Traffic Trace Info
DumpFile: 201212231400.dump
FileSize: 2323.44MB
Id: 201212231400
StartTime: Sun Dec 23 14:00:00 2012
EndTime: Sun Dec 23 14:15:01 2012
TotalTime: 900.81 seconds
TotalCapSize: 1790.57MB CapLen: 96 bytes
# of packets: 34921660 (17383.27MB)
AvgRate: 161.90Mbps stddev:30.86M
IP flow (unique src/dst pair) Information
# of flows: 10961094 (avg. 3.19 pkts/flow)
Top 10 big flow size (bytes/total in %):
11.0% 4.4% 3.1% 2.8% 2.5% 2.4% 2.2% 1.9% 1.8% 1.7%
IP address Information
# of IPv4 addresses: 8513896
Top 10 bandwidth usage (bytes/total in %):
21.6% 12.0% 8.5% 8.4% 7.9% 5.3% 4.7% 4.7% 3.3% 3.3%
# of IPv6 addresses: 9352
Top 10 bandwidth usage (bytes/total in %):
38.1% 37.9% 4.8% 4.3% 4.3% 4.2% 3.5% 3.1% 3.1% 2.5%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201212231400.pktlen.png)
detailed numbers
[ 32- 63]: 16409362
[ 64- 127]: 5931917
[ 128- 255]: 404499
[ 256- 511]: 619037
[ 512- 1023]: 494627
[ 1024- 2047]: 11062218
Protocol Breakdown
![[protocol breakdown chart]](201212231400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 34921660 (100.00%) 18227676461 (100.00%) 521.96
ip 33693612 ( 96.48%) 17045833187 ( 93.52%) 505.91
tcp 16122096 ( 46.17%) 14968660670 ( 82.12%) 928.46
http(s) 7892755 ( 22.60%) 10527547436 ( 57.76%) 1333.82
http(c) 4802893 ( 13.75%) 1461363094 ( 8.02%) 304.27
squid 128569 ( 0.37%) 20936475 ( 0.11%) 162.84
smtp 44880 ( 0.13%) 7638074 ( 0.04%) 170.19
nntp 106 ( 0.00%) 6360 ( 0.00%) 60.00
ftp 41518 ( 0.12%) 32998305 ( 0.18%) 794.80
pop3 2137 ( 0.01%) 652310 ( 0.00%) 305.25
imap 4765 ( 0.01%) 3595364 ( 0.02%) 754.54
telnet 75037 ( 0.21%) 7033699 ( 0.04%) 93.74
ssh 253080 ( 0.72%) 33345697 ( 0.18%) 131.76
dns 3061 ( 0.01%) 2065540 ( 0.01%) 674.79
bgp 536 ( 0.00%) 113827 ( 0.00%) 212.36
napster 6 ( 0.00%) 422 ( 0.00%) 70.33
realaud 4 ( 0.00%) 272 ( 0.00%) 68.00
icecast 21476 ( 0.06%) 15841806 ( 0.09%) 737.65
hotline 3 ( 0.00%) 214 ( 0.00%) 71.33
other 2851267 ( 8.16%) 2855521595 ( 15.67%) 1001.49
udp 1839218 ( 5.27%) 882793017 ( 4.84%) 479.98
dns 568820 ( 1.63%) 231279060 ( 1.27%) 406.59
realaud 19 ( 0.00%) 1361 ( 0.00%) 71.63
halflif 12 ( 0.00%) 1269 ( 0.00%) 105.75
starcra 8 ( 0.00%) 1071 ( 0.00%) 133.88
everque 18 ( 0.00%) 3998 ( 0.00%) 222.11
unreal 5 ( 0.00%) 475 ( 0.00%) 95.00
quake 25 ( 0.00%) 2194 ( 0.00%) 87.76
cuseeme 2 ( 0.00%) 202 ( 0.00%) 101.00
other 1269785 ( 3.64%) 650850445 ( 3.57%) 512.57
icmp 15281978 ( 43.76%) 978333794 ( 5.37%) 64.02
ipip 184 ( 0.00%) 19160 ( 0.00%) 104.13
ipsec 13171 ( 0.04%) 5325298 ( 0.03%) 404.32
ip6 391458 ( 1.12%) 198060763 ( 1.09%) 505.96
pim 78 ( 0.00%) 4680 ( 0.00%) 60.00
other 45429 ( 0.13%) 12635805 ( 0.07%) 278.14
frag 107575 ( 0.31%) 119619625 ( 0.66%) 1111.96
ip6 1228048 ( 3.52%) 1181843274 ( 6.48%) 962.38
tcp6 1084958 ( 3.11%) 1088224460 ( 5.97%) 1003.01
http(s) 843625 ( 2.42%) 1026374877 ( 5.63%) 1216.62
http(c) 167418 ( 0.48%) 20225115 ( 0.11%) 120.81
smtp 370 ( 0.00%) 130488 ( 0.00%) 352.67
ftp 66 ( 0.00%) 5876 ( 0.00%) 89.03
ssh 12 ( 0.00%) 1008 ( 0.00%) 84.00
dns 366 ( 0.00%) 64146 ( 0.00%) 175.26
bgp 101 ( 0.00%) 28414 ( 0.00%) 281.33
other 73000 ( 0.21%) 41394536 ( 0.23%) 567.05
udp6 59590 ( 0.17%) 33720788 ( 0.18%) 565.88
dns 41382 ( 0.12%) 13126533 ( 0.07%) 317.20
realaud 1 ( 0.00%) 104 ( 0.00%) 104.00
everque 1 ( 0.00%) 107 ( 0.00%) 107.00
other 18206 ( 0.05%) 20594044 ( 0.11%) 1131.17
icmp6 29347 ( 0.08%) 3200629 ( 0.02%) 109.06
ip6 84 ( 0.00%) 11412 ( 0.00%) 135.86
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 54039 ( 0.15%) 56681905 ( 0.31%) 1048.91
tcpdump file: 201212231400.dump.gz (752.31 MB)