Traffic Trace Info
DumpFile: 201201281400.dump
FileSize: 2617.44MB
Id: 201201281400
StartTime: Sat Jan 28 14:00:00 2012
EndTime: Sat Jan 28 14:15:00 2012
TotalTime: 899.48 seconds
TotalCapSize: -2047.53MB CapLen: 96 bytes
# of packets: 37287377 (27795.46MB)
AvgRate: 259.26Mbps stddev:71.62M
IP flow (unique src/dst pair) Information
# of flows: 1846280 (avg. 20.20 pkts/flow)
Top 10 big flow size (bytes/total in %):
4.2% 1.5% 1.4% 1.2% 1.2% 1.0% 1.0% 0.9% 0.9% 0.9%
IP address Information
# of IPv4 addresses: 1424551
Top 10 bandwidth usage (bytes/total in %):
25.1% 16.7% 4.6% 4.2% 4.1% 3.2% 2.4% 2.2% 2.2% 2.1%
# of IPv6 addresses: 5445
Top 10 bandwidth usage (bytes/total in %):
37.3% 18.1% 11.1% 8.9% 7.4% 7.3% 7.2% 6.6% 5.9% 5.9%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201201281400.pktlen.png)
detailed numbers
[ 32- 63]: 8472325
[ 64- 127]: 7500001
[ 128- 255]: 1592691
[ 256- 511]: 676003
[ 512- 1023]: 664895
[ 1024- 2047]: 18381462
Protocol Breakdown
![[protocol breakdown chart]](201201281400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 37287377 (100.00%) 29145656319 (100.00%) 781.65
ip 37089347 ( 99.47%) 29040831032 ( 99.64%) 783.00
tcp 30205436 ( 81.01%) 26433802739 ( 90.70%) 875.13
http(s) 16456025 ( 44.13%) 22717727610 ( 77.95%) 1380.51
http(c) 7435760 ( 19.94%) 1367304816 ( 4.69%) 183.88
squid 57941 ( 0.16%) 54910314 ( 0.19%) 947.69
smtp 57137 ( 0.15%) 15777332 ( 0.05%) 276.13
nntp 1 ( 0.00%) 66 ( 0.00%) 66.00
ftp 11973 ( 0.03%) 985777 ( 0.00%) 82.33
pop3 1571 ( 0.00%) 157113 ( 0.00%) 100.01
imap 966 ( 0.00%) 262315 ( 0.00%) 271.55
telnet 19796 ( 0.05%) 1486524 ( 0.01%) 75.09
ssh 50454 ( 0.14%) 22664326 ( 0.08%) 449.21
dns 17647 ( 0.05%) 3216797 ( 0.01%) 182.29
bgp 618 ( 0.00%) 105476 ( 0.00%) 170.67
napster 691 ( 0.00%) 43264 ( 0.00%) 62.61
realaud 53 ( 0.00%) 3866 ( 0.00%) 72.94
rtsp 12056 ( 0.03%) 14123930 ( 0.05%) 1171.53
icecast 1705 ( 0.00%) 175768 ( 0.00%) 103.09
hotline 33 ( 0.00%) 6505 ( 0.00%) 197.12
other 6081009 ( 16.31%) 2234850940 ( 7.67%) 367.51
udp 4569662 ( 12.26%) 2009257245 ( 6.89%) 439.69
dns 434313 ( 1.16%) 90810909 ( 0.31%) 209.09
realaud 25 ( 0.00%) 3055 ( 0.00%) 122.20
halflif 1559 ( 0.00%) 269955 ( 0.00%) 173.16
starcra 51 ( 0.00%) 6706 ( 0.00%) 131.49
everque 299 ( 0.00%) 60701 ( 0.00%) 203.01
unreal 16 ( 0.00%) 3156 ( 0.00%) 197.25
quake 56 ( 0.00%) 7661 ( 0.00%) 136.80
cuseeme 5 ( 0.00%) 680 ( 0.00%) 136.00
other 4132896 ( 11.08%) 1918028679 ( 6.58%) 464.09
icmp 1581394 ( 4.24%) 153556972 ( 0.53%) 97.10
ipip 185 ( 0.00%) 19270 ( 0.00%) 104.16
ipsec 767 ( 0.00%) 277882 ( 0.00%) 362.30
ip6 726138 ( 1.95%) 442880981 ( 1.52%) 609.91
other 5765 ( 0.02%) 1035943 ( 0.00%) 179.70
frag 2024 ( 0.01%) 1727399 ( 0.01%) 853.46
ip6 198030 ( 0.53%) 104825287 ( 0.36%) 529.34
tcp6 119274 ( 0.32%) 83900996 ( 0.29%) 703.43
http(s) 27350 ( 0.07%) 32900646 ( 0.11%) 1202.95
http(c) 27050 ( 0.07%) 3298441 ( 0.01%) 121.94
smtp 167 ( 0.00%) 50136 ( 0.00%) 300.22
dns 285 ( 0.00%) 61441 ( 0.00%) 215.58
bgp 94 ( 0.00%) 15783 ( 0.00%) 167.90
other 64328 ( 0.17%) 47574549 ( 0.16%) 739.56
udp6 46770 ( 0.13%) 11639961 ( 0.04%) 248.88
dns 44178 ( 0.12%) 11238974 ( 0.04%) 254.40
halflif 2 ( 0.00%) 213 ( 0.00%) 106.50
everque 1 ( 0.00%) 110 ( 0.00%) 110.00
cuseeme 1 ( 0.00%) 108 ( 0.00%) 108.00
other 2588 ( 0.01%) 400556 ( 0.00%) 154.77
icmp6 31320 ( 0.08%) 8728353 ( 0.03%) 278.68
ip6 84 ( 0.00%) 11412 ( 0.00%) 135.86
pim6 31 ( 0.00%) 4216 ( 0.00%) 136.00
other6 551 ( 0.00%) 540349 ( 0.00%) 980.67
tcpdump file: 201201281400.dump.gz (855.95 MB)