Professional Documents
Culture Documents
B211269EC
1 c) a)
b)
The length/size of P is 74 bytes and it matches with the length information in P’s
header which is also 74 bytes.
If the lengths match, indicating a total size of 74 bytes, it signifies that the declared
length in the UDP header aligns with the actual length of the captured packet. This
consistency assures the integrity of the packet, affirming that the UDP header's
Length field accurately represents the combined size of the header and payload. In
this case, the UDP packet is well-formed and has not undergone truncation or
corruption, reinforcing the reliability of the captured network data.
c)
The UDP header has a fixed structure. The first 4 bytes represent the source port, the next 4
bytes represent the destination port, and the subsequent bytes include other UDP header fields.
d) DNS (Domain Name System) typically uses UDP as a transport protocol, and the
well-known port for DNS is 53. Filtering on destination port number 53 helps you
focus on DNS-related traffic.
e) 55084
f)
i)
ii) Source port number: 53
Destination port number: 55084
The source port in packet R matches the destination port in packet P, and
vice versa. This is because in a typical DNS exchange, the source port of
the query becomes the destination port in the response, and vice versa.
i)
Packet P1 :
Packet P2 :
Packet P3 :
ii)
The consistent use of destination port 80 in packets P1, P2, and P3 suggests that
these packets are likely associated with HTTP communication and the
destination port 80 indicates that these packets are involved in web-related
communication, possibly representing web page requests or other HTTP
transactions.
iii)
P2's sequence number is the next in line after P1, and P3's sequence number is the next
after P2.
Acknowledgment Number:
The acknowledgment number is consistently 1 in all three packets, indicating that the
receiver has received the data up to that acknowledgment number.
But sender is waiting for Ack 681 or time out , (sender received the Ack 681
after sometime before time out).
Vi)
Time | Source Port | Dest Port | Protocol | Info
| | | |
This detailed overview provides insight into the communication dynamics, including
acknowledgment status, retransmissions, and potential data loss or corruption
issues during the TCP communication between P1 and R1.
Vii)
In a TCP connection, the establishment and termination phases involve specific flags
in the TCP header. Here's how you can identify packets used in connection
establishment and connection termination:
Connection Establishment:
1. Client
to Server (First Packet):
Flags: SYN
Description: The client initiates the connection by sending a TCP packet with the
SYN (Synchronize) flag set.
Description: The server responds with a TCP packet that has both the SYN and
ACK (Acknowledgment) flags set. This indicates the server's agreement to
establish the connection.
3. Client
to Server (Third Packet):
Flags: ACK
Description: The client acknowledges the server's response by sending a TCP packet
with the ACK flag set.
Connection Termination:
Flags: FIN
Description: The initiator of the connection termination sends a TCP packet with the
FIN (Finish) flag set. This indicates the intention to close the connection.
Flags: ACK
Flags: FIN
Description: The responder also initiates the termination by sending a TCP packet
with the FIN flag set.