Traffic Trace Info
DumpFile: 201203301430.dump
FileSize: 2380.06MB
Id: 201203301430
StartTime: Fri Mar 30 14:30:00 2012
EndTime: Fri Mar 30 14:45:00 2012
TotalTime: 899.62 seconds
TotalCapSize: 1878.92MB CapLen: 96 bytes
# of packets: 32842308 (24433.84MB)
AvgRate: 227.83Mbps stddev:36.24M
IP flow (unique src/dst pair) Information
# of flows: 1803071 (avg. 18.21 pkts/flow)
Top 10 big flow size (bytes/total in %):
3.9% 2.2% 2.0% 2.0% 1.8% 1.6% 1.5% 1.4% 1.4% 1.4%
IP address Information
# of IPv4 addresses: 1396475
Top 10 bandwidth usage (bytes/total in %):
15.6% 10.5% 6.2% 6.0% 4.0% 3.9% 3.8% 3.5% 3.2% 2.4%
# of IPv6 addresses: 6858
Top 10 bandwidth usage (bytes/total in %):
46.1% 14.7% 9.3% 9.2% 8.9% 5.1% 5.1% 5.0% 4.9% 3.8%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201203301430.pktlen.png)
detailed numbers
[ 32- 63]: 6388262
[ 64- 127]: 7259192
[ 128- 255]: 1125690
[ 256- 511]: 1292214
[ 512- 1023]: 861040
[ 1024- 2047]: 15915910
Protocol Breakdown
![[protocol breakdown chart]](201203301430.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 32842308 (100.00%) 25620737897 (100.00%) 780.11
ip 32550166 ( 99.11%) 25443117949 ( 99.31%) 781.66
tcp 26245567 ( 79.91%) 22724452116 ( 88.70%) 865.84
http(s) 13496222 ( 41.09%) 18361911923 ( 71.67%) 1360.52
http(c) 7890677 ( 24.03%) 1773643535 ( 6.92%) 224.78
squid 92285 ( 0.28%) 62972785 ( 0.25%) 682.37
smtp 73856 ( 0.22%) 39781573 ( 0.16%) 538.64
nntp 7 ( 0.00%) 434 ( 0.00%) 62.00
ftp 9978 ( 0.03%) 860781 ( 0.00%) 86.27
pop3 5452 ( 0.02%) 2090351 ( 0.01%) 383.41
imap 2084 ( 0.01%) 484261 ( 0.00%) 232.37
telnet 11447 ( 0.03%) 843995 ( 0.00%) 73.73
ssh 163539 ( 0.50%) 33708564 ( 0.13%) 206.12
dns 2434 ( 0.01%) 269410 ( 0.00%) 110.69
bgp 630 ( 0.00%) 113646 ( 0.00%) 180.39
napster 34 ( 0.00%) 2202 ( 0.00%) 64.76
rtsp 9363 ( 0.03%) 11571260 ( 0.05%) 1235.85
icecast 24298 ( 0.07%) 15829581 ( 0.06%) 651.48
hotline 31 ( 0.00%) 2973 ( 0.00%) 95.90
other 4463230 ( 13.59%) 2420364842 ( 9.45%) 542.29
udp 2954106 ( 8.99%) 972114987 ( 3.79%) 329.07
dns 509779 ( 1.55%) 123547566 ( 0.48%) 242.36
rip 1 ( 0.00%) 72 ( 0.00%) 72.00
realaud 13 ( 0.00%) 2595 ( 0.00%) 199.62
halflif 35 ( 0.00%) 5755 ( 0.00%) 164.43
starcra 18 ( 0.00%) 1924 ( 0.00%) 106.89
everque 389 ( 0.00%) 63867 ( 0.00%) 164.18
unreal 105 ( 0.00%) 69099 ( 0.00%) 658.09
quake 24 ( 0.00%) 6078 ( 0.00%) 253.25
cuseeme 1 ( 0.00%) 95 ( 0.00%) 95.00
other 2443558 ( 7.44%) 848366853 ( 3.31%) 347.19
icmp 1580517 ( 4.81%) 127653256 ( 0.50%) 80.77
ipip 185 ( 0.00%) 19270 ( 0.00%) 104.16
ipsec 3614 ( 0.01%) 1178004 ( 0.00%) 325.96
ip6 1749353 ( 5.33%) 1614922887 ( 6.30%) 923.15
pim 289 ( 0.00%) 17340 ( 0.00%) 60.00
other 16535 ( 0.05%) 2760089 ( 0.01%) 166.92
frag 854 ( 0.00%) 766848 ( 0.00%) 897.95
ip6 292142 ( 0.89%) 177619948 ( 0.69%) 607.99
tcp6 147724 ( 0.45%) 114719326 ( 0.45%) 776.58
http(s) 36333 ( 0.11%) 48369075 ( 0.19%) 1331.27
http(c) 37881 ( 0.12%) 3280057 ( 0.01%) 86.59
smtp 206 ( 0.00%) 94012 ( 0.00%) 456.37
ftp 25 ( 0.00%) 1967 ( 0.00%) 78.68
dns 283 ( 0.00%) 50847 ( 0.00%) 179.67
bgp 96 ( 0.00%) 17714 ( 0.00%) 184.52
other 72900 ( 0.22%) 62905654 ( 0.25%) 862.90
udp6 105459 ( 0.32%) 51076453 ( 0.20%) 484.33
dns 63219 ( 0.19%) 17969913 ( 0.07%) 284.25
halflif 2 ( 0.00%) 212 ( 0.00%) 106.00
everque 1 ( 0.00%) 110 ( 0.00%) 110.00
unreal 1 ( 0.00%) 106 ( 0.00%) 106.00
quake 1 ( 0.00%) 99 ( 0.00%) 99.00
cuseeme 1 ( 0.00%) 106 ( 0.00%) 106.00
other 42234 ( 0.13%) 33105907 ( 0.13%) 783.87
icmp6 27551 ( 0.08%) 3674320 ( 0.01%) 133.36
ip6 82 ( 0.00%) 11176 ( 0.00%) 136.29
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 11296 ( 0.03%) 8134593 ( 0.03%) 720.13
tcpdump file: 201203301430.dump.gz (767.37 MB)