Traffic Trace Info
DumpFile: 201112211400.dump
FileSize: 2875.37MB
Id: 201112211400
StartTime: Wed Dec 21 14:00:00 2011
EndTime: Wed Dec 21 14:15:00 2011
TotalTime: 899.79 seconds
TotalCapSize: -1819.92MB CapLen: 96 bytes
# of packets: 39274995 (25278.19MB)
AvgRate: 235.66Mbps stddev:36.99M
IP flow (unique src/dst pair) Information
# of flows: 964733 (avg. 40.71 pkts/flow)
Top 10 big flow size (bytes/total in %):
6.0% 1.7% 1.6% 1.6% 1.5% 1.4% 1.4% 1.2% 1.2% 1.1%
IP address Information
# of IPv4 addresses: 489076
Top 10 bandwidth usage (bytes/total in %):
11.0% 8.6% 7.5% 6.2% 6.2% 4.3% 3.6% 3.4% 3.0% 2.9%
# of IPv6 addresses: 5082
Top 10 bandwidth usage (bytes/total in %):
29.9% 29.8% 18.2% 18.1% 9.6% 6.2% 5.5% 5.1% 3.4% 3.3%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201112211400.pktlen.png)
detailed numbers
[ 32- 63]: 7516226
[ 64- 127]: 12787218
[ 128- 255]: 1017954
[ 256- 511]: 745456
[ 512- 1023]: 783530
[ 1024- 2047]: 16424611
Protocol Breakdown
![[protocol breakdown chart]](201112211400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 39274995 (100.00%) 26506106116 (100.00%) 674.89
ip 38860981 ( 98.95%) 26282204466 ( 99.16%) 676.31
tcp 33598651 ( 85.55%) 23854831119 ( 90.00%) 709.99
http(s) 13367089 ( 34.03%) 17753048315 ( 66.98%) 1328.12
http(c) 11004329 ( 28.02%) 1322383394 ( 4.99%) 120.17
squid 453220 ( 1.15%) 369807158 ( 1.40%) 815.96
smtp 176036 ( 0.45%) 50644513 ( 0.19%) 287.69
nntp 6 ( 0.00%) 366 ( 0.00%) 61.00
ftp 62493 ( 0.16%) 11459721 ( 0.04%) 183.38
pop3 3738 ( 0.01%) 905401 ( 0.00%) 242.22
imap 4105 ( 0.01%) 3519115 ( 0.01%) 857.28
telnet 1 ( 0.00%) 60 ( 0.00%) 60.00
ssh 326870 ( 0.83%) 453861448 ( 1.71%) 1388.51
dns 52736 ( 0.13%) 4378898 ( 0.02%) 83.03
bgp 656 ( 0.00%) 124331 ( 0.00%) 189.53
napster 81 ( 0.00%) 6013 ( 0.00%) 74.23
realaud 65 ( 0.00%) 4886 ( 0.00%) 75.17
rtsp 17651 ( 0.04%) 19113561 ( 0.07%) 1082.86
icecast 70821 ( 0.18%) 47504379 ( 0.18%) 670.77
hotline 33 ( 0.00%) 2060 ( 0.00%) 62.42
other 8058721 ( 20.52%) 3818067500 ( 14.40%) 473.78
udp 3736445 ( 9.51%) 1421124718 ( 5.36%) 380.34
dns 564231 ( 1.44%) 129056892 ( 0.49%) 228.73
rip 1 ( 0.00%) 70 ( 0.00%) 70.00
realaud 8 ( 0.00%) 643 ( 0.00%) 80.38
halflif 19 ( 0.00%) 2439 ( 0.00%) 128.37
starcra 38 ( 0.00%) 5545 ( 0.00%) 145.92
everque 397 ( 0.00%) 77738 ( 0.00%) 195.81
unreal 19 ( 0.00%) 3854 ( 0.00%) 202.84
quake 15 ( 0.00%) 1858 ( 0.00%) 123.87
cuseeme 2 ( 0.00%) 164 ( 0.00%) 82.00
other 3160018 ( 8.05%) 1290984646 ( 4.87%) 408.54
icmp 398007 ( 1.01%) 78278434 ( 0.30%) 196.68
ipip 185 ( 0.00%) 19270 ( 0.00%) 104.16
ipsec 985 ( 0.00%) 327174 ( 0.00%) 332.16
ip6 1119516 ( 2.85%) 926318126 ( 3.49%) 827.43
other 7192 ( 0.02%) 1305625 ( 0.00%) 181.54
frag 28220 ( 0.07%) 21993296 ( 0.08%) 779.35
ip6 414014 ( 1.05%) 223901650 ( 0.84%) 540.81
tcp6 287953 ( 0.73%) 167390775 ( 0.63%) 581.31
http(s) 73945 ( 0.19%) 101143722 ( 0.38%) 1367.82
http(c) 32601 ( 0.08%) 2948869 ( 0.01%) 90.45
smtp 113 ( 0.00%) 46250 ( 0.00%) 409.29
ftp 26 ( 0.00%) 2313 ( 0.00%) 88.96
imap 126 ( 0.00%) 134132 ( 0.00%) 1064.54
dns 699 ( 0.00%) 125861 ( 0.00%) 180.06
bgp 95 ( 0.00%) 16597 ( 0.00%) 174.71
other 180348 ( 0.46%) 62973031 ( 0.24%) 349.18
udp6 56295 ( 0.14%) 15914944 ( 0.06%) 282.71
dns 53561 ( 0.14%) 15396200 ( 0.06%) 287.45
everque 2 ( 0.00%) 216 ( 0.00%) 108.00
unreal 1 ( 0.00%) 98 ( 0.00%) 98.00
quake 1 ( 0.00%) 105 ( 0.00%) 105.00
cuseeme 1 ( 0.00%) 109 ( 0.00%) 109.00
other 2729 ( 0.01%) 518216 ( 0.00%) 189.89
icmp6 21773 ( 0.06%) 6640687 ( 0.03%) 305.00
ip6 84 ( 0.00%) 11462 ( 0.00%) 136.45
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 47879 ( 0.12%) 33939702 ( 0.13%) 708.86
tcpdump file: 201112211400.dump.gz (945.48 MB)