King Abdul-Aziz University Computer Networks Faculty of Computing and Information Technology CPIT370 Department of Information Technology

Akbar Badhusha Mohideen Page 1

Lab#6: Understanding TCP operation with Wire Shark Prepared By Akbar Badhusha MOHIDEEN

Objectives:

The objective of this lab is to generate TCP traffic, capture TCP packets in the Wire Shark software and observe the three way hand shake of the TCP connection establishment process and the connection termination process.

Activity Outcomes

At the end of this lab the student will be able to

Use the Wire Shark software to capture the packets.

Analyze the three way handshake packets of TCP connection establishment and termination.

Lab Tasks

Building the small network:

Firstly, build the smallest network with two PCs connected by a crossover cable. Use the IP addresses 192.168.10.1 for one PC and 192.168.10.2 for another PC.

Start NetMeeting:

Secondly, start the NetMeeting software in both the PCs. But do not start to call from each side.

Starting Wire shark:

Then start the Wire Shark software (which is used for capturing and analyzing the packets) and start the capturing process.

After starting to capture, from the NetMeeting, call the PC2 from PC1. Using text Chat, send one line of text and disconnect the NetMeeting connection between two PCs.

Now stop the capturing process and look at the captured packets.

TCP Three way handshake analysis:

How is the first packet in the TCP session identified?

_______________________________________________________________

See the details of the first three packets of the TCP connection establishment and then fill up the table given below. In the TCP connection establishment sequence, the opening TCP session sends a TCP datagram with the SYN bit set and the receiver sends a related TCP datagram with the SYN ACK bits set. A final ACK bit is sent from sender to finish the TCP handshake.

In the screen capture below, the highlighted line shows the First packet of TCP session. When the flags field is elaborated, the SYN bit is seen as 1. Similarly, observe the details of other two packets and fill up the questions below.

2 For the First packet fill up the following Blanks:

Source IP Address: ___.___.___.___

Destination IP Address: _______________

Source port number: ______________

Destination port number: ______________

Sequence number: ______________

Acknowledgement number: ___________

Flag Bits SYN ____ ACK _____ FIN _____

For the Second packet fill up the following Blanks:

Source IP Address: ___.___.___.___

Destination IP Address: _______________

Source port number: ______________

Destination port number: ______________

Sequence number: ______________

Acknowledgement number: ___________

Flag Bits SYN ____ ACK _____ FIN _____

For the Third packet fill up the following Blanks:

Source IP Address: ___.___.___.___

Destination IP Address: _______________

Source port number: ______________

Destination port number: ______________

Sequence number: ______________

Acknowledgement number: ___________

Flag Bits SYN ____ ACK _____ FIN _____