计算机网络实验

66 阅读 0 评论 44 点赞

我是靠谱客的博主细心招牌，最近开发中收集的这篇文章主要介绍计算机网络实验，觉得挺不错的，现在分享给大家，希望可以做个参考。

概述

实验1：HTTP
一、实验内容。
使用Wireshark对HTTP协议从多方面进行研究和分析，如基础GET/Response交互、HTTP报文格式、检索大型HTML文件、检索带有嵌入对象的 HTML 文件以及HTTP鉴权与安全。

二、实验操作步骤及结果。

基础GET/Response交互
（1）打开浏览器、Wireshark。在Wireshark中使用“http”过滤内容。
（2）在浏览器中访问http://gaia.cs.umass.edu/wireshark-labs/HTTP-wireshark-file1.html
（3）停止Wireshark 包嗅探。在Wireshark中发现两条侦测记录

（4）相关问题回答

Is your browser running HTTP version 1.0 or 1.1? What version of HTTP is the server running?

由请求行的 Request Version 和响应中的 Response Version 可知，浏览器和服务器都运行的是 HTTP/1.1。
2. What languages (if any) does your browser indicate that it can accept to the server?
由请求头中的 Accept-Language 字段可知浏览器能接受: zh-CN、zh、en、en-GB、en-US。
3. What is the IP address of your computer? Of the gaia.cs.umass.edu server?
从 Source IP 和 Destination IP 可知
本电脑的 IP 为 10.27.125.194，Server IP为128.119.245.12
4. What is the status code returned from the server to your browser?

200
5. When was the HTML file that you are retrieving last modified at the server?

How many bytes of content are being returned to your browser?

540 bytes
7. By inspecting the raw data in the packet content window, do you see any headers within the data that are not displayed in the packet-listing window? If so, name one.
None，已全部显示

The HTTP CONDITIONAL GET/response interaction
（1）同之前操作，访问http://gaia.cs.umass.edu/wireshark-labs/HTTP-wireshark-file2.html
然后刷新页面，得到侦测记录

（2）相关问题回答

Inspect the contents of the first HTTP GET request from your browser to the server. Do you see an “IF-MODIFIED-SINCE” line in the HTTP GET?
由于是第一次请求，没有“IF-MODIFIED-SINCE” line
Inspect the contents of the server response. Did the server explicitly return the contents of the file? How can you tell?

第一次请求准确返回了。
第二次请求没有文件内容返回
3. Now inspect the contents of the second HTTP GET request from your browser to the server. Do you see an “IF-MODIFIED-SINCE:” line in the HTTP GET? If so, what information follows the “IF-MODIFIED-SINCE:” header?

存在该 Header，内容如图
4. What is the HTTP status code and phrase returned from the server in response to this second HTTP GET? Did the server explicitly return the contents of the file? Explain.
第二次请求时，返回状态码304，意味浏览器缓存已经存储了最新信息，服务器不返回文件
3. Retrieving Long Documents

（1）步骤同前访问http://gaia.cs.umass.edu/wireshark-labs/HTTP-wireshark-file3.html
得到侦测记录

（2）相关问题回答

How many HTTP GET request messages did your browser send? Which packet number in the trace contains the GET message for the Bill or Rights?
1次HTTP/GET请求，282号包中包含the GET message for the Bill or Rights
Which packet number in the trace contains the status code and phrase associated with the response to the HTTP GET request?
312号包
What is the status code and phrase in the response?
200 OK
How many data-containing TCP segments were needed to carry the single HTTP response and the text of the Bill of Rights?

HTML文件长4500 bytes，一个tcp报文课携带1460bytes数据，所以需要4500/1460=4个TCP分段。实际也为看到也为4个。
4.HTML Documents with Embedded Objects
（1）步骤还是同前访问http://gaia.cs.umass.edu/wireshark-labs/HTTP-wireshark-file4.html
得到侦测记录

（2）相关问题回答

How many HTTP GET request messages did your browser send? To which Internet addresses were these GET requests sent?
浏览器发送了3个HTTP GET请求，
118 – 128.119.245.12
128 – 128.119.245.12
139 – 178.79.137.164
Can you tell whether your browser downloaded the two images serially, or whether they were downloaded from the two web sites in parallel? Explain.
同时的，可以看到访问嵌入式对象时，Wireshark记录中，在发出第一个GET请求后没有等待Response就发送了第二个GET请求上。

三、实验中存在问题及分析。
1.以上第4部分中，获取jpg图片时返回301 Moved Permanently
说明请求的图片已经被移动
2.第3部分问题（4）中每个TCP报文端数据部分不同于默认情况实际运载1380bytes数据

实验2：TCP
一、实验内容。
该实验主要研究TCP协议的行为。通过传输一份150KB的文件分析TCP传输内容的发送和接受过程。研究TCP为提供可靠数据传输，对序列和确认字符的使用。观测TCP的
拥塞控制算法-慢启动和拥塞避免和TCP连接的启动，以及研究TCP连接的性能。

二、实验操作步骤及结果。

Capturing a bulk TCP transfer from your computer to a remote server
（1）启动浏览器，下载http://gaia.cs.umass.edu/wireshark-labs/alice.txt 保存在电脑上
（2）打开http://gaia.cs.umass.edu/wireshark-labs/TCP-wireshark-file1.html 点击browser选择保存的文件
（3）启动Wireshark，过滤tcp，开始侦测然后上传文件

(由于捕获的杂项太多，此处使用了提供的捕获记录)
2. A first look at the captured trace
（1）可以看到记录中有包含了SYN信息的初始三次握手，多个承载单个HTTP信息的TCP区段，以及TCP ACK区段
（2）问题回答：

What is the IP address and TCP port number used by the client computer (source) that is transferring the file to gaia.cs.umass.edu? To answer this question, it’s probably easiest to select an HTTP message and explore the details of the TCP packet used to carry this HTTP message, using the “details of the selected packet header window” (refer to Figure 2 in the “Getting Started with Wireshark” Lab if you’re uncertain about the Wireshark windows.
发送IP：192.168.1.102，发送端口1161
What is the IP address of gaia.cs.umass.edu? On what port number is it sending and receiving TCP segments for this connection?
接受IP：128.119.245.12，接受端口：80
What is the IP address and TCP port number used by your client computer (source) to transfer the file to gaia.cs.umass.edu?
发送IP：10.26.125.195，发送端口：54118
TCP Basics
What is the sequence number of the TCP SYN segment that is used to initiate the TCP connection between the client computer and gaia.cs.umass.edu? What is it in the segment that identifies the segment as a SYN segment?

SYN相对序列号为0，绝对序列号为 232129012
Flags SYN位设置为 1 表示该 Segment 是 SYN Segment
5. What is the sequence number of the SYNACK segment sent by gaia.cs.umass.edu to the client computer in reply to the SYN? What is the value of the Acknowledgement field in the SYNACK segment? How did gaia.cs.umass.edu determine that value? What is it in the segment that identifies the segment as a SYNACK segment?

相对序列号0，绝对序列号883061785
Acknowledgement field：1 （为 SYN 序列号加 1）
Flags SYN和ACK都设置为1表示该segment是SYNACK segment
6. What is the sequence number of the TCP segment containing the HTTP POST command? Note that in order to find the POST command, you’ll need to dig into the packet content field at the bottom of the Wireshark window, looking for a segment with a “POST” within its DATA field.

相对序列号为 1
7. Consider the TCP segment containing the HTTP POST as the first segment in the TCP connection. What are the sequence numbers of the first six segments in the TCP connection (including the segment containing the HTTP POST)? At what time was each segment sent? When was the ACK for each segment received? Given the difference between when each TCP segment was sent, and when its acknowledgement was received, what is the RTT value for each of the six segments? What is the EstimatedRTT value (see Section 3.5.3, page 239 in text) after the receipt of each ACK? Assume that the value of the EstimatedRTT is equal to the measured RTT for the first segment, and then is computed using the EstimatedRTT equation on page 239 for all subsequent segments.

PSH No 序列号发送时间回应 No ACK时间 RTT EstimatedRTT
4 1 0.026477 6 0.053937000 0.027460000 0.02746
5 566 0.041737 9 0.077294000 0.035557000 0.028472125
7 2026 0.054026 12 0.124085000 0.070059000 0.033670484375
8 3486 0.054690 14 0.169118000 0.114428000 0.043765173828125
10 4946 0.077405 15 0.217299000 0.139894000 0.05578127709960937
11 6406 0.078157 16 0.267802000 0.189645000 0.07251424246215821
其中 EstimatedRTT = 0.875 ∗ EstimatedRTT + 0.125 ∗ SampleRTT
8. What is the length of each of the first six TCP segments?
Segment 1 sequence length: 566 − 1 = 565
Segment 2 sequence length: 2026 − 566 = 1460
Segment 3 sequence length: 3486 − 2026 = 1460
Segment 4 sequence length: 4946 − 3486 = 1460
Segment 5 sequence length: 6406 − 4946 = 1460
Segment 6 sequence length: 7866 − 6406 = 1460
9. What is the minimum amount of available buffer space advertised at the received for the entire trace? Does the lack of receiver buffer space ever throttle the sender?

最小可用缓存空间量为5840bytes，并最大能增长到62780bytes
通过观察侦测记录，发送方不会因为接收方缓冲区空间不足而受到抑制。

Are there any retransmitted segments in the trace file? What did you check for (in the trace) in order to answer this question?
跟踪文件中没有重新传输的段。序列号随时间稳步增长，没有小于相邻数据段序列号的重传数据段
How much data does the receiver typically acknowledge in an ACK? Can you identify cases where the receiver is ACKing every other received segment (see Table 3.2 on page 247 in the text).
两个连续ACK的确认序列号之间的差异表示服务器在这两个ACK之间接收的数据，可以发现大部分ACK确认1460bytes数据。

可能出现每隔一个数据段进行ACK的现象

如80、88号数据段
12. What is the throughput (bytes transferred per unit time) for the TCP connection? Explain how you calculated this value.
选择平均时间周期作为整个连接时间。平均吞吐量被为总数据量与总传输时间之间的比率。通过第一个TCP数据段的序列号(第4号数据段，1bytes)和最后一个确认的序列号(第202号数据段，164091bytes)的差可得到发送的总数据量为164091-1=164090字节。整个传输时间为第一个TCP报文段的时刻(4号报文段，0.026477秒)和最后一个确认的时刻(202号报文段，5.455830秒)的时间差，为5.455830-0.026477=5.4294秒。该tcp吞吐量计算164090/5.4294=30.222 KB/s

TCP congestion control in action
（1）在Wireshark中显示出时序图

（2）问题回答
13. Use the Time-Sequence-Graph(Stevens) plotting tool to view the sequence number versus time plot of segments being sent from the client to the gaia.cs.umass.edu server. Can you identify where TCP’s slowstart phase begins and ends, and where congestion avoidance takes over? Comment on ways in which the measured data differs from the idealized behavior of TCP that we’ve studied in the text.

开始时从0s-约0.3s时为慢启动，然后进入拥塞避免阶段。
这里cwnd遇到ssthresh进入congestion avoidance后一直为6不再增加，书上写的是会线性增加知道遇到超时。

Answer each of two questions above for the trace that you have gathered when you transferred a file from your computer to gaia.cs.umass.edu

三、实验问题及分析
未出现问题

实验3：ICMP
一、实验内容。

研究有关ICMP协议的几个方面，如Ping程序生成的ICMP消息、Traceroute程序生成的ICMP消息以及ICMP消息的格式和内容

二、实验操作步骤及结果。

ICMP and Ping

（1）打开Wireshark开启捕获，打开Windows命令窗口输入“ping -n 10 www.baidu.com”
等待执行完毕后停止捕获

（2）问题解答

What is the IP address of your host? What is the IP address of the destination host?
答：本机IP：10.27.125.194 远程主机IP：14.215.177.38
Why is it that an ICMP packet does not have source and destination port numbers?
答：因为ICMP是网络层的协议，它不需要传输层TCP或者UDP的承载，直接使用IP数据报承载，因此不需要源端口号和目的端口号，只要源地址和目的地址即可。
Examine one of the ping request packets sent by your host. What are the ICMP type and code numbers? What other fields does this ICMP packet have? How many bytes are the checksum, sequence number and identifier fields?
答：ICMP类型：8（ICMP请求），代码：0。
还有字段Checksum、Checksum Status、Identifier（BE）、Identifier（LE）、Sequence number（BE）、Sequence number（LE）
Checksum：2bytes
Sequence：2bytes
Identifier：2bytes
Examine the corresponding ping reply packet. What are the ICMP type and code numbers? What other fields does this ICMP packet have? How many bytes are the checksum, sequence number and identifier fields?
答：ICMP类型：0（ICMP响应），代码：0
还有字段Checksum、Checksum Status、Identifier（BE）、Identifier（LE）、Sequence number（BE）、Sequence number（LE）
Checksum：2bytes
Sequence：2bytes
Identifier：2bytes
ICMP and Traceroute
(1)打开Wireshark,打开Windows命令行,开始捕获,然后输入“tracert baidu.com”
完成后停止捕获

（2）问题回答：
5. What is the IP address of your host? What is the IP address of the target destination host?
答：我的IP：10.27.125.194，目标IP：220.183.38.25

If ICMP sent UDP packets instead (as in Unix/Linux), would the IP protocol number still be 01 for the probe packets? If not, what would it be?
答：仍然将会是 01
Examine the ICMP echo packet in your screenshot. Is this different from the ICMP ping query packets in the first half of this lab? If yes, how so?

Traceroute：

Ping：

Ping返回的type为0，Traceroute返回的type为11，因为Traceroute发生了超时

Examine the ICMP error packet in your screenshot. It has more fields than the ICMP echo packet. What is included in those fields?

错误包的IMCP中包含了原始IP和上层端口号ICMP的信息

Examine the last three ICMP packets received by the source host. How are these packets different from the ICMP error packets? Why are they different?

与错误包相比，最后三个收到的包其ICMP协议中不包含原始IP和ICMP

Within the tracert measurements, is there a link whose delay is significantly longer than others? Refer to the screenshot in Figure 4, is there a link whose delay is significantly longer than others? On the basis of the router names, can you guess the location of the two routers on the end of this link?
答：确实有一条链延迟明显长于其他。链路的头路由器为源主机，尾路由器为目的主机

三、实验中存在问题及分析。
未出现问题

实验4：ARP
班级学号姓名
一、实验内容。

二、实验操作步骤及结果。

三、实验中存在问题及分析。