APPLIED COMPUTER SCIENCE ACS-3911-050 Computer Networks Winter 2020 Assignment 2/Lab HTTP and Lab DNS Due Date: 26th February, 2020 The assignment is in two parts, Part A - Questions and Answer, and Part B - Wireshark Lab HTTP and DNS. Part A is 25 marks, and Part B is 45 marks, a total of 70 marks for this assignment. Please complete by due date. No assignment will be accepted after the due date and the date/time stamp on the email will be used to determine if the assignment was on time or late. Email your assignment in PDF format to [email protected] by 11:59pm Feb 26th, 2020. The name of your file should be named - <First name Last Name> - <Student ID> – Assignment <number>, e.g. John Doe – 12345 – Assignment 2. The subject line of your email must be: <your name><your student #>< course # with section #>Assignment 1. Part A – Questions and Answers Review Questions Section 2.1 R5. What information is used by a process running on one host to identify a process running on another host? (2 marks) Section 2.2 – 2.5 R11. Why do HTTP, FTP, SMTP, and POP3 run on top of TCP rather than on UDP? (1 mark) R12. Consider an e-commerce site that wants to keep a purchase record for each of its customers. Describe how this can be done with cookies. (1 mark) R13. Describe how Web caching can reduce the delay in receiving a requested object. Will Web caching reduce the delay for all objects requested by a user or for only some of the objects? Why? (1 mark) 1 R19. Is it possible for an organization’s Web server and mail server to have exactly the same alias for a hostname (for example, foo.com)? What would be the type for the RR that contains the hostname of the mail server? (1 mark) Section 2.5 R21. In BitTorrent, suppose Alice provides chunks to Bob throughout a 30-second interval. Will Bob necessarily return the favor and provide chunks to Alice in this same interval? Why or why not? (1 mark) Section 2.6 R24. CDN typically adopt one of two different server placement philosophies. Name and briefly describe them. (1 mark) Section 2.7 R27. For the client-server application over TCP described in Section 2.7, why must the server program be executed before the client program? For the client-server application over UDP, why may the client program be executed before the server program? (1 mark) Problems P1. True or false? (5 marks) a. A user requests a Web page that consists of some text and three images. For this page, the client will send one request message and receive four response messages. b. Two distinct Web pages (for example, www.mit.edu/research.html and www.mit.edu/students.html) can be sent over the same persistent connection. c. With non-persistent connections between browser and origin server, it is possible for a single TCP segment to carry two distinct HTTP request messages. d. The Date: header in the HTTP response message indicates when the object in the response was last modified. e. HTTP response messages never have an empty message body. P6. Obtain the HTTP/1.1 specification (RFC 2616). Answer the following questions: (4 marks) a. Explain the mechanism used for signaling between the client and server to indicate that a persistent connection is being closed. Can the client, the server, or both signal the close of a connection? b. What encryption services are provided by HTTP? c. Can a client open three or more simultaneous connections with a given server? d. Either a server or a client may close a transport connection between them if either one detects the connection has been idle for some time. Is it possible that one side starts closing a connection while the other side is transmitting data via this connection? Explain. 2 P16. Read the POP3 RFC, RFC 1939. What is the purpose of the UIDL POP3 command? (1 mark) P32. What is the Apache Web Server? How much does it cost? What functionality does it currently have? You may want to look at Wikipedia to answer this question. (6 marks) 3 Part B – Wireshark Lab Wireshark Lab: HTTP v7.0 Supplement to Computer Networking: A Top-Down Approach, 7th ed., J.F. Kurose and K.W. Ross “Tell me and I forget. Show me and I remember. Involve me and I understand.” Chinese proverb © 2005-2016, J.F Kurose and K.W. Ross, All Rights Reserved Having gotten our feet wet with the Wireshark packet sniffer in the introductory lab, we’re now ready to use Wireshark to investigate protocols in operation. In this lab, we’ll explore several aspects of the HTTP protocol: the basic GET/response interaction, HTTP message formats, retrieving large HTML files, retrieving HTML files with embedded objects, and HTTP authentication and security. Before beginning these labs, you might want to review Section 2.2 of the text.1 1. The Basic HTTP GET/response interaction Let’s begin our exploration of HTTP by downloading a very simple HTML file - one that is very short, and contains no embedded objects. Do the following: 1. Start up your web browser. 2. Start up the Wireshark packet sniffer, as described in the Introductory lab (but don’t yet begin packet capture). Enter “http” (just the letters, not the quotation marks) in the display-filter-specification window, so that only captured HTTP messages will be displayed later in the packet-listing window. (We’re only interested in the HTTP protocol here, and don’t want to see the clutter of all captured packets). 3. Wait a bit more than one minute (we’ll see why shortly), and then begin Wireshark packet capture. 4. Enter the following to your browser http://gaia.cs.umass.edu/wireshark-labs/HTTP-wireshark-file1.html Your browser should display the very simple, one-line HTML file. 5. Stop Wireshark packet capture. 1 References to figures and sections are for the 7th edition of our text, Computer Networks, A Top-down Approach, 7th ed., J.F. Kurose and K.W. Ross, Addison-Wesley/Pearson, 2016. 4 Your Wireshark window should look similar to the window shown in Figure 1. If you are unable to run Wireshark on a live network connection, you can download a packet trace that was created when the steps above were followed.2 Figure 1: Wireshark Display after http://gaia.cs.umass.edu/wireshark-labs/ HTTP-wireshark- file1.html has been retrieved by your browser The example in Figure 1 shows in the packet-listing window that two HTTP messages were captured: the GET message (from your browser to the gaia.cs.umass.edu web server) and the response message from the server to your browser. The packet-contents window shows details of the selected message (in this case the HTTP OK message, which is highlighted in the packet- listing window). Recall that since the HTTP message was carried inside a TCP segment, which was carried inside an IP datagram, which was carried within an Ethernet frame, Wireshark displays the Frame, Ethernet, IP, and TCP packet information as well. We want to minimize the amount of non-HTTP data displayed (we’re interested in HTTP here, and will be investigating these other protocols is later labs), so make sure the boxes at the far left of the Frame, Ethernet, IP and TCP information have a plus sign or a right-pointing triangle (which means there is hidden, undisplayed information), and the HTTP line has a minus sign or a down-pointing triangle (which means that all information about the HTTP message is displayed). 2 Download the zip file http://gaia.cs.umass.edu/wireshark-labs/wireshark-traces.zip and extract the file http- ethereal-trace-1. The traces in this zip file were collected by Wireshark running on one of the author’s computers, while performing the steps indicated in the Wireshark lab. Once you have downloaded the trace, you can load it into Wireshark and view the trace using the File pull down menu, choosing Open, and then selecting the http-ethereal- trace-1 trace file. The resulting display should look similar to Figure 1. (The Wireshark user interface displays just a bit differently on different operating systems, and in different versions of Wireshark). 5 (Note: You should ignore any HTTP GET and response for favicon.ico. If you see a reference to this file, it is your browser automatically asking the server if it (the server) has a small icon file that should be displayed next to the displayed URL in your browser. We’ll ignore references to this pesky file in this lab.). By looking at the information in the HTTP GET and response messages, answer the following questions. When answering the following questions, you should print out the GET and response messages (see the introductory Wireshark lab for an explanation of how to do this) and indicate where in the message you’ve found the information that answers the following questions. When you hand in your assignment, annotate the output so that it’s clear where in the output you’re getting the information for your answer (e.g., for our classes, we ask that students markup paper copies with a pen, or annotate electronic copies with text in a colored font). 1. Is your browser running HTTP version 1.0 or 1.1? What version of HTTP is the server running? 2. What languages (if any) does your browser indicate that it can accept to the server? 3.