In our examples thus far, the documents retrieved have been simple and short HTML files. Let’s next see what happens when we download a long HTML file. Do the following:
- Start up your web browser, and make sure your browser’s cache is cleared, as discussed above.
- Start up the Wireshark packet sniffer
- Enter the following URL into your browser
- Your browser should display the rather lengthy "The Most Horrible X-Mas Ever."
- Stop Wireshark packet capture, and enter “http” in the display-filter-specification window, so that only captured HTTP messages will be displayed.
The single HTTP response message is thus broken into several pieces by TCP, with each piece being contained within a separate TCP segment. In recent versions of Wireshark, Wireshark indicates each TCP segment as a separate packet, and the fact that the single HTTP response was fragmented across multiple TCP packets is indicated by the “TCP segment of a reassembled PDU” in the Info column of the Wireshark display.
Earlier versions of Wireshark used the “Continuation” phrase to indicated that the entire content of an HTTP message was broken across multiple TCP segments.. We stress here that there is no “Continuation” message in HTTP!
Answer the following questions:
- How many HTTP GET request messages did your browser send? Which packet number in the trace contains the GET message for the Bill or Rights?
- Which packet number in the trace contains the status code and phrase associated with the response to the HTTP GET request?
- What is the status code and phrase in the response?
- How many data-containing TCP segments were needed to carry the single HTTP response and the text of the Bill of Rights?
No comments:
Post a Comment