Traffic Trace Info
DumpFile: 201201221400.dump
FileSize: 2149.35MB
Id: 201201221400
StartTime: Sun Jan 22 14:00:00 2012
EndTime: Sun Jan 22 14:15:00 2012
TotalTime: 899.54 seconds
TotalCapSize: 1690.10MB CapLen: 96 bytes
# of packets: 30097365 (19320.41MB)
AvgRate: 180.19Mbps stddev:35.27M
IP flow (unique src/dst pair) Information
# of flows: 2120123 (avg. 14.20 pkts/flow)
Top 10 big flow size (bytes/total in %):
2.3% 1.5% 1.5% 1.4% 1.3% 1.3% 1.2% 1.1% 1.1% 1.0%
IP address Information
# of IPv4 addresses: 1601952
Top 10 bandwidth usage (bytes/total in %):
32.6% 15.4% 4.6% 3.8% 3.7% 2.9% 2.5% 2.4% 2.0% 1.6%
# of IPv6 addresses: 4049
Top 10 bandwidth usage (bytes/total in %):
14.0% 12.5% 6.1% 5.4% 3.9% 3.8% 3.4% 3.4% 3.2% 3.2%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201201221400.pktlen.png)
detailed numbers
[ 32- 63]: 6954007
[ 64- 127]: 8297680
[ 128- 255]: 1194145
[ 256- 511]: 605590
[ 512- 1023]: 751936
[ 1024- 2047]: 12294007
Protocol Breakdown
![[protocol breakdown chart]](201201221400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 30097365 (100.00%) 20258915526 (100.00%) 673.11
ip 29978444 ( 99.60%) 20233968119 ( 99.88%) 674.95
tcp 23654279 ( 78.59%) 18306616965 ( 90.36%) 773.92
http(s) 12004442 ( 39.89%) 16501004916 ( 81.45%) 1374.57
http(c) 4656671 ( 15.47%) 506111082 ( 2.50%) 108.69
squid 24806 ( 0.08%) 15323248 ( 0.08%) 617.72
smtp 40887 ( 0.14%) 18826666 ( 0.09%) 460.46
nntp 6 ( 0.00%) 374 ( 0.00%) 62.33
ftp 6870 ( 0.02%) 573880 ( 0.00%) 83.53
pop3 30348 ( 0.10%) 3314518 ( 0.02%) 109.22
imap 1854 ( 0.01%) 661132 ( 0.00%) 356.60
telnet 1047 ( 0.00%) 106302 ( 0.00%) 101.53
ssh 1891338 ( 6.28%) 290849156 ( 1.44%) 153.78
dns 14672 ( 0.05%) 3044588 ( 0.02%) 207.51
bgp 675 ( 0.00%) 144378 ( 0.00%) 213.89
napster 155 ( 0.00%) 10617 ( 0.00%) 68.50
realaud 36 ( 0.00%) 2240 ( 0.00%) 62.22
icecast 999 ( 0.00%) 142949 ( 0.00%) 143.09
hotline 49 ( 0.00%) 3684 ( 0.00%) 75.18
other 4979424 ( 16.54%) 966497235 ( 4.77%) 194.10
udp 3949956 ( 13.12%) 1303669662 ( 6.44%) 330.05
dns 317079 ( 1.05%) 65952593 ( 0.33%) 208.00
realaud 37 ( 0.00%) 4563 ( 0.00%) 123.32
halflif 15 ( 0.00%) 1343 ( 0.00%) 89.53
starcra 21 ( 0.00%) 2888 ( 0.00%) 137.52
everque 703 ( 0.00%) 118230 ( 0.00%) 168.18
unreal 15 ( 0.00%) 1952 ( 0.00%) 130.13
quake 17 ( 0.00%) 2666 ( 0.00%) 156.82
cuseeme 3 ( 0.00%) 273 ( 0.00%) 91.00
other 3631915 ( 12.07%) 1237463639 ( 6.11%) 340.72
icmp 1398527 ( 4.65%) 101190862 ( 0.50%) 72.36
ipip 184 ( 0.00%) 19160 ( 0.00%) 104.13
ipsec 2913 ( 0.01%) 1321174 ( 0.01%) 453.54
ip6 965818 ( 3.21%) 518508289 ( 2.56%) 536.86
other 6767 ( 0.02%) 2642007 ( 0.01%) 390.43
frag 1156 ( 0.00%) 1325518 ( 0.01%) 1146.64
ip6 118921 ( 0.40%) 24947407 ( 0.12%) 209.78
tcp6 51458 ( 0.17%) 10310738 ( 0.05%) 200.37
http(s) 4585 ( 0.02%) 4874332 ( 0.02%) 1063.10
http(c) 21700 ( 0.07%) 1930582 ( 0.01%) 88.97
smtp 42 ( 0.00%) 12846 ( 0.00%) 305.86
dns 267 ( 0.00%) 63389 ( 0.00%) 237.41
bgp 85 ( 0.00%) 13703 ( 0.00%) 161.21
other 24779 ( 0.08%) 3415886 ( 0.02%) 137.85
udp6 44305 ( 0.15%) 10834445 ( 0.05%) 244.54
dns 41233 ( 0.14%) 9790030 ( 0.05%) 237.43
realaud 1 ( 0.00%) 105 ( 0.00%) 105.00
other 3071 ( 0.01%) 1044310 ( 0.01%) 340.06
icmp6 22684 ( 0.08%) 3443973 ( 0.02%) 151.82
ip6 83 ( 0.00%) 11294 ( 0.00%) 136.07
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 361 ( 0.00%) 342877 ( 0.00%) 949.80
tcpdump file: 201201221400.dump.gz (731.01 MB)