Traffic Trace Info
DumpFile: 201008251400.dump
FileSize: 2112.58MB
Id: 201008251400
StartTime: Wed Aug 25 14:00:01 2010
EndTime: Wed Aug 25 14:15:00 2010
TotalTime: 899.13 seconds
TotalCapSize: 1656.50MB CapLen: 96 bytes
# of packets: 29888810 (20841.26MB)
AvgRate: 194.45Mbps stddev:18.64M
IP flow (unique src/dst pair) Information
# of flows: 782450 (avg. 38.20 pkts/flow)
Top 10 big flow size (bytes/total in %):
6.4% 2.4% 1.8% 1.7% 1.6% 1.0% 1.0% 0.9% 0.9% 0.7%
IP address Information
# of IPv4 addresses: 432669
Top 10 bandwidth usage (bytes/total in %):
11.2% 10.1% 9.1% 7.8% 6.8% 6.6% 4.1% 2.5% 1.8% 1.8%
# of IPv6 addresses: 1926
Top 10 bandwidth usage (bytes/total in %):
25.8% 20.2% 15.2% 15.2% 13.7% 12.1% 5.0% 4.8% 4.2% 4.2%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201008251400.pktlen.png)
detailed numbers
[ 32- 63]: 5246881
[ 64- 127]: 7199099
[ 128- 255]: 1575835
[ 256- 511]: 1302621
[ 512- 1023]: 844229
[ 1024- 2047]: 13720145
Protocol Breakdown
![[protocol breakdown chart]](201008251400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 29888810 (100.00%) 21853643594 (100.00%) 731.16
ip 29804473 ( 99.72%) 21818168067 ( 99.84%) 732.04
tcp 20155775 ( 67.44%) 16558674071 ( 75.77%) 821.53
http(s) 8577483 ( 28.70%) 11365988124 ( 52.01%) 1325.10
http(c) 5115264 ( 17.11%) 817404294 ( 3.74%) 159.80
squid 193325 ( 0.65%) 81712352 ( 0.37%) 422.67
smtp 230321 ( 0.77%) 71145919 ( 0.33%) 308.90
ftp 85624 ( 0.29%) 31862303 ( 0.15%) 372.12
pop3 26993 ( 0.09%) 27404146 ( 0.13%) 1015.23
imap 5413 ( 0.02%) 2410473 ( 0.01%) 445.31
telnet 1278 ( 0.00%) 92142 ( 0.00%) 72.10
ssh 23133 ( 0.08%) 3337322 ( 0.02%) 144.27
dns 2126 ( 0.01%) 263631 ( 0.00%) 124.00
bgp 173 ( 0.00%) 81577 ( 0.00%) 471.54
napster 56 ( 0.00%) 28712 ( 0.00%) 512.71
realaud 30 ( 0.00%) 4686 ( 0.00%) 156.20
rtsp 76737 ( 0.26%) 72098649 ( 0.33%) 939.56
icecast 613 ( 0.00%) 45558 ( 0.00%) 74.32
hotline 24 ( 0.00%) 7835 ( 0.00%) 326.46
other 5817178 ( 19.46%) 4084786108 ( 18.69%) 702.19
udp 6973932 ( 23.33%) 3659379373 ( 16.74%) 524.72
dns 769824 ( 2.58%) 145538623 ( 0.67%) 189.05
realaud 968 ( 0.00%) 64314 ( 0.00%) 66.44
halflif 56 ( 0.00%) 7054 ( 0.00%) 125.96
starcra 98 ( 0.00%) 12301 ( 0.00%) 125.52
everque 2308 ( 0.01%) 336499 ( 0.00%) 145.80
unreal 40 ( 0.00%) 6316 ( 0.00%) 157.90
quake 15 ( 0.00%) 1438 ( 0.00%) 95.87
cuseeme 4 ( 0.00%) 352 ( 0.00%) 88.00
other 6200503 ( 20.75%) 3513303752 ( 16.08%) 566.62
icmp 401474 ( 1.34%) 89724536 ( 0.41%) 223.49
ipip 354 ( 0.00%) 43092 ( 0.00%) 121.73
ipsec 13023 ( 0.04%) 6446810 ( 0.03%) 495.03
ip6 2259553 ( 7.56%) 1503856557 ( 6.88%) 665.55
other 362 ( 0.00%) 43628 ( 0.00%) 120.52
frag 996 ( 0.00%) 1110888 ( 0.01%) 1115.35
ip6 84337 ( 0.28%) 35475527 ( 0.16%) 420.64
tcp6 34835 ( 0.12%) 22655179 ( 0.10%) 650.36
http(s) 843 ( 0.00%) 897596 ( 0.00%) 1064.76
http(c) 2854 ( 0.01%) 1642814 ( 0.01%) 575.62
smtp 362 ( 0.00%) 158555 ( 0.00%) 438.00
imap 275 ( 0.00%) 32997 ( 0.00%) 119.99
dns 264 ( 0.00%) 32737 ( 0.00%) 124.00
bgp 92 ( 0.00%) 14632 ( 0.00%) 159.04
other 30145 ( 0.10%) 19875848 ( 0.09%) 659.34
udp6 43354 ( 0.15%) 11668802 ( 0.05%) 269.15
dns 41402 ( 0.14%) 11385653 ( 0.05%) 275.00
everque 1 ( 0.00%) 116 ( 0.00%) 116.00
quake 2 ( 0.00%) 216 ( 0.00%) 108.00
other 1949 ( 0.01%) 282817 ( 0.00%) 145.11
icmp6 5973 ( 0.02%) 1017167 ( 0.00%) 170.29
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 145 ( 0.00%) 130299 ( 0.00%) 898.61
tcpdump file: 201008251400.dump.gz (744.17 MB)