Traffic Trace Info
DumpFile: 201203311645.dump
FileSize: 2559.06MB
Id: 201203311645
StartTime: Sat Mar 31 16:45:01 2012
EndTime: Sat Mar 31 17:00:00 2012
TotalTime: 899.69 seconds
TotalCapSize: 2020.31MB CapLen: 96 bytes
# of packets: 35307535 (28660.81MB)
AvgRate: 267.11Mbps stddev:68.62M
IP flow (unique src/dst pair) Information
# of flows: 1904499 (avg. 18.54 pkts/flow)
Top 10 big flow size (bytes/total in %):
15.4% 3.8% 3.3% 2.0% 1.9% 1.7% 1.3% 1.2% 1.2% 1.2%
IP address Information
# of IPv4 addresses: 1466277
Top 10 bandwidth usage (bytes/total in %):
18.0% 16.4% 15.6% 11.2% 6.9% 5.4% 4.6% 3.9% 3.4% 3.4%
# of IPv6 addresses: 5869
Top 10 bandwidth usage (bytes/total in %):
49.1% 15.7% 14.5% 11.6% 9.9% 7.1% 5.7% 5.1% 4.9% 3.9%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201203311645.pktlen.png)
detailed numbers
[ 32- 63]: 6243875
[ 64- 127]: 7437774
[ 128- 255]: 1020451
[ 256- 511]: 700189
[ 512- 1023]: 805645
[ 1024- 2047]: 19099601
Protocol Breakdown
![[protocol breakdown chart]](201203311645.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 35307535 (100.00%) 30053032932 (100.00%) 851.18
ip 35170136 ( 99.61%) 29993199083 ( 99.80%) 852.80
tcp 28312781 ( 80.19%) 27052235111 ( 90.01%) 955.48
http(s) 13195215 ( 37.37%) 17962333431 ( 59.77%) 1361.28
http(c) 5897286 ( 16.70%) 1369946355 ( 4.56%) 232.30
squid 54896 ( 0.16%) 39853290 ( 0.13%) 725.98
smtp 33407 ( 0.09%) 5292572 ( 0.02%) 158.43
nntp 7 ( 0.00%) 448 ( 0.00%) 64.00
ftp 7014 ( 0.02%) 1033369 ( 0.00%) 147.33
pop3 1803 ( 0.01%) 565701 ( 0.00%) 313.76
imap 1069 ( 0.00%) 187879 ( 0.00%) 175.75
telnet 5524 ( 0.02%) 404268 ( 0.00%) 73.18
ssh 4024913 ( 11.40%) 4695798459 ( 15.63%) 1166.68
dns 2152 ( 0.01%) 161905 ( 0.00%) 75.23
bgp 616 ( 0.00%) 105337 ( 0.00%) 171.00
napster 246 ( 0.00%) 16206 ( 0.00%) 65.88
realaud 843 ( 0.00%) 586262 ( 0.00%) 695.45
rtsp 28 ( 0.00%) 6346 ( 0.00%) 226.64
icecast 792 ( 0.00%) 104863 ( 0.00%) 132.40
hotline 66 ( 0.00%) 4914 ( 0.00%) 74.45
other 5086900 ( 14.41%) 2975833114 ( 9.90%) 585.00
udp 2979473 ( 8.44%) 1139056897 ( 3.79%) 382.30
dns 437091 ( 1.24%) 109315427 ( 0.36%) 250.10
rip 1 ( 0.00%) 69 ( 0.00%) 69.00
realaud 9 ( 0.00%) 872 ( 0.00%) 96.89
halflif 44 ( 0.00%) 4583 ( 0.00%) 104.16
starcra 143 ( 0.00%) 31208 ( 0.00%) 218.24
everque 296 ( 0.00%) 84044 ( 0.00%) 283.93
unreal 167 ( 0.00%) 87590 ( 0.00%) 524.49
quake 13 ( 0.00%) 1537 ( 0.00%) 118.23
cuseeme 18 ( 0.00%) 1858 ( 0.00%) 103.22
other 2540628 ( 7.20%) 1029436787 ( 3.43%) 405.19
icmp 1755970 ( 4.97%) 141502697 ( 0.47%) 80.58
ipip 184 ( 0.00%) 19160 ( 0.00%) 104.13
ipsec 2797 ( 0.01%) 938366 ( 0.00%) 335.49
ip6 2026641 ( 5.74%) 1625266924 ( 5.41%) 801.95
pim 377 ( 0.00%) 22620 ( 0.00%) 60.00
other 91913 ( 0.26%) 34157308 ( 0.11%) 371.63
frag 11571 ( 0.03%) 8927458 ( 0.03%) 771.54
ip6 137399 ( 0.39%) 59833849 ( 0.20%) 435.48
tcp6 56763 ( 0.16%) 44149791 ( 0.15%) 777.79
http(s) 18925 ( 0.05%) 26135410 ( 0.09%) 1381.00
http(c) 19726 ( 0.06%) 1826820 ( 0.01%) 92.61
smtp 116 ( 0.00%) 64758 ( 0.00%) 558.26
ftp 60 ( 0.00%) 8395 ( 0.00%) 139.92
dns 170 ( 0.00%) 27515 ( 0.00%) 161.85
bgp 93 ( 0.00%) 16789 ( 0.00%) 180.53
other 17673 ( 0.05%) 16070104 ( 0.05%) 909.30
udp6 51235 ( 0.15%) 11379831 ( 0.04%) 222.11
dns 44031 ( 0.12%) 10508666 ( 0.03%) 238.67
quake 1 ( 0.00%) 115 ( 0.00%) 115.00
other 7203 ( 0.02%) 871050 ( 0.00%) 120.93
icmp6 28772 ( 0.08%) 3802361 ( 0.01%) 132.15
ip6 84 ( 0.00%) 11462 ( 0.00%) 136.45
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 515 ( 0.00%) 486324 ( 0.00%) 944.32
tcpdump file: 201203311645.dump.gz (786.47 MB)