Traffic Trace Info
DumpFile: 201301021400.dump
FileSize: 1246.62MB
Id: 201301021400
StartTime: Wed Jan 2 14:00:01 2013
EndTime: Wed Jan 2 14:15:00 2013
TotalTime: 899.52 seconds
TotalCapSize: 982.82MB CapLen: 96 bytes
# of packets: 17288148 (13136.72MB)
AvgRate: 122.53Mbps stddev:19.86M
IP flow (unique src/dst pair) Information
# of flows: 520159 (avg. 33.24 pkts/flow)
Top 10 big flow size (bytes/total in %):
8.8% 4.6% 3.8% 2.6% 2.6% 2.4% 2.0% 1.8% 1.7% 1.5%
IP address Information
# of IPv4 addresses: 317722
Top 10 bandwidth usage (bytes/total in %):
24.4% 16.0% 9.7% 5.0% 4.8% 4.3% 4.3% 3.6% 2.9% 2.9%
# of IPv6 addresses: 10324
Top 10 bandwidth usage (bytes/total in %):
12.7% 12.1% 10.2% 6.1% 5.9% 4.9% 4.0% 3.1% 3.1% 2.6%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201301021400.pktlen.png)
detailed numbers
[ 32- 63]: 2774153
[ 64- 127]: 4416109
[ 128- 255]: 410366
[ 256- 511]: 402132
[ 512- 1023]: 774789
[ 1024- 2047]: 8510599
Protocol Breakdown
![[protocol breakdown chart]](201301021400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 17288148 (100.00%) 13774848130 (100.00%) 796.78
ip 16050479 ( 92.84%) 12751381667 ( 92.57%) 794.45
tcp 12653659 ( 73.19%) 10721474261 ( 77.83%) 847.30
http(s) 4950290 ( 28.63%) 5894294486 ( 42.79%) 1190.70
http(c) 3077345 ( 17.80%) 1046332451 ( 7.60%) 340.01
squid 25426 ( 0.15%) 14624845 ( 0.11%) 575.19
smtp 49803 ( 0.29%) 6827948 ( 0.05%) 137.10
nntp 96 ( 0.00%) 5760 ( 0.00%) 60.00
ftp 26592 ( 0.15%) 5772655 ( 0.04%) 217.08
pop3 3994 ( 0.02%) 3154035 ( 0.02%) 789.69
imap 1874 ( 0.01%) 783232 ( 0.01%) 417.95
telnet 17250 ( 0.10%) 2747270 ( 0.02%) 159.26
ssh 179696 ( 1.04%) 22792320 ( 0.17%) 126.84
dns 906 ( 0.01%) 184402 ( 0.00%) 203.53
bgp 527 ( 0.00%) 103076 ( 0.00%) 195.59
napster 30 ( 0.00%) 3841 ( 0.00%) 128.03
realaud 5 ( 0.00%) 685 ( 0.00%) 137.00
icecast 14559 ( 0.08%) 5465141 ( 0.04%) 375.38
hotline 5 ( 0.00%) 677 ( 0.00%) 135.40
other 4305248 ( 24.90%) 3718380657 ( 26.99%) 863.69
udp 2222294 ( 12.85%) 1539284569 ( 11.17%) 692.66
dns 1081063 ( 6.25%) 836727576 ( 6.07%) 773.99
realaud 18 ( 0.00%) 1273 ( 0.00%) 70.72
halflif 25 ( 0.00%) 2003 ( 0.00%) 80.12
starcra 52 ( 0.00%) 6512 ( 0.00%) 125.23
everque 9016 ( 0.05%) 7944640 ( 0.06%) 881.17
unreal 11 ( 0.00%) 2203 ( 0.00%) 200.27
quake 9 ( 0.00%) 736 ( 0.00%) 81.78
other 1131862 ( 6.55%) 694355468 ( 5.04%) 613.46
icmp 563146 ( 3.26%) 91657211 ( 0.67%) 162.76
ipip 184 ( 0.00%) 19160 ( 0.00%) 104.13
ipsec 58700 ( 0.34%) 38303360 ( 0.28%) 652.53
ip6 501561 ( 2.90%) 346316490 ( 2.51%) 690.48
pim 76 ( 0.00%) 4560 ( 0.00%) 60.00
other 50859 ( 0.29%) 14322056 ( 0.10%) 281.60
frag 673105 ( 3.89%) 736999695 ( 5.35%) 1094.93
ip6 1237669 ( 7.16%) 1023466463 ( 7.43%) 826.93
tcp6 937549 ( 5.42%) 759975392 ( 5.52%) 810.60
http(s) 570486 ( 3.30%) 566873684 ( 4.12%) 993.67
http(c) 199837 ( 1.16%) 23832273 ( 0.17%) 119.26
smtp 105 ( 0.00%) 36721 ( 0.00%) 349.72
ftp 66 ( 0.00%) 5876 ( 0.00%) 89.03
ssh 12 ( 0.00%) 1008 ( 0.00%) 84.00
dns 346 ( 0.00%) 43957 ( 0.00%) 127.04
bgp 107 ( 0.00%) 41692 ( 0.00%) 389.64
icecast 25 ( 0.00%) 2896 ( 0.00%) 115.84
other 166565 ( 0.96%) 169137285 ( 1.23%) 1015.44
udp6 67198 ( 0.39%) 24053984 ( 0.17%) 357.96
dns 36857 ( 0.21%) 11739144 ( 0.09%) 318.51
halflif 1 ( 0.00%) 95 ( 0.00%) 95.00
everque 12 ( 0.00%) 2315 ( 0.00%) 192.92
quake 2 ( 0.00%) 215 ( 0.00%) 107.50
other 30326 ( 0.18%) 12312215 ( 0.09%) 406.00
icmp6 38012 ( 0.22%) 4097854 ( 0.03%) 107.80
ip6 84 ( 0.00%) 11412 ( 0.00%) 135.86
pim6 31 ( 0.00%) 4216 ( 0.00%) 136.00
other6 194795 ( 1.13%) 235323605 ( 1.71%) 1208.06
tcpdump file: 201301021400.dump.gz (389.39 MB)