Wireshark Lab: TCP v7.0
Answer the following questions, by opening the Wireshark captured packet file tcpethereal-trace-1 in http://gaia.cs.umass.edu/wireshark-labs/wireshark-traces.zip (that is
download the trace and open that trace in Wireshark; see footnote 2). Whenever possible,
when answering a question you should hand in a printout of the packet(s) within the trace
that you used to answer the question asked. Annotate the printout3 to explain your
answer. To print a packet, use File->Print, choose Selected packet only, choose Packet
summary line, and select the minimum amount of packet detail that you need to answer
the question.
1. What is the IP address and TCP port number used by the client computer (source)
that is transferring the file to gaia.cs.umass.edu? To answer this question, it’s
probably easiest to select an HTTP message and explore the details of the TCP
packet used to carry this HTTP message, using the “details of the selected packet
header window” (refer to Figure 2 in the “Getting Started with Wireshark” Lab if
you’re uncertain about the Wireshark windows.
The IP address is 192.168.1.102. The TCP port number is 1161
If you have been able to create your own trace, answer the following question
2.What is the IP address of gaia.cs.umass.edu? On what port number is it sending and receiving TCP segments for this connection?
The IP address is 128.119.245.12. The port number is 80.
3.What is the IP address and TCP port number used by your client computer (source) to transfer the file to gaia.cs.umass.edu?
The IP address is 10.63.206.180. The port number is 25424.
4. What is the sequence number of the TCP SYN segment that is used to initiate the TCP connection between the client computer and gaia.cs.umass.edu? What is it in the segment that identifies the segment as a SYN segment?
Sequence number of the TCP SYN segment: 0. It was the SYN falg which is set to 1 that identifies the segment as a SYN segment
5. What is the sequence number of the SYNACK segment sent by gaia.cs.umass.edu to the client computer in reply to the SYN? What is the value of the Acknowledgement field in the SYNACK segment? How did gaia.cs.umass.edu determine that value? What is it in the segment that identifies the segment as a SYNACK segment?
Sequence number of the SYNACK segment: 0.
The value of the acknowledgement field: 1 (which is the sequence number of SYN plus 1)
It was the SYN falg which is set to 1 that identifies the segment as a SYN segment
6. What is the sequence number of the TCP segment containing the HTTP POST command? Note that in order to find the POST command, you’ll need to dig into the packet content field at the bottom of the Wireshark window, looking for a segment with a “POST” within its DATA field.
Sequence number of the TCP segment containing POST command: 1
7. Consider the TCP segment containing the HTTP POST as the first segment in the TCP connection. What are the sequence numbers of the first six segments in the TCP connection (including the segment containing the HTTP POST)? At what time was each segment sent? When was the ACK for each segment received? Given the difference between when each TCP segment was sent, and when its acknowledgement was received, what is the RTT value for each of the six segments? What is the EstimatedRTT value (see Section 3.5.3, page 242 in text) after the receipt of each ACK? Assume that the value of the EstimatedRTT is equal to the measured RTT for the first segment, and then is computed using the EstimatedRTT equation on page 242 for all subsequent segments.
Note: Wireshark has a nice feature that allows you to plot the RTT for
each of the TCP segments sent. Select a TCP segment in the “listing of
captured packets” window that is being sent from the client to the
gaia.cs.umass.edu server. Then select: Statistics->TCP Stream Graph->Round Trip Time Graph.
E
s
t
i
m
a
t
e
d
R
T
T
=
7
8
L
a
s
t
  
E
s
t
i
m
a
t
e
d
R
T
T
+
1
8
S
a
m
p
l
e
  
R
T
T
EstimatedRTT = \frac{7}{8}Last\;EstimatedRTT + \frac{1}{8}Sample\;RTT
EstimatedRTT=87LastEstimatedRTT+81SampleRTT
8. What is the length of each of the first six TCP segments?
See the table above.
9. What is the minimum amount of available buffer space advertised at the received for the entire trace? Does the lack of receiver buffer space ever throttle the sender?
The receiver window size grows steadily til a maximum sindow size comes.
No throttle is made due to the lack of buffer space.
10. Are there any retransmitted segments in the trace file? What did you check for (in the trace) in order to answer this question?
There is no retransmmited segment inthe trace file.
We just need to chekc the sequence numbers of the trace file.
All sequence numbers are in ascending order, which indicates that there is no retransmitted segment.
11.How much data does the receiver typically acknowledge in an ACK? Can you identify cases where the receiver is ACKing every other received segment (seeTable 3.2 on page 250 in the text).
12. What is the throughput (bytes transferred per unit time) for the TCP connection? Explain how you calculated this value.
164090/5.4294=30.222
13. Use the Time-Sequence-Graph(Stevens) plotting tool to view the sequence number versus time plot of segments being sent from the client to the gaia.cs.umass.edu server. Can you identify where TCP’s slowstart phase begins and ends, and where congestion avoidance takes over? Comment on ways in which the measured data differs from the idealized behavior of TCP that we’ve studied in the text.
To be continue
14. Answer each of two questions above for the trace that you have gathered when you transferred a file from your computer to gaia.cs.umass.edu
To be continue
本文内容由网友自发贡献,版权归原作者所有,本站不承担相应法律责任。如您发现有涉嫌抄袭侵权的内容,请联系:hwhale#tublm.com(使用前将#替换为@)
