Traffic Trace Info
DumpFile: 201209231400.dump
FileSize: 2258.18MB
Id: 201209231400
StartTime: Sun Sep 23 14:00:01 2012
EndTime: Sun Sep 23 14:15:01 2012
TotalTime: 899.80 seconds
TotalCapSize: 1773.77MB CapLen: 96 bytes
# of packets: 31746042 (27210.20MB)
AvgRate: 253.68Mbps stddev:50.82M
IP flow (unique src/dst pair) Information
# of flows: 586557 (avg. 54.12 pkts/flow)
Top 10 big flow size (bytes/total in %):
10.2% 4.6% 3.9% 3.2% 2.4% 2.2% 1.8% 1.7% 1.6% 1.6%
IP address Information
# of IPv4 addresses: 353068
Top 10 bandwidth usage (bytes/total in %):
16.1% 13.5% 11.1% 6.6% 6.2% 5.6% 5.2% 5.0% 4.1% 4.0%
# of IPv6 addresses: 7613
Top 10 bandwidth usage (bytes/total in %):
64.6% 34.0% 32.5% 8.2% 7.3% 2.0% 2.0% 1.6% 1.4% 1.4%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201209231400.pktlen.png)
detailed numbers
[ 32- 63]: 6020878
[ 64- 127]: 5555973
[ 128- 255]: 669778
[ 256- 511]: 471725
[ 512- 1023]: 635023
[ 1024- 2047]: 18392665
Protocol Breakdown
![[protocol breakdown chart]](201209231400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 31746042 (100.00%) 28531961335 (100.00%) 898.76
ip 30296014 ( 95.43%) 27107280306 ( 95.01%) 894.75
tcp 27021988 ( 85.12%) 25303341428 ( 88.68%) 936.40
http(s) 11566440 ( 36.43%) 15131967069 ( 53.04%) 1308.26
http(c) 6316396 ( 19.90%) 2318252890 ( 8.13%) 367.02
squid 183382 ( 0.58%) 164093930 ( 0.58%) 894.82
smtp 50244 ( 0.16%) 7122842 ( 0.02%) 141.77
nntp 1 ( 0.00%) 60 ( 0.00%) 60.00
ftp 13726 ( 0.04%) 2744730 ( 0.01%) 199.97
pop3 2078 ( 0.01%) 1490653 ( 0.01%) 717.35
imap 1663 ( 0.01%) 790271 ( 0.00%) 475.21
telnet 2705 ( 0.01%) 220604 ( 0.00%) 81.55
ssh 6457 ( 0.02%) 2270438 ( 0.01%) 351.62
dns 1899 ( 0.01%) 257523 ( 0.00%) 135.61
bgp 515 ( 0.00%) 102735 ( 0.00%) 199.49
napster 18 ( 0.00%) 1937 ( 0.00%) 107.61
realaud 248 ( 0.00%) 19275 ( 0.00%) 77.72
icecast 19281 ( 0.06%) 14811431 ( 0.05%) 768.19
hotline 20 ( 0.00%) 1900 ( 0.00%) 95.00
other 8856915 ( 27.90%) 7659193140 ( 26.84%) 864.77
udp 2768676 ( 8.72%) 1670590585 ( 5.86%) 603.39
dns 246491 ( 0.78%) 68629655 ( 0.24%) 278.43
realaud 17 ( 0.00%) 1261 ( 0.00%) 74.18
halflif 63 ( 0.00%) 10564 ( 0.00%) 167.68
starcra 17 ( 0.00%) 1485 ( 0.00%) 87.35
everque 187 ( 0.00%) 23135 ( 0.00%) 123.72
unreal 1 ( 0.00%) 60 ( 0.00%) 60.00
quake 29 ( 0.00%) 2263 ( 0.00%) 78.03
other 2516482 ( 7.93%) 1600927177 ( 5.61%) 636.18
icmp 234031 ( 0.74%) 20106363 ( 0.07%) 85.91
ipip 185 ( 0.00%) 19270 ( 0.00%) 104.16
ipsec 43985 ( 0.14%) 49039638 ( 0.17%) 1114.92
ip6 165751 ( 0.52%) 46043024 ( 0.16%) 277.78
pim 83 ( 0.00%) 4980 ( 0.00%) 60.00
other 61315 ( 0.19%) 18135018 ( 0.06%) 295.77
frag 57246 ( 0.18%) 50091281 ( 0.18%) 875.02
ip6 1450028 ( 4.57%) 1424681029 ( 4.99%) 982.52
tcp6 1393124 ( 4.39%) 1411956391 ( 4.95%) 1013.52
http(s) 403506 ( 1.27%) 474803120 ( 1.66%) 1176.69
http(c) 84863 ( 0.27%) 9342806 ( 0.03%) 110.09
smtp 11 ( 0.00%) 1197 ( 0.00%) 108.82
ftp 4252 ( 0.01%) 451754 ( 0.00%) 106.25
ssh 12 ( 0.00%) 1008 ( 0.00%) 84.00
dns 346 ( 0.00%) 43803 ( 0.00%) 126.60
bgp 97 ( 0.00%) 20302 ( 0.00%) 209.30
other 900037 ( 2.84%) 927292401 ( 3.25%) 1030.28
udp6 35044 ( 0.11%) 9355899 ( 0.03%) 266.98
dns 33015 ( 0.10%) 9021080 ( 0.03%) 273.24
everque 1 ( 0.00%) 111 ( 0.00%) 111.00
other 2028 ( 0.01%) 334708 ( 0.00%) 165.04
icmp6 21270 ( 0.07%) 2864009 ( 0.01%) 134.65
ip6 84 ( 0.00%) 11412 ( 0.00%) 135.86
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 476 ( 0.00%) 489238 ( 0.00%) 1027.81
tcpdump file: 201209231400.dump.gz (664.29 MB)