Traffic Trace Info


DumpFile: 201008131400.dump
FileSize: 2357.34MB
Id: 201008131400
StartTime: Fri Aug 13 14:00:00 2010
EndTime: Fri Aug 13 14:15:01 2010
TotalTime: 900.73 seconds
TotalCapSize: 1859.04MB CapLen: 96 bytes
# of packets: 32656214 (21948.16MB)
AvgRate: 204.42Mbps stddev:33.54M

IP flow (unique src/dst pair) Information

# of flows: 758649 (avg. 43.05 pkts/flow)
Top 10 big flow size (bytes/total in %):
12.6% 2.1% 2.1% 1.9% 1.5% 1.4% 1.3% 1.2% 1.1% 0.9%

IP address Information

# of IPv4 addresses: 432193
Top 10 bandwidth usage (bytes/total in %):
13.4% 13.0% 12.1% 8.8% 6.8% 3.3% 3.2% 3.2% 2.9% 2.7%
# of IPv6 addresses: 1739
Top 10 bandwidth usage (bytes/total in %):
10.8% 10.2% 7.0% 5.9% 5.9% 5.7% 5.6% 4.3% 4.3% 3.4%

Packet Size Distribution (including MAC headers)

[packet size distribution]
detailed numbers
 [   32-   63]:    5074794
 [   64-  127]:    8873722
 [  128-  255]:    2088070
 [  256-  511]:    1677981
 [  512- 1023]:     703126
 [ 1024- 2047]:   14238521


Protocol Breakdown

[protocol breakdown chart]

     protocol		packets			bytes		bytes/pkt
------------------------------------------------------------------------
 total         32656214 (100.00%)      23014308778 (100.00%)    704.75
 ip            32611906 ( 99.86%)      23005891604 ( 99.96%)    705.44
  tcp          22400605 ( 68.60%)      17456488726 ( 75.85%)    779.29
   http(s)      9910678 ( 30.35%)      13817719865 ( 60.04%)   1394.23
   http(c)      6526196 ( 19.98%)        961758549 (  4.18%)    147.37
   squid         448557 (  1.37%)        118032353 (  0.51%)    263.14
   smtp          266651 (  0.82%)         88310242 (  0.38%)    331.18
   nntp               2 (  0.00%)              120 (  0.00%)     60.00
   ftp            17502 (  0.05%)          7925895 (  0.03%)    452.86
   pop3            5579 (  0.02%)          2055277 (  0.01%)    368.40
   imap            3016 (  0.01%)          1515724 (  0.01%)    502.56
   telnet          1728 (  0.01%)           120856 (  0.00%)     69.94
   ssh           895081 (  2.74%)        104012541 (  0.45%)    116.20
   dns             3977 (  0.01%)           385749 (  0.00%)     96.99
   bgp              180 (  0.00%)            81567 (  0.00%)    453.15
   napster          106 (  0.00%)            29870 (  0.00%)    281.79
   realaud           65 (  0.00%)            12945 (  0.00%)    199.15
   rtsp           17472 (  0.05%)          7897289 (  0.03%)    452.00
   icecast          802 (  0.00%)            52707 (  0.00%)     65.72
   hotline            7 (  0.00%)              947 (  0.00%)    135.29
   other        4303006 ( 13.18%)       2346576230 ( 10.20%)    545.33
  udp           6354491 ( 19.46%)       3312874688 ( 14.39%)    521.34
   dns           760697 (  2.33%)        141725046 (  0.62%)    186.31
   rip                1 (  0.00%)               60 (  0.00%)     60.00
   realaud           12 (  0.00%)             1782 (  0.00%)    148.50
   halflif           53 (  0.00%)             4483 (  0.00%)     84.58
   starcra           14 (  0.00%)             1898 (  0.00%)    135.57
   everque          384 (  0.00%)           200624 (  0.00%)    522.46
   unreal            16 (  0.00%)             1792 (  0.00%)    112.00
   quake             23 (  0.00%)             2578 (  0.00%)    112.09
   cuseeme            3 (  0.00%)              245 (  0.00%)     81.67
   other        5593100 ( 17.13%)       3170772892 ( 13.78%)    566.91
  icmp           580196 (  1.78%)        136750443 (  0.59%)    235.70
  ipip              339 (  0.00%)            40522 (  0.00%)    119.53
  ipsec            6200 (  0.02%)           953504 (  0.00%)    153.79
  ip6           3219349 (  9.86%)       2033473969 (  8.84%)    631.64
  other           50726 (  0.16%)         65309752 (  0.28%)   1287.50
  frag              960 (  0.00%)          1076172 (  0.00%)   1121.01
 ip6              44308 (  0.14%)          8417174 (  0.04%)    189.97
  tcp6            17290 (  0.05%)          3480612 (  0.02%)    201.31
   http(s)          490 (  0.00%)           347205 (  0.00%)    708.58
   http(c)          696 (  0.00%)            76661 (  0.00%)    110.15
   smtp             106 (  0.00%)            42799 (  0.00%)    403.76
   imap             359 (  0.00%)            42665 (  0.00%)    118.84
   dns              274 (  0.00%)            36401 (  0.00%)    132.85
   bgp              113 (  0.00%)            16189 (  0.00%)    143.27
   other          15252 (  0.05%)          2918692 (  0.01%)    191.36
  udp6            22288 (  0.07%)          4023735 (  0.02%)    180.53
   dns            11958 (  0.04%)          2955767 (  0.01%)    247.18
   starcra           45 (  0.00%)             3722 (  0.00%)     82.71
   other          10285 (  0.03%)          1064246 (  0.00%)    103.48
  icmp6            4631 (  0.01%)           847165 (  0.00%)    182.93
  pim6               31 (  0.00%)             4216 (  0.00%)    136.00
  other6             68 (  0.00%)            61446 (  0.00%)    903.62


tcpdump file: 201008131400.dump.gz (824.04 MB)