Traffic Trace Info
DumpFile: 201212101400.dump
FileSize: 2842.12MB
Id: 201212101400
StartTime: Mon Dec 10 14:00:00 2012
EndTime: Mon Dec 10 14:15:00 2012
TotalTime: 900.01 seconds
TotalCapSize: -1835.50MB CapLen: 96 bytes
# of packets: 38116708 (29907.81MB)
AvgRate: 278.89Mbps stddev:166.60M
IP flow (unique src/dst pair) Information
# of flows: 2007581 (avg. 18.99 pkts/flow)
Top 10 big flow size (bytes/total in %):
1.8% 1.5% 1.4% 1.3% 1.3% 1.3% 1.1% 1.0% 1.0% 0.9%
IP address Information
# of IPv4 addresses: 1442241
Top 10 bandwidth usage (bytes/total in %):
27.7% 6.1% 5.6% 5.4% 3.1% 2.3% 2.2% 2.0% 2.0% 1.7%
# of IPv6 addresses: 10834
Top 10 bandwidth usage (bytes/total in %):
8.7% 3.6% 3.4% 3.4% 3.3% 2.3% 2.2% 2.1% 1.9% 1.7%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201212101400.pktlen.png)
detailed numbers
[ 32- 63]: 4775645
[ 64- 127]: 10337424
[ 128- 255]: 1158312
[ 256- 511]: 888807
[ 512- 1023]: 1427522
[ 1024- 2047]: 19528998
Protocol Breakdown
![[protocol breakdown chart]](201212101400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 38116708 (100.00%) 31360607090 (100.00%) 822.75
ip 36118368 ( 94.76%) 29756033497 ( 94.88%) 823.85
tcp 31350803 ( 82.25%) 27986904514 ( 89.24%) 892.70
http(s) 12934632 ( 33.93%) 16319665874 ( 52.04%) 1261.70
http(c) 7995175 ( 20.98%) 2391275430 ( 7.63%) 299.09
squid 43280 ( 0.11%) 22974979 ( 0.07%) 530.85
smtp 108109 ( 0.28%) 63143709 ( 0.20%) 584.07
nntp 4 ( 0.00%) 254 ( 0.00%) 63.50
ftp 49707 ( 0.13%) 42726953 ( 0.14%) 859.58
pop3 7553 ( 0.02%) 3893164 ( 0.01%) 515.45
imap 2375 ( 0.01%) 423518 ( 0.00%) 178.32
telnet 45566 ( 0.12%) 4848173 ( 0.02%) 106.40
ssh 1510441 ( 3.96%) 268655908 ( 0.86%) 177.87
dns 6096 ( 0.02%) 4105764 ( 0.01%) 673.52
bgp 557 ( 0.00%) 150803 ( 0.00%) 270.74
napster 42 ( 0.00%) 5408 ( 0.00%) 128.76
realaud 5 ( 0.00%) 672 ( 0.00%) 134.40
rtsp 6037 ( 0.02%) 4083957 ( 0.01%) 676.49
icecast 4158 ( 0.01%) 3014307 ( 0.01%) 724.94
hotline 5 ( 0.00%) 682 ( 0.00%) 136.40
other 8637061 ( 22.66%) 8857934959 ( 28.25%) 1025.57
udp 2509496 ( 6.58%) 1288436338 ( 4.11%) 513.42
dns 1026065 ( 2.69%) 615533802 ( 1.96%) 599.90
realaud 72 ( 0.00%) 67978 ( 0.00%) 944.14
halflif 48 ( 0.00%) 4487 ( 0.00%) 93.48
starcra 34 ( 0.00%) 3765 ( 0.00%) 110.74
everque 6790 ( 0.02%) 6200549 ( 0.02%) 913.19
unreal 9 ( 0.00%) 1969 ( 0.00%) 218.78
quake 12 ( 0.00%) 1440 ( 0.00%) 120.00
cuseeme 2 ( 0.00%) 267 ( 0.00%) 133.50
other 1474561 ( 3.87%) 664211475 ( 2.12%) 450.45
icmp 1560755 ( 4.09%) 106891436 ( 0.34%) 68.49
ipip 185 ( 0.00%) 19270 ( 0.00%) 104.16
ipsec 7819 ( 0.02%) 2565594 ( 0.01%) 328.12
ip6 639374 ( 1.68%) 356924495 ( 1.14%) 558.24
pim 83 ( 0.00%) 4980 ( 0.00%) 60.00
other 49853 ( 0.13%) 14286870 ( 0.05%) 286.58
frag 430122 ( 1.13%) 472710691 ( 1.51%) 1099.02
ip6 1998340 ( 5.24%) 1604573593 ( 5.12%) 802.95
tcp6 1853057 ( 4.86%) 1537860564 ( 4.90%) 829.90
http(s) 1501927 ( 3.94%) 1497300109 ( 4.77%) 996.92
http(c) 301867 ( 0.79%) 35996949 ( 0.11%) 119.25
smtp 71 ( 0.00%) 19806 ( 0.00%) 278.96
ftp 113 ( 0.00%) 10293 ( 0.00%) 91.09
ssh 121 ( 0.00%) 15478 ( 0.00%) 127.92
dns 400 ( 0.00%) 158391 ( 0.00%) 395.98
bgp 103 ( 0.00%) 33126 ( 0.00%) 321.61
napster 4 ( 0.00%) 296 ( 0.00%) 74.00
other 48451 ( 0.13%) 4326116 ( 0.01%) 89.29
udp6 97974 ( 0.26%) 41016277 ( 0.13%) 418.64
dns 80741 ( 0.21%) 26062818 ( 0.08%) 322.80
other 17233 ( 0.05%) 14953459 ( 0.05%) 867.72
icmp6 27597 ( 0.07%) 3305304 ( 0.01%) 119.77
ip6 84 ( 0.00%) 11412 ( 0.00%) 135.86
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 19598 ( 0.05%) 22375956 ( 0.07%) 1141.75
tcpdump file: 201212101400.dump.gz (928.81 MB)