Traffic Trace Info
DumpFile: 201211231400.dump
FileSize: 2208.72MB
Id: 201211231400
StartTime: Fri Nov 23 14:00:01 2012
EndTime: Fri Nov 23 14:15:01 2012
TotalTime: 900.27 seconds
TotalCapSize: 1743.81MB CapLen: 96 bytes
# of packets: 30468045 (22862.72MB)
AvgRate: 212.98Mbps stddev:30.72M
IP flow (unique src/dst pair) Information
# of flows: 2169529 (avg. 14.04 pkts/flow)
Top 10 big flow size (bytes/total in %):
7.2% 4.8% 4.6% 2.7% 2.5% 2.1% 1.5% 1.4% 1.4% 1.4%
IP address Information
# of IPv4 addresses: 1513029
Top 10 bandwidth usage (bytes/total in %):
17.1% 7.8% 7.7% 7.7% 5.5% 5.2% 5.0% 4.8% 3.5% 2.9%
# of IPv6 addresses: 8111
Top 10 bandwidth usage (bytes/total in %):
12.9% 12.2% 11.6% 6.6% 6.2% 4.0% 4.0% 3.9% 2.9% 2.9%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201211231400.pktlen.png)
detailed numbers
[ 32- 63]: 6883917
[ 64- 127]: 6159501
[ 128- 255]: 643551
[ 256- 511]: 726855
[ 512- 1023]: 1136020
[ 1024- 2047]: 14918201
Protocol Breakdown
![[protocol breakdown chart]](201211231400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 30468045 (100.00%) 23973300437 (100.00%) 786.83
ip 29189127 ( 95.80%) 22799188116 ( 95.10%) 781.08
tcp 25265748 ( 82.93%) 21629769052 ( 90.22%) 856.09
http(s) 12725293 ( 41.77%) 15976368387 ( 66.64%) 1255.48
http(c) 6957010 ( 22.83%) 1428671511 ( 5.96%) 205.36
squid 234591 ( 0.77%) 122407428 ( 0.51%) 521.79
smtp 64901 ( 0.21%) 13224954 ( 0.06%) 203.77
nntp 1 ( 0.00%) 60 ( 0.00%) 60.00
ftp 32534 ( 0.11%) 22471008 ( 0.09%) 690.69
pop3 19131 ( 0.06%) 2086951 ( 0.01%) 109.09
imap 1774 ( 0.01%) 213555 ( 0.00%) 120.38
telnet 44657 ( 0.15%) 3311351 ( 0.01%) 74.15
ssh 138073 ( 0.45%) 14542822 ( 0.06%) 105.33
dns 3532 ( 0.01%) 363766 ( 0.00%) 102.99
bgp 549 ( 0.00%) 119721 ( 0.00%) 218.07
napster 18 ( 0.00%) 2118 ( 0.00%) 117.67
realaud 3 ( 0.00%) 200 ( 0.00%) 66.67
icecast 31138 ( 0.10%) 26152284 ( 0.11%) 839.88
hotline 18 ( 0.00%) 1116 ( 0.00%) 62.00
other 5012515 ( 16.45%) 4019831220 ( 16.77%) 801.96
udp 1904919 ( 6.25%) 866979399 ( 3.62%) 455.13
dns 570606 ( 1.87%) 231630340 ( 0.97%) 405.94
rip 1 ( 0.00%) 79 ( 0.00%) 79.00
realaud 10 ( 0.00%) 1099 ( 0.00%) 109.90
halflif 8 ( 0.00%) 659 ( 0.00%) 82.38
starcra 35 ( 0.00%) 4997 ( 0.00%) 142.77
everque 5768 ( 0.02%) 5293457 ( 0.02%) 917.73
unreal 7 ( 0.00%) 979 ( 0.00%) 139.86
quake 14 ( 0.00%) 1307 ( 0.00%) 93.36
cuseeme 5 ( 0.00%) 455 ( 0.00%) 91.00
other 1284596 ( 4.22%) 626408507 ( 2.61%) 487.63
icmp 1528263 ( 5.02%) 106232251 ( 0.44%) 69.51
ipip 185 ( 0.00%) 19270 ( 0.00%) 104.16
ipsec 51872 ( 0.17%) 31325312 ( 0.13%) 603.90
ip6 386340 ( 1.27%) 151861111 ( 0.63%) 393.08
other 51800 ( 0.17%) 13001721 ( 0.05%) 251.00
frag 227777 ( 0.75%) 237072450 ( 0.99%) 1040.81
ip6 1278918 ( 4.20%) 1174112321 ( 4.90%) 918.05
tcp6 1142391 ( 3.75%) 1091585018 ( 4.55%) 955.53
http(s) 811952 ( 2.66%) 909765672 ( 3.79%) 1120.47
http(c) 214418 ( 0.70%) 24971999 ( 0.10%) 116.46
smtp 108 ( 0.00%) 32420 ( 0.00%) 300.19
ftp 72 ( 0.00%) 6308 ( 0.00%) 87.61
pop3 19 ( 0.00%) 3895 ( 0.00%) 205.00
ssh 341 ( 0.00%) 444502 ( 0.00%) 1303.52
dns 611 ( 0.00%) 304193 ( 0.00%) 497.86
bgp 97 ( 0.00%) 26960 ( 0.00%) 277.94
other 114773 ( 0.38%) 156029069 ( 0.65%) 1359.46
udp6 105663 ( 0.35%) 73543225 ( 0.31%) 696.02
dns 45895 ( 0.15%) 13346760 ( 0.06%) 290.81
realaud 1 ( 0.00%) 111 ( 0.00%) 111.00
halflif 1 ( 0.00%) 103 ( 0.00%) 103.00
everque 1 ( 0.00%) 106 ( 0.00%) 106.00
quake 2 ( 0.00%) 224 ( 0.00%) 112.00
other 59763 ( 0.20%) 60195921 ( 0.25%) 1007.24
icmp6 24792 ( 0.08%) 3039041 ( 0.01%) 122.58
ip6 84 ( 0.00%) 11412 ( 0.00%) 135.86
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 5958 ( 0.02%) 5929545 ( 0.02%) 995.22
tcpdump file: 201211231400.dump.gz (691.05 MB)