Traffic Trace Info
DumpFile: 201203311130.dump
FileSize: 2202.91MB
Id: 201203311130
StartTime: Sat Mar 31 11:30:00 2012
EndTime: Sat Mar 31 11:45:00 2012
TotalTime: 900.49 seconds
TotalCapSize: 1730.48MB CapLen: 96 bytes
# of packets: 30960698 (24575.85MB)
AvgRate: 228.91Mbps stddev:48.02M
IP flow (unique src/dst pair) Information
# of flows: 1887971 (avg. 16.40 pkts/flow)
Top 10 big flow size (bytes/total in %):
4.7% 3.5% 1.5% 1.4% 1.2% 1.0% 1.0% 0.9% 0.9% 0.8%
IP address Information
# of IPv4 addresses: 1421357
Top 10 bandwidth usage (bytes/total in %):
25.0% 17.3% 6.3% 4.8% 4.8% 4.8% 3.6% 3.5% 3.2% 2.1%
# of IPv6 addresses: 4853
Top 10 bandwidth usage (bytes/total in %):
20.3% 16.7% 15.2% 15.1% 9.8% 6.5% 6.4% 4.6% 3.6% 3.2%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201203311130.pktlen.png)
detailed numbers
[ 32- 63]: 6649330
[ 64- 127]: 5704638
[ 128- 255]: 916978
[ 256- 511]: 572196
[ 512- 1023]: 901948
[ 1024- 2047]: 16215608
Protocol Breakdown
![[protocol breakdown chart]](201203311130.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 30960698 (100.00%) 25769650040 (100.00%) 832.33
ip 30832318 ( 99.59%) 25730855236 ( 99.85%) 834.54
tcp 23759091 ( 76.74%) 22532232144 ( 87.44%) 948.36
http(s) 12944068 ( 41.81%) 17894035278 ( 69.44%) 1382.41
http(c) 4971505 ( 16.06%) 534954097 ( 2.08%) 107.60
squid 126916 ( 0.41%) 90970223 ( 0.35%) 716.78
smtp 28660 ( 0.09%) 4566660 ( 0.02%) 159.34
nntp 6 ( 0.00%) 374 ( 0.00%) 62.33
ftp 7692 ( 0.02%) 701559 ( 0.00%) 91.21
pop3 4212 ( 0.01%) 2394103 ( 0.01%) 568.40
imap 1730 ( 0.01%) 187941 ( 0.00%) 108.64
telnet 90 ( 0.00%) 6138 ( 0.00%) 68.20
ssh 267337 ( 0.86%) 36646226 ( 0.14%) 137.08
dns 5456 ( 0.02%) 594571 ( 0.00%) 108.98
bgp 688 ( 0.00%) 112129 ( 0.00%) 162.98
napster 49 ( 0.00%) 3440 ( 0.00%) 70.20
realaud 436 ( 0.00%) 28206 ( 0.00%) 64.69
icecast 663 ( 0.00%) 122956 ( 0.00%) 185.45
hotline 18 ( 0.00%) 1863 ( 0.00%) 103.50
other 5399563 ( 17.44%) 3966906222 ( 15.39%) 734.67
udp 3264933 ( 10.55%) 1411867952 ( 5.48%) 432.43
dns 483974 ( 1.56%) 149496085 ( 0.58%) 308.89
realaud 9 ( 0.00%) 1368 ( 0.00%) 152.00
halflif 31 ( 0.00%) 3537 ( 0.00%) 114.10
starcra 28 ( 0.00%) 3000 ( 0.00%) 107.14
everque 326 ( 0.00%) 69484 ( 0.00%) 213.14
unreal 13 ( 0.00%) 1762 ( 0.00%) 135.54
quake 12 ( 0.00%) 1244 ( 0.00%) 103.67
cuseeme 2 ( 0.00%) 156 ( 0.00%) 78.00
other 2706607 ( 8.74%) 1257480902 ( 4.88%) 464.60
icmp 1742873 ( 5.63%) 139995495 ( 0.54%) 80.32
ipip 185 ( 0.00%) 19270 ( 0.00%) 104.16
ipsec 3336 ( 0.01%) 1160416 ( 0.00%) 347.85
ip6 2060616 ( 6.66%) 1645440749 ( 6.39%) 798.52
pim 264 ( 0.00%) 15840 ( 0.00%) 60.00
other 1020 ( 0.00%) 123370 ( 0.00%) 120.95
frag 231285 ( 0.75%) 181759473 ( 0.71%) 785.87
ip6 128380 ( 0.41%) 38794804 ( 0.15%) 302.19
tcp6 55742 ( 0.18%) 23388881 ( 0.09%) 419.59
http(s) 3944 ( 0.01%) 3944072 ( 0.02%) 1000.02
http(c) 23804 ( 0.08%) 2083472 ( 0.01%) 87.53
smtp 69 ( 0.00%) 32157 ( 0.00%) 466.04
ftp 92 ( 0.00%) 10451 ( 0.00%) 113.60
dns 203 ( 0.00%) 48411 ( 0.00%) 238.48
bgp 88 ( 0.00%) 13461 ( 0.00%) 152.97
other 27542 ( 0.09%) 17256857 ( 0.07%) 626.57
udp6 43235 ( 0.14%) 9530024 ( 0.04%) 220.42
dns 39876 ( 0.13%) 9101163 ( 0.04%) 228.24
halflif 1 ( 0.00%) 107 ( 0.00%) 107.00
everque 1 ( 0.00%) 96 ( 0.00%) 96.00
quake 1 ( 0.00%) 117 ( 0.00%) 117.00
other 3356 ( 0.01%) 428541 ( 0.00%) 127.69
icmp6 27331 ( 0.09%) 3680226 ( 0.01%) 134.65
ip6 84 ( 0.00%) 11412 ( 0.00%) 135.86
pim6 31 ( 0.00%) 4216 ( 0.00%) 136.00
other6 1957 ( 0.01%) 2180045 ( 0.01%) 1113.97
tcpdump file: 201203311130.dump.gz (688.06 MB)