Uploaded by Tea Papa

toaz.info-wireshark-lab-pr b431bdb24cb9dfedd082d72207031fe3

1.) What is the IP address and TCP port number used by the client computer (source) that is
transferring the file to gaia.cs.umass.edu?
Answer: The IP address and TCP port number of my computer is and port number is
50571 as shown in the below figure 1.
Figure 1: IP address and Port number of source computer.
2.) What is the IP address of gaia.cs.umass.edu? On what port number is it sending and receiving
TCP segments for this connection?
Answer: The IP address of gaia.cs.umass.edu is and the port number it is sending
TCP segments is 80 as shown in the below figure 2.
Figure 2: IP address and Port number of gia.cs.umass.edu
3.) What is the IP address and TCP port number used by your client computer (source) to transfer
the file to gaia.cs.umass.edu?
Answer: The IP address and TCP port number of my computer is and 50571.
4.) What is the sequence number of the TCP SYN segment that is used to initiate the TCP
connection between the client computer and gaia.cs.umass.edu? What is it in the segment that
identifies the segment as a SYN segment?
Answer: The sequence number of the TCP SYN segment that is used to initiate the TCP
connection between the client computer and gaia.cs.umass.edu is 0, SYS segment is 1 as shown
in the below figure 3.
Figure 3: TCP SYN segment between source and destination
5.) What is the sequence number of the SYNACK segment sent by gaia.cs.umass.edu to the
client computer in reply to the SYN? What is the value of the Acknowledgement field in the
SYNACK segment? How did gaia.cs.umass.edu determine that value? What is it in the segment
that identifies the segment as a SYNACK segment?
Answer: Sequence number of the SYNACK segment sent by gaia.cs.umass.edu to the client
computer in reply to the SYN is 0 and acknowledgement is 1 as shown in the below figure 4.
Figure 4: Sequence number of SYNACK
6.) What is the sequence number of the TCP segment containing the HTTP POST command?
Note that in order to find the POST command, you’ll need to dig into the packet content field at
the bottom of the Wireshark window, looking for a segment with a “POST” within its DATA
Answer: HTTP POST command is Frame 4 as shown in the below figure 5.
Figure 5: HTTP POST command
7.) Consider the TCP segment containing the HTTP POST as the first segment in the TCP
connection. What are the sequence numbers of the first six segments in the TCP connection
(including the segment containing the HTTP POST)? At what time was each segment sent?
When was the ACK for each segment received? Given the difference between when each TCP
segment was sent, and when its acknowledgement was received, what is the RTT value for each
of the six segments? What is the Estimated RTT value?
HTTP POST segment is No. 412,433,436, 441, 444
ACK segment is No. 408, 411, 413, 434, 435 and 439
Segment 1 Sequence Number is 1
Segment 2 Sequence Number is 14061
Segment 3 Sequence Number is 17521
Segment 4 Sequence Number is 20441
Segment 5 Sequence Number is 23361
Segment 6 Sequence Number is 26281
Calculated Estimated RTT:
Sent Time
Received Time
Estimated RTT = 0.875*Estimated RTT of previous segment + 0.125*RTT of previous segment.
Estimated RTT of segment 1 = RTT of segment 1 = 0.012211
Estimated RTT of segment 2 = 0.875*0.012211+0.125*0.009205 = 0.0118
Estimated RTT of segment 3 = 0.875*0.0118+0.125*0.019074 = 0.01270
Estimated RTT of segment 4 = 0.875*0.0127+0.125*0.000116 = 0.011127
Estimated RTT of segment 5 = 0.875*0.011127+0.125*0.000008 = 0.000001
Estimated RTT of segment 6 = 0.875*0.000001+0.125*0.000101 = 0.0000135
8.) What is the length of each of the first six TCP segments?
Answer: Length of first TCP segment is 776 bytes and Length of the other TCP segments (5
TCP segments) is 1426 bytes.
9.) What is the minimum amount of available buffer space advertised at the received for the
entire trace? Does the lack of receiver buffer space ever throttle the sender?
Answer: minimum amount of available buffer space advertised at the received for the entire
trace is 256 bytes
10.) Are there any retransmitted segments in the trace file? What did you check for (in the trace)
in order to answer this question?
Answer: Yes, there is a retransmission in the trace file, we can check it by observing from the
sequence number.
11.) How much data does the receiver typically acknowledge in an ACK? Can you identify cases
where the receiver is ACKing every other received segment
Answer: The receiver has already acknowledged the data it received from its previous
12.) What is the throughput (bytes transferred per unit time) for the TCP connection? Explain
how you calculated this value.
Answer: Average throughput of a connection = (0.75*W)/RTT
Window size of first segment: 65536
RTT of the first segment: 0. 012211
Average throughput of a connection: (0.75*65536)/0.01221
= 4025223.159446401
=402 Kbytes/sec
13.) Use the Time-Sequence-Graph (Stevens) plotting tool to view the sequence number versus
time plot of segments being sent from the client to the gaia.cs.umass.edu server. Can you identify
where TCP’s slow start phase begins and ends, and where congestion avoidance takes over?
Comment on ways in which the measured data differs from the idealized behavior of TCP that
we’ve studied in the text.
Answer: The following figure shows the Time-Sequence-Graph (Stevens) plotting tool, when
TCP have connected between Sender and Receiver, it have a one value (it is a windows size) that
used to fix value of Information can be to send to Receivers. So windows size is a value of deal
between Sender and Receiver how many have in segment before sending.
14.) Answer each of two questions above for the trace that you have gathered when you
transferred a file from your computer to gaia.cs.umass.edu
Answer: When we have a lot of traffic on network TCP sender uses AIMD algorithm for the
reduction of window size.