Scribd Logo
Încărcați

Bine ați venit la Scribd!

  • Lab03 Tcpupd CN Spring2017

    Încărcat de

    Hamas Rahman
    44 vizualizări4 pagini
    tcp lab 03

    Titlu original

    Lab03 Tcpupd Cn Spring2017

    Drepturi de autor

    © © All Rights Reserved

    Formate disponibile

    PDF, TXT sau citiți online pe Scribd

    Vi se pare util acest document?

    Este necorespunzător acest conținut?

    Raportați acest document
    tcp lab 03

    Drepturi de autor:

    © All Rights Reserved
    Descărcați ca PDF, TXT sau citiți online pe Scribd
    Indicator pentru conținut neadecvat
    44 vizualizări4 pagini

    Lab03 Tcpupd CN Spring2017

    Încărcat de

    Hamas Rahman
    tcp lab 03

    Drepturi de autor:

    © All Rights Reserved
    Descărcați ca PDF, TXT sau citiți online pe Scribd
    Indicator pentru conținut neadecvat
    din 4

    Wireshark Lab 04:

    Transport Protocols

    Question 1 | UDP
    To answer the following question, first capture some DNS packets generated by
    ordinary Web-surfing activity. This will allow you to capture UDP traffic.

    1) Select one packet. From this packet, determine how many fields there are in
    the UDP header. Name these fields and provide the hexadecimal value of each
    field.

    2) What are the source and destination port numbers, in both decimal and
    hexadecimal format?

    3) What is the value in the UDP Length field in both decimal and hexadecimal.
    Does this value include the UDP header or only the payload? (Hint: Compare
    the UDP datagram length value to the IP packet Length field.)

    4) What is the protocol number for UDP? Give your answer in both hexadecimal
    and decimal notation. (You need to look into the IP header.)

    5) Examine a pair of UDP packets carrying a DNS query and it associated


    response: the first packet is sent by your host and the second packet is a reply
    to the first packet. Describe the relationship between the port numbers in the
    two packets.

    Question 2 | TCP
    In this question, we examine a trace of the TCP transfer of a file using the HTTP
    POST method from your computer to a remote server. To obtain the trace of the
    TCP segments sent and received from your computer, do the following:

    - Start up your web browser.

    - Go the http://gaia.cs.umass.edu/wiresharklabs/alice.txt and retrieve an ASCII


    copy of Alice in Wonderland.

    - Store this file somewhere on your computer.

    - Next go to http://gaia.cs.umass.edu/wireshark-labs/TCP-wireshark-file1.html

    CSCI-SHU 308-001 1 NYU Shanghai


    - Use the Browse button in this form to enter the name of the file (full path
    name) on your computer containing Alice in Wonderland (or do so manually).
    Dont yet press the Upload alice.txt file button.

    - Now start up Wireshark and begin packet capture.

    - Returning to your browser, press the Upload alice.txt file button to upload
    the file to the gaia.cs.umass.edu server. Once the file has been uploaded, a
    short congratulations message will be displayed in your browser window.

    - Stop Wireshark packet capture and start analyzing your Wireshark trace file.

    Filter the packets displayed in the Wireshark window by entering tcp


    (lowercase, no quotes, and dont forget to press return after entering) into the
    display filter specification window.

    What you should see is a long series of TCP segments between your computer
    and gaia.cs.umass.edu. You should see the initial three-way handshake containing
    a SYN message. Toward the end of the capture, you should see an HTTP POST
    message inside a TCP segment followed by a series of TCP segments being sent
    from your computer to gaia.cs.umass.edu, as well as ACKs being returned from
    gaia.cs.umass.edu.

    Answer the following questions for the TCP segments:

    Locate the SYN segments sent by your computer to gaia.cs.umass.edu and answer
    the following questions:

    6) Depending on the browser you are using, you should see two back-to-back
    TCP SYN sent by your computer using consecutive source port numbers.
    Which TCP connection is used later to upload the file? Explain why would
    some browsers open two connections instead of one?

    7) What is the IP address and TCP port number used by gaia.cs.umass.edu?

    8) What is the IP address and TCP port number used by your client computer
    (source) to transfer the file to gaia.cs.umass.edu?

    9) What is the sequence number of the TCP SYN segment that is used to initiate
    the TCP connection between the client computer and gaia.cs.umass.edu?

    10) What is it in the segment that identifies the segment as a SYN segment?

    11) What is the size of the options carried by the SYN segment?

    12) What is the size of the maximal size of the segments that your computer can
    receive?

    13) What is the size of the first window advertised by you computer? Is this value
    consistent with the value carried in the Window field of the TCP header?

    CSCI-SHU 308-001 2 NYU Shanghai


    Locate the SYN-ACK segment sent by gaia.cs.umass.edu in response to the SYN
    segment and answer the following question:

    14) What is the sequence number of the SYN-ACK segment sent by


    gaia.cs.umass.edu to the client computer in reply to the SYN identified in
    Question 6?

    15) What is the value of the ACKnowledgement field in the SYN-ACK segment?
    How did gaia.cs.umass.edu determine that value?

    16) What is it in the segment that identifies the segment as a SYN-ACK segment?

    17) What is the size of the options carried in the SYN-ACK segment?

    18) What is the size of the MSS that gaia.cs.umass.edu can receive?

    19) What is the size of the window advertised by gaia.cs.umass.edu? Compare


    this value to the one advertised by your computer. Explain the discrepancy
    between these two values.

    Locate the ACK segment sent to gaia.cs.umass.edu in response to the SYN-ACK


    message previously received by your computer.

    20) What is the size of the options carried by the ACK segment?

    21) What is the RTT value calculated for your computer? (Hint: use the Time
    column in the capture window.)

    Locate the HTTP POST message sent by your computer to upload Alice.txt. You
    may filter the packets displayed in the Wireshark window by entering http into
    the display filter specification window.

    22) What is the sequence number of the TCP segment containing the HTTP POST
    command?

    Consider the TCP segment containing the HTTP POST as the first six segments
    in the TCP connection. (To disable TCP segments reassembly, go to
    Preferences>Protocols>tcp and uncheck Allow subdissector to reassemble TCP
    streamls.)

    23) What are the sequence numbers of the first six segments in the TCP
    connection (including the segment containing the HTTP POST)?

    24) At what time was each segment sent?

    25) When was the ACK for each segment received?

    26) Do you see evidence of the use of cumulative ACKs in your trace? Explain.

    27) Given the difference between when each TCP segment was sent, and when its
    acknowledgement was received, what is the RTT value for each of the six
    segments?

    CSCI-SHU 308-001 3 NYU Shanghai


    28) What is the minimum amount of available buffer space advertised at the
    receiver for the entire trace? Does the lack of receiver buffer space ever
    throttle the sender?

    29) For which segment sent from gaia.cs.umass.edu will the value of the
    Sequence Number field change? Explain.

    30) Are there any retransmitted segments in the trace file? What did you check for
    (in the trace) in order to answer this question?

    31) How much data does the receiver typically acknowledge in an ACK? Can you
    identify cases where the receiver is ACKing every other received segment?
    Explain.

    CSCI-SHU 308-001 4 NYU Shanghai

    S-ar putea să vă placă și