Solution to Wireshark Lab: IP

Similar documents
Network layer: Overview. Network layer functions IP Routing and forwarding

Assignment #3 Routing and Network Analysis. CIS3210 Computer Networks. University of Guelph

Mobile IP Network Layer Lesson 02 TCP/IP Suite and IP Protocol

IP addressing and forwarding Network layer

Network Layer IPv4. Dr. Sanjay P. Ahuja, Ph.D. Fidelity National Financial Distinguished Professor of CIS. School of Computing, UNF

Internet Packets. Forwarding Datagrams

Lecture Computer Networks

Internetworking. Problem: There is more than one network (heterogeneity & scale)

Chapter 9. IP Secure

Interconnection of Heterogeneous Networks. Internetworking. Service model. Addressing Address mapping Automatic host configuration

IP - The Internet Protocol

8.2 The Internet Protocol

CS 457 Lecture 19 Global Internet - BGP. Fall 2011

Internet Architecture and Philosophy

CS 43: Computer Networks IP. Kevin Webb Swarthmore College November 5, 2013

Network Layer: and Multicasting Copyright The McGraw-Hill Companies, Inc. Permission required for reproduction or display.

IP Network Layer. Datagram ID FLAG Fragment Offset. IP Datagrams. IP Addresses. IP Addresses. CSCE 515: Computer Network Programming TCP/IP

Procedure: You can find the problem sheet on Drive D: of the lab PCs. 1. IP address for this host computer 2. Subnet mask 3. Default gateway address

Instructor Notes for Lab 3

Classful IP Addressing. Classless Addressing: CIDR. Routing & Forwarding: Logical View of a Router. IP Addressing: Basics

EITF25 Internet Techniques and Applications L5: Wide Area Networks (WAN) Stefan Höst

Network Layer: Network Layer and IP Protocol

Subnetting,Supernetting, VLSM & CIDR

Chapter 4 Network Layer

Internet Protocol: IP packet headers. vendredi 18 octobre 13

- IPv4 Addressing and Subnetting -

How do I get to

Guide to TCP/IP, Third Edition. Chapter 3: Data Link and Network Layer TCP/IP Protocols

What is a DoS attack?

DHCP, ICMP, IPv6. Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley DHCP. DHCP UDP IP Eth Phy

04 Internet Protocol (IP)

Lecture 15. IP address space managed by Internet Assigned Numbers Authority (IANA)

Introduction to IP v6

Chapter 3. TCP/IP Networks. 3.1 Internet Protocol version 4 (IPv4)

Computer Networks/DV2 Lab

Gary Hecht Computer Networking (IP Addressing, Subnet Masks, and Packets)

RARP: Reverse Address Resolution Protocol

Internet Control Protocols Reading: Chapter 3

Internet Infrastructure Measurement: Challenges and Tools

Internet Protocol Version 6 (IPv6)

Network layer" 1DT066! Distributed Information Systems!! Chapter 4" Network Layer!! goals: "

Technical Support Information Belkin internal use only

Mobile Routing. When a host moves, its point of attachment in the network changes. This is called a handoff.

Outline. CSc 466/566. Computer Security. 18 : Network Security Introduction. Network Topology. Network Topology. Christian Collberg

2. IP Networks, IP Hosts and IP Ports

Network Layer. Introduction Datagrams and Virtual Circuits Routing Traffic Control. Data delivery from source to destination.

CYBER ATTACKS EXPLAINED: PACKET CRAFTING

Network Address Translation (NAT)

IP Addressing Introductory material.

Computer Networks. Lecture 3: IP Protocol. Marcin Bieńkowski. Institute of Computer Science University of Wrocław

Troubleshooting Tools

Layer Four Traceroute (and related tools) A modern, flexible path-discovery solution with advanced features for network (reverse) engineers

Configuring Flexible NetFlow

Exam 1 Review Questions

NETWORK LAYER/INTERNET PROTOCOLS

Internet Protocols Fall Lectures 7-8 Andreas Terzis

Lab 2. CS-335a. Fall 2012 Computer Science Department. Manolis Surligas

Module 7 Internet And Internet Protocol Suite

Компјутерски Мрежи NAT & ICMP

How will the Migration from IPv4 to IPv6 Impact Voice and Visual Communication?

Overview. Securing TCP/IP. Introduction to TCP/IP (cont d) Introduction to TCP/IP

Solution of Exercise Sheet 5

Indian Institute of Technology Kharagpur. TCP/IP Part I. Prof Indranil Sengupta Computer Science and Engineering Indian Institute of Technology

IP Addressing. IP Addresses. Introductory material.

Course Overview: Learn the essential skills needed to set up, configure, support, and troubleshoot your TCP/IP-based network.

Unix System Administration

Exercise 4 MPLS router configuration

Lecture 8. IP Fundamentals

Chapter 11. User Datagram Protocol (UDP)

Computer Networks/DV2 Lab

Network Security TCP/IP Refresher

13 Virtual Private Networks 13.1 Point-to-Point Protocol (PPP) 13.2 Layer 2/3/4 VPNs 13.3 Multi-Protocol Label Switching 13.4 IPsec Transport Mode

Asynchronous Transfer Mode: ATM. ATM architecture. ATM: network or link layer? ATM Adaptation Layer (AAL)

First Workshop on Open Source and Internet Technology for Scientific Environment: with case studies from Environmental Monitoring

Savera Tanwir. Internet Protocol

Overview of TCP/IP. TCP/IP and Internet

RTP / RTCP. Announcements. Today s Lecture. RTP Info RTP (RFC 3550) I. Final Exam study guide online. Signup for project demos

Ethernet. Ethernet. Network Devices

Firewall Stateful Inspection of ICMP

netkit lab MPLS VPNs with overlapping address spaces 1.0 S.Filippi, L.Ricci, F.Antonini Version Author(s)

IP Address Classes (Some are Obsolete) Computer Networking. Important Concepts. Subnetting Lecture 8 IP Addressing & Packets

Chapter 4 Network Layer

Operating Systems and Networks Sample Solution 1

CS155 - Firewalls. Simon Cooper <sc@sgi.com> CS155 Firewalls 22 May 2003

Guide to Network Defense and Countermeasures Third Edition. Chapter 2 TCP/IP

Internet Firewall CSIS Internet Firewall. Spring 2012 CSIS net13 1. Firewalls. Stateless Packet Filtering

Unverified Fields - A Problem with Firewalls & Firewall Technology Today

How Does Ping Really Work?

IPV6 FRAGMENTATION. The Case For Deprecation. Ron Bonica NANOG58

Networks: IP and TCP. Internet Protocol

ACHILLES CERTIFICATION. SIS Module SLS 1508

VLAN und MPLS, Firewall und NAT,

NetFlow/IPFIX Various Thoughts

Transcription:

Solution to Wireshark Lab: IP Fig. 1 ICMP Echo Request message IP information 1. What is the IP address of your computer? The IP address of my computer is 192.168.1.46 2. Within the IP packet header, what is the value in the upper layer protocol field? Within the header, the value in the upper layer protocol field is ICMP (0x01) 3. How many bytes are in the IP header? How many bytes are in the payload of the IP datagram? Explain how you determined the number of payload bytes. There are 20 bytes in the IP header, and 56 bytes total length, this gives 36 bytes in the payload of the IP datagram.

4. Has this IP datagram been fragmented? Explain how you determined whether or not the datagram has been fragmented. The more fragments bit = 0, so the data is not fragmented. 5. Which fields in the IP datagram always change from one datagram to the next within this series of ICMP messages sent by your computer? Identification, Time to live and Header checksum always change. 6. Which fields stay constant? Which of the fields must stay constant? Which fields must change? Why? The fields that stay constant across the IP datagrams are: Version (since we are using IPv4 for all packets) header length (since these are ICMP packets) source IP (since we are sending from the same source) destination IP (since we are sending to the same dest) Differentiated Services (since all packets are ICMP they use the same Type of Service class) Upper Layer Protocol (since these are ICMP packets) The fields that must stay constant are: Version (since we are using IPv4 for all packets) header length (since these are ICMP packets) source IP (since we are sending from the same source) destination IP (since we are sending to the same dest) Differentiated Services (since all packets are ICMP they use the same Type of Service class) Upper Layer Protocol (since these are ICMP packets) The fields that must change are: Identification(IP packets must have different ids) Time to live (traceroute increments each subsequent packet) Header checksum (since header changes, so must checksum) 7. Describe the pattern you see in the values in the Identification field of the IP datagram The pattern is that the IP header Identification fields increment with each ICMP Echo (ping) request.

Fig. 2 ICMP TTL exceeded reply, IP information 8. What is the value in the Identification field and the TTL field? Identification: 30767 TTL: 64 9. Do these values remain unchanged for all of the ICMP TTL-exceeded replies sent to your computer by the nearest (first hop) router? Why? The identification field changes for all the ICMP TTL-exceeded replies because the identification field is a unique value. When two or more IP datagrams have the same identification value, then it means that these IP datagrams are fragments of a single large IP datagram. The TTL field remains unchanged because the TTL for the first hop router is always the same.

Fig. 3 ICMP Echo Request pkt size = 2000, first fragment 10. Find the first ICMP Echo Request message that was sent by your computer after you changed the Packet Size in pingplotter to be 2000. Has that message been fragmented across more than one IP datagram? Yes, this packet has been fragmented across more than one IP datagram 11. Print out the first fragment of the fragmented IP datagram. What information in the IP header indicates that the datagram been fragmented? What information in the IP header indicates whether this is the first fragment versus a latter fragment? How long is this IP datagram? The Flags bit for more fragments is set, indicating that the datagram has been fragmented. Since the fragment offset is 0, we know that this is the first fragment. This first datagram has a total length of 1500, including the header.

Fig. 4 ICMP Echo Request pkt size = 2000, second fragment 12. Print out the second fragment of the fragmented IP datagram. What information in the IP header indicates that this is not the first datagram fragment? Are the more fragments? How can you tell? We can tell that this is not the first fragment, since the fragment offset is 1480. It is the last fragment, since the more fragments flag is not set. 13. What fields change in the IP header between the first and second fragment? The IP header fields that changed between the fragments are: total length, flags, fragment offset, and checksum.

Fig. 5 ICMP Echo Request pkt size = 3500, first fragment 14. How many fragments were created from the original datagram? After switching to 3500, there are 3 packets created from the original datagram. 15. What fields change in the IP header among the fragments? The IP header fields that changed between all of the packets are: fragment offset, and checksum. Between the first two packets and the last packet, we see a change in total length, and also in the flags. The first two packets have a total length of 1500, with the more fragments bit set to 1, and the last packet has a total length of 540, with the more fragments bit set to 0.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information