ICMP and Ping: A Comprehensive Analysis of Network Communication

Verified

Added on 2024/06/28

AI Summary

This lab report delves into the intricacies of ICMP (Internet Control Message Protocol) and its role in network communication. Through a series of experiments involving ping and tracert, we explore the structure of ICMP packets, their behavior in different scenarios, and the impact of fragmentation on data transmission. The report analyzes the various fields within ICMP packets, including type, code, identifier, sequence number, and checksum, and examines how these fields change in response to different network conditions. We also investigate the use of pingplotter to measure network latency and packet loss, providing insights into network performance and troubleshooting techniques. The lab concludes with a detailed analysis of IP fragmentation, demonstrating how large packets are divided into smaller fragments for efficient transmission across networks.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

MITS 4004
Student name:
Student ID:
1

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

LIST OF FIGURES
Figure 1: Screenshot of the command prompt after ping request..............................................3
Figure 2: ICMP Echo Request message.....................................................................................4
Figure 3: ICMP Echo reply message.........................................................................................4
Figure 4: Command prompt window while using tracert..........................................................5
Figure 5: ICMP echo request packet.......................................................................................... 6
Figure 6: ICMP Error Packet..................................................................................................... 6
Figure 7: Last ICMP reply packets............................................................................................ 7
Figure 8:CMD window when using traceroute.......................................................................... 7
Figure 9: Using pingplotter to send packets to host................................................................... 8
Figure 10: Altering the data packet size.....................................................................................8
Figure 11: Using pingplotter...................................................................................................... 9
Figure 12: traceroute result...................................................................................................... 10
Figure 13: IPv4 Fragmentation................................................................................................ 12
Figure 14: Analysis of the packet.............................................................................................12
Figure 15: Packet analysis........................................................................................................13
2

ICMP and Ping
1. What is the IP address of your host? What is the IP address of the destination host?
The IP address of my host is 192.168.0.131. The IP address of destination host is
216.58.199.164.
2. Why is it that an ICMP packet does not have source and destination port numbers?
There are no destination & source port numbers for the ICMP packet as it was intended
to transmit network layer data between hosts as well as routers, and not among
application layer procedures. Every packet of ICMP contains a "type" & a "code." The
specific messages which are being received get identified by the type / code combination.
Because all ICMP-messages are interpreted by the network software itself, there is no
requirement of port numbers to direct the ICMP message to an application layer.
3. Examine one of the ping request packets sent by your host. What are the ICMP type and
code numbers? What other fields does this ICMP packet have? How many bytes are the
checksum, sequence number and identifier fields?
The type of ICMP is 8 and the code number for the same is 0. The ICMP packet also
contains an identifier, data fields, a sequence number & checksum. Checksum, identifier
fields and sequence number each are of two bytes.
3
Figure 1: Screenshot of the command prompt after ping request

Figure 2: ICMP Echo Request message
Figure 3: ICMP Echo reply message
4

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

4. Examine the corresponding ping reply packet. What are the ICMP type and code
numbers? What other fields does this ICMP packet have? How many bytes are the
checksum, sequence number and identifier fields?
In the corresponding reply placket, it was noted that the ICMP type is 0 and the IMCP
packet contains data fields, sequence number, checksum & identifier. The checksum,
sequence number and identifier fields each are of two bytes.
5. What is the IP address of your host? What is the IP address of the target destination host?
The IP address of my host is 192.168.0.131. The IP address of destination host is
128.93.162.84.
Figure 4: Command prompt window while using tracert
6. If ICMP sent UDP packets instead (as in Unix/Linux), would the IP protocol number still
be 01 for the probe packets? If not, what would it be?
If the ICMP sent UDP packets instead, the IP protocol number would not be 01. It would
be 0x11 then.
7. Examine the ICMP echo packet in your screenshot. Is this different from the ICMP ping
query packets in the first half of this lab? If yes, how so?
5

Figure 5: ICMP echo request packet
Observing the above screenshot, it can be noted that the ICMP echo packet has the same
fields as that in the ping query packets and it not very much different.
8. Examine the ICMP error packet in your screenshot. It has more fields than the ICMP
echo packet. What is included in those fields?
Figure 6: ICMP Error Packet
Observing the error packet, we can see that it is different than the ping query packets
and it contains both IP header along with the initial 8 bytes of the original ICMP
packet which tell what the error is for.
6

9. Examine the last three ICMP packets received by the source host. How are these packets
different from the ICMP error packets? Why are they different?
Figure 7: Last ICMP reply packets
As we can observe in the above screenshot, the last three ICMP packets are echo reply
message type i.e. 0 and not 11 which is TTL expired. This difference is due to the fact
that before the TTL expired, the datagrams reached datagram host.
Figure 8:CMD window when using traceroute
7

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

10. Within the tracert measurements, is there a link whose delay is significantly longer than
others? Refer to the screenshot in Figure 4, is there a link whose delay is significantly
longer than others? On the basis of the router names, can you guess the location of the
two routers on the end of this link?
We can observe a great delay between the 9th and 10th steps.
Figure 9: Using pingplotter to send packets to host
Figure 10: Altering the data packet size
8

Figure 11: Using pingplotter
9

ICMP and Traceroute
1. What is the IP address of your computer?
The IP address of my computer is 192.168.0.131.
Figure 12: traceroute result
2. Within the IP packet header, what is the value in the upper layer protocol field?
The value of upper layer protocol in the IP packet header is: ICMP (1)
3. How many bytes are in the IP header? How many bytes are in the payload of the IP
datagram? Explain how you determined the number of payload bytes.
The header has 20 bytes while the payload has 520 bytes. This value is determined when
the header size was subtracted from the total packet size.
4. Has this IP datagram been fragmented? Explain how you determined whether or not the
datagram has been fragmented.
The IP datagram has not been fragmented as the datagram size is not that large for it to
be fragmented and this is how it was determined.
5. Which fields in the IP datagram always change from one datagram to the next within this
series of ICMP messages sent by your computer?
The field “time to live” of packet always changes when changing the datagram with
increase in the identi-fication field.
10

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

6. Which fields stay constant? Which of the fields must stay constant? Which fields must
change? Why?
The header-checksum, upper layer protocol, IP of the source, IP of destination, length of
header & version remain constant. While the time to live & identification field change.
7. Describe the pattern you see in the values in the Identification field of the IP datagram.
The pattern seen in the values in the identification field of IP datagram keeps changing
with every datagram packet.
8. What is the value in the Identification field and the TTL field?
The values are as follows:
• 56 bytes: Identification = 0 with TTL = 255
• 2000-byte pings: Identification = 0 with TTL = 255
• 3500-byte pings: Identification = 0 with TTL = 255
9. Do these values remain unchanged for all of the ICMP TTL-exceeded replies sent to
your computer by the nearest (first hop) router? Why?
Changes were not found in the field and this was due to the fact that the packets moved
from exactly the same router while reaching the destination port.
10. Find the first ICMP Echo Request message that was sent by your computer after you
changed the Packet Size in pingplotter to be 2000. Has that message been fragmented
across more than one IP datagram?
To divide the packet of size 2000, the fragmentation of the packet was done in multiple
so that it can be sent to its destination easily and such that it reaches without any packet
loss.
11

Figure 13: IPv4 Fragmentation
11. Print out the first fragment of the fragmented IP datagram. What information in the IP
header indicates that the datagram been fragmented? What information in the IP header
indicates whether this is the first fragment versus a latter fragment? How long is this IP
datagram?
Figure 14: Analysis of the packet
The description of the position of fragment is provided by the un-used tags in the data
headers of ICMP. As 11 fragment packets are left, the unused values provide information
that this is the first packet of fragmentation.
12

12. Print out the second fragment of the fragmented IP datagram. What information in the IP
header indicates that this is not the first datagram fragment? Are the more fragments?
How can you tell?
Figure 15: Packet analysis
When the fragmented packet was captured, it was found that it was the last
fragmented-packet. It shows the value of the unused tag i.e. 0000000. It also tells that
no fragmented packet is for the destination port is left.
13. What fields change in the IP header between the first and second fragment?
The fragment bit, length & the offset fields change in the IP header between the first and
second fragment.
14. How many fragments were created from the original datagram?
4 fragments were created from the original datagram.
15. What fields change in the IP header among the fragments?
In the fragment number 1 and 2, the offset value changes. Some other changes can be
observed in the fragments 3 and 4.
13

1 out of 13

ICMP and Ping: A Comprehensive Analysis of Network Communication

Contribute Materials

Secure Best Marks with AI Grader

Secure Best Marks with AI Grader

Paraphrase This Document

Secure Best Marks with AI Grader

Related Documents

ICMP Protocols with Wireshark

Research and Analysis of Networks

Data Communication

Data Communication: ICMP and Ping, ICMP and Traceroute, Captured Trace, Fragmentation

Communications and Networking

MITS4004 Research Study: Networking

+13062052269

info@desklib.com