Traffic Trace Info
DumpFile: 201009161400.dump
FileSize: 2384.23MB
Id: 201009161400
StartTime: Thu Sep 16 14:00:01 2010
EndTime: Thu Sep 16 14:15:01 2010
TotalTime: 900.05 seconds
TotalCapSize: 1870.69MB CapLen: 96 bytes
# of packets: 33655008 (22979.45MB)
AvgRate: 214.19Mbps stddev:26.36M
IP flow (unique src/dst pair) Information
# of flows: 892464 (avg. 37.71 pkts/flow)
Top 10 big flow size (bytes/total in %):
1.4% 1.2% 1.1% 1.1% 1.0% 1.0% 1.0% 0.9% 0.9% 0.9%
IP address Information
# of IPv4 addresses: 482640
Top 10 bandwidth usage (bytes/total in %):
11.8% 10.1% 8.3% 5.3% 5.1% 3.6% 2.0% 1.8% 1.8% 1.5%
# of IPv6 addresses: 2157
Top 10 bandwidth usage (bytes/total in %):
26.0% 17.2% 8.8% 5.8% 5.7% 5.7% 3.8% 3.8% 2.4% 2.4%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201009161400.pktlen.png)
detailed numbers
[ 32- 63]: 5508865
[ 64- 127]: 8929625
[ 128- 255]: 1611056
[ 256- 511]: 1703027
[ 512- 1023]: 937036
[ 1024- 2047]: 14965399
Protocol Breakdown
![[protocol breakdown chart]](201009161400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 33655008 (100.00%) 24095695862 (100.00%) 715.96
ip 33572572 ( 99.76%) 24071728728 ( 99.90%) 717.01
tcp 20905166 ( 62.12%) 16912358217 ( 70.19%) 809.00
http(s) 9665477 ( 28.72%) 12694839022 ( 52.69%) 1313.42
http(c) 6401342 ( 19.02%) 1330035307 ( 5.52%) 207.77
squid 263948 ( 0.78%) 84438123 ( 0.35%) 319.90
smtp 336470 ( 1.00%) 113872214 ( 0.47%) 338.43
ftp 42394 ( 0.13%) 3219905 ( 0.01%) 75.95
pop3 18553 ( 0.06%) 11448358 ( 0.05%) 617.06
imap 4404 ( 0.01%) 1212671 ( 0.01%) 275.36
telnet 1696 ( 0.01%) 124151 ( 0.00%) 73.20
ssh 91002 ( 0.27%) 12223928 ( 0.05%) 134.33
dns 3561 ( 0.01%) 344377 ( 0.00%) 96.71
bgp 1509 ( 0.00%) 1358866 ( 0.01%) 900.51
napster 56 ( 0.00%) 6038 ( 0.00%) 107.82
realaud 23 ( 0.00%) 2456 ( 0.00%) 106.78
rtsp 2549 ( 0.01%) 2418259 ( 0.01%) 948.71
icecast 1222 ( 0.00%) 532320 ( 0.00%) 435.61
hotline 87 ( 0.00%) 6274 ( 0.00%) 72.11
other 4070864 ( 12.10%) 2656275408 ( 11.02%) 652.51
udp 9295576 ( 27.62%) 5042728220 ( 20.93%) 542.49
dns 1506806 ( 4.48%) 239537538 ( 0.99%) 158.97
realaud 12 ( 0.00%) 920 ( 0.00%) 76.67
halflif 82 ( 0.00%) 13061 ( 0.00%) 159.28
starcra 53 ( 0.00%) 5630 ( 0.00%) 106.23
everque 7599 ( 0.02%) 853941 ( 0.00%) 112.38
unreal 95 ( 0.00%) 44272 ( 0.00%) 466.02
quake 10 ( 0.00%) 1180 ( 0.00%) 118.00
cuseeme 13 ( 0.00%) 1310 ( 0.00%) 100.77
other 7779168 ( 23.11%) 4801980016 ( 19.93%) 617.29
icmp 432228 ( 1.28%) 109624005 ( 0.45%) 253.63
ipip 148 ( 0.00%) 17492 ( 0.00%) 118.19
ipsec 9063 ( 0.03%) 1337418 ( 0.01%) 147.57
ip6 2909933 ( 8.65%) 2001419649 ( 8.31%) 687.79
other 20458 ( 0.06%) 4243727 ( 0.02%) 207.44
frag 8526 ( 0.03%) 5812948 ( 0.02%) 681.79
ip6 82436 ( 0.24%) 23967134 ( 0.10%) 290.74
tcp6 19752 ( 0.06%) 9561458 ( 0.04%) 484.08
http(s) 1116 ( 0.00%) 985737 ( 0.00%) 883.28
http(c) 2876 ( 0.01%) 365935 ( 0.00%) 127.24
smtp 58 ( 0.00%) 7897 ( 0.00%) 136.16
ftp 3 ( 0.00%) 234 ( 0.00%) 78.00
ssh 1598 ( 0.00%) 922704 ( 0.00%) 577.41
dns 62 ( 0.00%) 13836 ( 0.00%) 223.16
bgp 102 ( 0.00%) 20878 ( 0.00%) 204.69
other 13937 ( 0.04%) 7244237 ( 0.03%) 519.78
udp6 54604 ( 0.16%) 12991855 ( 0.05%) 237.93
dns 45627 ( 0.14%) 11786680 ( 0.05%) 258.33
halflif 1 ( 0.00%) 107 ( 0.00%) 107.00
other 8976 ( 0.03%) 1205068 ( 0.01%) 134.25
icmp6 7732 ( 0.02%) 1169034 ( 0.00%) 151.19
pim6 31 ( 0.00%) 4216 ( 0.00%) 136.00
other6 317 ( 0.00%) 240571 ( 0.00%) 758.90
tcpdump file: 201009161400.dump.gz (850.85 MB)