Báo cáo bài thực hành số 4

Mã lớp thực hành: 744499 Số nhóm: 4

Thành viên nhóm: Lê Hải Nhật 20225583

Trịnh Mạnh Quỳnh 20226064
Ngụy Quang Sơn 20225998
Lò Đức Tài 20225999

Thực hành
1. Identify IP address task
Student identify the IP address of computer and write on report.

2. Sniff network traffic task

After following the steps in the instruction, we obtain this screen in
Wireshark:
 The file is saved as lab04.pcapng.
3. Analyze UDP datagrams task
Pick one of the UDP packets that are sent from your computer and expand the
headers in the details window.

Question 1(1 point): Determine the value of following fields

No.: 29
Source IP address:192.168.4.35
Destination IP addres:192.168.4.1
Source port: 54134
Destination port: 53
What is network layer protocol? The network layer protocol used is IP
Examine a pair of the above UDP packet in which your host sent and answer
question 2.

Question 2(1 point):

What is No. of packet? 29 and 31
Describe the relationship between the port numbers in the two packets. Can
receiver know whether transmission is successful or not?
Ans:
These two packets describe a transmited packet and a reply packet, therefore
 the port numbers in these packet are the same (54134 -> 53 and 53 -> 54134).
The receiver can’t know if the transmission is successful or not since in UDP,
packets are only sent once and there is no way to know whether the data has
been transmitted successfully or not.
4. Analyze TCP segments task
Set your packet filter as the following value so that Wireshark only displays
the TCP packets sent and received in upload file process.
tcp && ip.addr == 202.191.56.66
The Wireshark windows right now is:

Observe the initial three-way handshake establishing the TCP connnection

between your client and server

Question 3(2 point): What is the IP address and TCP port number used by
parties?
 The IP address of client: 192.168.4.35
 The IP address of server: 202.191.56.66
 The port number of client: 49882
 The port number of server: 80
Expand the TCP header of messages in initiatation the TCP connection and
determine the value of fields:

Flags Sequence ACK Payload

No. TCP Flags
(binary value) number number size

34 0000 0000 0010 SYN 0 0 0

36 0000 0001 0010 SYN, ACK 0 1 0
38 0000 0001 0000 ACK 1 1 0
 Find the segment containing the first bytes of alice.txt file (Hint: You should
read the content of segment payload

Question 4(1 point): Expand the headers of the segment and determine
 No.: 40
 Source IP address: 192.168.4.35
 Destination IP address: 202.191.56.66
 Source port number: 49882
 Destination port number: 80
 Sequence Number: 688
 ACK Number: 1
 TCP header size: 20 bytes
 Payload size: 13140 bytes
 What are TCP flags set? ACK
Find the ACK segment for the above segment

Question 5(1 point): Expand the headers of the segment and determine
 No.: 41
 Source IP address: 202.191.56.66
 Destination IP address: 192.168.4.35
  Source port number: 80
 Destination port number: 49882
 Sequence Number: 1
 ACK Number: 668
 TCP header size: 20 bytes
 Payload size: 0 bytes
 What are TCP flags set? ACK
Question 6(1 point): What is the sequence number of the next TCP segment
sent from Web browser on your computer?
Ans: the sequence number of the next TCP segment sent from Web browser
is 13828.
Observe the termination of the TCP connnection.

Question 7(2 point): Expand the TCP header of messages in termination of the
TCP connection and determine the value of fields:
Flags Sequence ACK Payload
No. TCP Flags
(binary value) number number size
77 0000 0001 0001 FIN, ACK 783 153009 0
78 0000 0001 0000 ACK 153009 784 0
Question 8(1 point): What is the throughput (bytes transferred per unit time)
for the TCP connection during uploading file? Explain how you calculated this
value.
Ans:
Bytes transferred: 153,009 bytes
First packet sent at: 6.090853s
Last packet at: 6.164812s

Throughput = 153,009/(6.164812 – 6.090853) = 2,068,835.44(bytes/s)