Traffic Trace Info
DumpFile: 201211211400.dump
FileSize: 2884.16MB
Id: 201211211400
StartTime: Wed Nov 21 14:00:00 2012
EndTime: Wed Nov 21 14:15:00 2012
TotalTime: 900.22 seconds
TotalCapSize: -1796.88MB CapLen: 96 bytes
# of packets: 38341001 (24789.20MB)
AvgRate: 230.97Mbps stddev:33.14M
IP flow (unique src/dst pair) Information
# of flows: 1730922 (avg. 22.15 pkts/flow)
Top 10 big flow size (bytes/total in %):
8.3% 8.3% 3.0% 2.3% 1.8% 1.7% 1.7% 1.3% 1.3% 1.1%
IP address Information
# of IPv4 addresses: 1325393
Top 10 bandwidth usage (bytes/total in %):
18.0% 8.8% 8.8% 7.9% 4.9% 4.8% 4.5% 3.4% 3.2% 3.1%
# of IPv6 addresses: 10794
Top 10 bandwidth usage (bytes/total in %):
21.7% 6.7% 6.0% 5.8% 5.8% 5.4% 3.6% 3.5% 3.4% 3.0%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201211211400.pktlen.png)
detailed numbers
[ 32- 63]: 4701986
[ 64- 127]: 15004874
[ 128- 255]: 933752
[ 256- 511]: 758603
[ 512- 1023]: 1029121
[ 1024- 2047]: 15912665
Protocol Breakdown
![[protocol breakdown chart]](201211211400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 38341001 (100.00%) 25993357030 (100.00%) 677.95
ip 36897905 ( 96.24%) 24743631079 ( 95.19%) 670.60
tcp 23981330 ( 62.55%) 22493804835 ( 86.54%) 937.97
http(s) 14816765 ( 38.64%) 19502524430 ( 75.03%) 1316.25
http(c) 6754726 ( 17.62%) 1764884587 ( 6.79%) 261.28
squid 165705 ( 0.43%) 65784261 ( 0.25%) 397.00
smtp 86387 ( 0.23%) 29529016 ( 0.11%) 341.82
ftp 51848 ( 0.14%) 34530521 ( 0.13%) 666.00
pop3 4348 ( 0.01%) 2198733 ( 0.01%) 505.69
imap 2388 ( 0.01%) 354131 ( 0.00%) 148.30
telnet 45348 ( 0.12%) 4072309 ( 0.02%) 89.80
ssh 31523 ( 0.08%) 6406280 ( 0.02%) 203.23
dns 6111 ( 0.02%) 2287080 ( 0.01%) 374.26
bgp 553 ( 0.00%) 136592 ( 0.00%) 247.00
napster 191 ( 0.00%) 17793 ( 0.00%) 93.16
realaud 32 ( 0.00%) 3129 ( 0.00%) 97.78
icecast 23893 ( 0.06%) 23681699 ( 0.09%) 991.16
hotline 5 ( 0.00%) 308 ( 0.00%) 61.60
other 1991507 ( 5.19%) 1057393966 ( 4.07%) 530.95
udp 2431096 ( 6.34%) 1299303175 ( 5.00%) 534.45
dns 652087 ( 1.70%) 240336711 ( 0.92%) 368.57
rip 7 ( 0.00%) 454 ( 0.00%) 64.86
realaud 14 ( 0.00%) 1068 ( 0.00%) 76.29
halflif 18 ( 0.00%) 1469 ( 0.00%) 81.61
starcra 43 ( 0.00%) 4535 ( 0.00%) 105.47
everque 136 ( 0.00%) 24451 ( 0.00%) 179.79
unreal 2 ( 0.00%) 168 ( 0.00%) 84.00
quake 15 ( 0.00%) 1395 ( 0.00%) 93.00
cuseeme 3 ( 0.00%) 252 ( 0.00%) 84.00
other 1695683 ( 4.42%) 1053468150 ( 4.05%) 621.26
icmp 9952290 ( 25.96%) 691535425 ( 2.66%) 69.49
ipip 185 ( 0.00%) 19270 ( 0.00%) 104.16
ipsec 24916 ( 0.06%) 7063976 ( 0.03%) 283.51
ip6 466026 ( 1.22%) 239992933 ( 0.92%) 514.98
other 42062 ( 0.11%) 11911465 ( 0.05%) 283.19
frag 298109 ( 0.78%) 284686322 ( 1.10%) 954.97
ip6 1443096 ( 3.76%) 1249725951 ( 4.81%) 866.00
tcp6 1304646 ( 3.40%) 1187691631 ( 4.57%) 910.36
http(s) 965177 ( 2.52%) 1035958475 ( 3.99%) 1073.34
http(c) 198180 ( 0.52%) 24394474 ( 0.09%) 123.09
smtp 671 ( 0.00%) 230588 ( 0.00%) 343.65
ftp 70 ( 0.00%) 6195 ( 0.00%) 88.50
ssh 12 ( 0.00%) 1008 ( 0.00%) 84.00
dns 648 ( 0.00%) 267969 ( 0.00%) 413.53
bgp 90 ( 0.00%) 17355 ( 0.00%) 192.83
other 139798 ( 0.36%) 126815567 ( 0.49%) 907.13
udp6 101291 ( 0.26%) 50953454 ( 0.20%) 503.04
dns 67308 ( 0.18%) 19658287 ( 0.08%) 292.06
quake 1 ( 0.00%) 101 ( 0.00%) 101.00
other 33982 ( 0.09%) 31295066 ( 0.12%) 920.93
icmp6 30447 ( 0.08%) 3130090 ( 0.01%) 102.80
ip6 82 ( 0.00%) 11176 ( 0.00%) 136.29
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 6600 ( 0.02%) 7935520 ( 0.03%) 1202.35
tcpdump file: 201211211400.dump.gz (785.64 MB)