wireshark analisys network packets protocols details and other
Using Wireshark to View Network Traffic - ccna 1Descripción completa
Wireshark lab
9.2.3.5 Lab - Using Wireshark to Examine a UDP DNS CaptureDescripción completa
Full description
uDescripción completa
3.4.1.2 Lab - Using Wireshark to View Network TrafficDescripción completa
AcademicsFull description
1.) What is the IP address and TCP port number used by the client computer (source) that is transferring the file to gaia.cs.umass.edu? Anser! The IP address and TCP port number of my computer is 1".".".1#$ and port number is %"%&1 as shon in the belo figure 1.
'igure 1! IP address and Port number of source computer.
$.) What is the IP address of gaia.cs.umass.edu? n hat port number is it sending and receiing TCP segments for this connection? Anser! The IP address of gaia.cs.umass.edu is 1$*.11#.$+%.1$ and the port number it is sending TCP segments is *" as shon in the belo figure $.
'igure $! IP address and Port number of gia.cs.umass.edu
,.) What is the IP address and TCP port number used by your client computer (source) to transfer the file to gaia.cs.umass.edu? Anser! The IP address and TCP port number of my computer is 1".".".1#$ and %"%&1. +.) What is the se-uence number of the TCP /0 segment that is used to initiate the TCP connection beteen the client computer and gaia.cs.umass.edu? What is it in the segment that identifies the segment as a /0 segment? Anser! The se-uence number of the TCP /0 segment that is used to initiate the TCP connection beteen the client computer and gaia.cs.umass.edu is " / segment is 1 as shon in the belo figure ,.
'igure ,! TCP /0 segment beteen source and destination
%.) What is the se-uence number of the /0AC2 segment sent by gaia.cs.umass.edu to the client computer in reply to the /0? What is the alue of the Ac3noledgement field in the /0AC2 segment? 4o did gaia.cs.umass.edu determine that a lue? What is it in the segment that identifies the segment as a /0AC2 segment? Answer: e-uence
number of the /0AC2 segment sent by gaia.cs.umass.edu to the client
computer in reply to the /0 is " and ac3noledgement is 1 as shon in the belo figure +.
'igure +! e-uence number of /0AC2
5.) What is the se-uence number of the TCP segment containing the 4TTP PT command? 0ote that in order to find the PT command you6ll need to dig into the pac3et content field at the bottom of the Wireshar3 indo loo3ing for a segment ith a 7PT8 ithin its 9ATA field. Answer:
4TTP PT command is 'rame + as shon in the belo figure %.
'igure %! 4TTP PT command &.) Consider the TCP segment containing the 4TTP PT as the first segment in the TCP connection. What are the se-uence numbers of the first si: segments in the TCP connection (including the segment containing the 4TTP PT)? At hat time as each segment sent? When as the AC2 for each segment receied? ;ien the difference beteen hen each TCP segment as sent and hen its ac3noledgement as receied hat is the
4TTP PT segment is 0o. +1$+,,+,5 ++1 +++ AC2 segment is 0o. +"* +11 +1, +,+ +,% and +,#
egment 1 e-uence 0umber is 1 egment $ e-uence 0umber is 1+"51 egment , e-uence 0umber is 1&%$1 egment + e-uence 0umber is $"++1 egment % e-uence 0umber is $,,51 egment 5 e-uence 0umber is $5$*1 Calculated =stimated
egment1 egment$ egment, egment+ egment% egment5
ent Time *.%5$*"" *.5"&,$% *.51&&1$ *.5,&"1& *.5,&$5# *.5+$55+
*.) What is the length of each of the first si: TCP segments? Answer:
ength of first TCP segment is &&5 bytes and ength of the other TCP segments (%
TCP segments) is 1+$5 bytes.
#.) What is the minimum amount of aailable buffer space adertised at the receied for the entire trace? 9oes the lac3 of receier buffer space eer throttle the sender? Answer:
minimum amount of aailable buffer space adertised at the receied for the entire
trace is $%5 bytes 1".) Are there any retransmitted segments in the trace file? What did you chec3 for (in the trace) in order to anser this -uestion? Answer:
/es there is a retransmission in the trace file e can chec3 it by obsering from the
se-uence number.
11.) 4o much data does the receier typically ac3noledge in an AC2? Can you identify cases here the receier is AC2ing eery other receied segment Answer:
The receier has already ac3noledged the data it receied from its preious
ac3noledgement.
1$.) What is the throughput (bytes transferred per unit time) for the TCP connection? =:plain ho you calculated this alue. Answer: Aerage
throughput of a connection > (".&%W)B
Windo sie of first segment! 5%%,5 +"$%$$,.1%#++5+"1 >+"$ 2bytesBsec
1,.) Dse the TimeEe-uenceE;raph (teens) plotting tool to ie the se-uence number ersus time plot of segments being sent from the client to the gaia.cs.umass.edu serer. Can you identify here TCP6s slo start phase begins and ends and here congestion aoidance ta3es oer? Comment on ays in hich the measured data differs from the idealied behaior of TCP that e6e studied in the te:t. Answer:
The folloing figure shos the TimeEe-uenceE;raph (teens) plotting tool hen
TCP hae connected beteen ender and
1+.) Anser each of to -uestions aboe for the trace that you hae gathered hen you transferred a file from your computer to gaia.cs.umass.edu Answer: When
e hae a lot of traffic on netor3 TCP sender uses AIF9 algorithm for the