Traffic Trace Info
DumpFile: 201203061400.dump
FileSize: 2092.03MB
Id: 201203061400
StartTime: Tue Mar 6 14:00:00 2012
EndTime: Tue Mar 6 14:15:00 2012
TotalTime: 899.73 seconds
TotalCapSize: 1654.12MB CapLen: 96 bytes
# of packets: 28698033 (19675.78MB)
AvgRate: 183.43Mbps stddev:42.29M
IP flow (unique src/dst pair) Information
# of flows: 802045 (avg. 35.78 pkts/flow)
Top 10 big flow size (bytes/total in %):
3.1% 2.4% 2.0% 1.5% 1.3% 1.2% 1.2% 1.2% 1.1% 1.1%
IP address Information
# of IPv4 addresses: 477967
Top 10 bandwidth usage (bytes/total in %):
11.5% 5.7% 5.6% 4.2% 3.9% 3.7% 3.2% 3.2% 3.1% 2.9%
# of IPv6 addresses: 5898
Top 10 bandwidth usage (bytes/total in %):
36.9% 22.4% 20.1% 14.0% 11.5% 8.4% 7.1% 4.8% 3.0% 2.7%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201203061400.pktlen.png)
detailed numbers
[ 32- 63]: 5328516
[ 64- 127]: 7584762
[ 128- 255]: 1573446
[ 256- 511]: 857154
[ 512- 1023]: 889810
[ 1024- 2047]: 12464345
Protocol Breakdown
![[protocol breakdown chart]](201203061400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 28698033 (100.00%) 20631547424 (100.00%) 718.92
ip 28329498 ( 98.72%) 20443926772 ( 99.09%) 721.65
tcp 23964753 ( 83.51%) 18759909943 ( 90.93%) 782.81
http(s) 10763368 ( 37.51%) 14412823694 ( 69.86%) 1339.06
http(c) 6229663 ( 21.71%) 1102467500 ( 5.34%) 176.97
squid 720658 ( 2.51%) 769440296 ( 3.73%) 1067.69
smtp 115147 ( 0.40%) 56380101 ( 0.27%) 489.64
ftp 22285 ( 0.08%) 11731615 ( 0.06%) 526.44
pop3 16224 ( 0.06%) 11663501 ( 0.06%) 718.90
imap 2618 ( 0.01%) 832959 ( 0.00%) 318.17
telnet 2152 ( 0.01%) 178668 ( 0.00%) 83.02
ssh 2499630 ( 8.71%) 410931488 ( 1.99%) 164.40
dns 15246 ( 0.05%) 3927938 ( 0.02%) 257.64
bgp 689 ( 0.00%) 170947 ( 0.00%) 248.11
napster 81 ( 0.00%) 5274 ( 0.00%) 65.11
realaud 15 ( 0.00%) 994 ( 0.00%) 66.27
rtsp 15500 ( 0.05%) 19313390 ( 0.09%) 1246.03
icecast 80797 ( 0.28%) 51010665 ( 0.25%) 631.34
hotline 11 ( 0.00%) 780 ( 0.00%) 70.91
other 3480669 ( 12.13%) 1909030133 ( 9.25%) 548.47
udp 2144037 ( 7.47%) 863300815 ( 4.18%) 402.65
dns 621199 ( 2.16%) 144409556 ( 0.70%) 232.47
rip 3 ( 0.00%) 272 ( 0.00%) 90.67
realaud 7 ( 0.00%) 594 ( 0.00%) 84.86
halflif 50 ( 0.00%) 8481 ( 0.00%) 169.62
starcra 16 ( 0.00%) 2516 ( 0.00%) 157.25
everque 3140 ( 0.01%) 2963224 ( 0.01%) 943.70
unreal 11 ( 0.00%) 2091 ( 0.00%) 190.09
quake 10 ( 0.00%) 1009 ( 0.00%) 100.90
cuseeme 3 ( 0.00%) 248 ( 0.00%) 82.67
other 1519556 ( 5.29%) 715889559 ( 3.47%) 471.12
icmp 597147 ( 2.08%) 60709678 ( 0.29%) 101.67
ipip 184 ( 0.00%) 19160 ( 0.00%) 104.13
ipsec 105588 ( 0.37%) 21120888 ( 0.10%) 200.03
ip6 1499079 ( 5.22%) 725246289 ( 3.52%) 483.79
other 18710 ( 0.07%) 13619999 ( 0.07%) 727.95
frag 18357 ( 0.06%) 13664725 ( 0.07%) 744.39
ip6 368535 ( 1.28%) 187620652 ( 0.91%) 509.10
tcp6 206949 ( 0.72%) 90179513 ( 0.44%) 435.76
http(s) 27670 ( 0.10%) 36506303 ( 0.18%) 1319.35
http(c) 72206 ( 0.25%) 6102785 ( 0.03%) 84.52
smtp 125 ( 0.00%) 78658 ( 0.00%) 629.26
ftp 25 ( 0.00%) 2307 ( 0.00%) 92.28
ssh 497 ( 0.00%) 135142 ( 0.00%) 271.92
dns 375 ( 0.00%) 70637 ( 0.00%) 188.37
bgp 92 ( 0.00%) 15188 ( 0.00%) 165.09
other 105959 ( 0.37%) 47268493 ( 0.23%) 446.10
udp6 132995 ( 0.46%) 89533619 ( 0.43%) 673.21
dns 67506 ( 0.24%) 19177810 ( 0.09%) 284.09
everque 1 ( 0.00%) 117 ( 0.00%) 117.00
quake 2 ( 0.00%) 208 ( 0.00%) 104.00
other 65486 ( 0.23%) 70355484 ( 0.34%) 1074.36
icmp6 22219 ( 0.08%) 3324754 ( 0.02%) 149.64
ip6 85 ( 0.00%) 11580 ( 0.00%) 136.24
pim6 31 ( 0.00%) 4216 ( 0.00%) 136.00
other6 6256 ( 0.02%) 4566970 ( 0.02%) 730.01
tcpdump file: 201203061400.dump.gz (721.55 MB)