Traffic Trace Info
DumpFile: 201009231400.dump
FileSize: 2073.14MB
Id: 201009231400
StartTime: Thu Sep 23 14:00:01 2010
EndTime: Thu Sep 23 14:15:00 2010
TotalTime: 899.50 seconds
TotalCapSize: 1634.07MB CapLen: 96 bytes
# of packets: 28763137 (22669.58MB)
AvgRate: 211.39Mbps stddev:25.89M
IP flow (unique src/dst pair) Information
# of flows: 795762 (avg. 36.15 pkts/flow)
Top 10 big flow size (bytes/total in %):
3.3% 3.1% 3.1% 2.6% 2.5% 2.2% 2.2% 2.0% 1.9% 1.8%
IP address Information
# of IPv4 addresses: 444559
Top 10 bandwidth usage (bytes/total in %):
21.5% 8.5% 7.1% 3.8% 3.4% 3.3% 3.1% 3.1% 2.6% 2.5%
# of IPv6 addresses: 2564
Top 10 bandwidth usage (bytes/total in %):
19.8% 17.4% 11.1% 11.1% 10.9% 6.9% 6.8% 5.7% 5.7% 4.6%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201009231400.pktlen.png)
detailed numbers
[ 32- 63]: 4544167
[ 64- 127]: 6500344
[ 128- 255]: 1163097
[ 256- 511]: 679800
[ 512- 1023]: 1008931
[ 1024- 2047]: 14866798
Protocol Breakdown
![[protocol breakdown chart]](201009231400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 28763137 (100.00%) 23770775519 (100.00%) 826.43
ip 28653498 ( 99.62%) 23739240902 ( 99.87%) 828.49
tcp 24436312 ( 84.96%) 22331573574 ( 93.95%) 913.87
http(s) 13626396 ( 47.37%) 18389056927 ( 77.36%) 1349.52
http(c) 5877995 ( 20.44%) 650754341 ( 2.74%) 110.71
squid 222800 ( 0.77%) 98739588 ( 0.42%) 443.18
smtp 194645 ( 0.68%) 36826218 ( 0.15%) 189.20
nntp 1 ( 0.00%) 60 ( 0.00%) 60.00
ftp 49283 ( 0.17%) 4622909 ( 0.02%) 93.80
pop3 5177 ( 0.02%) 2530164 ( 0.01%) 488.73
imap 2594 ( 0.01%) 967945 ( 0.00%) 373.15
telnet 984 ( 0.00%) 70885 ( 0.00%) 72.04
ssh 27669 ( 0.10%) 8390270 ( 0.04%) 303.24
dns 4248 ( 0.01%) 391773 ( 0.00%) 92.23
bgp 175 ( 0.00%) 64929 ( 0.00%) 371.02
napster 9 ( 0.00%) 1213 ( 0.00%) 134.78
realaud 594 ( 0.00%) 185782 ( 0.00%) 312.76
rtsp 2821 ( 0.01%) 2898179 ( 0.01%) 1027.36
icecast 2787 ( 0.01%) 1213626 ( 0.01%) 435.46
hotline 5 ( 0.00%) 813 ( 0.00%) 162.60
other 4418119 ( 15.36%) 3134857352 ( 13.19%) 709.55
udp 3552318 ( 12.35%) 1263829455 ( 5.32%) 355.78
dns 1421747 ( 4.94%) 221888050 ( 0.93%) 156.07
realaud 8 ( 0.00%) 650 ( 0.00%) 81.25
halflif 24 ( 0.00%) 2294 ( 0.00%) 95.58
starcra 27 ( 0.00%) 3091 ( 0.00%) 114.48
everque 7130 ( 0.02%) 791549 ( 0.00%) 111.02
unreal 25 ( 0.00%) 4707 ( 0.00%) 188.28
quake 20 ( 0.00%) 1638 ( 0.00%) 81.90
cuseeme 3 ( 0.00%) 261 ( 0.00%) 87.00
other 2120717 ( 7.37%) 1040038310 ( 4.38%) 490.42
icmp 532306 ( 1.85%) 99228517 ( 0.42%) 186.41
ipip 157 ( 0.00%) 18646 ( 0.00%) 118.76
ipsec 6533 ( 0.02%) 1003806 ( 0.00%) 153.65
ip6 124949 ( 0.43%) 43411917 ( 0.18%) 347.44
other 923 ( 0.00%) 174987 ( 0.00%) 189.59
frag 6675 ( 0.02%) 3357050 ( 0.01%) 502.93
ip6 109639 ( 0.38%) 31534617 ( 0.13%) 287.62
tcp6 56177 ( 0.20%) 16964269 ( 0.07%) 301.98
http(s) 4004 ( 0.01%) 5383029 ( 0.02%) 1344.41
http(c) 9090 ( 0.03%) 957648 ( 0.00%) 105.35
smtp 2116 ( 0.01%) 211518 ( 0.00%) 99.96
dns 55 ( 0.00%) 11972 ( 0.00%) 217.67
bgp 94 ( 0.00%) 14850 ( 0.00%) 157.98
other 40818 ( 0.14%) 10385252 ( 0.04%) 254.43
udp6 40147 ( 0.14%) 10338871 ( 0.04%) 257.53
dns 36067 ( 0.13%) 9656489 ( 0.04%) 267.74
starcra 2 ( 0.00%) 170 ( 0.00%) 85.00
quake 1 ( 0.00%) 101 ( 0.00%) 101.00
other 4077 ( 0.01%) 682111 ( 0.00%) 167.31
icmp6 11246 ( 0.04%) 2699507 ( 0.01%) 240.04
rtopt6 5 ( 0.00%) 700 ( 0.00%) 140.00
dstopt6 184 ( 0.00%) 25760 ( 0.00%) 140.00
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 1850 ( 0.01%) 1501430 ( 0.01%) 811.58
tcpdump file: 201009231400.dump.gz (683.81 MB)