1 Instructions: Complete all of the steps below and answer all of the questions (each of which is enclosed in a box). Only submit your answers to the questions.

2 Steps and Questions:

1. Read about the Time Service (RFC 868).
2. What port does the time service run on?
3. What does this mean?
4. Read about the NIST Time Servers.
5. What does NIST stand for?
6. What is the minimum time between queries that the NIST Internet Time Service allows?
7. Download the following two Java applications (you only need the bytecode but may be interested in the source code as well):
   UDPTimeClient: Source (.java), Bytecode (.class)
   TCPTimeClient: Source (.java), Bytecode (.class)
   
8. Make sure you can run both applications from the command line (i.e., java UDPTimeClient time.nist.gov and java TCPTimeClient time.nist.gov where time.nist.gov is the host/server). If you have problems you should find another host/server that supports the Time Service (e.g., www.ustiming.org).
9. Start Wireshark, choose an appropriate device/interface, and filter for UDP.
10. Start a live capture.
11. Why might Wireshark be capturing some UDP packets even though you haven't executed the UDPTimeClient.
12. Execute the UDPTimeClient.
13. Stop the capture.
14. Why was DNS used?
15. What can you learn by looking at the UDP datagrams related to DNS?
16. Given the description of the protocol in the RFC, how many UDP datagrams would you expect to capture as a result of executing the UDPTimeClient (ignoring those related to DNS)?
17. Why might you capture only one UDP datagram?
18. What port on the client was used for the request?
19. What port on the client was the response sent to?
20. Clear the existing filter and start filtering for TCP.
21. Start a live capture.
22. Execute the TCPTimeClient.
23. Stop the capture. (Note: If the application "times out", repeat the last three steps.)
24. Find the first segment of the connecttion.
25. How do you know it's the first segment?
26. What are the next two segments of this connection?
27. What is the next segment of this connection? (Note: Make sure you look at the next TCP segment.) What are the Seq and Ack values?
28. What is the next segment of this connection? What are the Seq and Ack values? Why?
29. How is the connection closed?
30. Clear the existing filter and start filtering for HTTP.
31. Start a live capture.
32. In a browser tab/window, load the URL http://w3.cs.jmu.edu/bernstdh/cs460/helloworld.html
33. Stop the live capture.
34. Select the GET request.
35. What TCP port was used on the client?
36. Start a live capture.
37. In a browser tab/window, load the URL http://w3.cs.jmu.edu/bernstdh/cs460/grimm.html
38. Stop the live capture.
39. Select the response. (Hint: First find the GET request, then find a response from the server to the client with a code of 200 and a content type of text/html.)
40. What is the Content-Length of the HTTP response?
41. Is that the entire length of the HTTP response?
42. How many TCP segments were used to transmit the response, how long were most of the segments, and what was the total length of all of the TCP segments?
43. Select a TCP segment.
44. Click on Statistics-TCP StreamGraph-RTT Graph
45. What were the smallest and largest RTTs?
46. In a browser tab/window, load the URL http://www.gutenberg.org/files/2591/2591-h/2591-h.htm
47. What Content-Encoding was used in the response?
48. What is the Content-Length of the HTTP response?
49. After the content was decoded, how big was it?
50. What software performed the decoding and when?
51. What are the implications of the encoding/decoding process for the network?