《计算机网络基础》课程报告基于Wireshark的TCP和UDP报文分析 目 录一 TCP连接时的三次握手··································3二 TCP连接释放时的四次握手······························5三 UDP报文分析··········································7 3.1 UDP报文结构······································7 3.2 UDP检验和的计算·································7四 结束语···············································9一、TCP连接时的三次握手 TCP 协议为终端设备提供了面向连接的、可靠的网络服务TCP在交换数据报文段之前要在发送方和接收方之间建立连接客户是连接的发起者,服务器是被动打开和客户进行联系具体的过程如下所述第一次握手:客户发送 SYN=1,seq=0的TCP报文给服务器 Ps:客户的TCP向服务器发出连接请求报文段,其首部中的同步位SYN = 1。
序号 seq = 0,表明报文中未携带数据报文如下: 源 端口号:56644(56644) 目的端口号:http(80) [Stream index: 0] Sequence number: 0 (relative sequence number) Header length: 32 bytes Flags: 0x02 (SYN) 000. .... .... = Reserved: Not set ...0 .... .... = Nonce: Not set .... 0... .... = Congestion Window Reduced (CWR): Not set .... .0.. .... = ECN-Echo: Not set .... ..0. .... = Urgent: Not set .... ...0 .... = Acknowledgement: Not set .... .... 0... = Push: Not set .... .... .0.. = Reset: Not set .... .... ..1. = Syn: Set .... .... ...0 = Fin: Not set Window size: 8192 Checksum: 0x1030 [validation disabled] Options: (12 bytes)第二次握手:服务器发送SYN=1,ACK=1,seq=0的TCP报文给客户 Ps:服务器的TCP收到客户发来的连接请求报文段后,如同意,则发回确认。
服务器在确认报文段中应使SYN = 1,使 ACK = 1序号 seq = 0,表明报文中未携带数据报文如下: 源 端口号:http(80) 目的端口号:56644(56644) [Stream index: 0] Sequence number: 0 (relative sequence number) Acknowledgement number: 1 (relative ack number) Header length: 32 bytes Flags: 0x12 (SYN, ACK) 000. .... .... = Reserved: Not set ...0 .... .... = Nonce: Not set .... 0... .... = Congestion Window Reduced (CWR): Not set .... .0.. .... = ECN-Echo: Not set .... ..0. .... = Urgent: Not set .... ...1 .... = Acknowledgement: Set .... .... 0... = Push: Not set .... .... .0.. = Reset: Not set .... .... ..1. = Syn: Set .... .... ...0 = Fin: Not set Window size: 5840 Checksum: 0x54f6 [validation disabled] Options: (12 bytes)第三次握手:客户发送ACK=1的TCP报文给服务器 Ps:客户收到报文段后向服务器给出确认,其 ACK = 1。
客户的 TCP 通知上层应用进程,连接已经建立服务器的 TCP 收到主机客户的确认后,也通知其上层应用进程,TCP 连接已经建立报文如下: 源 端口号:56644(56644) 目的端口号:http(80) [Stream index: 0] Sequence number: 1 (relative sequence number) Acknowledgement number: 1 (relative ack number) Header length: 20 bytes Flags: 0x10 (ACK) 000. .... .... = Reserved: Not set ...0 .... .... = Nonce: Not set .... 0... .... = Congestion Window Reduced (CWR): Not set .... .0.. .... = ECN-Echo: Not set .... ..0. .... = Urgent: Not set .... ...1 .... = Acknowledgement: Set .... .... 0... = Push: Not set .... .... .0.. = Reset: Not set .... .... ..0. = Syn: Not set .... .... ...0 = Fin: Not set Window size: 65928 (scaled) Checksum: 0x1024 [validation disabled]二、TCP连接释放时的四次握手 数据传输结束后,通信的双方都可释放连接。
客户应用进程先向其TCP发出连接释放报文段,并停止再发送数据,主动关闭TCP连接接下来服务器半关闭连接,最后等待结束后释放连接资源具体过程如下所述第一次握手:客户发送FIN=1,seq=u的TCP报文给服务器 Ps:客户把TCP连接释放报文段首部的 FIN = 1,等待服务器的确认报文如下: 源 端口号:56644(56644) 目的端口号:http(80) [Stream index: 0] Sequence number: 1 (relative sequence number) Acknowledgement number: 1 (relative ack number) Header length: 20 bytes Flags: 0x11 (FIN, ACK) 000. .... .... = Reserved: Not set ...0 .... .... = Nonce: Not set .... 0... .... = Congestion Window Reduced (CWR): Not set .... .0.. .... = ECN-Echo: Not set .... ..0. .... = Urgent: Not set .... ...1 .... = Acknowledgement: Set .... .... 0... = Push: Not set .... .... .0.. = Reset: Not set .... .... ..0. = Syn: Not set .... .... ...1 = Fin: Set Window size: 65928 (scaled) Checksum: 0x1024 [validation disabled]第二次握手:服务器发送ACK=1,Acknowledgement number=u+1的TCP报文给客户 Ps:服务器发出确认,确认号Acknowledgement number = u +1。
TCP 服务器进程通知高层应用进程从客户到服务器这个方向的连接就释放了,TCP 连接处于半关闭状态服务器若发送数据,客户仍要接收第三次握手:服务器发送FIN=1,ACK=1,seq=w,Acknowledgement number=u+1的TCP报文给客户 Ps:若服务器已经没有要向客户发送的数据,其应用进程就通知 TCP 释放连接 事实上,第二次握手和第三次握手常常整合体现在同一服务器向客户发送的TCP报文中报文如下: 源 端口号:http(80) 目的端口号:56644(56644) [Stream index: 0] Sequence number: 1 (relative sequence number) Acknowledgement number: 2 (relative ack number) Header length: 20 bytes Flags: 0x11 (FIN, ACK) 000. .... .... = Reserved: Not set ...0 .... .... = Nonce: Not set .... 0... .... = Congestion Window Reduced (CWR): Not set .... .0.. .... = ECN-Echo: Not set .... ..0. .... = Urgent: Not set .... ...1 .... = Acknowledgement: Set .... .... 0... = Push: N。