Execute the following steps.
1) Ensure that no browsing activity is going on in your machine. Close all the browser tabs.
2) Download and run Wireshark.
3) Start capturing packets over your default (active) network interface. 4) Open a browser tab and open the website http://iitkgp.ac.in /. 5) Wait for 2 minutes.
6) Now on the same browser tab, open the website https://www.cornell.edu /. 7) Close the browser tabs.
8) Stop packet capture.
9) Save the pcap file from Wireshark.
Now answer the following questions by analyzing the packet traces.
1. What are the different protocols you observe at the following layers of the protocol stack?
a. Application layer
b. Transport layer
c. Network layer
2. What is the total amount of data being received for the following two cases?
a. When you access http://iitkgp.ac.i n
b. When you access https://www.cornell.ed u
3. How many DNS packets have you observed in total?
a. Create a <Domain Name, IP table by exploring the queries and the answers in those DNS packets. The Domain Name will be the domain for which you see a query, and the IP address will be the address that is being returned against the corresponding query.
b. Can you find out the IP of the DNS servers by exploring the DNS packets?
4. Answer the following when you access the site http://iitkgp.ac.i n.
a. How many HTTP GET requests do you observe? List down the GET requests.
b. For each of the HTTP GET requests as you see above, find out (ii) the total number of TCP segments being received, and (ii) the total amount of data being received in the corresponding HTTP Response message.
