Traffic Trace Info
DumpFile: 201305101400.dump
FileSize: 3262.68MB
Id: 201305101400
StartTime: Fri May 10 14:00:00 2013
EndTime: Fri May 10 14:15:01 2013
TotalTime: 900.36 seconds
TotalCapSize: -1564.79MB CapLen: 96 bytes
# of packets: 47936947 (24873.39MB)
AvgRate: 231.77Mbps stddev:49.77M
IP flow (unique src/dst pair) Information
# of flows: 16624190 (avg. 2.88 pkts/flow)
Top 10 big flow size (bytes/total in %):
8.5% 3.7% 3.7% 1.4% 1.3% 1.2% 1.1% 1.1% 1.1% 1.0%
IP address Information
# of IPv4 addresses: 13048632
Top 10 bandwidth usage (bytes/total in %):
15.1% 9.0% 8.4% 5.5% 5.3% 4.6% 3.9% 3.9% 3.9% 3.9%
# of IPv6 addresses: 10491
Top 10 bandwidth usage (bytes/total in %):
18.5% 9.2% 6.1% 5.7% 3.7% 3.2% 3.1% 3.1% 3.0% 2.9%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201305101400.pktlen.png)
detailed numbers
[ 32- 63]: 20572651
[ 64- 127]: 8653404
[ 128- 255]: 1077844
[ 256- 511]: 1117298
[ 512- 1023]: 1045078
[ 1024- 2047]: 15470672
Protocol Breakdown
![[protocol breakdown chart]](201305101400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 47936947 (100.00%) 26081643883 (100.00%) 544.08
ip 46253031 ( 96.49%) 24869797896 ( 95.35%) 537.69
tcp 25079376 ( 52.32%) 21768271746 ( 83.46%) 867.98
http(s) 14177897 ( 29.58%) 18120795667 ( 69.48%) 1278.10
http(c) 7833384 ( 16.34%) 2146077891 ( 8.23%) 273.97
squid 29218 ( 0.06%) 13885683 ( 0.05%) 475.24
smtp 68590 ( 0.14%) 16380905 ( 0.06%) 238.82
nntp 14 ( 0.00%) 840 ( 0.00%) 60.00
ftp 26091 ( 0.05%) 4338966 ( 0.02%) 166.30
pop3 6177 ( 0.01%) 4786473 ( 0.02%) 774.89
imap 4453 ( 0.01%) 992157 ( 0.00%) 222.81
telnet 1452 ( 0.00%) 98677 ( 0.00%) 67.96
ssh 634521 ( 1.32%) 273111682 ( 1.05%) 430.42
dns 13135 ( 0.03%) 953206 ( 0.00%) 72.57
bgp 516 ( 0.00%) 110788 ( 0.00%) 214.71
napster 130 ( 0.00%) 10466 ( 0.00%) 80.51
realaud 102 ( 0.00%) 8866 ( 0.00%) 86.92
icecast 6835 ( 0.01%) 5794490 ( 0.02%) 847.77
other 2276861 ( 4.75%) 1180924989 ( 4.53%) 518.66
udp 2686561 ( 5.60%) 980810711 ( 3.76%) 365.08
dns 1289513 ( 2.69%) 293606482 ( 1.13%) 227.69
rip 1 ( 0.00%) 107 ( 0.00%) 107.00
realaud 32 ( 0.00%) 3381 ( 0.00%) 105.66
halflif 25 ( 0.00%) 2628 ( 0.00%) 105.12
starcra 38 ( 0.00%) 4156 ( 0.00%) 109.37
everque 75 ( 0.00%) 20983 ( 0.00%) 279.77
unreal 93 ( 0.00%) 9827 ( 0.00%) 105.67
quake 137 ( 0.00%) 10720 ( 0.00%) 78.25
cuseeme 4 ( 0.00%) 395 ( 0.00%) 98.75
other 1394591 ( 2.91%) 685706372 ( 2.63%) 491.69
icmp 17526088 ( 36.56%) 1130315966 ( 4.33%) 64.49
ipip 185 ( 0.00%) 19270 ( 0.00%) 104.16
ipsec 19979 ( 0.04%) 5641914 ( 0.02%) 282.39
ip6 908413 ( 1.90%) 979037388 ( 3.75%) 1077.74
other 32429 ( 0.07%) 5700901 ( 0.02%) 175.80
frag 94464 ( 0.20%) 126756384 ( 0.49%) 1341.85
ip6 1683916 ( 3.51%) 1211845987 ( 4.65%) 719.66
tcp6 1433922 ( 2.99%) 1158933431 ( 4.44%) 808.23
http(s) 1027986 ( 2.14%) 1097774812 ( 4.21%) 1067.89
http(c) 361999 ( 0.76%) 31325486 ( 0.12%) 86.53
smtp 151 ( 0.00%) 69941 ( 0.00%) 463.19
ftp 1180 ( 0.00%) 114316 ( 0.00%) 96.88
ssh 72 ( 0.00%) 12450 ( 0.00%) 172.92
dns 520 ( 0.00%) 299321 ( 0.00%) 575.62
bgp 97 ( 0.00%) 19117 ( 0.00%) 197.08
other 41917 ( 0.09%) 29317988 ( 0.11%) 699.43
udp6 198452 ( 0.41%) 41087777 ( 0.16%) 207.04
dns 85339 ( 0.18%) 28683108 ( 0.11%) 336.11
halflif 1 ( 0.00%) 95 ( 0.00%) 95.00
quake 1 ( 0.00%) 111 ( 0.00%) 111.00
other 113111 ( 0.24%) 12404463 ( 0.05%) 109.67
icmp6 44867 ( 0.09%) 5390477 ( 0.02%) 120.14
pim6 31 ( 0.00%) 4216 ( 0.00%) 136.00
other6 6644 ( 0.01%) 6430086 ( 0.02%) 967.80
tcpdump file: 201305101400.dump.gz (1068.17 MB)