Traffic Trace Info
DumpFile: 201203300430.dump
FileSize: 1838.24MB
Id: 201203300430
StartTime: Fri Mar 30 04:30:00 2012
EndTime: Fri Mar 30 04:45:01 2012
TotalTime: 900.25 seconds
TotalCapSize: 1451.86MB CapLen: 96 bytes
# of packets: 25320778 (17984.26MB)
AvgRate: 167.57Mbps stddev:25.73M
IP flow (unique src/dst pair) Information
# of flows: 1947537 (avg. 13.00 pkts/flow)
Top 10 big flow size (bytes/total in %):
4.6% 3.9% 3.1% 2.0% 2.0% 1.8% 1.5% 1.4% 1.3% 1.3%
IP address Information
# of IPv4 addresses: 1494445
Top 10 bandwidth usage (bytes/total in %):
16.3% 9.1% 7.2% 6.7% 4.8% 4.8% 4.8% 4.7% 4.6% 4.3%
# of IPv6 addresses: 6211
Top 10 bandwidth usage (bytes/total in %):
86.9% 82.7% 8.6% 8.5% 1.4% 1.4% 0.7% 0.6% 0.6% 0.6%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201203300430.pktlen.png)
detailed numbers
[ 32- 63]: 4414215
[ 64- 127]: 6500331
[ 128- 255]: 1273859
[ 256- 511]: 822767
[ 512- 1023]: 573953
[ 1024- 2047]: 11735653
Protocol Breakdown
![[protocol breakdown chart]](201203300430.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 25320778 (100.00%) 18857859594 (100.00%) 744.76
ip 24829497 ( 98.06%) 18396393682 ( 97.55%) 740.91
tcp 18864342 ( 74.50%) 16023449296 ( 84.97%) 849.40
http(s) 6980277 ( 27.57%) 9515213299 ( 50.46%) 1363.16
http(c) 4856424 ( 19.18%) 1391378708 ( 7.38%) 286.50
squid 1418838 ( 5.60%) 1336564884 ( 7.09%) 942.01
smtp 40326 ( 0.16%) 9106557 ( 0.05%) 225.82
nntp 1 ( 0.00%) 60 ( 0.00%) 60.00
ftp 8327 ( 0.03%) 754059 ( 0.00%) 90.56
pop3 8530 ( 0.03%) 610227 ( 0.00%) 71.54
imap 916 ( 0.00%) 92445 ( 0.00%) 100.92
telnet 2142 ( 0.01%) 145006 ( 0.00%) 67.70
ssh 658363 ( 2.60%) 83319895 ( 0.44%) 126.56
dns 3029 ( 0.01%) 341292 ( 0.00%) 112.67
bgp 623 ( 0.00%) 103763 ( 0.00%) 166.55
napster 24 ( 0.00%) 1660 ( 0.00%) 69.17
realaud 10 ( 0.00%) 662 ( 0.00%) 66.20
rtsp 4 ( 0.00%) 240 ( 0.00%) 60.00
icecast 868 ( 0.00%) 557919 ( 0.00%) 642.76
other 4885640 ( 19.29%) 3685258620 ( 19.54%) 754.30
udp 2784265 ( 11.00%) 1238519843 ( 6.57%) 444.83
dns 290802 ( 1.15%) 60285716 ( 0.32%) 207.31
realaud 133 ( 0.00%) 11609 ( 0.00%) 87.29
halflif 41 ( 0.00%) 6093 ( 0.00%) 148.61
starcra 21 ( 0.00%) 2168 ( 0.00%) 103.24
everque 451 ( 0.00%) 82090 ( 0.00%) 182.02
unreal 154 ( 0.00%) 57373 ( 0.00%) 372.55
quake 19 ( 0.00%) 2542 ( 0.00%) 133.79
other 2492227 ( 9.84%) 1177976559 ( 6.25%) 472.66
icmp 1722467 ( 6.80%) 181237655 ( 0.96%) 105.22
ipip 184 ( 0.00%) 19160 ( 0.00%) 104.13
ipsec 22397 ( 0.09%) 10859502 ( 0.06%) 484.86
ip6 1417690 ( 5.60%) 939421791 ( 4.98%) 662.64
pim 188 ( 0.00%) 11280 ( 0.00%) 60.00
other 17964 ( 0.07%) 2875155 ( 0.02%) 160.05
frag 1654 ( 0.01%) 1321882 ( 0.01%) 799.20
ip6 491279 ( 1.94%) 461465792 ( 2.45%) 939.32
tcp6 422508 ( 1.67%) 447795979 ( 2.37%) 1059.85
http(s) 4297 ( 0.02%) 5285456 ( 0.03%) 1230.03
http(c) 18763 ( 0.07%) 1622995 ( 0.01%) 86.50
smtp 798 ( 0.00%) 273311 ( 0.00%) 342.49
ftp 2 ( 0.00%) 148 ( 0.00%) 74.00
dns 213 ( 0.00%) 49891 ( 0.00%) 234.23
bgp 90 ( 0.00%) 16056 ( 0.00%) 178.40
other 398345 ( 1.57%) 440548122 ( 2.34%) 1105.95
udp6 37722 ( 0.15%) 9322722 ( 0.05%) 247.14
dns 34989 ( 0.14%) 8551940 ( 0.05%) 244.42
starcra 1 ( 0.00%) 94 ( 0.00%) 94.00
everque 1 ( 0.00%) 108 ( 0.00%) 108.00
other 2731 ( 0.01%) 770580 ( 0.00%) 282.16
icmp6 30434 ( 0.12%) 3832668 ( 0.02%) 125.93
ip6 83 ( 0.00%) 11344 ( 0.00%) 136.67
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 502 ( 0.00%) 498999 ( 0.00%) 994.02
tcpdump file: 201203300430.dump.gz (600.51 MB)