Traffic Trace Info
DumpFile: 201209211400.dump
FileSize: 2339.85MB
Id: 201209211400
StartTime: Fri Sep 21 14:00:00 2012
EndTime: Fri Sep 21 14:15:01 2012
TotalTime: 900.21 seconds
TotalCapSize: 1843.62MB CapLen: 96 bytes
# of packets: 32520523 (27717.24MB)
AvgRate: 258.29Mbps stddev:87.85M
IP flow (unique src/dst pair) Information
# of flows: 809647 (avg. 40.17 pkts/flow)
Top 10 big flow size (bytes/total in %):
9.0% 1.9% 1.9% 1.4% 1.2% 1.1% 1.1% 1.1% 1.0% 1.0%
IP address Information
# of IPv4 addresses: 470123
Top 10 bandwidth usage (bytes/total in %):
14.3% 9.7% 9.7% 8.5% 6.0% 5.3% 5.2% 4.6% 3.5% 2.1%
# of IPv6 addresses: 8560
Top 10 bandwidth usage (bytes/total in %):
45.0% 23.2% 22.3% 11.1% 4.8% 4.1% 3.1% 2.9% 2.6% 1.7%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201209211400.pktlen.png)
detailed numbers
[ 32- 63]: 5971209
[ 64- 127]: 5269616
[ 128- 255]: 957197
[ 256- 511]: 847267
[ 512- 1023]: 1056737
[ 1024- 2047]: 18418497
Protocol Breakdown
![[protocol breakdown chart]](201209211400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 32520523 (100.00%) 29063628007 (100.00%) 893.70
ip 31114724 ( 95.68%) 27605361938 ( 94.98%) 887.21
tcp 28589500 ( 87.91%) 26717318922 ( 91.93%) 934.52
http(s) 16969701 ( 52.18%) 22558685320 ( 77.62%) 1329.35
http(c) 7285073 ( 22.40%) 1487958187 ( 5.12%) 204.25
squid 329870 ( 1.01%) 243758856 ( 0.84%) 738.95
smtp 82595 ( 0.25%) 34681710 ( 0.12%) 419.90
nntp 16 ( 0.00%) 996 ( 0.00%) 62.25
ftp 18797 ( 0.06%) 3462720 ( 0.01%) 184.22
pop3 438870 ( 1.35%) 32873196 ( 0.11%) 74.90
imap 2614 ( 0.01%) 863811 ( 0.00%) 330.46
telnet 12468 ( 0.04%) 933311 ( 0.00%) 74.86
ssh 10263 ( 0.03%) 2751842 ( 0.01%) 268.13
dns 1904 ( 0.01%) 258875 ( 0.00%) 135.96
bgp 606 ( 0.00%) 144341 ( 0.00%) 238.19
napster 21 ( 0.00%) 4023 ( 0.00%) 191.57
realaud 16 ( 0.00%) 2174 ( 0.00%) 135.88
icecast 998 ( 0.00%) 150186 ( 0.00%) 150.49
hotline 17 ( 0.00%) 1950 ( 0.00%) 114.71
other 3435671 ( 10.56%) 2350787424 ( 8.09%) 684.23
udp 1788702 ( 5.50%) 696436449 ( 2.40%) 389.35
dns 553065 ( 1.70%) 251974602 ( 0.87%) 455.60
realaud 31 ( 0.00%) 7174 ( 0.00%) 231.42
halflif 28 ( 0.00%) 3937 ( 0.00%) 140.61
starcra 52 ( 0.00%) 4224 ( 0.00%) 81.23
everque 1122 ( 0.00%) 186305 ( 0.00%) 166.05
unreal 6 ( 0.00%) 914 ( 0.00%) 152.33
quake 27 ( 0.00%) 2864 ( 0.00%) 106.07
cuseeme 4 ( 0.00%) 659 ( 0.00%) 164.75
other 1234182 ( 3.80%) 444175417 ( 1.53%) 359.89
icmp 443844 ( 1.36%) 80887655 ( 0.28%) 182.24
ipip 185 ( 0.00%) 19270 ( 0.00%) 104.16
ipsec 5475 ( 0.02%) 1672434 ( 0.01%) 305.47
ip6 226208 ( 0.70%) 93611582 ( 0.32%) 413.83
pim 91 ( 0.00%) 5460 ( 0.00%) 60.00
other 60719 ( 0.19%) 15410166 ( 0.05%) 253.79
frag 142633 ( 0.44%) 155719017 ( 0.54%) 1091.75
ip6 1405799 ( 4.32%) 1458266069 ( 5.02%) 1037.32
tcp6 1314724 ( 4.04%) 1430595444 ( 4.92%) 1088.13
http(s) 652145 ( 2.01%) 745429853 ( 2.56%) 1143.04
http(c) 97967 ( 0.30%) 10491672 ( 0.04%) 107.09
squid 65 ( 0.00%) 14736 ( 0.00%) 226.71
smtp 49 ( 0.00%) 5878 ( 0.00%) 119.96
ftp 10123 ( 0.03%) 1041636 ( 0.00%) 102.90
pop3 20 ( 0.00%) 6096 ( 0.00%) 304.80
ssh 12 ( 0.00%) 1008 ( 0.00%) 84.00
dns 84 ( 0.00%) 33620 ( 0.00%) 400.24
bgp 111 ( 0.00%) 27862 ( 0.00%) 251.01
other 554148 ( 1.70%) 673543083 ( 2.32%) 1215.46
udp6 67521 ( 0.21%) 23561990 ( 0.08%) 348.96
dns 57408 ( 0.18%) 17025189 ( 0.06%) 296.56
everque 2 ( 0.00%) 224 ( 0.00%) 112.00
quake 4 ( 0.00%) 425 ( 0.00%) 106.25
other 10107 ( 0.03%) 6536152 ( 0.02%) 646.70
icmp6 22242 ( 0.07%) 2907562 ( 0.01%) 130.72
ip6 80 ( 0.00%) 10940 ( 0.00%) 136.75
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 1202 ( 0.00%) 1186053 ( 0.00%) 986.73
tcpdump file: 201209211400.dump.gz (705.62 MB)