Traffic Trace Info
DumpFile: 201210211400.dump
FileSize: 2384.56MB
Id: 201210211400
StartTime: Sun Oct 21 14:00:00 2012
EndTime: Sun Oct 21 14:15:00 2012
TotalTime: 900.25 seconds
TotalCapSize: 1895.25MB CapLen: 96 bytes
# of packets: 32066547 (20864.00MB)
AvgRate: 194.44Mbps stddev:31.79M
IP flow (unique src/dst pair) Information
# of flows: 1718047 (avg. 18.66 pkts/flow)
Top 10 big flow size (bytes/total in %):
7.2% 4.6% 4.3% 3.1% 3.1% 3.1% 2.9% 2.4% 1.0% 1.0%
IP address Information
# of IPv4 addresses: 1340024
Top 10 bandwidth usage (bytes/total in %):
18.3% 8.3% 8.3% 7.9% 7.7% 5.6% 4.6% 3.7% 3.4% 3.4%
# of IPv6 addresses: 6183
Top 10 bandwidth usage (bytes/total in %):
50.9% 50.9% 21.5% 16.1% 5.1% 2.4% 2.4% 2.1% 2.0% 1.7%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201210211400.pktlen.png)
detailed numbers
[ 32- 63]: 3875120
[ 64- 127]: 11567684
[ 128- 255]: 1590256
[ 256- 511]: 644862
[ 512- 1023]: 1377031
[ 1024- 2047]: 13011594
Protocol Breakdown
![[protocol breakdown chart]](201210211400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 32066547 (100.00%) 21877491741 (100.00%) 682.25
ip 30826726 ( 96.13%) 20540774474 ( 93.89%) 666.33
tcp 25381343 ( 79.15%) 18309338661 ( 83.69%) 721.37
http(s) 8894070 ( 27.74%) 11143074146 ( 50.93%) 1252.87
http(c) 5736112 ( 17.89%) 2257725817 ( 10.32%) 393.60
squid 225726 ( 0.70%) 172693445 ( 0.79%) 765.06
smtp 41853 ( 0.13%) 6016450 ( 0.03%) 143.75
nntp 2 ( 0.00%) 134 ( 0.00%) 67.00
ftp 17474 ( 0.05%) 3994580 ( 0.02%) 228.60
pop3 1648 ( 0.01%) 533201 ( 0.00%) 323.54
imap 3904 ( 0.01%) 909416 ( 0.00%) 232.94
telnet 9745 ( 0.03%) 739296 ( 0.00%) 75.86
ssh 6171768 ( 19.25%) 957030064 ( 4.37%) 155.07
dns 8034 ( 0.03%) 654784 ( 0.00%) 81.50
bgp 625 ( 0.00%) 176882 ( 0.00%) 283.01
napster 70 ( 0.00%) 7250 ( 0.00%) 103.57
realaud 49 ( 0.00%) 6090 ( 0.00%) 124.29
rtsp 2 ( 0.00%) 120 ( 0.00%) 60.00
icecast 1262 ( 0.00%) 180826 ( 0.00%) 143.29
hotline 28 ( 0.00%) 3295 ( 0.00%) 117.68
other 4268971 ( 13.31%) 3765592865 ( 17.21%) 882.08
udp 3363623 ( 10.49%) 1908845909 ( 8.73%) 567.50
dns 1042876 ( 3.25%) 583065037 ( 2.67%) 559.09
realaud 2 ( 0.00%) 162 ( 0.00%) 81.00
halflif 18 ( 0.00%) 2166 ( 0.00%) 120.33
starcra 50 ( 0.00%) 4602 ( 0.00%) 92.04
everque 1276 ( 0.00%) 108773 ( 0.00%) 85.25
unreal 4192 ( 0.01%) 3610062 ( 0.02%) 861.18
quake 11 ( 0.00%) 1155 ( 0.00%) 105.00
cuseeme 5 ( 0.00%) 1002 ( 0.00%) 200.40
other 2315115 ( 7.22%) 1321983401 ( 6.04%) 571.02
icmp 1373886 ( 4.28%) 89610691 ( 0.41%) 65.22
ipip 185 ( 0.00%) 19270 ( 0.00%) 104.16
ipsec 3766 ( 0.01%) 1552856 ( 0.01%) 412.34
ip6 648499 ( 2.02%) 216287353 ( 0.99%) 333.52
pim 16 ( 0.00%) 960 ( 0.00%) 60.00
other 55408 ( 0.17%) 15118774 ( 0.07%) 272.86
frag 326179 ( 1.02%) 332374236 ( 1.52%) 1018.99
ip6 1239821 ( 3.87%) 1336717267 ( 6.11%) 1078.15
tcp6 1120861 ( 3.50%) 1310296891 ( 5.99%) 1169.01
http(s) 343193 ( 1.07%) 363492087 ( 1.66%) 1059.15
http(c) 88690 ( 0.28%) 10755196 ( 0.05%) 121.27
smtp 108 ( 0.00%) 45376 ( 0.00%) 420.15
ftp 27368 ( 0.09%) 9898322 ( 0.05%) 361.68
ssh 12 ( 0.00%) 1008 ( 0.00%) 84.00
dns 20 ( 0.00%) 6135 ( 0.00%) 306.75
bgp 99 ( 0.00%) 21284 ( 0.00%) 214.99
other 661371 ( 2.06%) 926077483 ( 4.23%) 1400.24
udp6 90773 ( 0.28%) 21949921 ( 0.10%) 241.81
dns 64318 ( 0.20%) 12831768 ( 0.06%) 199.51
quake 1 ( 0.00%) 101 ( 0.00%) 101.00
other 26454 ( 0.08%) 9118052 ( 0.04%) 344.68
icmp6 27509 ( 0.09%) 3898742 ( 0.02%) 141.73
ip6 83 ( 0.00%) 11294 ( 0.00%) 136.07
pim6 31 ( 0.00%) 4216 ( 0.00%) 136.00
other6 564 ( 0.00%) 556203 ( 0.00%) 986.18
tcpdump file: 201210211400.dump.gz (804.99 MB)