TELE 3118: Network Technologies: Lab 3 [5 points]

In this lab you will examine IP and ICMP packets. You will use Wireshark to capture packets and study the fields. As preparation for the lab, you are required to read the following two hand-outs prior to your lab session: In the lab, perform the following steps:
  1. [0.5] First determine the following information about your PC (for Windows use ipconfig /all and for Linux use /sbin/ifconfig):
Now start Wireshark packet capture, and perform the following three operations: Stop the packet capture, and answer the following questions based on the captured packets:
  1. [1] Examine the IP and Ethernet headers of the first captured ICMP echo request packet. What are the source and destination IP addresses, and what devices do these correspond to? What are the source and destination MAC addresses in the Ethernet frame, and which devices do these correpond to? Explain why the destination IP and MAC addresses correspond to different devices.
  2. [1] Compare the following fields among the three kinds of packets: ping packets, the traceroute packets, and the web-page download packets: (a) version of IP, (b) size (in bytes) of the IP header, (c) size (in bytes) of the entire IP datagram, (d) the value of the upper-layer protocol field, (e) the TTL field.
  3. [0.5] Now look at the ICMP fields of the ping packets. What is the type field in the echo request and in the corresponding echo reply? Compare the identifier, sequence number, data, and checksum fields on the echo request and reply packets - which of these fields match between the request and reply, and which do not? Explain the rationale.
  4. [1] Using the captured trace of the 64 byte traceroute packets sent by your PC, and the ICMP responses from the first three routers, describe in brief the operation of traceroute for your specific setting. Namely, specify the sequence of packets, and the relevant fields, that illustrate how traceroute works.
  5. [1] Find a packet sent by your machine corresponding to the traceroute with packet size 3500. Has this message been fragmented, and how do you know? Determine the number of fragments, and describe how these fragments can be put together by listing the appropriate fields in the IP header.
Your answers have to be submitted on this sheet to the lab instructor at the end of your lab session.