Traffic Trace Info
DumpFile: 201303101400.dump
FileSize: 1701.07MB
Id: 201303101400
StartTime: Sun Mar 10 14:00:00 2013
EndTime: Sun Mar 10 14:15:00 2013
TotalTime: 900.01 seconds
TotalCapSize: 1343.39MB CapLen: 96 bytes
# of packets: 23440966 (15829.75MB)
AvgRate: 147.50Mbps stddev:38.89M
IP flow (unique src/dst pair) Information
# of flows: 1622586 (avg. 14.45 pkts/flow)
Top 10 big flow size (bytes/total in %):
11.0% 5.8% 5.7% 3.4% 2.3% 2.2% 2.1% 1.8% 1.7% 1.3%
IP address Information
# of IPv4 addresses: 1295126
Top 10 bandwidth usage (bytes/total in %):
23.1% 12.3% 11.6% 6.6% 6.6% 6.3% 6.3% 3.8% 3.8% 3.1%
# of IPv6 addresses: 11631
Top 10 bandwidth usage (bytes/total in %):
8.7% 8.3% 5.9% 5.8% 4.5% 4.4% 4.4% 3.9% 3.9% 3.2%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201303101400.pktlen.png)
detailed numbers
[ 32- 63]: 3689259
[ 64- 127]: 7623533
[ 128- 255]: 730673
[ 256- 511]: 620635
[ 512- 1023]: 481359
[ 1024- 2047]: 10295507
Protocol Breakdown
![[protocol breakdown chart]](201303101400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 23440966 (100.00%) 16598700275 (100.00%) 708.11
ip 21780551 ( 92.92%) 14983886187 ( 90.27%) 687.95
tcp 17602112 ( 75.09%) 13903756581 ( 83.76%) 789.89
http(s) 7378247 ( 31.48%) 9320120511 ( 56.15%) 1263.19
http(c) 6043890 ( 25.78%) 1474886790 ( 8.89%) 244.03
squid 94840 ( 0.40%) 87330284 ( 0.53%) 920.82
smtp 48197 ( 0.21%) 18652375 ( 0.11%) 387.00
ftp 33789 ( 0.14%) 29016422 ( 0.17%) 858.75
pop3 2452 ( 0.01%) 783637 ( 0.00%) 319.59
imap 1859 ( 0.01%) 173194 ( 0.00%) 93.17
telnet 11684 ( 0.05%) 2345873 ( 0.01%) 200.78
ssh 1646515 ( 7.02%) 1172823063 ( 7.07%) 712.31
dns 4136 ( 0.02%) 2540548 ( 0.02%) 614.25
bgp 502 ( 0.00%) 100093 ( 0.00%) 199.39
napster 18 ( 0.00%) 1630 ( 0.00%) 90.56
realaud 6 ( 0.00%) 414 ( 0.00%) 69.00
rtsp 5 ( 0.00%) 310 ( 0.00%) 62.00
icecast 157 ( 0.00%) 12799 ( 0.00%) 81.52
hotline 4 ( 0.00%) 248 ( 0.00%) 62.00
other 2335808 ( 9.96%) 1794968210 ( 10.81%) 768.46
udp 2120972 ( 9.05%) 784792849 ( 4.73%) 370.02
dns 744058 ( 3.17%) 154616344 ( 0.93%) 207.80
realaud 9 ( 0.00%) 609 ( 0.00%) 67.67
halflif 175 ( 0.00%) 26879 ( 0.00%) 153.59
starcra 10 ( 0.00%) 1133 ( 0.00%) 113.30
everque 155 ( 0.00%) 31196 ( 0.00%) 201.26
unreal 14 ( 0.00%) 2197 ( 0.00%) 156.93
quake 24 ( 0.00%) 1973 ( 0.00%) 82.21
cuseeme 65 ( 0.00%) 5214 ( 0.00%) 80.22
other 1375788 ( 5.87%) 629278514 ( 3.79%) 457.39
icmp 1553832 ( 6.63%) 166439423 ( 1.00%) 107.12
ipip 186 ( 0.00%) 19380 ( 0.00%) 104.19
ipsec 16038 ( 0.07%) 6255924 ( 0.04%) 390.07
ip6 442189 ( 1.89%) 115316447 ( 0.69%) 260.79
other 45222 ( 0.19%) 7305583 ( 0.04%) 161.55
frag 29082 ( 0.12%) 39377181 ( 0.24%) 1354.01
ip6 1660415 ( 7.08%) 1614814088 ( 9.73%) 972.54
tcp6 1184138 ( 5.05%) 1155893303 ( 6.96%) 976.15
http(s) 848197 ( 3.62%) 982416537 ( 5.92%) 1158.24
http(c) 146264 ( 0.62%) 17084984 ( 0.10%) 116.81
smtp 184 ( 0.00%) 85619 ( 0.00%) 465.32
ftp 90 ( 0.00%) 8011 ( 0.00%) 89.01
dns 400 ( 0.00%) 166132 ( 0.00%) 415.33
bgp 91 ( 0.00%) 22805 ( 0.00%) 250.60
other 188912 ( 0.81%) 156109215 ( 0.94%) 826.36
udp6 196983 ( 0.84%) 150025275 ( 0.90%) 761.62
dns 59227 ( 0.25%) 20536966 ( 0.12%) 346.75
starcra 1 ( 0.00%) 116 ( 0.00%) 116.00
everque 1 ( 0.00%) 90 ( 0.00%) 90.00
quake 1 ( 0.00%) 119 ( 0.00%) 119.00
other 137753 ( 0.59%) 129487984 ( 0.78%) 940.00
icmp6 26578 ( 0.11%) 2628509 ( 0.02%) 98.90
pim6 31 ( 0.00%) 4216 ( 0.00%) 136.00
other6 252685 ( 1.08%) 306262785 ( 1.85%) 1212.03
tcpdump file: 201303101400.dump.gz (540.64 MB)