Traffic Trace Info
DumpFile: 201209151400.dump
FileSize: 2929.76MB
Id: 201209151400
StartTime: Sat Sep 15 14:00:01 2012
EndTime: Sat Sep 15 14:15:01 2012
TotalTime: 899.58 seconds
TotalCapSize: -1839.79MB CapLen: 96 bytes
# of packets: 44141399 (24806.69MB)
AvgRate: 231.32Mbps stddev:57.59M
IP flow (unique src/dst pair) Information
# of flows: 11048148 (avg. 4.00 pkts/flow)
Top 10 big flow size (bytes/total in %):
8.0% 3.0% 1.0% 0.9% 0.9% 0.9% 0.9% 0.8% 0.8% 0.7%
IP address Information
# of IPv4 addresses: 8655069
Top 10 bandwidth usage (bytes/total in %):
26.7% 8.2% 8.2% 6.2% 6.1% 5.6% 3.9% 3.2% 3.1% 2.5%
# of IPv6 addresses: 6136
Top 10 bandwidth usage (bytes/total in %):
22.7% 16.3% 10.0% 9.3% 8.7% 7.4% 6.2% 3.7% 3.1% 3.1%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201209151400.pktlen.png)
detailed numbers
[ 32- 63]: 19354823
[ 64- 127]: 7038692
[ 128- 255]: 665590
[ 256- 511]: 494417
[ 512- 1023]: 666195
[ 1024- 2047]: 15921682
Protocol Breakdown
![[protocol breakdown chart]](201209151400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 44141399 (100.00%) 26011704971 (100.00%) 589.28
ip 43645099 ( 98.88%) 25553022375 ( 98.24%) 585.47
tcp 24322944 ( 55.10%) 22818789158 ( 87.73%) 938.16
http(s) 13346517 ( 30.24%) 17901651263 ( 68.82%) 1341.30
http(c) 6171406 ( 13.98%) 584115773 ( 2.25%) 94.65
squid 178854 ( 0.41%) 130741545 ( 0.50%) 731.00
smtp 48896 ( 0.11%) 8309278 ( 0.03%) 169.94
nntp 1 ( 0.00%) 60 ( 0.00%) 60.00
ftp 15674 ( 0.04%) 3130702 ( 0.01%) 199.74
pop3 1254 ( 0.00%) 251221 ( 0.00%) 200.34
imap 2408 ( 0.01%) 703977 ( 0.00%) 292.35
telnet 1156 ( 0.00%) 103028 ( 0.00%) 89.12
ssh 2305720 ( 5.22%) 2581429601 ( 9.92%) 1119.58
dns 1317 ( 0.00%) 217831 ( 0.00%) 165.40
bgp 568 ( 0.00%) 119997 ( 0.00%) 211.26
napster 118 ( 0.00%) 8095 ( 0.00%) 68.60
realaud 253 ( 0.00%) 141869 ( 0.00%) 560.75
icecast 8263 ( 0.02%) 3179147 ( 0.01%) 384.74
other 2240538 ( 5.08%) 1604685711 ( 6.17%) 716.21
udp 2323180 ( 5.26%) 1563421863 ( 6.01%) 672.97
dns 527567 ( 1.20%) 285468754 ( 1.10%) 541.10
rip 1 ( 0.00%) 72 ( 0.00%) 72.00
realaud 10 ( 0.00%) 1008 ( 0.00%) 100.80
halflif 37 ( 0.00%) 4459 ( 0.00%) 120.51
starcra 32 ( 0.00%) 3274 ( 0.00%) 102.31
everque 80 ( 0.00%) 15850 ( 0.00%) 198.12
unreal 4 ( 0.00%) 531 ( 0.00%) 132.75
quake 7 ( 0.00%) 609 ( 0.00%) 87.00
cuseeme 5 ( 0.00%) 528 ( 0.00%) 105.60
other 1795264 ( 4.07%) 1277862851 ( 4.91%) 711.80
icmp 16677998 ( 37.78%) 1064983963 ( 4.09%) 63.86
ipip 185 ( 0.00%) 19270 ( 0.00%) 104.16
ipsec 133090 ( 0.30%) 47600300 ( 0.18%) 357.65
ip6 127873 ( 0.29%) 44281339 ( 0.17%) 346.29
pim 87 ( 0.00%) 5220 ( 0.00%) 60.00
other 59742 ( 0.14%) 13921262 ( 0.05%) 233.02
frag 184960 ( 0.42%) 188397330 ( 0.72%) 1018.58
ip6 496300 ( 1.12%) 458682596 ( 1.76%) 924.20
tcp6 424767 ( 0.96%) 437141628 ( 1.68%) 1029.13
http(s) 341656 ( 0.77%) 402940320 ( 1.55%) 1179.37
http(c) 47830 ( 0.11%) 5390314 ( 0.02%) 112.70
smtp 68 ( 0.00%) 7945 ( 0.00%) 116.84
ftp 10026 ( 0.02%) 4497658 ( 0.02%) 448.60
imap 702 ( 0.00%) 290466 ( 0.00%) 413.77
ssh 12 ( 0.00%) 1008 ( 0.00%) 84.00
dns 338 ( 0.00%) 44010 ( 0.00%) 130.21
bgp 106 ( 0.00%) 26337 ( 0.00%) 248.46
other 24029 ( 0.05%) 23943570 ( 0.09%) 996.44
udp6 52771 ( 0.12%) 17727815 ( 0.07%) 335.94
dns 45238 ( 0.10%) 13300691 ( 0.05%) 294.02
quake 1 ( 0.00%) 107 ( 0.00%) 107.00
other 7532 ( 0.02%) 4427017 ( 0.02%) 587.76
icmp6 17638 ( 0.04%) 2760851 ( 0.01%) 156.53
ip6 84 ( 0.00%) 11462 ( 0.00%) 136.45
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 1010 ( 0.00%) 1036760 ( 0.00%) 1026.50
tcpdump file: 201209151400.dump.gz (926.00 MB)