Presentation is loading. Please wait.

Presentation is loading. Please wait.

COMP2322 Lab 6 TCP Steven Lee Mar 29, 2017.

Similar presentations


Presentation on theme: "COMP2322 Lab 6 TCP Steven Lee Mar 29, 2017."— Presentation transcript:

1 COMP2322 Lab 6 TCP Steven Lee Mar 29, 2017

2 TCP Transmission Control Protocol Transport layer protocol
User Datagram Protocol (UDP) is another one

3 TCP segment structure Bit Source port Destination port Sequence number
1 2 3 4 5 6 7 8 9 Source port Destination port 32 Sequence number 64 Acknowledgement number 96 ACK SYN FIN Window size 128 Checksum Options (variable length) Application data (variable length)

4 One sender, one receiver
TCP Point-to-point One sender, one receiver

5 TCP segment structure Bit Source port Destination port Sequence number
1 2 3 4 5 6 7 8 9 Source port Destination port 32 Sequence number 64 Acknowledgement number 96 ACK SYN FIN Window size 128 Checksum Options (variable length) Application data (variable length)

6 TCP Reliable All bytes sent are guaranteed to be received identically, and in the correct order

7 TCP segment structure Bit Source port Destination port Sequence number
1 2 3 4 5 6 7 8 9 Source port Destination port 32 Sequence number 64 Acknowledgement number 96 ACK SYN FIN Window size 128 Checksum Options (variable length) Application data (variable length) Sequence number The accumulated sequence number of the first data byte of this segment for the current session Acknowledgement number The next sequence number the receiver expects The receiver acknowledges receipt of all prior bytes

8 Connection establishment
Three-way handshake Host A Host B [SYN] Seq=A [SYN, ACK] Seq=B, Ack=A+1 [ACK] Seq=A+1, Ack=B+1

9 Data transfer Host Server Seq=1, Ack=1, Len=37 Seq=1, Ack=38, Len=0

10 Connection termination
Four-way handshake Host A Host B [FIN] [ACK] [FIN] [ACK]

11 Practice 1 Capture packets while downloading xt To reveal information of packets that say [TCP segment of a reassembled PDU]: Right-click on any TCP layer → Protocol Preferences → Uncheck Allow subdissector to reassemble TCP streams To reveal the application data contained in the TCP segments: Analyze → Enabled Protocols → Uncheck HTTP → OK

12 Practice 1 Question 1 (4 marks)
What is the TCP port number used by your computer to transfer the file? What is the TCP port number used by the server to receive the file? Question 2 (4 marks) What is the sequence number of the TCP SYN segment that establishes the TCP connection between your computer and the server? What indicates that the segment is a SYN segment?

13 Practice 1 Question 3 (6 marks)
What is the sequence number of the SYN/ACK segment that the server responds the SYN with? How about its acknowledgement number? How does the server determine this value? What indicates that the segment is a SYN/ACK segment? Question 4 (4 marks) What are the sequence numbers of the data- containing segments in the TCP connection related to the file transfer? What is the length of each of them?

14 Practice 1 One way to view the round-trip time (RTT) of the TCP segments: Right-click on any column’s header → Column Preferences → Click the add button → Enter tcp.analysis.ack_rtt into Field Name → OK Question 5 (2 marks) What is the RTT of each of the data-containing segments?

15 Practice 2 Download and open a modified packet capture from cking.pcap

16 Practice 2 The packet capture shows a partial interaction between a client and a TCP server. After a normal TCP three-way handshake, the client begins data transfer to the server. Instead of sending a pure TCP ACK to the client, the server sends the acknowledgement along with the data (the acknowledgement is piggy-backed on the data). This is known as piggybacking. Question 6 (6 marks) What is the payload size of the TCP data packet sent from the server? What is the TCP/IP overhead? Assume the sizes of the TCP and IP headers remain unchanged. How much more TCP/IP data would the server need to transmit if piggybacking is not used?

17 Practice 3 Download and open a modified packet capture from ap

18 Practice 3 The packet capture shows that the Great Firewall (GFW) injects a series of forged TCP Reset (RST) packets upon seeing a request with blacklisted keywords, i.e. “falun” Question 7 (6 marks) How many TCP RST packets are injected by the GFW? What is the difference of the sequence numbers between each subsequent TCP RST packet? What is special about this number in TCP? Why does the GFW inject TCP RST packets with these specific sequence numbers?


Download ppt "COMP2322 Lab 6 TCP Steven Lee Mar 29, 2017."

Similar presentations


Ads by Google