Traffic Trace Info
DumpFile: 201201161400.dump
FileSize: 2756.57MB
Id: 201201161400
StartTime: Mon Jan 16 14:00:00 2012
EndTime: Mon Jan 16 14:15:01 2012
TotalTime: 900.39 seconds
TotalCapSize: -1934.67MB CapLen: 96 bytes
# of packets: 39009006 (28592.95MB)
AvgRate: 266.40Mbps stddev:59.14M
IP flow (unique src/dst pair) Information
# of flows: 1835720 (avg. 21.25 pkts/flow)
Top 10 big flow size (bytes/total in %):
15.4% 1.4% 1.2% 1.1% 1.0% 1.0% 0.9% 0.7% 0.5% 0.5%
IP address Information
# of IPv4 addresses: 1408758
Top 10 bandwidth usage (bytes/total in %):
31.3% 15.5% 15.5% 5.6% 4.8% 3.8% 2.4% 1.8% 1.6% 1.5%
# of IPv6 addresses: 5616
Top 10 bandwidth usage (bytes/total in %):
56.8% 19.1% 11.1% 6.9% 6.1% 5.9% 5.9% 5.3% 5.2% 4.7%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201201161400.pktlen.png)
detailed numbers
[ 32- 63]: 6791457
[ 64- 127]: 10071860
[ 128- 255]: 1777341
[ 256- 511]: 821671
[ 512- 1023]: 833953
[ 1024- 2047]: 18712724
Protocol Breakdown
![[protocol breakdown chart]](201201161400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 39009006 (100.00%) 29981876712 (100.00%) 768.59
ip 38613723 ( 98.99%) 29709235030 ( 99.09%) 769.40
tcp 29947809 ( 76.77%) 26427359432 ( 88.14%) 882.45
http(s) 16534020 ( 42.39%) 22725475327 ( 75.80%) 1374.47
http(c) 10253689 ( 26.29%) 1554058997 ( 5.18%) 151.56
squid 161355 ( 0.41%) 146106012 ( 0.49%) 905.49
smtp 72949 ( 0.19%) 26413139 ( 0.09%) 362.08
nntp 1 ( 0.00%) 62 ( 0.00%) 62.00
ftp 18875 ( 0.05%) 1588694 ( 0.01%) 84.17
pop3 4848 ( 0.01%) 2559460 ( 0.01%) 527.94
imap 2592 ( 0.01%) 582824 ( 0.00%) 224.85
telnet 515 ( 0.00%) 67269 ( 0.00%) 130.62
ssh 10269 ( 0.03%) 2067781 ( 0.01%) 201.36
dns 25287 ( 0.06%) 3923338 ( 0.01%) 155.15
bgp 632 ( 0.00%) 105983 ( 0.00%) 167.69
napster 95 ( 0.00%) 10587 ( 0.00%) 111.44
realaud 27 ( 0.00%) 2024 ( 0.00%) 74.96
rtsp 28206 ( 0.07%) 35150364 ( 0.12%) 1246.20
icecast 31001 ( 0.08%) 19040989 ( 0.06%) 614.21
hotline 6 ( 0.00%) 396 ( 0.00%) 66.00
other 2803442 ( 7.19%) 1910206186 ( 6.37%) 681.38
udp 5753846 ( 14.75%) 2620830698 ( 8.74%) 455.49
dns 1289091 ( 3.30%) 200497112 ( 0.67%) 155.53
realaud 22 ( 0.00%) 2333 ( 0.00%) 106.05
halflif 65 ( 0.00%) 7069 ( 0.00%) 108.75
starcra 43 ( 0.00%) 5496 ( 0.00%) 127.81
everque 412 ( 0.00%) 91003 ( 0.00%) 220.88
unreal 28 ( 0.00%) 2970 ( 0.00%) 106.07
quake 86 ( 0.00%) 7042 ( 0.00%) 81.88
cuseeme 12 ( 0.00%) 1132 ( 0.00%) 94.33
other 4463952 ( 11.44%) 2420128266 ( 8.07%) 542.15
icmp 2138834 ( 5.48%) 207055661 ( 0.69%) 96.81
ipip 184 ( 0.00%) 19160 ( 0.00%) 104.13
ipsec 34878 ( 0.09%) 9833252 ( 0.03%) 281.93
ip6 727423 ( 1.86%) 441180014 ( 1.47%) 606.50
other 10749 ( 0.03%) 2956813 ( 0.01%) 275.08
frag 591 ( 0.00%) 632412 ( 0.00%) 1070.07
ip6 395283 ( 1.01%) 272641682 ( 0.91%) 689.74
tcp6 210587 ( 0.54%) 169544222 ( 0.57%) 805.10
http(s) 33605 ( 0.09%) 40815054 ( 0.14%) 1214.55
http(c) 44479 ( 0.11%) 3887544 ( 0.01%) 87.40
squid 3 ( 0.00%) 222 ( 0.00%) 74.00
smtp 143 ( 0.00%) 64991 ( 0.00%) 454.48
dns 340 ( 0.00%) 81692 ( 0.00%) 240.27
bgp 89 ( 0.00%) 13890 ( 0.00%) 156.07
other 131928 ( 0.34%) 124680829 ( 0.42%) 945.07
udp6 97929 ( 0.25%) 49804785 ( 0.17%) 508.58
dns 62730 ( 0.16%) 19172035 ( 0.06%) 305.63
halflif 1 ( 0.00%) 98 ( 0.00%) 98.00
starcra 1 ( 0.00%) 104 ( 0.00%) 104.00
everque 1 ( 0.00%) 105 ( 0.00%) 105.00
quake 1 ( 0.00%) 118 ( 0.00%) 118.00
other 35195 ( 0.09%) 30632325 ( 0.10%) 870.36
icmp6 20791 ( 0.05%) 6823587 ( 0.02%) 328.20
ip6 84 ( 0.00%) 11412 ( 0.00%) 135.86
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 65862 ( 0.17%) 46453596 ( 0.15%) 705.32
tcpdump file: 201201161400.dump.gz (918.76 MB)