Traffic Trace Info
DumpFile: 201209171400.dump
FileSize: 2075.54MB
Id: 201209171400
StartTime: Mon Sep 17 14:00:00 2012
EndTime: Mon Sep 17 14:15:01 2012
TotalTime: 900.63 seconds
TotalCapSize: 1632.03MB CapLen: 96 bytes
# of packets: 29065425 (23946.80MB)
AvgRate: 223.01Mbps stddev:46.91M
IP flow (unique src/dst pair) Information
# of flows: 682777 (avg. 42.57 pkts/flow)
Top 10 big flow size (bytes/total in %):
6.9% 3.6% 2.8% 2.6% 2.5% 2.5% 2.5% 2.3% 1.7% 1.1%
IP address Information
# of IPv4 addresses: 394818
Top 10 bandwidth usage (bytes/total in %):
19.8% 14.6% 7.8% 6.6% 6.1% 4.7% 4.5% 3.8% 3.1% 3.0%
# of IPv6 addresses: 6285
Top 10 bandwidth usage (bytes/total in %):
47.7% 47.6% 13.6% 4.7% 4.3% 3.7% 3.6% 1.8% 1.5% 1.5%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201209171400.pktlen.png)
detailed numbers
[ 32- 63]: 5833281
[ 64- 127]: 5212634
[ 128- 255]: 736619
[ 256- 511]: 653503
[ 512- 1023]: 729908
[ 1024- 2047]: 15899480
Protocol Breakdown
![[protocol breakdown chart]](201209171400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 29065425 (100.00%) 25110039137 (100.00%) 863.91
ip 27918415 ( 96.05%) 23808999400 ( 94.82%) 852.81
tcp 25870920 ( 89.01%) 23148864976 ( 92.19%) 894.78
http(s) 12118976 ( 41.70%) 15774923757 ( 62.82%) 1301.67
http(c) 6838929 ( 23.53%) 1451279329 ( 5.78%) 212.21
squid 409978 ( 1.41%) 373136200 ( 1.49%) 910.14
smtp 50974 ( 0.18%) 9506406 ( 0.04%) 186.50
nntp 4 ( 0.00%) 240 ( 0.00%) 60.00
ftp 3950 ( 0.01%) 323353 ( 0.00%) 81.86
pop3 1619 ( 0.01%) 657949 ( 0.00%) 406.39
imap 2620 ( 0.01%) 1640946 ( 0.01%) 626.32
telnet 9520 ( 0.03%) 724935 ( 0.00%) 76.15
ssh 197496 ( 0.68%) 31433353 ( 0.13%) 159.16
dns 1428 ( 0.00%) 205184 ( 0.00%) 143.69
bgp 605 ( 0.00%) 146785 ( 0.00%) 242.62
napster 208 ( 0.00%) 13444 ( 0.00%) 64.63
realaud 378 ( 0.00%) 106724 ( 0.00%) 282.34
icecast 2403 ( 0.01%) 1524790 ( 0.01%) 634.54
hotline 12 ( 0.00%) 1107 ( 0.00%) 92.25
other 6231820 ( 21.44%) 5503240474 ( 21.92%) 883.09
udp 1438857 ( 4.95%) 511230633 ( 2.04%) 355.30
dns 552052 ( 1.90%) 270956693 ( 1.08%) 490.82
realaud 16 ( 0.00%) 2669 ( 0.00%) 166.81
halflif 33 ( 0.00%) 3768 ( 0.00%) 114.18
starcra 30 ( 0.00%) 4126 ( 0.00%) 137.53
everque 113 ( 0.00%) 20982 ( 0.00%) 185.68
unreal 5 ( 0.00%) 953 ( 0.00%) 190.60
quake 17 ( 0.00%) 2322 ( 0.00%) 136.59
cuseeme 1 ( 0.00%) 87 ( 0.00%) 87.00
other 886482 ( 3.05%) 240198023 ( 0.96%) 270.96
icmp 380025 ( 1.31%) 76062081 ( 0.30%) 200.15
ipip 185 ( 0.00%) 19270 ( 0.00%) 104.16
ipsec 2586 ( 0.01%) 636156 ( 0.00%) 246.00
ip6 163162 ( 0.56%) 58074451 ( 0.23%) 355.93
pim 87 ( 0.00%) 5220 ( 0.00%) 60.00
other 62593 ( 0.22%) 14106613 ( 0.06%) 225.37
frag 165667 ( 0.57%) 168581385 ( 0.67%) 1017.59
ip6 1147010 ( 3.95%) 1301039737 ( 5.18%) 1134.29
tcp6 1077488 ( 3.71%) 1283078753 ( 5.11%) 1190.81
http(s) 958427 ( 3.30%) 1240145654 ( 4.94%) 1293.94
http(c) 83373 ( 0.29%) 8711678 ( 0.03%) 104.49
squid 21 ( 0.00%) 3880 ( 0.00%) 184.76
smtp 542 ( 0.00%) 193929 ( 0.00%) 357.80
ftp 294 ( 0.00%) 27056 ( 0.00%) 92.03
pop3 21 ( 0.00%) 7001 ( 0.00%) 333.38
ssh 12 ( 0.00%) 1008 ( 0.00%) 84.00
dns 380 ( 0.00%) 54604 ( 0.00%) 143.69
bgp 94 ( 0.00%) 21500 ( 0.00%) 228.72
other 34324 ( 0.12%) 33912443 ( 0.14%) 988.01
udp6 50375 ( 0.17%) 14275376 ( 0.06%) 283.38
dns 49494 ( 0.17%) 14180192 ( 0.06%) 286.50
halflif 2 ( 0.00%) 211 ( 0.00%) 105.50
everque 2 ( 0.00%) 237 ( 0.00%) 118.50
other 877 ( 0.00%) 94736 ( 0.00%) 108.02
icmp6 18206 ( 0.06%) 2801092 ( 0.01%) 153.86
ip6 82 ( 0.00%) 11176 ( 0.00%) 136.29
pim6 31 ( 0.00%) 4216 ( 0.00%) 136.00
other6 828 ( 0.00%) 869124 ( 0.00%) 1049.67
tcpdump file: 201209171400.dump.gz (635.88 MB)