computer in reply to the SYN? What is the value of the ACKnowledgement field in the SYNACK segment? How did gaia.cs.umass.edu determine that value? What is it in the segment that identifies the segment as a SYNACK segment? Answer:
因为上一次seq=0 由Flags中SYN与ACK位为1
5. What is the sequence number of the TCP segment containing the HTTP POST command?
Answer:
6. Consider the TCP segment containing the HTTP POST as the first segment in the TCP
connection. What are the sequence numbers of the first six segments in the TCP connection (including the segment containing the HTTP POST)? At what time was each segment sent? When was the ACK for each segment received? Answer: 编号 1 2 3 4 5 6
7. What is the length of each of the first six TCP segments?
(相对)序列号 1 566 2026 3486 4946 6406 发送时间 0.026477 确认时间 TCP报文长度 585 1480 1480 1480 1480 1480 Answer:585 1480 1480 1480 1480 1480
8. What is the minimum amount of available buffer space advertised at the received for the entire trace?
Answer: 5840
9. How much data does the receiver typically acknowledge in an ACK? Can you identify cases where the receiver is ACKing every other received segment Answer:2个.能
10. What is the throughput (bytes transferred per unit time) for the TCP connection? Explain how
you calculated this value?
Answer:163411/(5.297341-0.041737)
实验三 TCP/IP报文综合分析
一、实验目的
? 熟悉TCP的报文格式 ? 熟练Ethereal的使用方法
二、实验环境
? Windows操作系统 ? Ethereal协议分析仪
三、实验内容及要求
用Ethereal打开文件http-ethereal-trace-1,分析12号分组的原始数据,并回答以下问题:(注: 有X栏不用填写)
1、Ethernet报文 字段名 起止字节地址 内容(十六进制) 意义 00-0d X X Ethernet报头 Source MAC Dest. MAC Type 06-0b 00-05 0c-0d 源物理地址 目标物理地址 协议为IP 0800 2、IP报文 字段名 IP报头 Protocol 3、TCP报文 字段名 TCP报头 Windows size
起止字节地址 0e-21 17-17 内容(十六进制) X 06 意义 X 协议为TCP 起止字节地址 22-35 30-31 内容(十六进制) X 1920 意义 X 接收窗口6432字节
4、HTTP报文 字段名 Status line Head lines Entity body
起止字节地址 36-46 内容(十六进制) 意义 版本http/1.1 状态吗200 短语ok X X 47-16b 16e-1b6 X X 5、该分组到达目标机后,执行什么操作?产生的效果是什么? Answer:
实验四 Socket编程及应用
一、试验目的
? ?
了解Socket编程方法。 熟悉Socket应用。
二、实验环境
? Windows操作系统 ? Ethereal协议分析仪 ? VC++
三、试验内容
1、分析socket应用程序