Traffic Trace Info
DumpFile: 201211201400.dump
FileSize: 2073.18MB
Id: 201211201400
StartTime: Tue Nov 20 14:00:00 2012
EndTime: Tue Nov 20 14:15:01 2012
TotalTime: 900.25 seconds
TotalCapSize: 1638.82MB CapLen: 96 bytes
# of packets: 28465701 (20777.17MB)
AvgRate: 193.59Mbps stddev:41.42M
IP flow (unique src/dst pair) Information
# of flows: 1944216 (avg. 14.64 pkts/flow)
Top 10 big flow size (bytes/total in %):
5.6% 3.1% 2.2% 2.2% 1.7% 1.5% 1.3% 1.2% 1.2% 1.1%
IP address Information
# of IPv4 addresses: 1421186
Top 10 bandwidth usage (bytes/total in %):
6.4% 6.1% 6.1% 6.1% 4.6% 3.8% 3.8% 3.4% 3.3% 2.7%
# of IPv6 addresses: 8944
Top 10 bandwidth usage (bytes/total in %):
17.8% 13.6% 11.8% 7.2% 4.7% 4.1% 4.1% 2.8% 2.7% 2.3%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201211201400.pktlen.png)
detailed numbers
[ 32- 63]: 4838566
[ 64- 127]: 6962030
[ 128- 255]: 1177943
[ 256- 511]: 1047016
[ 512- 1023]: 937287
[ 1024- 2047]: 13502859
Protocol Breakdown
![[protocol breakdown chart]](201211201400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 28465701 (100.00%) 21786440126 (100.00%) 765.36
ip 26824376 ( 94.23%) 20404180362 ( 93.66%) 760.66
tcp 22331060 ( 78.45%) 18958480367 ( 87.02%) 848.97
http(s) 10523480 ( 36.97%) 13277952413 ( 60.95%) 1261.75
http(c) 7879711 ( 27.68%) 2383611050 ( 10.94%) 302.50
squid 31302 ( 0.11%) 18079409 ( 0.08%) 577.58
smtp 65122 ( 0.23%) 23934311 ( 0.11%) 367.53
nntp 6 ( 0.00%) 360 ( 0.00%) 60.00
ftp 74956 ( 0.26%) 62532294 ( 0.29%) 834.25
pop3 7067 ( 0.02%) 3483294 ( 0.02%) 492.90
imap 4335 ( 0.02%) 1617178 ( 0.01%) 373.05
telnet 47035 ( 0.17%) 3477660 ( 0.02%) 73.94
ssh 31083 ( 0.11%) 6628506 ( 0.03%) 213.25
dns 3915 ( 0.01%) 398709 ( 0.00%) 101.84
bgp 538 ( 0.00%) 115174 ( 0.00%) 214.08
napster 271 ( 0.00%) 23728 ( 0.00%) 87.56
realaud 304 ( 0.00%) 33391 ( 0.00%) 109.84
rtsp 6 ( 0.00%) 402 ( 0.00%) 67.00
icecast 8784 ( 0.03%) 5939407 ( 0.03%) 676.16
other 3653144 ( 12.83%) 3170653021 ( 14.55%) 867.92
udp 2616266 ( 9.19%) 1203243807 ( 5.52%) 459.91
dns 790615 ( 2.78%) 326621973 ( 1.50%) 413.12
rip 1 ( 0.00%) 72 ( 0.00%) 72.00
realaud 12 ( 0.00%) 1994 ( 0.00%) 166.17
halflif 29 ( 0.00%) 3241 ( 0.00%) 111.76
starcra 121 ( 0.00%) 9971 ( 0.00%) 82.40
everque 54 ( 0.00%) 8572 ( 0.00%) 158.74
unreal 7 ( 0.00%) 705 ( 0.00%) 100.71
quake 23 ( 0.00%) 2705 ( 0.00%) 117.61
cuseeme 4 ( 0.00%) 340 ( 0.00%) 85.00
other 1823965 ( 6.41%) 874772025 ( 4.02%) 479.60
icmp 1377750 ( 4.84%) 91394988 ( 0.42%) 66.34
ipip 184 ( 0.00%) 19160 ( 0.00%) 104.13
ipsec 48782 ( 0.17%) 7432692 ( 0.03%) 152.37
ip6 402754 ( 1.41%) 129806457 ( 0.60%) 322.30
other 47580 ( 0.17%) 13802891 ( 0.06%) 290.10
frag 166758 ( 0.59%) 183524459 ( 0.84%) 1100.54
ip6 1641325 ( 5.77%) 1382259764 ( 6.34%) 842.16
tcp6 1550290 ( 5.45%) 1355370321 ( 6.22%) 874.27
http(s) 1020043 ( 3.58%) 1072406802 ( 4.92%) 1051.33
http(c) 340670 ( 1.20%) 37557950 ( 0.17%) 110.25
smtp 238 ( 0.00%) 98440 ( 0.00%) 413.61
ftp 72 ( 0.00%) 6328 ( 0.00%) 87.89
ssh 12 ( 0.00%) 1008 ( 0.00%) 84.00
dns 633 ( 0.00%) 293198 ( 0.00%) 463.19
bgp 89 ( 0.00%) 20484 ( 0.00%) 230.16
other 188533 ( 0.66%) 244986111 ( 1.12%) 1299.43
udp6 68650 ( 0.24%) 19969365 ( 0.09%) 290.89
dns 67644 ( 0.24%) 19860210 ( 0.09%) 293.60
everque 1 ( 0.00%) 105 ( 0.00%) 105.00
quake 1 ( 0.00%) 107 ( 0.00%) 107.00
other 1004 ( 0.00%) 108943 ( 0.00%) 108.51
icmp6 18098 ( 0.06%) 2214636 ( 0.01%) 122.37
ip6 83 ( 0.00%) 11344 ( 0.00%) 136.67
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 4174 ( 0.01%) 4690018 ( 0.02%) 1123.63
tcpdump file: 201211201400.dump.gz (670.20 MB)