Traffic Trace Info
DumpFile: 201011030345.dump
FileSize: 2240.22MB
Id: 201011030345
StartTime: Wed Nov 3 03:45:00 2010
EndTime: Wed Nov 3 04:00:00 2010
TotalTime: 899.93 seconds
TotalCapSize: 1762.74MB CapLen: 96 bytes
# of packets: 31291602 (21791.28MB)
AvgRate: 203.14Mbps stddev:23.66M
IP flow (unique src/dst pair) Information
# of flows: 1053779 (avg. 29.69 pkts/flow)
Top 10 big flow size (bytes/total in %):
2.6% 2.3% 2.3% 1.8% 1.2% 1.0% 0.9% 0.9% 0.8% 0.7%
IP address Information
# of IPv4 addresses: 585555
Top 10 bandwidth usage (bytes/total in %):
8.5% 7.4% 6.4% 4.7% 3.5% 2.8% 2.7% 2.4% 2.3% 2.3%
# of IPv6 addresses: 4402
Top 10 bandwidth usage (bytes/total in %):
72.2% 54.8% 4.2% 4.2% 3.6% 3.5% 3.5% 3.1% 3.1% 2.7%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201011030345.pktlen.png)
detailed numbers
[ 32- 63]: 5497648
[ 64- 127]: 8595664
[ 128- 255]: 1439420
[ 256- 511]: 872065
[ 512- 1023]: 731596
[ 1024- 2047]: 14155209
Protocol Breakdown
![[protocol breakdown chart]](201011030345.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 31291602 (100.00%) 22849810978 (100.00%) 730.22
ip 30997339 ( 99.06%) 22583131452 ( 98.83%) 728.55
tcp 23988037 ( 76.66%) 19996466600 ( 87.51%) 833.60
http(s) 11891833 ( 38.00%) 15898694422 ( 69.58%) 1336.94
http(c) 7069714 ( 22.59%) 1395714234 ( 6.11%) 197.42
squid 273324 ( 0.87%) 130184287 ( 0.57%) 476.30
smtp 287994 ( 0.92%) 127908331 ( 0.56%) 444.14
nntp 18 ( 0.00%) 1098 ( 0.00%) 61.00
ftp 81535 ( 0.26%) 7473581 ( 0.03%) 91.66
pop3 10405 ( 0.03%) 8811315 ( 0.04%) 846.83
imap 3843 ( 0.01%) 2190202 ( 0.01%) 569.92
telnet 1457 ( 0.00%) 99074 ( 0.00%) 68.00
ssh 1135872 ( 3.63%) 157353041 ( 0.69%) 138.53
dns 11507 ( 0.04%) 818995 ( 0.00%) 71.17
bgp 586 ( 0.00%) 111288 ( 0.00%) 189.91
napster 11 ( 0.00%) 666 ( 0.00%) 60.55
realaud 70 ( 0.00%) 9219 ( 0.00%) 131.70
rtsp 12442 ( 0.04%) 15260013 ( 0.07%) 1226.49
icecast 14663 ( 0.05%) 15419353 ( 0.07%) 1051.58
hotline 15 ( 0.00%) 2190 ( 0.00%) 146.00
other 3192746 ( 10.20%) 2236415171 ( 9.79%) 700.47
udp 4916229 ( 15.71%) 1781270913 ( 7.80%) 362.32
dns 1251183 ( 4.00%) 176009910 ( 0.77%) 140.67
realaud 32 ( 0.00%) 3548 ( 0.00%) 110.88
halflif 18 ( 0.00%) 1888 ( 0.00%) 104.89
starcra 28 ( 0.00%) 5015 ( 0.00%) 179.11
everque 269 ( 0.00%) 44624 ( 0.00%) 165.89
unreal 10 ( 0.00%) 1790 ( 0.00%) 179.00
quake 23 ( 0.00%) 2679 ( 0.00%) 116.48
cuseeme 14 ( 0.00%) 1062 ( 0.00%) 75.86
other 3664255 ( 11.71%) 1604914006 ( 7.02%) 437.99
icmp 857933 ( 2.74%) 111839744 ( 0.49%) 130.36
ipip 179 ( 0.00%) 18610 ( 0.00%) 103.97
ipsec 1680 ( 0.01%) 279680 ( 0.00%) 166.48
ip6 1216437 ( 3.89%) 686712711 ( 3.01%) 564.53
other 16844 ( 0.05%) 6543194 ( 0.03%) 388.46
frag 3162 ( 0.01%) 2992780 ( 0.01%) 946.48
ip6 294263 ( 0.94%) 266679526 ( 1.17%) 906.26
tcp6 228744 ( 0.73%) 248493925 ( 1.09%) 1086.34
http(s) 34852 ( 0.11%) 48401142 ( 0.21%) 1388.76
http(c) 33249 ( 0.11%) 2861947 ( 0.01%) 86.08
squid 36 ( 0.00%) 3048 ( 0.00%) 84.67
smtp 448 ( 0.00%) 176060 ( 0.00%) 392.99
ftp 52 ( 0.00%) 4608 ( 0.00%) 88.62
pop3 12 ( 0.00%) 1045 ( 0.00%) 87.08
ssh 266 ( 0.00%) 262800 ( 0.00%) 987.97
dns 239 ( 0.00%) 47651 ( 0.00%) 199.38
bgp 97 ( 0.00%) 25699 ( 0.00%) 264.94
other 159493 ( 0.51%) 196709925 ( 0.86%) 1233.35
udp6 52611 ( 0.17%) 15270596 ( 0.07%) 290.25
dns 46793 ( 0.15%) 14033406 ( 0.06%) 299.90
halflif 1 ( 0.00%) 117 ( 0.00%) 117.00
everque 1 ( 0.00%) 108 ( 0.00%) 108.00
quake 1 ( 0.00%) 111 ( 0.00%) 111.00
other 5815 ( 0.02%) 1236854 ( 0.01%) 212.70
icmp6 11397 ( 0.04%) 1693959 ( 0.01%) 148.63
ip6 86 ( 0.00%) 11698 ( 0.00%) 136.02
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 1395 ( 0.00%) 1205268 ( 0.01%) 863.99
tcpdump file: 201011030345.dump.gz (789.17 MB)