Traffic Trace Info
DumpFile: 201208171400.dump
FileSize: 2528.37MB
Id: 201208171400
StartTime: Fri Aug 17 14:00:00 2012
EndTime: Fri Aug 17 14:15:00 2012
TotalTime: 900.22 seconds
TotalCapSize: 1948.38MB CapLen: 96 bytes
# of packets: 38010134 (26595.77MB)
AvgRate: 247.87Mbps stddev:53.70M
IP flow (unique src/dst pair) Information
# of flows: 2195869 (avg. 17.31 pkts/flow)
Top 10 big flow size (bytes/total in %):
2.2% 1.9% 1.9% 1.9% 1.5% 1.5% 1.5% 1.1% 0.8% 0.7%
IP address Information
# of IPv4 addresses: 1656667
Top 10 bandwidth usage (bytes/total in %):
20.3% 8.9% 6.9% 6.9% 6.1% 5.9% 5.0% 3.1% 2.9% 2.6%
# of IPv6 addresses: 6246
Top 10 bandwidth usage (bytes/total in %):
15.8% 11.1% 10.6% 10.6% 6.5% 5.9% 4.8% 4.1% 4.1% 4.1%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201208171400.pktlen.png)
detailed numbers
[ 32- 63]: 5679784
[ 64- 127]: 5396713
[ 128- 255]: 1628378
[ 256- 511]: 607089
[ 512- 1023]: 10833678
[ 1024- 2047]: 13864492
Protocol Breakdown
![[protocol breakdown chart]](201208171400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 38010134 (100.00%) 27887687105 (100.00%) 733.69
ip 37473635 ( 98.59%) 27451415780 ( 98.44%) 732.55
tcp 21202135 ( 55.78%) 19820961578 ( 71.07%) 934.86
http(s) 11786347 ( 31.01%) 15681821790 ( 56.23%) 1330.51
http(c) 4412106 ( 11.61%) 677716817 ( 2.43%) 153.60
squid 27611 ( 0.07%) 15734849 ( 0.06%) 569.88
smtp 69616 ( 0.18%) 25137591 ( 0.09%) 361.09
nntp 4 ( 0.00%) 248 ( 0.00%) 62.00
ftp 3523 ( 0.01%) 308801 ( 0.00%) 87.65
pop3 1706 ( 0.00%) 586737 ( 0.00%) 343.93
imap 1304 ( 0.00%) 317431 ( 0.00%) 243.43
telnet 7030 ( 0.02%) 537666 ( 0.00%) 76.48
ssh 20609 ( 0.05%) 5379631 ( 0.02%) 261.03
dns 4077 ( 0.01%) 2088596 ( 0.01%) 512.29
bgp 569 ( 0.00%) 144794 ( 0.00%) 254.47
napster 10 ( 0.00%) 1006 ( 0.00%) 100.60
realaud 49 ( 0.00%) 6351 ( 0.00%) 129.61
icecast 501 ( 0.00%) 69877 ( 0.00%) 139.48
hotline 11 ( 0.00%) 1180 ( 0.00%) 107.27
other 4867061 ( 12.80%) 3411108153 ( 12.23%) 700.86
udp 13502271 ( 35.52%) 6908319850 ( 24.77%) 511.64
dns 988800 ( 2.60%) 639611899 ( 2.29%) 646.86
rip 10437381 ( 27.46%) 5457108744 ( 19.57%) 522.84
realaud 48 ( 0.00%) 3933 ( 0.00%) 81.94
halflif 49 ( 0.00%) 5168 ( 0.00%) 105.47
starcra 57 ( 0.00%) 4488 ( 0.00%) 78.74
everque 187 ( 0.00%) 78029 ( 0.00%) 417.27
unreal 14 ( 0.00%) 7688 ( 0.00%) 549.14
quake 21 ( 0.00%) 2312 ( 0.00%) 110.10
cuseeme 4 ( 0.00%) 625 ( 0.00%) 156.25
other 2075277 ( 5.46%) 811391566 ( 2.91%) 390.98
icmp 1602622 ( 4.22%) 172329589 ( 0.62%) 107.53
ipip 185 ( 0.00%) 19270 ( 0.00%) 104.16
ipsec 954 ( 0.00%) 318556 ( 0.00%) 333.92
ip6 1109960 ( 2.92%) 535929668 ( 1.92%) 482.84
pim 90 ( 0.00%) 5400 ( 0.00%) 60.00
other 55418 ( 0.15%) 13531869 ( 0.05%) 244.18
frag 632637 ( 1.66%) 688351445 ( 2.47%) 1088.07
ip6 536499 ( 1.41%) 436271325 ( 1.56%) 813.18
tcp6 459085 ( 1.21%) 416348962 ( 1.49%) 906.91
http(s) 302854 ( 0.80%) 348026560 ( 1.25%) 1149.16
http(c) 93342 ( 0.25%) 9558745 ( 0.03%) 102.41
smtp 305 ( 0.00%) 128994 ( 0.00%) 422.93
ftp 166 ( 0.00%) 17847 ( 0.00%) 107.51
ssh 18 ( 0.00%) 1512 ( 0.00%) 84.00
dns 90 ( 0.00%) 36339 ( 0.00%) 403.77
bgp 100 ( 0.00%) 31891 ( 0.00%) 318.91
other 62210 ( 0.16%) 58547074 ( 0.21%) 941.12
udp6 50886 ( 0.13%) 15625263 ( 0.06%) 307.06
dns 49969 ( 0.13%) 15502533 ( 0.06%) 310.24
halflif 2 ( 0.00%) 215 ( 0.00%) 107.50
other 915 ( 0.00%) 122515 ( 0.00%) 133.90
icmp6 25733 ( 0.07%) 3598724 ( 0.01%) 139.85
ip6 82 ( 0.00%) 11176 ( 0.00%) 136.29
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 683 ( 0.00%) 683120 ( 0.00%) 1000.18
tcpdump file: 201208171400.dump.gz (781.71 MB)