Traffic Trace Info
DumpFile: 201204011300.dump
FileSize: 2163.42MB
Id: 201204011300
StartTime: Sun Apr 1 13:00:01 2012
EndTime: Sun Apr 1 13:15:00 2012
TotalTime: 898.98 seconds
TotalCapSize: 1722.22MB CapLen: 96 bytes
# of packets: 28913890 (22680.09MB)
AvgRate: 211.63Mbps stddev:36.05M
IP flow (unique src/dst pair) Information
# of flows: 1780420 (avg. 16.24 pkts/flow)
Top 10 big flow size (bytes/total in %):
5.2% 3.5% 3.4% 2.6% 2.4% 2.1% 1.9% 1.6% 1.6% 1.4%
IP address Information
# of IPv4 addresses: 1386397
Top 10 bandwidth usage (bytes/total in %):
21.7% 9.3% 8.5% 8.4% 5.6% 5.2% 3.9% 3.8% 3.7% 3.0%
# of IPv6 addresses: 4763
Top 10 bandwidth usage (bytes/total in %):
84.7% 83.7% 13.4% 1.2% 1.2% 1.2% 1.1% 1.1% 1.1% 1.1%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201204011300.pktlen.png)
detailed numbers
[ 32- 63]: 4617743
[ 64- 127]: 6959194
[ 128- 255]: 1008809
[ 256- 511]: 590429
[ 512- 1023]: 754968
[ 1024- 2047]: 14982747
Protocol Breakdown
![[protocol breakdown chart]](201204011300.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 28913890 (100.00%) 23781799461 (100.00%) 822.50
ip 28107779 ( 97.21%) 22772687972 ( 95.76%) 810.19
tcp 21044450 ( 72.78%) 19664475705 ( 82.69%) 934.43
http(s) 10595862 ( 36.65%) 14693467180 ( 61.78%) 1386.72
http(c) 4316966 ( 14.93%) 748763126 ( 3.15%) 173.45
squid 60956 ( 0.21%) 48596374 ( 0.20%) 797.24
smtp 34596 ( 0.12%) 11855738 ( 0.05%) 342.69
nntp 6 ( 0.00%) 366 ( 0.00%) 61.00
ftp 9051 ( 0.03%) 898109 ( 0.00%) 99.23
pop3 1725 ( 0.01%) 350552 ( 0.00%) 203.22
imap 1138 ( 0.00%) 133405 ( 0.00%) 117.23
telnet 4585 ( 0.02%) 337032 ( 0.00%) 73.51
ssh 1411555 ( 4.88%) 1290177094 ( 5.43%) 914.01
dns 3333 ( 0.01%) 335372 ( 0.00%) 100.62
bgp 623 ( 0.00%) 118141 ( 0.00%) 189.63
napster 3024 ( 0.01%) 190415 ( 0.00%) 62.97
realaud 9 ( 0.00%) 564 ( 0.00%) 62.67
rtsp 19321 ( 0.07%) 28620967 ( 0.12%) 1481.34
icecast 7238 ( 0.03%) 529165 ( 0.00%) 73.11
hotline 5 ( 0.00%) 406 ( 0.00%) 81.20
other 4574457 ( 15.82%) 2840101699 ( 11.94%) 620.86
udp 2763565 ( 9.56%) 962466820 ( 4.05%) 348.27
dns 377242 ( 1.30%) 89975697 ( 0.38%) 238.51
rip 1 ( 0.00%) 70 ( 0.00%) 70.00
realaud 2 ( 0.00%) 195 ( 0.00%) 97.50
halflif 143 ( 0.00%) 23532 ( 0.00%) 164.56
starcra 39 ( 0.00%) 3217 ( 0.00%) 82.49
everque 323 ( 0.00%) 81530 ( 0.00%) 252.41
unreal 4001 ( 0.01%) 4092954 ( 0.02%) 1022.98
quake 14 ( 0.00%) 1082 ( 0.00%) 77.29
other 2381636 ( 8.24%) 868241411 ( 3.65%) 364.56
icmp 1666846 ( 5.76%) 134828254 ( 0.57%) 80.89
ipip 185 ( 0.00%) 19270 ( 0.00%) 104.16
ipsec 2846 ( 0.01%) 993604 ( 0.00%) 349.12
ip6 2545427 ( 8.80%) 1971568050 ( 8.29%) 774.55
pim 307 ( 0.00%) 18420 ( 0.00%) 60.00
other 84153 ( 0.29%) 38317849 ( 0.16%) 455.34
frag 679 ( 0.00%) 608363 ( 0.00%) 895.97
ip6 806111 ( 2.79%) 1009111489 ( 4.24%) 1251.83
tcp6 729924 ( 2.52%) 995203848 ( 4.18%) 1363.43
http(s) 3395 ( 0.01%) 3285796 ( 0.01%) 967.83
http(c) 13029 ( 0.05%) 1242031 ( 0.01%) 95.33
smtp 1917 ( 0.01%) 1919510 ( 0.01%) 1001.31
dns 236 ( 0.00%) 49135 ( 0.00%) 208.20
bgp 90 ( 0.00%) 16861 ( 0.00%) 187.34
other 711257 ( 2.46%) 988690515 ( 4.16%) 1390.06
udp6 47752 ( 0.17%) 9580596 ( 0.04%) 200.63
dns 37112 ( 0.13%) 8549370 ( 0.04%) 230.37
everque 2 ( 0.00%) 226 ( 0.00%) 113.00
quake 1 ( 0.00%) 104 ( 0.00%) 104.00
cuseeme 1 ( 0.00%) 108 ( 0.00%) 108.00
other 10636 ( 0.04%) 1030788 ( 0.00%) 96.92
icmp6 27923 ( 0.10%) 3943615 ( 0.02%) 141.23
ip6 83 ( 0.00%) 11344 ( 0.00%) 136.67
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 399 ( 0.00%) 368006 ( 0.00%) 922.32
tcpdump file: 201204011300.dump.gz (665.28 MB)