Traffic Trace Info
DumpFile: 200812201400.dump
FileSize: 1165.68MB
Id: 200812201400
StartTime: Sat Dec 20 14:00:00 2008
EndTime: Sat Dec 20 14:15:00 2008
TotalTime: 900.06 seconds
TotalCapSize: 909.51MB CapLen: 96 bytes
# of packets: 16787607 (11429.92MB)
AvgRate: 106.54Mbps stddev:14.89M
IP flow (unique src/dst pair) Information
# of flows: 620330 (avg. 27.06 pkts/flow)
Top 10 big flow size (bytes/total in %):
2.4% 2.0% 1.9% 1.2% 1.1% 1.1% 1.0% 1.0% 1.0% 0.9%
IP address Information
# of IPv4 addresses: 412964
Top 10 bandwidth usage (bytes/total in %):
17.3% 14.3% 11.6% 5.9% 4.9% 3.9% 2.9% 2.6% 2.5% 2.0%
# of IPv6 addresses: 1028
Top 10 bandwidth usage (bytes/total in %):
35.5% 32.7% 11.3% 11.3% 8.4% 8.1% 4.9% 3.6% 2.9% 2.2%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](200812201400.pktlen.png)
detailed numbers
[ 32- 63]: 4204131
[ 64- 127]: 3609468
[ 128- 255]: 640819
[ 256- 511]: 451863
[ 512- 1023]: 461997
[ 1024- 2047]: 7419329
Protocol Breakdown
![[protocol breakdown chart]](200812201400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 16787607 (100.00%) 11985134939 (100.00%) 713.93
ip 16749377 ( 99.77%) 11980213102 ( 99.96%) 715.26
tcp 14405160 ( 85.81%) 11390361442 ( 95.04%) 790.71
http(s) 6131010 ( 36.52%) 8422491025 ( 70.27%) 1373.75
http(c) 3454127 ( 20.58%) 306620443 ( 2.56%) 88.77
squid 588115 ( 3.50%) 270507066 ( 2.26%) 459.96
smtp 209211 ( 1.25%) 32290640 ( 0.27%) 154.34
ftp 170715 ( 1.02%) 12173091 ( 0.10%) 71.31
pop3 13151 ( 0.08%) 3225500 ( 0.03%) 245.27
imap 3653 ( 0.02%) 1654486 ( 0.01%) 452.91
telnet 180 ( 0.00%) 26246 ( 0.00%) 145.81
ssh 93381 ( 0.56%) 14847775 ( 0.12%) 159.00
dns 1377 ( 0.01%) 120321 ( 0.00%) 87.38
bgp 148 ( 0.00%) 56074 ( 0.00%) 378.88
realaud 46 ( 0.00%) 3430 ( 0.00%) 74.57
rtsp 340107 ( 2.03%) 361780029 ( 3.02%) 1063.72
icecast 650 ( 0.00%) 47354 ( 0.00%) 72.85
hotline 8 ( 0.00%) 868 ( 0.00%) 108.50
other 3399278 ( 20.25%) 1964516914 ( 16.39%) 577.92
udp 1893356 ( 11.28%) 549080855 ( 4.58%) 290.00
dns 782576 ( 4.66%) 153318207 ( 1.28%) 195.91
realaud 908 ( 0.01%) 54613 ( 0.00%) 60.15
halflif 21 ( 0.00%) 2267 ( 0.00%) 107.95
starcra 20 ( 0.00%) 4453 ( 0.00%) 222.65
everque 36219 ( 0.22%) 29358265 ( 0.24%) 810.58
unreal 286 ( 0.00%) 85181 ( 0.00%) 297.84
quake 19 ( 0.00%) 2115 ( 0.00%) 111.32
cuseeme 3 ( 0.00%) 524 ( 0.00%) 174.67
other 1073257 ( 6.39%) 366218405 ( 3.06%) 341.22
icmp 423647 ( 2.52%) 36738379 ( 0.31%) 86.72
ipip 313 ( 0.00%) 38244 ( 0.00%) 122.19
ipsec 188 ( 0.00%) 29704 ( 0.00%) 158.00
ip6 856 ( 0.01%) 106788 ( 0.00%) 124.75
other 25857 ( 0.15%) 3857690 ( 0.03%) 149.19
frag 1926 ( 0.01%) 1668186 ( 0.01%) 866.14
ip6 38230 ( 0.23%) 4921837 ( 0.04%) 128.74
tcp6 22509 ( 0.13%) 2711991 ( 0.02%) 120.48
http(s) 428 ( 0.00%) 570960 ( 0.00%) 1334.02
http(c) 19846 ( 0.12%) 1867393 ( 0.02%) 94.09
smtp 208 ( 0.00%) 46598 ( 0.00%) 224.03
ftp 172 ( 0.00%) 15771 ( 0.00%) 91.69
ssh 10 ( 0.00%) 1564 ( 0.00%) 156.40
dns 24 ( 0.00%) 4462 ( 0.00%) 185.92
bgp 413 ( 0.00%) 41885 ( 0.00%) 101.42
other 1408 ( 0.01%) 163358 ( 0.00%) 116.02
udp6 10027 ( 0.06%) 1496160 ( 0.01%) 149.21
dns 9987 ( 0.06%) 1491733 ( 0.01%) 149.37
halflif 1 ( 0.00%) 139 ( 0.00%) 139.00
quake 2 ( 0.00%) 221 ( 0.00%) 110.50
cuseeme 1 ( 0.00%) 107 ( 0.00%) 107.00
other 36 ( 0.00%) 3960 ( 0.00%) 110.00
icmp6 5662 ( 0.03%) 709410 ( 0.01%) 125.29
pim6 31 ( 0.00%) 4216 ( 0.00%) 136.00
other6 1 ( 0.00%) 60 ( 0.00%) 60.00
tcpdump file: 200812201400.dump.gz (411.73 MB)