Traffic Trace Info
DumpFile: 200912111400.dump
FileSize: 2098.66MB
Id: 200912111400
StartTime: Fri Dec 11 14:00:00 2009
EndTime: Fri Dec 11 14:15:01 2009
TotalTime: 900.63 seconds
TotalCapSize: 1654.90MB CapLen: 96 bytes
# of packets: 29081671 (18834.84MB)
AvgRate: 175.43Mbps stddev:19.39M
IP flow (unique src/dst pair) Information
# of flows: 981222 (avg. 29.64 pkts/flow)
Top 10 big flow size (bytes/total in %):
3.5% 1.8% 1.6% 1.4% 1.2% 1.1% 1.1% 1.0% 1.0% 1.0%
IP address Information
# of IPv4 addresses: 562849
Top 10 bandwidth usage (bytes/total in %):
9.3% 9.1% 4.6% 3.6% 3.5% 3.4% 3.2% 2.9% 2.8% 2.4%
# of IPv6 addresses: 931
Top 10 bandwidth usage (bytes/total in %):
54.0% 53.9% 12.8% 4.6% 4.0% 4.0% 3.3% 3.3% 2.4% 2.1%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](200912111400.pktlen.png)
detailed numbers
[ 32- 63]: 5538092
[ 64- 127]: 8858947
[ 128- 255]: 1270369
[ 256- 511]: 571920
[ 512- 1023]: 723390
[ 1024- 2047]: 12118953
Protocol Breakdown
![[protocol breakdown chart]](200912111400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 29081671 (100.00%) 19749764883 (100.00%) 679.11
ip 28960637 ( 99.58%) 19735643678 ( 99.93%) 681.46
tcp 25216901 ( 86.71%) 18377076542 ( 93.05%) 728.76
http(s) 10677377 ( 36.72%) 14285681367 ( 72.33%) 1337.94
http(c) 7382002 ( 25.38%) 787904310 ( 3.99%) 106.73
squid 271190 ( 0.93%) 108087168 ( 0.55%) 398.57
smtp 258141 ( 0.89%) 115567815 ( 0.59%) 447.69
ftp 22859 ( 0.08%) 7554419 ( 0.04%) 330.48
pop3 18149 ( 0.06%) 6785753 ( 0.03%) 373.89
imap 3191 ( 0.01%) 1790618 ( 0.01%) 561.15
telnet 9877 ( 0.03%) 727694 ( 0.00%) 73.68
ssh 1825408 ( 6.28%) 288212298 ( 1.46%) 157.89
dns 25018 ( 0.09%) 10176089 ( 0.05%) 406.75
bgp 159 ( 0.00%) 59073 ( 0.00%) 371.53
napster 682 ( 0.00%) 524435 ( 0.00%) 768.97
realaud 143 ( 0.00%) 24377 ( 0.00%) 170.47
rtsp 126321 ( 0.43%) 11600587 ( 0.06%) 91.83
icecast 10813 ( 0.04%) 1020791 ( 0.01%) 94.40
hotline 9 ( 0.00%) 2052 ( 0.00%) 228.00
other 4585562 ( 15.77%) 2751357696 ( 13.93%) 600.00
udp 2919136 ( 10.04%) 1279434291 ( 6.48%) 438.29
dns 1177612 ( 4.05%) 207056953 ( 1.05%) 175.83
rip 2 ( 0.00%) 464 ( 0.00%) 232.00
realaud 12 ( 0.00%) 1736 ( 0.00%) 144.67
halflif 128 ( 0.00%) 12505 ( 0.00%) 97.70
starcra 160 ( 0.00%) 26558 ( 0.00%) 165.99
everque 474 ( 0.00%) 154053 ( 0.00%) 325.01
unreal 71 ( 0.00%) 10728 ( 0.00%) 151.10
quake 19 ( 0.00%) 1487 ( 0.00%) 78.26
cuseeme 2 ( 0.00%) 163 ( 0.00%) 81.50
other 1739890 ( 5.98%) 1071904248 ( 5.43%) 616.08
icmp 639155 ( 2.20%) 51138727 ( 0.26%) 80.01
ipip 345 ( 0.00%) 41386 ( 0.00%) 119.96
ipsec 89 ( 0.00%) 12022 ( 0.00%) 135.08
ip6 50564 ( 0.17%) 8773017 ( 0.04%) 173.50
other 134447 ( 0.46%) 19167693 ( 0.10%) 142.57
frag 2500 ( 0.01%) 2313678 ( 0.01%) 925.47
ip6 121034 ( 0.42%) 14121205 ( 0.07%) 116.67
tcp6 97093 ( 0.33%) 9930195 ( 0.05%) 102.28
http(s) 455 ( 0.00%) 591263 ( 0.00%) 1299.48
http(c) 3719 ( 0.01%) 346797 ( 0.00%) 93.25
smtp 1362 ( 0.00%) 680985 ( 0.00%) 499.99
ftp 2654 ( 0.01%) 274672 ( 0.00%) 103.49
ssh 460 ( 0.00%) 117704 ( 0.00%) 255.88
dns 11 ( 0.00%) 3242 ( 0.00%) 294.73
bgp 105 ( 0.00%) 13672 ( 0.00%) 130.21
other 88327 ( 0.30%) 7901860 ( 0.04%) 89.46
udp6 19519 ( 0.07%) 3672792 ( 0.02%) 188.16
dns 19457 ( 0.07%) 3664257 ( 0.02%) 188.33
realaud 1 ( 0.00%) 106 ( 0.00%) 106.00
halflif 1 ( 0.00%) 103 ( 0.00%) 103.00
other 60 ( 0.00%) 8326 ( 0.00%) 138.77
icmp6 4373 ( 0.02%) 497316 ( 0.00%) 113.72
pim6 31 ( 0.00%) 4216 ( 0.00%) 136.00
other6 18 ( 0.00%) 16686 ( 0.00%) 927.00
tcpdump file: 200912111400.dump.gz (720.42 MB)