Traffic Trace Info
DumpFile: 201112271400.dump
FileSize: 2824.57MB
Id: 201112271400
StartTime: Tue Dec 27 14:00:00 2011
EndTime: Tue Dec 27 14:15:01 2011
TotalTime: 900.45 seconds
TotalCapSize: -1880.18MB CapLen: 96 bytes
# of packets: 39894930 (27458.69MB)
AvgRate: 255.79Mbps stddev:63.03M
IP flow (unique src/dst pair) Information
# of flows: 1030711 (avg. 38.71 pkts/flow)
Top 10 big flow size (bytes/total in %):
1.9% 1.7% 1.3% 1.2% 1.0% 1.0% 1.0% 1.0% 0.9% 0.8%
IP address Information
# of IPv4 addresses: 555014
Top 10 bandwidth usage (bytes/total in %):
31.8% 11.8% 3.6% 3.4% 3.1% 2.7% 2.4% 2.3% 2.1% 2.0%
# of IPv6 addresses: 5041
Top 10 bandwidth usage (bytes/total in %):
30.4% 30.0% 19.7% 10.2% 9.2% 8.6% 8.2% 8.1% 6.3% 3.1%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201112271400.pktlen.png)
detailed numbers
[ 32- 63]: 8397559
[ 64- 127]: 10694527
[ 128- 255]: 1302585
[ 256- 511]: 737199
[ 512- 1023]: 792506
[ 1024- 2047]: 17970554
Protocol Breakdown
![[protocol breakdown chart]](201112271400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 39894930 (100.00%) 28792518251 (100.00%) 721.71
ip 39546378 ( 99.13%) 28571329020 ( 99.23%) 722.48
tcp 33648307 ( 84.34%) 25505575292 ( 88.58%) 758.00
http(s) 13201459 ( 33.09%) 18107919049 ( 62.89%) 1371.66
http(c) 9404036 ( 23.57%) 1545695891 ( 5.37%) 164.37
squid 271820 ( 0.68%) 217678964 ( 0.76%) 800.82
smtp 64763 ( 0.16%) 18984826 ( 0.07%) 293.14
ftp 26442 ( 0.07%) 18856999 ( 0.07%) 713.15
pop3 2983 ( 0.01%) 253870 ( 0.00%) 85.11
imap 971 ( 0.00%) 174666 ( 0.00%) 179.88
telnet 2408 ( 0.01%) 207794 ( 0.00%) 86.29
ssh 1659840 ( 4.16%) 273073131 ( 0.95%) 164.52
dns 56842 ( 0.14%) 4175885 ( 0.01%) 73.46
bgp 639 ( 0.00%) 127196 ( 0.00%) 199.05
napster 687 ( 0.00%) 43758 ( 0.00%) 63.69
realaud 115 ( 0.00%) 7166 ( 0.00%) 62.31
rtsp 103 ( 0.00%) 15002 ( 0.00%) 145.65
icecast 15353 ( 0.04%) 1408051 ( 0.00%) 91.71
hotline 42 ( 0.00%) 2676 ( 0.00%) 63.71
other 8939804 ( 22.41%) 5316950368 ( 18.47%) 594.75
udp 4454962 ( 11.17%) 2229164885 ( 7.74%) 500.38
dns 485537 ( 1.22%) 116456796 ( 0.40%) 239.85
realaud 25 ( 0.00%) 3512 ( 0.00%) 140.48
halflif 28976 ( 0.07%) 7253543 ( 0.03%) 250.33
starcra 249 ( 0.00%) 34647 ( 0.00%) 139.14
everque 2150 ( 0.01%) 808292 ( 0.00%) 375.95
unreal 5 ( 0.00%) 556 ( 0.00%) 111.20
quake 16 ( 0.00%) 2170 ( 0.00%) 135.62
cuseeme 2 ( 0.00%) 193 ( 0.00%) 96.50
other 3928004 ( 9.85%) 2103993449 ( 7.31%) 535.64
icmp 382990 ( 0.96%) 35437982 ( 0.12%) 92.53
ipip 185 ( 0.00%) 19270 ( 0.00%) 104.16
ipsec 5274 ( 0.01%) 1164508 ( 0.00%) 220.80
ip6 1042036 ( 2.61%) 798047629 ( 2.77%) 765.85
other 12624 ( 0.03%) 1919454 ( 0.01%) 152.05
frag 21036 ( 0.05%) 16142099 ( 0.06%) 767.36
ip6 348552 ( 0.87%) 221189231 ( 0.77%) 634.59
tcp6 244039 ( 0.61%) 185969856 ( 0.65%) 762.05
http(s) 88020 ( 0.22%) 122360661 ( 0.42%) 1390.15
http(c) 26423 ( 0.07%) 2495826 ( 0.01%) 94.46
squid 415 ( 0.00%) 251194 ( 0.00%) 605.29
smtp 96 ( 0.00%) 44295 ( 0.00%) 461.41
ftp 26 ( 0.00%) 2330 ( 0.00%) 89.62
dns 576 ( 0.00%) 91920 ( 0.00%) 159.58
bgp 89 ( 0.00%) 15225 ( 0.00%) 171.07
other 128394 ( 0.32%) 60708405 ( 0.21%) 472.83
udp6 74859 ( 0.19%) 21071505 ( 0.07%) 281.48
dns 48019 ( 0.12%) 13277974 ( 0.05%) 276.52
everque 1 ( 0.00%) 105 ( 0.00%) 105.00
quake 1 ( 0.00%) 111 ( 0.00%) 111.00
other 26838 ( 0.07%) 7793315 ( 0.03%) 290.38
icmp6 24592 ( 0.06%) 10486935 ( 0.04%) 426.44
ip6 85 ( 0.00%) 11580 ( 0.00%) 136.24
pim6 31 ( 0.00%) 4216 ( 0.00%) 136.00
other6 4946 ( 0.01%) 3645139 ( 0.01%) 736.99
tcpdump file: 201112271400.dump.gz (949.03 MB)