Traffic Trace Info
DumpFile: 201203310730.dump
FileSize: 1846.94MB
Id: 201203310730
StartTime: Sat Mar 31 07:30:00 2012
EndTime: Sat Mar 31 07:45:00 2012
TotalTime: 900.17 seconds
TotalCapSize: 1456.71MB CapLen: 96 bytes
# of packets: 25573283 (18494.23MB)
AvgRate: 172.41Mbps stddev:38.97M
IP flow (unique src/dst pair) Information
# of flows: 1834306 (avg. 13.94 pkts/flow)
Top 10 big flow size (bytes/total in %):
11.2% 4.8% 4.0% 2.8% 2.8% 2.1% 1.9% 1.6% 1.4% 1.3%
IP address Information
# of IPv4 addresses: 1398441
Top 10 bandwidth usage (bytes/total in %):
13.3% 12.0% 11.8% 10.5% 8.1% 7.4% 5.7% 5.1% 4.3% 4.2%
# of IPv6 addresses: 4675
Top 10 bandwidth usage (bytes/total in %):
97.9% 97.7% 0.4% 0.4% 0.3% 0.2% 0.2% 0.2% 0.1% 0.1%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201203310730.pktlen.png)
detailed numbers
[ 32- 63]: 5480474
[ 64- 127]: 5812309
[ 128- 255]: 1074992
[ 256- 511]: 404645
[ 512- 1023]: 515946
[ 1024- 2047]: 12284917
Protocol Breakdown
![[protocol breakdown chart]](201203310730.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 25573283 (100.00%) 19392607337 (100.00%) 758.32
ip 24853448 ( 97.19%) 18434182561 ( 95.06%) 741.72
tcp 17083670 ( 66.80%) 14603742131 ( 75.31%) 854.84
http(s) 5737190 ( 22.43%) 7778231500 ( 40.11%) 1355.76
http(c) 2697388 ( 10.55%) 242926196 ( 1.25%) 90.06
squid 58281 ( 0.23%) 37953865 ( 0.20%) 651.22
smtp 27534 ( 0.11%) 4269581 ( 0.02%) 155.07
nntp 2 ( 0.00%) 120 ( 0.00%) 60.00
ftp 4041 ( 0.02%) 379739 ( 0.00%) 93.97
pop3 1340 ( 0.01%) 280100 ( 0.00%) 209.03
imap 1368 ( 0.01%) 227768 ( 0.00%) 166.50
telnet 770 ( 0.00%) 52922 ( 0.00%) 68.73
ssh 353851 ( 1.38%) 53206912 ( 0.27%) 150.37
dns 2069 ( 0.01%) 257243 ( 0.00%) 124.33
bgp 636 ( 0.00%) 121941 ( 0.00%) 191.73
napster 61 ( 0.00%) 4714 ( 0.00%) 77.28
realaud 19 ( 0.00%) 2465 ( 0.00%) 129.74
rtsp 3 ( 0.00%) 180 ( 0.00%) 60.00
icecast 403 ( 0.00%) 101819 ( 0.00%) 252.65
hotline 13 ( 0.00%) 816 ( 0.00%) 62.77
other 8198698 ( 32.06%) 6485724070 ( 33.44%) 791.07
udp 3887826 ( 15.20%) 2072154205 ( 10.69%) 532.99
dns 256948 ( 1.00%) 53636773 ( 0.28%) 208.75
realaud 18 ( 0.00%) 1754 ( 0.00%) 97.44
halflif 26 ( 0.00%) 2523 ( 0.00%) 97.04
starcra 24 ( 0.00%) 2404 ( 0.00%) 100.17
everque 267 ( 0.00%) 67975 ( 0.00%) 254.59
unreal 391 ( 0.00%) 217901 ( 0.00%) 557.29
quake 8 ( 0.00%) 1129 ( 0.00%) 141.12
cuseeme 1 ( 0.00%) 81 ( 0.00%) 81.00
other 3344535 ( 13.08%) 2000113895 ( 10.31%) 598.02
icmp 1723503 ( 6.74%) 181413817 ( 0.94%) 105.26
ipip 184 ( 0.00%) 19160 ( 0.00%) 104.13
ipsec 22455 ( 0.09%) 13827658 ( 0.07%) 615.79
ip6 2119189 ( 8.29%) 1560341137 ( 8.05%) 736.29
pim 301 ( 0.00%) 18060 ( 0.00%) 60.00
other 16320 ( 0.06%) 2666393 ( 0.01%) 163.38
frag 615519 ( 2.41%) 469484209 ( 2.42%) 762.75
ip6 719835 ( 2.81%) 958424776 ( 4.94%) 1331.45
tcp6 655108 ( 2.56%) 946910121 ( 4.88%) 1445.43
http(s) 4775 ( 0.02%) 3514216 ( 0.02%) 735.96
http(c) 15166 ( 0.06%) 1352486 ( 0.01%) 89.18
smtp 395 ( 0.00%) 131762 ( 0.00%) 333.57
ftp 24 ( 0.00%) 1890 ( 0.00%) 78.75
dns 263 ( 0.00%) 63938 ( 0.00%) 243.11
bgp 94 ( 0.00%) 17062 ( 0.00%) 181.51
other 634391 ( 2.48%) 941828767 ( 4.86%) 1484.62
udp6 38239 ( 0.15%) 7848239 ( 0.04%) 205.24
dns 33953 ( 0.13%) 7393313 ( 0.04%) 217.75
halflif 1 ( 0.00%) 112 ( 0.00%) 112.00
other 4285 ( 0.02%) 454814 ( 0.00%) 106.14
icmp6 26083 ( 0.10%) 3362758 ( 0.02%) 128.93
ip6 84 ( 0.00%) 11412 ( 0.00%) 135.86
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 291 ( 0.00%) 288166 ( 0.00%) 990.26
tcpdump file: 201203310730.dump.gz (568.34 MB)