Traffic Trace Info
DumpFile: 201209261400.dump
FileSize: 2402.99MB
Id: 201209261400
StartTime: Wed Sep 26 14:00:00 2012
EndTime: Wed Sep 26 14:15:00 2012
TotalTime: 900.23 seconds
TotalCapSize: 1898.28MB CapLen: 96 bytes
# of packets: 33076458 (26575.28MB)
AvgRate: 247.66Mbps stddev:49.50M
IP flow (unique src/dst pair) Information
# of flows: 827297 (avg. 39.98 pkts/flow)
Top 10 big flow size (bytes/total in %):
2.8% 2.4% 1.9% 1.6% 1.4% 1.4% 1.1% 1.1% 1.1% 1.1%
IP address Information
# of IPv4 addresses: 455993
Top 10 bandwidth usage (bytes/total in %):
14.5% 7.1% 5.1% 4.6% 4.6% 3.3% 3.0% 3.0% 3.0% 2.9%
# of IPv6 addresses: 8546
Top 10 bandwidth usage (bytes/total in %):
34.4% 27.2% 17.6% 16.1% 10.7% 3.7% 3.7% 3.5% 2.8% 2.5%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201209261400.pktlen.png)
detailed numbers
[ 32- 63]: 6563182
[ 64- 127]: 6473129
[ 128- 255]: 885269
[ 256- 511]: 789240
[ 512- 1023]: 813255
[ 1024- 2047]: 17552383
Protocol Breakdown
![[protocol breakdown chart]](201209261400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 33076458 (100.00%) 27866199848 (100.00%) 842.48
ip 30622768 ( 92.58%) 25362059286 ( 91.01%) 828.21
tcp 27685138 ( 83.70%) 24158538987 ( 86.69%) 872.62
http(s) 13524640 ( 40.89%) 17919500566 ( 64.31%) 1324.95
http(c) 7846892 ( 23.72%) 1200991563 ( 4.31%) 153.05
squid 44360 ( 0.13%) 19443963 ( 0.07%) 438.32
smtp 103543 ( 0.31%) 51791010 ( 0.19%) 500.19
nntp 1 ( 0.00%) 60 ( 0.00%) 60.00
ftp 15970 ( 0.05%) 3307804 ( 0.01%) 207.13
pop3 463768 ( 1.40%) 41438627 ( 0.15%) 89.35
imap 2637 ( 0.01%) 677187 ( 0.00%) 256.80
telnet 989 ( 0.00%) 95875 ( 0.00%) 96.94
ssh 66309 ( 0.20%) 20813150 ( 0.07%) 313.88
dns 7564 ( 0.02%) 4428538 ( 0.02%) 585.48
bgp 598 ( 0.00%) 152300 ( 0.00%) 254.68
napster 4 ( 0.00%) 240 ( 0.00%) 60.00
realaud 192 ( 0.00%) 13808 ( 0.00%) 71.92
rtsp 889 ( 0.00%) 1305337 ( 0.00%) 1468.32
icecast 40455 ( 0.12%) 38377431 ( 0.14%) 948.64
hotline 13 ( 0.00%) 1184 ( 0.00%) 91.08
other 5566313 ( 16.83%) 4856200284 ( 17.43%) 872.43
udp 2215532 ( 6.70%) 1042725634 ( 3.74%) 470.64
dns 647750 ( 1.96%) 240256095 ( 0.86%) 370.91
rip 2 ( 0.00%) 298 ( 0.00%) 149.00
realaud 12 ( 0.00%) 1261 ( 0.00%) 105.08
halflif 37 ( 0.00%) 6011 ( 0.00%) 162.46
starcra 18 ( 0.00%) 1740 ( 0.00%) 96.67
everque 138 ( 0.00%) 23171 ( 0.00%) 167.91
unreal 15 ( 0.00%) 2726 ( 0.00%) 181.73
quake 20 ( 0.00%) 1836 ( 0.00%) 91.80
cuseeme 5 ( 0.00%) 750 ( 0.00%) 150.00
other 1567353 ( 4.74%) 802350072 ( 2.88%) 511.91
icmp 256135 ( 0.77%) 22473945 ( 0.08%) 87.74
ipip 185 ( 0.00%) 19270 ( 0.00%) 104.16
ipsec 13787 ( 0.04%) 3137426 ( 0.01%) 227.56
ip6 324012 ( 0.98%) 112149252 ( 0.40%) 346.13
pim 16 ( 0.00%) 960 ( 0.00%) 60.00
other 127963 ( 0.39%) 23013812 ( 0.08%) 179.85
frag 120280 ( 0.36%) 130374391 ( 0.47%) 1083.92
ip6 2453690 ( 7.42%) 2504140562 ( 8.99%) 1020.56
tcp6 2350664 ( 7.11%) 2475289375 ( 8.88%) 1053.02
http(s) 1095940 ( 3.31%) 1288896422 ( 4.63%) 1176.06
http(c) 196226 ( 0.59%) 19609829 ( 0.07%) 99.93
squid 19 ( 0.00%) 3322 ( 0.00%) 174.84
smtp 73 ( 0.00%) 14932 ( 0.00%) 204.55
ftp 5349 ( 0.02%) 562814 ( 0.00%) 105.22
pop3 26 ( 0.00%) 4230 ( 0.00%) 162.69
ssh 72 ( 0.00%) 6528 ( 0.00%) 90.67
dns 84 ( 0.00%) 29892 ( 0.00%) 355.86
bgp 98 ( 0.00%) 22784 ( 0.00%) 232.49
other 1052777 ( 3.18%) 1166138622 ( 4.18%) 1107.68
udp6 78656 ( 0.24%) 24339023 ( 0.09%) 309.44
dns 73737 ( 0.22%) 22117924 ( 0.08%) 299.96
quake 1 ( 0.00%) 109 ( 0.00%) 109.00
other 4918 ( 0.01%) 2220990 ( 0.01%) 451.60
icmp6 23010 ( 0.07%) 3251997 ( 0.01%) 141.33
ip6 82 ( 0.00%) 11226 ( 0.00%) 136.90
pim6 31 ( 0.00%) 4216 ( 0.00%) 136.00
other6 1247 ( 0.00%) 1244725 ( 0.00%) 998.18
tcpdump file: 201209261400.dump.gz (743.21 MB)