Traffic Trace Info
DumpFile: 201209161400.dump
FileSize: 2808.42MB
Id: 201209161400
StartTime: Sun Sep 16 14:00:00 2012
EndTime: Sun Sep 16 14:15:00 2012
TotalTime: 900.16 seconds
TotalCapSize: -1951.68MB CapLen: 96 bytes
# of packets: 43521945 (25296.54MB)
AvgRate: 235.76Mbps stddev:70.94M
IP flow (unique src/dst pair) Information
# of flows: 11148839 (avg. 3.90 pkts/flow)
Top 10 big flow size (bytes/total in %):
3.9% 3.8% 2.1% 1.5% 1.2% 1.2% 1.1% 1.0% 1.0% 1.0%
IP address Information
# of IPv4 addresses: 8687892
Top 10 bandwidth usage (bytes/total in %):
37.8% 11.4% 7.8% 6.2% 6.2% 3.6% 3.2% 2.3% 2.2% 2.0%
# of IPv6 addresses: 6125
Top 10 bandwidth usage (bytes/total in %):
20.1% 10.8% 5.8% 4.4% 3.3% 3.3% 3.0% 2.8% 2.6% 2.6%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201209161400.pktlen.png)
detailed numbers
[ 32- 63]: 19964826
[ 64- 127]: 5485094
[ 128- 255]: 661302
[ 256- 511]: 519338
[ 512- 1023]: 655884
[ 1024- 2047]: 16235501
Protocol Breakdown
![[protocol breakdown chart]](201209161400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 43521945 (100.00%) 26525349024 (100.00%) 609.47
ip 43015291 ( 98.84%) 26093979648 ( 98.37%) 606.62
tcp 22441441 ( 51.56%) 20861698805 ( 78.65%) 929.61
http(s) 12600352 ( 28.95%) 17104546159 ( 64.48%) 1357.47
http(c) 6164942 ( 14.17%) 1163733358 ( 4.39%) 188.77
squid 171056 ( 0.39%) 125016971 ( 0.47%) 730.85
smtp 42251 ( 0.10%) 8912471 ( 0.03%) 210.94
nntp 12 ( 0.00%) 748 ( 0.00%) 62.33
ftp 16781 ( 0.04%) 3879448 ( 0.01%) 231.18
pop3 6825 ( 0.02%) 559806 ( 0.00%) 82.02
imap 9380 ( 0.02%) 12195354 ( 0.05%) 1300.14
telnet 9531 ( 0.02%) 725289 ( 0.00%) 76.10
ssh 525546 ( 1.21%) 474551326 ( 1.79%) 902.97
dns 1096 ( 0.00%) 205653 ( 0.00%) 187.64
bgp 611 ( 0.00%) 120754 ( 0.00%) 197.63
napster 21 ( 0.00%) 1875 ( 0.00%) 89.29
realaud 132 ( 0.00%) 12458 ( 0.00%) 94.38
rtsp 5038 ( 0.01%) 7539429 ( 0.03%) 1496.51
icecast 12102 ( 0.03%) 11643871 ( 0.04%) 962.14
hotline 52 ( 0.00%) 4126 ( 0.00%) 79.35
other 2875713 ( 6.61%) 1948049709 ( 7.34%) 677.41
udp 3132665 ( 7.20%) 2099267960 ( 7.91%) 670.12
dns 463372 ( 1.06%) 235533484 ( 0.89%) 508.30
realaud 10 ( 0.00%) 1361 ( 0.00%) 136.10
halflif 35 ( 0.00%) 3810 ( 0.00%) 108.86
starcra 43 ( 0.00%) 9141 ( 0.00%) 212.58
everque 294 ( 0.00%) 35084 ( 0.00%) 119.33
unreal 5 ( 0.00%) 694 ( 0.00%) 138.80
quake 176 ( 0.00%) 138137 ( 0.00%) 784.87
cuseeme 3 ( 0.00%) 292 ( 0.00%) 97.33
other 2668599 ( 6.13%) 1863514819 ( 7.03%) 698.31
icmp 17217152 ( 39.56%) 3054045025 ( 11.51%) 177.38
ipip 184 ( 0.00%) 19160 ( 0.00%) 104.13
ipsec 2257 ( 0.01%) 551590 ( 0.00%) 244.39
ip6 152073 ( 0.35%) 60080517 ( 0.23%) 395.08
pim 82 ( 0.00%) 4920 ( 0.00%) 60.00
other 69437 ( 0.16%) 18311671 ( 0.07%) 263.72
frag 223704 ( 0.51%) 207882658 ( 0.78%) 929.28
ip6 506654 ( 1.16%) 431369376 ( 1.63%) 851.41
tcp6 445324 ( 1.02%) 415208335 ( 1.57%) 932.37
http(s) 326836 ( 0.75%) 342919080 ( 1.29%) 1049.21
http(c) 62912 ( 0.14%) 7233921 ( 0.03%) 114.98
smtp 55 ( 0.00%) 15060 ( 0.00%) 273.82
ftp 84 ( 0.00%) 7336 ( 0.00%) 87.33
ssh 12 ( 0.00%) 1008 ( 0.00%) 84.00
dns 288 ( 0.00%) 36020 ( 0.00%) 125.07
bgp 94 ( 0.00%) 23199 ( 0.00%) 246.80
other 55043 ( 0.13%) 64972711 ( 0.24%) 1180.40
udp6 42976 ( 0.10%) 12806283 ( 0.05%) 297.99
dns 39619 ( 0.09%) 11210926 ( 0.04%) 282.97
halflif 1 ( 0.00%) 106 ( 0.00%) 106.00
everque 56 ( 0.00%) 8259 ( 0.00%) 147.48
other 3300 ( 0.01%) 1586992 ( 0.01%) 480.91
icmp6 17645 ( 0.04%) 2728502 ( 0.01%) 154.63
ip6 84 ( 0.00%) 11412 ( 0.00%) 135.86
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 595 ( 0.00%) 610764 ( 0.00%) 1026.49
tcpdump file: 201209161400.dump.gz (906.38 MB)