Traffic Trace Info
DumpFile: 201212181400.dump
FileSize: 3204.42MB
Id: 201212181400
StartTime: Tue Dec 18 14:00:00 2012
EndTime: Tue Dec 18 14:15:01 2012
TotalTime: 900.72 seconds
TotalCapSize: -1606.87MB CapLen: 96 bytes
# of packets: 46876177 (24612.68MB)
AvgRate: 229.17Mbps stddev:40.62M
IP flow (unique src/dst pair) Information
# of flows: 12348002 (avg. 3.80 pkts/flow)
Top 10 big flow size (bytes/total in %):
2.4% 1.7% 1.3% 1.1% 1.1% 1.0% 0.9% 0.9% 0.8% 0.8%
IP address Information
# of IPv4 addresses: 9670258
Top 10 bandwidth usage (bytes/total in %):
8.7% 7.7% 6.8% 5.6% 5.2% 5.2% 4.7% 3.8% 2.6% 2.6%
# of IPv6 addresses: 13315
Top 10 bandwidth usage (bytes/total in %):
9.3% 4.7% 4.6% 4.4% 3.7% 3.6% 3.2% 3.2% 3.1% 3.1%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201212181400.pktlen.png)
detailed numbers
[ 32- 63]: 19267973
[ 64- 127]: 8762509
[ 128- 255]: 837167
[ 256- 511]: 1269883
[ 512- 1023]: 1160664
[ 1024- 2047]: 15577981
Protocol Breakdown
![[protocol breakdown chart]](201212181400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 46876177 (100.00%) 25808261860 (100.00%) 550.56
ip 44220215 ( 94.33%) 23670268146 ( 91.72%) 535.28
tcp 23707056 ( 50.57%) 20329980965 ( 78.77%) 857.55
http(s) 12823876 ( 27.36%) 15951384572 ( 61.81%) 1243.88
http(c) 7504140 ( 16.01%) 1928813379 ( 7.47%) 257.03
squid 35205 ( 0.08%) 25723561 ( 0.10%) 730.68
smtp 99991 ( 0.21%) 44612912 ( 0.17%) 446.17
nntp 87 ( 0.00%) 5220 ( 0.00%) 60.00
ftp 9518 ( 0.02%) 1210453 ( 0.00%) 127.18
pop3 6911 ( 0.01%) 4143554 ( 0.02%) 599.56
imap 3177 ( 0.01%) 340462 ( 0.00%) 107.16
telnet 34695 ( 0.07%) 4011016 ( 0.02%) 115.61
ssh 22234 ( 0.05%) 5168769 ( 0.02%) 232.47
dns 21199 ( 0.05%) 4777759 ( 0.02%) 225.38
bgp 521 ( 0.00%) 113680 ( 0.00%) 218.20
napster 30 ( 0.00%) 2962 ( 0.00%) 98.73
realaud 199 ( 0.00%) 26573 ( 0.00%) 133.53
rtsp 10190 ( 0.02%) 14140801 ( 0.05%) 1387.71
icecast 17963 ( 0.04%) 17187550 ( 0.07%) 956.83
hotline 3 ( 0.00%) 194 ( 0.00%) 64.67
other 3117117 ( 6.65%) 2328317548 ( 9.02%) 746.95
udp 3243628 ( 6.92%) 1822005700 ( 7.06%) 561.72
dns 858166 ( 1.83%) 321660978 ( 1.25%) 374.82
realaud 20 ( 0.00%) 1893 ( 0.00%) 94.65
halflif 43 ( 0.00%) 4732 ( 0.00%) 110.05
starcra 22 ( 0.00%) 2712 ( 0.00%) 123.27
everque 200 ( 0.00%) 26886 ( 0.00%) 134.43
unreal 19 ( 0.00%) 2943 ( 0.00%) 154.89
quake 14 ( 0.00%) 1287 ( 0.00%) 91.93
cuseeme 4 ( 0.00%) 574 ( 0.00%) 143.50
other 2322240 ( 4.95%) 1496247708 ( 5.80%) 644.31
icmp 16352900 ( 34.89%) 1001173985 ( 3.88%) 61.22
ipip 185 ( 0.00%) 19270 ( 0.00%) 104.16
ipsec 33013 ( 0.07%) 12746570 ( 0.05%) 386.11
ip6 825824 ( 1.76%) 486181512 ( 1.88%) 588.72
pim 76 ( 0.00%) 4560 ( 0.00%) 60.00
other 57533 ( 0.12%) 18155584 ( 0.07%) 315.57
frag 449719 ( 0.96%) 375206255 ( 1.45%) 834.31
ip6 2655960 ( 5.67%) 2137993594 ( 8.28%) 804.98
tcp6 2515686 ( 5.37%) 2095678219 ( 8.12%) 833.04
http(s) 1882725 ( 4.02%) 1960191832 ( 7.60%) 1041.15
http(c) 499757 ( 1.07%) 54567709 ( 0.21%) 109.19
squid 233 ( 0.00%) 100749 ( 0.00%) 432.40
smtp 295 ( 0.00%) 109899 ( 0.00%) 372.54
ftp 66 ( 0.00%) 5876 ( 0.00%) 89.03
ssh 12 ( 0.00%) 1008 ( 0.00%) 84.00
dns 389 ( 0.00%) 80272 ( 0.00%) 206.35
bgp 95 ( 0.00%) 26242 ( 0.00%) 276.23
other 132114 ( 0.28%) 80594632 ( 0.31%) 610.04
udp6 99773 ( 0.21%) 36302877 ( 0.14%) 363.85
dns 78673 ( 0.17%) 25993666 ( 0.10%) 330.40
halflif 1 ( 0.00%) 90 ( 0.00%) 90.00
other 21099 ( 0.05%) 10309121 ( 0.04%) 488.61
icmp6 38518 ( 0.08%) 4121266 ( 0.02%) 107.00
ip6 84 ( 0.00%) 11412 ( 0.00%) 135.86
pim6 31 ( 0.00%) 4216 ( 0.00%) 136.00
other6 1868 ( 0.00%) 1875604 ( 0.01%) 1004.07
tcpdump file: 201212181400.dump.gz (1075.33 MB)