Traffic Trace Info
DumpFile: 201011111400.dump
FileSize: 2908.67MB
Id: 201011111400
StartTime: Thu Nov 11 14:00:00 2010
EndTime: Thu Nov 11 14:15:00 2010
TotalTime: 899.90 seconds
TotalCapSize: -1802.96MB CapLen: 96 bytes
# of packets: 40343924 (27295.60MB)
AvgRate: 254.46Mbps stddev:25.58M
IP flow (unique src/dst pair) Information
# of flows: 909761 (avg. 44.35 pkts/flow)
Top 10 big flow size (bytes/total in %):
1.3% 1.3% 1.2% 1.2% 1.2% 1.1% 1.0% 1.0% 0.9% 0.9%
IP address Information
# of IPv4 addresses: 494111
Top 10 bandwidth usage (bytes/total in %):
11.1% 7.9% 4.6% 4.4% 3.6% 2.7% 2.5% 2.2% 2.2% 1.7%
# of IPv6 addresses: 4309
Top 10 bandwidth usage (bytes/total in %):
63.9% 63.9% 18.2% 9.4% 5.5% 4.8% 4.8% 2.9% 1.9% 1.3%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201011111400.pktlen.png)
detailed numbers
[ 32- 63]: 6624473
[ 64- 127]: 11069193
[ 128- 255]: 2060659
[ 256- 511]: 1638403
[ 512- 1023]: 1214294
[ 1024- 2047]: 17736902
Protocol Breakdown
![[protocol breakdown chart]](201011111400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 40343924 (100.00%) 28621508184 (100.00%) 709.44
ip 39940663 ( 99.00%) 28220076369 ( 98.60%) 706.55
tcp 27183914 ( 67.38%) 21442250788 ( 74.92%) 788.78
http(s) 12568250 ( 31.15%) 16625094833 ( 58.09%) 1322.79
http(c) 8679171 ( 21.51%) 1613932413 ( 5.64%) 185.95
squid 418747 ( 1.04%) 315873873 ( 1.10%) 754.33
smtp 266640 ( 0.66%) 112416296 ( 0.39%) 421.60
nntp 2 ( 0.00%) 132 ( 0.00%) 66.00
ftp 42674 ( 0.11%) 7967674 ( 0.03%) 186.71
pop3 9428 ( 0.02%) 4857211 ( 0.02%) 515.19
imap 4202 ( 0.01%) 2568999 ( 0.01%) 611.38
telnet 1823 ( 0.00%) 143156 ( 0.00%) 78.53
ssh 1386330 ( 3.44%) 235652108 ( 0.82%) 169.98
dns 12535 ( 0.03%) 1115915 ( 0.00%) 89.02
bgp 640 ( 0.00%) 100625 ( 0.00%) 157.23
napster 38 ( 0.00%) 5191 ( 0.00%) 136.61
realaud 9 ( 0.00%) 1492 ( 0.00%) 165.78
rtsp 16208 ( 0.04%) 15844376 ( 0.06%) 977.57
icecast 27766 ( 0.07%) 23476462 ( 0.08%) 845.51
hotline 2 ( 0.00%) 120 ( 0.00%) 60.00
other 3749445 ( 9.29%) 2483199672 ( 8.68%) 662.28
udp 8530098 ( 21.14%) 4373166366 ( 15.28%) 512.67
dns 1296463 ( 3.21%) 203555153 ( 0.71%) 157.01
realaud 38 ( 0.00%) 4860 ( 0.00%) 127.89
halflif 41 ( 0.00%) 4845 ( 0.00%) 118.17
starcra 37 ( 0.00%) 6046 ( 0.00%) 163.41
everque 9134 ( 0.02%) 1156667 ( 0.00%) 126.63
unreal 13 ( 0.00%) 1641 ( 0.00%) 126.23
quake 23 ( 0.00%) 4791 ( 0.00%) 208.30
cuseeme 6 ( 0.00%) 716 ( 0.00%) 119.33
other 7224069 ( 17.91%) 4168291659 ( 14.56%) 577.00
icmp 420693 ( 1.04%) 33285981 ( 0.12%) 79.12
ipip 180 ( 0.00%) 18720 ( 0.00%) 104.00
ipsec 7107 ( 0.02%) 960370 ( 0.00%) 135.13
ip6 3782371 ( 9.38%) 2367638690 ( 8.27%) 625.97
other 16300 ( 0.04%) 2755454 ( 0.01%) 169.05
frag 6055 ( 0.02%) 6145515 ( 0.02%) 1014.95
ip6 403261 ( 1.00%) 401431815 ( 1.40%) 995.46
tcp6 335408 ( 0.83%) 382960468 ( 1.34%) 1141.77
http(s) 14321 ( 0.04%) 17962667 ( 0.06%) 1254.29
http(c) 28432 ( 0.07%) 2611669 ( 0.01%) 91.86
squid 25 ( 0.00%) 2642 ( 0.00%) 105.68
smtp 986 ( 0.00%) 458892 ( 0.00%) 465.41
ftp 97 ( 0.00%) 8827 ( 0.00%) 91.00
ssh 1 ( 0.00%) 86 ( 0.00%) 86.00
dns 1811 ( 0.00%) 441465 ( 0.00%) 243.77
bgp 93 ( 0.00%) 18307 ( 0.00%) 196.85
icecast 1 ( 0.00%) 94 ( 0.00%) 94.00
other 289641 ( 0.72%) 361455819 ( 1.26%) 1247.94
udp6 51881 ( 0.13%) 16317810 ( 0.06%) 314.52
dns 49579 ( 0.12%) 15901572 ( 0.06%) 320.73
everque 4 ( 0.00%) 368 ( 0.00%) 92.00
quake 2 ( 0.00%) 234 ( 0.00%) 117.00
other 2296 ( 0.01%) 415636 ( 0.00%) 181.03
icmp6 15478 ( 0.04%) 1745123 ( 0.01%) 112.75
ip6 84 ( 0.00%) 11462 ( 0.00%) 136.45
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 380 ( 0.00%) 392872 ( 0.00%) 1033.87
tcpdump file: 201011111400.dump.gz (1034.30 MB)