Traffic Trace Info
DumpFile: 201203300930.dump
FileSize: 2116.41MB
Id: 201203300930
StartTime: Fri Mar 30 09:30:00 2012
EndTime: Fri Mar 30 09:45:00 2012
TotalTime: 900.26 seconds
TotalCapSize: 1673.98MB CapLen: 96 bytes
# of packets: 28994889 (20458.51MB)
AvgRate: 190.62Mbps stddev:25.54M
IP flow (unique src/dst pair) Information
# of flows: 1897394 (avg. 15.28 pkts/flow)
Top 10 big flow size (bytes/total in %):
4.5% 3.6% 3.4% 2.8% 2.6% 2.4% 2.2% 1.6% 1.6% 1.5%
IP address Information
# of IPv4 addresses: 1383626
Top 10 bandwidth usage (bytes/total in %):
17.7% 8.2% 7.5% 7.2% 7.1% 6.1% 5.5% 4.6% 3.7% 3.6%
# of IPv6 addresses: 5580
Top 10 bandwidth usage (bytes/total in %):
60.3% 8.5% 4.5% 4.5% 4.3% 3.7% 3.6% 3.4% 3.3% 3.3%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201203300930.pktlen.png)
detailed numbers
[ 32- 63]: 5856839
[ 64- 127]: 7339344
[ 128- 255]: 912088
[ 256- 511]: 643806
[ 512- 1023]: 1005446
[ 1024- 2047]: 13237366
Protocol Breakdown
![[protocol breakdown chart]](201203300930.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 28994889 (100.00%) 21452300559 (100.00%) 739.86
ip 28788458 ( 99.29%) 21363957829 ( 99.59%) 742.10
tcp 21839174 ( 75.32%) 18118513449 ( 84.46%) 829.63
http(s) 9011820 ( 31.08%) 11882535420 ( 55.39%) 1318.55
http(c) 6009583 ( 20.73%) 646425670 ( 3.01%) 107.57
squid 1350594 ( 4.66%) 1579909303 ( 7.36%) 1169.79
smtp 38760 ( 0.13%) 9345365 ( 0.04%) 241.11
ftp 7596 ( 0.03%) 748106 ( 0.00%) 98.49
pop3 1830 ( 0.01%) 639344 ( 0.00%) 349.37
imap 1352 ( 0.00%) 417708 ( 0.00%) 308.96
telnet 714 ( 0.00%) 46460 ( 0.00%) 65.07
ssh 102666 ( 0.35%) 15946563 ( 0.07%) 155.32
dns 11286 ( 0.04%) 8783722 ( 0.04%) 778.28
bgp 623 ( 0.00%) 102025 ( 0.00%) 163.76
napster 45 ( 0.00%) 4286 ( 0.00%) 95.24
realaud 8 ( 0.00%) 502 ( 0.00%) 62.75
rtsp 2 ( 0.00%) 120 ( 0.00%) 60.00
icecast 15472 ( 0.05%) 15809488 ( 0.07%) 1021.81
hotline 8 ( 0.00%) 516 ( 0.00%) 64.50
other 5286812 ( 18.23%) 3957798671 ( 18.45%) 748.62
udp 2756587 ( 9.51%) 1285459305 ( 5.99%) 466.32
dns 476655 ( 1.64%) 138212506 ( 0.64%) 289.96
rip 4 ( 0.00%) 1344 ( 0.00%) 336.00
realaud 2 ( 0.00%) 230 ( 0.00%) 115.00
halflif 15 ( 0.00%) 1478 ( 0.00%) 98.53
starcra 44 ( 0.00%) 3893 ( 0.00%) 88.48
everque 317 ( 0.00%) 61181 ( 0.00%) 193.00
unreal 97 ( 0.00%) 42077 ( 0.00%) 433.78
quake 21 ( 0.00%) 2370 ( 0.00%) 112.86
cuseeme 9 ( 0.00%) 764 ( 0.00%) 84.89
other 2279248 ( 7.86%) 1147092653 ( 5.35%) 503.28
icmp 1659482 ( 5.72%) 159271151 ( 0.74%) 95.98
ipip 185 ( 0.00%) 19270 ( 0.00%) 104.16
ipsec 19579 ( 0.07%) 5275442 ( 0.02%) 269.44
ip6 2496417 ( 8.61%) 1791831698 ( 8.35%) 717.76
pim 177 ( 0.00%) 10620 ( 0.00%) 60.00
other 16857 ( 0.06%) 3576894 ( 0.02%) 212.19
frag 961 ( 0.00%) 799564 ( 0.00%) 832.01
ip6 206431 ( 0.71%) 88342730 ( 0.41%) 427.95
tcp6 122456 ( 0.42%) 71097045 ( 0.33%) 580.59
http(s) 8644 ( 0.03%) 10186494 ( 0.05%) 1178.45
http(c) 25685 ( 0.09%) 2163033 ( 0.01%) 84.21
smtp 565 ( 0.00%) 215870 ( 0.00%) 382.07
dns 260 ( 0.00%) 55058 ( 0.00%) 211.76
bgp 83 ( 0.00%) 14531 ( 0.00%) 175.07
other 87219 ( 0.30%) 58462059 ( 0.27%) 670.29
udp6 52923 ( 0.18%) 12751518 ( 0.06%) 240.94
dns 47782 ( 0.16%) 11556897 ( 0.05%) 241.87
halflif 3 ( 0.00%) 317 ( 0.00%) 105.67
everque 4 ( 0.00%) 425 ( 0.00%) 106.25
quake 1 ( 0.00%) 106 ( 0.00%) 106.00
other 5133 ( 0.02%) 1193773 ( 0.01%) 232.57
icmp6 30528 ( 0.11%) 4080209 ( 0.02%) 133.65
ip6 85 ( 0.00%) 11580 ( 0.00%) 136.24
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 409 ( 0.00%) 398298 ( 0.00%) 973.83
tcpdump file: 201203300930.dump.gz (659.20 MB)