Traffic Trace Info
DumpFile: 201301101400.dump
FileSize: 2075.40MB
Id: 201301101400
StartTime: Thu Jan 10 14:00:00 2013
EndTime: Thu Jan 10 14:15:00 2013
TotalTime: 900.08 seconds
TotalCapSize: 1629.41MB CapLen: 96 bytes
# of packets: 29227853 (21813.63MB)
AvgRate: 203.33Mbps stddev:53.72M
IP flow (unique src/dst pair) Information
# of flows: 1693656 (avg. 17.26 pkts/flow)
Top 10 big flow size (bytes/total in %):
6.2% 3.3% 2.4% 1.8% 1.7% 1.2% 1.2% 0.8% 0.8% 0.8%
IP address Information
# of IPv4 addresses: 1314055
Top 10 bandwidth usage (bytes/total in %):
9.0% 8.6% 7.0% 6.7% 4.5% 3.8% 3.6% 3.5% 3.4% 3.2%
# of IPv6 addresses: 10108
Top 10 bandwidth usage (bytes/total in %):
21.7% 11.3% 8.8% 7.0% 6.5% 5.1% 4.7% 3.5% 3.4% 3.4%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201301101400.pktlen.png)
detailed numbers
[ 32- 63]: 4382068
[ 64- 127]: 7740241
[ 128- 255]: 810497
[ 256- 511]: 786028
[ 512- 1023]: 1301512
[ 1024- 2047]: 14207507
Protocol Breakdown
![[protocol breakdown chart]](201301101400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 29227853 (100.00%) 22873247947 (100.00%) 782.58
ip 27487403 ( 94.05%) 21180524438 ( 92.60%) 770.55
tcp 20545422 ( 70.29%) 17862257385 ( 78.09%) 869.40
http(s) 10959023 ( 37.50%) 13517484913 ( 59.10%) 1233.46
http(c) 5894769 ( 20.17%) 1793507655 ( 7.84%) 304.25
squid 19739 ( 0.07%) 8153289 ( 0.04%) 413.05
smtp 52874 ( 0.18%) 14809372 ( 0.06%) 280.09
nntp 107 ( 0.00%) 6420 ( 0.00%) 60.00
ftp 77341 ( 0.26%) 70908555 ( 0.31%) 916.83
pop3 6752 ( 0.02%) 3503612 ( 0.02%) 518.90
imap 2869 ( 0.01%) 353839 ( 0.00%) 123.33
telnet 5080 ( 0.02%) 1850857 ( 0.01%) 364.34
ssh 645835 ( 2.21%) 115372946 ( 0.50%) 178.64
dns 1438 ( 0.00%) 241113 ( 0.00%) 167.67
bgp 535 ( 0.00%) 124751 ( 0.00%) 233.18
napster 25 ( 0.00%) 3811 ( 0.00%) 152.44
realaud 26 ( 0.00%) 6978 ( 0.00%) 268.38
icecast 11255 ( 0.04%) 6082064 ( 0.03%) 540.39
hotline 11 ( 0.00%) 1187 ( 0.00%) 107.91
other 2867743 ( 9.81%) 2329846023 ( 10.19%) 812.43
udp 4914100 ( 16.81%) 2987780969 ( 13.06%) 608.00
dns 1638613 ( 5.61%) 788977901 ( 3.45%) 481.49
rip 15 ( 0.00%) 1050 ( 0.00%) 70.00
realaud 45 ( 0.00%) 3640 ( 0.00%) 80.89
halflif 42 ( 0.00%) 3114 ( 0.00%) 74.14
starcra 15 ( 0.00%) 1947 ( 0.00%) 129.80
everque 204 ( 0.00%) 30851 ( 0.00%) 151.23
unreal 6 ( 0.00%) 481 ( 0.00%) 80.17
quake 68 ( 0.00%) 6098 ( 0.00%) 89.68
cuseeme 2 ( 0.00%) 166 ( 0.00%) 83.00
other 3274422 ( 11.20%) 2198038951 ( 9.61%) 671.28
icmp 1493020 ( 5.11%) 133470877 ( 0.58%) 89.40
ipip 184 ( 0.00%) 19160 ( 0.00%) 104.13
ipsec 22743 ( 0.08%) 8111210 ( 0.04%) 356.65
ip6 467270 ( 1.60%) 175482950 ( 0.77%) 375.55
other 44664 ( 0.15%) 13401887 ( 0.06%) 300.06
frag 479949 ( 1.64%) 567718081 ( 2.48%) 1182.87
ip6 1740450 ( 5.95%) 1692723509 ( 7.40%) 972.58
tcp6 785241 ( 2.69%) 654206803 ( 2.86%) 833.13
http(s) 615299 ( 2.11%) 605358290 ( 2.65%) 983.84
http(c) 114339 ( 0.39%) 15815764 ( 0.07%) 138.32
smtp 37 ( 0.00%) 3405 ( 0.00%) 92.03
ftp 66 ( 0.00%) 5908 ( 0.00%) 89.52
ssh 12 ( 0.00%) 1008 ( 0.00%) 84.00
dns 273 ( 0.00%) 55605 ( 0.00%) 203.68
bgp 91 ( 0.00%) 28097 ( 0.00%) 308.76
other 55124 ( 0.19%) 32938726 ( 0.14%) 597.54
udp6 95211 ( 0.33%) 36797721 ( 0.16%) 386.49
dns 61353 ( 0.21%) 19317348 ( 0.08%) 314.86
other 33858 ( 0.12%) 17480373 ( 0.08%) 516.28
icmp6 26936 ( 0.09%) 2744668 ( 0.01%) 101.90
ip6 85 ( 0.00%) 11580 ( 0.00%) 136.24
pim6 31 ( 0.00%) 4216 ( 0.00%) 136.00
other6 832946 ( 2.85%) 998958521 ( 4.37%) 1199.31
tcpdump file: 201301101400.dump.gz (664.59 MB)