Traffic Trace Info
DumpFile: 201209251400.dump
FileSize: 1956.06MB
Id: 201209251400
StartTime: Tue Sep 25 14:00:01 2012
EndTime: Tue Sep 25 14:15:00 2012
TotalTime: 899.39 seconds
TotalCapSize: 1555.29MB CapLen: 96 bytes
# of packets: 26264631 (20114.64MB)
AvgRate: 187.62Mbps stddev:44.75M
IP flow (unique src/dst pair) Information
# of flows: 703462 (avg. 37.34 pkts/flow)
Top 10 big flow size (bytes/total in %):
7.8% 3.4% 3.0% 2.5% 1.6% 1.6% 1.1% 0.8% 0.8% 0.7%
IP address Information
# of IPv4 addresses: 350625
Top 10 bandwidth usage (bytes/total in %):
15.7% 6.8% 5.7% 4.3% 3.8% 3.7% 3.6% 3.1% 3.1% 3.1%
# of IPv6 addresses: 10535
Top 10 bandwidth usage (bytes/total in %):
51.8% 46.6% 12.8% 10.7% 10.5% 3.5% 2.7% 2.1% 1.5% 1.3%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201209251400.pktlen.png)
detailed numbers
[ 32- 63]: 3820008
[ 64- 127]: 6848905
[ 128- 255]: 885139
[ 256- 511]: 739946
[ 512- 1023]: 756996
[ 1024- 2047]: 13213637
Protocol Breakdown
![[protocol breakdown chart]](201209251400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 26264631 (100.00%) 21091732745 (100.00%) 803.05
ip 23159299 ( 88.18%) 17552865996 ( 83.22%) 757.92
tcp 19734075 ( 75.14%) 16077809869 ( 76.23%) 814.72
http(s) 9521275 ( 36.25%) 11578145943 ( 54.89%) 1216.03
http(c) 6749776 ( 25.70%) 1968968316 ( 9.34%) 291.71
squid 97840 ( 0.37%) 24272354 ( 0.12%) 248.08
smtp 61397 ( 0.23%) 13730252 ( 0.07%) 223.63
ftp 16840 ( 0.06%) 3323673 ( 0.02%) 197.37
pop3 7027 ( 0.03%) 3829063 ( 0.02%) 544.91
imap 2864 ( 0.01%) 659601 ( 0.00%) 230.31
telnet 9965 ( 0.04%) 759034 ( 0.00%) 76.17
ssh 112773 ( 0.43%) 115036182 ( 0.55%) 1020.07
dns 6587 ( 0.03%) 3570339 ( 0.02%) 542.03
bgp 670 ( 0.00%) 238917 ( 0.00%) 356.59
napster 81 ( 0.00%) 7328 ( 0.00%) 90.47
realaud 64 ( 0.00%) 6043 ( 0.00%) 94.42
rtsp 15825 ( 0.06%) 22569005 ( 0.11%) 1426.16
icecast 9333 ( 0.04%) 7787197 ( 0.04%) 834.37
hotline 8 ( 0.00%) 516 ( 0.00%) 64.50
other 3121750 ( 11.89%) 2334906106 ( 11.07%) 747.95
udp 2649074 ( 10.09%) 1290033284 ( 6.12%) 486.98
dns 714450 ( 2.72%) 320140173 ( 1.52%) 448.09
realaud 3 ( 0.00%) 225 ( 0.00%) 75.00
halflif 41 ( 0.00%) 5861 ( 0.00%) 142.95
starcra 26 ( 0.00%) 3485 ( 0.00%) 134.04
everque 92 ( 0.00%) 16476 ( 0.00%) 179.09
unreal 2 ( 0.00%) 285 ( 0.00%) 142.50
quake 18 ( 0.00%) 1487 ( 0.00%) 82.61
cuseeme 2 ( 0.00%) 232 ( 0.00%) 116.00
other 1934273 ( 7.36%) 969795038 ( 4.60%) 501.37
icmp 282779 ( 1.08%) 24271165 ( 0.12%) 85.83
ipip 184 ( 0.00%) 19160 ( 0.00%) 104.13
ipsec 16042 ( 0.06%) 6235100 ( 0.03%) 388.67
ip6 348278 ( 1.33%) 132028445 ( 0.63%) 379.09
pim 87 ( 0.00%) 5220 ( 0.00%) 60.00
other 128780 ( 0.49%) 22463753 ( 0.11%) 174.44
frag 206288 ( 0.79%) 225522888 ( 1.07%) 1093.24
ip6 3105332 ( 11.82%) 3538866749 ( 16.78%) 1139.61
tcp6 2978805 ( 11.34%) 3495919259 ( 16.57%) 1173.60
http(s) 1218021 ( 4.64%) 1407931134 ( 6.68%) 1155.92
http(c) 185234 ( 0.71%) 19076230 ( 0.09%) 102.98
squid 46 ( 0.00%) 7944 ( 0.00%) 172.70
smtp 159 ( 0.00%) 52727 ( 0.00%) 331.62
ftp 16123 ( 0.06%) 2251612 ( 0.01%) 139.65
ssh 72 ( 0.00%) 6528 ( 0.00%) 90.67
dns 113 ( 0.00%) 41712 ( 0.00%) 369.13
bgp 108 ( 0.00%) 31474 ( 0.00%) 291.43
other 1558929 ( 5.94%) 2066519898 ( 9.80%) 1325.60
udp6 100058 ( 0.38%) 38534955 ( 0.18%) 385.13
dns 69189 ( 0.26%) 19902665 ( 0.09%) 287.66
realaud 1 ( 0.00%) 104 ( 0.00%) 104.00
everque 3 ( 0.00%) 328 ( 0.00%) 109.33
quake 2 ( 0.00%) 227 ( 0.00%) 113.50
other 30863 ( 0.12%) 18631631 ( 0.09%) 603.69
icmp6 25287 ( 0.10%) 3325172 ( 0.02%) 131.50
ip6 84 ( 0.00%) 11412 ( 0.00%) 135.86
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 1068 ( 0.00%) 1071871 ( 0.01%) 1003.62
tcpdump file: 201209251400.dump.gz (598.12 MB)