Traffic Trace Info
DumpFile: 201301011400.dump
FileSize: 1138.03MB
Id: 201301011400
StartTime: Tue Jan 1 14:00:00 2013
EndTime: Tue Jan 1 14:15:00 2013
TotalTime: 899.76 seconds
TotalCapSize: 894.87MB CapLen: 96 bytes
# of packets: 15934869 (11783.64MB)
AvgRate: 109.85Mbps stddev:29.44M
IP flow (unique src/dst pair) Information
# of flows: 763223 (avg. 20.88 pkts/flow)
Top 10 big flow size (bytes/total in %):
15.8% 5.0% 3.3% 2.4% 2.0% 2.0% 2.0% 1.8% 1.4% 1.4%
IP address Information
# of IPv4 addresses: 439633
Top 10 bandwidth usage (bytes/total in %):
32.0% 17.0% 12.7% 8.9% 5.4% 4.2% 3.5% 2.8% 2.6% 2.2%
# of IPv6 addresses: 9283
Top 10 bandwidth usage (bytes/total in %):
5.8% 5.0% 5.0% 4.0% 3.3% 3.0% 3.0% 2.8% 2.6% 2.5%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201301011400.pktlen.png)
detailed numbers
[ 32- 63]: 2916642
[ 64- 127]: 3714409
[ 128- 255]: 381119
[ 256- 511]: 514927
[ 512- 1023]: 870050
[ 1024- 2047]: 7537722
Protocol Breakdown
![[protocol breakdown chart]](201301011400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 15934869 (100.00%) 12356040831 (100.00%) 775.41
ip 15065257 ( 94.54%) 11695116771 ( 94.65%) 776.30
tcp 11594927 ( 72.76%) 10054712757 ( 81.37%) 867.16
http(s) 5775519 ( 36.24%) 7187762815 ( 58.17%) 1244.52
http(c) 3922814 ( 24.62%) 1635255628 ( 13.23%) 416.86
squid 11872 ( 0.07%) 3544769 ( 0.03%) 298.58
smtp 55632 ( 0.35%) 9804648 ( 0.08%) 176.24
nntp 96 ( 0.00%) 5760 ( 0.00%) 60.00
ftp 75288 ( 0.47%) 70112444 ( 0.57%) 931.26
pop3 968 ( 0.01%) 156842 ( 0.00%) 162.03
imap 1919 ( 0.01%) 518804 ( 0.00%) 270.35
telnet 4783 ( 0.03%) 1837709 ( 0.01%) 384.22
ssh 16601 ( 0.10%) 3705480 ( 0.03%) 223.21
dns 845 ( 0.01%) 172146 ( 0.00%) 203.72
bgp 526 ( 0.00%) 101932 ( 0.00%) 193.79
napster 24 ( 0.00%) 2723 ( 0.00%) 113.46
realaud 3 ( 0.00%) 186 ( 0.00%) 62.00
rtsp 2 ( 0.00%) 120 ( 0.00%) 60.00
icecast 169193 ( 1.06%) 152467601 ( 1.23%) 901.15
hotline 11 ( 0.00%) 2135 ( 0.00%) 194.09
other 1558817 ( 9.78%) 989260175 ( 8.01%) 634.62
udp 2493394 ( 15.65%) 1336866062 ( 10.82%) 536.16
dns 919479 ( 5.77%) 681939491 ( 5.52%) 741.66
realaud 361 ( 0.00%) 22913 ( 0.00%) 63.47
halflif 14 ( 0.00%) 1634 ( 0.00%) 116.71
starcra 22 ( 0.00%) 2301 ( 0.00%) 104.59
everque 29440 ( 0.18%) 26128971 ( 0.21%) 887.53
unreal 12 ( 0.00%) 821 ( 0.00%) 68.42
quake 3 ( 0.00%) 299 ( 0.00%) 99.67
cuseeme 4 ( 0.00%) 514 ( 0.00%) 128.50
other 1543811 ( 9.69%) 628534173 ( 5.09%) 407.13
icmp 599802 ( 3.76%) 97550537 ( 0.79%) 162.64
ipip 184 ( 0.00%) 19160 ( 0.00%) 104.13
ipsec 17781 ( 0.11%) 6414910 ( 0.05%) 360.77
ip6 310603 ( 1.95%) 186858876 ( 1.51%) 601.60
pim 81 ( 0.00%) 4860 ( 0.00%) 60.00
other 48485 ( 0.30%) 12689609 ( 0.10%) 261.72
frag 532835 ( 3.34%) 584376368 ( 4.73%) 1096.73
ip6 869612 ( 5.46%) 660924060 ( 5.35%) 760.02
tcp6 737911 ( 4.63%) 606894551 ( 4.91%) 822.45
http(s) 546168 ( 3.43%) 564184753 ( 4.57%) 1032.99
http(c) 155098 ( 0.97%) 20032971 ( 0.16%) 129.16
smtp 427 ( 0.00%) 115013 ( 0.00%) 269.35
ftp 66 ( 0.00%) 5876 ( 0.00%) 89.03
ssh 12 ( 0.00%) 1008 ( 0.00%) 84.00
dns 340 ( 0.00%) 49324 ( 0.00%) 145.07
bgp 111 ( 0.00%) 45765 ( 0.00%) 412.30
other 35689 ( 0.22%) 22459841 ( 0.18%) 629.32
udp6 61695 ( 0.39%) 14152813 ( 0.11%) 229.40
dns 32221 ( 0.20%) 10743558 ( 0.09%) 333.43
realaud 3 ( 0.00%) 319 ( 0.00%) 106.33
everque 2 ( 0.00%) 200 ( 0.00%) 100.00
other 29469 ( 0.18%) 3408736 ( 0.03%) 115.67
icmp6 39990 ( 0.25%) 4185576 ( 0.03%) 104.67
ip6 83 ( 0.00%) 11294 ( 0.00%) 136.07
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 29903 ( 0.19%) 35675746 ( 0.29%) 1193.05
tcpdump file: 201301011400.dump.gz (359.03 MB)