Traffic Trace Info
DumpFile: 201211141400.dump
FileSize: 2398.35MB
Id: 201211141400
StartTime: Wed Nov 14 14:00:01 2012
EndTime: Wed Nov 14 14:15:01 2012
TotalTime: 899.85 seconds
TotalCapSize: 1897.63MB CapLen: 96 bytes
# of packets: 32814730 (25486.32MB)
AvgRate: 237.56Mbps stddev:39.48M
IP flow (unique src/dst pair) Information
# of flows: 1003931 (avg. 32.69 pkts/flow)
Top 10 big flow size (bytes/total in %):
9.0% 4.9% 3.9% 3.2% 1.2% 1.1% 1.1% 1.0% 0.9% 0.9%
IP address Information
# of IPv4 addresses: 509926
Top 10 bandwidth usage (bytes/total in %):
13.3% 10.4% 9.7% 5.2% 4.4% 4.3% 4.3% 3.4% 3.4% 3.3%
# of IPv6 addresses: 12093
Top 10 bandwidth usage (bytes/total in %):
18.0% 7.6% 4.9% 4.4% 3.6% 3.6% 3.5% 3.5% 3.2% 3.2%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201211141400.pktlen.png)
detailed numbers
[ 32- 63]: 5752388
[ 64- 127]: 7462093
[ 128- 255]: 1047831
[ 256- 511]: 782545
[ 512- 1023]: 1057275
[ 1024- 2047]: 16712598
Protocol Breakdown
![[protocol breakdown chart]](201211141400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 32814730 (100.00%) 26724342250 (100.00%) 814.40
ip 30835464 ( 93.97%) 24963396821 ( 93.41%) 809.57
tcp 27141467 ( 82.71%) 23605524002 ( 88.33%) 869.72
http(s) 14130674 ( 43.06%) 18641087703 ( 69.75%) 1319.19
http(c) 8328131 ( 25.38%) 1996521922 ( 7.47%) 239.73
squid 244974 ( 0.75%) 237233321 ( 0.89%) 968.40
smtp 135400 ( 0.41%) 23949112 ( 0.09%) 176.88
nntp 1 ( 0.00%) 74 ( 0.00%) 74.00
ftp 21727 ( 0.07%) 12949289 ( 0.05%) 596.00
pop3 3510 ( 0.01%) 1309006 ( 0.00%) 372.94
imap 144455 ( 0.44%) 139159237 ( 0.52%) 963.34
telnet 18336 ( 0.06%) 1351563 ( 0.01%) 73.71
ssh 476719 ( 1.45%) 73858915 ( 0.28%) 154.93
dns 6550 ( 0.02%) 2456667 ( 0.01%) 375.06
bgp 605 ( 0.00%) 156409 ( 0.00%) 258.53
napster 34 ( 0.00%) 8365 ( 0.00%) 246.03
realaud 5 ( 0.00%) 674 ( 0.00%) 134.80
rtsp 6124 ( 0.02%) 7082012 ( 0.03%) 1156.44
icecast 32752 ( 0.10%) 30757283 ( 0.12%) 939.10
hotline 10 ( 0.00%) 1335 ( 0.00%) 133.50
other 3591459 ( 10.94%) 2437641055 ( 9.12%) 678.73
udp 2648264 ( 8.07%) 1034239407 ( 3.87%) 390.53
dns 819851 ( 2.50%) 225701648 ( 0.84%) 275.30
realaud 19 ( 0.00%) 1542 ( 0.00%) 81.16
halflif 30 ( 0.00%) 3792 ( 0.00%) 126.40
starcra 83 ( 0.00%) 9532 ( 0.00%) 114.84
everque 670 ( 0.00%) 460012 ( 0.00%) 686.59
unreal 6 ( 0.00%) 1839 ( 0.00%) 306.50
quake 61 ( 0.00%) 8035 ( 0.00%) 131.72
cuseeme 5 ( 0.00%) 486 ( 0.00%) 97.20
other 1827442 ( 5.57%) 807998359 ( 3.02%) 442.15
icmp 382116 ( 1.16%) 32230421 ( 0.12%) 84.35
ipip 184 ( 0.00%) 19160 ( 0.00%) 104.13
ipsec 22237 ( 0.07%) 3469742 ( 0.01%) 156.03
ip6 586121 ( 1.79%) 269166386 ( 1.01%) 459.23
pim 16 ( 0.00%) 960 ( 0.00%) 60.00
other 55059 ( 0.17%) 18746743 ( 0.07%) 340.48
frag 95033 ( 0.29%) 96871928 ( 0.36%) 1019.35
ip6 1979266 ( 6.03%) 1760945429 ( 6.59%) 889.70
tcp6 1850412 ( 5.64%) 1720625556 ( 6.44%) 929.86
http(s) 1561603 ( 4.76%) 1675610390 ( 6.27%) 1073.01
http(c) 253090 ( 0.77%) 29866835 ( 0.11%) 118.01
smtp 81 ( 0.00%) 27083 ( 0.00%) 334.36
ftp 208 ( 0.00%) 20038 ( 0.00%) 96.34
pop3 36 ( 0.00%) 8212 ( 0.00%) 228.11
ssh 12 ( 0.00%) 1008 ( 0.00%) 84.00
dns 519 ( 0.00%) 287515 ( 0.00%) 553.98
bgp 120 ( 0.00%) 50844 ( 0.00%) 423.70
other 34743 ( 0.11%) 14753631 ( 0.06%) 424.65
udp6 91505 ( 0.28%) 26189558 ( 0.10%) 286.21
dns 73911 ( 0.23%) 24316257 ( 0.09%) 328.99
everque 3 ( 0.00%) 667 ( 0.00%) 222.33
quake 1 ( 0.00%) 115 ( 0.00%) 115.00
other 17590 ( 0.05%) 1872519 ( 0.01%) 106.45
icmp6 27613 ( 0.08%) 3037992 ( 0.01%) 110.02
ip6 84 ( 0.00%) 11412 ( 0.00%) 135.86
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 9622 ( 0.03%) 11076831 ( 0.04%) 1151.20
tcpdump file: 201211141400.dump.gz (771.87 MB)