Traffic Trace Info
DumpFile: 201207161400.dump
FileSize: 4274.47MB
Id: 201207161400
StartTime: Mon Jul 16 14:00:00 2012
EndTime: Mon Jul 16 14:15:00 2012
TotalTime: 900.21 seconds
TotalCapSize: -766.33MB CapLen: 96 bytes
# of packets: 61917672 (46520.98MB)
AvgRate: 433.49Mbps stddev:53.69M
IP flow (unique src/dst pair) Information
# of flows: 2079127 (avg. 29.78 pkts/flow)
Top 10 big flow size (bytes/total in %):
24.8% 10.9% 2.8% 2.0% 1.6% 1.4% 1.2% 0.9% 0.8% 0.8%
IP address Information
# of IPv4 addresses: 1549168
Top 10 bandwidth usage (bytes/total in %):
25.9% 25.9% 11.4% 11.3% 9.6% 9.3% 5.9% 3.6% 3.3% 3.1%
# of IPv6 addresses: 6388
Top 10 bandwidth usage (bytes/total in %):
31.3% 26.1% 5.7% 4.9% 4.9% 3.3% 2.5% 2.5% 2.3% 2.3%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201207161400.pktlen.png)
detailed numbers
[ 32- 63]: 16356074
[ 64- 127]: 7942330
[ 128- 255]: 1553647
[ 256- 511]: 739840
[ 512- 1023]: 6346507
[ 1024- 2047]: 28979274
Protocol Breakdown
![[protocol breakdown chart]](201207161400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 61917672 (100.00%) 48780783073 (100.00%) 787.83
ip 61021647 ( 98.55%) 48149074352 ( 98.71%) 789.05
tcp 51098799 ( 82.53%) 42689892996 ( 87.51%) 835.44
http(s) 19004542 ( 30.69%) 17349011381 ( 35.57%) 912.89
http(c) 17886909 ( 28.89%) 13197263043 ( 27.05%) 737.82
squid 143633 ( 0.23%) 127789055 ( 0.26%) 889.69
smtp 38071 ( 0.06%) 7148473 ( 0.01%) 187.77
nntp 6 ( 0.00%) 366 ( 0.00%) 61.00
ftp 93331 ( 0.15%) 15753771 ( 0.03%) 168.79
pop3 7541 ( 0.01%) 3228920 ( 0.01%) 428.18
imap 3097 ( 0.01%) 366060 ( 0.00%) 118.20
telnet 38334 ( 0.06%) 2824255 ( 0.01%) 73.67
ssh 1621131 ( 2.62%) 868808133 ( 1.78%) 535.93
dns 1646 ( 0.00%) 294500 ( 0.00%) 178.92
bgp 525 ( 0.00%) 105908 ( 0.00%) 201.73
napster 283 ( 0.00%) 19207 ( 0.00%) 67.87
realaud 106 ( 0.00%) 9509 ( 0.00%) 89.71
icecast 22687 ( 0.04%) 7858228 ( 0.02%) 346.38
hotline 9 ( 0.00%) 947 ( 0.00%) 105.22
other 12236860 ( 19.76%) 11109405960 ( 22.77%) 907.86
udp 6580301 ( 10.63%) 3670422185 ( 7.52%) 557.79
dns 687983 ( 1.11%) 214471307 ( 0.44%) 311.74
rip 1 ( 0.00%) 72 ( 0.00%) 72.00
realaud 13 ( 0.00%) 980 ( 0.00%) 75.38
halflif 131 ( 0.00%) 53751 ( 0.00%) 410.31
starcra 58 ( 0.00%) 8250 ( 0.00%) 142.24
everque 241 ( 0.00%) 34346 ( 0.00%) 142.51
unreal 28 ( 0.00%) 2091 ( 0.00%) 74.68
quake 51 ( 0.00%) 26423 ( 0.00%) 518.10
cuseeme 2 ( 0.00%) 427 ( 0.00%) 213.50
other 5477723 ( 8.85%) 3430118418 ( 7.03%) 626.19
icmp 1574387 ( 2.54%) 157358417 ( 0.32%) 99.95
ipip 185 ( 0.00%) 19270 ( 0.00%) 104.16
ipsec 333 ( 0.00%) 93582 ( 0.00%) 281.03
ip6 1731239 ( 2.80%) 1621125808 ( 3.32%) 936.40
pim 21 ( 0.00%) 1260 ( 0.00%) 60.00
other 36382 ( 0.06%) 10160834 ( 0.02%) 279.28
frag 1686502 ( 2.72%) 1305938786 ( 2.68%) 774.35
ip6 896025 ( 1.45%) 631708721 ( 1.29%) 705.01
tcp6 813387 ( 1.31%) 609775345 ( 1.25%) 749.67
http(s) 498728 ( 0.81%) 559583091 ( 1.15%) 1122.02
http(c) 196533 ( 0.32%) 18027770 ( 0.04%) 91.73
squid 106 ( 0.00%) 77407 ( 0.00%) 730.25
smtp 247 ( 0.00%) 76442 ( 0.00%) 309.48
ftp 152 ( 0.00%) 16487 ( 0.00%) 108.47
dns 121 ( 0.00%) 34837 ( 0.00%) 287.91
bgp 103 ( 0.00%) 27117 ( 0.00%) 263.27
other 117397 ( 0.19%) 31932194 ( 0.07%) 272.00
udp6 53862 ( 0.09%) 17407642 ( 0.04%) 323.19
dns 38687 ( 0.06%) 14107567 ( 0.03%) 364.66
everque 1 ( 0.00%) 112 ( 0.00%) 112.00
other 15174 ( 0.02%) 3299963 ( 0.01%) 217.47
icmp6 27918 ( 0.05%) 3769307 ( 0.01%) 135.01
ip6 84 ( 0.00%) 11412 ( 0.00%) 135.86
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 744 ( 0.00%) 740935 ( 0.00%) 995.88
tcpdump file: 201207161400.dump.gz (1304.27 MB)