TCP - Riberiko/Wireshark-Project GitHub Wiki

TCP

Open your browser and type the following URL: http://gaia.cs.umass.edu/wireshark-labs/alice.txt 
Press Ctrl+A to select entire webpage content, press Ctrl+C to copy it, open Notepad and  press  Ctrl+V  to  paste  the  content in  it. Save  it  with  the  name  Alice.txt  in  your computer. 
Empty your browser’s cache once again. 
Type the following URL in your browser: http://gaia.cs.umass.edu/wireshark-labs/TCP-wireshark-file1.html 
Click the “Choose File” button, browse your computer folders and select Alice.txt file from where you have saved it. 
Start capturing the packets using Wireshark tool. 
Returning to your browser, press the “Upload alice.txt file” button to upload the file. You will see a Congratulations message.  
Stop capturing the packets and type tcp in the Wireshark filter text box.

Answer the following questions:

  1. (4 pts) What is the sequence number of the TCP SYN segment which is used to initiate the TCP connection between your host and the server? Which is it in the segment identifies it as a SYN segment? Look for the first packet that has [SYN] identifier. 0, it seems to have a flags attrebute and it looks like 0x002 means SYN
  1. (4 pts) What is the sequence number of the [SYN, ACK] segment sent by the server to your host? What part in the segment identifies it as a SYN ACK segment? What is the acknowledgement number of this segment? 6, the floags attribute 0x012 means SYN, ACK
  1. (4 pts) What is the sequence number of the TCP segment containing HTTP POST command? [Search the list of TCP segments to find the segment containing “POST” in the “info” field or you can search by HTTP] 6
  1. (4 pts) Write the sequence numbers of the first six segments which carry the Alice.txt data. At what time was each of those six segments sent? 1. 6, 9.39 2. 6, 9.46 3. 6, 9.54 4. 6, 9.54 5. 6, 9.61 6. 6, 9.62
  1. (4 pts) Select the first of those six segments, then select Statistics -> TCP Stream Graphs -> Round Trip Time from the Wireshark menu. You will see the RTT plot. Give the screenshot of that plot.

  1. (4 pts) Now select Statistics -> TCP Stream Graphs -> Time Sequence (Stevens) from the Wireshark menu. This plot tells you about the congestion. Give the screenshot of that plot.

  1. (4 pts) Can you identify the beginning and end of TCP’s slow start phases? Where the congestion avoidance takes over? Answer in terms of sequence number. [Hover the mouse on any dot, all information including the sequence number will be shown at the bottom of the plot.]

Excused

Give the screenshot of the portion of the Wireshark’s packet capture window which contains those first six segments.