Traffic Trace Info
DumpFile: 201209271400.dump
FileSize: 2448.56MB
Id: 201209271400
StartTime: Thu Sep 27 14:00:01 2012
EndTime: Thu Sep 27 14:15:01 2012
TotalTime: 899.99 seconds
TotalCapSize: 1940.22MB CapLen: 96 bytes
# of packets: 33314496 (27108.80MB)
AvgRate: 252.67Mbps stddev:75.48M
IP flow (unique src/dst pair) Information
# of flows: 1790672 (avg. 18.60 pkts/flow)
Top 10 big flow size (bytes/total in %):
4.7% 2.7% 2.3% 2.0% 1.5% 1.5% 1.4% 1.2% 1.1% 1.0%
IP address Information
# of IPv4 addresses: 1383836
Top 10 bandwidth usage (bytes/total in %):
17.4% 7.7% 5.2% 5.2% 3.2% 3.0% 3.0% 3.0% 3.0% 2.9%
# of IPv6 addresses: 8584
Top 10 bandwidth usage (bytes/total in %):
37.4% 30.1% 24.9% 22.1% 4.9% 2.2% 1.7% 1.4% 1.4% 1.3%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201209271400.pktlen.png)
detailed numbers
[ 32- 63]: 5959230
[ 64- 127]: 7022954
[ 128- 255]: 842054
[ 256- 511]: 743677
[ 512- 1023]: 950805
[ 1024- 2047]: 17795776
Protocol Breakdown
![[protocol breakdown chart]](201209271400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 33314496 (100.00%) 28425636672 (100.00%) 853.25
ip 30665022 ( 92.05%) 25791246122 ( 90.73%) 841.06
tcp 26642793 ( 79.97%) 24498903063 ( 86.19%) 919.53
http(s) 16312625 ( 48.97%) 21308006427 ( 74.96%) 1306.23
http(c) 8179008 ( 24.55%) 1856598958 ( 6.53%) 227.00
squid 34103 ( 0.10%) 14833043 ( 0.05%) 434.95
smtp 76813 ( 0.23%) 33088155 ( 0.12%) 430.76
nntp 3 ( 0.00%) 180 ( 0.00%) 60.00
ftp 29058 ( 0.09%) 23425998 ( 0.08%) 806.18
pop3 4677 ( 0.01%) 2408390 ( 0.01%) 514.94
imap 38097 ( 0.11%) 3602996 ( 0.01%) 94.57
telnet 57617 ( 0.17%) 4277488 ( 0.02%) 74.24
ssh 51782 ( 0.16%) 30747978 ( 0.11%) 593.80
dns 1754 ( 0.01%) 256215 ( 0.00%) 146.07
bgp 649 ( 0.00%) 190151 ( 0.00%) 292.99
napster 1 ( 0.00%) 60 ( 0.00%) 60.00
realaud 49 ( 0.00%) 5015 ( 0.00%) 102.35
rtsp 9 ( 0.00%) 576 ( 0.00%) 64.00
icecast 8982 ( 0.03%) 7825878 ( 0.03%) 871.28
hotline 41 ( 0.00%) 2958 ( 0.00%) 72.15
other 1847525 ( 5.55%) 1213632597 ( 4.27%) 656.90
udp 1994825 ( 5.99%) 821744011 ( 2.89%) 411.94
dns 720245 ( 2.16%) 327101703 ( 1.15%) 454.15
realaud 9 ( 0.00%) 983 ( 0.00%) 109.22
halflif 30 ( 0.00%) 2514 ( 0.00%) 83.80
starcra 19 ( 0.00%) 2533 ( 0.00%) 133.32
everque 116 ( 0.00%) 24040 ( 0.00%) 207.24
unreal 1 ( 0.00%) 87 ( 0.00%) 87.00
quake 7 ( 0.00%) 676 ( 0.00%) 96.57
other 1274164 ( 3.82%) 494516505 ( 1.74%) 388.11
icmp 1341650 ( 4.03%) 87177268 ( 0.31%) 64.98
igmp 4 ( 0.00%) 240 ( 0.00%) 60.00
ipip 189 ( 0.00%) 19510 ( 0.00%) 103.23
ipsec 55410 ( 0.17%) 9413708 ( 0.03%) 169.89
ip6 503489 ( 1.51%) 352357390 ( 1.24%) 699.83
pim 130 ( 0.00%) 7800 ( 0.00%) 60.00
other 126532 ( 0.38%) 21623132 ( 0.08%) 170.89
frag 209716 ( 0.63%) 230340997 ( 0.81%) 1098.35
ip6 2649474 ( 7.95%) 2634390550 ( 9.27%) 994.31
tcp6 2548451 ( 7.65%) 2604037897 ( 9.16%) 1021.81
http(s) 1044156 ( 3.13%) 1123145022 ( 3.95%) 1075.65
http(c) 262016 ( 0.79%) 26040500 ( 0.09%) 99.39
squid 58 ( 0.00%) 11527 ( 0.00%) 198.74
smtp 189 ( 0.00%) 32017 ( 0.00%) 169.40
ftp 5357 ( 0.02%) 572235 ( 0.00%) 106.82
pop3 34 ( 0.00%) 7052 ( 0.00%) 207.41
ssh 27 ( 0.00%) 2118 ( 0.00%) 78.44
dns 118 ( 0.00%) 29852 ( 0.00%) 252.98
bgp 96 ( 0.00%) 20418 ( 0.00%) 212.69
other 1236400 ( 3.71%) 1454177156 ( 5.12%) 1176.14
udp6 80818 ( 0.24%) 26359767 ( 0.09%) 326.16
dns 68264 ( 0.20%) 20190747 ( 0.07%) 295.77
halflif 1 ( 0.00%) 111 ( 0.00%) 111.00
quake 1 ( 0.00%) 107 ( 0.00%) 107.00
other 12552 ( 0.04%) 6168802 ( 0.02%) 491.46
icmp6 18880 ( 0.06%) 2812068 ( 0.01%) 148.94
ip6 83 ( 0.00%) 11294 ( 0.00%) 136.07
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 1212 ( 0.00%) 1165444 ( 0.00%) 961.59
tcpdump file: 201209271400.dump.gz (752.13 MB)