Traffic Trace Info
DumpFile: 201209131400.dump
FileSize: 2460.65MB
Id: 201209131400
StartTime: Thu Sep 13 14:00:00 2012
EndTime: Thu Sep 13 14:15:01 2012
TotalTime: 900.04 seconds
TotalCapSize: 1892.67MB CapLen: 96 bytes
# of packets: 37222757 (17850.79MB)
AvgRate: 166.37Mbps stddev:39.74M
IP flow (unique src/dst pair) Information
# of flows: 11070733 (avg. 3.36 pkts/flow)
Top 10 big flow size (bytes/total in %):
3.9% 3.1% 2.7% 1.9% 1.8% 1.7% 1.6% 1.5% 1.3% 1.2%
IP address Information
# of IPv4 addresses: 8649765
Top 10 bandwidth usage (bytes/total in %):
13.2% 6.6% 6.4% 6.2% 5.4% 5.3% 4.9% 4.8% 4.3% 3.4%
# of IPv6 addresses: 7028
Top 10 bandwidth usage (bytes/total in %):
26.7% 13.7% 12.1% 4.5% 2.5% 2.4% 2.1% 2.0% 1.9% 1.9%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201209131400.pktlen.png)
detailed numbers
[ 32- 63]: 17511945
[ 64- 127]: 6556801
[ 128- 255]: 711786
[ 256- 511]: 619703
[ 512- 1023]: 796213
[ 1024- 2047]: 11026309
Protocol Breakdown
![[protocol breakdown chart]](201209131400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 37222757 (100.00%) 18717912832 (100.00%) 502.86
ip 36486211 ( 98.02%) 18053860706 ( 96.45%) 494.81
tcp 18893206 ( 50.76%) 16017603507 ( 85.57%) 847.80
http(s) 9631279 ( 25.87%) 11389172020 ( 60.85%) 1182.52
http(c) 5965509 ( 16.03%) 1798708926 ( 9.61%) 301.52
squid 51216 ( 0.14%) 27574972 ( 0.15%) 538.41
smtp 59304 ( 0.16%) 17609922 ( 0.09%) 296.94
nntp 8 ( 0.00%) 486 ( 0.00%) 60.75
ftp 16806 ( 0.05%) 3279928 ( 0.02%) 195.16
pop3 4199 ( 0.01%) 3046779 ( 0.02%) 725.60
imap 3382 ( 0.01%) 897286 ( 0.00%) 265.31
telnet 8182 ( 0.02%) 627433 ( 0.00%) 76.68
ssh 79324 ( 0.21%) 73883114 ( 0.39%) 931.41
dns 1314 ( 0.00%) 222946 ( 0.00%) 169.67
bgp 570 ( 0.00%) 124748 ( 0.00%) 218.86
napster 214 ( 0.00%) 13869 ( 0.00%) 64.81
realaud 112 ( 0.00%) 19062 ( 0.00%) 170.20
rtsp 773 ( 0.00%) 916644 ( 0.00%) 1185.83
icecast 32881 ( 0.09%) 30766271 ( 0.16%) 935.69
hotline 5 ( 0.00%) 720 ( 0.00%) 144.00
other 3038127 ( 8.16%) 2670738321 ( 14.27%) 879.07
udp 2252792 ( 6.05%) 959643637 ( 5.13%) 425.98
dns 576434 ( 1.55%) 265890716 ( 1.42%) 461.27
rip 65533 ( 0.18%) 4325178 ( 0.02%) 66.00
realaud 10 ( 0.00%) 1627 ( 0.00%) 162.70
halflif 34 ( 0.00%) 5072 ( 0.00%) 149.18
starcra 53 ( 0.00%) 5079 ( 0.00%) 95.83
everque 188 ( 0.00%) 32127 ( 0.00%) 170.89
unreal 9 ( 0.00%) 865 ( 0.00%) 96.11
quake 22 ( 0.00%) 2447 ( 0.00%) 111.23
cuseeme 1 ( 0.00%) 84 ( 0.00%) 84.00
other 1610390 ( 4.33%) 689336901 ( 3.68%) 428.06
icmp 15049478 ( 40.43%) 962394467 ( 5.14%) 63.95
ipip 185 ( 0.00%) 19270 ( 0.00%) 104.16
ipsec 19019 ( 0.05%) 5577202 ( 0.03%) 293.24
ip6 212536 ( 0.57%) 93518403 ( 0.50%) 440.01
pim 80 ( 0.00%) 4800 ( 0.00%) 60.00
other 58915 ( 0.16%) 15099420 ( 0.08%) 256.29
frag 170149 ( 0.46%) 173338255 ( 0.93%) 1018.74
ip6 736546 ( 1.98%) 664052126 ( 3.55%) 901.58
tcp6 641928 ( 1.72%) 625619005 ( 3.34%) 974.59
http(s) 502633 ( 1.35%) 593895925 ( 3.17%) 1181.57
http(c) 112703 ( 0.30%) 11934541 ( 0.06%) 105.89
squid 73 ( 0.00%) 16771 ( 0.00%) 229.74
smtp 296 ( 0.00%) 108873 ( 0.00%) 367.81
ftp 1352 ( 0.00%) 151388 ( 0.00%) 111.97
ssh 12 ( 0.00%) 1008 ( 0.00%) 84.00
dns 353 ( 0.00%) 67820 ( 0.00%) 192.12
bgp 104 ( 0.00%) 28657 ( 0.00%) 275.55
realaud 2 ( 0.00%) 148 ( 0.00%) 74.00
other 24400 ( 0.07%) 19413874 ( 0.10%) 795.65
udp6 79486 ( 0.21%) 35092919 ( 0.19%) 441.50
dns 59435 ( 0.16%) 17804951 ( 0.10%) 299.57
realaud 1 ( 0.00%) 102 ( 0.00%) 102.00
other 20050 ( 0.05%) 17287866 ( 0.09%) 862.24
icmp6 14002 ( 0.04%) 2301494 ( 0.01%) 164.37
ip6 86 ( 0.00%) 11648 ( 0.00%) 135.44
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 1014 ( 0.00%) 1022980 ( 0.01%) 1008.86
tcpdump file: 201209131400.dump.gz (834.87 MB)