$24
Part 1
[2] Why TCP uses a 3-way connection establishment process rather than simple connection request and response (2-way protocols)?
[2] Consider a TCP connection between Host A and Host B. Suppose that one TCP segment traveling from Host A to Host B have the following information:
Source port: x
Destination port: y
Seq no.: 135
Ack no.: 426
Segment length: 126 bytes
What will be the corresponding information (source port, destination port, seq no., and ack no.) for the segment traveling from Host B to Host A?
[3+3+4=10] Assume TCP congestion control based on Reno/Tahoe protocol. Initial ssthreshold = 32.
First segment loss occurs at the 7th transmission. Loss is indicated by timeout. What is the current congestion window (CWND) and ssthreshold before the 8th transmission starts?
After 3 more transmissions (8th, 9th and 10th) at the 10th transmission, segment loss happens. This time, loss is indicated by 3-DUPACKs. What is the current congestion window (CWND) and ssthreshold before the 11th transmission starts?
After this 2 more transmissions happen (11th and 12th) without any loss and the transmission process is completed. What will be the current congestion window
(CWND) and ssthreshold value after the 12th transmission?
Show your steps through X-Y plot.
Part 2
In this part, we’ll investigate the behavior of TCP in detail through wireshark. We’ll do so by analyzing a trace of the TCP segments sent and received in transferring a 150KB file from your computer to a remote server.
Retrieve an ASCII copy of Alice in Wonderland at http://gaia.cs.umass.edu/ethereal-labs/alice.txt Store this file somewhere on your computer.
Next go to http://gaia.cs.umass.edu/ethereal-labs/TCP-ethereal-file1.html.
Use the Browse button in this form to enter the name of the file (full path name) on your computer containing Alice in Wonderland. Don’t yet press the “Upload alice.txt file” button.
Now start packet capture with Wireshark.
Returning to your browser, press the “Upload alice.txt file” button to upload the file to the gaia.cs.umass.edu server. Once the file has been uploaded, a short congratulations message will be displayed in your browser window.
Stop Wireshark packet capture.
Before analyzing the behavior of the TCP connection in detail, let’s take a high level view of the trace. First, filter the packets displayed in the Wireshark window by entering “tcp” into the display filter specification window towards the top of the Wireshark window. What you should see is series of TCP and HTTP messages between your computer and gaia.cs.umass.edu. You should see the initial three-way handshake containing a SYN message. You should see an HTTP POST message and a series of “HTTP Continuation” messages being sent from your computer to gaia.cs.umass.edu. In actuality, there is no such thing as an HTTP Continuation message – this is Wireshark’s way of indicating that there are multiple TCP segments being used to carry a single long HTTP message. You should also see TCP ACK segments being returned from gaia.cs.umass.edu to your computer.
Since this lab is about TCP rather than HTTP, let’s change Wireshark’s “listing of captured packets” window so that it shows information about the TCP segments containing the HTTP messages, rather than about the HTTP messages. To have Wireshark do this, select Analyze-Enabled Protocols. Then uncheck the HTTP box and select OK. Also, in this lab we would like to see TCP’s sequence numbers (and not the relative sequence numbers that Wireshark may instead display). To see the sequence numbers, go to EditPreferencesProtocolsTCP and uncheck “relative sequence numbers”.
Now answer the following questions:
[1] What is the IP address and port number used by gaia.cs.umass.edu to receive the file? What is the IP address and TCP port number used by your client computer (source) to transfer the file to gaia.cs.umass.edu?
[1] What are the actual sequence number and relative sequence number of the TCP SYN segment that is used to initiate the TCP connection between the client computer and gaia.cs.umass.edu? What is it in the segment that identifies the segment as a SYN segment?
[2] What are the actual sequence number and relative sequence number of the SYNACK segment sent by gaia.cs.umass.edu to the client computer in reply to the SYN? What is the value of the ACKnowledgement field in the SYNACK segment? What is it in the segment that identifies the segment as a SYNACK segment?
TCP Congestion Control
Let’s now examine the amount of data sent per unit time from the client to the server. Rather than (tediously!) calculating this from the raw data in the Wireshark window, we’ll use one of Wireshark’s TCP graphing utilities - Time-Sequence-Graph(Stevens) – to plot out data.
Select a TCP segment in the Wireshark’s “listing of captured-packets” window.
Then select the menu : Statistics-TCP Stream Graph- Time-Sequence-Graph(Stevens). You should see a plot that looks similar to the following plot
Here, each dot represents a TCP segment sent, plotting the sequence number of the segment versus the time at which it was sent. Note that a set of dots stacked above each other represents a series of packets that were sent back-to-back by the sender. Now answer the questions:
[1] Use the Time-Sequence-Graph(Stevens) plotting tool to view the sequence number versus time plot of segments being sent from the client to the gaia.cs.umass.edu server. Can you identify where TCP’s slowstart phase begins and ends, and where congestion avoidance takes over? Run the experiment multiple times in various times of day to provide your result.
[1] Comment on ways in which the measured data differs from the idealized behavior of TCP that we’ve studied in the text and why so. Provide your explanation of your time sequence chart in detail.
[Important Note for Assignment 2: When answering the wireshark questions, additionally, you must take screen shots of the appropriate messages and indicate where in the message you’ve found the information that answers the questions.]