Traffic Trace Info
DumpFile: 201109151400.dump
FileSize: 3365.37MB
Id: 201109151400
StartTime: Thu Sep 15 14:00:00 2011
EndTime: Thu Sep 15 14:15:00 2011
TotalTime: 900.34 seconds
TotalCapSize: -1452.97MB CapLen: 96 bytes
# of packets: 47338706 (27899.34MB)
AvgRate: 259.95Mbps stddev:43.37M
IP flow (unique src/dst pair) Information
# of flows: 1918119 (avg. 24.68 pkts/flow)
Top 10 big flow size (bytes/total in %):
9.1% 4.4% 4.4% 2.5% 1.6% 1.5% 1.3% 1.2% 1.1% 1.0%
IP address Information
# of IPv4 addresses: 1390928
Top 10 bandwidth usage (bytes/total in %):
20.3% 12.6% 9.5% 9.4% 4.6% 4.6% 4.1% 3.8% 2.5% 2.4%
# of IPv6 addresses: 3947
Top 10 bandwidth usage (bytes/total in %):
68.6% 38.6% 29.9% 12.0% 9.1% 5.8% 5.8% 2.1% 2.1% 2.1%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201109151400.pktlen.png)
detailed numbers
[ 32- 63]: 13493836
[ 64- 127]: 11625573
[ 128- 255]: 1570762
[ 256- 511]: 756631
[ 512- 1023]: 2731652
[ 1024- 2047]: 17160252
Protocol Breakdown
![[protocol breakdown chart]](201109151400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 47338706 (100.00%) 29254583434 (100.00%) 617.98
ip 47079152 ( 99.45%) 28997995006 ( 99.12%) 615.94
tcp 39357116 ( 83.14%) 26224998601 ( 89.64%) 666.33
http(s) 12835432 ( 27.11%) 14173295928 ( 48.45%) 1104.23
http(c) 11060320 ( 23.36%) 5359755387 ( 18.32%) 484.59
squid 99909 ( 0.21%) 59724849 ( 0.20%) 597.79
smtp 203580 ( 0.43%) 114232741 ( 0.39%) 561.12
ftp 122317 ( 0.26%) 40540956 ( 0.14%) 331.44
pop3 14999 ( 0.03%) 6804517 ( 0.02%) 453.66
imap 9393 ( 0.02%) 6506886 ( 0.02%) 692.74
telnet 499 ( 0.00%) 92010 ( 0.00%) 184.39
ssh 630062 ( 1.33%) 336288771 ( 1.15%) 533.74
dns 15839 ( 0.03%) 2962891 ( 0.01%) 187.06
bgp 776 ( 0.00%) 129597 ( 0.00%) 167.01
napster 1919 ( 0.00%) 121283 ( 0.00%) 63.20
realaud 116 ( 0.00%) 9916 ( 0.00%) 85.48
rtsp 6271 ( 0.01%) 7692692 ( 0.03%) 1226.71
icecast 13942 ( 0.03%) 1357058 ( 0.00%) 97.34
hotline 83 ( 0.00%) 5817 ( 0.00%) 70.08
other 14341647 ( 30.30%) 6115476439 ( 20.90%) 426.41
udp 4412078 ( 9.32%) 1830270800 ( 6.26%) 414.83
dns 677220 ( 1.43%) 160812546 ( 0.55%) 237.46
realaud 13 ( 0.00%) 1095 ( 0.00%) 84.23
halflif 51 ( 0.00%) 3541 ( 0.00%) 69.43
starcra 27 ( 0.00%) 3690 ( 0.00%) 136.67
everque 403 ( 0.00%) 81729 ( 0.00%) 202.80
unreal 75 ( 0.00%) 10727 ( 0.00%) 143.03
quake 1056 ( 0.00%) 84352 ( 0.00%) 79.88
cuseeme 5 ( 0.00%) 453 ( 0.00%) 90.60
other 3733178 ( 7.89%) 1669245050 ( 5.71%) 447.14
icmp 1393034 ( 2.94%) 122970921 ( 0.42%) 88.28
ipip 185 ( 0.00%) 19270 ( 0.00%) 104.16
ipsec 212422 ( 0.45%) 115507828 ( 0.39%) 543.77
ip6 1688230 ( 3.57%) 700561627 ( 2.39%) 414.97
other 16087 ( 0.03%) 3665959 ( 0.01%) 227.88
frag 467 ( 0.00%) 498967 ( 0.00%) 1068.45
ip6 259554 ( 0.55%) 256588428 ( 0.88%) 988.57
tcp6 180584 ( 0.38%) 236276805 ( 0.81%) 1308.40
http(s) 39357 ( 0.08%) 53021718 ( 0.18%) 1347.20
http(c) 13715 ( 0.03%) 1318614 ( 0.00%) 96.14
smtp 169 ( 0.00%) 53832 ( 0.00%) 318.53
ftp 648 ( 0.00%) 58209 ( 0.00%) 89.83
dns 240 ( 0.00%) 52923 ( 0.00%) 220.51
bgp 90 ( 0.00%) 14620 ( 0.00%) 162.44
other 126365 ( 0.27%) 181756889 ( 0.62%) 1438.35
udp6 58724 ( 0.12%) 15885281 ( 0.05%) 270.51
dns 55844 ( 0.12%) 15474458 ( 0.05%) 277.10
realaud 2 ( 0.00%) 232 ( 0.00%) 116.00
everque 3 ( 0.00%) 338 ( 0.00%) 112.67
other 2875 ( 0.01%) 410253 ( 0.00%) 142.70
icmp6 18395 ( 0.04%) 3093253 ( 0.01%) 168.16
ip6 80 ( 0.00%) 10940 ( 0.00%) 136.75
pim6 31 ( 0.00%) 4216 ( 0.00%) 136.00
other6 1740 ( 0.00%) 1317933 ( 0.00%) 757.43
tcpdump file: 201109151400.dump.gz (1143.66 MB)