Traffic Trace Info
DumpFile: 201201031400.dump
FileSize: 2676.00MB
Id: 201201031400
StartTime: Tue Jan 3 14:00:00 2012
EndTime: Tue Jan 3 14:15:01 2012
TotalTime: 900.16 seconds
TotalCapSize: -2002.85MB CapLen: 96 bytes
# of packets: 38197611 (29013.70MB)
AvgRate: 270.38Mbps stddev:53.46M
IP flow (unique src/dst pair) Information
# of flows: 1826781 (avg. 20.91 pkts/flow)
Top 10 big flow size (bytes/total in %):
27.5% 2.3% 1.6% 1.4% 1.3% 1.2% 1.1% 1.0% 0.8% 0.8%
IP address Information
# of IPv4 addresses: 1449525
Top 10 bandwidth usage (bytes/total in %):
27.6% 27.6% 24.9% 14.8% 3.2% 2.6% 2.5% 2.3% 2.0% 1.9%
# of IPv6 addresses: 4386
Top 10 bandwidth usage (bytes/total in %):
45.9% 38.4% 24.6% 7.5% 4.9% 3.8% 3.8% 3.8% 3.7% 3.5%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201201031400.pktlen.png)
detailed numbers
[ 32- 63]: 10673959
[ 64- 127]: 6529204
[ 128- 255]: 710183
[ 256- 511]: 493772
[ 512- 1023]: 490872
[ 1024- 2047]: 19299621
Protocol Breakdown
![[protocol breakdown chart]](201201031400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 38197611 (100.00%) 30423073368 (100.00%) 796.47
ip 38055056 ( 99.63%) 30353058391 ( 99.77%) 797.61
tcp 31359626 ( 82.10%) 28078845356 ( 92.29%) 895.38
http(s) 14456727 ( 37.85%) 20589754170 ( 67.68%) 1424.23
http(c) 5221625 ( 13.67%) 562702034 ( 1.85%) 107.76
squid 408805 ( 1.07%) 261478075 ( 0.86%) 639.62
smtp 49767 ( 0.13%) 8787260 ( 0.03%) 176.57
nntp 86 ( 0.00%) 5160 ( 0.00%) 60.00
ftp 10818 ( 0.03%) 871871 ( 0.00%) 80.59
pop3 1957 ( 0.01%) 1107519 ( 0.00%) 565.93
imap 1078 ( 0.00%) 155054 ( 0.00%) 143.83
telnet 1951 ( 0.01%) 157614 ( 0.00%) 80.79
ssh 45510 ( 0.12%) 5939210 ( 0.02%) 130.50
dns 9658 ( 0.03%) 779084 ( 0.00%) 80.67
bgp 724 ( 0.00%) 122269 ( 0.00%) 168.88
napster 1090 ( 0.00%) 75076 ( 0.00%) 68.88
realaud 611 ( 0.00%) 38214 ( 0.00%) 62.54
icecast 16967 ( 0.04%) 4212546 ( 0.01%) 248.28
hotline 30 ( 0.00%) 1856 ( 0.00%) 61.87
other 11132222 ( 29.14%) 6642658344 ( 21.83%) 596.71
udp 3436409 ( 9.00%) 1559487833 ( 5.13%) 453.81
dns 365218 ( 0.96%) 105238071 ( 0.35%) 288.15
realaud 17 ( 0.00%) 2291 ( 0.00%) 134.76
halflif 19 ( 0.00%) 2143 ( 0.00%) 112.79
starcra 112 ( 0.00%) 23063 ( 0.00%) 205.92
everque 161 ( 0.00%) 36126 ( 0.00%) 224.39
unreal 12 ( 0.00%) 2286 ( 0.00%) 190.50
quake 19 ( 0.00%) 2076 ( 0.00%) 109.26
cuseeme 2 ( 0.00%) 155 ( 0.00%) 77.50
other 3012119 ( 7.89%) 1450650830 ( 4.77%) 481.60
icmp 2483849 ( 6.50%) 160946166 ( 0.53%) 64.80
ipip 185 ( 0.00%) 19270 ( 0.00%) 104.16
ipsec 4971 ( 0.01%) 1189298 ( 0.00%) 239.25
ip6 762682 ( 2.00%) 551341538 ( 1.81%) 722.90
other 7334 ( 0.02%) 1228930 ( 0.00%) 167.57
frag 121708 ( 0.32%) 92300818 ( 0.30%) 758.38
ip6 142555 ( 0.37%) 70014977 ( 0.23%) 491.14
tcp6 65318 ( 0.17%) 43746199 ( 0.14%) 669.74
http(s) 6791 ( 0.02%) 6161860 ( 0.02%) 907.36
http(c) 12895 ( 0.03%) 1146831 ( 0.00%) 88.94
smtp 54 ( 0.00%) 14264 ( 0.00%) 264.15
ftp 50 ( 0.00%) 4674 ( 0.00%) 93.48
dns 314 ( 0.00%) 60296 ( 0.00%) 192.03
bgp 86 ( 0.00%) 14378 ( 0.00%) 167.19
other 45128 ( 0.12%) 36343896 ( 0.12%) 805.35
udp6 49230 ( 0.13%) 18893132 ( 0.06%) 383.77
dns 28646 ( 0.07%) 7241185 ( 0.02%) 252.78
realaud 1 ( 0.00%) 112 ( 0.00%) 112.00
quake 1 ( 0.00%) 117 ( 0.00%) 117.00
cuseeme 1 ( 0.00%) 118 ( 0.00%) 118.00
other 20581 ( 0.05%) 11651600 ( 0.04%) 566.13
icmp6 21747 ( 0.06%) 3004582 ( 0.01%) 138.16
ip6 84 ( 0.00%) 11462 ( 0.00%) 136.45
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 6146 ( 0.02%) 4355522 ( 0.01%) 708.68
tcpdump file: 201201031400.dump.gz (846.34 MB)