Traffic Trace Info
DumpFile: 201009211400.dump
FileSize: 2034.65MB
Id: 201009211400
StartTime: Tue Sep 21 14:00:01 2010
EndTime: Tue Sep 21 14:15:00 2010
TotalTime: 899.37 seconds
TotalCapSize: 1602.95MB CapLen: 96 bytes
# of packets: 28291105 (20950.22MB)
AvgRate: 195.44Mbps stddev:28.19M
IP flow (unique src/dst pair) Information
# of flows: 918257 (avg. 30.81 pkts/flow)
Top 10 big flow size (bytes/total in %):
3.7% 2.0% 1.9% 1.9% 1.9% 1.8% 1.7% 1.7% 1.7% 1.6%
IP address Information
# of IPv4 addresses: 486217
Top 10 bandwidth usage (bytes/total in %):
13.4% 7.2% 6.8% 3.8% 3.7% 2.9% 2.2% 2.2% 2.2% 2.2%
# of IPv6 addresses: 2414
Top 10 bandwidth usage (bytes/total in %):
20.1% 11.7% 11.7% 9.6% 8.3% 6.7% 6.7% 6.6% 6.6% 6.0%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201009211400.pktlen.png)
detailed numbers
[ 32- 63]: 5460983
[ 64- 127]: 6357397
[ 128- 255]: 1396366
[ 256- 511]: 711248
[ 512- 1023]: 722738
[ 1024- 2047]: 13642373
Protocol Breakdown
![[protocol breakdown chart]](201009211400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 28291105 (100.00%) 21967902856 (100.00%) 776.50
ip 28190416 ( 99.64%) 21932292676 ( 99.84%) 778.01
tcp 24220271 ( 85.61%) 20959932284 ( 95.41%) 865.39
http(s) 11496336 ( 40.64%) 15543382739 ( 70.75%) 1352.03
http(c) 5947224 ( 21.02%) 771804257 ( 3.51%) 129.78
squid 290472 ( 1.03%) 108618978 ( 0.49%) 373.94
smtp 290245 ( 1.03%) 124575969 ( 0.57%) 429.21
nntp 18 ( 0.00%) 1098 ( 0.00%) 61.00
ftp 26848 ( 0.09%) 3230861 ( 0.01%) 120.34
pop3 36208 ( 0.13%) 25122078 ( 0.11%) 693.83
imap 6597 ( 0.02%) 2971995 ( 0.01%) 450.51
telnet 578 ( 0.00%) 39925 ( 0.00%) 69.07
ssh 43274 ( 0.15%) 18202796 ( 0.08%) 420.64
dns 3320 ( 0.01%) 335268 ( 0.00%) 100.98
bgp 157 ( 0.00%) 68695 ( 0.00%) 437.55
napster 72 ( 0.00%) 6531 ( 0.00%) 90.71
realaud 275 ( 0.00%) 24128 ( 0.00%) 87.74
rtsp 1408 ( 0.00%) 1339027 ( 0.01%) 951.01
icecast 42545 ( 0.15%) 37530859 ( 0.17%) 882.14
hotline 9 ( 0.00%) 689 ( 0.00%) 76.56
other 6034664 ( 21.33%) 4322675131 ( 19.68%) 716.31
udp 3173566 ( 11.22%) 819502220 ( 3.73%) 258.23
dns 1497247 ( 5.29%) 240240425 ( 1.09%) 160.45
realaud 22 ( 0.00%) 1887 ( 0.00%) 85.77
halflif 38 ( 0.00%) 4674 ( 0.00%) 123.00
starcra 48 ( 0.00%) 7899 ( 0.00%) 164.56
everque 8019 ( 0.03%) 905327 ( 0.00%) 112.90
unreal 37 ( 0.00%) 7459 ( 0.00%) 201.59
quake 25 ( 0.00%) 4987 ( 0.00%) 199.48
cuseeme 4 ( 0.00%) 389 ( 0.00%) 97.25
other 1668071 ( 5.90%) 578295840 ( 2.63%) 346.69
icmp 406894 ( 1.44%) 91678658 ( 0.42%) 225.31
ipip 158 ( 0.00%) 18052 ( 0.00%) 114.25
ipsec 9876 ( 0.03%) 1613704 ( 0.01%) 163.40
ip6 374945 ( 1.33%) 58932875 ( 0.27%) 157.18
other 4706 ( 0.02%) 614883 ( 0.00%) 130.66
frag 587 ( 0.00%) 500460 ( 0.00%) 852.57
ip6 100689 ( 0.36%) 35610180 ( 0.16%) 353.67
tcp6 41465 ( 0.15%) 19359166 ( 0.09%) 466.88
http(s) 3461 ( 0.01%) 4105089 ( 0.02%) 1186.10
http(c) 1177 ( 0.00%) 192359 ( 0.00%) 163.43
smtp 842 ( 0.00%) 185844 ( 0.00%) 220.72
ssh 88 ( 0.00%) 17312 ( 0.00%) 196.73
dns 100 ( 0.00%) 26162 ( 0.00%) 261.62
bgp 92 ( 0.00%) 15944 ( 0.00%) 173.30
other 35705 ( 0.13%) 14816456 ( 0.07%) 414.97
udp6 45948 ( 0.16%) 12180872 ( 0.06%) 265.10
dns 39801 ( 0.14%) 11266051 ( 0.05%) 283.06
everque 1 ( 0.00%) 97 ( 0.00%) 97.00
other 6146 ( 0.02%) 914724 ( 0.00%) 148.83
icmp6 9381 ( 0.03%) 1325137 ( 0.01%) 141.26
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 3865 ( 0.01%) 2740925 ( 0.01%) 709.17
tcpdump file: 201009211400.dump.gz (703.85 MB)