前言
计算机网络WireShark 实验记录可供参考
题目(带有英文原文)
1:What is the IP address and TCP port number used by the client computer (source) that is transferring the file to gaia.cs.umass.edu? To answer this question, it’s probably easiest to select an HTTP message and explore the details of the TCP packet used to carry this HTTP message, using the “details of the selected packet header window” (refer to Figure 2 in the “Getting Started with Wireshark” Lab if you’re uncertain about the Wireshark windows. 将文件传输到 gaia.cs.umass.edu 的客户端计算机(源)使用的 IP 地址和 TCP 端口号是什么?要回答这个问题,可能最简单的方法是选择一条 HTTP 消息,并使用“所选数据包报头窗口的详细信息”来探索用于承载该 HTTP 消息的 TCP 数据包的详细信息(如果您对 Wireshark 窗口不确定,请参 考“Wireshark 入门”实验中的图 2)。 答: 2.What is the IP address of gaia.cs.umass.edu? On what port number is it sendingand receiving TCP segments for this connection? gaia.cs.umass.edu 的 IP 地址是什么?它在哪个端口号上发送和接收此连接的 TCP 段? 答: 3.What is the IP address and TCP port number used by your client computer (source) to transfer the file to gaia.cs.umass.edu? 您的客户端计算机(源)用来将文件传输到 gaia.cs.umass.edu 的 IP地址和 TCP 端口号是什么? 答: 4.What is the sequence number of the TCP SYN segment that is used to initiate the TCP connection between the client computer and gaia.cs.umass.edu? What is it in the segment that identifies the segment as a SYN segment? 用于启动客户端计算机和 gaia.cs.umass.edu 之间的 TCP 连接的 TCP SYN段的序列号是多少?段中是什么将该段标识为 SYN 段? 答: 可知序列号是0 可知是通过标志段中的位来判断是否为SYN的 5.What is the sequence number of the SYNACK segment sent by gaia.cs.umass.edu to the client computer in reply to the SYN? What is the value of the Acknowledgement field in the SYNACK segment? How did gaia.cs.umass.edu determine that value? What is it in the segment that identifies the segment as a SYNACK segment? gaia.cs.umass.edu 发送给客户计算机的 SYNACK 段的序列号是多少?SYNACK 段中的确认字段值是多少?gaia.cs.umass.edu 是如何确定这一价值的?段中是什么将该段标识为 SYNACK 段 答: 可知序列号是0 确认字段值如下: 通过标志位来确定这些段 6.What is the sequence number of the TCP segment containing the HTTP POST command? Note that in order to find the POST command, you’ll need to dig into the packet content field at the bottom of the Wireshark window, looking for a segment with a “POST” within its DATA field. 包含 HTTP POST 命令的 TCP 段的序列号是多少?请注意,为了找到开机自检命令,您需要深入 Wireshark 窗口底部的数据包内容字段,查找其数据字段中带有“开机自检”的数据段。 答: 可以看到其序号是1号 7.Consider the TCP segment containing the HTTP POST as the first segment in theTCP connection. What are the sequence numbers of the first six segments in the 将包含 HTTP POST 的 TCP 段视为 TCP 连接中的第一个段。中前六个片段的序列号是多少 答: 8.TCP 连接(包括包含 HTTP POST 的段)?每个片段在什么时候发送?每段的确认是什么时候收到的?考虑到发送每个 TCP 数据段的时间和接收其确认的时间之间的差异,这六个数据段的 RTT 值是多少?收到每一个确认后,估算值是多少(参见第 239 页第 3.5.3 节)?假设估算值等于第一段的 RTT测量值,然后使用第 239 页的估算公式对所有后续段进行计算。 Note: Wireshark has a nice feature that allows you to plot the RTT foreach of the TCP segments sent. Select a TCP segment in the “listing ofcaptured packets” window that is being sent from the client to the gaia.cs.umass.edu server. Then select: Statistics->TCP Stream Graph注意:Wireshark 有一个很好的特性,允许你为每个发送的 TCP 段绘制 RTT 图。在“捕获的数据包列表”窗口中选择一个从客户端发送到 gaia.cs.umass.edu 服务器的 TCP 段。然后选择:统计->TCP流图 9.What is the length of each of the first six TCP segments? 前六个 TCP 段的长度分别是多少? 答: 10.What is the minimum amount of available buffer space advertised at the receivedfor the entire trace? Does the lack of receiver buffer space ever throttle thesender? 对于整个跟踪,在接收端通告的最小可用缓冲空间量是多少?接收方缓冲区空间的缺乏会抑制发送方吗? 答: 我觉得就是这个接收窗口为缓冲区,会抑制发送方 11.Are there any retransmitted segments in the trace file? What did you check for (inthe trace) in order to answer this question? 跟踪文件中是否有任何重新传输的数据段?为了回答这个问题你查了什么? 答:应该是没有重传数据包,如果有的话,会在info显示 12.How much data does the receiver typically acknowledge in an ACK? Can you identify cases where the receiver is ACKing every other received segment (seeTable 3.2 on page 247 in the text). 接收器通常在确认中确认多少数据?你能识别接收器每隔个接收到的数据段进行打包的情况吗(参见正文第 247 页的表 3.2)。 答:不懂啥意思-.- 13.What is the throughput (bytes transferred per unit time) for the TCP connection?Explain how you calculated this value. TCP 连接的吞吐量(单位时间传输的字节数)是多少?解释你如何计算这个值 答: 14.Use the Time-Sequence-Graph(Stevens) plotting tool to view the sequence number versus time plot of segments being sent from the client to the gaia.cs.umass.edu server. Can you identify where TCP’s slowstart phase begins and ends, and where congestion avoidance takes over? Comment on ways in which the measured data differs from the idealized behavior of TCP that we’ve studied in the text. 使用时间序列图(Stevens)绘图工具查看从客户端发送到 gaia.cs.umass.edu 服务器的数据段的序列号与时间的关系图。您能确定 TCP 的慢启动阶段从哪里开始和结束,以及拥塞避免从哪里开始吗?评论 测量数据与我们在本文中研究的 TCP 理想化行为的不同之处。 答: 应该是从这一段开始的
|