Documents

WiresharkLab-TCP-Ch3-Sol.pdf

Description
Download WiresharkLab-TCP-Ch3-Sol.pdf
Categories
Published
of 16
All materials on our website are shared by users. If you have any questions about copyright issues, please report us to resolve them. We are always happy to assist you.
Share
Transcript
   1 Wireshark Lab 3 – TCP The following reference answers are based on the trace files provided with the text book, which can be downloaded from the textbook website. TCP Basics Answer the following questions for the TCP segments: 1.   (1 point) What is the IP address and TCP port number used by your client computer (source) to transfer the file to gaia.cs.umass.edu? What is the IP address and port number used by gaia.cs.umass.edu to receive the file. Solution: Client computer (source) IP address: 192.168.1.102  TCP port number: 1161  Destination computer: gaia.cs.umass.edu IP address: 128.119.245.12  TCP port number: 80   Figure 1: IP addresses and TCP port numbers of the client computer (source) and gaia.cs.umass.edu   2 2.   (1 point) What is the sequence number of the TCP SYN segment that is used to initiate the TCP connection between the client computer and gaia.cs.umass.edu? What is it in the segment that identifies the segment as a SYN segment? Solution: Sequence number of the TCP SYN segment is used to initiate the TCP connection between the client computer and gaia.cs.umass.edu. The value is 0 in this trace. The SYN flag is set to 1 and it indicates that this segment is a SYN segment. Figure 2: Sequence number of the TCP SYN segment 3.   (2 points) What is the sequence number of the SYNACK segment sent by gaia.cs.umass.edu to the client computer in reply to the SYN? What is the value of the ACKnowledgement field in the SYNACK segment? How did gaia.cs.umass.edu determine that value? What is it in the segment that identifies the segment as a SYNACK segment? Solution: Sequence number of the SYNACK segment from gaia.cs.umass.edu to the client computer in reply to the SYN has the value of 0 in this trace.   3The value of the ACKnowledgement field in the SYNACK segment is 1. The value of the ACKnowledgement field in the SYNACK segment is determined by gaia.cs.umass.edu  by adding 1 to the initial sequence number of SYN segment from the client computer (i.e. the sequence number of the SYN segment initiated by the client computer is 0.). The SYN flag and Acknowledgement flag in the segment are set to 1 and they indicate that this segment is a SYNACK segment. Figure 3: Sequence number and Acknowledgement number of the SYNACK segment 4.   (1 point) What is the sequence number of the TCP segment containing the HTTP POST command? Note that in order to find the POST command, you’ll need to dig into the packet content field at the bottom of the Wireshark window, looking  for a segment with a “POST” within its DATA field. Solution: No. 4 segment is the TCP segment containing the HTTP POST command. The sequence number of this segment has the value of 1.   4  Figure 4: Sequence number of the TCP segment containing the HTTP POST command 5.   (2 points) Consider the TCP segment containing the HTTP POST as the first segment in the TCP connection. What are the sequence numbers of the first six segments in the TCP connection (including the segment containing the HTTP POST)? At what time was each segment sent? When was the ACK for each segment received? Given the difference between when each TCP segment was sent, and when its acknowledgement was received, what is the RTT value for each of the six segments? What is the EstimatedRTT   value (see page 237 in text) after the receipt of each ACK? Assume that the value of the EstimatedRTT   is equal to the measured RTT for the first segment, and then is computed using the EstimatedRTT   equation on page 249 for all subsequent segments.  Note: Wireshark has a nice feature that allows you to plot the RTT for each of the TCP segments sent. Select a TCP segment in the “listing of captured packets” window that is being sent from the client to the gaia.cs.umass.edu server. Then select: Statistics->TCP Stream Graph->Round Trip Time Graph. Solution: The HTTP POST segment is considered as the first segment. Segments 1 – 6 are No. 4, 5, 7, 8, 10, and 11 in this trace respectively. The ACKs of segments 1 – 6 are  No. 6, 9, 12, 14, 15, and 16 in this trace.
We Need Your Support
Thank you for visiting our website and your interest in our free products and services. We are nonprofit website to share and download documents. To the running of this website, we need your help to support us.

Thanks to everyone for your continued support.

No, Thanks