LAB # 05

Statement Purpose:
Investigate the behavior of the celebrated TCP protocol in detail
Analyze a trace of the TCP segments sent and received in transferring a 150KB file from your
computer to a remote server.

transfer
slow start and congestion avoidance in action;
-advertised flow control mechanism.
Study TCP connection setup and investigate the performance (throughput and round-trip
mputer and the server.
Activity outcomes:

CCSxxx Lab Manual 45

 Students will gain better understanding of the TCP protocol

Instructor Note:

observations on them.

1) StageJ(Journey)

Introduction
Capturing a bulk TCP transfer from your computer to a remote server Before beginning our

by accessing a Web page that will allow you to

enter the name of a file stored on your computer (which contains the ASCII text of Alice in
Wonderland), and then transfer the file to a Web server using the HTTP POST method (see section
2.2.3 in the text).
a large amount of data from
Wireshark during this time to obtain the trace of the TCP segments sent and received from your
computer.
2) Stage a1 (apply)

Lab Activities:
Activity 1:
1. Examples
Do the following:

Start up your web browser. Go the http://gaia.cs.umass.edu/wireshark-labs/alice.txt and

retrieve an ASCII copy of Alice in Wonderland. Store this file somewhere on your computer.
Next go to http://gaia.cs.umass.edu/wireshark-labs/TCP-wireshark-file1.html.
You should see a screen that looks like:

CCSxxx Lab Manual 46

 Use the Browse button in this form to enter the name of the file (full path name) on your
computer containing Alice in Wonderland Upload
alice.txt file
Now start up Wireshark and begin packet capture (Capture->Start) and then press OK on the

Upload alice.txt file the

gaia.cs.umass.edu server. Once the file has been uploaded, a short congratulations message
will be displayed in your browser window.
Stop Wireshark packet capture. Your Wireshark window should look similar to the window
shown below.

CCSxxx Lab Manual 47

 If you are unable to run Wireshark on a live network connection, you can download a packet trace
8
. You may
own trace and use it, as well
as your own trace, when you explore the questions below.

A first look at the captured trace

trace.
First, filter the packet

window towards the top of the Wireshark window.

What you should see is series of TCP and HTTP messages between your computer and
gaia.cs.umass.edu. You should see the initial three-way handshake containing a SYN message. You
should see an HTTP POST message. Depending on the version of Wireshark you are using, you might

Recall from our discussion in the earlier HTTP Wireshark lab, that is no such thing as an HTTP
Continuation message CP segments

8
Download the zip file http://gaia.cs.umass.edu/wireshark-labs/wireshark-traces.zip and extract the file tcp-
ethereal-trace-1. The traces in this zip f
computers, while performing the steps indicated in the Wireshark lab. Once you have downloaded the trace, you
can load it into Wireshark and view the trace using the File pull down menu, choosing Open, and then selecting
the tcp-ethereal-trace-1 trace file.

CCSxxx Lab Manual 48

 TCP segment contained data that belonged to an upper layer protocol message (in our case here,
HTTP). You should also see TCP ACK segments being returned from gaia.cs.umass.edu to your
computer.
Answer the following questions, by opening the Wireshark captured packet file tcp-ethereal-trace-1
in http://gaia.cs.umass.edu/wireshark-labs/wireshark-traces.zip (that is download the trace and
open that trace in Wireshark; see footnote 2). Whenever possible, when answering a question you
should hand in a printout of the packet(s) within the trace that you used to answer the question
asked. Annotate the printout9 to explain your answer. To print a packet, use File->Print, choose
Selected packet only, choose Packet summary line, and select the minimum amount of packet detail
that you need to answer the question.

1. What is the IP address and TCP port number used by the client computer (source) that is
ly easiest to
select an HTTP message and explore the details of the TCP packet used to carry this HTTP

t the Wireshark windows.

2. What is the IP address of gaia.cs.umass.edu? On what port number is it sending and
receiving TCP segments for this connection?
If you have been able to create your own trace, answer the following question:
3. What is the IP address and TCP port number used by your client computer (source) to
transfer the file to gaia.cs.umass.edu?
4.

window so that it shows information about the TCP segments containing the HTTP messages, rather
than about the HTTP messages. To have Wireshark do this, select Analyze->Enabled Protocols. Then
uncheck the HTTP box and select OK. You should now see a Wireshark window that looks like:

found the answer and add some text (preferably with a colored pen) noting what y
highlight. If you hand in an electronic copy, it would be great if you could also highlight and annotate.

CCSxxx Lab Manual 49

 - a series of TCP segments sent between your computer and
gaia.cs.umass.edu. We will use the packet trace that you have captured (and/or the packet trace
tcp-ethereal-trace-1 in http://gaia.cs.umass.edu/wireshark-labs/wireshark-traces.zip; see earlier
footnote) to study TCP behavior in the rest of this lab.

Activity 2:TCP Basics

Answer the following questions for the TCP segments:

1. What is the sequence number of the TCP SYN segment that is used to initiate the TCP
connection between the client computer and gaia.cs.umass.edu? What is it in the segment
that identifies the segment as a SYN segment?
2. What is the sequence number of the SYNACK segment sent by gaia.cs.umass.edu to the
client computer in reply to the SYN? What is the value of the Acknowledgement field in the
SYNACK segment? How did gaia.cs.umass.edu determine that value? What is it in the
segment that identifies the segment as a SYNACK segment?
3. What is the sequence number of the TCP segment containing the HTTP POST command?

DATA field.
4. Consider the TCP segment containing the HTTP POST as the first segment in the TCP
connection. What are the sequence numbers of the first six segments in the TCP connection
(including the segment containing the HTTP POST)? At what time was each segment sent?
When was the ACK for each segment received? Given the difference between when each

CCSxxx Lab Manual 50

 TCP segment was sent, and when its acknowledgement was received, what is the RTT value
for each of the six segments? What is the EstimatedRTT value (see Section 3.5.3, page 239
in text) after the receipt of each ACK? Assume that the value of the EstimatedRTT is equal to
the measured RTT for the first segment, and then is computed using the EstimatedRTT
equation on page 239 for all subsequent segments.
Note: Wireshark has a nice feature that allows you to plot the RTT for each of the

window that is being sent from the client to the gaia.cs.umass.edu server. Then
select: Statistics->TCP Stream Graph->Round Trip Time Graph.
5. What is the length of each of the first six TCP segments?10
6. What is the minimum amount of available buffer space advertised at the received for the
entire trace? Does the lack of receiver buffer space ever throttle the sender?
7. Are there any retransmitted segments in the trace file? What did you check for (in the trace)
in order to answer this question?
8. What is the throughput (bytes transferred per unit time) for the TCP connection? Explain
how you calculated this value.

CCSxxx Lab Manual 51