Traffic Trace Info
DumpFile: 201012131400.dump
FileSize: 2706.77MB
Id: 201012131400
StartTime: Mon Dec 13 14:00:01 2010
EndTime: Mon Dec 13 14:15:01 2010
TotalTime: 899.88 seconds
TotalCapSize: -1973.05MB CapLen: 96 bytes
# of packets: 38260072 (27668.17MB)
AvgRate: 257.93Mbps stddev:31.72M
IP flow (unique src/dst pair) Information
# of flows: 1256018 (avg. 30.46 pkts/flow)
Top 10 big flow size (bytes/total in %):
3.3% 1.5% 1.3% 1.2% 1.0% 0.8% 0.8% 0.8% 0.8% 0.8%
IP address Information
# of IPv4 addresses: 661903
Top 10 bandwidth usage (bytes/total in %):
9.2% 6.6% 5.7% 3.3% 2.9% 2.9% 2.7% 2.4% 2.4% 2.3%
# of IPv6 addresses: 3865
Top 10 bandwidth usage (bytes/total in %):
28.6% 15.1% 15.1% 13.4% 11.2% 11.2% 9.3% 9.3% 4.0% 3.0%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201012131400.pktlen.png)
detailed numbers
[ 32- 63]: 7506643
[ 64- 127]: 8944120
[ 128- 255]: 1485919
[ 256- 511]: 1025374
[ 512- 1023]: 1160948
[ 1024- 2047]: 18137068
Protocol Breakdown
![[protocol breakdown chart]](201012131400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 38260072 (100.00%) 29012179560 (100.00%) 758.29
ip 38101991 ( 99.59%) 28943373826 ( 99.76%) 759.63
tcp 31094250 ( 81.27%) 25679227280 ( 88.51%) 825.85
http(s) 15373127 ( 40.18%) 19803849746 ( 68.26%) 1288.21
http(c) 9641246 ( 25.20%) 2095274136 ( 7.22%) 217.32
squid 285775 ( 0.75%) 162083648 ( 0.56%) 567.17
smtp 321620 ( 0.84%) 241050291 ( 0.83%) 749.49
ftp 94342 ( 0.25%) 41270308 ( 0.14%) 437.45
pop3 17032 ( 0.04%) 7066739 ( 0.02%) 414.91
imap 4128 ( 0.01%) 901136 ( 0.00%) 218.30
telnet 1227 ( 0.00%) 254307 ( 0.00%) 207.26
ssh 131750 ( 0.34%) 23021420 ( 0.08%) 174.74
dns 9145 ( 0.02%) 894926 ( 0.00%) 97.86
bgp 561 ( 0.00%) 97635 ( 0.00%) 174.04
napster 6 ( 0.00%) 908 ( 0.00%) 151.33
realaud 132 ( 0.00%) 32796 ( 0.00%) 248.45
rtsp 104174 ( 0.27%) 65112433 ( 0.22%) 625.04
icecast 9442 ( 0.02%) 2660212 ( 0.01%) 281.74
hotline 30 ( 0.00%) 6446 ( 0.00%) 214.87
other 5100511 ( 13.33%) 3235650073 ( 11.15%) 634.38
udp 5869408 ( 15.34%) 2961882203 ( 10.21%) 504.63
dns 1075944 ( 2.81%) 162586946 ( 0.56%) 151.11
realaud 517 ( 0.00%) 41090 ( 0.00%) 79.48
halflif 445 ( 0.00%) 132885 ( 0.00%) 298.62
starcra 110 ( 0.00%) 18079 ( 0.00%) 164.35
everque 515 ( 0.00%) 88264 ( 0.00%) 171.39
unreal 22 ( 0.00%) 3563 ( 0.00%) 161.95
quake 92 ( 0.00%) 10333 ( 0.00%) 112.32
cuseeme 10 ( 0.00%) 1340 ( 0.00%) 134.00
other 4791289 ( 12.52%) 2798798483 ( 9.65%) 584.14
icmp 738595 ( 1.93%) 117847196 ( 0.41%) 159.56
ipip 185 ( 0.00%) 19270 ( 0.00%) 104.16
ipsec 1047 ( 0.00%) 344410 ( 0.00%) 328.95
ip6 380411 ( 0.99%) 177485257 ( 0.61%) 466.56
other 18095 ( 0.05%) 6568210 ( 0.02%) 362.98
frag 1907 ( 0.00%) 1881815 ( 0.01%) 986.79
ip6 158081 ( 0.41%) 68805734 ( 0.24%) 435.26
tcp6 93445 ( 0.24%) 51569306 ( 0.18%) 551.87
http(s) 19517 ( 0.05%) 23163309 ( 0.08%) 1186.83
http(c) 41922 ( 0.11%) 3561733 ( 0.01%) 84.96
smtp 263 ( 0.00%) 98385 ( 0.00%) 374.09
ftp 84 ( 0.00%) 7494 ( 0.00%) 89.21
ssh 7016 ( 0.02%) 10408660 ( 0.04%) 1483.56
dns 1008 ( 0.00%) 250316 ( 0.00%) 248.33
bgp 88 ( 0.00%) 19497 ( 0.00%) 221.56
other 23547 ( 0.06%) 14059912 ( 0.05%) 597.10
udp6 45251 ( 0.12%) 14773399 ( 0.05%) 326.48
dns 44060 ( 0.12%) 14575512 ( 0.05%) 330.81
halflif 1 ( 0.00%) 90 ( 0.00%) 90.00
other 1190 ( 0.00%) 197797 ( 0.00%) 166.22
icmp6 18997 ( 0.05%) 2185390 ( 0.01%) 115.04
ip6 83 ( 0.00%) 11294 ( 0.00%) 136.07
pim6 31 ( 0.00%) 4216 ( 0.00%) 136.00
other6 274 ( 0.00%) 262129 ( 0.00%) 956.68
tcpdump file: 201012131400.dump.gz (939.78 MB)