Network Protocol Analysis Practical Guide
Explore network protocol analysis techniques including running traceroute, capturing packets, handling IP fragmentation, and checking current MTU. Learn through detailed instructions and questions to deepen your understanding of Internet Protocol (IP) communication.
Download Presentation
Please find below an Image/Link to download the presentation.
The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.
You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.
The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.
E N D
Presentation Transcript
COMP2322 Lab 5 IP Steven Lee March 18, 2016
IP Internet Protocol Network layer protocol 3
Traceroute A network diagnostic tool for displaying the route (path) and packet delays across an IP network Named tracert on Windows Named traceroute on Mac OS 4
Practice 1 Start capturing packets On Windows, input command tracert 8.8.8.8 On Mac OS, input command traceroute 8.8.8.8 Stop capturing packets Enter icmp into the display filter to show only icmp packets 5
Practice 1 Question 1 (8 marks) a) How many unique IP addresses do the ICMP echo reply packets ( reply packets ) come from? b) How does the time to live (TTL) change for each subsequent set of request packets? c) Why are all reply packets, except those of the last set, being ICMP TTL-exceeded messages? d) How does traceroute trace the path to a certain host? 6
Practice 2 Start capturing packets On Windows, input command ping -n 1 -l 2000 www.example.com On Mac OS, input command ping -c 1 -s 2000 www.example.com Stop capturing packets To display IP packet fragments Right-click on any IP layer Protocol Preferences Uncheck Reassemble fragmented IPv4 datagrams Use ip.addr==<IP address of www.example.com> as the display filter 7
Practice 2 Question 2 (12 marks) a) How many IP datagrams is the ICMP echo request packet fragmented into? Look at the first fragment. b) What information in the IP header indicates that it is fragmented? c) What information in the IP header indicates that it is the first fragment? d) How long is this fragment? Look at the second fragment. e) What information in the IP header of the second fragment indicates that it is not the first fragment? f) Are there more fragments? How can you tell? 8
Practice 3 To check the current MTU: On Windows, input command netsh interface ipv4 show subinterfaces On Mac OS, input command networksetup -getMTU en0 Question 3 (2 marks) What is the current MTU? 9
Practice 4 To check the routing table, input command netstat -rn Question 4 (4 marks) a. Which entry in the routing table matches an IP packet with a destination address of 158.132.82.94? b. There are multiple entries in the routing table which match an IP packet with a destination address of 255.255.255.255, which of them will actually be used to forward the packet? 10
