Traffic Trace Info
DumpFile: 201204011345.dump
FileSize: 2032.71MB
Id: 201204011345
StartTime: Sun Apr 1 13:45:00 2012
EndTime: Sun Apr 1 14:00:00 2012
TotalTime: 900.41 seconds
TotalCapSize: 1608.11MB CapLen: 96 bytes
# of packets: 27826369 (21715.13MB)
AvgRate: 202.30Mbps stddev:29.83M
IP flow (unique src/dst pair) Information
# of flows: 1842838 (avg. 15.10 pkts/flow)
Top 10 big flow size (bytes/total in %):
4.4% 3.4% 3.2% 3.1% 2.9% 2.5% 2.0% 1.9% 1.8% 1.7%
IP address Information
# of IPv4 addresses: 1395507
Top 10 bandwidth usage (bytes/total in %):
18.9% 7.9% 7.8% 7.7% 4.9% 4.5% 3.5% 3.4% 3.4% 3.3%
# of IPv6 addresses: 4790
Top 10 bandwidth usage (bytes/total in %):
58.2% 30.5% 14.0% 8.6% 6.3% 3.3% 3.2% 2.9% 1.7% 1.6%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201204011345.pktlen.png)
detailed numbers
[ 32- 63]: 4883744
[ 64- 127]: 6303961
[ 128- 255]: 950014
[ 256- 511]: 557645
[ 512- 1023]: 733388
[ 1024- 2047]: 14397617
Protocol Breakdown
![[protocol breakdown chart]](201204011345.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 27826369 (100.00%) 22769963437 (100.00%) 818.29
ip 27694259 ( 99.53%) 22727176716 ( 99.81%) 820.65
tcp 20677564 ( 74.31%) 19265878275 ( 84.61%) 931.73
http(s) 10530144 ( 37.84%) 14138750308 ( 62.09%) 1342.69
http(c) 4669699 ( 16.78%) 1461060299 ( 6.42%) 312.88
squid 149246 ( 0.54%) 131536424 ( 0.58%) 881.34
smtp 29157 ( 0.10%) 5374591 ( 0.02%) 184.33
nntp 8 ( 0.00%) 496 ( 0.00%) 62.00
ftp 10819 ( 0.04%) 1050778 ( 0.00%) 97.12
pop3 3747 ( 0.01%) 550620 ( 0.00%) 146.95
imap 2171 ( 0.01%) 997216 ( 0.00%) 459.33
telnet 4765 ( 0.02%) 348904 ( 0.00%) 73.22
ssh 1122272 ( 4.03%) 1030352838 ( 4.53%) 918.10
dns 3461 ( 0.01%) 352131 ( 0.00%) 101.74
bgp 632 ( 0.00%) 111423 ( 0.00%) 176.30
napster 273 ( 0.00%) 17206 ( 0.00%) 63.03
realaud 18 ( 0.00%) 1122 ( 0.00%) 62.33
rtsp 19359 ( 0.07%) 28684636 ( 0.13%) 1481.72
icecast 7499 ( 0.03%) 5928033 ( 0.03%) 790.51
hotline 21 ( 0.00%) 1314 ( 0.00%) 62.57
other 4124273 ( 14.82%) 2460759936 ( 10.81%) 596.65
udp 3137613 ( 11.28%) 1485439764 ( 6.52%) 473.43
dns 343032 ( 1.23%) 86233564 ( 0.38%) 251.39
rip 1 ( 0.00%) 69 ( 0.00%) 69.00
realaud 21 ( 0.00%) 1965 ( 0.00%) 93.57
halflif 78 ( 0.00%) 10548 ( 0.00%) 135.23
starcra 57 ( 0.00%) 4869 ( 0.00%) 85.42
everque 335 ( 0.00%) 89736 ( 0.00%) 267.87
unreal 108 ( 0.00%) 24485 ( 0.00%) 226.71
quake 9 ( 0.00%) 1114 ( 0.00%) 123.78
cuseeme 3 ( 0.00%) 274 ( 0.00%) 91.33
other 2776072 ( 9.98%) 1397984617 ( 6.14%) 503.58
icmp 1704780 ( 6.13%) 137023274 ( 0.60%) 80.38
ipip 184 ( 0.00%) 19160 ( 0.00%) 104.13
ipsec 2986 ( 0.01%) 1050140 ( 0.00%) 351.69
ip6 2086490 ( 7.50%) 1801148750 ( 7.91%) 863.24
pim 300 ( 0.00%) 18000 ( 0.00%) 60.00
other 84342 ( 0.30%) 36599353 ( 0.16%) 433.94
frag 36408 ( 0.13%) 27831881 ( 0.12%) 764.44
ip6 132110 ( 0.47%) 42786721 ( 0.19%) 323.87
tcp6 58763 ( 0.21%) 28941257 ( 0.13%) 492.51
http(s) 5507 ( 0.02%) 6503607 ( 0.03%) 1180.97
http(c) 36385 ( 0.13%) 3062882 ( 0.01%) 84.18
squid 3 ( 0.00%) 234 ( 0.00%) 78.00
smtp 392 ( 0.00%) 122900 ( 0.00%) 313.52
dns 153 ( 0.00%) 29000 ( 0.00%) 189.54
bgp 88 ( 0.00%) 13507 ( 0.00%) 153.49
other 16235 ( 0.06%) 19209127 ( 0.08%) 1183.19
udp6 45211 ( 0.16%) 9656186 ( 0.04%) 213.58
dns 37937 ( 0.14%) 8891700 ( 0.04%) 234.38
starcra 1 ( 0.00%) 111 ( 0.00%) 111.00
everque 2 ( 0.00%) 183 ( 0.00%) 91.50
quake 1 ( 0.00%) 106 ( 0.00%) 106.00
cuseeme 1 ( 0.00%) 101 ( 0.00%) 101.00
other 7269 ( 0.03%) 763985 ( 0.00%) 105.10
icmp6 27695 ( 0.10%) 3865411 ( 0.02%) 139.57
ip6 85 ( 0.00%) 11580 ( 0.00%) 136.24
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 326 ( 0.00%) 308207 ( 0.00%) 945.42
tcpdump file: 201204011345.dump.gz (636.34 MB)