Traffic Trace Info
DumpFile: 201201141400.dump
FileSize: 2071.43MB
Id: 201201141400
StartTime: Sat Jan 14 14:00:01 2012
EndTime: Sat Jan 14 14:15:00 2012
TotalTime: 899.49 seconds
TotalCapSize: 1622.40MB CapLen: 96 bytes
# of packets: 29427126 (20582.69MB)
AvgRate: 191.91Mbps stddev:43.44M
IP flow (unique src/dst pair) Information
# of flows: 1656469 (avg. 17.76 pkts/flow)
Top 10 big flow size (bytes/total in %):
7.6% 1.4% 1.1% 1.1% 0.8% 0.7% 0.7% 0.6% 0.6% 0.6%
IP address Information
# of IPv4 addresses: 1348320
Top 10 bandwidth usage (bytes/total in %):
31.8% 10.8% 7.9% 3.9% 3.5% 3.4% 2.7% 2.4% 2.2% 1.7%
# of IPv6 addresses: 4476
Top 10 bandwidth usage (bytes/total in %):
35.7% 35.6% 20.7% 20.4% 9.7% 6.6% 5.9% 5.8% 5.4% 5.2%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201201141400.pktlen.png)
detailed numbers
[ 32- 63]: 6005193
[ 64- 127]: 7560759
[ 128- 255]: 1132081
[ 256- 511]: 733798
[ 512- 1023]: 657259
[ 1024- 2047]: 13338036
Protocol Breakdown
![[protocol breakdown chart]](201201141400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 29427126 (100.00%) 21582510227 (100.00%) 733.42
ip 29024218 ( 98.63%) 21267332117 ( 98.54%) 732.74
tcp 22297556 ( 75.77%) 19037381395 ( 88.21%) 853.79
http(s) 10532059 ( 35.79%) 14338366650 ( 66.44%) 1361.40
http(c) 5896477 ( 20.04%) 775335322 ( 3.59%) 131.49
squid 216441 ( 0.74%) 234401914 ( 1.09%) 1082.98
smtp 67731 ( 0.23%) 11358888 ( 0.05%) 167.71
ftp 5814 ( 0.02%) 470244 ( 0.00%) 80.88
pop3 3831 ( 0.01%) 2406439 ( 0.01%) 628.15
imap 2571 ( 0.01%) 535263 ( 0.00%) 208.19
telnet 1068 ( 0.00%) 108446 ( 0.00%) 101.54
ssh 710153 ( 2.41%) 106391431 ( 0.49%) 149.81
dns 13359 ( 0.05%) 2667271 ( 0.01%) 199.66
bgp 622 ( 0.00%) 99682 ( 0.00%) 160.26
napster 19 ( 0.00%) 2168 ( 0.00%) 114.11
realaud 5 ( 0.00%) 768 ( 0.00%) 153.60
rtsp 67319 ( 0.23%) 94477506 ( 0.44%) 1403.43
icecast 1159 ( 0.00%) 327315 ( 0.00%) 282.41
hotline 6 ( 0.00%) 804 ( 0.00%) 134.00
other 4778921 ( 16.24%) 3470431202 ( 16.08%) 726.20
udp 4018000 ( 13.65%) 1426482069 ( 6.61%) 355.02
dns 795265 ( 2.70%) 119680392 ( 0.55%) 150.49
rip 2 ( 0.00%) 179 ( 0.00%) 89.50
realaud 68 ( 0.00%) 5569 ( 0.00%) 81.90
halflif 26 ( 0.00%) 2085 ( 0.00%) 80.19
starcra 26 ( 0.00%) 3937 ( 0.00%) 151.42
everque 281 ( 0.00%) 41576 ( 0.00%) 147.96
unreal 11 ( 0.00%) 1222 ( 0.00%) 111.09
quake 105 ( 0.00%) 8732 ( 0.00%) 83.16
cuseeme 8 ( 0.00%) 734 ( 0.00%) 91.75
other 3188223 ( 10.83%) 1304685846 ( 6.05%) 409.22
icmp 1769930 ( 6.01%) 173681564 ( 0.80%) 98.13
ipip 185 ( 0.00%) 19270 ( 0.00%) 104.16
ipsec 6554 ( 0.02%) 2462588 ( 0.01%) 375.74
ip6 918377 ( 3.12%) 624085851 ( 2.89%) 679.55
other 13616 ( 0.05%) 3219380 ( 0.01%) 236.44
frag 71112 ( 0.24%) 54310699 ( 0.25%) 763.73
ip6 402908 ( 1.37%) 315178110 ( 1.46%) 782.26
tcp6 242993 ( 0.83%) 229261795 ( 1.06%) 943.49
http(s) 15597 ( 0.05%) 16836925 ( 0.08%) 1079.50
http(c) 39717 ( 0.13%) 3594237 ( 0.02%) 90.50
smtp 107 ( 0.00%) 29595 ( 0.00%) 276.59
dns 379 ( 0.00%) 82176 ( 0.00%) 216.82
bgp 94 ( 0.00%) 14553 ( 0.00%) 154.82
other 187099 ( 0.64%) 208704309 ( 0.97%) 1115.48
udp6 75933 ( 0.26%) 42877138 ( 0.20%) 564.67
dns 37784 ( 0.13%) 10578336 ( 0.05%) 279.97
everque 1 ( 0.00%) 101 ( 0.00%) 101.00
other 38148 ( 0.13%) 32298701 ( 0.15%) 846.67
icmp6 28708 ( 0.10%) 4137410 ( 0.02%) 144.12
ip6 84 ( 0.00%) 11412 ( 0.00%) 135.86
pim6 31 ( 0.00%) 4216 ( 0.00%) 136.00
other6 55159 ( 0.19%) 38886139 ( 0.18%) 704.98
tcpdump file: 201201141400.dump.gz (689.00 MB)