Traffic Trace Info
DumpFile: 201201261400.dump
FileSize: 2975.37MB
Id: 201201261400
StartTime: Thu Jan 26 14:00:01 2012
EndTime: Thu Jan 26 14:15:00 2012
TotalTime: 899.53 seconds
TotalCapSize: -1768.61MB CapLen: 96 bytes
# of packets: 42465304 (27815.29MB)
AvgRate: 259.42Mbps stddev:55.83M
IP flow (unique src/dst pair) Information
# of flows: 2034760 (avg. 20.87 pkts/flow)
Top 10 big flow size (bytes/total in %):
1.2% 1.2% 1.1% 0.9% 0.8% 0.8% 0.8% 0.8% 0.8% 0.7%
IP address Information
# of IPv4 addresses: 1498880
Top 10 bandwidth usage (bytes/total in %):
26.7% 13.5% 3.7% 2.6% 2.3% 2.3% 1.9% 1.7% 1.6% 1.4%
# of IPv6 addresses: 5076
Top 10 bandwidth usage (bytes/total in %):
33.7% 24.7% 6.2% 6.1% 5.9% 5.3% 4.6% 4.1% 3.8% 3.5%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201201261400.pktlen.png)
detailed numbers
[ 32- 63]: 9998994
[ 64- 127]: 11310583
[ 128- 255]: 1181156
[ 256- 511]: 1015827
[ 512- 1023]: 936910
[ 1024- 2047]: 18021834
Protocol Breakdown
![[protocol breakdown chart]](201201261400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 42465304 (100.00%) 29166445067 (100.00%) 686.83
ip 42246892 ( 99.49%) 29086492303 ( 99.73%) 688.49
tcp 33881208 ( 79.79%) 25462911717 ( 87.30%) 751.53
http(s) 16031539 ( 37.75%) 21808450263 ( 74.77%) 1360.35
http(c) 11283098 ( 26.57%) 1660066559 ( 5.69%) 147.13
squid 107379 ( 0.25%) 79701705 ( 0.27%) 742.25
smtp 70756 ( 0.17%) 35754060 ( 0.12%) 505.31
ftp 10228 ( 0.02%) 1670942 ( 0.01%) 163.37
pop3 8076 ( 0.02%) 4049137 ( 0.01%) 501.38
imap 3854 ( 0.01%) 3432376 ( 0.01%) 890.60
telnet 42316 ( 0.10%) 3158029 ( 0.01%) 74.63
ssh 31371 ( 0.07%) 11187779 ( 0.04%) 356.63
dns 21888 ( 0.05%) 3763329 ( 0.01%) 171.94
bgp 679 ( 0.00%) 151691 ( 0.00%) 223.40
napster 117 ( 0.00%) 7715 ( 0.00%) 65.94
realaud 71 ( 0.00%) 5280 ( 0.00%) 74.37
rtsp 13989 ( 0.03%) 16970981 ( 0.06%) 1213.17
icecast 23428 ( 0.06%) 16140588 ( 0.06%) 688.94
hotline 112 ( 0.00%) 7238 ( 0.00%) 64.62
other 6232299 ( 14.68%) 1818393565 ( 6.23%) 291.77
udp 6003135 ( 14.14%) 2855527366 ( 9.79%) 475.67
dns 530001 ( 1.25%) 111021897 ( 0.38%) 209.47
rip 4 ( 0.00%) 360 ( 0.00%) 90.00
realaud 18 ( 0.00%) 1604 ( 0.00%) 89.11
halflif 33 ( 0.00%) 3578 ( 0.00%) 108.42
starcra 39 ( 0.00%) 5089 ( 0.00%) 130.49
everque 564 ( 0.00%) 110089 ( 0.00%) 195.19
unreal 34 ( 0.00%) 4846 ( 0.00%) 142.53
quake 47 ( 0.00%) 5991 ( 0.00%) 127.47
cuseeme 8 ( 0.00%) 689 ( 0.00%) 86.12
other 5440707 ( 12.81%) 2741922663 ( 9.40%) 503.96
icmp 1526928 ( 3.60%) 142074021 ( 0.49%) 93.05
ipip 184 ( 0.00%) 19160 ( 0.00%) 104.13
ipsec 15469 ( 0.04%) 4375806 ( 0.02%) 282.88
ip6 680195 ( 1.60%) 419541675 ( 1.44%) 616.80
other 139773 ( 0.33%) 202042558 ( 0.69%) 1445.50
frag 86176 ( 0.20%) 63550421 ( 0.22%) 737.45
ip6 218412 ( 0.51%) 79952764 ( 0.27%) 366.06
tcp6 133858 ( 0.32%) 59264044 ( 0.20%) 442.74
http(s) 40798 ( 0.10%) 51372589 ( 0.18%) 1259.19
http(c) 71052 ( 0.17%) 5793213 ( 0.02%) 81.53
squid 3 ( 0.00%) 254 ( 0.00%) 84.67
smtp 63 ( 0.00%) 20577 ( 0.00%) 326.62
ftp 51 ( 0.00%) 4610 ( 0.00%) 90.39
dns 323 ( 0.00%) 66825 ( 0.00%) 206.89
bgp 98 ( 0.00%) 19374 ( 0.00%) 197.69
other 21470 ( 0.05%) 1986602 ( 0.01%) 92.53
udp6 61630 ( 0.15%) 16417075 ( 0.06%) 266.38
dns 59420 ( 0.14%) 16063916 ( 0.06%) 270.35
everque 4 ( 0.00%) 434 ( 0.00%) 108.50
quake 1 ( 0.00%) 106 ( 0.00%) 106.00
other 2205 ( 0.01%) 352619 ( 0.00%) 159.92
icmp6 21899 ( 0.05%) 3372457 ( 0.01%) 154.00
ip6 84 ( 0.00%) 11412 ( 0.00%) 135.86
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 911 ( 0.00%) 883696 ( 0.00%) 970.03
tcpdump file: 201201261400.dump.gz (992.60 MB)