Traffic Trace Info
DumpFile: 201109201400.dump
FileSize: 2591.78MB
Id: 201109201400
StartTime: Tue Sep 20 14:00:01 2011
EndTime: Tue Sep 20 14:15:00 2011
TotalTime: 899.57 seconds
TotalCapSize: 2040.80MB CapLen: 96 bytes
# of packets: 36108408 (20782.33MB)
AvgRate: 193.81Mbps stddev:39.95M
IP flow (unique src/dst pair) Information
# of flows: 1836885 (avg. 19.66 pkts/flow)
Top 10 big flow size (bytes/total in %):
2.5% 2.5% 2.3% 1.6% 1.3% 1.3% 1.2% 1.2% 1.0% 0.9%
IP address Information
# of IPv4 addresses: 1366550
Top 10 bandwidth usage (bytes/total in %):
13.0% 12.6% 10.4% 5.4% 4.0% 3.8% 3.2% 2.6% 2.5% 2.4%
# of IPv6 addresses: 4045
Top 10 bandwidth usage (bytes/total in %):
23.8% 20.9% 18.0% 13.0% 11.7% 8.7% 8.0% 6.3% 5.2% 5.1%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201109201400.pktlen.png)
detailed numbers
[ 32- 63]: 8596337
[ 64- 127]: 11440385
[ 128- 255]: 1360759
[ 256- 511]: 657598
[ 512- 1023]: 974544
[ 1024- 2047]: 13078785
Protocol Breakdown
![[protocol breakdown chart]](201109201400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 36108408 (100.00%) 21791856056 (100.00%) 603.51
ip 35892831 ( 99.40%) 21666991964 ( 99.43%) 603.66
tcp 27391668 ( 75.86%) 18099629730 ( 83.06%) 660.77
http(s) 10761025 ( 29.80%) 14413853499 ( 66.14%) 1339.45
http(c) 7246114 ( 20.07%) 745523144 ( 3.42%) 102.89
squid 49101 ( 0.14%) 27523299 ( 0.13%) 560.54
smtp 90998 ( 0.25%) 31253184 ( 0.14%) 343.45
nntp 3 ( 0.00%) 192 ( 0.00%) 64.00
ftp 55137 ( 0.15%) 37004987 ( 0.17%) 671.15
pop3 2550 ( 0.01%) 339596 ( 0.00%) 133.17
imap 1771 ( 0.00%) 623060 ( 0.00%) 351.81
telnet 990 ( 0.00%) 123113 ( 0.00%) 124.36
ssh 61623 ( 0.17%) 7042517 ( 0.03%) 114.28
dns 86871 ( 0.24%) 6351194 ( 0.03%) 73.11
bgp 667 ( 0.00%) 129282 ( 0.00%) 193.83
napster 1869 ( 0.01%) 117874 ( 0.00%) 63.07
realaud 107 ( 0.00%) 8962 ( 0.00%) 83.76
rtsp 8129 ( 0.02%) 6779767 ( 0.03%) 834.02
icecast 13281 ( 0.04%) 1168721 ( 0.01%) 88.00
hotline 60 ( 0.00%) 3954 ( 0.00%) 65.90
other 9011369 ( 24.96%) 2821783205 ( 12.95%) 313.14
udp 5335415 ( 14.78%) 2712407586 ( 12.45%) 508.38
dns 583226 ( 1.62%) 141474045 ( 0.65%) 242.57
rip 1 ( 0.00%) 109 ( 0.00%) 109.00
realaud 8 ( 0.00%) 1038 ( 0.00%) 129.75
halflif 67 ( 0.00%) 6649 ( 0.00%) 99.24
starcra 20 ( 0.00%) 1553 ( 0.00%) 77.65
everque 1267 ( 0.00%) 323552 ( 0.00%) 255.37
unreal 15 ( 0.00%) 1191 ( 0.00%) 79.40
quake 444 ( 0.00%) 56199 ( 0.00%) 126.57
cuseeme 3 ( 0.00%) 264 ( 0.00%) 88.00
other 4717184 ( 13.06%) 2568462851 ( 11.79%) 544.49
icmp 1470528 ( 4.07%) 116140675 ( 0.53%) 78.98
ipip 185 ( 0.00%) 19270 ( 0.00%) 104.16
ipsec 9277 ( 0.03%) 3922478 ( 0.02%) 422.82
ip6 1653884 ( 4.58%) 722915128 ( 3.32%) 437.10
other 31874 ( 0.09%) 11957097 ( 0.05%) 375.14
frag 99276 ( 0.27%) 75595395 ( 0.35%) 761.47
ip6 215575 ( 0.60%) 124863972 ( 0.57%) 579.21
tcp6 145569 ( 0.40%) 106722815 ( 0.49%) 733.14
http(s) 19154 ( 0.05%) 22494578 ( 0.10%) 1174.41
http(c) 50217 ( 0.14%) 4379718 ( 0.02%) 87.22
smtp 1476 ( 0.00%) 1895140 ( 0.01%) 1283.97
ftp 55 ( 0.00%) 4869 ( 0.00%) 88.53
dns 384 ( 0.00%) 77404 ( 0.00%) 201.57
bgp 88 ( 0.00%) 20742 ( 0.00%) 235.70
other 74195 ( 0.21%) 77850364 ( 0.36%) 1049.27
udp6 54159 ( 0.15%) 14916848 ( 0.07%) 275.43
dns 52598 ( 0.15%) 14740462 ( 0.07%) 280.25
everque 1 ( 0.00%) 105 ( 0.00%) 105.00
quake 3 ( 0.00%) 318 ( 0.00%) 106.00
other 1557 ( 0.00%) 175963 ( 0.00%) 113.01
icmp6 15244 ( 0.04%) 2732302 ( 0.01%) 179.24
ip6 85 ( 0.00%) 11530 ( 0.00%) 135.65
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 488 ( 0.00%) 476397 ( 0.00%) 976.22
tcpdump file: 201109201400.dump.gz (874.64 MB)