Computer Networks

Asignment 6
Objectives: Ethereal/Wireshark Usage and Understanding of the Networking Protocols
Due: October 24, 2008
Effort: Individual

1. Understanding of Networking protocols is greatly dependent on the seeing them

in action and playing around with them. The basic and popular tool for observing
the messages exchanged between executing protocol entities is called packet
sniffer. As the name suggest, a packet sniffer passively copies (sniffs) messages
being sent from and received by your computer. It also displays the content of the
various protocol fields of these captures messages. Ethereal/wireshark is a free
packet sniffer that runs on Linux and Windows with equal élan. Download the
version suitable or your own purpose and install it.

2. Ethereal/Wireshark Lab: TCP

2.1 Suppose you are transferring a file from your computer to another machine
(ftp or any available mechanism). Use Ethereal/Wireshark to get the IP
address and port number used by the machine where you are doing the file
transfer?
2.2 What is the sequence number of the TCP SYN segment that isused to
initiate the TCP connection between the client computer and your file
server?
2.3 What is sequence number of SYNACK segment from your file server to
the client computer in reply to SYN? What is the value of the
ACKnowledgement field in SYNACK segment? How did file server
determine this value? What is the segment that identifies the segment as a
SYNACK segment?
2.4 What is sequence number of the TCP segment containing the HTTP POST
command? Note that in order to find the POST command you will need to
dig into the packet content field at the bottom of the packet window,
looking for a segment with “POST” within its DATA field. (In HTTP we
have file transfer taking place for the components of the web objects)
2.5 Consider the TCP segment containing the HTTP POST as the first
segment in the TCP connection. What are the sequence numbers of the first
six segments in the TCP connection (including the segment containing the
HTTP POST)? At what time was each segment sent? When was the ACK
for each segment received? Given the difference between when each TCP
segment was sent, and when its acknowledgement was received, what is
the RTT value for each of the six segments? What is the EstimatedRTT
value after the receipt of each ACK? Assume that the value of the
EstimatedRTT is equal to the measured RTT for the first segment, and
then is computed using the EstimatedRTT for all subsequent segments.
Note: Ethereal has a nice feature that allows you to plot the RTT for each
of the TCP segments sent. Select a TCP segment in the “listing of captured
packets” window that is being sent from the client to the any file server or
web server. Then select: Statistics->TCP Stream Graph->Round Trip Time
Graph.

Page 1
 2.6 Are there any retransmitted segments in the trace file when you are
observing the file transfer? What did you check for (in the trace) in order to
answer this question?
2.7 How much data does the receiver typically acknowledge in an ACK? Can
you identify cases where the receiver is ACKing every other received
segment.

SUBMISSION REQUIREMENTS:

To successfully complete this assignment, you must submit a document containing

the answer in a doc/pdf file. Arrange to add screen shots wherever it is necessary to
make your answers credible.

Mail back only to gaurms@mnit.ac.in and clearly mention in subject line “CN
Assignment 6”.

Page 2