Traffic Trace Info
DumpFile: 201008161400.dump
FileSize: 2410.41MB
Id: 201008161400
StartTime: Mon Aug 16 14:00:01 2010
EndTime: Mon Aug 16 14:15:01 2010
TotalTime: 899.71 seconds
TotalCapSize: 1893.45MB CapLen: 96 bytes
# of packets: 33878901 (20729.30MB)
AvgRate: 193.21Mbps stddev:31.49M
IP flow (unique src/dst pair) Information
# of flows: 796514 (avg. 42.53 pkts/flow)
Top 10 big flow size (bytes/total in %):
2.2% 2.0% 2.0% 1.2% 1.1% 0.9% 0.9% 0.8% 0.8% 0.8%
IP address Information
# of IPv4 addresses: 449542
Top 10 bandwidth usage (bytes/total in %):
14.4% 11.5% 7.9% 6.8% 3.0% 2.2% 2.2% 2.2% 2.1% 2.0%
# of IPv6 addresses: 1898
Top 10 bandwidth usage (bytes/total in %):
53.9% 53.8% 10.7% 10.7% 9.8% 9.8% 2.5% 2.5% 2.5% 2.5%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201008161400.pktlen.png)
detailed numbers
[ 32- 63]: 5869884
[ 64- 127]: 10342950
[ 128- 255]: 1967207
[ 256- 511]: 1483306
[ 512- 1023]: 902018
[ 1024- 2047]: 13313536
Protocol Breakdown
![[protocol breakdown chart]](201008161400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 33878901 (100.00%) 21736251366 (100.00%) 641.59
ip 33790518 ( 99.74%) 21681040667 ( 99.75%) 641.63
tcp 22416390 ( 66.17%) 15665450409 ( 72.07%) 698.84
http(s) 9118296 ( 26.91%) 12396227530 ( 57.03%) 1359.49
http(c) 7182901 ( 21.20%) 933253175 ( 4.29%) 129.93
squid 336484 ( 0.99%) 102675580 ( 0.47%) 305.14
smtp 251919 ( 0.74%) 69713814 ( 0.32%) 276.73
nntp 1 ( 0.00%) 60 ( 0.00%) 60.00
ftp 18660 ( 0.06%) 8186903 ( 0.04%) 438.74
pop3 11252 ( 0.03%) 5816713 ( 0.03%) 516.95
imap 5708 ( 0.02%) 1014164 ( 0.00%) 177.67
telnet 3245 ( 0.01%) 235898 ( 0.00%) 72.70
ssh 1905874 ( 5.63%) 288576267 ( 1.33%) 151.41
dns 3336 ( 0.01%) 317872 ( 0.00%) 95.29
bgp 154 ( 0.00%) 61926 ( 0.00%) 402.12
napster 62 ( 0.00%) 4688 ( 0.00%) 75.61
realaud 98 ( 0.00%) 9488 ( 0.00%) 96.82
rtsp 1029 ( 0.00%) 676491 ( 0.00%) 657.43
icecast 12562 ( 0.04%) 2080051 ( 0.01%) 165.58
other 3564802 ( 10.52%) 1856599369 ( 8.54%) 520.81
udp 8253514 ( 24.36%) 4257816813 ( 19.59%) 515.88
dns 935572 ( 2.76%) 188267455 ( 0.87%) 201.23
rip 2 ( 0.00%) 120 ( 0.00%) 60.00
realaud 23 ( 0.00%) 3044 ( 0.00%) 132.35
halflif 82 ( 0.00%) 12143 ( 0.00%) 148.09
starcra 42 ( 0.00%) 4218 ( 0.00%) 100.43
everque 499 ( 0.00%) 102156 ( 0.00%) 204.72
unreal 56 ( 0.00%) 9523 ( 0.00%) 170.05
quake 22 ( 0.00%) 2283 ( 0.00%) 103.77
cuseeme 3 ( 0.00%) 247 ( 0.00%) 82.33
other 7316889 ( 21.60%) 4069278607 ( 18.72%) 556.15
icmp 328702 ( 0.97%) 26497291 ( 0.12%) 80.61
ipip 360 ( 0.00%) 42948 ( 0.00%) 119.30
ipsec 372 ( 0.00%) 63288 ( 0.00%) 170.13
ip6 2790258 ( 8.24%) 1731024814 ( 7.96%) 620.38
other 922 ( 0.00%) 145104 ( 0.00%) 157.38
frag 3591 ( 0.01%) 2963808 ( 0.01%) 825.34
ip6 88383 ( 0.26%) 55210699 ( 0.25%) 624.68
tcp6 55178 ( 0.16%) 43976039 ( 0.20%) 796.99
http(s) 954 ( 0.00%) 951971 ( 0.00%) 997.87
http(c) 3883 ( 0.01%) 534108 ( 0.00%) 137.55
squid 16 ( 0.00%) 3577 ( 0.00%) 223.56
smtp 270 ( 0.00%) 89542 ( 0.00%) 331.64
imap 419 ( 0.00%) 49244 ( 0.00%) 117.53
dns 367 ( 0.00%) 52232 ( 0.00%) 142.32
bgp 114 ( 0.00%) 15454 ( 0.00%) 135.56
other 49155 ( 0.15%) 42279911 ( 0.19%) 860.13
udp6 21241 ( 0.06%) 5060815 ( 0.02%) 238.26
dns 16330 ( 0.05%) 4030714 ( 0.02%) 246.83
starcra 1 ( 0.00%) 120 ( 0.00%) 120.00
quake 1 ( 0.00%) 122 ( 0.00%) 122.00
other 4909 ( 0.01%) 1029859 ( 0.00%) 209.79
icmp6 4438 ( 0.01%) 870558 ( 0.00%) 196.16
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 7496 ( 0.02%) 5299207 ( 0.02%) 706.94
tcpdump file: 201008161400.dump.gz (897.24 MB)