Traffic Trace Info
DumpFile: 201203300530.dump
FileSize: 1978.49MB
Id: 201203300530
StartTime: Fri Mar 30 05:30:00 2012
EndTime: Fri Mar 30 05:45:01 2012
TotalTime: 900.28 seconds
TotalCapSize: 1567.03MB CapLen: 96 bytes
# of packets: 26965031 (20312.34MB)
AvgRate: 189.26Mbps stddev:23.55M
IP flow (unique src/dst pair) Information
# of flows: 1800230 (avg. 14.98 pkts/flow)
Top 10 big flow size (bytes/total in %):
4.8% 4.4% 3.5% 2.4% 1.7% 1.7% 1.6% 1.6% 1.6% 1.5%
IP address Information
# of IPv4 addresses: 1433568
Top 10 bandwidth usage (bytes/total in %):
27.8% 14.2% 7.0% 5.3% 4.9% 4.8% 4.5% 3.6% 3.6% 3.1%
# of IPv6 addresses: 5780
Top 10 bandwidth usage (bytes/total in %):
26.0% 26.0% 20.4% 17.0% 14.4% 12.0% 12.0% 6.4% 5.3% 4.2%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201203300530.pktlen.png)
detailed numbers
[ 32- 63]: 4061210
[ 64- 127]: 6970075
[ 128- 255]: 1146390
[ 256- 511]: 799212
[ 512- 1023]: 647068
[ 1024- 2047]: 13341076
Protocol Breakdown
![[protocol breakdown chart]](201203300530.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 26965031 (100.00%) 21299035978 (100.00%) 789.88
ip 26758068 ( 99.23%) 21225172642 ( 99.65%) 793.23
tcp 21096095 ( 78.24%) 18929604316 ( 88.88%) 897.30
http(s) 7827444 ( 29.03%) 10980911975 ( 51.56%) 1402.87
http(c) 5616284 ( 20.83%) 1253557585 ( 5.89%) 223.20
squid 1352983 ( 5.02%) 1446001837 ( 6.79%) 1068.75
smtp 25383 ( 0.09%) 5271287 ( 0.02%) 207.67
nntp 18 ( 0.00%) 1122 ( 0.00%) 62.33
ftp 8512 ( 0.03%) 825348 ( 0.00%) 96.96
pop3 4754 ( 0.02%) 462000 ( 0.00%) 97.18
imap 1356 ( 0.01%) 123428 ( 0.00%) 91.02
telnet 1291 ( 0.00%) 87616 ( 0.00%) 67.87
ssh 432966 ( 1.61%) 54680762 ( 0.26%) 126.29
dns 2441 ( 0.01%) 285427 ( 0.00%) 116.93
bgp 659 ( 0.00%) 128007 ( 0.00%) 194.24
napster 18 ( 0.00%) 1234 ( 0.00%) 68.56
realaud 3 ( 0.00%) 184 ( 0.00%) 61.33
icecast 3522 ( 0.01%) 2928236 ( 0.01%) 831.41
hotline 2 ( 0.00%) 130 ( 0.00%) 65.00
other 5818459 ( 21.58%) 5184338138 ( 24.34%) 891.02
udp 2430698 ( 9.01%) 855077364 ( 4.01%) 351.78
dns 430623 ( 1.60%) 88046307 ( 0.41%) 204.46
rip 2 ( 0.00%) 142 ( 0.00%) 71.00
realaud 6 ( 0.00%) 741 ( 0.00%) 123.50
halflif 29 ( 0.00%) 4990 ( 0.00%) 172.07
starcra 15 ( 0.00%) 1279 ( 0.00%) 85.27
everque 320 ( 0.00%) 62307 ( 0.00%) 194.71
unreal 167 ( 0.00%) 72896 ( 0.00%) 436.50
quake 12 ( 0.00%) 1275 ( 0.00%) 106.25
cuseeme 1 ( 0.00%) 94 ( 0.00%) 94.00
other 1999211 ( 7.41%) 766835533 ( 3.60%) 383.57
icmp 1694519 ( 6.28%) 177697873 ( 0.83%) 104.87
ipip 185 ( 0.00%) 19270 ( 0.00%) 104.16
ipsec 31921 ( 0.12%) 23676726 ( 0.11%) 741.73
ip6 1488404 ( 5.52%) 1236555999 ( 5.81%) 830.79
pim 215 ( 0.00%) 12900 ( 0.00%) 60.00
other 16031 ( 0.06%) 2528194 ( 0.01%) 157.71
frag 1181 ( 0.00%) 906739 ( 0.00%) 767.77
ip6 206963 ( 0.77%) 73863336 ( 0.35%) 356.89
tcp6 140026 ( 0.52%) 61114268 ( 0.29%) 436.45
http(s) 5652 ( 0.02%) 7429338 ( 0.03%) 1314.46
http(c) 20283 ( 0.08%) 1813005 ( 0.01%) 89.39
smtp 67 ( 0.00%) 33955 ( 0.00%) 506.79
dns 202 ( 0.00%) 45188 ( 0.00%) 223.70
bgp 89 ( 0.00%) 13469 ( 0.00%) 151.34
other 113733 ( 0.42%) 51779313 ( 0.24%) 455.27
udp6 36901 ( 0.14%) 8758802 ( 0.04%) 237.36
dns 33861 ( 0.13%) 8183064 ( 0.04%) 241.67
cuseeme 1 ( 0.00%) 116 ( 0.00%) 116.00
other 3039 ( 0.01%) 575622 ( 0.00%) 189.41
icmp6 29708 ( 0.11%) 3760135 ( 0.02%) 126.57
ip6 84 ( 0.00%) 11412 ( 0.00%) 135.86
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 214 ( 0.00%) 214639 ( 0.00%) 1002.99
tcpdump file: 201203300530.dump.gz (634.91 MB)