네트워크 프로그래밍 wireshark를 사용한 TCP 분석
choni
다운로드
장바구니
* 본 문서는 PDF문서형식으로 복사 및 편집이 불가합니다.
소개글
- 네트워크프로그래밍 A+ 레포트- wireshark를 사용해 TCP 관찰 및 분석
- 아래 목차의 질문에 대한 솔루션
목차
1. What is the IP address and TCP port number used by the client computer (source) that is transferring the file to gaia.cs.umass.edu?2. What is the IP address of gaia.cs.umass.edu? On what port number is it sending and receiving TCP segments for this connection?
3. What is the sequence number of the TCP SYN segment that is used to initiate the TCP connection between the client computer and gaia.cs.umass.edu? What is it in the segment that identifies the segment as a SYN segment?
4. What is the sequence number of the SYNACK segment sent by gaia.cs.umass.edu to the client computer in reply to the SYN? What is the value of the Acknowledgement field in the SYNACK segment? How did gaia.cs.umass.edu determine that value? What is it in the segment that identifies the segment as a SYNACK segment?
5. What is the sequence number of the TCP segment containing the HTTP POST command? Note that in order to find the POST command, you’ll need to dig into the packet content field at the bottom of the Wireshark window, looking for a segment with a “POST” within its DATA field.
6. What are the sequence numbers of the first six segments in the TCP connection (including the segment containing the HTTP POST)?
7. At what time was each segment sent? When was the ACK for each segment received?
8. Given the difference between when each TCP segment was sent, and when its acknowledgement was received, what is the RTT value for each of the six segments?
9. What is the EstimatedRTT value after the receipt of each ACK? Assume that the value of the EstimatedRTT is equal to the measured RTT for the first segment, and then is computed using the EstimatedRTT equation for all subsequent segments.
10. What is the length of each of the first six TCP segments?
11. What is the minimum amount of available buffer space advertised at the received for the entire trace? Does the lack of receiver buffer space ever throttle the sender?
12. Are there any retransmitted segments in the trace file? What did you check for (in the trace) in order to answer this question?
13. How much data does the receiver typically acknowledge in an ACK? Can you identify cases where the receiver is ACKing every other received segment (see the table on next page).
14. What is the throughput (bytes transferred per unit time) for the TCP connection? Explain how you calculated this value.
본문내용
Ⅰ. Questions 1/4What is the IP address and TCP port number used by the client computer (source) that is transferring the file to gaia.cs.umass.edu?
- Source IP address는 172.16.24.128, TCP port number은 29140이다.
What is the IP address of gaia.cs.umass.edu? On what port number is it sending and receiving TCP segments for this connection?
- Gaia.cs.umass.edu의 IP address는 128.119.245.12이다. 80번 포트로 메시지를 주고 받고 있다.
Ⅱ. Questions 2/4
What is the sequence number of the TCP SYN segment that is used to initiate the TCP connection between the client computer and gaia.cs.umass.edu? What is it in the segment that identifies the segment as a SYN segment?
- 클라이언트와 서버의 TCP connection을 시작하는 TCP SYN segment의 시퀀스 번호는 0이다.
- Segment 내 flag를 살펴보면 SYN임을 확인할 수 있다.
<중 략>
‒SYNACK segment 의 시퀀스 번호는 0 이고 acknowledgement field 값은 1 이다 .
‒이 값은 직전 SYN 의 마지막 바이트 +1 로 정해지며 , 다음에 요청할 패킷의 시작 바이트
숫자와 같다 .
‒Flag 내 ack=1 과 syn=1 이 SYNACK segment 임을 나타낸다 .