Traffic Trace Info
DumpFile: 200812221400.dump
FileSize: 1392.47MB
Id: 200812221400
StartTime: Mon Dec 22 14:00:01 2008
EndTime: Mon Dec 22 14:15:00 2008
TotalTime: 899.59 seconds
TotalCapSize: 1093.24MB CapLen: 96 bytes
# of packets: 19609704 (13404.22MB)
AvgRate: 124.93Mbps stddev:14.06M
IP flow (unique src/dst pair) Information
# of flows: 535503 (avg. 36.62 pkts/flow)
Top 10 big flow size (bytes/total in %):
7.9% 3.4% 1.9% 1.7% 1.5% 1.3% 1.1% 1.1% 1.0% 1.0%
IP address Information
# of IPv4 addresses: 307434
Top 10 bandwidth usage (bytes/total in %):
16.7% 11.1% 8.7% 8.0% 5.8% 4.9% 4.1% 3.5% 1.9% 1.8%
# of IPv6 addresses: 1138
Top 10 bandwidth usage (bytes/total in %):
24.4% 22.6% 9.2% 9.2% 7.6% 6.2% 5.2% 5.0% 4.6% 4.4%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](200812221400.pktlen.png)
detailed numbers
[ 32- 63]: 4328636
[ 64- 127]: 4809683
[ 128- 255]: 755295
[ 256- 511]: 452798
[ 512- 1023]: 573524
[ 1024- 2047]: 8689768
Protocol Breakdown
![[protocol breakdown chart]](200812221400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 19609704 (100.00%) 14055342991 (100.00%) 716.75
ip 19560715 ( 99.75%) 14048190166 ( 99.95%) 718.18
tcp 17265105 ( 88.04%) 13450160247 ( 95.69%) 779.04
http(s) 7528599 ( 38.39%) 10279076220 ( 73.13%) 1365.34
http(c) 4773521 ( 24.34%) 627970858 ( 4.47%) 131.55
squid 444365 ( 2.27%) 218113843 ( 1.55%) 490.84
smtp 405253 ( 2.07%) 133498345 ( 0.95%) 329.42
nntp 49 ( 0.00%) 4840 ( 0.00%) 98.78
ftp 48977 ( 0.25%) 4659330 ( 0.03%) 95.13
pop3 22212 ( 0.11%) 4723901 ( 0.03%) 212.67
imap 4324 ( 0.02%) 875318 ( 0.01%) 202.43
telnet 1104 ( 0.01%) 69358 ( 0.00%) 62.82
ssh 654271 ( 3.34%) 87045441 ( 0.62%) 133.04
dns 1655 ( 0.01%) 141559 ( 0.00%) 85.53
bgp 135 ( 0.00%) 43181 ( 0.00%) 319.86
napster 102 ( 0.00%) 8945 ( 0.00%) 87.70
realaud 29 ( 0.00%) 2978 ( 0.00%) 102.69
rtsp 147206 ( 0.75%) 96636614 ( 0.69%) 656.47
icecast 17653 ( 0.09%) 15603253 ( 0.11%) 883.89
hotline 13 ( 0.00%) 1380 ( 0.00%) 106.15
other 3215636 ( 16.40%) 1981684823 ( 14.10%) 616.27
udp 1872944 ( 9.55%) 557019674 ( 3.96%) 297.40
dns 1018663 ( 5.19%) 231156738 ( 1.64%) 226.92
realaud 148 ( 0.00%) 9417 ( 0.00%) 63.63
halflif 30 ( 0.00%) 2989 ( 0.00%) 99.63
starcra 54 ( 0.00%) 10001 ( 0.00%) 185.20
everque 4590 ( 0.02%) 885856 ( 0.01%) 193.00
unreal 34 ( 0.00%) 5029 ( 0.00%) 147.91
quake 27 ( 0.00%) 2281 ( 0.00%) 84.48
cuseeme 9 ( 0.00%) 1047 ( 0.00%) 116.33
other 849341 ( 4.33%) 324901981 ( 2.31%) 382.53
icmp 389358 ( 1.99%) 34683187 ( 0.25%) 89.08
ipip 298 ( 0.00%) 34240 ( 0.00%) 114.90
ipsec 124 ( 0.00%) 18328 ( 0.00%) 147.81
ip6 858 ( 0.00%) 103198 ( 0.00%) 120.28
other 32028 ( 0.16%) 6171292 ( 0.04%) 192.68
frag 1637 ( 0.01%) 1371227 ( 0.01%) 837.65
ip6 48989 ( 0.25%) 7152825 ( 0.05%) 146.01
tcp6 27502 ( 0.14%) 3818789 ( 0.03%) 138.85
http(s) 993 ( 0.01%) 1336055 ( 0.01%) 1345.47
http(c) 23673 ( 0.12%) 2143291 ( 0.02%) 90.54
smtp 179 ( 0.00%) 70924 ( 0.00%) 396.22
ssh 10 ( 0.00%) 1548 ( 0.00%) 154.80
bgp 390 ( 0.00%) 34689 ( 0.00%) 88.95
other 2257 ( 0.01%) 232282 ( 0.00%) 102.92
udp6 14895 ( 0.08%) 2390571 ( 0.02%) 160.49
dns 14841 ( 0.08%) 2384631 ( 0.02%) 160.68
everque 1 ( 0.00%) 110 ( 0.00%) 110.00
other 53 ( 0.00%) 5830 ( 0.00%) 110.00
icmp6 6550 ( 0.03%) 929415 ( 0.01%) 141.90
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 12 ( 0.00%) 9970 ( 0.00%) 830.83
tcpdump file: 200812221400.dump.gz (488.17 MB)