Traffic Trace Info
DumpFile: 200812281400.dump
FileSize: 1318.70MB
Id: 200812281400
StartTime: Sun Dec 28 14:00:00 2008
EndTime: Sun Dec 28 14:15:00 2008
TotalTime: 899.86 seconds
TotalCapSize: 1031.98MB CapLen: 96 bytes
# of packets: 18789443 (13310.59MB)
AvgRate: 124.09Mbps stddev:23.72M
IP flow (unique src/dst pair) Information
# of flows: 500544 (avg. 37.54 pkts/flow)
Top 10 big flow size (bytes/total in %):
10.5% 5.9% 2.4% 2.2% 2.2% 1.8% 1.8% 1.7% 1.6% 1.5%
IP address Information
# of IPv4 addresses: 302758
Top 10 bandwidth usage (bytes/total in %):
17.1% 11.9% 11.5% 10.1% 7.0% 3.6% 2.9% 2.8% 2.7% 2.5%
# of IPv6 addresses: 988
Top 10 bandwidth usage (bytes/total in %):
70.9% 58.5% 28.9% 16.0% 12.4% 9.7% 3.1% 0.1% 0.0% 0.0%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](200812281400.pktlen.png)
detailed numbers
[ 32- 63]: 3949488
[ 64- 127]: 4297367
[ 128- 255]: 685990
[ 256- 511]: 389512
[ 512- 1023]: 860203
[ 1024- 2047]: 8606883
Protocol Breakdown
![[protocol breakdown chart]](200812281400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 18789443 (100.00%) 13957163421 (100.00%) 742.82
ip 17817093 ( 94.83%) 12547493039 ( 89.90%) 704.24
tcp 14196941 ( 75.56%) 11432039146 ( 81.91%) 805.25
http(s) 5166664 ( 27.50%) 6731905391 ( 48.23%) 1302.95
http(c) 2802527 ( 14.92%) 233116973 ( 1.67%) 83.18
squid 493600 ( 2.63%) 306812675 ( 2.20%) 621.58
smtp 205098 ( 1.09%) 31231684 ( 0.22%) 152.28
nntp 4107 ( 0.02%) 295895 ( 0.00%) 72.05
ftp 94488 ( 0.50%) 18767384 ( 0.13%) 198.62
pop3 13885 ( 0.07%) 4455100 ( 0.03%) 320.86
imap 2842 ( 0.02%) 453768 ( 0.00%) 159.67
telnet 292 ( 0.00%) 26100 ( 0.00%) 89.38
ssh 1087095 ( 5.79%) 191611669 ( 1.37%) 176.26
dns 1266 ( 0.01%) 114418 ( 0.00%) 90.38
bgp 127 ( 0.00%) 35939 ( 0.00%) 282.98
napster 858 ( 0.00%) 625007 ( 0.00%) 728.45
realaud 6 ( 0.00%) 372 ( 0.00%) 62.00
rtsp 9560 ( 0.05%) 6741944 ( 0.05%) 705.22
icecast 754 ( 0.00%) 79540 ( 0.00%) 105.49
hotline 12 ( 0.00%) 1458 ( 0.00%) 121.50
other 4313758 ( 22.96%) 3905763709 ( 27.98%) 905.42
udp 2761549 ( 14.70%) 1037516171 ( 7.43%) 375.70
dns 855214 ( 4.55%) 167605230 ( 1.20%) 195.98
realaud 279 ( 0.00%) 21242 ( 0.00%) 76.14
halflif 18 ( 0.00%) 2928 ( 0.00%) 162.67
starcra 25 ( 0.00%) 5161 ( 0.00%) 206.44
everque 73 ( 0.00%) 13750 ( 0.00%) 188.36
unreal 13 ( 0.00%) 2118 ( 0.00%) 162.92
quake 15 ( 0.00%) 1252 ( 0.00%) 83.47
cuseeme 2 ( 0.00%) 404 ( 0.00%) 202.00
other 1905869 ( 10.14%) 869839092 ( 6.23%) 456.40
icmp 842529 ( 4.48%) 66665042 ( 0.48%) 79.12
ipip 311 ( 0.00%) 37238 ( 0.00%) 119.74
ipsec 74 ( 0.00%) 11692 ( 0.00%) 158.00
ip6 10417 ( 0.06%) 10531101 ( 0.08%) 1010.95
other 5272 ( 0.03%) 692649 ( 0.00%) 131.38
frag 1637 ( 0.01%) 1332175 ( 0.01%) 813.79
ip6 972350 ( 5.17%) 1409670382 ( 10.10%) 1449.76
tcp6 953630 ( 5.08%) 1407026579 ( 10.08%) 1475.44
http(s) 272831 ( 1.45%) 407075595 ( 2.92%) 1492.04
http(c) 6592 ( 0.04%) 534065 ( 0.00%) 81.02
smtp 138 ( 0.00%) 59134 ( 0.00%) 428.51
ftp 21 ( 0.00%) 1805 ( 0.00%) 85.95
ssh 12 ( 0.00%) 1712 ( 0.00%) 142.67
dns 11 ( 0.00%) 5400 ( 0.00%) 490.91
bgp 369 ( 0.00%) 31639 ( 0.00%) 85.74
other 673656 ( 3.59%) 999317229 ( 7.16%) 1483.42
udp6 10016 ( 0.05%) 1512729 ( 0.01%) 151.03
dns 9988 ( 0.05%) 1509641 ( 0.01%) 151.15
quake 1 ( 0.00%) 118 ( 0.00%) 118.00
other 27 ( 0.00%) 2970 ( 0.00%) 110.00
icmp6 8672 ( 0.05%) 1126622 ( 0.01%) 129.91
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 2 ( 0.00%) 372 ( 0.00%) 186.00
tcpdump file: 200812281400.dump.gz (437.14 MB)