This repository has been archived on 2024-01-25. You can view files and clone it, but cannot push or open issues or pull requests.
SDi-RPC/Analysis.txt

59 lines
3.5 KiB
Plaintext
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

Q1: Which protocols are used by gRPC on layer 3 and 4?
R1: gRPC uses HTTP/2 as transport protocol and TLS as security protocol.
Q2: Which port is the server using to serve the gRPC service?
R2: The server is using port 80 to serve the gRPC service.
Q3: Which port is the client using and why it is not the same as the server?
R3: The client is using port 60969 to serve the gRPC service. It is not the same as the server because the client is using a random port.
Q4: Locate the IP packet that initiates the TCP connection and give its frame number. Which TCP flag(s) is/are set to establish a new TCP connection?
R4: The frame number is 1. The TCP flag is SYN.
Q5: Locate the IP packet that acknowledges the TCP connection request and note its frame number. Which TCP flag(s) is/are set in this packet?
R5: The frame number is 2. The TCP flag is SYN, ACK.
Q6: Wireshark allows to filter the traffic of a single TCP stream. Apply the filter to follow the first TCP stream. What is the filter expression?
R6: tcp.stream eq 0
Q7: Which protocol is used on layer 7?
R7: The protocol used on layer 7 is HTTP/2.
Q8: What is the main difference between HTTP/1 and HTTP/2?
R8: The main difference between HTTP/1 and HTTP/2 is that HTTP/2 is binary and HTTP/1 is text.
Q9: What is the purpose of the Magic fragment in this HTTP/2 connection?
R9: The purpose of the Magic fragment in this HTTP/2 connection is to establish the connection.
Q10: How many HTTP/2 streams were used by the gRPC exchange and what are their ids?
R10: There are 2 HTTP/2 streams used by the gRPC exchange and their ids are 1 and 3.
Q11: Filter the traffic of the first HTTP/2 stream. What is the filter expression now?
R11: tcp.stream eq 1
Q12: By analysing the exchanged data on that stream, what is its purpose?
R12: The purpose of the stream is to establish the connection.
Q13: Filter the traffic of the second HTTP/2 stream. What is the filter expression now?
R13: tcp.stream eq 3
Q14: By analysing the exchanged data on that stream, what is its purpose?
R14: The purpose of the stream is to send the request and receive the response.
Q15: Find is the HTTP/2 fragment(s) that represent the gRPC request and list the frame numbers. List the headers of the request and their meaning.
R15: Header is on frame 1
Q16: Locate the HTTP/2 fragment(s) that contain the actual gRPC request data. What is the length of the HTTP/2 fragment, what is the size of the actual protocol buffers message?
R16: Request data is on frame 0. The length of this fragment is 10 bytes. Answer data is still on frame 1. The length of this fragment is 21 bytes.
Q17: Examine the request protocol buffer message. How many fields are in the message and how are the fields identified in the message? What is the advantage of such identification mechanism?
Q18: Find the HTTP/2 fragment(s) that represent the gRPC response. List the headers of the response and their meaning.
Q19: Examine the response protocol buffer message. Using the message and the *.proto definition file transform the message into a JSON object.
Q20: It seems that field 2 of the message has not the same type as in the description and the value displayed in Wireshark is bogus. How is it possible that the client can decode the fields value correctly?
R20: The client can decode the fields value correctly because the client knows the type of the field.
Q21: How is the status of the procedure invocation returned to the client?
R21: The status of the procedure invocation is returned to the client by the status code.