Traffic Trace Info
DumpFile: 201210161400.dump
FileSize: 2346.00MB
Id: 201210161400
StartTime: Tue Oct 16 14:00:00 2012
EndTime: Tue Oct 16 14:15:01 2012
TotalTime: 900.50 seconds
TotalCapSize: 1849.50MB CapLen: 96 bytes
# of packets: 32538371 (23281.70MB)
AvgRate: 216.86Mbps stddev:33.32M
IP flow (unique src/dst pair) Information
# of flows: 1982540 (avg. 16.41 pkts/flow)
Top 10 big flow size (bytes/total in %):
3.1% 2.4% 2.1% 2.0% 1.2% 1.2% 1.2% 1.2% 1.1% 1.1%
IP address Information
# of IPv4 addresses: 1501614
Top 10 bandwidth usage (bytes/total in %):
6.2% 6.2% 4.5% 3.5% 3.4% 3.0% 2.9% 2.6% 2.6% 2.4%
# of IPv6 addresses: 8834
Top 10 bandwidth usage (bytes/total in %):
23.6% 15.7% 13.0% 6.0% 3.5% 2.2% 2.2% 2.1% 1.8% 1.8%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201210161400.pktlen.png)
detailed numbers
[ 32- 63]: 6066495
[ 64- 127]: 7716171
[ 128- 255]: 1239597
[ 256- 511]: 1249431
[ 512- 1023]: 1292421
[ 1024- 2047]: 14974256
Protocol Breakdown
![[protocol breakdown chart]](201210161400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 32538371 (100.00%) 24412634725 (100.00%) 750.27
ip 30308408 ( 93.15%) 22525489978 ( 92.27%) 743.21
tcp 23862956 ( 73.34%) 19530875697 ( 80.00%) 818.46
http(s) 10985981 ( 33.76%) 13313441210 ( 54.54%) 1211.86
http(c) 6585456 ( 20.24%) 2042234198 ( 8.37%) 310.11
squid 46555 ( 0.14%) 18717421 ( 0.08%) 402.05
smtp 81224 ( 0.25%) 37759624 ( 0.15%) 464.88
nntp 4 ( 0.00%) 258 ( 0.00%) 64.50
ftp 24180 ( 0.07%) 3798842 ( 0.02%) 157.11
pop3 24364 ( 0.07%) 3644910 ( 0.01%) 149.60
imap 6305 ( 0.02%) 5091654 ( 0.02%) 807.56
telnet 13362 ( 0.04%) 1010079 ( 0.00%) 75.59
ssh 332603 ( 1.02%) 70066614 ( 0.29%) 210.66
dns 2971 ( 0.01%) 341675 ( 0.00%) 115.00
bgp 753 ( 0.00%) 308097 ( 0.00%) 409.16
napster 13 ( 0.00%) 1522 ( 0.00%) 117.08
realaud 39 ( 0.00%) 11415 ( 0.00%) 292.69
rtsp 1 ( 0.00%) 60 ( 0.00%) 60.00
icecast 23086 ( 0.07%) 23028242 ( 0.09%) 997.50
hotline 2 ( 0.00%) 124 ( 0.00%) 62.00
other 5736057 ( 17.63%) 4011419752 ( 16.43%) 699.33
udp 4100426 ( 12.60%) 2563164184 ( 10.50%) 625.10
dns 875169 ( 2.69%) 468610407 ( 1.92%) 535.45
rip 3 ( 0.00%) 216 ( 0.00%) 72.00
realaud 19 ( 0.00%) 2229 ( 0.00%) 117.32
halflif 42 ( 0.00%) 6964 ( 0.00%) 165.81
starcra 51 ( 0.00%) 5768 ( 0.00%) 113.10
everque 239 ( 0.00%) 33040 ( 0.00%) 138.24
unreal 8 ( 0.00%) 4363 ( 0.00%) 545.38
quake 18 ( 0.00%) 2140 ( 0.00%) 118.89
cuseeme 8 ( 0.00%) 1147 ( 0.00%) 143.38
other 3224664 ( 9.91%) 2094408970 ( 8.58%) 649.50
icmp 1409229 ( 4.33%) 96385074 ( 0.39%) 68.40
ipip 185 ( 0.00%) 19270 ( 0.00%) 104.16
ipsec 74081 ( 0.23%) 18986454 ( 0.08%) 256.29
ip6 799465 ( 2.46%) 299908167 ( 1.23%) 375.14
pim 16 ( 0.00%) 960 ( 0.00%) 60.00
other 62050 ( 0.19%) 16150172 ( 0.07%) 260.28
frag 335449 ( 1.03%) 342171923 ( 1.40%) 1020.04
ip6 2229963 ( 6.85%) 1887144747 ( 7.73%) 846.27
tcp6 2073801 ( 6.37%) 1854089684 ( 7.59%) 894.05
http(s) 1414226 ( 4.35%) 1503952227 ( 6.16%) 1063.45
http(c) 407471 ( 1.25%) 43350800 ( 0.18%) 106.39
smtp 644 ( 0.00%) 185307 ( 0.00%) 287.74
ftp 92 ( 0.00%) 8218 ( 0.00%) 89.33
ssh 36 ( 0.00%) 3840 ( 0.00%) 106.67
dns 322 ( 0.00%) 51290 ( 0.00%) 159.29
bgp 97 ( 0.00%) 28484 ( 0.00%) 293.65
other 250913 ( 0.77%) 306509518 ( 1.26%) 1221.58
udp6 122949 ( 0.38%) 27370908 ( 0.11%) 222.62
dns 119394 ( 0.37%) 25397426 ( 0.10%) 212.72
everque 1 ( 0.00%) 106 ( 0.00%) 106.00
quake 2 ( 0.00%) 208 ( 0.00%) 104.00
other 3552 ( 0.01%) 1973168 ( 0.01%) 555.51
icmp6 31927 ( 0.10%) 4467298 ( 0.02%) 139.92
ip6 83 ( 0.00%) 11344 ( 0.00%) 136.67
pim6 31 ( 0.00%) 4216 ( 0.00%) 136.00
other6 1172 ( 0.00%) 1201297 ( 0.00%) 1025.00
tcpdump file: 201210161400.dump.gz (774.01 MB)