Traffic Trace Info
DumpFile: 201210281400.dump
FileSize: 1535.69MB
Id: 201210281400
StartTime: Sun Oct 28 14:00:00 2012
EndTime: Sun Oct 28 14:15:01 2012
TotalTime: 900.44 seconds
TotalCapSize: 1159.80MB CapLen: 96 bytes
# of packets: 24633823 (5535.24MB)
AvgRate: 51.56Mbps stddev:13.59M
IP flow (unique src/dst pair) Information
# of flows: 12597629 (avg. 1.96 pkts/flow)
Top 10 big flow size (bytes/total in %):
4.3% 4.0% 3.2% 2.7% 2.5% 2.5% 1.8% 1.7% 1.4% 1.3%
IP address Information
# of IPv4 addresses: 9957509
Top 10 bandwidth usage (bytes/total in %):
25.5% 17.9% 5.8% 4.4% 4.1% 3.3% 2.8% 2.6% 2.6% 2.5%
# of IPv6 addresses: 5406
Top 10 bandwidth usage (bytes/total in %):
47.4% 11.2% 11.0% 8.0% 5.8% 5.5% 5.4% 5.1% 4.2% 3.8%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201210281400.pktlen.png)
detailed numbers
[ 32- 63]: 16798766
[ 64- 127]: 4004949
[ 128- 255]: 377769
[ 256- 511]: 395483
[ 512- 1023]: 271458
[ 1024- 2047]: 2785398
Protocol Breakdown
![[protocol breakdown chart]](201210281400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 24633823 (100.00%) 5804121557 (100.00%) 235.62
ip 24353310 ( 98.86%) 5636172891 ( 97.11%) 231.43
tcp 4925601 ( 20.00%) 4026444995 ( 69.37%) 817.45
http(s) 2503389 ( 10.16%) 3136034291 ( 54.03%) 1252.72
http(c) 1255409 ( 5.10%) 358778865 ( 6.18%) 285.79
squid 33361 ( 0.14%) 12720316 ( 0.22%) 381.29
smtp 43300 ( 0.18%) 6789196 ( 0.12%) 156.79
nntp 3 ( 0.00%) 186 ( 0.00%) 62.00
ftp 1494 ( 0.01%) 648367 ( 0.01%) 433.98
pop3 821 ( 0.00%) 271563 ( 0.00%) 330.77
imap 2039 ( 0.01%) 507190 ( 0.01%) 248.74
telnet 10780 ( 0.04%) 811812 ( 0.01%) 75.31
ssh 5885 ( 0.02%) 786686 ( 0.01%) 133.68
dns 4134 ( 0.02%) 403270 ( 0.01%) 97.55
bgp 425 ( 0.00%) 135977 ( 0.00%) 319.95
napster 10 ( 0.00%) 1340 ( 0.00%) 134.00
realaud 18 ( 0.00%) 2215 ( 0.00%) 123.06
icecast 726 ( 0.00%) 99348 ( 0.00%) 136.84
hotline 11 ( 0.00%) 1399 ( 0.00%) 127.18
other 1063796 ( 4.32%) 508452974 ( 8.76%) 477.96
udp 1287540 ( 5.23%) 407978547 ( 7.03%) 316.87
dns 702695 ( 2.85%) 188970163 ( 3.26%) 268.92
realaud 12 ( 0.00%) 1328 ( 0.00%) 110.67
halflif 19 ( 0.00%) 2718 ( 0.00%) 143.05
starcra 54 ( 0.00%) 5079 ( 0.00%) 94.06
everque 71 ( 0.00%) 15507 ( 0.00%) 218.41
unreal 6 ( 0.00%) 1192 ( 0.00%) 198.67
quake 21 ( 0.00%) 1825 ( 0.00%) 86.90
cuseeme 2 ( 0.00%) 176 ( 0.00%) 88.00
other 584387 ( 2.37%) 218895444 ( 3.77%) 374.57
icmp 17891090 ( 72.63%) 1100248178 ( 18.96%) 61.50
ipip 185 ( 0.00%) 19270 ( 0.00%) 104.16
ipsec 92553 ( 0.38%) 41347958 ( 0.71%) 446.75
ip6 97438 ( 0.40%) 44693678 ( 0.77%) 458.69
pim 16 ( 0.00%) 960 ( 0.00%) 60.00
other 58887 ( 0.24%) 15439305 ( 0.27%) 262.19
frag 90437 ( 0.37%) 80307015 ( 1.38%) 887.99
ip6 280513 ( 1.14%) 167948666 ( 2.89%) 598.72
tcp6 196965 ( 0.80%) 151983435 ( 2.62%) 771.63
http(s) 110286 ( 0.45%) 118364920 ( 2.04%) 1073.25
http(c) 52322 ( 0.21%) 5596824 ( 0.10%) 106.97
smtp 43 ( 0.00%) 18389 ( 0.00%) 427.65
ftp 121 ( 0.00%) 10779 ( 0.00%) 89.08
ssh 12 ( 0.00%) 1008 ( 0.00%) 84.00
dns 60 ( 0.00%) 15304 ( 0.00%) 255.07
bgp 105 ( 0.00%) 28565 ( 0.00%) 272.05
other 34016 ( 0.14%) 27947646 ( 0.48%) 821.60
udp6 64078 ( 0.26%) 12804666 ( 0.22%) 199.83
dns 63580 ( 0.26%) 12753939 ( 0.22%) 200.60
other 498 ( 0.00%) 50727 ( 0.00%) 101.86
icmp6 18893 ( 0.08%) 2676269 ( 0.05%) 141.65
ip6 83 ( 0.00%) 11294 ( 0.00%) 136.07
pim6 31 ( 0.00%) 4216 ( 0.00%) 136.00
other6 463 ( 0.00%) 468786 ( 0.01%) 1012.50
tcpdump file: 201210281400.dump.gz (509.69 MB)