Traffic Trace Info
DumpFile: 201203302200.dump
FileSize: 2113.07MB
Id: 201203302200
StartTime: Fri Mar 30 22:00:00 2012
EndTime: Fri Mar 30 22:15:01 2012
TotalTime: 900.71 seconds
TotalCapSize: 1658.81MB CapLen: 96 bytes
# of packets: 29769615 (22760.85MB)
AvgRate: 211.96Mbps stddev:46.67M
IP flow (unique src/dst pair) Information
# of flows: 2049790 (avg. 14.52 pkts/flow)
Top 10 big flow size (bytes/total in %):
5.3% 3.8% 2.7% 1.9% 1.7% 1.7% 1.6% 1.4% 1.4% 1.3%
IP address Information
# of IPv4 addresses: 1542884
Top 10 bandwidth usage (bytes/total in %):
15.4% 13.7% 6.2% 5.5% 5.5% 4.7% 4.3% 4.0% 3.9% 3.8%
# of IPv6 addresses: 6370
Top 10 bandwidth usage (bytes/total in %):
76.3% 53.6% 33.7% 7.4% 3.1% 2.5% 2.5% 1.8% 1.2% 0.9%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201203302200.pktlen.png)
detailed numbers
[ 32- 63]: 5930682
[ 64- 127]: 6127131
[ 128- 255]: 1292933
[ 256- 511]: 765712
[ 512- 1023]: 773982
[ 1024- 2047]: 14879175
Protocol Breakdown
![[protocol breakdown chart]](201203302200.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 29769615 (100.00%) 23866481449 (100.00%) 801.71
ip 29493634 ( 99.07%) 23614222791 ( 98.94%) 800.65
tcp 22232739 ( 74.68%) 20798900510 ( 87.15%) 935.51
http(s) 11534695 ( 38.75%) 15797316913 ( 66.19%) 1369.55
http(c) 5626959 ( 18.90%) 718014513 ( 3.01%) 127.60
squid 76941 ( 0.26%) 51032791 ( 0.21%) 663.27
smtp 45857 ( 0.15%) 9402214 ( 0.04%) 205.03
nntp 12 ( 0.00%) 748 ( 0.00%) 62.33
ftp 11088 ( 0.04%) 1029947 ( 0.00%) 92.89
pop3 1540 ( 0.01%) 396346 ( 0.00%) 257.37
imap 2251 ( 0.01%) 966272 ( 0.00%) 429.26
telnet 19923 ( 0.07%) 1472678 ( 0.01%) 73.92
ssh 19140 ( 0.06%) 5549144 ( 0.02%) 289.92
dns 29929 ( 0.10%) 27379212 ( 0.11%) 914.81
bgp 632 ( 0.00%) 126489 ( 0.00%) 200.14
napster 34 ( 0.00%) 2230 ( 0.00%) 65.59
realaud 42 ( 0.00%) 4886 ( 0.00%) 116.33
rtsp 27083 ( 0.09%) 40358853 ( 0.17%) 1490.19
icecast 1211 ( 0.00%) 147044 ( 0.00%) 121.42
hotline 96 ( 0.00%) 7553 ( 0.00%) 78.68
other 4835306 ( 16.24%) 4145692677 ( 17.37%) 857.38
udp 3642361 ( 12.24%) 1552417063 ( 6.50%) 426.21
dns 442575 ( 1.49%) 90526788 ( 0.38%) 204.55
realaud 16 ( 0.00%) 1414 ( 0.00%) 88.38
halflif 49 ( 0.00%) 7594 ( 0.00%) 154.98
starcra 42 ( 0.00%) 6652 ( 0.00%) 158.38
everque 220 ( 0.00%) 43521 ( 0.00%) 197.82
unreal 213 ( 0.00%) 99580 ( 0.00%) 467.51
quake 11 ( 0.00%) 1783 ( 0.00%) 162.09
cuseeme 3 ( 0.00%) 238 ( 0.00%) 79.33
other 3199076 ( 10.75%) 1461690613 ( 6.12%) 456.91
icmp 2226804 ( 7.48%) 232207460 ( 0.97%) 104.28
ipip 185 ( 0.00%) 19270 ( 0.00%) 104.16
ipsec 20301 ( 0.07%) 3620030 ( 0.02%) 178.32
ip6 1268478 ( 4.26%) 899351802 ( 3.77%) 709.00
pim 318 ( 0.00%) 19080 ( 0.00%) 60.00
other 102448 ( 0.34%) 127687576 ( 0.54%) 1246.36
frag 674 ( 0.00%) 607118 ( 0.00%) 900.77
ip6 275981 ( 0.93%) 252258658 ( 1.06%) 914.04
tcp6 191039 ( 0.64%) 234486451 ( 0.98%) 1227.43
http(s) 12271 ( 0.04%) 12565175 ( 0.05%) 1023.97
http(c) 18385 ( 0.06%) 1662652 ( 0.01%) 90.44
smtp 594 ( 0.00%) 260805 ( 0.00%) 439.07
ftp 21 ( 0.00%) 1933 ( 0.00%) 92.05
dns 231 ( 0.00%) 46958 ( 0.00%) 203.28
bgp 92 ( 0.00%) 16434 ( 0.00%) 178.63
other 159445 ( 0.54%) 219932494 ( 0.92%) 1379.36
udp6 56162 ( 0.19%) 13431239 ( 0.06%) 239.15
dns 51558 ( 0.17%) 12731323 ( 0.05%) 246.93
realaud 1 ( 0.00%) 111 ( 0.00%) 111.00
halflif 3 ( 0.00%) 339 ( 0.00%) 113.00
starcra 1 ( 0.00%) 107 ( 0.00%) 107.00
everque 2 ( 0.00%) 216 ( 0.00%) 108.00
unreal 1 ( 0.00%) 115 ( 0.00%) 115.00
quake 4 ( 0.00%) 416 ( 0.00%) 104.00
cuseeme 1 ( 0.00%) 110 ( 0.00%) 110.00
other 4591 ( 0.02%) 698502 ( 0.00%) 152.15
icmp6 28034 ( 0.09%) 3735759 ( 0.02%) 133.26
ip6 82 ( 0.00%) 11176 ( 0.00%) 136.29
pim6 31 ( 0.00%) 4216 ( 0.00%) 136.00
other6 633 ( 0.00%) 589817 ( 0.00%) 931.78
tcpdump file: 201203302200.dump.gz (680.31 MB)