Traffic Trace Info
DumpFile: 201301241400.dump
FileSize: 1717.20MB
Id: 201301241400
StartTime: Thu Jan 24 14:00:00 2013
EndTime: Thu Jan 24 14:15:00 2013
TotalTime: 900.09 seconds
TotalCapSize: 1350.30MB CapLen: 96 bytes
# of packets: 24044820 (16333.10MB)
AvgRate: 152.25Mbps stddev:26.00M
IP flow (unique src/dst pair) Information
# of flows: 1856840 (avg. 12.95 pkts/flow)
Top 10 big flow size (bytes/total in %):
2.3% 2.2% 1.8% 1.7% 1.5% 1.3% 1.2% 0.8% 0.8% 0.8%
IP address Information
# of IPv4 addresses: 1389125
Top 10 bandwidth usage (bytes/total in %):
8.5% 5.6% 4.6% 3.7% 3.4% 2.8% 2.7% 2.6% 2.6% 2.5%
# of IPv6 addresses: 13163
Top 10 bandwidth usage (bytes/total in %):
21.3% 6.9% 6.5% 6.3% 4.9% 4.8% 4.6% 3.7% 3.5% 3.5%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201301241400.pktlen.png)
detailed numbers
[ 32- 63]: 3992742
[ 64- 127]: 6724502
[ 128- 255]: 823856
[ 256- 511]: 1033972
[ 512- 1023]: 1010965
[ 1024- 2047]: 10458783
Protocol Breakdown
![[protocol breakdown chart]](201301241400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 24044820 (100.00%) 17126496314 (100.00%) 712.27
ip 22320059 ( 92.83%) 15462354870 ( 90.28%) 692.76
tcp 16819708 ( 69.95%) 13219281844 ( 77.19%) 785.94
http(s) 8258805 ( 34.35%) 9814744590 ( 57.31%) 1188.40
http(c) 5405863 ( 22.48%) 1149185770 ( 6.71%) 212.58
squid 51621 ( 0.21%) 37017473 ( 0.22%) 717.10
smtp 54441 ( 0.23%) 17759660 ( 0.10%) 326.22
nntp 138 ( 0.00%) 8334 ( 0.00%) 60.39
ftp 5860 ( 0.02%) 422994 ( 0.00%) 72.18
pop3 8468 ( 0.04%) 6589845 ( 0.04%) 778.21
imap 18568 ( 0.08%) 17255073 ( 0.10%) 929.29
telnet 40273 ( 0.17%) 4455627 ( 0.03%) 110.64
ssh 17982 ( 0.07%) 3762663 ( 0.02%) 209.25
dns 18009 ( 0.07%) 2995525 ( 0.02%) 166.33
bgp 558 ( 0.00%) 119573 ( 0.00%) 214.29
napster 22 ( 0.00%) 2439 ( 0.00%) 110.86
realaud 71 ( 0.00%) 49399 ( 0.00%) 695.76
icecast 11657 ( 0.05%) 7052346 ( 0.04%) 604.99
hotline 24 ( 0.00%) 3479 ( 0.00%) 144.96
other 2927348 ( 12.17%) 2157857054 ( 12.60%) 737.14
udp 3013178 ( 12.53%) 1744210014 ( 10.18%) 578.86
dns 1153200 ( 4.80%) 653885723 ( 3.82%) 567.02
rip 15 ( 0.00%) 1050 ( 0.00%) 70.00
realaud 20 ( 0.00%) 1356 ( 0.00%) 67.80
halflif 15 ( 0.00%) 1416 ( 0.00%) 94.40
starcra 53 ( 0.00%) 5308 ( 0.00%) 100.15
everque 21322 ( 0.09%) 18494207 ( 0.11%) 867.38
unreal 31 ( 0.00%) 9342 ( 0.00%) 301.35
quake 25 ( 0.00%) 2668 ( 0.00%) 106.72
cuseeme 24 ( 0.00%) 1440 ( 0.00%) 60.00
other 1838253 ( 7.65%) 1071613389 ( 6.26%) 582.95
icmp 1611010 ( 6.70%) 169761855 ( 0.99%) 105.38
ipip 185 ( 0.00%) 19270 ( 0.00%) 104.16
ipsec 254458 ( 1.06%) 38072660 ( 0.22%) 149.62
ip6 571019 ( 2.37%) 276757696 ( 1.62%) 484.67
other 50501 ( 0.21%) 14251531 ( 0.08%) 282.20
frag 459116 ( 1.91%) 538606950 ( 3.14%) 1173.14
ip6 1724761 ( 7.17%) 1664141444 ( 9.72%) 964.85
tcp6 1127348 ( 4.69%) 1059264292 ( 6.18%) 939.61
http(s) 1004899 ( 4.18%) 997917685 ( 5.83%) 993.05
http(c) 56321 ( 0.23%) 8341726 ( 0.05%) 148.11
smtp 162 ( 0.00%) 76694 ( 0.00%) 473.42
ftp 781 ( 0.00%) 69302 ( 0.00%) 88.73
ssh 53 ( 0.00%) 5638 ( 0.00%) 106.38
dns 360 ( 0.00%) 72448 ( 0.00%) 201.24
bgp 95 ( 0.00%) 26739 ( 0.00%) 281.46
other 64677 ( 0.27%) 52754060 ( 0.31%) 815.65
udp6 135483 ( 0.56%) 77677993 ( 0.45%) 573.34
dns 69863 ( 0.29%) 22332297 ( 0.13%) 319.66
realaud 1 ( 0.00%) 108 ( 0.00%) 108.00
halflif 1 ( 0.00%) 114 ( 0.00%) 114.00
quake 9 ( 0.00%) 828 ( 0.00%) 92.00
other 65609 ( 0.27%) 55344646 ( 0.32%) 843.55
icmp6 29160 ( 0.12%) 3845363 ( 0.02%) 131.87
ip6 86 ( 0.00%) 11648 ( 0.00%) 135.44
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 432654 ( 1.80%) 523338068 ( 3.06%) 1209.60
tcpdump file: 201301241400.dump.gz (559.43 MB)