Traffic Trace Info
DumpFile: 201203301215.dump
FileSize: 2014.84MB
Id: 201203301215
StartTime: Fri Mar 30 12:15:00 2012
EndTime: Fri Mar 30 12:30:00 2012
TotalTime: 900.47 seconds
TotalCapSize: 1590.08MB CapLen: 96 bytes
# of packets: 27836703 (19651.40MB)
AvgRate: 183.07Mbps stddev:45.54M
IP flow (unique src/dst pair) Information
# of flows: 1971502 (avg. 14.12 pkts/flow)
Top 10 big flow size (bytes/total in %):
2.1% 2.0% 1.8% 1.8% 1.6% 1.5% 1.3% 1.2% 1.2% 1.2%
IP address Information
# of IPv4 addresses: 1464023
Top 10 bandwidth usage (bytes/total in %):
11.0% 10.0% 6.2% 5.2% 5.1% 4.0% 3.5% 3.3% 2.4% 2.2%
# of IPv6 addresses: 5893
Top 10 bandwidth usage (bytes/total in %):
76.4% 73.2% 8.6% 8.6% 3.8% 3.8% 2.8% 1.3% 0.8% 0.7%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201203301215.pktlen.png)
detailed numbers
[ 32- 63]: 5567090
[ 64- 127]: 6929196
[ 128- 255]: 1110145
[ 256- 511]: 812404
[ 512- 1023]: 685529
[ 1024- 2047]: 12732339
Protocol Breakdown
![[protocol breakdown chart]](201203301215.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 27836703 (100.00%) 20605989853 (100.00%) 740.25
ip 27347343 ( 98.24%) 20101450619 ( 97.55%) 735.04
tcp 20746545 ( 74.53%) 17331409993 ( 84.11%) 835.39
http(s) 9279904 ( 33.34%) 12248556369 ( 59.44%) 1319.90
http(c) 5601824 ( 20.12%) 1430846341 ( 6.94%) 255.43
squid 36818 ( 0.13%) 24799274 ( 0.12%) 673.56
smtp 53140 ( 0.19%) 15557266 ( 0.08%) 292.76
nntp 6 ( 0.00%) 374 ( 0.00%) 62.33
ftp 6219 ( 0.02%) 636483 ( 0.00%) 102.34
pop3 3864 ( 0.01%) 2591477 ( 0.01%) 670.67
imap 4204 ( 0.02%) 2515947 ( 0.01%) 598.47
telnet 9160 ( 0.03%) 671437 ( 0.00%) 73.30
ssh 132872 ( 0.48%) 17229800 ( 0.08%) 129.67
dns 2484 ( 0.01%) 288901 ( 0.00%) 116.30
bgp 619 ( 0.00%) 98961 ( 0.00%) 159.87
napster 26 ( 0.00%) 1762 ( 0.00%) 67.77
realaud 69 ( 0.00%) 13417 ( 0.00%) 194.45
rtsp 43 ( 0.00%) 8495 ( 0.00%) 197.56
icecast 18795 ( 0.07%) 16933942 ( 0.08%) 900.98
hotline 9 ( 0.00%) 558 ( 0.00%) 62.00
other 5596488 ( 20.10%) 3570659129 ( 17.33%) 638.02
udp 3224225 ( 11.58%) 1257496357 ( 6.10%) 390.02
dns 496696 ( 1.78%) 126026836 ( 0.61%) 253.73
realaud 41 ( 0.00%) 6124 ( 0.00%) 149.37
halflif 17 ( 0.00%) 1805 ( 0.00%) 106.18
starcra 27 ( 0.00%) 3605 ( 0.00%) 133.52
everque 415 ( 0.00%) 77150 ( 0.00%) 185.90
unreal 21 ( 0.00%) 3783 ( 0.00%) 180.14
quake 9 ( 0.00%) 840 ( 0.00%) 93.33
cuseeme 5 ( 0.00%) 383 ( 0.00%) 76.60
other 2585566 ( 9.29%) 1122845996 ( 5.45%) 434.27
icmp 1665372 ( 5.98%) 149092559 ( 0.72%) 89.53
ipip 184 ( 0.00%) 19160 ( 0.00%) 104.13
ipsec 16306 ( 0.06%) 3204860 ( 0.02%) 196.54
ip6 1675881 ( 6.02%) 1355711384 ( 6.58%) 808.95
pim 240 ( 0.00%) 14400 ( 0.00%) 60.00
other 18590 ( 0.07%) 4501906 ( 0.02%) 242.17
frag 306039 ( 1.10%) 233595447 ( 1.13%) 763.29
ip6 489358 ( 1.76%) 504539114 ( 2.45%) 1031.02
tcp6 390112 ( 1.40%) 483859410 ( 2.35%) 1240.31
http(s) 19157 ( 0.07%) 23545823 ( 0.11%) 1229.10
http(c) 42857 ( 0.15%) 3568858 ( 0.02%) 83.27
smtp 110 ( 0.00%) 69541 ( 0.00%) 632.19
dns 128 ( 0.00%) 28134 ( 0.00%) 219.80
bgp 91 ( 0.00%) 14679 ( 0.00%) 161.31
other 327769 ( 1.18%) 456632375 ( 2.22%) 1393.15
udp6 72022 ( 0.26%) 16611409 ( 0.08%) 230.64
dns 56109 ( 0.20%) 14524739 ( 0.07%) 258.87
realaud 2 ( 0.00%) 200 ( 0.00%) 100.00
halflif 1 ( 0.00%) 104 ( 0.00%) 104.00
starcra 1 ( 0.00%) 110 ( 0.00%) 110.00
everque 5 ( 0.00%) 521 ( 0.00%) 104.20
quake 2 ( 0.00%) 209 ( 0.00%) 104.50
cuseeme 1 ( 0.00%) 113 ( 0.00%) 113.00
other 15901 ( 0.06%) 2085413 ( 0.01%) 131.15
icmp6 26654 ( 0.10%) 3611200 ( 0.02%) 135.48
ip6 84 ( 0.00%) 11412 ( 0.00%) 135.86
pim6 31 ( 0.00%) 4216 ( 0.00%) 136.00
other6 455 ( 0.00%) 441467 ( 0.00%) 970.26
tcpdump file: 201203301215.dump.gz (650.53 MB)