Traffic Trace Info
DumpFile: 201203300900.dump
FileSize: 1976.91MB
Id: 201203300900
StartTime: Fri Mar 30 09:00:00 2012
EndTime: Fri Mar 30 09:15:00 2012
TotalTime: 900.18 seconds
TotalCapSize: 1562.82MB CapLen: 96 bytes
# of packets: 27136905 (19480.35MB)
AvgRate: 181.47Mbps stddev:29.91M
IP flow (unique src/dst pair) Information
# of flows: 1858951 (avg. 14.60 pkts/flow)
Top 10 big flow size (bytes/total in %):
2.9% 2.4% 2.3% 2.1% 1.9% 1.6% 1.3% 1.2% 1.2% 1.2%
IP address Information
# of IPv4 addresses: 1404536
Top 10 bandwidth usage (bytes/total in %):
14.8% 11.3% 9.8% 6.8% 4.4% 3.7% 3.3% 3.1% 3.0% 2.9%
# of IPv6 addresses: 5711
Top 10 bandwidth usage (bytes/total in %):
35.9% 23.1% 14.5% 6.5% 6.1% 5.4% 3.5% 3.5% 3.0% 2.8%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201203300900.pktlen.png)
detailed numbers
[ 32- 63]: 4820256
[ 64- 127]: 7257504
[ 128- 255]: 865901
[ 256- 511]: 638780
[ 512- 1023]: 929085
[ 1024- 2047]: 12625379
Protocol Breakdown
![[protocol breakdown chart]](201203300900.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 27136905 (100.00%) 20426624488 (100.00%) 752.72
ip 26975110 ( 99.40%) 20364874103 ( 99.70%) 754.95
tcp 20817041 ( 76.71%) 17530582416 ( 85.82%) 842.13
http(s) 8679580 ( 31.98%) 11741061154 ( 57.48%) 1352.72
http(c) 5442303 ( 20.05%) 861978762 ( 4.22%) 158.38
squid 1800118 ( 6.63%) 1965101495 ( 9.62%) 1091.65
smtp 37384 ( 0.14%) 13119203 ( 0.06%) 350.93
nntp 3 ( 0.00%) 186 ( 0.00%) 62.00
ftp 8117 ( 0.03%) 733141 ( 0.00%) 90.32
pop3 9389 ( 0.03%) 1468095 ( 0.01%) 156.36
imap 1189 ( 0.00%) 314331 ( 0.00%) 264.37
telnet 951 ( 0.00%) 64351 ( 0.00%) 67.67
ssh 125127 ( 0.46%) 21691961 ( 0.11%) 173.36
dns 2118 ( 0.01%) 262200 ( 0.00%) 123.80
bgp 616 ( 0.00%) 98498 ( 0.00%) 159.90
napster 20 ( 0.00%) 1828 ( 0.00%) 91.40
realaud 8 ( 0.00%) 504 ( 0.00%) 63.00
rtsp 2384 ( 0.01%) 3298638 ( 0.02%) 1383.66
icecast 15750 ( 0.06%) 15766469 ( 0.08%) 1001.05
hotline 29 ( 0.00%) 2839 ( 0.00%) 97.90
other 4691954 ( 17.29%) 2905618701 ( 14.22%) 619.28
udp 2692429 ( 9.92%) 1244149969 ( 6.09%) 462.09
dns 405462 ( 1.49%) 107474322 ( 0.53%) 265.07
realaud 2 ( 0.00%) 178 ( 0.00%) 89.00
halflif 13 ( 0.00%) 1264 ( 0.00%) 97.23
starcra 18 ( 0.00%) 1694 ( 0.00%) 94.11
everque 369 ( 0.00%) 72701 ( 0.00%) 197.02
unreal 88 ( 0.00%) 52492 ( 0.00%) 596.50
quake 7 ( 0.00%) 1159 ( 0.00%) 165.57
cuseeme 2 ( 0.00%) 162 ( 0.00%) 81.00
other 2255569 ( 8.31%) 1134651728 ( 5.55%) 503.04
icmp 1629529 ( 6.00%) 159009949 ( 0.78%) 97.58
ipip 185 ( 0.00%) 19270 ( 0.00%) 104.16
ipsec 14760 ( 0.05%) 5488160 ( 0.03%) 371.83
ip6 1800929 ( 6.64%) 1420500960 ( 6.95%) 788.76
pim 264 ( 0.00%) 15840 ( 0.00%) 60.00
other 19973 ( 0.07%) 5107539 ( 0.03%) 255.72
frag 68055 ( 0.25%) 52020833 ( 0.25%) 764.39
ip6 161795 ( 0.60%) 61750385 ( 0.30%) 381.66
tcp6 75261 ( 0.28%) 44719489 ( 0.22%) 594.19
http(s) 6317 ( 0.02%) 6927514 ( 0.03%) 1096.65
http(c) 20081 ( 0.07%) 1791886 ( 0.01%) 89.23
smtp 74 ( 0.00%) 29365 ( 0.00%) 396.82
ssh 171 ( 0.00%) 28063 ( 0.00%) 164.11
dns 304 ( 0.00%) 58333 ( 0.00%) 191.88
bgp 94 ( 0.00%) 17964 ( 0.00%) 191.11
other 48220 ( 0.18%) 35866364 ( 0.18%) 743.81
udp6 53795 ( 0.20%) 12312971 ( 0.06%) 228.89
dns 50324 ( 0.19%) 11782086 ( 0.06%) 234.12
everque 2 ( 0.00%) 273 ( 0.00%) 136.50
quake 1 ( 0.00%) 112 ( 0.00%) 112.00
other 3468 ( 0.01%) 530500 ( 0.00%) 152.97
icmp6 32081 ( 0.12%) 4186940 ( 0.02%) 130.51
ip6 84 ( 0.00%) 11412 ( 0.00%) 135.86
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 544 ( 0.00%) 515493 ( 0.00%) 947.60
tcpdump file: 201203300900.dump.gz (640.14 MB)