Traffic Trace Info
DumpFile: 201201211400.dump
FileSize: 2788.13MB
Id: 201201211400
StartTime: Sat Jan 21 14:00:00 2012
EndTime: Sat Jan 21 14:15:01 2012
TotalTime: 900.24 seconds
TotalCapSize: -1909.56MB CapLen: 96 bytes
# of packets: 39432024 (26580.45MB)
AvgRate: 247.67Mbps stddev:41.33M
IP flow (unique src/dst pair) Information
# of flows: 1929845 (avg. 20.43 pkts/flow)
Top 10 big flow size (bytes/total in %):
3.1% 2.4% 1.9% 1.1% 1.1% 1.1% 1.1% 1.0% 0.9% 0.9%
IP address Information
# of IPv4 addresses: 1485431
Top 10 bandwidth usage (bytes/total in %):
19.7% 16.2% 5.7% 4.7% 4.3% 3.6% 3.2% 2.8% 2.5% 2.4%
# of IPv6 addresses: 4702
Top 10 bandwidth usage (bytes/total in %):
39.9% 15.6% 11.8% 7.5% 7.5% 6.1% 5.8% 5.4% 3.9% 3.7%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201201211400.pktlen.png)
detailed numbers
[ 32- 63]: 8863127
[ 64- 127]: 10054577
[ 128- 255]: 1434204
[ 256- 511]: 859589
[ 512- 1023]: 794403
[ 1024- 2047]: 17426124
Protocol Breakdown
![[protocol breakdown chart]](201201211400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 39432024 (100.00%) 27871622121 (100.00%) 706.83
ip 39180777 ( 99.36%) 27767341090 ( 99.63%) 708.70
tcp 30918253 ( 78.41%) 23994943789 ( 86.09%) 776.08
http(s) 13779775 ( 34.95%) 18961123989 ( 68.03%) 1376.01
http(c) 10053238 ( 25.50%) 2033136791 ( 7.29%) 202.24
squid 50273 ( 0.13%) 21509569 ( 0.08%) 427.86
smtp 57018 ( 0.14%) 23024568 ( 0.08%) 403.81
ftp 4372 ( 0.01%) 359507 ( 0.00%) 82.23
pop3 1144 ( 0.00%) 238074 ( 0.00%) 208.11
imap 1795 ( 0.00%) 183044 ( 0.00%) 101.97
telnet 823 ( 0.00%) 90443 ( 0.00%) 109.89
ssh 12785 ( 0.03%) 2378472 ( 0.01%) 186.04
dns 17945 ( 0.05%) 2758348 ( 0.01%) 153.71
bgp 659 ( 0.00%) 122135 ( 0.00%) 185.33
napster 40 ( 0.00%) 3311 ( 0.00%) 82.78
realaud 36 ( 0.00%) 2268 ( 0.00%) 63.00
rtsp 6235 ( 0.02%) 7678224 ( 0.03%) 1231.47
icecast 3829 ( 0.01%) 457047 ( 0.00%) 119.36
hotline 82 ( 0.00%) 41558 ( 0.00%) 506.80
other 6928203 ( 17.57%) 2941836381 ( 10.55%) 424.62
udp 5911638 ( 14.99%) 3146128979 ( 11.29%) 532.19
dns 385580 ( 0.98%) 84511415 ( 0.30%) 219.18
realaud 32 ( 0.00%) 3582 ( 0.00%) 111.94
halflif 494 ( 0.00%) 32884 ( 0.00%) 66.57
starcra 35 ( 0.00%) 4241 ( 0.00%) 121.17
everque 410 ( 0.00%) 73204 ( 0.00%) 178.55
unreal 23 ( 0.00%) 2500 ( 0.00%) 108.70
quake 24 ( 0.00%) 3352 ( 0.00%) 139.67
cuseeme 3 ( 0.00%) 266 ( 0.00%) 88.67
other 5524848 ( 14.01%) 3061329821 ( 10.98%) 554.10
icmp 1540970 ( 3.91%) 144845021 ( 0.52%) 94.00
ipip 184 ( 0.00%) 19160 ( 0.00%) 104.13
ipsec 1650 ( 0.00%) 666828 ( 0.00%) 404.14
ip6 801062 ( 2.03%) 478123414 ( 1.72%) 596.86
other 7020 ( 0.02%) 2613899 ( 0.01%) 372.35
frag 2203 ( 0.01%) 2586961 ( 0.01%) 1174.29
ip6 251247 ( 0.64%) 104281031 ( 0.37%) 415.05
tcp6 105131 ( 0.27%) 37933082 ( 0.14%) 360.82
http(s) 14383 ( 0.04%) 16947777 ( 0.06%) 1178.32
http(c) 42331 ( 0.11%) 3741649 ( 0.01%) 88.39
smtp 128 ( 0.00%) 53498 ( 0.00%) 417.95
ftp 7 ( 0.00%) 674 ( 0.00%) 96.29
dns 507 ( 0.00%) 75792 ( 0.00%) 149.49
bgp 96 ( 0.00%) 21930 ( 0.00%) 228.44
other 47679 ( 0.12%) 17091762 ( 0.06%) 358.48
udp6 83115 ( 0.21%) 34655468 ( 0.12%) 416.96
dns 47356 ( 0.12%) 11492896 ( 0.04%) 242.69
quake 1 ( 0.00%) 109 ( 0.00%) 109.00
other 35758 ( 0.09%) 23162463 ( 0.08%) 647.76
icmp6 22750 ( 0.06%) 3387649 ( 0.01%) 148.91
ip6 84 ( 0.00%) 11412 ( 0.00%) 135.86
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 40137 ( 0.10%) 28289340 ( 0.10%) 704.82
tcpdump file: 201201211400.dump.gz (911.89 MB)