Traffic Trace Info
DumpFile: 201010271400.dump
FileSize: 2783.29MB
Id: 201010271400
StartTime: Wed Oct 27 14:00:01 2010
EndTime: Wed Oct 27 14:15:01 2010
TotalTime: 899.56 seconds
TotalCapSize: -1902.53MB CapLen: 96 bytes
# of packets: 38653528 (27292.15MB)
AvgRate: 254.51Mbps stddev:32.23M
IP flow (unique src/dst pair) Information
# of flows: 942054 (avg. 41.03 pkts/flow)
Top 10 big flow size (bytes/total in %):
1.8% 1.8% 1.5% 1.4% 1.4% 1.3% 1.0% 0.9% 0.8% 0.7%
IP address Information
# of IPv4 addresses: 519996
Top 10 bandwidth usage (bytes/total in %):
11.9% 8.7% 8.5% 3.7% 2.8% 2.8% 2.3% 1.9% 1.8% 1.8%
# of IPv6 addresses: 3427
Top 10 bandwidth usage (bytes/total in %):
44.6% 26.6% 25.4% 23.7% 23.5% 8.3% 8.3% 2.9% 2.5% 2.5%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201010271400.pktlen.png)
detailed numbers
[ 32- 63]: 6393302
[ 64- 127]: 10045323
[ 128- 255]: 1858420
[ 256- 511]: 1396758
[ 512- 1023]: 915183
[ 1024- 2047]: 18044542
Protocol Breakdown
![[protocol breakdown chart]](201010271400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 38653528 (100.00%) 28617898018 (100.00%) 740.37
ip 38390085 ( 99.32%) 28427333812 ( 99.33%) 740.49
tcp 26054391 ( 67.40%) 21375721408 ( 74.69%) 820.43
http(s) 13123163 ( 33.95%) 17092127935 ( 59.73%) 1302.44
http(c) 8372908 ( 21.66%) 1518276571 ( 5.31%) 181.33
squid 133568 ( 0.35%) 52975705 ( 0.19%) 396.62
smtp 192939 ( 0.50%) 67548850 ( 0.24%) 350.10
ftp 24839 ( 0.06%) 7694548 ( 0.03%) 309.78
pop3 10615 ( 0.03%) 7040022 ( 0.02%) 663.21
imap 2566 ( 0.01%) 1189524 ( 0.00%) 463.57
telnet 1392 ( 0.00%) 100976 ( 0.00%) 72.54
ssh 268276 ( 0.69%) 41473840 ( 0.14%) 154.59
dns 6207 ( 0.02%) 563007 ( 0.00%) 90.71
bgp 603 ( 0.00%) 120662 ( 0.00%) 200.10
napster 38 ( 0.00%) 3560 ( 0.00%) 93.68
realaud 31 ( 0.00%) 8519 ( 0.00%) 274.81
rtsp 16104 ( 0.04%) 20011716 ( 0.07%) 1242.65
icecast 8361 ( 0.02%) 1001096 ( 0.00%) 119.73
hotline 121 ( 0.00%) 7661 ( 0.00%) 63.31
other 3892657 ( 10.07%) 2565577036 ( 8.96%) 659.08
udp 8242084 ( 21.32%) 4454136116 ( 15.56%) 540.41
dns 1067988 ( 2.76%) 149115163 ( 0.52%) 139.62
realaud 11 ( 0.00%) 1449 ( 0.00%) 131.73
halflif 34 ( 0.00%) 3450 ( 0.00%) 101.47
starcra 20 ( 0.00%) 2597 ( 0.00%) 129.85
everque 157 ( 0.00%) 29659 ( 0.00%) 188.91
unreal 18 ( 0.00%) 2550 ( 0.00%) 141.67
quake 35 ( 0.00%) 5069 ( 0.00%) 144.83
cuseeme 21 ( 0.00%) 2428 ( 0.00%) 115.62
other 7173108 ( 18.56%) 4304851118 ( 15.04%) 600.14
icmp 469802 ( 1.22%) 36100405 ( 0.13%) 76.84
ipip 179 ( 0.00%) 18610 ( 0.00%) 103.97
ipsec 8263 ( 0.02%) 3337106 ( 0.01%) 403.86
ip6 3601598 ( 9.32%) 2555762016 ( 8.93%) 709.62
other 13768 ( 0.04%) 2258151 ( 0.01%) 164.01
frag 2081 ( 0.01%) 1772864 ( 0.01%) 851.93
ip6 263443 ( 0.68%) 190564206 ( 0.67%) 723.36
tcp6 150888 ( 0.39%) 133182713 ( 0.47%) 882.66
http(s) 13646 ( 0.04%) 15753064 ( 0.06%) 1154.41
http(c) 31707 ( 0.08%) 2723882 ( 0.01%) 85.91
smtp 589 ( 0.00%) 192148 ( 0.00%) 326.23
ftp 60 ( 0.00%) 5371 ( 0.00%) 89.52
ssh 3 ( 0.00%) 330 ( 0.00%) 110.00
dns 158 ( 0.00%) 31146 ( 0.00%) 197.13
bgp 99 ( 0.00%) 31663 ( 0.00%) 319.83
other 104626 ( 0.27%) 114445109 ( 0.40%) 1093.85
udp6 35012 ( 0.09%) 9846159 ( 0.03%) 281.22
dns 30885 ( 0.08%) 9201869 ( 0.03%) 297.94
everque 1 ( 0.00%) 202 ( 0.00%) 202.00
other 4126 ( 0.01%) 644088 ( 0.00%) 156.10
icmp6 12472 ( 0.03%) 1768140 ( 0.01%) 141.77
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 65041 ( 0.17%) 45763114 ( 0.16%) 703.60
tcpdump file: 201010271400.dump.gz (955.24 MB)