Traffic Trace Info
DumpFile: 201212161400.dump
FileSize: 2080.64MB
Id: 201212161400
StartTime: Sun Dec 16 14:00:00 2012
EndTime: Sun Dec 16 14:15:00 2012
TotalTime: 900.29 seconds
TotalCapSize: 1634.40MB CapLen: 96 bytes
# of packets: 29244064 (24422.10MB)
AvgRate: 227.50Mbps stddev:44.88M
IP flow (unique src/dst pair) Information
# of flows: 1752548 (avg. 16.69 pkts/flow)
Top 10 big flow size (bytes/total in %):
27.4% 3.4% 2.9% 2.8% 2.2% 1.7% 1.2% 1.2% 1.1% 1.1%
IP address Information
# of IPv4 addresses: 1390716
Top 10 bandwidth usage (bytes/total in %):
36.8% 29.3% 15.5% 8.0% 5.3% 3.6% 3.6% 3.1% 3.0% 2.3%
# of IPv6 addresses: 9494
Top 10 bandwidth usage (bytes/total in %):
14.1% 14.1% 7.3% 5.3% 4.7% 4.7% 4.4% 4.2% 3.6% 3.6%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201212161400.pktlen.png)
detailed numbers
[ 32- 63]: 6256282
[ 64- 127]: 4693511
[ 128- 255]: 528053
[ 256- 511]: 426576
[ 512- 1023]: 1028697
[ 1024- 2047]: 16310945
Protocol Breakdown
![[protocol breakdown chart]](201212161400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 29244064 (100.00%) 25608425638 (100.00%) 875.68
ip 27978494 ( 95.67%) 24535527679 ( 95.81%) 876.94
tcp 23955525 ( 81.92%) 22810057805 ( 89.07%) 952.18
http(s) 14827017 ( 50.70%) 19863627508 ( 77.57%) 1339.69
http(c) 6901640 ( 23.60%) 1387741303 ( 5.42%) 201.07
squid 48732 ( 0.17%) 12493886 ( 0.05%) 256.38
smtp 51648 ( 0.18%) 9303553 ( 0.04%) 180.13
nntp 101 ( 0.00%) 6060 ( 0.00%) 60.00
ftp 3566 ( 0.01%) 241418 ( 0.00%) 67.70
pop3 6034 ( 0.02%) 2802889 ( 0.01%) 464.52
imap 3745 ( 0.01%) 447610 ( 0.00%) 119.52
telnet 27538 ( 0.09%) 3473903 ( 0.01%) 126.15
ssh 60931 ( 0.21%) 9680480 ( 0.04%) 158.88
dns 4265 ( 0.01%) 2462676 ( 0.01%) 577.42
bgp 503 ( 0.00%) 97953 ( 0.00%) 194.74
napster 7 ( 0.00%) 602 ( 0.00%) 86.00
realaud 95 ( 0.00%) 10474 ( 0.00%) 110.25
rtsp 2362 ( 0.01%) 173958 ( 0.00%) 73.65
icecast 23702 ( 0.08%) 4338978 ( 0.02%) 183.06
hotline 10826 ( 0.04%) 6399953 ( 0.02%) 591.17
other 1982813 ( 6.78%) 1506754601 ( 5.88%) 759.91
udp 2030023 ( 6.94%) 1312765986 ( 5.13%) 646.68
dns 554261 ( 1.90%) 327438434 ( 1.28%) 590.77
realaud 8 ( 0.00%) 626 ( 0.00%) 78.25
halflif 15 ( 0.00%) 1300 ( 0.00%) 86.67
starcra 13 ( 0.00%) 1118 ( 0.00%) 86.00
everque 36 ( 0.00%) 6562 ( 0.00%) 182.28
unreal 3 ( 0.00%) 440 ( 0.00%) 146.67
quake 4 ( 0.00%) 406 ( 0.00%) 101.50
cuseeme 2 ( 0.00%) 159 ( 0.00%) 79.50
other 1475245 ( 5.04%) 984797702 ( 3.85%) 667.55
icmp 1527818 ( 5.22%) 105460666 ( 0.41%) 69.03
ipip 184 ( 0.00%) 19160 ( 0.00%) 104.13
ipsec 18806 ( 0.06%) 9645180 ( 0.04%) 512.88
ip6 395722 ( 1.35%) 284161357 ( 1.11%) 718.08
pim 76 ( 0.00%) 4560 ( 0.00%) 60.00
other 50340 ( 0.17%) 13412965 ( 0.05%) 266.45
frag 257999 ( 0.88%) 269159642 ( 1.05%) 1043.26
ip6 1265570 ( 4.33%) 1072897959 ( 4.19%) 847.76
tcp6 1088427 ( 3.72%) 960308524 ( 3.75%) 882.29
http(s) 804763 ( 2.75%) 894362904 ( 3.49%) 1111.34
http(c) 176363 ( 0.60%) 22315746 ( 0.09%) 126.53
smtp 62 ( 0.00%) 19353 ( 0.00%) 312.15
ftp 1107 ( 0.00%) 505344 ( 0.00%) 456.50
ssh 121 ( 0.00%) 16094 ( 0.00%) 133.01
dns 73 ( 0.00%) 22215 ( 0.00%) 304.32
bgp 94 ( 0.00%) 30207 ( 0.00%) 321.35
other 105844 ( 0.36%) 43036661 ( 0.17%) 406.60
udp6 140319 ( 0.48%) 107327967 ( 0.42%) 764.89
dns 47823 ( 0.16%) 15903203 ( 0.06%) 332.54
realaud 2 ( 0.00%) 202 ( 0.00%) 101.00
halflif 1 ( 0.00%) 106 ( 0.00%) 106.00
everque 1 ( 0.00%) 101 ( 0.00%) 101.00
quake 1 ( 0.00%) 106 ( 0.00%) 106.00
other 92491 ( 0.32%) 91424249 ( 0.36%) 988.47
icmp6 35384 ( 0.12%) 3903002 ( 0.02%) 110.30
ip6 84 ( 0.00%) 11412 ( 0.00%) 135.86
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 1326 ( 0.00%) 1342974 ( 0.01%) 1012.80
tcpdump file: 201212161400.dump.gz (614.97 MB)