Traffic Trace Info
DumpFile: 201301161400.dump
FileSize: 1939.17MB
Id: 201301161400
StartTime: Wed Jan 16 14:00:00 2013
EndTime: Wed Jan 16 14:15:00 2013
TotalTime: 899.87 seconds
TotalCapSize: 1537.83MB CapLen: 96 bytes
# of packets: 26301845 (18218.88MB)
AvgRate: 169.86Mbps stddev:30.39M
IP flow (unique src/dst pair) Information
# of flows: 1780207 (avg. 14.77 pkts/flow)
Top 10 big flow size (bytes/total in %):
4.8% 3.1% 3.0% 2.7% 1.9% 1.7% 1.2% 1.0% 0.9% 0.8%
IP address Information
# of IPv4 addresses: 1338857
Top 10 bandwidth usage (bytes/total in %):
8.9% 6.7% 5.5% 5.4% 5.4% 4.4% 3.4% 3.4% 3.4% 3.1%
# of IPv6 addresses: 11274
Top 10 bandwidth usage (bytes/total in %):
9.0% 4.6% 4.6% 3.7% 3.3% 3.2% 2.7% 2.5% 2.3% 2.3%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201301161400.pktlen.png)
detailed numbers
[ 32- 63]: 4076298
[ 64- 127]: 7759302
[ 128- 255]: 773883
[ 256- 511]: 1045871
[ 512- 1023]: 901700
[ 1024- 2047]: 11744791
Protocol Breakdown
![[protocol breakdown chart]](201301161400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 26301845 (100.00%) 19103884458 (100.00%) 726.33
ip 24076764 ( 91.54%) 17240616244 ( 90.25%) 716.07
tcp 19714781 ( 74.96%) 15883589917 ( 83.14%) 805.67
http(s) 9942783 ( 37.80%) 12156480310 ( 63.63%) 1222.64
http(c) 7019544 ( 26.69%) 1827809583 ( 9.57%) 260.39
squid 47405 ( 0.18%) 10100354 ( 0.05%) 213.07
smtp 57321 ( 0.22%) 19097540 ( 0.10%) 333.17
nntp 118 ( 0.00%) 7080 ( 0.00%) 60.00
ftp 5303 ( 0.02%) 852939 ( 0.00%) 160.84
pop3 8345 ( 0.03%) 2538279 ( 0.01%) 304.17
imap 3275 ( 0.01%) 623397 ( 0.00%) 190.35
telnet 9342 ( 0.04%) 2172830 ( 0.01%) 232.59
ssh 99362 ( 0.38%) 15465521 ( 0.08%) 155.65
dns 3371 ( 0.01%) 2270467 ( 0.01%) 673.53
bgp 512 ( 0.00%) 102910 ( 0.00%) 201.00
napster 32 ( 0.00%) 4030 ( 0.00%) 125.94
realaud 7 ( 0.00%) 802 ( 0.00%) 114.57
icecast 46658 ( 0.18%) 39069446 ( 0.20%) 837.36
hotline 2 ( 0.00%) 126 ( 0.00%) 63.00
other 2471401 ( 9.40%) 1806994303 ( 9.46%) 731.16
udp 1858910 ( 7.07%) 772582483 ( 4.04%) 415.61
dns 927163 ( 3.53%) 367598715 ( 1.92%) 396.48
realaud 26 ( 0.00%) 1885 ( 0.00%) 72.50
halflif 47 ( 0.00%) 3978 ( 0.00%) 84.64
starcra 113 ( 0.00%) 12756 ( 0.00%) 112.88
everque 214 ( 0.00%) 30053 ( 0.00%) 140.43
unreal 2 ( 0.00%) 212 ( 0.00%) 106.00
quake 13 ( 0.00%) 1125 ( 0.00%) 86.54
cuseeme 3 ( 0.00%) 332 ( 0.00%) 110.67
other 930985 ( 3.54%) 404514324 ( 2.12%) 434.50
icmp 1652684 ( 6.28%) 161138136 ( 0.84%) 97.50
ipip 184 ( 0.00%) 19160 ( 0.00%) 104.13
ipsec 33401 ( 0.13%) 15167238 ( 0.08%) 454.10
ip6 754874 ( 2.87%) 375584296 ( 1.97%) 497.55
other 61930 ( 0.24%) 32535014 ( 0.17%) 525.35
frag 156945 ( 0.60%) 175237606 ( 0.92%) 1116.55
ip6 2225081 ( 8.46%) 1863268214 ( 9.75%) 837.39
tcp6 1650191 ( 6.27%) 1329135531 ( 6.96%) 805.44
http(s) 1136167 ( 4.32%) 1108321376 ( 5.80%) 975.49
http(c) 247099 ( 0.94%) 29287359 ( 0.15%) 118.52
squid 139 ( 0.00%) 12370 ( 0.00%) 88.99
smtp 60 ( 0.00%) 21905 ( 0.00%) 365.08
ftp 61 ( 0.00%) 7365 ( 0.00%) 120.74
ssh 11116 ( 0.04%) 14829242 ( 0.08%) 1334.04
dns 348 ( 0.00%) 77403 ( 0.00%) 222.42
bgp 107 ( 0.00%) 34679 ( 0.00%) 324.10
other 255094 ( 0.97%) 176543832 ( 0.92%) 692.07
udp6 202880 ( 0.77%) 117497070 ( 0.62%) 579.15
dns 69437 ( 0.26%) 21781673 ( 0.11%) 313.69
halflif 1 ( 0.00%) 101 ( 0.00%) 101.00
quake 1 ( 0.00%) 94 ( 0.00%) 94.00
cuseeme 1 ( 0.00%) 117 ( 0.00%) 117.00
other 133440 ( 0.51%) 95715085 ( 0.50%) 717.29
icmp6 28687 ( 0.11%) 3281015 ( 0.02%) 114.37
ip6 84 ( 0.00%) 11412 ( 0.00%) 135.86
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 343209 ( 1.30%) 413339106 ( 2.16%) 1204.34
tcpdump file: 201301161400.dump.gz (636.46 MB)