Traffic Trace Info
DumpFile: 201209241400.dump
FileSize: 2180.99MB
Id: 201209241400
StartTime: Mon Sep 24 14:00:00 2012
EndTime: Mon Sep 24 14:15:00 2012
TotalTime: 899.69 seconds
TotalCapSize: 1728.78MB CapLen: 96 bytes
# of packets: 29635567 (21666.51MB)
AvgRate: 202.03Mbps stddev:37.93M
IP flow (unique src/dst pair) Information
# of flows: 773723 (avg. 38.30 pkts/flow)
Top 10 big flow size (bytes/total in %):
5.5% 2.8% 2.8% 2.5% 1.9% 1.7% 1.5% 1.4% 1.0% 0.9%
IP address Information
# of IPv4 addresses: 427241
Top 10 bandwidth usage (bytes/total in %):
12.5% 6.1% 6.1% 6.1% 4.8% 4.8% 3.8% 3.4% 3.2% 3.1%
# of IPv6 addresses: 10713
Top 10 bandwidth usage (bytes/total in %):
39.1% 28.8% 14.9% 14.9% 4.3% 3.4% 2.7% 1.8% 1.5% 1.4%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201209241400.pktlen.png)
detailed numbers
[ 32- 63]: 5128748
[ 64- 127]: 7928854
[ 128- 255]: 1004818
[ 256- 511]: 681967
[ 512- 1023]: 765709
[ 1024- 2047]: 14125471
Protocol Breakdown
![[protocol breakdown chart]](201209241400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 29635567 (100.00%) 22718986075 (100.00%) 766.61
ip 27187590 ( 91.74%) 20345845473 ( 89.55%) 748.35
tcp 23902983 ( 80.66%) 18815883348 ( 82.82%) 787.18
http(s) 12602265 ( 42.52%) 15734395243 ( 69.26%) 1248.54
http(c) 8095589 ( 27.32%) 1445775168 ( 6.36%) 178.59
squid 48284 ( 0.16%) 13445169 ( 0.06%) 278.46
smtp 51023 ( 0.17%) 12573273 ( 0.06%) 246.42
nntp 6 ( 0.00%) 366 ( 0.00%) 61.00
ftp 14809 ( 0.05%) 3496205 ( 0.02%) 236.09
pop3 4179 ( 0.01%) 1462893 ( 0.01%) 350.06
imap 2111 ( 0.01%) 314540 ( 0.00%) 149.00
telnet 11215 ( 0.04%) 848074 ( 0.00%) 75.62
ssh 50834 ( 0.17%) 11402264 ( 0.05%) 224.30
dns 2755 ( 0.01%) 358985 ( 0.00%) 130.30
bgp 517 ( 0.00%) 99212 ( 0.00%) 191.90
napster 44 ( 0.00%) 5124 ( 0.00%) 116.45
realaud 126 ( 0.00%) 22067 ( 0.00%) 175.13
icecast 13808 ( 0.05%) 8426952 ( 0.04%) 610.29
hotline 22 ( 0.00%) 4326 ( 0.00%) 196.64
other 3005396 ( 10.14%) 1583253487 ( 6.97%) 526.80
udp 2582542 ( 8.71%) 1377205931 ( 6.06%) 533.28
dns 768564 ( 2.59%) 359322961 ( 1.58%) 467.53
rip 23 ( 0.00%) 1597 ( 0.00%) 69.43
realaud 4 ( 0.00%) 432 ( 0.00%) 108.00
halflif 33 ( 0.00%) 3081 ( 0.00%) 93.36
starcra 33 ( 0.00%) 2647 ( 0.00%) 80.21
everque 121 ( 0.00%) 21224 ( 0.00%) 175.40
unreal 5 ( 0.00%) 750 ( 0.00%) 150.00
quake 9 ( 0.00%) 1016 ( 0.00%) 112.89
cuseeme 2 ( 0.00%) 144 ( 0.00%) 72.00
other 1812626 ( 6.12%) 1017702957 ( 4.48%) 561.45
icmp 253229 ( 0.85%) 22149116 ( 0.10%) 87.47
ipip 185 ( 0.00%) 19270 ( 0.00%) 104.16
ipsec 11071 ( 0.04%) 1537818 ( 0.01%) 138.91
ip6 315211 ( 1.06%) 106324056 ( 0.47%) 337.31
pim 92 ( 0.00%) 5520 ( 0.00%) 60.00
other 122277 ( 0.41%) 22720414 ( 0.10%) 185.81
frag 236564 ( 0.80%) 254154210 ( 1.12%) 1074.36
ip6 2447977 ( 8.26%) 2373140602 ( 10.45%) 969.43
tcp6 2332168 ( 7.87%) 2341006498 ( 10.30%) 1003.79
http(s) 1194986 ( 4.03%) 1351440440 ( 5.95%) 1130.93
http(c) 190242 ( 0.64%) 21600192 ( 0.10%) 113.54
squid 18 ( 0.00%) 3646 ( 0.00%) 202.56
smtp 211 ( 0.00%) 64949 ( 0.00%) 307.82
ftp 12628 ( 0.04%) 2292024 ( 0.01%) 181.50
ssh 72 ( 0.00%) 6528 ( 0.00%) 90.67
dns 120 ( 0.00%) 44042 ( 0.00%) 367.02
bgp 93 ( 0.00%) 21621 ( 0.00%) 232.48
other 933798 ( 3.15%) 965533056 ( 4.25%) 1033.98
udp6 89656 ( 0.30%) 27616786 ( 0.12%) 308.03
dns 65308 ( 0.22%) 17074353 ( 0.08%) 261.44
everque 2 ( 0.00%) 227 ( 0.00%) 113.50
other 24346 ( 0.08%) 10542206 ( 0.05%) 433.02
icmp6 24956 ( 0.08%) 3387646 ( 0.01%) 135.74
ip6 83 ( 0.00%) 11294 ( 0.00%) 136.07
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 1084 ( 0.00%) 1114298 ( 0.00%) 1027.95
tcpdump file: 201209241400.dump.gz (662.12 MB)