Traffic Trace Info
DumpFile: 200811231400.dump
FileSize: 1221.19MB
Id: 200811231400
StartTime: Sun Nov 23 14:00:01 2008
EndTime: Sun Nov 23 14:15:00 2008
TotalTime: 899.68 seconds
TotalCapSize: 955.22MB CapLen: 96 bytes
# of packets: 17430245 (11511.42MB)
AvgRate: 107.35Mbps stddev:14.38M
IP flow (unique src/dst pair) Information
# of flows: 634817 (avg. 27.46 pkts/flow)
Top 10 big flow size (bytes/total in %):
7.3% 3.5% 2.4% 2.2% 1.7% 1.5% 1.4% 1.3% 1.2% 1.2%
IP address Information
# of IPv4 addresses: 381496
Top 10 bandwidth usage (bytes/total in %):
13.8% 9.5% 7.9% 7.4% 6.0% 5.2% 4.7% 3.5% 3.4% 3.1%
# of IPv6 addresses: 838
Top 10 bandwidth usage (bytes/total in %):
41.1% 37.6% 12.1% 10.3% 6.7% 5.6% 5.1% 4.4% 3.8% 2.5%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](200811231400.pktlen.png)
detailed numbers
[ 32- 63]: 3978425
[ 64- 127]: 4603291
[ 128- 255]: 594842
[ 256- 511]: 375936
[ 512- 1023]: 379066
[ 1024- 2047]: 7498685
Protocol Breakdown
![[protocol breakdown chart]](200811231400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 17430245 (100.00%) 12070595608 (100.00%) 692.51
ip 17392150 ( 99.78%) 12066369834 ( 99.96%) 693.78
tcp 13857547 ( 79.50%) 10724522060 ( 88.85%) 773.91
http(s) 5295304 ( 30.38%) 7023897487 ( 58.19%) 1326.44
http(c) 3145275 ( 18.04%) 389309201 ( 3.23%) 123.78
squid 531194 ( 3.05%) 354140141 ( 2.93%) 666.69
smtp 131642 ( 0.76%) 23657558 ( 0.20%) 179.71
nntp 1 ( 0.00%) 62 ( 0.00%) 62.00
ftp 93895 ( 0.54%) 57811837 ( 0.48%) 615.71
pop3 9780 ( 0.06%) 3437592 ( 0.03%) 351.49
imap 1865 ( 0.01%) 312991 ( 0.00%) 167.82
telnet 16839 ( 0.10%) 1254811 ( 0.01%) 74.52
ssh 76477 ( 0.44%) 20830313 ( 0.17%) 272.37
dns 4253 ( 0.02%) 827872 ( 0.01%) 194.66
bgp 145 ( 0.00%) 52772 ( 0.00%) 363.94
napster 2234 ( 0.01%) 520995 ( 0.00%) 233.21
realaud 9412 ( 0.05%) 9270665 ( 0.08%) 984.98
rtsp 81294 ( 0.47%) 106579071 ( 0.88%) 1311.03
icecast 4438 ( 0.03%) 626424 ( 0.01%) 141.15
hotline 4 ( 0.00%) 901 ( 0.00%) 225.25
other 4453494 ( 25.55%) 2731991307 ( 22.63%) 613.45
udp 2327484 ( 13.35%) 1229259972 ( 10.18%) 528.15
dns 505678 ( 2.90%) 110511643 ( 0.92%) 218.54
realaud 1887 ( 0.01%) 116028 ( 0.00%) 61.49
halflif 97 ( 0.00%) 9352 ( 0.00%) 96.41
starcra 37 ( 0.00%) 7074 ( 0.00%) 191.19
everque 93 ( 0.00%) 13390 ( 0.00%) 143.98
unreal 46 ( 0.00%) 17413 ( 0.00%) 378.54
quake 12 ( 0.00%) 1367 ( 0.00%) 113.92
cuseeme 5 ( 0.00%) 988 ( 0.00%) 197.60
other 1819463 ( 10.44%) 1118539353 ( 9.27%) 614.76
icmp 1033541 ( 5.93%) 83722267 ( 0.69%) 81.01
ipip 290 ( 0.00%) 36334 ( 0.00%) 125.29
ipsec 14 ( 0.00%) 2372 ( 0.00%) 169.43
ip6 6125 ( 0.04%) 6415275 ( 0.05%) 1047.39
other 167149 ( 0.96%) 22411554 ( 0.19%) 134.08
frag 34706 ( 0.20%) 31240076 ( 0.26%) 900.13
ip6 38095 ( 0.22%) 4225774 ( 0.04%) 110.93
tcp6 23592 ( 0.14%) 2319664 ( 0.02%) 98.32
http(s) 5 ( 0.00%) 909 ( 0.00%) 181.80
http(c) 18953 ( 0.11%) 1780211 ( 0.01%) 93.93
smtp 268 ( 0.00%) 115125 ( 0.00%) 429.57
ftp 31 ( 0.00%) 2895 ( 0.00%) 93.39
pop3 57 ( 0.00%) 4833 ( 0.00%) 84.79
ssh 92 ( 0.00%) 11240 ( 0.00%) 122.17
bgp 407 ( 0.00%) 36938 ( 0.00%) 90.76
other 3779 ( 0.02%) 367513 ( 0.00%) 97.25
udp6 8108 ( 0.05%) 1121639 ( 0.01%) 138.34
dns 8075 ( 0.05%) 1110907 ( 0.01%) 137.57
quake 1 ( 0.00%) 108 ( 0.00%) 108.00
other 32 ( 0.00%) 10624 ( 0.00%) 332.00
icmp6 6364 ( 0.04%) 780331 ( 0.01%) 122.62
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 1 ( 0.00%) 60 ( 0.00%) 60.00
tcpdump file: 200811231400.dump.gz (412.00 MB)