Traffic Trace Info
DumpFile: 201104161400.dump
FileSize: 2712.38MB
Id: 201104161400
StartTime: Sat Apr 16 14:00:00 2011
EndTime: Sat Apr 16 14:15:00 2011
TotalTime: 899.88 seconds
TotalCapSize: -1952.48MB CapLen: 96 bytes
# of packets: 37280286 (28591.27MB)
AvgRate: 266.53Mbps stddev:51.03M
IP flow (unique src/dst pair) Information
# of flows: 957631 (avg. 38.93 pkts/flow)
Top 10 big flow size (bytes/total in %):
8.1% 1.6% 1.4% 1.3% 1.2% 1.2% 1.0% 1.0% 0.8% 0.7%
IP address Information
# of IPv4 addresses: 525886
Top 10 bandwidth usage (bytes/total in %):
37.1% 8.3% 8.3% 5.4% 4.2% 3.2% 2.5% 1.9% 1.8% 1.6%
# of IPv6 addresses: 4277
Top 10 bandwidth usage (bytes/total in %):
81.4% 62.9% 18.7% 14.1% 11.0% 3.1% 0.8% 0.7% 0.7% 0.4%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201104161400.pktlen.png)
detailed numbers
[ 32- 63]: 7030339
[ 64- 127]: 7601076
[ 128- 255]: 2040522
[ 256- 511]: 789105
[ 512- 1023]: 686172
[ 1024- 2047]: 19133072
Protocol Breakdown
![[protocol breakdown chart]](201104161400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 37280286 (100.00%) 29980116654 (100.00%) 804.18
ip 35928503 ( 96.37%) 29404012466 ( 98.08%) 818.40
tcp 26934720 ( 72.25%) 23606503123 ( 78.74%) 876.43
http(s) 14658800 ( 39.32%) 20302983917 ( 67.72%) 1385.04
http(c) 7153891 ( 19.19%) 991323215 ( 3.31%) 138.57
squid 359325 ( 0.96%) 140163578 ( 0.47%) 390.07
smtp 109401 ( 0.29%) 48078510 ( 0.16%) 439.47
nntp 12 ( 0.00%) 780 ( 0.00%) 65.00
ftp 24226 ( 0.06%) 2079334 ( 0.01%) 85.83
pop3 8522 ( 0.02%) 3533299 ( 0.01%) 414.61
imap 55113 ( 0.15%) 54467561 ( 0.18%) 988.29
telnet 2321 ( 0.01%) 481841 ( 0.00%) 207.60
ssh 116495 ( 0.31%) 21983079 ( 0.07%) 188.70
dns 305422 ( 0.82%) 18801938 ( 0.06%) 61.56
bgp 563 ( 0.00%) 97857 ( 0.00%) 173.81
napster 28 ( 0.00%) 3120 ( 0.00%) 111.43
realaud 16 ( 0.00%) 1659 ( 0.00%) 103.69
rtsp 24741 ( 0.07%) 35138559 ( 0.12%) 1420.26
icecast 26831 ( 0.07%) 16195775 ( 0.05%) 603.62
hotline 6 ( 0.00%) 366 ( 0.00%) 61.00
other 4089006 ( 10.97%) 1971168675 ( 6.57%) 482.07
udp 4770504 ( 12.80%) 2710280433 ( 9.04%) 568.13
dns 525237 ( 1.41%) 107530823 ( 0.36%) 204.73
realaud 24 ( 0.00%) 3028 ( 0.00%) 126.17
halflif 25 ( 0.00%) 2803 ( 0.00%) 112.12
starcra 21 ( 0.00%) 3456 ( 0.00%) 164.57
everque 95 ( 0.00%) 21110 ( 0.00%) 222.21
unreal 27 ( 0.00%) 3437 ( 0.00%) 127.30
quake 14 ( 0.00%) 1587 ( 0.00%) 113.36
cuseeme 2 ( 0.00%) 179 ( 0.00%) 89.50
other 4244878 ( 11.39%) 2602611513 ( 8.68%) 613.12
icmp 498497 ( 1.34%) 88201709 ( 0.29%) 176.94
ipip 185 ( 0.00%) 19270 ( 0.00%) 104.16
ipsec 5415 ( 0.01%) 1632240 ( 0.01%) 301.43
ip6 3702806 ( 9.93%) 2990850416 ( 9.98%) 807.73
other 16376 ( 0.04%) 6525275 ( 0.02%) 398.47
frag 950 ( 0.00%) 944787 ( 0.00%) 994.51
ip6 1351783 ( 3.63%) 576104188 ( 1.92%) 426.18
tcp6 1289628 ( 3.46%) 561705704 ( 1.87%) 435.56
http(s) 592 ( 0.00%) 514320 ( 0.00%) 868.78
http(c) 30846 ( 0.08%) 2834897 ( 0.01%) 91.90
squid 9 ( 0.00%) 762 ( 0.00%) 84.67
smtp 54 ( 0.00%) 7806 ( 0.00%) 144.56
ftp 67 ( 0.00%) 5937 ( 0.00%) 88.61
ssh 917797 ( 2.46%) 80974426 ( 0.27%) 88.23
dns 197 ( 0.00%) 48863 ( 0.00%) 248.04
bgp 165 ( 0.00%) 117002 ( 0.00%) 709.10
other 339901 ( 0.91%) 477201691 ( 1.59%) 1403.94
udp6 37980 ( 0.10%) 9727346 ( 0.03%) 256.12
dns 31893 ( 0.09%) 8354512 ( 0.03%) 261.95
starcra 1 ( 0.00%) 159 ( 0.00%) 159.00
other 6086 ( 0.02%) 1372675 ( 0.00%) 225.55
icmp6 21746 ( 0.06%) 3026717 ( 0.01%) 139.18
ip6 82 ( 0.00%) 11226 ( 0.00%) 136.90
pim6 31 ( 0.00%) 4216 ( 0.00%) 136.00
other6 2316 ( 0.01%) 1628979 ( 0.01%) 703.36
tcpdump file: 201104161400.dump.gz (865.50 MB)