Traffic Trace Info
DumpFile: 201203300330.dump
FileSize: 2042.43MB
Id: 201203300330
StartTime: Fri Mar 30 03:30:00 2012
EndTime: Fri Mar 30 03:45:01 2012
TotalTime: 900.62 seconds
TotalCapSize: 1613.98MB CapLen: 96 bytes
# of packets: 28078324 (21494.36MB)
AvgRate: 200.18Mbps stddev:29.36M
IP flow (unique src/dst pair) Information
# of flows: 2011915 (avg. 13.96 pkts/flow)
Top 10 big flow size (bytes/total in %):
4.4% 4.0% 3.2% 3.0% 2.8% 2.0% 2.0% 1.7% 1.6% 1.2%
IP address Information
# of IPv4 addresses: 1538318
Top 10 bandwidth usage (bytes/total in %):
14.6% 13.2% 7.0% 6.2% 5.3% 4.8% 4.6% 4.6% 4.0% 3.8%
# of IPv6 addresses: 6135
Top 10 bandwidth usage (bytes/total in %):
43.2% 43.2% 15.2% 9.6% 9.3% 9.2% 9.2% 5.2% 4.5% 4.0%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201203300330.pktlen.png)
detailed numbers
[ 32- 63]: 4593364
[ 64- 127]: 6510257
[ 128- 255]: 1300583
[ 256- 511]: 870224
[ 512- 1023]: 750328
[ 1024- 2047]: 14053568
Protocol Breakdown
![[protocol breakdown chart]](201203300330.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 28078324 (100.00%) 22538466176 (100.00%) 802.70
ip 27855868 ( 99.21%) 22469362924 ( 99.69%) 806.63
tcp 21854318 ( 77.83%) 19821935928 ( 87.95%) 907.00
http(s) 9195828 ( 32.75%) 12826423512 ( 56.91%) 1394.81
http(c) 5412674 ( 19.28%) 1407022326 ( 6.24%) 259.95
squid 1368763 ( 4.87%) 1370137304 ( 6.08%) 1001.00
smtp 35643 ( 0.13%) 9024507 ( 0.04%) 253.19
nntp 6 ( 0.00%) 374 ( 0.00%) 62.33
ftp 6562 ( 0.02%) 685232 ( 0.00%) 104.42
pop3 1006 ( 0.00%) 158212 ( 0.00%) 157.27
imap 1062 ( 0.00%) 176311 ( 0.00%) 166.02
telnet 2265 ( 0.01%) 156944 ( 0.00%) 69.29
ssh 310234 ( 1.10%) 46272834 ( 0.21%) 149.15
dns 3017 ( 0.01%) 790392 ( 0.00%) 261.98
bgp 636 ( 0.00%) 106214 ( 0.00%) 167.00
napster 35 ( 0.00%) 2842 ( 0.00%) 81.20
realaud 19 ( 0.00%) 1985 ( 0.00%) 104.47
icecast 1257 ( 0.00%) 560611 ( 0.00%) 445.99
hotline 27 ( 0.00%) 2633 ( 0.00%) 97.52
other 5515284 ( 19.64%) 4160413695 ( 18.46%) 754.34
udp 3024285 ( 10.77%) 1465524470 ( 6.50%) 484.59
dns 309293 ( 1.10%) 63362511 ( 0.28%) 204.86
realaud 9 ( 0.00%) 1667 ( 0.00%) 185.22
halflif 62 ( 0.00%) 7220 ( 0.00%) 116.45
starcra 29 ( 0.00%) 2422 ( 0.00%) 83.52
everque 423 ( 0.00%) 109977 ( 0.00%) 259.99
unreal 160 ( 0.00%) 74073 ( 0.00%) 462.96
quake 2 ( 0.00%) 167 ( 0.00%) 83.50
cuseeme 3 ( 0.00%) 545 ( 0.00%) 181.67
other 2708181 ( 9.65%) 1401293915 ( 6.22%) 517.43
icmp 1774523 ( 6.32%) 183748395 ( 0.82%) 103.55
ipip 185 ( 0.00%) 19270 ( 0.00%) 104.16
ipsec 13680 ( 0.05%) 5794544 ( 0.03%) 423.58
ip6 1165609 ( 4.15%) 986626632 ( 4.38%) 846.45
pim 247 ( 0.00%) 14820 ( 0.00%) 60.00
other 23021 ( 0.08%) 5698865 ( 0.03%) 247.55
frag 13051 ( 0.05%) 9997847 ( 0.04%) 766.06
ip6 222456 ( 0.79%) 69103252 ( 0.31%) 310.64
tcp6 153998 ( 0.55%) 55895231 ( 0.25%) 362.96
http(s) 1836 ( 0.01%) 1693786 ( 0.01%) 922.54
http(c) 19896 ( 0.07%) 1700476 ( 0.01%) 85.47
smtp 178 ( 0.00%) 104287 ( 0.00%) 585.88
ftp 7408 ( 0.03%) 732947 ( 0.00%) 98.94
dns 298 ( 0.00%) 59595 ( 0.00%) 199.98
bgp 92 ( 0.00%) 14679 ( 0.00%) 159.55
other 124290 ( 0.44%) 51589461 ( 0.23%) 415.07
udp6 37209 ( 0.13%) 8971057 ( 0.04%) 241.10
dns 35031 ( 0.12%) 8618056 ( 0.04%) 246.01
quake 1 ( 0.00%) 106 ( 0.00%) 106.00
other 2177 ( 0.01%) 352895 ( 0.00%) 162.10
icmp6 30758 ( 0.11%) 3824381 ( 0.02%) 124.34
ip6 87 ( 0.00%) 11816 ( 0.00%) 135.82
pim6 31 ( 0.00%) 4216 ( 0.00%) 136.00
other6 373 ( 0.00%) 396551 ( 0.00%) 1063.14
tcpdump file: 201203300330.dump.gz (662.86 MB)