In this assignment, you’ll investigate the TCP/ IP protocols. The assignment consists of four parts.

Part I: NetworkLayer– IP (10 Marks)

In this part, you will analyze a trace file of IP datagrams sent and received by the execution of a traceroute program. You’ll investigate the various fields in the IP datagram in detail. Before beginning this assignment, you should

1. read the introduction on ICMP: (https://en.wikipedia.org/wiki/Internet_Control_Message_Protocol); and

2. watch a video on ICMP at https://www.youtube.com/watch?v=-SdDISOPD8M

Wireshark file: Assignmenet_IP, can be downloaded from the “Resources” section in the interact2 subject site

When answering a question, you should include screenshots of the packets with annotations to explain your answers. Select the minimum amount of packet detail that you need to answer the questions.

1. Select the first ICMP Echo Request message sent by the client, expand the Internet Protocol part of the packet in the packet details window, and provide the screenshots of this.

2. Within the IP packet header, what is the value in the upper layer protocol field?

3. How many bytes are in the IP header? How many bytes are in the payload of the IP datagram? Explain how you determined the number of payload bytes.

4. Has this IP datagram been fragmented? Explain how you determined whether or not the datagram has been fragmented.

Next, sort the traced packets according to the IP source address by clicking on the “Source” column header; a small downward pointing arrow should appear next to the word Source. If the arrow points up, click on the Source column header again. Select the first ICMP Echo Request message, and expand the Internet Protocol portion in the “details of selected packet header” window. In the “listing of captured packets” window, you should see all of the subsequent ICMP messages (perhaps with additional interspersed packets ) below this first ICMP. Use the down arrow on your keyboard to move through the ICMP messages (Note: in the following, we are only interested in the messages with source addresses ).

5. Which fields in the IP datagrams always change from one datagram to the next within this series of ICMP messages sent by the client?

6. Which of the fields must stay constant? Which fields must change? Why?

7. Describe the pattern you see in the values in the Identification field of the IP datagram Next (with the packets still sorted by source address) find the series of ICMP TTL-exceeded replies sent to the client by the nearest (first hop) router.

8. What are the values in the Identification field and the TTL field?

9. Do these values remain unchanged for all of the ICMP TTL-exceeded replies sent to the client by the nearest (first hop) router? Why?

Transport Layer – TCP (3 +2+10 Marks)

In the TCP part of this assignment, you’ll conduct a preliminary investigation into the behavior of TCP.

You’ll conduct this lab by analyzing a trace of the TCP segments sent and received in transferring a 150KB file (containing the text of Lewis Carrol’s Alice’s Adventuresin Wonderland) from your computer to a remote server. You’ll study TCP’s use of sequence and acknowledgment numbers for providing reliable data transfer; you’ll also briefly consider TCP connection setup and you’ll investigate the performance (throughput and round-trip time) of the TCP connection between your computer and the server.

Part II: Capturing a bulk TCP transfer from your computer to a remote server (3 marks)

Before beginning your exploration of TCP, you’ll need to use Wireshark to obtain a packet trace of the TCP transfer of a file from your computer to a remote server. You’ll do so by accessing a Web page that will allow you to enter the name of a file stored on your computer (which contains the ASCII text of Alicein Wonderland), and then transfer the file to a Web server using the HTTP POST method. Of course, you’ll be running Wireshark during this time to obtain the trace of the TCP segments sent and received from your computer. Do the following:

  • Start up your web browser. Go http://csusap.csu.edu.au/~xhuang/alice.txt and retrieve an ASCII copy of Alicein Wonderland. Store this file somewhere on your computer.
  • Next, go to http://csusap.csu.edu.au/~xhuang/TCP_A.html
  • Your web browser should show a web page that permits you to upload a file. Use the Browse button in this form to enter the name of the file (full path name) on your computer containing Alicein Wonderland(or do so manually). Don’t press the “Upload alice.txt file” button yet.
  • Now start Wireshark and begin packet capture (Capture?Options). Select the correct interface (usually it’s the network interface card of your computer) and then press START on the Wireshark Packet Capture Options screen. Before starting, it’s best to close the webpage tabs other than the upload page.
  • Returning to your browser, press the “Upload alice.txt file” button to upload the file to the csusap.csu.edu.au server. During the upload, a short message may be displayed in the status bar of your browser window.
  • Stop Wireshark packet capture. In order to analyze the trace, you can filter the packets displayed in the Wireshark window by entering “tcp” (lowercase, no quotes, and press return after entering) into the display filter specification window towards the top of the Wireshark window. Then you should be able to see both TCP and HTTP packets, and should now see a Wireshark window which looks like Fig. 1.
  • Export and save the trace file for further analysis.

Figure 1: Example trace

Note that in your submission, please clearly indicate 1. whether your capture ofTCP transfer in this part was successful or not; and 2. whether your answers to the questions in the following Part III and Part IV are based on your captured files or not.

Part III: A first look at the captured trace (2 marks)

(If you are unable to run Wireshark on a live network connection, you can download a packet trace file that was captured while following the steps above on the Resources

Wireshark file: Assignmenet_TCP, which can be downloaded from the “Resources” section of the interact2 subject site. Note that you will lose some of the marks by using this file rather than using your own captured file for this part of the assignment)

Whenever possible, when answering a question, you should include the screenshots of the packet(s) within the trace that you used. Annotate the screenshots to explain your answer. To capture the screenshots, select the minimum amount of packet detail that you need to answer the question.

10. What are the IP address and TCP port number used by your client computer (source) to transfer the file to the server?

11. What is the IP address of the server? Which port number is it sending and receiving TCP segments for this connection?

Note: To answer these questions, it’s probably easiest to select an HTTP message and explore the details of the TCP packet used to carry this HTTP message, using the “details of the selected packet header window”.

Since this assignment is about TCP rather than HTTP, change Wireshark’s “listing of captured packets” window so that it shows information about the TCP segments containing the HTTP messages, rather than the HTTP messages. To have Wireshark do this, select Analyze?Enabled Protocols. Then uncheck the HTTP box and select OK. You should now see a Wireshark window that looks like Fig. 2:

Figure 2: Example trace showing a series of TCP exchanges

This is what you’re looking for – a series of TCP segments sent between your computer and csusap.csu.edu.au.

Part IV: TCP (10 Marks)

Answer the following questions for the TCP segments:

12. What is the sequence number of the TCP SYN segment that is used to initiate the TCP connection between the client computer and the server? What element of the segment identifies it as a SYN segment?

Wireshark uses relative sequence numbers by default. You can obtain absolute sequence numbers instead. You must use relative sequence numbers to answer all the questions.

13. What is the sequence number of the SYNACK segment sent by the server to the client computer in reply to the SYN? What is the acknowledgment number (Ack=?) in the SYNACK segment? How did the server determine that value? What element in the segment identifies it as a SYNACK segment?

14. What is the sequence number of the TCP segment containing the HTTP POST command? Note that in order to find the POST command; you’ll either need to dig into the packet content field at the bottom of the Wireshark window, looking for a segment with a “POST” within its DATA field or prevent Wireshark from reassembling the packets and displaying them as one response, rather than as multiple continuation packets. This can be disabled by going to Edit? Preferences ? Protocols ? HTTP and unchecking the “Reassemble HTTP bodies spanning multiple TCP segments” box.

15. Consider the TCP segment containing the HTTP POST as the first segment in the TCP connection. Calculate the Round-Trip Time (RTT). Note that the RTT time is the time difference between the time of the POST message and the corresponding ACK.

15.1 What are the sequence numbers of the first six segments in the TCP connection (including the segment containing the HTTP POST)? At what time was each segment sent? When was the ACK for each segment received? Note: you may want to re-enable “Reassemble HTTP bodies spanning multiple TCP segments” if you disabled this setting previously. Also, note that there may be multiple ACKs associated with each TCP segment. You should list the time of the final ACK for each segment. The Statistics ?Flow Graph ?TCP flow view can also be useful.

15.2 Given the difference between when each TCP segment was sent, and when its acknowledgment was received, what is the RTT value for each of the six segments?

15.3 Plot the Round-Trip Time Graph.

Note: Wireshark has a nice feature that allows you to plot the RTT for each of the TCP segments sent. Select a TCP segment in the “listing of captured packets” window that is being sent from the client to the server. Then select Statistics?TCP Stream Graph?Round Trip Time Graph.

For (15.1) and (15.2), fill in this table for 6 segments. For (15.3), hand in the graph.

Segment Seq. # Sent time ACK Receive Time Actual RTT

16. What is the length of each of the first six TCP segments?

Note: Generally, the TCP segments will all be less than 1460 bytes. This is because most computers have an Ethernet card that limits the length of the maximum IP packet to 1500 bytes (40 bytes of TCP/IP header data and 1460 bytes of TCP payload). This 1500 byte value is the standard maximum length allowed by Ethernet. If your trace indicates a TCP length greater than 1500 bytes, and your computer is using an Ethernet connection, then Wireshark is reporting the wrong TCP segment length; it will likely also show only one large TCP segment rather than multiple smaller segments. Your computer is indeed probably sending multiple smaller segments, as indicated by the ACKs it receives. This inconsistency in reported segment lengths is due to the interaction between the Ethernet driver and the Wireshark software.

17. Are there any retransmitted segments in the trace file? What did you check for (in the trace) in order to answer this question? (hint: plot the time sequence graph from the statistics menu)

Note: Select a TCP segment sent from your computer to the server in the Wireshark’s “listing of captured-packets” window. Then select the menu: Statistics?TCP Stream Graph?Time- Sequence- Graph (Stevens). You should see a plot that looks similar to the plot in Fig. 3. Each dot represents a TCP segment sent, plotting the sequence number of the segment versus the time at which it was sent. Note that a set of dots stacked above each other represents a series of packets that were sent back-to-back by the sender.

Figure 3: Example plot of TCP sequence numbers

18. How much data does the receiver typically acknowledge in an ACK? Show an example.

19. What is the average throughput (bytes transferred per unit time) for the TCP connection? Explain how you calculated this value.

What to hand in: Answers to questions 1-19. Also, provide evidence ( including annotated screenshots ) for how you arrived at all your answers.

RATIONALE

back to top

This assessment task will assess the following learning outcome/s:

  • be able to analyse the TCP/IP protocol.
  • be able to explain and apply IP addresses including IPv4 and IPv6; and.
MARKING CRITERIA AND STANDARDS

back to top

The following criteria will be used while assessing this assessment:

HD DI CR PS FL
Apply knowledge of IP by analyzing a trace file of IP datagrams Demonstrated comprehensive knowledge of IP to consistently apply the relevant

ones correctly in this context. Analysed and accurately interpreted communication data and information in detail. Succinctly explained and justified all the answers, providing clear and logical answers.

Demonstrated knowledge to apply the majority of the relevant ones correctly in IP. Analysed and accurately interpreted the communication data and information in detail. Explained and justified all answers. Providing (for the most part) clear and logical answers. Demonstrated knowledge to apply some of the relevant ones correctly in IP. Analysed and accurately (for some parts) interpreted the communication data and information. Explained and justified most of the answers by relating to aspects of IP. Demonstrated partially-developed knowledge to apply some of them correctly in IP. Analysed and (for a few parts) interpreted the communication data and information. Explained and justified at least half of the answers but in many cases used irrelevant or incorrect facts. Most of the provided answers are incorrect. Listed some facts and little reasons, stated some identifications and implications by giving simple observation and or reason that may or may not relate to IP.
Apply knowledge of TCP by capturing and analyzing a trace file of TCP segments Demonstrated comprehensive knowledge of TCP to consistently apply the relevant

ones correctly in this context. Analysed and accurately interpreted communication data and information in detail. Succinctly explained and justified all the answers, providing clear and logical answers.

Demonstrated knowledge to apply the majority of the relevant ones correctly in TCP. Analysed and accurately interpreted the communication data and information in detail. Explained and justified all answers. Providing (for the most part) clear and logical answers. Demonstrated knowledge to apply some of the relevant ones correctly in TCP. Analysed and accurately (for some parts) interpreted the communication data and information. Explained and justified most of the answers by relating to aspects of TCP Demonstrated partially-developed knowledge to apply some of them correctly in TCP. Analysed and (for a few parts) interpreted the communication data and information. Explained and justified at least half of the answers but in many cases used irrelevant or incorrect facts. Most of the provided answers are incorrect. Listed some facts and little reasons, stated some identifications and implications by giving simple observation and or reason that may or may not relate to TCP.
PRESENTATION

back to top

Your submission should include a pdf document containing the followings:

1. The title of your assignment;

2. Your name, student ID and page number;

3. Provide your numbered answers to all the questions with annotated screenshots; and

4. Whether or not your answers in the TCP part is based on your own captured file

Please submit your file to Turnitin

Found something interesting ?

• On-time delivery guarantee
• PhD-level professional writers
• Free Plagiarism Report

• 100% money-back guarantee
• Absolute Privacy & Confidentiality
• High Quality custom-written papers

Related Model Questions

Feel free to peruse our college and university model questions. If any our our assignment tasks interests you, click to place your order. Every paper is written by our professional essay writers from scratch to avoid plagiarism. We guarantee highest quality of work besides delivering your paper on time.

Grab your Discount!

25% Coupon Code: SAVE25
get 25% !!