Traffic Trace Info
DumpFile: 201008191400.dump
FileSize: 2643.51MB
Id: 201008191400
StartTime: Thu Aug 19 14:00:01 2010
EndTime: Thu Aug 19 14:15:01 2010
TotalTime: 899.87 seconds
TotalCapSize: -2011.39MB CapLen: 96 bytes
# of packets: 36627628 (25669.64MB)
AvgRate: 239.33Mbps stddev:25.92M
IP flow (unique src/dst pair) Information
# of flows: 1111562 (avg. 32.95 pkts/flow)
Top 10 big flow size (bytes/total in %):
3.4% 3.0% 2.9% 2.9% 1.7% 1.7% 1.4% 1.3% 1.2% 1.1%
IP address Information
# of IPv4 addresses: 657353
Top 10 bandwidth usage (bytes/total in %):
13.9% 10.8% 8.6% 5.9% 5.4% 3.5% 3.5% 3.1% 3.0% 3.0%
# of IPv6 addresses: 1979
Top 10 bandwidth usage (bytes/total in %):
31.9% 31.9% 19.5% 19.5% 9.7% 8.2% 4.1% 4.1% 2.9% 2.9%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201008191400.pktlen.png)
detailed numbers
[ 32- 63]: 4823822
[ 64- 127]: 10911777
[ 128- 255]: 1960730
[ 256- 511]: 1209755
[ 512- 1023]: 909959
[ 1024- 2047]: 16811585
Protocol Breakdown
![[protocol breakdown chart]](201008191400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 36627628 (100.00%) 26916569789 (100.00%) 734.87
ip 36550825 ( 99.79%) 26875283122 ( 99.85%) 735.29
tcp 26000010 ( 70.98%) 21280938732 ( 79.06%) 818.50
http(s) 13113341 ( 35.80%) 17871280732 ( 66.40%) 1362.83
http(c) 7597018 ( 20.74%) 1292465098 ( 4.80%) 170.13
squid 239245 ( 0.65%) 84998082 ( 0.32%) 355.28
smtp 305309 ( 0.83%) 126453929 ( 0.47%) 414.18
nntp 9 ( 0.00%) 558 ( 0.00%) 62.00
ftp 84177 ( 0.23%) 10697913 ( 0.04%) 127.09
pop3 13141 ( 0.04%) 3781937 ( 0.01%) 287.80
imap 6358 ( 0.02%) 4424425 ( 0.02%) 695.88
telnet 1803 ( 0.00%) 129116 ( 0.00%) 71.61
ssh 1068386 ( 2.92%) 133403973 ( 0.50%) 124.86
dns 4640 ( 0.01%) 395838 ( 0.00%) 85.31
bgp 171 ( 0.00%) 73369 ( 0.00%) 429.06
napster 33 ( 0.00%) 4372 ( 0.00%) 132.48
realaud 59 ( 0.00%) 10664 ( 0.00%) 180.75
rtsp 6537 ( 0.02%) 7780412 ( 0.03%) 1190.21
icecast 14497 ( 0.04%) 15215805 ( 0.06%) 1049.58
hotline 7 ( 0.00%) 988 ( 0.00%) 141.14
other 3545278 ( 9.68%) 1729821461 ( 6.43%) 487.92
udp 7629313 ( 20.83%) 4099135316 ( 15.23%) 537.29
dns 1327067 ( 3.62%) 204592813 ( 0.76%) 154.17
realaud 52 ( 0.00%) 6706 ( 0.00%) 128.96
halflif 82 ( 0.00%) 14978 ( 0.00%) 182.66
starcra 23261 ( 0.06%) 1592225 ( 0.01%) 68.45
everque 572 ( 0.00%) 128380 ( 0.00%) 224.44
unreal 48 ( 0.00%) 5790 ( 0.00%) 120.62
quake 16 ( 0.00%) 1889 ( 0.00%) 118.06
cuseeme 5 ( 0.00%) 521 ( 0.00%) 104.20
other 6278103 ( 17.14%) 3892698795 ( 14.46%) 620.04
icmp 512429 ( 1.40%) 40021672 ( 0.15%) 78.10
ipip 355 ( 0.00%) 42654 ( 0.00%) 120.15
ipsec 5441 ( 0.01%) 815686 ( 0.00%) 149.91
ip6 2402369 ( 6.56%) 1454187434 ( 5.40%) 605.31
other 908 ( 0.00%) 141628 ( 0.00%) 155.98
frag 626 ( 0.00%) 693549 ( 0.00%) 1107.91
ip6 76803 ( 0.21%) 41286667 ( 0.15%) 537.57
tcp6 50300 ( 0.14%) 33773571 ( 0.13%) 671.44
http(s) 1102 ( 0.00%) 1119214 ( 0.00%) 1015.62
http(c) 4753 ( 0.01%) 737241 ( 0.00%) 155.11
smtp 454 ( 0.00%) 98934 ( 0.00%) 217.92
imap 262 ( 0.00%) 30941 ( 0.00%) 118.10
ssh 40 ( 0.00%) 10720 ( 0.00%) 268.00
dns 253 ( 0.00%) 39927 ( 0.00%) 157.81
bgp 123 ( 0.00%) 22895 ( 0.00%) 186.14
other 43313 ( 0.12%) 31713699 ( 0.12%) 732.20
udp6 20471 ( 0.06%) 4976770 ( 0.02%) 243.11
dns 16986 ( 0.05%) 4353616 ( 0.02%) 256.31
realaud 1 ( 0.00%) 107 ( 0.00%) 107.00
everque 59 ( 0.00%) 7920 ( 0.00%) 134.24
other 3425 ( 0.01%) 615127 ( 0.00%) 179.60
icmp6 3584 ( 0.01%) 782256 ( 0.00%) 218.26
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 2418 ( 0.01%) 1749990 ( 0.01%) 723.73
tcpdump file: 201008191400.dump.gz (908.24 MB)