Traffic Trace Info
DumpFile: 201303261400.dump
FileSize: 2107.67MB
Id: 201303261400
StartTime: Tue Mar 26 14:00:01 2013
EndTime: Tue Mar 26 14:15:01 2013
TotalTime: 899.97 seconds
TotalCapSize: 1649.12MB CapLen: 96 bytes
# of packets: 30050829 (22430.28MB)
AvgRate: 209.05Mbps stddev:34.49M
IP flow (unique src/dst pair) Information
# of flows: 1934983 (avg. 15.53 pkts/flow)
Top 10 big flow size (bytes/total in %):
15.2% 2.3% 2.1% 1.8% 1.8% 1.7% 1.7% 1.4% 1.3% 1.2%
IP address Information
# of IPv4 addresses: 1430010
Top 10 bandwidth usage (bytes/total in %):
23.7% 16.5% 10.7% 8.2% 6.1% 2.5% 2.3% 2.2% 1.9% 1.9%
# of IPv6 addresses: 15780
Top 10 bandwidth usage (bytes/total in %):
13.3% 13.2% 11.1% 4.9% 3.5% 3.2% 3.2% 3.1% 2.2% 2.1%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201303261400.pktlen.png)
detailed numbers
[ 32- 63]: 6869156
[ 64- 127]: 5727861
[ 128- 255]: 924700
[ 256- 511]: 841118
[ 512- 1023]: 1085099
[ 1024- 2047]: 14602895
Protocol Breakdown
![[protocol breakdown chart]](201303261400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 30050829 (100.00%) 23519853363 (100.00%) 782.67
ip 28152323 ( 93.68%) 21886956043 ( 93.06%) 777.45
tcp 22738440 ( 75.67%) 20126665138 ( 85.57%) 885.14
http(s) 12609122 ( 41.96%) 16593048979 ( 70.55%) 1315.96
http(c) 7970987 ( 26.53%) 2153470123 ( 9.16%) 270.16
squid 83321 ( 0.28%) 59220450 ( 0.25%) 710.75
smtp 70496 ( 0.23%) 31187080 ( 0.13%) 442.40
ftp 40351 ( 0.13%) 16252586 ( 0.07%) 402.78
pop3 6232 ( 0.02%) 3600301 ( 0.02%) 577.71
imap 3304 ( 0.01%) 584872 ( 0.00%) 177.02
telnet 1965 ( 0.01%) 129038 ( 0.00%) 65.67
ssh 157631 ( 0.52%) 13749142 ( 0.06%) 87.22
dns 3977 ( 0.01%) 2453866 ( 0.01%) 617.01
bgp 644 ( 0.00%) 220920 ( 0.00%) 343.04
napster 5 ( 0.00%) 328 ( 0.00%) 65.60
realaud 3 ( 0.00%) 184 ( 0.00%) 61.33
rtsp 1 ( 0.00%) 60 ( 0.00%) 60.00
icecast 19114 ( 0.06%) 17279971 ( 0.07%) 904.05
hotline 1 ( 0.00%) 60 ( 0.00%) 60.00
other 1771286 ( 5.89%) 1235467178 ( 5.25%) 697.50
udp 2885297 ( 9.60%) 1376063823 ( 5.85%) 476.92
dns 1001041 ( 3.33%) 378324192 ( 1.61%) 377.93
realaud 3 ( 0.00%) 516 ( 0.00%) 172.00
halflif 17 ( 0.00%) 2591 ( 0.00%) 152.41
starcra 13 ( 0.00%) 1518 ( 0.00%) 116.77
everque 44 ( 0.00%) 7366 ( 0.00%) 167.41
unreal 12 ( 0.00%) 1456 ( 0.00%) 121.33
quake 21 ( 0.00%) 2996 ( 0.00%) 142.67
cuseeme 17 ( 0.00%) 1508 ( 0.00%) 88.71
other 1883483 ( 6.27%) 997378193 ( 4.24%) 529.54
icmp 2100013 ( 6.99%) 190302334 ( 0.81%) 90.62
ipip 185 ( 0.00%) 19270 ( 0.00%) 104.16
ipsec 34772 ( 0.12%) 11635876 ( 0.05%) 334.63
ip6 298425 ( 0.99%) 127278967 ( 0.54%) 426.50
other 95191 ( 0.32%) 54990635 ( 0.23%) 577.69
frag 204148 ( 0.68%) 253377696 ( 1.08%) 1241.15
ip6 1898506 ( 6.32%) 1632897320 ( 6.94%) 860.10
tcp6 1609872 ( 5.36%) 1414093552 ( 6.01%) 878.39
http(s) 1135640 ( 3.78%) 1252799064 ( 5.33%) 1103.17
http(c) 308222 ( 1.03%) 35374695 ( 0.15%) 114.77
smtp 81 ( 0.00%) 47742 ( 0.00%) 589.41
ftp 91 ( 0.00%) 8105 ( 0.00%) 89.07
ssh 2 ( 0.00%) 160 ( 0.00%) 80.00
dns 618 ( 0.00%) 392115 ( 0.00%) 634.49
bgp 108 ( 0.00%) 31528 ( 0.00%) 291.93
other 165110 ( 0.55%) 125440143 ( 0.53%) 759.74
udp6 143136 ( 0.48%) 79484670 ( 0.34%) 555.31
dns 79922 ( 0.27%) 25971144 ( 0.11%) 324.96
everque 1 ( 0.00%) 90 ( 0.00%) 90.00
unreal 1 ( 0.00%) 102 ( 0.00%) 102.00
other 63212 ( 0.21%) 53513334 ( 0.23%) 846.57
icmp6 31081 ( 0.10%) 2771914 ( 0.01%) 89.18
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 114387 ( 0.38%) 136543104 ( 0.58%) 1193.69
tcpdump file: 201303261400.dump.gz (662.80 MB)