Nama : Akhmad Fariiqun Awwaluddin NRP
: 2110165019
Kelas : 1 D4 LJ Teknik Informatika
Wireshark TCP v.70 1. What is the IP address and TCP port number used by the client computer (source) that is transferring the file to gaia.cs.umass.edu? Solution: Client computer (source) IP address: 192.168.1.102 TCP port number: 4127 2. What is the IP address of gaia.cs.umass.edu? On what port number is it sending and receiving TCP segments for this connection? Solution : Destination computer: gaia.cs.umass.edu IP address: 128.119.245.12 TCP port number: 80 3. What is the IP address and TCP port number used by your client computer (source) to transfer the file to gaia.cs.umass.edu? 4. What is the sequence number of the TCP SYN segment that is used to initiate the TCP connection between the client computer and gaia.cs.umass.edu? What is it in the segment that identifies the segment as a SYN segment? Solution:
Nomor urut dari segmen TCP SYN digunakan untuk memulai koneksi TCP antara komputer klien dan gaia.cs.umass.edu. Hal ini ditunjukkan dengan nilai 0. SYN flag set ke 1 dan menunjukkan bahwa segmen ini adalah segmen SYN. 5. What is the sequence number of the SYNACK segment sent by gaia.cs.umass.edu to the client computer in reply to the SYN? What is the value of the Acknowledgement field in the SYNACK segment? How did gaia.cs.umass.edu determine that value? What is it in the segment that identifies the segment as a SYNACK segment? Solution : Nomor urut dari segmen SYNACK dari gaia.cs.umass.edu ke komputer klien dalam membalas SYN memiliki nilai 0 pada trace ini. Nilai bidang Pengakuan di segmen SYNACK adalah 1. Nilai ACKnowledgement field di segmen SYNACK ditentukan oleh gaia.cs.umass.edu dengan menambahkan 1 ke nomor urut awal segmen SYN dari komputer klien (yaitu nomor urut dari segmen SYN diinisiasi oleh komputer klien 0). SYN flag dan ACKnowledgement flag di segmen ditetapkan untuk 1 dan hal itu menunjukkan bahwa segmen ini adalah segmen SYNACK.
6. What is the sequence number of the TCP segment containing the HTTP POST command? Note that in order to find the POST command, you’ll need to dig into the packet content field at the bottom of the Wireshark window, looking for a segment with a “POST” within its DATA field Solution: Nomor 4. Adalah segmen TCP yang mengandung perintah HTTP POST. Nomor urut dari segmen ini memiliki nilai 1.
7. Consider the TCP segment containing the HTTP POST as the first segment in the TCP connection. What are the sequence numbers of the first six segments in the TCP connection (including the segment containing the HTTP POST)? At what time was each segment sent? When was the ACK for each segment received? Given the difference between when each TCP segment was sent, and when its acknowledgement was received, what is the RTT value for each of the six segments? What is the EstimatedRTT value (see Section 3.5.3, page 242 in text) after the receipt of each ACK? Assume that the value of the EstimatedRTT is equal to the measured RTT for the first segment, and then is computed using the EstimatedRTT equation on page 242 for all subsequent segments. Note: Wireshark has a nice feature that allows you to plot the RTT for each of the TCP segments sent. Select a TCP segment in the “listing of captured packets” window that is being sent from the client to the gaia.cs.umass.edu server. Then select: Statistics->TCP Stream Graph- >Round Trip Time Graph.
Solution: The HTTP POST segment is considered as the first segment. Segments 1 – 6 are No. 4, 5, 7, 8, 10, and 11 in this trace respectively. The ACKs of segments 1 – 6 are No. 6, 9, 12, 14, 15, and 16 in this trace. Segmen HTTP POST dianggap sebagai segmen pertama. Segmen 1 - 6 adalah No 4, 5, 7, 8, 10, dan 11 di masing – masing trace ini. Segmen ACK 1 - 6 adalah No 6, 9, 12, 14, 15, dan 16 di trace ini Segment 1 sequence number: 1 Segment 2 sequence number: 566 Segment 3 sequence number: 2026 Segment 4 sequence number: 3486
Segment 5 sequence number: 4946 Segment 6 sequence number: 6406 Waktu pengiriman dan waktu diterima dari ACK dapat dilihat dalam tabel berikut. Sent time
ACK received time
RTT (seconds)
Segment 1
0.026477
0.053937
0.02746
Segment 2
0.041737
0.077294
0.035557
Segment 3
0.054026
0.124085
0.070059
Segment 4
0.054690
0.169118
0.11443
Segment 5
0.077405
0.217299
0.13989
Segment 6
0.078157
0.267802
0.18964
EstimatedRTT = 0.875 * EstimatedRTT + 0.125 * SampleRTT EstimatedRTT after the receipt of the ACK of segment 1: EstimatedRTT = RTT for Segment 1 = 0.02746 second EstimatedRTT after the receipt of the ACK of segment 2: EstimatedRTT = 0.875 * 0.02746 + 0.125 * 0.035557 = 0.0285 EstimatedRTT after the receipt of the ACK of segment 3: EstimatedRTT = 0.875 * 0.0285 + 0.125 * 0.070059 = 0.0337 EstimatedRTT after the receipt of the ACK of segment 4: EstimatedRTT = 0.875 * 0.0337+ 0.125 * 0.11443 = 0.0438 EstimatedRTT after the receipt of the ACK of segment 5: EstimatedRTT = 0.875 * 0.0438 + 0.125 * 0.13989 = 0.0558 EstimatedRTT after the receipt of the ACK of segment 6: EstimatedRTT = 0.875 * 0.0558 + 0.125 * 0.18964 = 0.0725 second 8. What is the length of each of the first six TCP segments? Solution : Panjang segmen pertama TCP (yang berisi POST HTTP): 565 bytes. Panjang masing-masing dari lima segmen TCP lainnya: bytes 1460 (MSS) 9. What is the minimum amount of available buffer space advertised at the received for the entire trace? Does the lack of receiver buffer space ever throttle the sender? Solution: Jumlah minimum ruang buffer (receiver window) diiklankan di gaia.cs.umass.edu untuk seluruh trace adalah 5840 bytes, yang ditunjukkan dalam acknowledgement dari server. Receiver window ini tumbuh terus sampai ukuran penerima buffer maksimum 62.780 byte.
10. Are there any retransmitted segments in the trace file? What did you check for (in the trace) in order to answer this question? Solution: Tidak ada segmen ditransmisikan dalam trace file. Hal itu dapat diverifikasi dengan memeriksa nomor urutan segmen TCP dalam trace file. Dalam TimeSequence-Graph (Stevens) dari trace ini, semua nomor urut dari source (192.168.1.102) ke destination (128.119.245.12) meningkat terhadap waktu. Jika ada segmen ditransmisikan, jumlah urutan segmen ditransmisikan ini harus lebih kecil dari segmen neighbor. 11. How much data does the receiver typically acknowledge in an ACK? Can you identify cases where the receiver is ACKing every other received segment (see Table 3.2 on page 250 in the text). Solution : acknowledged sequence number
acknowledged data
ACK 1
566
566
ACK 2
2026
1460
ACK 3
3486
1460
ACK 4
4946
1460
ACK 5
6406
1460
ACK 6
7866
1460
ACK 7
9013
1147
ACK 8
10473
1460
ACK 9
11933
1460
ACK 10
13393
1460
ACK 11
14853
1460
ACK 12
16313
1460
Perbedaan antara acknowledged sequence numbers dari dua ACK berturut-turut menunjukkan data yang diterima oleh server antara dua ACK tersebut. Dengan memeriksa jumlah acknowledged data oleh masing-masing ACK, di mana penerima ACKing setiap segmen lainnya. Misalnya, acknowledged data dari segmen No. 80 2920 bytes = 1460 * 2 bytes
12. What is the throughput (bytes transferred per unit time) for the TCP connection? Explain how you calculated this value. Solution: Perhitungan TCP throughput yang sangat tergantung pada pemilihan rata-rata periode waktu. Sebagai perhitungan throughput yang umum, dalam pertanyaan ini, hal ini memilih jangka waktu rata-rata sebagai waktu koneksi secara keseluruhan. Kemudian, throughput rata-rata untuk koneksi TCP ini dihitung sebagai rasio antara jumlah total data dan waktu transmisi keseluruhan. Total Data jumlah yang dikirimkan dapat dihitung dengan perbedaan antara jumlah urutan segmen TCP pertama (yaitu 1 byte untuk segmen No. 4) dan nomor urut acknowledged dari ACK terakhir (164091 bytes untuk segmen No. 202). Oleh karena itu, total data 164091-1 = 164.090 byte. Waktu transmisi keseluruhan adalah perbedaan waktu instan dari segmen TCP pertama (yaitu, 0,026477 kedua untuk segmen No.4) dan waktu instan dari ACK terakhir (yaitu, 5,455830 kedua untuk No 202 segmen). Oleh karena itu, waktu transmisi total 5.455830 - 0.026477 = 5,4294 detik. Oleh karena itu, throughput untuk koneksi TCP dihitung sebagai 164.090 / 5,4294 = 30,222 KByte / sec. 13. Use the Time-Sequence-Graph(Stevens) plotting tool to view the sequence number versus time plot of segments being sent from the client to the gaia.cs.umass.edu server.
Can you identify where TCP’s slowstart phase begins and ends, and where congestion avoidance takes over? Comment on ways in which the measured data differs from the idealized behavior of TCP that we’ve studied in the text. Solution: TCP Slow Start dimulai pada awal hubungan, yaitu, ketika segmen HTTP POST dikirim keluar. Slow Identification fase awal dan menghindari kemacetan fase TCP tergantung pada nilai dari ukuran kemacetan jendela pengirim TCP ini. Namun, nilai ukuran kemacetan jendela tidak dapat diperoleh secara langsung dari grafik waktu-urutan-Graph (Stevens). Kita dapat memperkirakan batas bawah dari ukuran jendela TCP dengan jumlah data yang luar biasa karena data yang beredar adalah jumlah data tanpa acknowledgement. Kita juga tahu bahwa jendela TCP dibatasi oleh ukuran jendela penerima dan buffer penerima dapat bertindak sebagai batas atas dari ukuran jendela TCP. Dalam trace ini, buffer penerima bukan sebuah penghalang. Oleh karena itu, batas atas ini tidak cukup untuk menyimpulkan ukuran jendela TCP. Oleh karena itu, kita fokus pada batas bawah dari ukuran jendela TCP. 14. Answer each of two questions above for the trace that you have gathered when you transferred a file from your computer to gaia.cs.umass.edu Solution: Hal ideal dari TCP dalam teks berasumsi bahwa TCP sender yang agresif dalam pengiriman data. Terlalu banyak lalu lintas dapat menyebabkan jaringan padat. Oleh karena itu, TCP sender harus mengikuti algoritma AIMD sehingga ketika mereka mendeteksi kemacetan jaringan (yaitu, packet loss), mengirimkan ukuran jendela mereka harus menyesuaikan. Perilaku TCP juga sangat tergantung pada aplikasi.
Wireshark UDP v.70 1. Select one UDP packet from your trace. From this packet, determine how many fields there are in the UDP header. (You shouldn’t look in the textbook! Answer these questions directly from what you observe in the packet trace.) Name these fields. Solution : The UDP header contains 4 fields. They are source Port, Destination port, Length and checksum. 2. By consulting the displayed information in Wireshark’s packet content field for this packet, determine the length (in bytes) of each of the UDP header fields. Solution : The UDP has four fields at two bytes each so in total it is 8 bytes Source Port is 2 bytes Destination port is 2 bytes Length is 2 bytes Checksum is 2 bytes 3. The value in the Length field is the length of what? (You can consult the text for this answer). Verify your claim with your captured UDP packet. Solution : The value in the length field is the sum of the 8 header bytes, plus the 42 encapsulated data bytes. 4. What is the maximum number of bytes that can be included in a UDP payload? (Hint: the answer to this question can be determined by your answer to 2. above) Solution : The maximum number of bytes that can be included in a UDP payload is 216 – 1 less the header bytes. This gives 65535 – 8 = 65527 bytes. 5. What is the largest possible source port number? (Hint: see the hint in 4.) Solution : The largest possible source port number is 216 – 1 = 65535. 6. What is the protocol number for UDP? Give your answer in both hexadecimal and decimal notation. To answer this question, you’ll need to look into the Protocol field of the IP datagram containing this UDP segment (see Figure 4.13 in the text, and the discussion of IP header fields). Solution : The IP protocol number for UDP is 0x11 hex, which is 17 in decimal value.
7. Examine a pair of UDP packets in which your host sends the first UDP packet and the second UDP packet is a reply to this first UDP packet. (Hint: for a second packet to be sent in response to a first packet, the sender of the first packet should be the destination of the second packet). Describe the relationship between the port numbers in the two packets. Solution : Dalam paket pertama yang dikirim oleh host , source port paket UDP adalah sama dengan destination port dari paket balasan. Juga destination port dari paket UDP yang dikirim oleh komputer host , cocok dengan source port dari paket balasan.
