Traffic Trace Info
DumpFile: 201209201400.dump
FileSize: 2461.71MB
Id: 201209201400
StartTime: Thu Sep 20 14:00:01 2012
EndTime: Thu Sep 20 14:15:01 2012
TotalTime: 899.87 seconds
TotalCapSize: 1957.37MB CapLen: 96 bytes
# of packets: 33051704 (27102.23MB)
AvgRate: 252.59Mbps stddev:39.37M
IP flow (unique src/dst pair) Information
# of flows: 756833 (avg. 43.67 pkts/flow)
Top 10 big flow size (bytes/total in %):
6.9% 4.0% 3.4% 2.8% 2.3% 2.3% 2.1% 2.1% 2.0% 2.0%
IP address Information
# of IPv4 addresses: 395187
Top 10 bandwidth usage (bytes/total in %):
14.6% 13.0% 10.7% 9.6% 8.2% 7.9% 4.6% 3.2% 2.6% 2.4%
# of IPv6 addresses: 8494
Top 10 bandwidth usage (bytes/total in %):
32.5% 29.3% 25.8% 21.7% 20.4% 19.8% 4.9% 4.0% 1.5% 1.2%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201209201400.pktlen.png)
detailed numbers
[ 32- 63]: 5055925
[ 64- 127]: 7800065
[ 128- 255]: 775235
[ 256- 511]: 595137
[ 512- 1023]: 936631
[ 1024- 2047]: 17888711
Protocol Breakdown
![[protocol breakdown chart]](201209201400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 33051704 (100.00%) 28418743401 (100.00%) 859.83
ip 30346591 ( 91.82%) 25149828438 ( 88.50%) 828.75
tcp 27368111 ( 82.80%) 24113839087 ( 84.85%) 881.09
http(s) 13859726 ( 41.93%) 17669475081 ( 62.18%) 1274.88
http(c) 7119959 ( 21.54%) 1090138282 ( 3.84%) 153.11
squid 175899 ( 0.53%) 135409779 ( 0.48%) 769.82
smtp 94564 ( 0.29%) 28909790 ( 0.10%) 305.72
nntp 7 ( 0.00%) 434 ( 0.00%) 62.00
ftp 45352 ( 0.14%) 5490603 ( 0.02%) 121.07
pop3 7231 ( 0.02%) 4731304 ( 0.02%) 654.31
imap 1507 ( 0.00%) 211221 ( 0.00%) 140.16
telnet 11244 ( 0.03%) 853694 ( 0.00%) 75.92
ssh 109978 ( 0.33%) 37235436 ( 0.13%) 338.57
dns 1086 ( 0.00%) 208690 ( 0.00%) 192.16
bgp 576 ( 0.00%) 132519 ( 0.00%) 230.07
napster 25 ( 0.00%) 5074 ( 0.00%) 202.96
realaud 46 ( 0.00%) 5973 ( 0.00%) 129.85
rtsp 4675 ( 0.01%) 3985288 ( 0.01%) 852.47
icecast 1187 ( 0.00%) 819141 ( 0.00%) 690.09
hotline 24 ( 0.00%) 2569 ( 0.00%) 107.04
other 5935025 ( 17.96%) 5136224209 ( 18.07%) 865.41
udp 2176151 ( 6.58%) 857081180 ( 3.02%) 393.85
dns 646298 ( 1.96%) 321268373 ( 1.13%) 497.09
realaud 18 ( 0.00%) 1275 ( 0.00%) 70.83
halflif 38 ( 0.00%) 5938 ( 0.00%) 156.26
starcra 43 ( 0.00%) 3937 ( 0.00%) 91.56
everque 86 ( 0.00%) 15687 ( 0.00%) 182.41
unreal 9 ( 0.00%) 1633 ( 0.00%) 181.44
quake 4 ( 0.00%) 370 ( 0.00%) 92.50
other 1529485 ( 4.63%) 535688781 ( 1.88%) 350.24
icmp 332092 ( 1.00%) 59845108 ( 0.21%) 180.21
ipip 185 ( 0.00%) 19270 ( 0.00%) 104.16
ipsec 8727 ( 0.03%) 1733162 ( 0.01%) 198.60
ip6 403868 ( 1.22%) 104372137 ( 0.37%) 258.43
pim 89 ( 0.00%) 5340 ( 0.00%) 60.00
other 57368 ( 0.17%) 12933154 ( 0.05%) 225.44
frag 213862 ( 0.65%) 217964283 ( 0.77%) 1019.18
ip6 2705113 ( 8.18%) 3268914963 ( 11.50%) 1208.42
tcp6 2621780 ( 7.93%) 3247699375 ( 11.43%) 1238.74
http(s) 1314736 ( 3.98%) 1748747018 ( 6.15%) 1330.11
http(c) 78598 ( 0.24%) 8929967 ( 0.03%) 113.62
squid 7 ( 0.00%) 1650 ( 0.00%) 235.71
smtp 995 ( 0.00%) 401814 ( 0.00%) 403.83
ftp 10452 ( 0.03%) 1082965 ( 0.00%) 103.61
ssh 12 ( 0.00%) 1008 ( 0.00%) 84.00
dns 401 ( 0.00%) 87723 ( 0.00%) 218.76
bgp 101 ( 0.00%) 23812 ( 0.00%) 235.76
other 1216478 ( 3.68%) 1488423418 ( 5.24%) 1223.55
udp6 63613 ( 0.19%) 17559988 ( 0.06%) 276.04
dns 61788 ( 0.19%) 17275865 ( 0.06%) 279.60
realaud 1 ( 0.00%) 109 ( 0.00%) 109.00
everque 1 ( 0.00%) 111 ( 0.00%) 111.00
unreal 2 ( 0.00%) 213 ( 0.00%) 106.50
quake 1 ( 0.00%) 107 ( 0.00%) 107.00
other 1820 ( 0.01%) 283583 ( 0.00%) 155.81
icmp6 18755 ( 0.06%) 2766282 ( 0.01%) 147.50
ip6 84 ( 0.00%) 11412 ( 0.00%) 135.86
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 851 ( 0.00%) 873826 ( 0.00%) 1026.82
tcpdump file: 201209201400.dump.gz (744.65 MB)