Traffic Trace Info
DumpFile: 201203301930.dump
FileSize: 2761.43MB
Id: 201203301930
StartTime: Fri Mar 30 19:30:00 2012
EndTime: Fri Mar 30 19:45:00 2012
TotalTime: 899.76 seconds
TotalCapSize: -1917.88MB CapLen: 96 bytes
# of packets: 38226999 (30070.51MB)
AvgRate: 280.37Mbps stddev:59.26M
IP flow (unique src/dst pair) Information
# of flows: 1951930 (avg. 19.58 pkts/flow)
Top 10 big flow size (bytes/total in %):
8.3% 5.3% 4.8% 3.9% 2.5% 2.0% 2.0% 2.0% 1.6% 1.5%
IP address Information
# of IPv4 addresses: 1491175
Top 10 bandwidth usage (bytes/total in %):
23.7% 15.8% 12.8% 8.5% 7.6% 5.4% 4.9% 3.9% 3.0% 2.8%
# of IPv6 addresses: 6095
Top 10 bandwidth usage (bytes/total in %):
95.3% 92.6% 2.5% 0.8% 0.3% 0.3% 0.3% 0.2% 0.2% 0.2%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201203301930.pktlen.png)
detailed numbers
[ 32- 63]: 6632423
[ 64- 127]: 8819183
[ 128- 255]: 1006693
[ 256- 511]: 931751
[ 512- 1023]: 961195
[ 1024- 2047]: 19875754
Protocol Breakdown
![[protocol breakdown chart]](201203301930.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 38226999 (100.00%) 31531214025 (100.00%) 824.84
ip 37816728 ( 98.93%) 31050844965 ( 98.48%) 821.09
tcp 30617170 ( 80.09%) 28547059454 ( 90.54%) 932.39
http(s) 15419322 ( 40.34%) 21561523183 ( 68.38%) 1398.34
http(c) 7354946 ( 19.24%) 1088815166 ( 3.45%) 148.04
squid 82779 ( 0.22%) 57866279 ( 0.18%) 699.05
smtp 50540 ( 0.13%) 20588026 ( 0.07%) 407.36
nntp 7 ( 0.00%) 434 ( 0.00%) 62.00
ftp 6017 ( 0.02%) 604445 ( 0.00%) 100.46
pop3 3568 ( 0.01%) 574580 ( 0.00%) 161.04
imap 1431 ( 0.00%) 411669 ( 0.00%) 287.68
telnet 3656 ( 0.01%) 266303 ( 0.00%) 72.84
ssh 30469 ( 0.08%) 5108127 ( 0.02%) 167.65
dns 2566 ( 0.01%) 194648 ( 0.00%) 75.86
bgp 638 ( 0.00%) 113304 ( 0.00%) 177.59
napster 98 ( 0.00%) 7546 ( 0.00%) 77.00
realaud 87 ( 0.00%) 7253 ( 0.00%) 83.37
icecast 311 ( 0.00%) 79944 ( 0.00%) 257.05
hotline 44 ( 0.00%) 2754 ( 0.00%) 62.59
other 7660686 ( 20.04%) 5810895493 ( 18.43%) 758.53
udp 3411126 ( 8.92%) 1361206915 ( 4.32%) 399.05
dns 392148 ( 1.03%) 87233552 ( 0.28%) 222.45
rip 1 ( 0.00%) 69 ( 0.00%) 69.00
realaud 52 ( 0.00%) 9009 ( 0.00%) 173.25
halflif 5154 ( 0.01%) 417497 ( 0.00%) 81.00
starcra 41 ( 0.00%) 3298 ( 0.00%) 80.44
everque 1062 ( 0.00%) 803798 ( 0.00%) 756.87
unreal 337 ( 0.00%) 218106 ( 0.00%) 647.20
quake 5 ( 0.00%) 413 ( 0.00%) 82.60
cuseeme 6 ( 0.00%) 411 ( 0.00%) 68.50
other 3011919 ( 7.88%) 1272460529 ( 4.04%) 422.48
icmp 2198623 ( 5.75%) 226988224 ( 0.72%) 103.24
ipip 185 ( 0.00%) 19270 ( 0.00%) 104.16
ipsec 1830 ( 0.00%) 606004 ( 0.00%) 331.15
ip6 1566814 ( 4.10%) 911451662 ( 2.89%) 581.72
pim 275 ( 0.00%) 16500 ( 0.00%) 60.00
other 20705 ( 0.05%) 3496936 ( 0.01%) 168.89
frag 1188 ( 0.00%) 994459 ( 0.00%) 837.09
ip6 410271 ( 1.07%) 480369060 ( 1.52%) 1170.86
tcp6 331075 ( 0.87%) 463144694 ( 1.47%) 1398.91
http(s) 10839 ( 0.03%) 14356308 ( 0.05%) 1324.50
http(c) 17869 ( 0.05%) 1602955 ( 0.01%) 89.71
smtp 984 ( 0.00%) 776164 ( 0.00%) 788.78
ftp 24 ( 0.00%) 1890 ( 0.00%) 78.75
ssh 2542 ( 0.01%) 658132 ( 0.00%) 258.90
dns 350 ( 0.00%) 75754 ( 0.00%) 216.44
bgp 96 ( 0.00%) 15394 ( 0.00%) 160.35
other 298371 ( 0.78%) 445658097 ( 1.41%) 1493.64
udp6 51616 ( 0.14%) 12983234 ( 0.04%) 251.54
dns 48585 ( 0.13%) 12455403 ( 0.04%) 256.36
realaud 2 ( 0.00%) 211 ( 0.00%) 105.50
everque 1 ( 0.00%) 107 ( 0.00%) 107.00
quake 3 ( 0.00%) 313 ( 0.00%) 104.33
cuseeme 3 ( 0.00%) 339 ( 0.00%) 113.00
other 3022 ( 0.01%) 526861 ( 0.00%) 174.34
icmp6 26691 ( 0.07%) 3486572 ( 0.01%) 130.63
ip6 84 ( 0.00%) 11412 ( 0.00%) 135.86
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 775 ( 0.00%) 739068 ( 0.00%) 953.64
tcpdump file: 201203301930.dump.gz (875.72 MB)