Identify the packets that are involved in closing the TCP connection. Which flags are set in these packets? Explain how there flags are interpreted by the receiving TCP server or TCP client.

What will be an ideal response?

FIN, FIN|ACK, ACK flags are set. TCP’s half-close.
The packets that are involved in closing the TCP connection that is initiated by the client are listed as
follows, we can see that FIN and ACK flags were present in these packets:
20 9.892232 10.0.5.11 10.0.5.22 TCP 35923 > 23 [FIN, ACK] Seq=3217533065 Ack=3239925377 Win=5840 Len=0
21 9.892723 10.0.5.22 10.0.5.11 TCP 23 > 35923 [FIN, ACK] Seq=3239925377 Ack=3217533066 Win=5792 Len=0
22 9.892766 10.0.5.11 10.0.5.22 TCP 35923 > 23 [ACK] Seq=3217533066 Ack=3239925378 Win=5840 Len=0
Since a TCP connection is full-duplex, each direction must be shut down independently. The rule is that either end can send a FIN when it is done sending data. When a TCP receives a FIN, it must notify the
application that the other end has terminated that direction of data flow. In this experiment, the client side initiates the termination of the connection and the client sends a FIN, closing the flow of data from the client to the server. When the server receives the FIN it sends back an ACK of the received sequence number plus one. At this point the server delivers this information to the application and then closes its connection, causing its TCP to send a FIN, which the client TCP must ACK
Frame 17
```
(66 bytes on wire, 66 bytes captured)
Arrival Time: Aug 23, 2003 04:21:31.860209000
Time delta from previous packet: 12.922457000 seconds
Time relative to first packet: 13.007105000 seconds
Frame Number: 17
Packet Length: 66 bytes
Capture Length: 66 bytes
Ethernet II, Src: 00:06:5b:4b:e0:dd, Dst: 00:06:5b:4b:e1:da
Destination: 00:06:5b:4b:e1:da (00:06:5b:4b:e1:da)
Source: 00:06:5b:4b:e0:dd (00:06:5b:4b:e0:dd)
Type: IP (0x0800)
Internet Protocol, Src Addr: 10.0.5.11 (10.0.5.11), Dst Addr: 10.0.5.22 (10.0.5.22)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x10 (DSCP 0x04: Unknown DSCP; ECN: 0x00)
0001 00.. = Differentiated Services Codepoint: Unknown (0x04)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 52
Identification: 0x90ab
Flags: 0x04
.1.. = Don't fragment: Set
..0. = More fragments: Not set
Fragment offset: 0
Time to live: 64 Protocol: TCP (0x06)
Header checksum: 0x8be8 (correct)
Source: 10.0.5.11 (10.0.5.11)
Destination: 10.0.5.22 (10.0.5.22)
Transmission Control Protocol, Src Port: 3112 (3112), Dst Port: 23 (23), Seq:

811762040, Ack: 792841574, Len: 0

Source port: 3112 (3112)
Destination port: 23 (23)
Sequence number: 811762040
Acknowledgement number: 792841574
Header length: 32 bytes
Flags: 0x0011 ( FIN , ACK)
0... .... = Congestion Window Reduced (CWR): Not set
.0.. .... = ECN-Echo: Not set
..0. .... = Urgent: Not set
...1 .... = Acknowledgment: Set
.... 0... = Push: Not set
.... .0.. = Reset: Not set
.... ..0. = Syn: Not set
.... ...1 = Fin: Set
Window size: 5840
Checksum: 0x5f2e (correct)
Options: (12 bytes)
NOP
NOP
Time stamp: tsval 1578687, tsecr 1577197
```
Frame 18
```
(66 bytes on wire, 66 bytes captured)
Arrival Time: Aug 23, 2003 04:21:31.860973000
Time delta from previous packet: 0.000764000 seconds
Time relative to first packet: 13.007869000 seconds
Frame Number: 18
Packet Length: 66 bytes
Capture Length: 66 bytes
Ethernet II, Src: 00:06:5b:4b:e1:da, Dst: 00:06:5b:4b:e0:dd
Destination: 00:06:5b:4b:e0:dd (00:06:5b:4b:e0:dd)
Source: 00:06:5b:4b:e1:da (00:06:5b:4b:e1:da)
Type: IP (0x0800)
Internet Protocol, Src Addr: 10.0.5.22 (10.0.5.22), Dst Addr: 10.0.5.11 (10.0.5.11)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x10 (DSCP 0x04: Unknown DSCP; ECN: 0x00)
0001 00.. = Differentiated Services Codepoint: Unknown (0x04)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 52
Identification: 0xdc10
Flags: 0x04
.1.. = Don't fragment: Set
..0. = More fragments: Not set
Fragment offset: 0
Time to live: 64
Protocol: TCP (0x06)
Header checksum: 0x4083 (correct)
Source: 10.0.5.22 (10.0.5.22)
Destination: 10.0.5.11 (10.0.5.11)
Transmission Control Protocol, Src Port: 23 (23), Dst Port: 3112 (3112), Seq:

792841574, Ack: 811762041, Len: 0

Source port: 23 (23)
Destination port: 3112 (3112)
Sequence number: 792841574
Acknowledgement number: 811762041
Header length: 32 bytes
Flags: 0x0011 ( FIN, ACK )
0... .... = Congestion Window Reduced (CWR): Not set
.0.. .... = ECN-Echo: Not set
..0. .... = Urgent: Not set
...1 .... = Acknowledgment: Set
.... 0... = Push: Not set
.... .0.. = Reset: Not set
.... ..0. = Syn: Not set
.... ...1 = Fin: Set
Window size: 5792
Checksum: 0x5a4d (correct)
Options: (12 bytes)
NOP
NOP
Time stamp: tsval 1578493, tsecr 1578687
```
Frame 19
```
(66 bytes on wire, 66 bytes captured)
Arrival Time: Aug 23, 2003 04:21:31.861047000
Time delta from previous packet: 0.000074000 seconds
Time relative to first packet: 13.007943000 seconds
Frame Number: 19
Packet Length: 66 bytes
Capture Length: 66 bytes
Ethernet II, Src: 00:06:5b:4b:e0:dd, Dst: 00:06:5b:4b:e1:da
Destination: 00:06:5b:4b:e1:da (00:06:5b:4b:e1:da)
Source: 00:06:5b:4b:e0:dd (00:06:5b:4b:e0:dd)
Type: IP (0x0800)
Internet Protocol, Src Addr: 10.0.5.11 (10.0.5.11), Dst Addr: 10.0.5.22 (10.0.5.22)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x10 (DSCP 0x04: Unknown DSCP; ECN: 0x00)
0001 00.. = Differentiated Services Codepoint: Unknown (0x04)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 52
Identification: 0x90ac
Flags: 0x04
.1.. = Don't fragment: Set
..0. = More fragments: Not set
Fragment offset: 0
Time to live: 64
Protocol: TCP (0x06)
Header checksum: 0x8be7 (correct)
Source: 10.0.5.11 (10.0.5.11)
Destination: 10.0.5.22 (10.0.5.22)
Transmission Control Protocol, Src Port: 3112 (3112), Dst Port: 23 (23), Seq:

811762041, Ack: 792841575, Len: 0

Source port: 3112 (3112)
Destination port: 23 (23)
Sequence number: 811762041
Acknowledgement number: 792841575
Header length: 32 bytes
Flags: 0x0010 ( ACK )
0... .... = Congestion Window Reduced (CWR): Not set
.0.. .... = ECN-Echo: Not set
..0. .... = Urgent: Not set
...1 .... = Acknowledgment: Set
.... 0... = Push: Not set
.... .0.. = Reset: Not set
.... ..0. = Syn: Not set
.... ...0 = Fin: Not set
Window size: 5840
Checksum: 0x5a1d (correct)
Options: (12 bytes)
NOP
NOP
Time stamp: tsval 1578687, tsecr 1578493
```