.01%) 389848 ( 0.00%) 199.00
cuseeme 4 ( 0.00%) 556 ( 0.00%) 139.00
other 7388964 ( 20.56%) 3974672494 ( 16.53%) 537.92
icmp 1148627 ( 3.20%) 107803464 ( 0.45%) 93.85
ipip 359 ( 0.00%) 42472 ( 0.00%) 118.31
ipsec 4980 ( 0.01%) 744936 ( 0.00%) 149.59
ip6 3478875 ( 9.68%) 1918631045 ( 7.98%) 551.51
other 694 ( 0.00%) 102528 ( 0.00%) 147.73
frag 4589 ( 0.01%) 3400860 ( 0.01%) 741.09
ip6 115744 ( 0.32%) 76302624 ( 0.32%) 659.24
tcp6 79471 ( 0.22%) 66931069 ( 0.28%) 842.21
http(s) 823 ( 0.00%) 808804 ( 0.00%) 982.75
http(c) 1036 ( 0.00%) 113325 ( 0.00%) 109.39
squid 12 ( 0.00%) 1016 ( 0.00%) 84.67
smtp 138 ( 0.00%) 61598 ( 0.00%) 446.36
ftp 168 ( 0.00%) 17282 ( 0.00%) 102.87
pop3 22 ( 0.00%) 2028 ( 0.00%) 92.18
imap 336 ( 0.00%) 38757 ( 0.00%) 115.35
dns 217 ( 0.00%) 32418 ( 0.00%) 149.39
bgp 123 ( 0.00%) 18675 ( 0.00%) 151.83
other 76596 ( 0.21%) 65837166 ( 0.27%) 859.54
udp6 29852 ( 0.08%) 6943230 ( 0.03%) 232.59
dns 17122 ( 0.05%) 4238066 ( 0.02%) 247.52
starcra 3 ( 0.00%) 676 ( 0.00%) 225.33
other 12727 ( 0.04%) 2704488 ( 0.01%) 212.50
icmp6 4256 ( 0.01%) 886157 ( 0.00%) 208.21
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 2135 ( 0.01%) 1538088 ( 0.01%) 720.42
tcpdump file: 201007271400.dump.gz (935.88 MB)