Please answer the following questions. Working and/or explanations would be grea
ID: 3738527 • Letter: P
Question
Please answer the following questions.
Working and/or explanations would be greatly appreciated
The learning outcome of this assignment is to illustrate HTTP and its relationship to lower-level protocols. To this end, you are required to study a given HTTP request sent to www.glory.co.nz and the response returned by www.glory.co.nz. You will be asked to map the request and response to the lower-level protocols. 1. Assuming that the HTTP request is version 1.1, what is the mandatory HTTP header the request should contain? Please provide the complete header line consisting of both the header field as well as value in the correct format. The size of the HTTP request is 674 bytes. You are asked to calculate packet sizes for the various protocols that lie beneath HTTP. To do so, please assume that you would maximize the packet sizes (think about why you would want to maximize packet sizes) 2. How many TCP packets would you need to send for this HTTP request, ignoring handshakes and re-transmissions? 3. What is the size of the first TCP packet, assuming there are no TCP options? Plcase provide the answer in bytes 4. What is the size of the first IP packet, assuming there are no optional flags? Please provide the answer in bytes. 5. What is the size of the first Ethernet packet? In the size calculations, include the fields representing source and destination MAC addresses, type, payload, and the checksum. Please provide the answer in bytes. 6. What is the size of the payload this Ethernet packet carries? Please provide the answer in bytes The size of the HTTP response is 24821 bytes. You are asked to calculate packet sizes for the various protocols that lie beneath HTTP. To do so, please assume that you would maximize the packet sizes (again, think about why you would want to maximize packet sizes) 7. How many TCP packets would you need to send for this HTTP response, ignoring handshakes and re-transmissions? 8. What is the size of the first TCP packet, assuming there are no TCP options? Please provide the answer in bytes 9. What is the size of the first IP packet, assuming there are no optional flags? Please provide the answer in bytes. 10. What is the size of the first Eshernet packet? In the size calculations, include the fields representing source and destination MAC addresses, type, payload, and the checksum. Please provide the answer in bytes. 11. What is the size of the payload the first Ethernet packet carries? Please provide the answer in bytes. 12. What is the size of the last TCP packet, assuming there are no TCP options? Please provide the answer in bytes. 13. What is the size of the last IP packet, assuming there are no optional flags? Please provide the answer in bytes. 14. What is the size of the last Ethernet packet? In the size calculations, include the fields representing source and destination MAC addresses, type, payload, and the checksum. Please provide the answer in bytes 15. What is the size of the payload the last Ethernet packet carries? Please provide the answer in bytes.Explanation / Answer
The complete information regarding your question.
The Hypertext Transfer Protocol (HTTP) is an application convention for circulated, communitarian, and hypermedia data systems.[1] HTTP is the establishment of information correspondence for the World Wide Web.
Hypertext is organized content that utilizations legitimate connections (hyperlinks) between hubs containing content. HTTP is the convention to trade or exchange hypertext.
Advancement of HTTP was started by Tim Berners-Lee at CERN in 1989. Measures improvement of HTTP was composed by the Internet Engineering Task Force (IETF) and the World Wide Web Consortium (W3C), coming full circle in the production of a progression of Requests for Comments (RFCs). The main meaning of HTTP/1.1, the rendition of HTTP in like manner utilize, happened in RFC 2068 of every 1997, despite the fact that this was made out of date by RFC 2616 out of 1999 and after that again by the RFC 7230 group of RFCs in 2014.
A later form, the successor HTTP/2, was institutionalized in 2015, and is currently upheld by real web servers and programs over TLS utilizing ALPN extension where TLS 1.2 or more up to date is required.
HTTP works as a request– reaction convention in the client– server processing model. A web program, for instance, might be the customer and an application running on a PC facilitating a site might be the server. The customer presents a HTTP ask for message to the server. The server, which gives assets, for example, HTML records and other substance, or performs different capacities for the benefit of the customer, restores a reaction message to the customer. The reaction contains finish status data about the demand and may likewise contain asked for content in its message body.
A web program is a case of a client specialist (UA). Different kinds of client specialist incorporate the ordering programming utilized via look suppliers (web crawlers), voice programs, versatile applications, and other programming that gets to, expends, or shows web content.
HTTP is intended to allow middle of the road organize components to enhance or empower interchanges amongst customers and servers. High-activity sites frequently advantage from web store servers that convey content in the interest of upstream servers to enhance reaction time. Web programs store already got to web assets and reuse them when conceivable to decrease organize movement. HTTP intermediary servers at private system limits can encourage correspondence for customers without a comprehensively routable address, by handing-off messages with outside servers.
HTTP is an application layer convention composed inside the structure of the Internet convention suite. Its definition presumes a basic and dependable transport layer protocol, and Transmission Control Protocol (TCP) is generally utilized. However HTTP can be adjusted to utilize untrustworthy conventions, for example, the User Datagram Protocol (UDP), for instance in HTTPU and Simple Service Discovery Protocol (SSDP).
HTTP assets are distinguished and situated on the system by Uniform Resource Locators (URLs), utilizing the Uniform Resource Identifiers (URI's) plans http and https. URIs and hyperlinks in HTML reports frame between connected hypertext records.
HTTP/1.1 is an update of the first (HTTP/1.0). In HTTP/1.0 a different association with a similar server is made for each asset ask. HTTP/1.1 can reuse an association different circumstances to download pictures, contents, templates, and so forth after the page has been conveyed. HTTP/1.1 correspondences hence encounter less inactivity as the foundation of TCP associations presents impressive overhead.
HTTP session
A HTTP session is a grouping of system ask for reaction exchanges. A HTTP customer starts a demand by setting up a Transmission Control Protocol (TCP) association with a specific port on a server (normally port 80, infrequently port 8080; see List of TCP and UDP port numbers). A HTTP server tuning in on that port sits tight for a customer's demand message. After accepting the demand, the server sends back a status line, for example, "HTTP/1.1 200 OK", and its very own message. The body of this message is regularly the asked for asset, in spite of the fact that a blunder message or other data may likewise be returned.
HTTP validation
HTTP gives different confirmation plans, for example, essential access validation and process get to verification which work by means of a test reaction system whereby the server recognizes and issues a test before serving the asked for content.
HTTP gives a general system to get to control and verification, by means of an extensible arrangement of test reaction confirmation plans, which can be utilized by a server to challenge a customer ask for and by a customer to give validation information.
Confirmation domains
The HTTP Authentication detail likewise gives a self-assertive, usage particular develop for additionally partitioning assets basic to a given root URI. The domain esteem string, if show, is joined with the authoritative root URI to frame the assurance space segment of the test. This in actuality enables the server to characterize isolate confirmation scopes under one root URI.
Demand techniques
A HTTP 1.1 demand made utilizing telnet. The ask for message, reaction header segment, and reaction body are featured.
HTTP characterizes strategies (once in a while alluded to as verbs) to demonstrate the coveted activity to be performed on the distinguished asset. What this asset speaks to, regardless of whether prior information or information that is created powerfully, relies upon the execution of the server. Frequently, the asset compares to a record or the yield of an executable living on the server. The HTTP/1.0 specification characterized the GET, POST and HEAD techniques and the HTTP/1.1 specificationincluded 5 new strategies: OPTIONS, PUT, DELETE, TRACE and CONNECT. By being indicated in these records their semantics are outstanding and can be relied upon. Any customer can utilize any technique and the server can be arranged to help any mix of strategies. On the off chance that a technique is obscure to a transitional it will be dealt with as a perilous and non-idempotent strategy. There is no restriction to the quantity of techniques that can be characterized and this considers future strategies to be determined without breaking existing framework. For instance, WebDAV characterized 7 new techniques and RFC 5789 determined the PATCH strategy.
Fundamental article: List of HTTP header fields
GET
The GET technique asks for a portrayal of the predetermined asset. Solicitations utilizing GET should just recover information and ought to have no other impact. (This is additionally valid for some other HTTP methods.)The W3C has distributed direction standards on this refinement, saying, "Web application configuration ought to be educated by the above standards, yet additionally by the important limitations."See safe techniques underneath.
HEAD
The HEAD strategy requests a reaction indistinguishable to that of a GET ask for, however without the reaction body. This is helpful for recovering meta-data written accordingly headers, without transporting the whole substance.
POST
The POST strategy asks for that the server acknowledge the element encased in the demand as another subordinate of the web asset recognized by the URI. The information POSTed may be, for instance, an explanation for existing assets; a message for a notice board, newsgroup, mailing rundown, or remark string; a piece of information that is the aftereffect of presenting a web frame to an information taking care of process; or a thing to add to a database.
PUT
The PUT technique asks for that the encased element be put away under the provided URI. On the off chance that the URI alludes to an effectively existing asset, it is adjusted; if the URI does not point to a current asset, at that point the server can make the asset with that URI.
Erase
The DELETE strategy erases the predefined asset.
Follow
The TRACE strategy echoes the got ask for so a customer can perceive what (assuming any) progressions or augmentations have been made by middle of the road servers.
Choices
The OPTIONS technique restores the HTTP strategies that the server bolsters for the predetermined URL. This can be utilized to check the usefulness of a web server by asking for '*' rather than a particular asset.
Interface
[18] The CONNECT strategy changes over the demand association with a straightforward TCP/IP burrow, generally to encourage SSL-encoded correspondence (HTTPS) through a decoded HTTP proxy.[19][20] See HTTP CONNECT burrowing.
Fix
The PATCH strategy applies fractional alterations to a resource.
All universally useful HTTP servers are required to actualize in any event the GET and HEAD techniques, and every single other strategy are viewed as discretionary by the specification.
All general purpose HTTP servers are required to actualize in any event the GET and HEAD techniques, and every other strategy are viewed as discretionary by the specification.
Safe strategies
A portion of the strategies (for instance, HEAD, GET, OPTIONS and TRACE) are, by tradition, characterized as protected, which implies they are planned just for data recovery and ought not change the condition of the server. At the end of the day, they ought not have symptoms, past generally innocuous impacts, for example, logging, storing, the serving of pennant ads or augmenting a web counter. Influencing discretionary To get demands without respect to the setting of the application's state ought to in this manner be viewed as protected. In any case, this isn't ordered by the standard, and it is unequivocally recognized that it can't be ensured.
By differentiate, techniques, for example, POST, PUT, DELETE and PATCH are proposed for activities that may cause reactions either on the server, or outside symptoms, for example, monetary exchanges or transmission of email. Such techniques are in this way not typically utilized by adjusting web robots or web crawlers; some that don't adjust tend to make demands without respect to setting or outcomes.
In spite of the endorsed wellbeing of GET asks for, by and by their dealing with by the server isn't in fact constrained in any capacity. Thusly, indiscreet or ponder programming can cause non-trifling changes on the server. This is disheartened, on the grounds that it can cause issues for web storing, web crawlers and other robotized operators, which can roll out unintended improvements on the server. For instance, a site may permit erasure of an asset through a URL, for example, http://example.com/article/1234/erase, which, if discretionarily brought, notwithstanding utilizing GET, would basically erase the article.
One case of this happening by and by was amid the fleeting Google Web Accelerator beta, which prefetched discretionary URLs on the page a client was seeing, making records be naturally changed or erased as once huge mob. The beta was suspended just weeks after its first discharge, following broad criticism.
Idempotent strategies and web applications
Strategies PUT and DELETE are characterized to be idempotent, implying that different indistinguishable solicitations ought to have an indistinguishable impact from a solitary demand (take note of that idempotence alludes to the condition of the framework after the demand has finished, so while the move the server makes (e.g. erasing a record) or the reaction code it profits might be distinctive for consequent solicitations, the framework state will be the same each time[citation needed]). Techniques GET, HEAD, OPTIONS and TRACE, being endorsed as protected, ought to likewise be idempotent, as HTTP is a stateless protocol.
Interestingly, the POST technique isn't really idempotent, and hence sending an indistinguishable POST ask for different circumstances may additionally influence state or bring on additional symptoms, (for example, money related exchanges). At times this might be alluring, yet in different cases this could be because of a mishap, for example, when a client does not understand that their activity will bring about sending another demand, or they didn't get sufficient criticism that their first demand was fruitful. While web programs may indicate ready exchange boxes to caution clients now and again where reloading a page may re-present a POST ask for, it is for the most part up to the web application to deal with situations where a POST ask for ought not be submitted more than once.
Note that whether a strategy is idempotent isn't implemented by the convention or web server. It is flawlessly conceivable to compose a web application in which (for instance) a database embed or other non-idempotent activity is activated by a GET or other demand. Overlooking this proposal, in any case, may bring about unwanted results, if a client specialist accept that rehashing a similar demand is protected when it isn't.
Security
The TRACE technique can be utilized as a major aspect of a class of assaults known as cross-site following; hence, basic security exhortation is for it to be incapacitated in the server configuration.Microsoft IIS bolsters a restrictive "TRACK" strategy, which acts correspondingly, and which is in like manner prescribed to be disabled.
Status codes
See likewise: List of HTTP status codes
In HTTP/1.0 and since, the primary line of the HTTP reaction is known as the status line and incorporates a numeric status code, (for example, "404") and a literary reason express, (for example, "Not Found"). The way the client specialist handles the reaction essentially relies upon the code and optionally on the other reaction header fields. Custom status codes can be utilized since, if the client operator experiences a code it doesn't remember, it can utilize the primary digit of the code to decide the general class of the response.
standard reason phrases are just proposals and can be supplanted with "nearby counterparts" at the web engineer's attentiveness. In the event that the status code showed an issue, the client operator may show the reason expression to the client to give additional data about the idea of the issue. The standard additionally enables the client specialist to endeavor to translate the reason expression, however this may be rash since the standard unequivocally indicates that status codes are machine-lucid and reason phrases are comprehensible. HTTP status code is fundamentally isolated into five gatherings for better clarification of demand and reactions amongst customer and server as named: Informational 1XX, Successful 2XX, Redirection 3XX, Client Error 4XX and Server Error 5XX.
Determined associations
Primary article: HTTP constant association
In HTTP/0.9 and 1.0, the association is shut after a solitary demand/reaction combine. In HTTP/1.1 a keep-alive-instrument was presented, where an association could be reused for in excess of one demand. Such relentless associations decrease ask for inactivity distinguishably, on the grounds that the customer does not have to re-arrange the TCP 3-Way-Handshake association after the main demand has been sent. Another positive reaction is that when all is said in done the association turns out to be speedier with time because of TCP's moderate begin component.
Adaptation 1.1 of the convention likewise made data transmission streamlining changes to HTTP/1.0. For instance, HTTP/1.1 acquainted lumped exchange encoding with enable substance on persevering associations with be gushed as opposed to cradled. HTTP pipelining further decreases slack time, enabling customers to send various demands previously sitting tight for every reaction. Another expansion to the convention was byte serving, where a server transmits only the bit of an asset unequivocally asked for by a customer.
HTTP session state
HTTP is a stateless convention. A stateless convention does not require the HTTP server to hold data or status about every client for the term of various solicitations. Notwithstanding, some web applications execute states or server side sessions utilizing for example HTTP treats or shrouded factors inside web shapes.
Scrambled associations
The most well known method for setting up a scrambled HTTP association is HTTP Secure.[27] Two different techniques for building up an encoded HTTP association likewise exist: Secure Hypertext Transfer Protocol, and utilizing the HTTP/1.1 Upgrade header to indicate a move up to TLS. Program bolster for these two is, nonetheless, about non-existent.
Message arrange
The customer and server impart by sending plain-content (ASCII) messages. The customer sends solicitations to the server and the server sends reactions.
Demand message
The ask for message comprises of the accompanying:
An ask for line (e.g., GET/pictures/logo.png HTTP/1.1, which asks for an asset called/pictures/logo.png from the server).
Demand header fields (e.g., Accept-Language: en).
An unfilled line.
A discretionary message body.
The ask for line and other header fields should each end with <CR><LF> (that is, a carriage return character took after by a line encourage character). The unfilled line must comprise of just <CR><LF> and no other whitespace. In the HTTP/1.1 convention, all header fields with the exception of Host are discretionary.
An ask for line containing just the way name is acknowledged by servers to keep up similarity with HTTP customers before the HTTP/1.0 determination in RFC 1945.
Reaction message
The reaction message comprises of the accompanying:
A status line which incorporates the status code and reason message (e.g., HTTP/1.1 200 OK, which shows that the customer's demand succeeded).
Reaction header fields (e.g., Content-Type: content/html).
An unfilled line.
A discretionary message body.
The status line and other header fields should all end with <CR><LF>. The unfilled line must comprise of just <CR><LF> and no other whitespace. This strict prerequisite for <CR><LF> is casual to some degree inside message bodies for reliable utilization of other framework linebreaks, for example, <CR> or <LF> alone.