Traffic Trace Info
DumpFile: 201011281400.dump
FileSize: 2287.45MB
Id: 201011281400
StartTime: Sun Nov 28 14:00:00 2010
EndTime: Sun Nov 28 14:15:01 2010
TotalTime: 900.24 seconds
TotalCapSize: 1804.55MB CapLen: 96 bytes
# of packets: 31641326 (22730.58MB)
AvgRate: 211.81Mbps stddev:21.84M
IP flow (unique src/dst pair) Information
# of flows: 848456 (avg. 37.29 pkts/flow)
Top 10 big flow size (bytes/total in %):
1.9% 1.6% 1.3% 1.2% 1.1% 1.0% 1.0% 0.9% 0.9% 0.9%
IP address Information
# of IPv4 addresses: 516351
Top 10 bandwidth usage (bytes/total in %):
14.4% 12.6% 12.3% 8.3% 3.6% 2.0% 2.0% 1.7% 1.7% 1.7%
# of IPv6 addresses: 3894
Top 10 bandwidth usage (bytes/total in %):
25.3% 25.3% 23.7% 23.4% 18.7% 11.5% 7.2% 6.6% 6.6% 5.2%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201011281400.pktlen.png)
detailed numbers
[ 32- 63]: 4465522
[ 64- 127]: 8205080
[ 128- 255]: 1688845
[ 256- 511]: 1333030
[ 512- 1023]: 819365
[ 1024- 2047]: 15129484
Protocol Breakdown
![[protocol breakdown chart]](201011281400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 31641326 (100.00%) 23834739010 (100.00%) 753.28
ip 31477415 ( 99.48%) 23727081468 ( 99.55%) 753.78
tcp 18024194 ( 56.96%) 15777558270 ( 66.20%) 875.35
http(s) 9260917 ( 29.27%) 12469797324 ( 52.32%) 1346.50
http(c) 4941793 ( 15.62%) 758159938 ( 3.18%) 153.42
squid 156417 ( 0.49%) 56384354 ( 0.24%) 360.47
smtp 305885 ( 0.97%) 204327201 ( 0.86%) 667.99
nntp 1 ( 0.00%) 62 ( 0.00%) 62.00
ftp 75633 ( 0.24%) 42764458 ( 0.18%) 565.42
pop3 4706 ( 0.01%) 1553123 ( 0.01%) 330.03
imap 2911 ( 0.01%) 1386627 ( 0.01%) 476.34
telnet 945 ( 0.00%) 59877 ( 0.00%) 63.36
ssh 26659 ( 0.08%) 5782340 ( 0.02%) 216.90
dns 8803 ( 0.03%) 744478 ( 0.00%) 84.57
bgp 537 ( 0.00%) 81684 ( 0.00%) 152.11
napster 8 ( 0.00%) 879 ( 0.00%) 109.88
realaud 14 ( 0.00%) 1046 ( 0.00%) 74.71
rtsp 25062 ( 0.08%) 21988644 ( 0.09%) 877.37
icecast 1128 ( 0.00%) 399931 ( 0.00%) 354.55
hotline 13 ( 0.00%) 1219 ( 0.00%) 93.77
other 3212762 ( 10.15%) 2214125085 ( 9.29%) 689.17
udp 8326438 ( 26.32%) 4274365962 ( 17.93%) 513.35
dns 701918 ( 2.22%) 106123618 ( 0.45%) 151.19
realaud 35 ( 0.00%) 3834 ( 0.00%) 109.54
halflif 127332 ( 0.40%) 30419384 ( 0.13%) 238.90
starcra 10 ( 0.00%) 2001 ( 0.00%) 200.10
everque 10033 ( 0.03%) 1072372 ( 0.00%) 106.88
unreal 7 ( 0.00%) 1347 ( 0.00%) 192.43
quake 24 ( 0.00%) 3411 ( 0.00%) 142.12
cuseeme 5 ( 0.00%) 729 ( 0.00%) 145.80
other 7486964 ( 23.66%) 4136648559 ( 17.36%) 552.51
icmp 554559 ( 1.75%) 116454521 ( 0.49%) 209.99
ipip 180 ( 0.00%) 18720 ( 0.00%) 104.00
ipsec 85 ( 0.00%) 11822 ( 0.00%) 139.08
ip6 4556724 ( 14.40%) 3550959990 ( 14.90%) 779.28
other 15235 ( 0.05%) 7712183 ( 0.03%) 506.21
frag 901 ( 0.00%) 1044192 ( 0.00%) 1158.93
ip6 163911 ( 0.52%) 107657542 ( 0.45%) 656.80
tcp6 114800 ( 0.36%) 95599498 ( 0.40%) 832.75
http(s) 1023 ( 0.00%) 960636 ( 0.00%) 939.04
http(c) 8205 ( 0.03%) 851467 ( 0.00%) 103.77
smtp 159 ( 0.00%) 31760 ( 0.00%) 199.75
ftp 103 ( 0.00%) 9263 ( 0.00%) 89.93
ssh 17 ( 0.00%) 3099 ( 0.00%) 182.29
dns 799 ( 0.00%) 207095 ( 0.00%) 259.19
bgp 92 ( 0.00%) 18998 ( 0.00%) 206.50
other 104402 ( 0.33%) 93517180 ( 0.39%) 895.74
udp6 32552 ( 0.10%) 9525699 ( 0.04%) 292.63
dns 28571 ( 0.09%) 8900266 ( 0.04%) 311.51
realaud 1 ( 0.00%) 106 ( 0.00%) 106.00
starcra 1 ( 0.00%) 99 ( 0.00%) 99.00
everque 3 ( 0.00%) 456 ( 0.00%) 152.00
other 3976 ( 0.01%) 624772 ( 0.00%) 157.14
icmp6 15521 ( 0.05%) 1829233 ( 0.01%) 117.86
ip6 82 ( 0.00%) 11176 ( 0.00%) 136.29
rtopt6 9 ( 0.00%) 1296 ( 0.00%) 144.00
dstopt6 1 ( 0.00%) 144 ( 0.00%) 144.00
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 916 ( 0.00%) 686416 ( 0.00%) 749.36
tcpdump file: 201011281400.dump.gz (806.49 MB)