Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

This is a wireshark assignment. I neeed help or some sort of direction with two

ID: 3561015 • Letter: T

Question

This is a wireshark assignment. I neeed help or some sort of direction with two questions.

1) Estimate the download protocol overhead, or percentage of the download bytes taken up by protocol overhead. To do this, consider HTTP data (headers and message) to be useful data for the network to carry, and lower layer headers (TCP, IP, and Ethernet) to be the overhead. We would like this overhead to be small, so that most bits are used to carry content that applications care about. To work this out, first look at only the packets in the download direction for a single web fetch. You might sort on the Des-tination column to find them. The packets should start with a short TCP packet described as a SYN ACK, which is the beginning of a connection. They will be followed by mostly longer packets in the middle (of roughly 1 to 1.5KB), of which the last one is an HTTP packet. This is the main portion of the download. And they will likely end with a short TCP packet that is part of ending the connection. For each packet, you can inspect how much overhead it has in the form of Ethernet / IP / TCP headers, and how much useful HTTP data it carries in the TCP payload. You may also look at the HTTP packet in Wireshark to learn how much data is in the TCP payloads over all download packets.
Turn-in: Your estimate of download protocol overhead as defined above. Tell us whether you find this overhead to be significant.

2) Step 5: Demultiplexing Keys
When an Ethernet frame arrives at a computer, the Ethernet layer must hand the packet that it contains to the next higher layer to be processed. The act of finding the right higher layer to process received packets is called demultiplexing. We know that in our case the higher layer is IP. But how does the Ethernet protocol know this? After all, the higher-layer could have been another protocol entirely (such as ARP). We have the same issue at the IP layer

Explanation / Answer

1)

The demultiplexing key for Ethernet is the Type field. It holds 0x800 when the higher layer is IP.

2)The demultiplexing key for IP is the Protocol field. It has value 6 when the higher layer is TCP.

Related Questions

This is a titration simmulation all the data is given and I\'ve listed out the g
Question #1018718
This is a tough one i am doing a partion sort but the trick here is, that it is
Question #3927096
This is a tough one, so read the hint! A catapult on a cliff launches a large ro
Question #1579278
This is a tough one, so read the hint! A catapult on a cliff launches a large ro
Question #1872178
This is a tough one. Could really use some quality help. Most of the text in her
Question #3576040
This is a tough question, but I\'m hoping someone out there might find this easy
Question #3656433
This is a tougher circuits problem. Notice it says practical source, not ideal!
Question #1800125
This is a tougher circuits problem. Notice it says practical source, not ideal!
Question #1928522
Hire Me For All Your Tutoring Needs
Integrity-first tutoring: clear explanations, guidance, and feedback.
Drop an Email at
drjack9650@gmail.com
Chat Now And Get Quote

Navigate

Previous
This is a well­-known game with a number of variants. The following variant has
Next
This is a word problem I need help on. I would appreciate any help given! Washin

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.