Traffic Trace Info
DumpFile: 201203310930.dump
FileSize: 1932.51MB
Id: 201203310930
StartTime: Sat Mar 31 09:30:00 2012
EndTime: Sat Mar 31 09:45:01 2012
TotalTime: 900.36 seconds
TotalCapSize: 1510.22MB CapLen: 96 bytes
# of packets: 27674181 (20580.50MB)
AvgRate: 191.75Mbps stddev:35.45M
IP flow (unique src/dst pair) Information
# of flows: 1759993 (avg. 15.72 pkts/flow)
Top 10 big flow size (bytes/total in %):
5.2% 3.6% 1.8% 1.8% 1.5% 1.5% 1.4% 1.3% 1.2% 1.2%
IP address Information
# of IPv4 addresses: 1389542
Top 10 bandwidth usage (bytes/total in %):
14.7% 11.1% 8.0% 7.1% 6.1% 5.8% 5.3% 4.4% 4.4% 3.6%
# of IPv6 addresses: 4624
Top 10 bandwidth usage (bytes/total in %):
55.0% 44.7% 14.8% 10.3% 7.8% 5.9% 5.3% 3.9% 3.8% 2.4%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201203310930.pktlen.png)
detailed numbers
[ 32- 63]: 6512974
[ 64- 127]: 5353443
[ 128- 255]: 994539
[ 256- 511]: 536601
[ 512- 1023]: 663054
[ 1024- 2047]: 13613570
Protocol Breakdown
![[protocol breakdown chart]](201203310930.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 27674181 (100.00%) 21580216300 (100.00%) 779.80
ip 27517897 ( 99.44%) 21509147761 ( 99.67%) 781.64
tcp 19399926 ( 70.10%) 17304028621 ( 80.18%) 891.96
http(s) 9766217 ( 35.29%) 13276667603 ( 61.52%) 1359.45
http(c) 4357617 ( 15.75%) 659203642 ( 3.05%) 151.28
squid 102014 ( 0.37%) 71303757 ( 0.33%) 698.96
smtp 30655 ( 0.11%) 4473954 ( 0.02%) 145.95
nntp 18 ( 0.00%) 1122 ( 0.00%) 62.33
ftp 8947 ( 0.03%) 824114 ( 0.00%) 92.11
pop3 1550 ( 0.01%) 329859 ( 0.00%) 212.81
imap 1910 ( 0.01%) 242681 ( 0.00%) 127.06
telnet 774 ( 0.00%) 52666 ( 0.00%) 68.04
ssh 33588 ( 0.12%) 5377786 ( 0.02%) 160.11
dns 4653 ( 0.02%) 469083 ( 0.00%) 100.81
bgp 682 ( 0.00%) 108467 ( 0.00%) 159.04
napster 24 ( 0.00%) 1502 ( 0.00%) 62.58
realaud 28 ( 0.00%) 2541 ( 0.00%) 90.75
rtsp 529 ( 0.00%) 40676 ( 0.00%) 76.89
icecast 2160 ( 0.01%) 1213412 ( 0.01%) 561.76
hotline 16 ( 0.00%) 1036 ( 0.00%) 64.75
other 5088543 ( 18.39%) 3283714660 ( 15.22%) 645.32
udp 4618289 ( 16.69%) 2465419994 ( 11.42%) 533.84
dns 448533 ( 1.62%) 142766571 ( 0.66%) 318.30
rip 5 ( 0.00%) 320 ( 0.00%) 64.00
realaud 3 ( 0.00%) 306 ( 0.00%) 102.00
halflif 237 ( 0.00%) 46638 ( 0.00%) 196.78
starcra 25 ( 0.00%) 2092 ( 0.00%) 83.68
everque 244 ( 0.00%) 67690 ( 0.00%) 277.42
unreal 43 ( 0.00%) 14514 ( 0.00%) 337.53
quake 7 ( 0.00%) 821 ( 0.00%) 117.29
cuseeme 8 ( 0.00%) 844 ( 0.00%) 105.50
other 3420976 ( 12.36%) 2275635415 ( 10.55%) 665.20
icmp 1644914 ( 5.94%) 170976774 ( 0.79%) 103.94
ipip 185 ( 0.00%) 19270 ( 0.00%) 104.16
ipsec 9674 ( 0.03%) 5030668 ( 0.02%) 520.02
ip6 1843378 ( 6.66%) 1563486777 ( 7.25%) 848.16
pim 235 ( 0.00%) 14100 ( 0.00%) 60.00
other 1296 ( 0.00%) 171557 ( 0.00%) 132.37
frag 1583614 ( 5.72%) 1202350804 ( 5.57%) 759.24
ip6 156284 ( 0.56%) 71068539 ( 0.33%) 454.74
tcp6 91347 ( 0.33%) 58805784 ( 0.27%) 643.76
http(s) 6902 ( 0.02%) 7960966 ( 0.04%) 1153.43
http(c) 16108 ( 0.06%) 1496486 ( 0.01%) 92.90
smtp 1586 ( 0.01%) 567028 ( 0.00%) 357.52
ssh 104 ( 0.00%) 21319 ( 0.00%) 204.99
dns 270 ( 0.00%) 57312 ( 0.00%) 212.27
bgp 94 ( 0.00%) 17599 ( 0.00%) 187.22
other 66283 ( 0.24%) 48685074 ( 0.23%) 734.50
udp6 39841 ( 0.14%) 8591727 ( 0.04%) 215.65
dns 37700 ( 0.14%) 8284397 ( 0.04%) 219.75
starcra 1 ( 0.00%) 107 ( 0.00%) 107.00
unreal 1 ( 0.00%) 104 ( 0.00%) 104.00
quake 4 ( 0.00%) 412 ( 0.00%) 103.00
other 2135 ( 0.01%) 306707 ( 0.00%) 143.66
icmp6 24681 ( 0.09%) 3347360 ( 0.02%) 135.62
ip6 82 ( 0.00%) 11176 ( 0.00%) 136.29
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 303 ( 0.00%) 308412 ( 0.00%) 1017.86
tcpdump file: 201203310930.dump.gz (603.62 MB)