Traffic Trace Info
DumpFile: 201303091400.dump
FileSize: 1509.13MB
Id: 201303091400
StartTime: Sat Mar 9 14:00:00 2013
EndTime: Sat Mar 9 14:15:01 2013
TotalTime: 900.49 seconds
TotalCapSize: 1191.70MB CapLen: 96 bytes
# of packets: 20803168 (13433.12MB)
AvgRate: 125.13Mbps stddev:25.09M
IP flow (unique src/dst pair) Information
# of flows: 1814245 (avg. 11.47 pkts/flow)
Top 10 big flow size (bytes/total in %):
5.3% 5.0% 2.8% 2.5% 2.5% 2.4% 2.2% 1.3% 1.3% 1.2%
IP address Information
# of IPv4 addresses: 1380138
Top 10 bandwidth usage (bytes/total in %):
20.2% 9.1% 6.0% 6.0% 5.8% 3.1% 3.1% 2.9% 2.9% 2.8%
# of IPv6 addresses: 8853
Top 10 bandwidth usage (bytes/total in %):
22.6% 22.6% 3.5% 3.4% 3.3% 3.2% 3.1% 3.0% 3.0% 2.6%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201303091400.pktlen.png)
detailed numbers
[ 32- 63]: 3588009
[ 64- 127]: 6610489
[ 128- 255]: 769751
[ 256- 511]: 590861
[ 512- 1023]: 623536
[ 1024- 2047]: 8620522
Protocol Breakdown
![[protocol breakdown chart]](201303091400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 20803168 (100.00%) 14085648840 (100.00%) 677.09
ip 19174583 ( 92.17%) 12608487854 ( 89.51%) 657.56
tcp 15760344 ( 75.76%) 11530570726 ( 81.86%) 731.62
http(s) 6619400 ( 31.82%) 8086790345 ( 57.41%) 1221.68
http(c) 4544732 ( 21.85%) 1155362787 ( 8.20%) 254.22
squid 13624 ( 0.07%) 5109574 ( 0.04%) 375.04
smtp 30351 ( 0.15%) 8656561 ( 0.06%) 285.22
ftp 44018 ( 0.21%) 32476217 ( 0.23%) 737.79
pop3 3534 ( 0.02%) 1278386 ( 0.01%) 361.74
imap 4084 ( 0.02%) 668751 ( 0.00%) 163.75
telnet 3606 ( 0.02%) 1749345 ( 0.01%) 485.12
ssh 1558369 ( 7.49%) 242616198 ( 1.72%) 155.69
dns 2854 ( 0.01%) 2227291 ( 0.02%) 780.41
bgp 490 ( 0.00%) 89285 ( 0.00%) 182.21
napster 1078 ( 0.01%) 69801 ( 0.00%) 64.75
realaud 36 ( 0.00%) 3758 ( 0.00%) 104.39
rtsp 3 ( 0.00%) 180 ( 0.00%) 60.00
icecast 9305 ( 0.04%) 6235848 ( 0.04%) 670.16
hotline 42 ( 0.00%) 5255 ( 0.00%) 125.12
other 2924817 ( 14.06%) 1987231084 ( 14.11%) 679.44
udp 1844544 ( 8.87%) 915546018 ( 6.50%) 496.35
dns 508989 ( 2.45%) 154569746 ( 1.10%) 303.68
realaud 33 ( 0.00%) 2459 ( 0.00%) 74.52
halflif 13 ( 0.00%) 1500 ( 0.00%) 115.38
starcra 54 ( 0.00%) 6416 ( 0.00%) 118.81
everque 26 ( 0.00%) 5519 ( 0.00%) 212.27
unreal 30 ( 0.00%) 2960 ( 0.00%) 98.67
quake 9 ( 0.00%) 1025 ( 0.00%) 113.89
cuseeme 3 ( 0.00%) 328 ( 0.00%) 109.33
other 1333829 ( 6.41%) 759052636 ( 5.39%) 569.08
icmp 1463916 ( 7.04%) 131005853 ( 0.93%) 89.49
ipip 184 ( 0.00%) 19160 ( 0.00%) 104.13
ipsec 22142 ( 0.11%) 7813868 ( 0.06%) 352.90
ip6 40668 ( 0.20%) 16498358 ( 0.12%) 405.68
other 42785 ( 0.21%) 7033871 ( 0.05%) 164.40
frag 44644 ( 0.21%) 60642206 ( 0.43%) 1358.35
ip6 1628583 ( 7.83%) 1477160866 ( 10.49%) 907.02
tcp6 1210049 ( 5.82%) 1051099358 ( 7.46%) 868.64
http(s) 578454 ( 2.78%) 594165071 ( 4.22%) 1027.16
http(c) 258671 ( 1.24%) 30446644 ( 0.22%) 117.70
smtp 75 ( 0.00%) 26834 ( 0.00%) 357.79
ftp 128 ( 0.00%) 11692 ( 0.00%) 91.34
dns 1174 ( 0.01%) 589538 ( 0.00%) 502.16
bgp 106 ( 0.00%) 26696 ( 0.00%) 251.85
other 371441 ( 1.79%) 425832883 ( 3.02%) 1146.43
udp6 144448 ( 0.69%) 115890034 ( 0.82%) 802.30
dns 59726 ( 0.29%) 21115739 ( 0.15%) 353.54
halflif 1 ( 0.00%) 112 ( 0.00%) 112.00
quake 1 ( 0.00%) 96 ( 0.00%) 96.00
other 84720 ( 0.41%) 94774087 ( 0.67%) 1118.67
icmp6 18026 ( 0.09%) 2214299 ( 0.02%) 122.84
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 256030 ( 1.23%) 307953095 ( 2.19%) 1202.80
tcpdump file: 201303091400.dump.gz (493.77 MB)