Traffic Trace Info
DumpFile: 201203251400.dump
FileSize: 2754.75MB
Id: 201203251400
StartTime: Sun Mar 25 14:00:00 2012
EndTime: Sun Mar 25 14:15:00 2012
TotalTime: 899.93 seconds
TotalCapSize: -1939.97MB CapLen: 96 bytes
# of packets: 39236776 (28748.16MB)
AvgRate: 268.04Mbps stddev:49.89M
IP flow (unique src/dst pair) Information
# of flows: 3171507 (avg. 12.37 pkts/flow)
Top 10 big flow size (bytes/total in %):
4.3% 3.0% 2.5% 2.3% 2.2% 1.9% 1.3% 1.1% 1.1% 1.1%
IP address Information
# of IPv4 addresses: 2061540
Top 10 bandwidth usage (bytes/total in %):
20.5% 15.4% 8.6% 6.2% 5.2% 5.0% 4.5% 3.0% 2.9% 2.7%
# of IPv6 addresses: 5217
Top 10 bandwidth usage (bytes/total in %):
85.1% 84.4% 13.0% 12.9% 0.5% 0.3% 0.1% 0.1% 0.1% 0.1%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201203251400.pktlen.png)
detailed numbers
[ 32- 63]: 10328550
[ 64- 127]: 7506753
[ 128- 255]: 948294
[ 256- 511]: 608053
[ 512- 1023]: 700465
[ 1024- 2047]: 19144661
Protocol Breakdown
![[protocol breakdown chart]](201203251400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 39236776 (100.00%) 30144630184 (100.00%) 768.27
ip 38324601 ( 97.68%) 29082562966 ( 96.48%) 758.85
tcp 26586137 ( 67.76%) 23333085020 ( 77.40%) 877.64
http(s) 12248982 ( 31.22%) 17132281725 ( 56.83%) 1398.67
http(c) 4927289 ( 12.56%) 546906493 ( 1.81%) 111.00
squid 753699 ( 1.92%) 881117487 ( 2.92%) 1169.06
smtp 33549 ( 0.09%) 5314484 ( 0.02%) 158.41
ftp 17240 ( 0.04%) 1423274 ( 0.00%) 82.56
pop3 3174 ( 0.01%) 1913389 ( 0.01%) 602.83
imap 1257 ( 0.00%) 544697 ( 0.00%) 433.33
telnet 11969 ( 0.03%) 868226 ( 0.00%) 72.54
ssh 154441 ( 0.39%) 29101878 ( 0.10%) 188.43
dns 5503 ( 0.01%) 461077 ( 0.00%) 83.79
bgp 646 ( 0.00%) 130001 ( 0.00%) 201.24
napster 62 ( 0.00%) 7241 ( 0.00%) 116.79
realaud 1783 ( 0.00%) 1530561 ( 0.01%) 858.42
rtsp 4 ( 0.00%) 240 ( 0.00%) 60.00
icecast 16432 ( 0.04%) 12193127 ( 0.04%) 742.04
hotline 40 ( 0.00%) 2995 ( 0.00%) 74.88
other 8410065 ( 21.43%) 4719288005 ( 15.66%) 561.15
udp 6331214 ( 16.14%) 3977057097 ( 13.19%) 628.17
dns 406406 ( 1.04%) 86903457 ( 0.29%) 213.83
realaud 62 ( 0.00%) 6866 ( 0.00%) 110.74
halflif 135 ( 0.00%) 22948 ( 0.00%) 169.99
starcra 12 ( 0.00%) 1080 ( 0.00%) 90.00
everque 3339 ( 0.01%) 2291137 ( 0.01%) 686.17
unreal 11 ( 0.00%) 1186 ( 0.00%) 107.82
quake 646 ( 0.00%) 40421 ( 0.00%) 62.57
cuseeme 2 ( 0.00%) 184 ( 0.00%) 92.00
other 5675900 ( 14.47%) 3873098099 ( 12.85%) 682.38
icmp 3000732 ( 7.65%) 208824248 ( 0.69%) 69.59
ipip 185 ( 0.00%) 19270 ( 0.00%) 104.16
ipsec 2058 ( 0.01%) 549116 ( 0.00%) 266.82
ip6 2382912 ( 6.07%) 1558105335 ( 5.17%) 653.87
pim 297 ( 0.00%) 17820 ( 0.00%) 60.00
other 21066 ( 0.05%) 4905060 ( 0.02%) 232.84
frag 1314828 ( 3.35%) 1003456971 ( 3.33%) 763.18
ip6 912175 ( 2.32%) 1062067218 ( 3.52%) 1164.32
tcp6 836834 ( 2.13%) 1046861809 ( 3.47%) 1250.98
http(s) 4280 ( 0.01%) 4141474 ( 0.01%) 967.63
http(c) 13165 ( 0.03%) 1145432 ( 0.00%) 87.01
smtp 76 ( 0.00%) 40656 ( 0.00%) 534.95
ftp 175 ( 0.00%) 15952 ( 0.00%) 91.15
dns 483 ( 0.00%) 70596 ( 0.00%) 146.16
bgp 97 ( 0.00%) 17415 ( 0.00%) 179.54
hotline 4 ( 0.00%) 304 ( 0.00%) 76.00
other 818554 ( 2.09%) 1041429980 ( 3.45%) 1272.28
udp6 43340 ( 0.11%) 10405107 ( 0.03%) 240.08
dns 41815 ( 0.11%) 10205220 ( 0.03%) 244.06
realaud 2 ( 0.00%) 192 ( 0.00%) 96.00
everque 2 ( 0.00%) 207 ( 0.00%) 103.50
quake 1 ( 0.00%) 119 ( 0.00%) 119.00
other 1520 ( 0.00%) 199369 ( 0.00%) 131.16
icmp6 31453 ( 0.08%) 4357386 ( 0.01%) 138.54
ip6 83 ( 0.00%) 11294 ( 0.00%) 136.07
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 435 ( 0.00%) 427542 ( 0.00%) 982.86
tcpdump file: 201203251400.dump.gz (854.89 MB)