Traffic Trace Info
DumpFile: 201209181400.dump
FileSize: 1680.02MB
Id: 201209181400
StartTime: Tue Sep 18 14:00:01 2012
EndTime: Tue Sep 18 14:15:01 2012
TotalTime: 899.75 seconds
TotalCapSize: 1325.13MB CapLen: 96 bytes
# of packets: 23257322 (15990.17MB)
AvgRate: 149.09Mbps stddev:34.90M
IP flow (unique src/dst pair) Information
# of flows: 743262 (avg. 31.29 pkts/flow)
Top 10 big flow size (bytes/total in %):
3.3% 2.5% 1.7% 1.6% 1.3% 1.3% 0.9% 0.9% 0.9% 0.9%
IP address Information
# of IPv4 addresses: 391420
Top 10 bandwidth usage (bytes/total in %):
10.6% 6.6% 4.5% 4.3% 4.2% 3.8% 3.6% 3.3% 3.3% 3.1%
# of IPv6 addresses: 7388
Top 10 bandwidth usage (bytes/total in %):
23.8% 18.4% 13.9% 4.7% 3.0% 2.7% 2.3% 2.1% 2.1% 1.9%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201209181400.pktlen.png)
detailed numbers
[ 32- 63]: 5212468
[ 64- 127]: 5602624
[ 128- 255]: 699519
[ 256- 511]: 818794
[ 512- 1023]: 707031
[ 1024- 2047]: 10216886
Protocol Breakdown
![[protocol breakdown chart]](201209181400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 23257322 (100.00%) 16766908660 (100.00%) 720.93
ip 22290319 ( 95.84%) 15861893702 ( 94.60%) 711.60
tcp 19737144 ( 84.86%) 14738803411 ( 87.90%) 746.75
http(s) 9622109 ( 41.37%) 11904926785 ( 71.00%) 1237.25
http(c) 6511345 ( 28.00%) 971571307 ( 5.79%) 149.21
squid 187181 ( 0.80%) 137216589 ( 0.82%) 733.07
smtp 88317 ( 0.38%) 19667353 ( 0.12%) 222.69
nntp 12 ( 0.00%) 748 ( 0.00%) 62.33
ftp 17223 ( 0.07%) 3669096 ( 0.02%) 213.03
pop3 3873 ( 0.02%) 2188477 ( 0.01%) 565.06
imap 20475 ( 0.09%) 27230515 ( 0.16%) 1329.94
telnet 9323 ( 0.04%) 703564 ( 0.00%) 75.47
ssh 76078 ( 0.33%) 37103183 ( 0.22%) 487.70
dns 1482 ( 0.01%) 252895 ( 0.00%) 170.64
bgp 657 ( 0.00%) 209253 ( 0.00%) 318.50
napster 22 ( 0.00%) 2466 ( 0.00%) 112.09
realaud 440 ( 0.00%) 31736 ( 0.00%) 72.13
icecast 5044 ( 0.02%) 3136989 ( 0.02%) 621.92
hotline 39 ( 0.00%) 3997 ( 0.00%) 102.49
other 3193523 ( 13.73%) 1630888398 ( 9.73%) 510.69
udp 1851015 ( 7.96%) 892315921 ( 5.32%) 482.07
dns 586743 ( 2.52%) 231848681 ( 1.38%) 395.15
realaud 12 ( 0.00%) 906 ( 0.00%) 75.50
halflif 75 ( 0.00%) 6600 ( 0.00%) 88.00
starcra 34 ( 0.00%) 3794 ( 0.00%) 111.59
everque 197 ( 0.00%) 49153 ( 0.00%) 249.51
unreal 14 ( 0.00%) 1607 ( 0.00%) 114.79
quake 10 ( 0.00%) 946 ( 0.00%) 94.60
cuseeme 1 ( 0.00%) 95 ( 0.00%) 95.00
other 1263817 ( 5.43%) 660338300 ( 3.94%) 522.50
icmp 362608 ( 1.56%) 79259736 ( 0.47%) 218.58
ipip 185 ( 0.00%) 19270 ( 0.00%) 104.16
ipsec 17983 ( 0.08%) 4032170 ( 0.02%) 224.22
ip6 256915 ( 1.10%) 131620811 ( 0.79%) 512.31
pim 97 ( 0.00%) 5820 ( 0.00%) 60.00
other 64372 ( 0.28%) 15836563 ( 0.09%) 246.02
frag 118826 ( 0.51%) 121771492 ( 0.73%) 1024.79
ip6 967003 ( 4.16%) 905014958 ( 5.40%) 935.90
tcp6 878232 ( 3.78%) 873123068 ( 5.21%) 994.18
http(s) 697165 ( 3.00%) 833462085 ( 4.97%) 1195.50
http(c) 131010 ( 0.56%) 13497310 ( 0.08%) 103.03
squid 78 ( 0.00%) 16577 ( 0.00%) 212.53
smtp 181 ( 0.00%) 131798 ( 0.00%) 728.17
ftp 903 ( 0.00%) 82854 ( 0.00%) 91.75
pop3 331 ( 0.00%) 472458 ( 0.00%) 1427.37
ssh 12 ( 0.00%) 1008 ( 0.00%) 84.00
dns 345 ( 0.00%) 56264 ( 0.00%) 163.08
bgp 103 ( 0.00%) 28657 ( 0.00%) 278.22
other 48104 ( 0.21%) 25374057 ( 0.15%) 527.48
udp6 73446 ( 0.32%) 28674571 ( 0.17%) 390.42
dns 61094 ( 0.26%) 18256917 ( 0.11%) 298.83
halflif 1 ( 0.00%) 107 ( 0.00%) 107.00
other 12351 ( 0.05%) 10417547 ( 0.06%) 843.46
icmp6 14422 ( 0.06%) 2411609 ( 0.01%) 167.22
ip6 83 ( 0.00%) 11294 ( 0.00%) 136.07
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 790 ( 0.00%) 790336 ( 0.00%) 1000.43
tcpdump file: 201209181400.dump.gz (547.58 MB)