Traffic Trace Info
DumpFile: 201008201400.dump
FileSize: 2337.07MB
Id: 201008201400
StartTime: Fri Aug 20 14:00:00 2010
EndTime: Fri Aug 20 14:15:01 2010
TotalTime: 900.23 seconds
TotalCapSize: 1833.80MB CapLen: 96 bytes
# of packets: 32974427 (22435.23MB)
AvgRate: 209.06Mbps stddev:20.65M
IP flow (unique src/dst pair) Information
# of flows: 1018693 (avg. 32.37 pkts/flow)
Top 10 big flow size (bytes/total in %):
2.2% 2.0% 1.9% 1.8% 1.0% 0.9% 0.9% 0.8% 0.8% 0.7%
IP address Information
# of IPv4 addresses: 599433
Top 10 bandwidth usage (bytes/total in %):
11.5% 11.3% 9.6% 4.6% 4.4% 3.9% 3.1% 2.9% 2.9% 2.3%
# of IPv6 addresses: 1948
Top 10 bandwidth usage (bytes/total in %):
81.2% 81.2% 11.2% 11.2% 1.5% 1.5% 0.6% 0.6% 0.5% 0.5%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201008201400.pktlen.png)
detailed numbers
[ 32- 63]: 6217600
[ 64- 127]: 8384121
[ 128- 255]: 1602438
[ 256- 511]: 1289953
[ 512- 1023]: 894139
[ 1024- 2047]: 14586176
Protocol Breakdown
![[protocol breakdown chart]](201008201400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 32974427 (100.00%) 23525042551 (100.00%) 713.43
ip 32798782 ( 99.47%) 23354935989 ( 99.28%) 712.07
tcp 24580693 ( 74.54%) 19189315751 ( 81.57%) 780.67
http(s) 11616140 ( 35.23%) 14932386377 ( 63.47%) 1285.49
http(c) 6222286 ( 18.87%) 882698038 ( 3.75%) 141.86
squid 246734 ( 0.75%) 97732165 ( 0.42%) 396.10
smtp 325243 ( 0.99%) 120946976 ( 0.51%) 371.87
nntp 2 ( 0.00%) 134 ( 0.00%) 67.00
ftp 33561 ( 0.10%) 19089204 ( 0.08%) 568.79
pop3 25857 ( 0.08%) 24167313 ( 0.10%) 934.65
imap 3082 ( 0.01%) 898318 ( 0.00%) 291.47
telnet 2267 ( 0.01%) 158791 ( 0.00%) 70.04
ssh 1115843 ( 3.38%) 156615097 ( 0.67%) 140.36
dns 2043 ( 0.01%) 250682 ( 0.00%) 122.70
bgp 171 ( 0.00%) 77661 ( 0.00%) 454.16
napster 33 ( 0.00%) 4809 ( 0.00%) 145.73
realaud 27 ( 0.00%) 2828 ( 0.00%) 104.74
rtsp 3944 ( 0.01%) 5892739 ( 0.03%) 1494.10
icecast 20759 ( 0.06%) 15674475 ( 0.07%) 755.07
hotline 18 ( 0.00%) 1922 ( 0.00%) 106.78
other 4962663 ( 15.05%) 2932717022 ( 12.47%) 590.96
udp 5966921 ( 18.10%) 3017806502 ( 12.83%) 505.76
dns 939261 ( 2.85%) 194674655 ( 0.83%) 207.26
rip 1 ( 0.00%) 60 ( 0.00%) 60.00
realaud 4260 ( 0.01%) 3742322 ( 0.02%) 878.48
halflif 32 ( 0.00%) 3558 ( 0.00%) 111.19
starcra 44 ( 0.00%) 5196 ( 0.00%) 118.09
everque 430 ( 0.00%) 66981 ( 0.00%) 155.77
unreal 73 ( 0.00%) 13147 ( 0.00%) 180.10
quake 26 ( 0.00%) 2529 ( 0.00%) 97.27
cuseeme 5 ( 0.00%) 454 ( 0.00%) 90.80
other 5019371 ( 15.22%) 2818961946 ( 11.98%) 561.62
icmp 487981 ( 1.48%) 52670853 ( 0.22%) 107.94
ipip 381 ( 0.00%) 45486 ( 0.00%) 119.39
ipsec 5376 ( 0.02%) 797568 ( 0.00%) 148.36
ip6 1756788 ( 5.33%) 1094212040 ( 4.65%) 622.85
other 642 ( 0.00%) 87789 ( 0.00%) 136.74
frag 12240 ( 0.04%) 10221893 ( 0.04%) 835.12
ip6 175645 ( 0.53%) 170106562 ( 0.72%) 968.47
tcp6 154316 ( 0.47%) 164773326 ( 0.70%) 1067.77
http(s) 640 ( 0.00%) 574705 ( 0.00%) 897.98
http(c) 939 ( 0.00%) 103949 ( 0.00%) 110.70
smtp 228 ( 0.00%) 38900 ( 0.00%) 170.61
ftp 25 ( 0.00%) 2329 ( 0.00%) 93.16
imap 310 ( 0.00%) 37314 ( 0.00%) 120.37
ssh 37 ( 0.00%) 9518 ( 0.00%) 257.24
dns 230 ( 0.00%) 22313 ( 0.00%) 97.01
bgp 95 ( 0.00%) 16664 ( 0.00%) 175.41
other 151812 ( 0.46%) 163967634 ( 0.70%) 1080.07
udp6 16664 ( 0.05%) 4205884 ( 0.02%) 252.39
dns 14149 ( 0.04%) 3749703 ( 0.02%) 265.02
other 2515 ( 0.01%) 456181 ( 0.00%) 181.38
icmp6 4239 ( 0.01%) 807388 ( 0.00%) 190.47
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 396 ( 0.00%) 315884 ( 0.00%) 797.69
tcpdump file: 201008201400.dump.gz (844.34 MB)