Traffic Trace Info
DumpFile: 201211281400.dump
FileSize: 2525.79MB
Id: 201211281400
StartTime: Wed Nov 28 14:00:01 2012
EndTime: Wed Nov 28 14:15:01 2012
TotalTime: 899.68 seconds
TotalCapSize: 1990.28MB CapLen: 96 bytes
# of packets: 35094265 (25378.33MB)
AvgRate: 236.63Mbps stddev:46.36M
IP flow (unique src/dst pair) Information
# of flows: 1875755 (avg. 18.71 pkts/flow)
Top 10 big flow size (bytes/total in %):
5.1% 2.5% 2.4% 2.3% 2.1% 1.6% 1.5% 1.2% 1.2% 1.1%
IP address Information
# of IPv4 addresses: 1305848
Top 10 bandwidth usage (bytes/total in %):
10.9% 5.7% 5.5% 5.5% 5.5% 3.8% 3.3% 2.9% 2.8% 2.8%
# of IPv6 addresses: 11916
Top 10 bandwidth usage (bytes/total in %):
14.7% 10.4% 5.8% 5.0% 3.0% 3.0% 2.5% 2.5% 2.4% 2.2%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201211281400.pktlen.png)
detailed numbers
[ 32- 63]: 6393852
[ 64- 127]: 8214939
[ 128- 255]: 1522985
[ 256- 511]: 1112328
[ 512- 1023]: 1214826
[ 1024- 2047]: 16635335
Protocol Breakdown
![[protocol breakdown chart]](201211281400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 35094265 (100.00%) 26611102711 (100.00%) 758.27
ip 32675091 ( 93.11%) 24578123189 ( 92.36%) 752.20
tcp 24984625 ( 71.19%) 20238835259 ( 76.05%) 810.05
http(s) 12155033 ( 34.64%) 14874350606 ( 55.90%) 1223.72
http(c) 7641235 ( 21.77%) 2493801558 ( 9.37%) 326.36
squid 196477 ( 0.56%) 71803779 ( 0.27%) 365.46
smtp 205377 ( 0.59%) 84507141 ( 0.32%) 411.47
nntp 4 ( 0.00%) 240 ( 0.00%) 60.00
ftp 31234 ( 0.09%) 19651455 ( 0.07%) 629.17
pop3 5810 ( 0.02%) 2718138 ( 0.01%) 467.84
imap 2799 ( 0.01%) 821021 ( 0.00%) 293.33
telnet 41672 ( 0.12%) 4561693 ( 0.02%) 109.47
ssh 50217 ( 0.14%) 24449716 ( 0.09%) 486.88
dns 5368 ( 0.02%) 963530 ( 0.00%) 179.50
bgp 683 ( 0.00%) 229623 ( 0.00%) 336.20
napster 26 ( 0.00%) 3247 ( 0.00%) 124.88
realaud 31 ( 0.00%) 8998 ( 0.00%) 290.26
icecast 70333 ( 0.20%) 61970331 ( 0.23%) 881.10
hotline 36 ( 0.00%) 6965 ( 0.00%) 193.47
other 4578233 ( 13.05%) 2598983798 ( 9.77%) 567.68
udp 5453714 ( 15.54%) 3787160404 ( 14.23%) 694.42
dns 1385222 ( 3.95%) 849456528 ( 3.19%) 613.23
rip 4 ( 0.00%) 316 ( 0.00%) 79.00
realaud 9 ( 0.00%) 751 ( 0.00%) 83.44
halflif 20 ( 0.00%) 2488 ( 0.00%) 124.40
starcra 55 ( 0.00%) 6832 ( 0.00%) 124.22
everque 125 ( 0.00%) 18562 ( 0.00%) 148.50
unreal 12 ( 0.00%) 1410 ( 0.00%) 117.50
quake 21 ( 0.00%) 2103 ( 0.00%) 100.14
cuseeme 7 ( 0.00%) 905 ( 0.00%) 129.29
other 3850886 ( 10.97%) 2923924522 ( 10.99%) 759.29
icmp 1332246 ( 3.80%) 87635375 ( 0.33%) 65.78
ipip 185 ( 0.00%) 19270 ( 0.00%) 104.16
ipsec 41705 ( 0.12%) 9692574 ( 0.04%) 232.41
ip6 757989 ( 2.16%) 408104087 ( 1.53%) 538.40
other 104627 ( 0.30%) 46676220 ( 0.18%) 446.12
frag 1424192 ( 4.06%) 1293671849 ( 4.86%) 908.35
ip6 2419174 ( 6.89%) 2032979522 ( 7.64%) 840.36
tcp6 2238682 ( 6.38%) 1980281403 ( 7.44%) 884.57
http(s) 1672225 ( 4.76%) 1769999543 ( 6.65%) 1058.47
http(c) 379477 ( 1.08%) 44999343 ( 0.17%) 118.58
smtp 1508 ( 0.00%) 625466 ( 0.00%) 414.77
ftp 22104 ( 0.06%) 12704853 ( 0.05%) 574.78
pop3 11 ( 0.00%) 990 ( 0.00%) 90.00
ssh 119 ( 0.00%) 15570 ( 0.00%) 130.84
dns 623 ( 0.00%) 266528 ( 0.00%) 427.81
bgp 101 ( 0.00%) 26897 ( 0.00%) 266.31
other 162514 ( 0.46%) 151642213 ( 0.57%) 933.10
udp6 137301 ( 0.39%) 37815137 ( 0.14%) 275.42
dns 86980 ( 0.25%) 25859334 ( 0.10%) 297.30
realaud 1 ( 0.00%) 112 ( 0.00%) 112.00
starcra 1 ( 0.00%) 108 ( 0.00%) 108.00
other 50319 ( 0.14%) 11955583 ( 0.04%) 237.60
icmp6 33797 ( 0.10%) 3628369 ( 0.01%) 107.36
ip6 84 ( 0.00%) 11412 ( 0.00%) 135.86
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 9280 ( 0.03%) 11239121 ( 0.04%) 1211.11
tcpdump file: 201211281400.dump.gz (813.35 MB)