Traffic Trace Info
DumpFile: 201201071400.dump
FileSize: 2918.23MB
Id: 201201071400
StartTime: Sat Jan 7 14:00:00 2012
EndTime: Sat Jan 7 14:15:01 2012
TotalTime: 900.03 seconds
TotalCapSize: -1802.09MB CapLen: 96 bytes
# of packets: 40914640 (25337.13MB)
AvgRate: 236.15Mbps stddev:51.73M
IP flow (unique src/dst pair) Information
# of flows: 1908972 (avg. 21.43 pkts/flow)
Top 10 big flow size (bytes/total in %):
6.1% 5.0% 1.9% 1.7% 1.5% 1.2% 1.2% 1.2% 1.1% 1.0%
IP address Information
# of IPv4 addresses: 1471858
Top 10 bandwidth usage (bytes/total in %):
20.7% 14.2% 12.0% 6.3% 5.1% 3.1% 2.8% 2.4% 2.3% 2.0%
# of IPv6 addresses: 4675
Top 10 bandwidth usage (bytes/total in %):
42.6% 22.6% 19.1% 12.9% 7.3% 6.2% 5.8% 4.7% 4.4% 3.7%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201201071400.pktlen.png)
detailed numbers
[ 32- 63]: 10157807
[ 64- 127]: 11701559
[ 128- 255]: 1237549
[ 256- 511]: 669004
[ 512- 1023]: 775814
[ 1024- 2047]: 16372907
Protocol Breakdown
![[protocol breakdown chart]](201201071400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 40914640 (100.00%) 26567911523 (100.00%) 649.35
ip 40480655 ( 98.94%) 26293745513 ( 98.97%) 649.54
tcp 33296494 ( 81.38%) 23158572350 ( 87.17%) 695.53
http(s) 13351457 ( 32.63%) 18297882494 ( 68.87%) 1370.48
http(c) 10425516 ( 25.48%) 1472445501 ( 5.54%) 141.23
squid 90042 ( 0.22%) 20867241 ( 0.08%) 231.75
smtp 47480 ( 0.12%) 8177721 ( 0.03%) 172.24
nntp 2 ( 0.00%) 120 ( 0.00%) 60.00
ftp 63887 ( 0.16%) 5120300 ( 0.02%) 80.15
pop3 2259 ( 0.01%) 399925 ( 0.00%) 177.04
imap 713 ( 0.00%) 93375 ( 0.00%) 130.96
telnet 1311 ( 0.00%) 124215 ( 0.00%) 94.75
ssh 196742 ( 0.48%) 16455282 ( 0.06%) 83.64
dns 14645 ( 0.04%) 3089005 ( 0.01%) 210.93
bgp 643 ( 0.00%) 106732 ( 0.00%) 165.99
napster 97 ( 0.00%) 9515 ( 0.00%) 98.09
realaud 34 ( 0.00%) 2130 ( 0.00%) 62.65
icecast 15612 ( 0.04%) 8608840 ( 0.03%) 551.42
hotline 18 ( 0.00%) 1106 ( 0.00%) 61.44
other 9086036 ( 22.21%) 3325188848 ( 12.52%) 365.97
udp 4735660 ( 11.57%) 2332301525 ( 8.78%) 492.50
dns 379133 ( 0.93%) 82943803 ( 0.31%) 218.77
rip 8 ( 0.00%) 1990 ( 0.00%) 248.75
realaud 60 ( 0.00%) 6173 ( 0.00%) 102.88
halflif 646 ( 0.00%) 53275 ( 0.00%) 82.47
starcra 162 ( 0.00%) 27155 ( 0.00%) 167.62
everque 527 ( 0.00%) 118853 ( 0.00%) 225.53
unreal 16 ( 0.00%) 3204 ( 0.00%) 200.25
quake 12 ( 0.00%) 1538 ( 0.00%) 128.17
cuseeme 2 ( 0.00%) 474 ( 0.00%) 237.00
other 4355033 ( 10.64%) 2249130231 ( 8.47%) 516.44
icmp 1526733 ( 3.73%) 143472067 ( 0.54%) 93.97
ipip 184 ( 0.00%) 19160 ( 0.00%) 104.13
ipsec 7524 ( 0.02%) 2070072 ( 0.01%) 275.13
ip6 902904 ( 2.21%) 654142913 ( 2.46%) 724.49
other 11156 ( 0.03%) 3167426 ( 0.01%) 283.92
frag 450 ( 0.00%) 412464 ( 0.00%) 916.59
ip6 433985 ( 1.06%) 274166010 ( 1.03%) 631.74
tcp6 290421 ( 0.71%) 216555379 ( 0.82%) 745.66
http(s) 17500 ( 0.04%) 21715406 ( 0.08%) 1240.88
http(c) 22849 ( 0.06%) 1970693 ( 0.01%) 86.25
smtp 73 ( 0.00%) 33923 ( 0.00%) 464.70
ftp 47 ( 0.00%) 4830 ( 0.00%) 102.77
dns 433 ( 0.00%) 67676 ( 0.00%) 156.30
bgp 95 ( 0.00%) 18224 ( 0.00%) 191.83
other 249424 ( 0.61%) 192744627 ( 0.73%) 772.76
udp6 119990 ( 0.29%) 51657058 ( 0.19%) 430.51
dns 41591 ( 0.10%) 12032403 ( 0.05%) 289.30
starcra 1 ( 0.00%) 107 ( 0.00%) 107.00
other 78398 ( 0.19%) 39624548 ( 0.15%) 505.43
icmp6 19298 ( 0.05%) 2936678 ( 0.01%) 152.18
ip6 84 ( 0.00%) 11412 ( 0.00%) 135.86
pim6 31 ( 0.00%) 4216 ( 0.00%) 136.00
other6 4161 ( 0.01%) 3001267 ( 0.01%) 721.29
tcpdump file: 201201071400.dump.gz (964.64 MB)