Traffic Trace Info
DumpFile: 201208131400.dump
FileSize: 2505.52MB
Id: 201208131400
StartTime: Mon Aug 13 14:00:00 2012
EndTime: Mon Aug 13 14:15:01 2012
TotalTime: 900.49 seconds
TotalCapSize: 1946.16MB CapLen: 96 bytes
# of packets: 36657562 (25588.16MB)
AvgRate: 238.37Mbps stddev:65.42M
IP flow (unique src/dst pair) Information
# of flows: 1007740 (avg. 36.38 pkts/flow)
Top 10 big flow size (bytes/total in %):
5.7% 3.1% 2.0% 1.8% 1.6% 1.4% 1.3% 1.2% 1.1% 0.9%
IP address Information
# of IPv4 addresses: 640252
Top 10 bandwidth usage (bytes/total in %):
26.9% 7.7% 7.6% 5.9% 4.9% 4.6% 4.6% 3.3% 3.3% 3.0%
# of IPv6 addresses: 6597
Top 10 bandwidth usage (bytes/total in %):
42.7% 13.5% 13.3% 12.2% 6.2% 3.8% 3.8% 3.4% 3.1% 2.9%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201208131400.pktlen.png)
detailed numbers
[ 32- 63]: 4524491
[ 64- 127]: 7582375
[ 128- 255]: 1461492
[ 256- 511]: 599710
[ 512- 1023]: 8571979
[ 1024- 2047]: 13917515
Protocol Breakdown
![[protocol breakdown chart]](201208131400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 36657562 (100.00%) 26831134231 (100.00%) 731.94
ip 35912886 ( 97.97%) 26171827950 ( 97.54%) 728.76
tcp 22523600 ( 61.44%) 19404910276 ( 72.32%) 861.54
http(s) 13174597 ( 35.94%) 17498323493 ( 65.22%) 1328.19
http(c) 7109334 ( 19.39%) 1036719160 ( 3.86%) 145.83
squid 131162 ( 0.36%) 59343825 ( 0.22%) 452.45
smtp 49106 ( 0.13%) 7012500 ( 0.03%) 142.80
ftp 18736 ( 0.05%) 2049077 ( 0.01%) 109.37
pop3 2272 ( 0.01%) 1096455 ( 0.00%) 482.59
imap 2173 ( 0.01%) 709222 ( 0.00%) 326.38
telnet 6077 ( 0.02%) 471574 ( 0.00%) 77.60
ssh 150715 ( 0.41%) 71387907 ( 0.27%) 473.66
dns 1857 ( 0.01%) 248627 ( 0.00%) 133.89
bgp 527 ( 0.00%) 104376 ( 0.00%) 198.06
napster 162 ( 0.00%) 12322 ( 0.00%) 76.06
realaud 85 ( 0.00%) 18026 ( 0.00%) 212.07
icecast 618 ( 0.00%) 80170 ( 0.00%) 129.72
hotline 12 ( 0.00%) 1114 ( 0.00%) 92.83
other 1876167 ( 5.12%) 727332428 ( 2.71%) 387.67
udp 11259174 ( 30.71%) 5684481288 ( 21.19%) 504.88
dns 514669 ( 1.40%) 117935948 ( 0.44%) 229.15
rip 8382890 ( 22.87%) 4423986786 ( 16.49%) 527.74
realaud 62 ( 0.00%) 8504 ( 0.00%) 137.16
halflif 111 ( 0.00%) 17929 ( 0.00%) 161.52
starcra 32 ( 0.00%) 8279 ( 0.00%) 258.72
everque 217 ( 0.00%) 26997 ( 0.00%) 124.41
unreal 183 ( 0.00%) 13090 ( 0.00%) 71.53
quake 39 ( 0.00%) 4503 ( 0.00%) 115.46
cuseeme 9 ( 0.00%) 690 ( 0.00%) 76.67
other 2360910 ( 6.44%) 1142453025 ( 4.26%) 483.90
icmp 602109 ( 1.64%) 101913447 ( 0.38%) 169.26
ipip 184 ( 0.00%) 19160 ( 0.00%) 104.13
ipsec 4065 ( 0.01%) 1499046 ( 0.01%) 368.77
ip6 1474119 ( 4.02%) 965039399 ( 3.60%) 654.66
pim 85 ( 0.00%) 5100 ( 0.00%) 60.00
other 49550 ( 0.14%) 13960234 ( 0.05%) 281.74
frag 6873 ( 0.02%) 5668404 ( 0.02%) 824.74
ip6 744676 ( 2.03%) 659306281 ( 2.46%) 885.36
tcp6 669828 ( 1.83%) 641342377 ( 2.39%) 957.47
http(s) 525247 ( 1.43%) 616516129 ( 2.30%) 1173.76
http(c) 134248 ( 0.37%) 13139721 ( 0.05%) 97.88
smtp 258 ( 0.00%) 80514 ( 0.00%) 312.07
ftp 166 ( 0.00%) 17846 ( 0.00%) 107.51
pop3 30 ( 0.00%) 6072 ( 0.00%) 202.40
ssh 188 ( 0.00%) 17260 ( 0.00%) 91.81
dns 56 ( 0.00%) 19392 ( 0.00%) 346.29
bgp 256 ( 0.00%) 203459 ( 0.00%) 794.76
other 9379 ( 0.03%) 11341984 ( 0.04%) 1209.30
udp6 44653 ( 0.12%) 13001658 ( 0.05%) 291.17
dns 42813 ( 0.12%) 12603852 ( 0.05%) 294.39
other 1840 ( 0.01%) 397806 ( 0.00%) 216.20
icmp6 29147 ( 0.08%) 4003762 ( 0.01%) 137.36
ip6 82 ( 0.00%) 11176 ( 0.00%) 136.29
pim6 31 ( 0.00%) 4216 ( 0.00%) 136.00
other6 935 ( 0.00%) 943092 ( 0.00%) 1008.65
tcpdump file: 201208131400.dump.gz (751.84 MB)