Homework 4

Examine the following traces provided in separate files (trace1.dat and trace2.dat). These traces were generated using the Ethereal tool. The traces correspond to individual IP pakcets for an HTTP download from a client to a server. Each IP packet is captured in an individual Ethernet frame. The IP address of the client is 128.105.111.141.

The entire trace is quite long and has a large number of frames. We present two fragments of the entire trace for this assignment. The first trace has 39 consecutive frames from the beginning of the HTTP download. The second trace is from the middle of this HTTP download and contains 7 consecutive traces.

Based on these trace fragments answer the following questions:

  1. How many different TCP connections have been used for this download?
  2. If IP flags have a value of 0x4, what does it mean?
  3. If TCP flags have a value of 0x12, what does it mean?
  4. How many of the IP packets have been fragmented by intermediate routers on the path between server and client?
  5. From the trace (in particular trace2.dat) give an example of Fast Retransmit and Fast Recovery for a TCP connection.
  6. Based on the first trace, list how the TCP receive window size at the client has evolved for each connection. Explain this based on each IP packet transmitted by the client.
  7. Extra credit: For each change in window size, explain why this change happened.
For parsing the data files, you will find shell commands like grep useful.