lab4 - Wireshark Lab: IP Version: 2.0 2009 J.F. Kurose,...

Info iconThis preview shows pages 1–3. Sign up to view the full content.

View Full Document Right Arrow Icon
Wireshark Lab: IP Version: 2.0 © 2009 J.F. Kurose, K.W. Ross. All Rights Reserved Computer Networking: A Top- down Approach, 5 th edition. In this lab, we’ll investigate the IP protocol, focusing on the IP datagram. We’ll do so by analyzing a trace of IP datagrams sent and received by an execution of the traceroute program (the traceroute program itself is explored in more detail in the Wireshark ICMP lab). We’ll investigate the various fields in the IP datagram, and study IP fragmentation in detail. Before beginning this lab, you’ll probably want to review sections 1.4.3 in the text and section 3.4 of RFC 2151 [ ftp://ftp.rfc-editor.org/in-notes/rfc2151.txt ] to update yourself on the operation of the traceroute program. You’ll also want to read Section 4.4 in the text, and probably also have RFC 791 [ ftp://ftp.rfc-editor.org/in-notes/rfc791.txt ] on hand as well, for a discussion of the IP protocol. 1 1. Capturing packets from an execution of traceroute In order to generate a trace of IP datagrams for this lab, we’ll use the traceroute program to send datagrams of different sizes towards some destination, X . Recall that traceroute operates by first sending one or more datagrams with the time-to-live (TTL) field in the IP header set to 1; it then sends a series of one or more datagrams towards the same destination with a TTL value of 2; it then sends a series of datagrams towards the same destination with a TTL value of 3; and so on. Recall that a router must decrement the TTL in each received datagram by 1 (actually, RFC 791 says that the router must decrement the TTL by at least one). If the TTL reaches 0, the router returns an ICMP message (type 11 – TTL-exceeded) to the sending host. As a result of this behavior, a datagram with a TTL of 1 (sent by the host executing traceroute ) will cause the router one hop away from the sender to send an ICMP TTL-exceeded message back to the sender; the datagram sent with a TTL of 2 will cause the router two hops away to send an ICMP message back to the sender; the datagram sent with a TTL of 3 1 All references to the text in this lab are to Computer Networking: A Top-down Approach, 5 th edition.
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
will cause the router three hops away to send an ICMP message back to the sender; and so on. In this manner, the host executing traceroute can learn the identities of the routers between itself and destination X by looking at the source IP addresses in the datagrams containing the ICMP TTL-exceeded messages. We’ll want to run traceroute and have it send datagrams of various lengths.
Background image of page 2
Image of page 3
This is the end of the preview. Sign up to access the rest of the document.

Page1 / 6

lab4 - Wireshark Lab: IP Version: 2.0 2009 J.F. Kurose,...

This preview shows document pages 1 - 3. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online