Use a wireshark to solve this problem please In our examples thus far, the docum

Question

Use a wireshark to solve this problem please

In our examples thus far, the documents retrieved have been simple and short HTML
files. Let’s next see what happens when we download a long HTML file. Do the
following:
• Start up your web browser, and make sure your browser’s cache is cleared, as
discussed above.
• Start up the Wireshark packet sniffer
• Enter the following URL into your browser
http://gaia.cs.umass.edu/wireshark-labs/HTTP-wireshark-file3.html
Your browser should display the rather lengthy US Bill of Rights.
• Stop Wireshark packet capture, and enter “http” in the display-filter-specification
window, so that only captured HTTP messages will be displayed.
• (Note: If you are unable to run Wireshark on a live network connection, you can
use the http-ethereal-trace-3 packet trace to answer the questions below; see
footnote 1. This trace file was gathered while performing the steps above on one
of the author’s computers.)
In the packet-listing window, you should see your HTTP GET message, followed by a
multiple-packet TCP response to your HTTP GET request. This multiple-packet
response deserves a bit of explanation. Recall from Section 2.2 (see Figure 2.9 in the
text) that the HTTP response message consists of a status line, followed by header lines,
followed by a blank line, followed by the entity body. In the case of our HTTP GET, the
entity body in the response is the entire requested HTML file. In our case here, the
HTML file is rather long, and at 4500 bytes is too large to fit in one TCP packet. The
single HTTP response message is thus broken into several pieces by TCP, with each
piece being contained within a separate TCP segment (see Figure 1.24 in the text). In
recent versions of Wireshark, Wireshark indicates each TCP segment as a separate
packet, and the fact that the single HTTP response was fragmented across multiple TCP
packets is indicated by the “TCP segment of a reassembled PDU” in the Info column of
the Wireshark display. Earlier versions of Wireshark used the “Continuation” phrase to
indicated that the entire content of an HTTP message was broken across multiple TCP
segments.. We stress here that there is no “Continuation” message in HTTP!
Answer the following questions:
1. How many HTTP GET request messages did your browser send? Which packet
number in the trace contains the GET message for the Bill or Rights?
2. Which packet number in the trace contains the status code and phrase associated
with the response to the HTTP GET request?
3. What is the status code and phrase in the response?
4. How many data-containing TCP segments were needed to carry the single HTTP
response and the text of the Bill of Rights?

Explanation / Answer

1) There was a single GET request from the browser.The first packet after SYN AYN ACK ACK contains the GET message

2) The first packet in the response sequence contains the response of the request

3) The status code and phrase in response are
HTTP/1.1 200 OK

4) 4 data containing TCP segments are needed

Related Questions

Navigate

• Browse (All)
• Browse U
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.