lab-extra-credit-report.txt

Yu Cheng (Jade)
ICS 351
Lab Report extra-credit lab
December 14, 2008

[Exercise 1-3]
We connected the ethernet interfaces of the PC1 and PC2.  We used the following
commands to configure the interfaces of the PCs:

    on PC1: `ifconfig eth0 10.0.1.11/24`
    on PC2: `ifconfig eth1 10.0.1.22/24`

We moved the my .html files and the images from the flash drive to the following
directory on PC1.

    on PC1 /var/www/html

We then started the Apache web server on PC1 using command:

    on PC1: `/etc/rc.d/init.d/http start`

We were able to browse (Konqueror) the prepared web pages on the local host
using URL:

    on PC1 "http://10.0.0.11/page1.html"

Question 1: How many requests were sent on the first connection? How many
replies? Was there only one TCP connection, or more than one? If there was more
than one request, what web content was requested by the different requests?

We saved the wireshark captured network traffic as file ex3-1.wireshark while we
browsing the page on the local host.  There were 2 http requests and 2 http
replies sent.  There were 4 TCP connections . One requests was to request the
text of the page, the other one was to request the image of that page.  I've
attached below the packets summeraies.

--------------------------- from PC1 using Konqueror ---------------------------

No. Time      Source     Destination  Protocol Info
4   0.000931  10.0.0.11  10.0.0.11    HTTP     GET /page1.html HTTP/1.1
6   0.001843  10.0.0.11  10.0.0.11    HTTP     HTTP/1.1 200 OK (text/html)
15  0.451107  10.0.0.11  10.0.0.11    HTTP     GET /Garfield3-1.jpg HTTP/1.1
17  0.452012  10.0.0.11  10.0.0.11    HTTP     HTTP/1.1 200 OK (JPEG JFIF image)
--------------------------------------------------------------------------------

We repeated the previous step using firefox and saved the captured wireshark
network traffic as file ex3-2.wireshark.

Question 2: How many requests were sent on the first connection? How many
replies? Was there only one TCP connection, or more than one? If there was more
than one request, what web content was requested by the different requests?

There were 3 http requests and 3 http replies sent.  There were 6 TCP
connections.  One request was for the text, one was for the image, and the last
one was for the favicon.  I've attached below the packets summeraies.

---------------------------- from PC1 using firefox ----------------------------

No. Time      Source     Destination Protocol Info
4    0.000078 10.0.0.11  10.0.0.11   HTTP     GET /page1.html HTTP/1.1
6    0.000137 10.0.0.11  10.0.0.11   HTTP     HTTP/1.1 200 OK (text/html)
14   0.130735 10.0.0.11  10.0.0.11   HTTP     GET /Garfield3-1.jpg HTTP/1.1
16   0.131601 10.0.0.11  10.0.0.11   HTTP     HTTP /1.1 200 OK (JPEG JFIF image)
28   3.681689 10.0.0.11  10.0.0.11   HTTP     GET /favicon.ico HTTP/1.1
30   3.682652 10.0.0.11  10.0.0.11   HTTP     HTTP/1.1 404 Not Found (text/html)
--------------------------------------------------------------------------------

Question 3: compare the two request headers (for the main page) and the two
response headers, and find out if they were the same or different.

One header indicates that the request was to request the text part of the page:
GET /page1.html HTTP/1.1.  The other header indicates that the request was to
request the image part of the page: GET /Garfield3-1.jpg HTTP/1.1.

The cooresponding replies were to answer their requests.  There for one reply
answered that the text sent through successfully: HTTP/1.1 200 OK (text/html)
The other reply answered that the image sent through successfully: HTTP /1.1 200
OK (JPEG JFIF image).


[Exercise 4-6]
We then repeated the previous two steps from PC2.  First, we use Konqueror.

Question 1: How many requests were sent on the first connection? How many
replies? Was there only one TCP connection, or more than one? If there was more
than one request, what web content was requested by the different requests?

We obsered 2 http requests, 2 http replies, and 4 TCP connections.  They were
also request and reply for the text part of the page and request and reply for
the image part of the page.  I've attached the packets summeraies.

--------------------------- from PC2 using Konqueror ---------------------------

No. Time      Source     Destination Protocol Info
4   0.001140  10.0.0.22  10.0.0.11   HTTP     GET /page1.html HTTP/1.1
8   0.002607  10.0.0.11  10.0.0.22   HTTP     HTTP/1.1 200 OK (text/html)
17  0.456476  10.0.0.22  10.0.0.11   HTTP     GET /Garfield3-1.jpg HTTP/1.1
71  0.462003  10.0.0.11  10.0.0.22   HTTP     HTTP/1.1 200 OK  (JPEG JFIF image)
--------------------------------------------------------------------------------

Then we did the same thing using firefox as the browser instead of Konqueror.

Question 2: How many requests were sent on the first connection? How many
replies? Was there only one TCP connection, or more than one? If there was more
than one request, what web content was requested by the different requests?

This time we didn't abserve the http request for fivicon.  We observed again 2
http requests, 2 http replies and 4 TCP connections.

---------------------------- from PC2 using firefox ----------------------------

No. Time      Source     Destination Protocol Info
4   0.000052  10.0.0.22  10.0.0.11   HTTP     GET /page1.html HTTP/1.1
8   0.001330  10.0.0.11  10.0.0.22   HTTP     HTTP/1.1 200 OK (text/html)
16  0.038473  10.0.0.22  10.0.0.11   HTTP     GET /Garfield3-1.jpg HTTP/1.1
70  0.043911  10.0.0.11  10.0.0.22   HTTP     HTTP/1.1 200 OK  (JPEG JFIF image)
--------------------------------------------------------------------------------

Question 3: compare the two request headers (for the main page) and the two
response headers, and find out if they were the same or different.

The request and reply packets came as pairs.  One pair for the transmission of
the text part of the page, and another pair for the transmission of the image
of the page.  These were the same for both this exercise and the previous one.


[Exercise 7]
We had the browser sent a request that didn't correspond to any actual URL.  We
did it by typing in a URL that did not exist.  We didn't save the wireshark
output, so I did it again at home.  I've attached the packets summeraies.

---------------------------- from PC2 using firefox ----------------------------

No. Time      Source          Destination    Protocol Info
8   6.380782  192.168.1.100   128.171.94.193 HTTP     GET /~yucheng/aha HTTP/1.1
10  6.398359  128.171.94.193  192.168.1.100  HTTP     HTTP/1.1 404 Not Found
                                                      (text/html)
--------------------------------------------------------------------------------


[Exercise 8]
We didn't observe the connection termination.  The server was supposed to close
the TCP connecton after the timeout timer, which was set to 5 minutes.  I tried
this exercise at home.  After about 20 seconds, I observed that the server sent
out [FIN] packet to request terminating the connection.

---------------------- from  home computuer using firefox ----------------------

No.  Time        Source           Destination    Protocol Info
71   21.407276   128.171.94.193   192.168.1.100  TCP      http > 2825 [FIN, ACK]
                    (server)          (client)            Seq=9193 Ack=785

72   21.407354   192.168.1.100    128.171.94.193 TCP      2825 > http [ACK]
                    (client)          (server)            Seq=785 Ack=9194
--------------------------------------------------------------------------------


[Exercise 9]
Question 1: Does the browser reload the root web page before going to the link
you clicked on?

No, the browser didn't reload the root page, it sent out the request for the
linked page directly  For example, I've attached the requests and replies when
we clicked page 2's link from page 1.

----------------------------------- from PC2 -----------------------------------

No. Time       Source     Destination Proto  Info
6   0.000567   10.0.0.22  10.0.0.11   HTTP   GET /page1.html HTTP/1.1
8   0.001725   10.0.0.11  10.0.0.22   HTTP   HTTP/1.1 200 OK (text/html)
16  0.052191   10.0.0.22  10.0.0.11   HTTP   GET /Garfield3-1.jpg HTTP/1.1
18  0.053173   10.0.0.11  10.0.0.22   HTTP   HTTP/1.1 200 OK  (JPEG JFIF image)
26  26.966704  10.0.0.22  10.0.0.11   HTTP   GET /page2.html HTTP/1.1
30  26.968135  10.0.0.11  10.0.0.22   HTTP   HTTP/1.1 200 OK  (text/html)
38  27.057187  10.0.0.22  10.0.0.11   HTTP   GET /Garfield3-2.jpg HTTP/1.1
92  27.062663  10.0.0.11  10.0.0.22   HTTP   HTTP/1.1 200 OK  (JPEG JFIF image)
--------------------------------------------------------------------------------

Question 2: Return to the root web page. Does the browser reload it from the
server, or does it use a copy that it cached internally?

No, the browser didn't reload the root page when we returned to it.  It used a
copy that is cached internally.  For example, I've attached the packets we
captured when we went back from page 3 to page 1.  The replies indicates that
the contents of the page was not changed.  The browser used the cached
information of page 1.

----------------------------------- from PC2 -----------------------------------

No.  Time       Source     Destination  Prot  Info
6    0.000567   10.0.0.22  10.0.0.11    HTTP  GET /page1.html HTTP/1.1
8    0.001725   10.0.0.11  10.0.0.22    HTTP  HTTP/1.1 200 OK (text/html)
16   0.052191   10.0.0.22  10.0.0.11    HTTP  GET /Garfield3-1.jpg HTTP/1.1
18   0.053173   10.0.0.11  10.0.0.22    HTTP  HTTP/1.1 200 OK  (JPEG JFIF image)
:    :          :          :            :     :
:    :          :          :            :     :
171  157.355498 10.0.0.22  10.0.0.11    HTTP  GET /page1.html HTTP/1.1
173  157.356620 10.0.0.11  10.0.0.22    HTTP  HTTP/1.1 304 Not Modified
181  157.396900 10.0.0.22  10.0.0.11    HTTP  GET /Garfield3-1.jpg HTTP/1.1
183  157.397972 10.0.0.11  10.0.0.22    HTTP  HTTP/1.1 304 Not Modified
--------------------------------------------------------------------------------

Question 3: How many times did you have to reload it for that to happen?

We clicked refresh on page 1 quite some times.  All we observed was the Not
Modified reply and the browser didn't reload the page.  Therefore used Ctrl-F5
to force the browser to reload the page.  I've copied the packets's summeraies
and the fields in the http request header indicating not to use cache.

----------------------------------- from PC2 -----------------------------------

No.  Time       Source     Destination  Prot  Info
:    :          :          :            :     :
:    :          :          :            :     :
332  356.941511 10.0.0.22  10.0.0.11    HTTP  GET /page1.html HTTP/1.1
334  356.942591 10.0.0.11  10.0.0.22    HTTP  HTTP/1.1 304 Not Modified
342  356.982010 10.0.0.22  10.0.0.11    HTTP  GET /Garfield3-1.jpg HTTP/1.1
344  356.982988 10.0.0.11  10.0.0.22    HTTP  HTTP/1.1 304 Not Modified
352  366.891977 10.0.0.22  10.0.0.11    HTTP  GET /page1.html HTTP/1.1
356  366.893393 10.0.0.11  10.0.0.22    HTTP  HTTP/1.1 200 OK  (text/html)
364  366.934241 10.0.0.22  10.0.0.11    HTTP  GET /Garfield3-1.jpg HTTP/1.1
418  366.939703 10.0.0.11  10.0.0.22    HTTP  HTTP/1.1 200 OK  (JPEG JFIF image)

---------------------------- http request header -------------------------------

    GET /page1.html HTTP/1.1\r\n
    Host: 10.0.0.11\r\n
    :
    :
    Pragma: no-cache\r\n
    Cache-Control: no-cache\r\n
--------------------------------------------------------------------------------


[Exercise 10]
We tried the load a page that didn't exist on our serer and save the wireshark
captured network traffic as file ex10.wireshark.  I've attached below the
relavent information.  The http reply also sent back the html contents for the
404 error page.

----------------------------------- from PC2 -----------------------------------

No. Time       Source     Destination  Prot  Info
4   0.000262   10.0.0.22  10.0.0.11    HTTP  GET /page4.html HTTP/1.1
6   0.001547   10.0.0.11  10.0.0.22    HTTP  HTTP/1.1 404 Not Found  (text/html)

------------------------------- http reply header ------------------------------
    HTTP/1.1 404 Not Found\r\n              ==> server couldn't find the request
    Date: Fri, 12 Dec 2008 03:35:53 GMT\r\n ==> the date and time
    Server: Apache/2.2.8 (Fedora)\r\n       ==> the web server
    Content-Length: 282                     ==> the content length of the packet
    Connection: close\r\n                   ==> connection was closed
    Content-Type: text/html;                ==> this reply contents is text
                  charset=iso-8859-1\r\n
    \r\n
--------------------------------------------------------------------------------


[Exercise 11]
We used the text based browser (Links) to browse our pages.  We saved the
wireshark captured network traffic as file ex11.wireshark.  The main difference
was that the browser didn't even try to request for the images.  I've attached
the packets's summeraies for loading page 1 and page 2.

----------------------------------- from PC2 -----------------------------------

No.   Time         Source       Destination  Prot   Info
4     0.000210     10.0.0.22    10.0.0.11    HTTP   GET /page1.html HTTP/1.1
8     0.001041     10.0.0.11    10.0.0.22    HTTP   HTTP/1.1 200 OK  (text/html)
16    59.865670    10.0.0.22    10.0.0.11    HTTP   GET /page2.html HTTP/1.1
20    59.867087    10.0.0.11    10.0.0.22    HTTP   HTTP/1.1 200 OK  (text/html)
--------------------------------------------------------------------------------

When we clicked on the image links, we saw a list of options that we could do
to handle this image. I did it at home.  The message window was:

------------------ message window for images on Links brwoser ------------------
    Uknown type
    Content type is image/gif.
    Do you want to save or display this file?
    Options: [save]       [Display]       [Cancel]
--------------------------------------------------------------------------------


[Exercise 12]
We telneted PC1 port 80 from PC2 using command `telnet 10.0.0.11 80`.  We typed
in the http request header below to try to communicate with the server, PC1.

    GET / http /1.1
    host: 10.0.0.11 (or anything else)

We successfully connected with PC1.  We can also do `GET /page1.html http /1.1`
to get the contents of the page directly.  We repeated the exercise using HEAD.

    HEAD / http /1.1
    host: 10.0.0.11 (or anything else)

--------------------------------------------------------------------------------
    HEAD / HTTP/1.1
    HOST: 10.0.0.11

    HTTP/1.1 200 OK
    Date: Fri, 12 Dec 2008 03:58:58 GMT
    Server: Apache/2.2.8 (Fedora)
    Connection: close
    Content-Type: text/html;charset=ISO-8859-1
--------------------------------------------------------------------------------

The result contains only the http reply header this time.  Nothing about the
directory of the pages were returned.


[Exercise 14]
We don't want the KeepAliveTimeout field to be too long.  To have the connection
open far too long can be a security issue.

--------------------------------------------------------------------------------
# KeepAliveTimeout: Number of seconds to wait for the next request from the
# same client on the same connection.
#
KeepAliveTimeout 15
--------------------------------------------------------------------------------


[Exercise 15]
We added these two entries in the httpd configuration file.  We also added "PC1"
and "PC5" in the /etc/host file.  We mapped these two names with a different IP
address.  One set of .html files and images were in the directory /var/www/html.
The other set of .html files and images were in the directory /var/www/webpages.

--------------------------------------------------------------------------------
<VirtualHost *:80>
    ServerAdmin webmaster@dummy-host.example.com
    DocumentRoot /var/www/webpages/
    ServerName PC1
    ErrorLog /var/log/dummy-host.example.com-error_log
    CustomLog /var/log/dummy-host.example.com-access_log common
</VirtualHost>


<VirtualHost *:80>
    ServerAdmin webmaster@dummy-host.example.com
    DocumentRoot /var/www/html/
    ServerName PC5
    ErrorLog /var/log/dummy-host.example.com-error_log
    CustomLog /var/log/dummy-host.example.com-access_log common
</VirtualHost>
--------------------------------------------------------------------------------

After this configuration.  We were able to view the pages on both PC1 and PC2
using their vitural host names.

    on PC1 URL: http://PC5/page1.html (this is a file in /var/www/html)
    on PC1 URL: http://PC1/ics351.html (this is a file in /var/www/webpages)
    on PC2 URL: http://PC5/page1.html
    on PC2 URL: http://PC1/ics351.html
Valid HTML 4.01 Valid CSS