Traffic Trace Info
DumpFile: 201203311630.dump
FileSize: 2653.71MB
Id: 201203311630
StartTime: Sat Mar 31 16:30:00 2012
EndTime: Sat Mar 31 16:45:01 2012
TotalTime: 900.78 seconds
TotalCapSize: -2011.23MB CapLen: 96 bytes
# of packets: 37285421 (29662.82MB)
AvgRate: 276.21Mbps stddev:61.46M
IP flow (unique src/dst pair) Information
# of flows: 1894556 (avg. 19.68 pkts/flow)
Top 10 big flow size (bytes/total in %):
4.2% 3.1% 3.0% 2.8% 2.5% 2.1% 2.0% 1.7% 1.5% 1.4%
IP address Information
# of IPv4 addresses: 1431678
Top 10 bandwidth usage (bytes/total in %):
15.4% 14.4% 8.3% 6.0% 4.8% 4.6% 4.6% 4.3% 3.9% 3.1%
# of IPv6 addresses: 5953
Top 10 bandwidth usage (bytes/total in %):
30.4% 27.0% 20.0% 9.8% 9.8% 7.0% 6.2% 5.9% 5.8% 5.8%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201203311630.pktlen.png)
detailed numbers
[ 32- 63]: 7762303
[ 64- 127]: 7072599
[ 128- 255]: 1102013
[ 256- 511]: 724974
[ 512- 1023]: 983220
[ 1024- 2047]: 19640312
Protocol Breakdown
![[protocol breakdown chart]](201203311630.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 37285421 (100.00%) 31103718110 (100.00%) 834.21
ip 37120359 ( 99.56%) 31017177980 ( 99.72%) 835.58
tcp 30270647 ( 81.19%) 28157842241 ( 90.53%) 930.20
http(s) 15716097 ( 42.15%) 21391027912 ( 68.77%) 1361.09
http(c) 7076984 ( 18.98%) 1369291490 ( 4.40%) 193.49
squid 97879 ( 0.26%) 78051578 ( 0.25%) 797.43
smtp 32902 ( 0.09%) 4793545 ( 0.02%) 145.69
nntp 12 ( 0.00%) 748 ( 0.00%) 62.33
ftp 16783 ( 0.05%) 1373992 ( 0.00%) 81.87
pop3 1918 ( 0.01%) 565551 ( 0.00%) 294.86
imap 673 ( 0.00%) 111244 ( 0.00%) 165.30
telnet 8466 ( 0.02%) 617785 ( 0.00%) 72.97
ssh 1150740 ( 3.09%) 1339491957 ( 4.31%) 1164.03
dns 2030 ( 0.01%) 146839 ( 0.00%) 72.33
bgp 620 ( 0.00%) 112621 ( 0.00%) 181.65
napster 47 ( 0.00%) 5097 ( 0.00%) 108.45
realaud 178 ( 0.00%) 26314 ( 0.00%) 147.83
icecast 889 ( 0.00%) 131966 ( 0.00%) 148.44
hotline 18 ( 0.00%) 1166 ( 0.00%) 64.78
other 6164400 ( 16.53%) 3972091358 ( 12.77%) 644.36
udp 3118431 ( 8.36%) 1229272410 ( 3.95%) 394.20
dns 430326 ( 1.15%) 107998241 ( 0.35%) 250.97
rip 1 ( 0.00%) 72 ( 0.00%) 72.00
realaud 22 ( 0.00%) 2383 ( 0.00%) 108.32
halflif 23 ( 0.00%) 2525 ( 0.00%) 109.78
starcra 26 ( 0.00%) 6970 ( 0.00%) 268.08
everque 329 ( 0.00%) 79705 ( 0.00%) 242.26
unreal 308 ( 0.00%) 205901 ( 0.00%) 668.51
quake 12 ( 0.00%) 1533 ( 0.00%) 127.75
other 2675283 ( 7.18%) 1120215511 ( 3.60%) 418.73
icmp 1911735 ( 5.13%) 150514130 ( 0.48%) 78.73
ipip 184 ( 0.00%) 19160 ( 0.00%) 104.13
ipsec 5740 ( 0.02%) 2226952 ( 0.01%) 387.97
ip6 1715151 ( 4.60%) 1438233644 ( 4.62%) 838.55
pim 448 ( 0.00%) 26880 ( 0.00%) 60.00
other 98023 ( 0.26%) 39042563 ( 0.13%) 398.30
frag 29179 ( 0.08%) 22309311 ( 0.07%) 764.57
ip6 165062 ( 0.44%) 86540130 ( 0.28%) 524.29
tcp6 83213 ( 0.22%) 70489658 ( 0.23%) 847.10
http(s) 23183 ( 0.06%) 32630231 ( 0.10%) 1407.51
http(c) 24845 ( 0.07%) 2214527 ( 0.01%) 89.13
smtp 34 ( 0.00%) 14219 ( 0.00%) 418.21
ftp 88 ( 0.00%) 9969 ( 0.00%) 113.28
dns 340 ( 0.00%) 66214 ( 0.00%) 194.75
bgp 92 ( 0.00%) 14267 ( 0.00%) 155.08
other 34631 ( 0.09%) 35540231 ( 0.11%) 1026.25
udp6 52210 ( 0.14%) 11623237 ( 0.04%) 222.62
dns 45108 ( 0.12%) 10728802 ( 0.03%) 237.85
realaud 1 ( 0.00%) 102 ( 0.00%) 102.00
halflif 1 ( 0.00%) 101 ( 0.00%) 101.00
everque 2 ( 0.00%) 229 ( 0.00%) 114.50
quake 1 ( 0.00%) 120 ( 0.00%) 120.00
other 7097 ( 0.02%) 893883 ( 0.00%) 125.95
icmp6 28834 ( 0.08%) 3827131 ( 0.01%) 132.73
ip6 84 ( 0.00%) 11412 ( 0.00%) 135.86
pim6 31 ( 0.00%) 4216 ( 0.00%) 136.00
other6 690 ( 0.00%) 584476 ( 0.00%) 847.07
tcpdump file: 201203311630.dump.gz (827.57 MB)