Traffic Trace Info
DumpFile: 201203301330.dump
FileSize: 2557.52MB
Id: 201203301330
StartTime: Fri Mar 30 13:30:00 2012
EndTime: Fri Mar 30 13:45:00 2012
TotalTime: 899.60 seconds
TotalCapSize: 2019.11MB CapLen: 96 bytes
# of packets: 35285097 (27354.95MB)
AvgRate: 255.10Mbps stddev:46.20M
IP flow (unique src/dst pair) Information
# of flows: 1998978 (avg. 17.65 pkts/flow)
Top 10 big flow size (bytes/total in %):
7.1% 5.9% 2.3% 2.1% 2.0% 1.7% 1.7% 1.6% 1.3% 1.2%
IP address Information
# of IPv4 addresses: 1500901
Top 10 bandwidth usage (bytes/total in %):
17.7% 12.4% 10.5% 7.5% 6.2% 5.6% 4.7% 3.3% 2.4% 2.2%
# of IPv6 addresses: 6208
Top 10 bandwidth usage (bytes/total in %):
86.6% 51.2% 33.2% 6.2% 6.2% 4.0% 3.8% 1.9% 0.4% 0.2%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201203301330.pktlen.png)
detailed numbers
[ 32- 63]: 6885951
[ 64- 127]: 7249027
[ 128- 255]: 1060935
[ 256- 511]: 1100367
[ 512- 1023]: 1006265
[ 1024- 2047]: 17982552
Protocol Breakdown
![[protocol breakdown chart]](201203301330.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 35285097 (100.00%) 28683746311 (100.00%) 812.91
ip 34327385 ( 97.29%) 27518102842 ( 95.94%) 801.64
tcp 27629538 ( 78.30%) 24466243069 ( 85.30%) 885.51
http(s) 14199618 ( 40.24%) 19425745765 ( 67.72%) 1368.05
http(c) 7848655 ( 22.24%) 1838348690 ( 6.41%) 234.22
squid 65130 ( 0.18%) 20963035 ( 0.07%) 321.86
smtp 56062 ( 0.16%) 14738490 ( 0.05%) 262.90
nntp 18 ( 0.00%) 1122 ( 0.00%) 62.33
ftp 5596 ( 0.02%) 530966 ( 0.00%) 94.88
pop3 9196 ( 0.03%) 9800146 ( 0.03%) 1065.70
imap 2693 ( 0.01%) 939342 ( 0.00%) 348.81
telnet 351 ( 0.00%) 24686 ( 0.00%) 70.33
ssh 289197 ( 0.82%) 59905538 ( 0.21%) 207.14
dns 2478 ( 0.01%) 298371 ( 0.00%) 120.41
bgp 617 ( 0.00%) 112921 ( 0.00%) 183.02
napster 33 ( 0.00%) 2164 ( 0.00%) 65.58
realaud 24 ( 0.00%) 1504 ( 0.00%) 62.67
rtsp 8911 ( 0.03%) 11629131 ( 0.04%) 1305.03
icecast 25786 ( 0.07%) 15898432 ( 0.06%) 616.55
hotline 77 ( 0.00%) 4972 ( 0.00%) 64.57
other 5115095 ( 14.50%) 3067297734 ( 10.69%) 599.66
udp 3018408 ( 8.55%) 1251581468 ( 4.36%) 414.65
dns 503698 ( 1.43%) 125166209 ( 0.44%) 248.49
realaud 7 ( 0.00%) 881 ( 0.00%) 125.86
halflif 40 ( 0.00%) 5460 ( 0.00%) 136.50
starcra 21 ( 0.00%) 1945 ( 0.00%) 92.62
everque 367 ( 0.00%) 67086 ( 0.00%) 182.80
unreal 40 ( 0.00%) 24003 ( 0.00%) 600.08
quake 12 ( 0.00%) 1261 ( 0.00%) 105.08
cuseeme 1 ( 0.00%) 70 ( 0.00%) 70.00
other 2514084 ( 7.13%) 1126264719 ( 3.93%) 447.98
icmp 1651052 ( 4.68%) 146323501 ( 0.51%) 88.62
ipip 185 ( 0.00%) 19270 ( 0.00%) 104.16
ipsec 10635 ( 0.03%) 4717154 ( 0.02%) 443.55
ip6 1999504 ( 5.67%) 1646210582 ( 5.74%) 823.31
pim 193 ( 0.00%) 11580 ( 0.00%) 60.00
other 17870 ( 0.05%) 2996218 ( 0.01%) 167.67
frag 962 ( 0.00%) 850713 ( 0.00%) 884.32
ip6 957712 ( 2.71%) 1165643469 ( 4.06%) 1217.11
tcp6 799677 ( 2.27%) 1099067637 ( 3.83%) 1374.39
http(s) 29644 ( 0.08%) 36841337 ( 0.13%) 1242.79
http(c) 48892 ( 0.14%) 4257672 ( 0.01%) 87.08
smtp 24 ( 0.00%) 2890 ( 0.00%) 120.42
dns 326 ( 0.00%) 64454 ( 0.00%) 197.71
bgp 89 ( 0.00%) 17402 ( 0.00%) 195.53
other 720702 ( 2.04%) 1057883882 ( 3.69%) 1467.85
udp6 68331 ( 0.19%) 18715606 ( 0.07%) 273.90
dns 61597 ( 0.17%) 16102964 ( 0.06%) 261.42
everque 2 ( 0.00%) 237 ( 0.00%) 118.50
quake 2 ( 0.00%) 218 ( 0.00%) 109.00
other 6730 ( 0.02%) 2612187 ( 0.01%) 388.14
icmp6 26700 ( 0.08%) 3570522 ( 0.01%) 133.73
ip6 82 ( 0.00%) 11176 ( 0.00%) 136.29
pim6 31 ( 0.00%) 4216 ( 0.00%) 136.00
other6 62891 ( 0.18%) 44274312 ( 0.15%) 703.98
tcpdump file: 201203301330.dump.gz (802.98 MB)