计算机网络
Wireshark Lab: TCP
之前没有仔细看过实验的注脚写的要求,首先我们仔细看一下实验要求,以便更加规范的完成实验
[1]参考图和章节是我们的文本第七版《计算机网络自上而下的方法》,第七版,J.F.Kurose和K.W.Ross,Addison-Wesley/Pearson,2016年。
[2]下载zip文件并解压缩文件tcpethereal-trace-1。此zip文件中的跟踪由运行在作者计算机上的Wireshark收集,同时执行Wireshark实验室中指示的步骤。下载跟踪后,您可以将其加载到Wireshark中,并使用文件下拉菜单查看跟踪,选择打开,然后选择tcp-ethereal-trace-1跟踪文件。http://gaia.cs.umass.edu/wireshark-labs/wireshark-traces.zip
[3]“注释”是什么意思?如果你交一份纸质副本,请突出显示你在打印输出中找到答案的地方,并添加一些文本(最好是用彩笔),注明你在突出显示的内容中发现的内容。如果你交一份电子副本,如果你也能突出显示并注释,那就太好了。
[4]TCP-ethereal-trace-1跟踪文件中的TCP段都小于1460字节。这是因为收集跟踪的计算机有一个以太网卡,该网卡将最大IP数据包的长度限制为1500字节(40字节的TCP/IP头数据和1460字节的TCP有效负载)。此1500字节的值是以太网允许的标准最大长度。如果跟踪表明TCP长度大于1500字节,并且您的计算机正在使用以太网连接,则Wireshark报告的TCP段长度错误;它可能只显示一个较大的TCP段,而不是多个较小的段。您的主机确实可能正在发送多个较小的段,如其接收到的ACK所示。报告的段长度不一致是由于以太网驱动程序和Wireshark软件之间的交互造成的。如果存在这种不一致,建议您使用提供的跟踪文件执行此实验。
1. Capturing a bulk TCP transfer from your computer to a remote server
2. A first look at the captured trace
1. What is the IP address and TCP port number used by the client computer (source) that is transferring the file to gaia.cs.umass.edu? To answer this question, it's probably easiest to select an HTTP message and explore the details of the TCP packet used to carry this HTTP message, using the “details of the selected packet header window” (refer to Figure 2 in the “Getting Started with Wireshark” Lab if you're uncertain about the Wireshark windows.
2. What is the IP address of gaia.cs.umass.edu? On what port number is it sending and receiving TCP segments for this connection?
If you have been able to create your own trace, answer the following question:
3. What is the IP address and TCP port number used by your client computer (source) to transfer the file to gaia.cs.umass.edu?
3. TCP Basics
4. What is the sequence number of the TCP SYN segment that is used to initiate the TCP connection between the client computer and gaia.cs.umass.edu? What is it in the segment that identifies the segment as a SYN segment?
(1)SYN sequence number=0
(2) What is in the red region of the figure above identifies thesegment as a SYN segment.
5. What is the sequence number of the SYNACK segment sent by gaia.cs.umass.edu to the client computer in reply to the SYN? What is the value of the Acknowledgement field in the SYNACK segment? How did gaia.cs.umass.edu determine that value? What is it in the segment that identifies the segment as a SYNACK segment?
(1)SYNACK sequence number =0,ACKnowledgement=1
(2)ACKnowledgement value= initiate sequence number of theTCP SYN segment+1
(3)What is in the red region of the figure above identifies thesegment as a SYN segment.
6. What is the sequence number of the TCP segment containing the HTTP POST command? Note that in order to find the POST command, you'll need to dig into the packet content field at the bottom of the Wireshark window, looking for a segment with a “POST” within its DATA field.
The sequence number of the TCP segment containing theHTTP POST command is 1.
7. Consider the TCP segment containing the HTTP POST as the first segment in the
TCP connection. What are the sequence numbers of the first six segments in the
TCP connection (including the segment containing the HTTP POST)? At what time was each segment sent? When was the ACK for each segment received? Given the difference between when each TCP segment was sent, and when its acknowledgement was received, what is the RTT value for each of the six segments? What is the EstimatedRTT value (see Section 3.5.3, page 242 in text) after the receipt of each ACK? Assume that the value of the
EstimatedRTT is equal to the measured RTT for the first segment, and then is computed using the EstimatedRTT equation on page 242 for all subsequent segments.
Note:Wireshark has a nice feature that allows you to plot the RTT for each of the TCP segments sent. Select a TCP segment in the “listing of captured packets” window that is being sent from the client to the gaia.cs.umass.edu server. Then select: Statistics->TCP Stream Graph>Round Trip Time Graph.
8. What is the length of each of the first six TCP segments?[4]
The length of the first TCP segments (containing the HTTPPOST) is 566 bytes. The length of each of the first five TCP segments is 1460 bytes. The other four TCP segments is 0 bytes
9. What is the minimum amount of available buffer space advertised at the received for the entire trace? Does the lack of receiver buffer space ever throttle the sender?
Figure : Minimum receive window (packet No.2)
10. Are there any retransmitted segments in the trace file? What did you check for (in the trace) in order to answer this question?
There is no retransmitted segments in the trace file.
ln order to answer the question , I checked for the sequencenumbers of the TCP segments in the trace file. In the Time-
Sequence-Graph (Stevens) of this trace, all sequence numbers from192.168.1.102 to 128.119.245.12 are increasing linear and
monotonically.If there is a retransmitted segment, the Time-Sequence-Graph(Stevens) should be different from what we see.
11. How much data does the receiver typically acknowledge in an ACK? Can you identify cases where the receiver is ACKing every other received segment (see Table 3.2 on page 250 in the text).
The receiver typically acknowledged sequence numbers of theACKs are listed in the following table.
| Swement number | Acknowledge sequence number | Acknowledge data | |
| ACK1 | 6 | 566 | 566 |
| ACK2 | 9 | 2026 | 1460 |
| ACK3 | 12 | 3486 | 1460 |
| ACK4 | 14 | 4946 | 1460 |
| ACK5 | 15 | 6406 | 1460 |
| ACK6 | 16 | 7866 | 1460 |
| ACK7 | 17 | 9013 | 1147 |
| ACK8 | 24 | 10473 | 1460 |
| ACK9 | 25 | 11933 | 1460 |
| ACK10 | 26 | 13393 | 1460 |
| ACK11 | 27 | 14853 | 1460 |
| ACK12 | 28 | 16313 | 1460 |
12. What is the throughput (bytes transferred per unit time) for the TCP connection? Explain how you calculated this value.
The TCP connection started to transmit data at segment 4,and end insegment 202.We can see from the figure bellow:
data1=1 byte
t1=0.026477
data2=164091 bytes
t2=5.455830
total data=164091-1=164090 bytes
it takes time: total time= 5.455830-0.026477=5.429353 secondsSo the throughput for the TCP connection is calculated as164090/5.4294353=30.222 KByte/sec
4. TCP congestion control in action
13. Use the Time-Sequence-Graph(Stevens) plotting tool to view the sequence number versus time plot of segments being sent from the client to the gaia.cs.umass.edu server. Can you identify where TCP's slowstart phase begins and ends, and where congestion avoidance takes over? Comment on ways in which the measured data differs from the idealized behavior of TCP that we've studied in the text.
We can see from the figure above(Time-Sequence-Graph(Stevens))that the TCP Slow Start begins at the start of the connection. Theidentification of the TCP slow start phase and congestion avoidancephase depends on the value of the congestion window size of this TCPsender. So once we know the congestion window size of this TCPsender,we can tell easily where TCP's slow ends and wherecongestion avoidance takes over.
When answering the previous question,we can know that theTCP window size is larger than 8192 Bytes. But there is no data sentmore than 8192 Bytes. It indicates before the end of the start phase,the application already stops transmitting . That is to say, the TCP'sslow ends and congestion avoidance haven’t taken place.
14. Answer each of two questions above for the trace that you have gathered when you transferred a file from your computer to gaia.cs.umass.edu
933
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
