Traffic Trace Info
DumpFile: 201209101400.dump
FileSize: 2778.15MB
Id: 201209101400
StartTime: Mon Sep 10 14:00:01 2012
EndTime: Mon Sep 10 14:15:00 2012
TotalTime: 899.31 seconds
TotalCapSize: -1957.91MB CapLen: 96 bytes
# of packets: 41946472 (19547.92MB)
AvgRate: 182.37Mbps stddev:28.56M
IP flow (unique src/dst pair) Information
# of flows: 12182403 (avg. 3.44 pkts/flow)
Top 10 big flow size (bytes/total in %):
8.3% 5.9% 3.8% 1.9% 1.8% 1.8% 1.4% 1.0% 0.9% 0.8%
IP address Information
# of IPv4 addresses: 9700554
Top 10 bandwidth usage (bytes/total in %):
23.6% 8.8% 7.2% 6.3% 4.5% 4.0% 4.0% 3.7% 3.1% 2.4%
# of IPv6 addresses: 7098
Top 10 bandwidth usage (bytes/total in %):
22.4% 16.6% 4.6% 4.3% 3.4% 3.4% 3.4% 3.1% 2.5% 2.5%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201209101400.pktlen.png)
detailed numbers
[ 32- 63]: 20114631
[ 64- 127]: 7538870
[ 128- 255]: 919170
[ 256- 511]: 603900
[ 512- 1023]: 669181
[ 1024- 2047]: 12100720
Protocol Breakdown
![[protocol breakdown chart]](201209101400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 41946472 (100.00%) 20497482390 (100.00%) 488.66
ip 41061029 ( 97.89%) 19718381831 ( 96.20%) 480.22
tcp 20715650 ( 49.39%) 17034241134 ( 83.10%) 822.29
http(s) 10599374 ( 25.27%) 13759490953 ( 67.13%) 1298.14
http(c) 6938007 ( 16.54%) 1054343520 ( 5.14%) 151.97
squid 47383 ( 0.11%) 25076836 ( 0.12%) 529.24
smtp 85401 ( 0.20%) 40766126 ( 0.20%) 477.35
nntp 6 ( 0.00%) 366 ( 0.00%) 61.00
ftp 13884 ( 0.03%) 3194692 ( 0.02%) 230.10
pop3 18198 ( 0.04%) 15381786 ( 0.08%) 845.25
imap 3045 ( 0.01%) 531004 ( 0.00%) 174.39
telnet 1455 ( 0.00%) 122760 ( 0.00%) 84.37
ssh 138509 ( 0.33%) 24450222 ( 0.12%) 176.52
dns 1288 ( 0.00%) 214275 ( 0.00%) 166.36
bgp 556 ( 0.00%) 118945 ( 0.00%) 213.93
napster 84 ( 0.00%) 7355 ( 0.00%) 87.56
realaud 66 ( 0.00%) 6095 ( 0.00%) 92.35
icecast 15848 ( 0.04%) 11894663 ( 0.06%) 750.55
hotline 54 ( 0.00%) 3558 ( 0.00%) 65.89
other 2852491 ( 6.80%) 2098637918 ( 10.24%) 735.72
udp 2158054 ( 5.14%) 733323233 ( 3.58%) 339.81
dns 400906 ( 0.96%) 89537699 ( 0.44%) 223.34
rip 1 ( 0.00%) 90 ( 0.00%) 90.00
realaud 14 ( 0.00%) 2328 ( 0.00%) 166.29
halflif 193 ( 0.00%) 38938 ( 0.00%) 201.75
starcra 38 ( 0.00%) 3891 ( 0.00%) 102.39
everque 261 ( 0.00%) 45175 ( 0.00%) 173.08
unreal 10 ( 0.00%) 1336 ( 0.00%) 133.60
quake 88 ( 0.00%) 15557 ( 0.00%) 176.78
cuseeme 7 ( 0.00%) 1194 ( 0.00%) 170.57
other 1756461 ( 4.19%) 643636273 ( 3.14%) 366.44
icmp 16126570 ( 38.45%) 1043434738 ( 5.09%) 64.70
ipip 185 ( 0.00%) 19270 ( 0.00%) 104.16
ipsec 570631 ( 1.36%) 71138394 ( 0.35%) 124.67
ip6 1429364 ( 3.41%) 820595867 ( 4.00%) 574.10
pim 80 ( 0.00%) 4800 ( 0.00%) 60.00
other 60495 ( 0.14%) 15624395 ( 0.08%) 258.28
frag 368 ( 0.00%) 366875 ( 0.00%) 996.94
ip6 885443 ( 2.11%) 779100559 ( 3.80%) 879.90
tcp6 791105 ( 1.89%) 746249525 ( 3.64%) 943.30
http(s) 582670 ( 1.39%) 675254846 ( 3.29%) 1158.90
http(c) 133611 ( 0.32%) 14689428 ( 0.07%) 109.94
squid 37 ( 0.00%) 6163 ( 0.00%) 166.57
smtp 169 ( 0.00%) 21675 ( 0.00%) 128.25
ftp 2272 ( 0.01%) 683948 ( 0.00%) 301.03
pop3 56 ( 0.00%) 15183 ( 0.00%) 271.12
ssh 253 ( 0.00%) 29043 ( 0.00%) 114.79
dns 115 ( 0.00%) 46541 ( 0.00%) 404.70
bgp 95 ( 0.00%) 29686 ( 0.00%) 312.48
other 71827 ( 0.17%) 55473012 ( 0.27%) 772.31
udp6 77990 ( 0.19%) 28527142 ( 0.14%) 365.78
dns 64614 ( 0.15%) 20632930 ( 0.10%) 319.33
everque 1 ( 0.00%) 107 ( 0.00%) 107.00
other 13375 ( 0.03%) 7894105 ( 0.04%) 590.21
icmp6 14045 ( 0.03%) 2354256 ( 0.01%) 167.62
ip6 83 ( 0.00%) 11344 ( 0.00%) 136.67
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 2190 ( 0.01%) 1954212 ( 0.01%) 892.33
tcpdump file: 201209101400.dump.gz (929.39 MB)