COIT20261 Network Routing and Switching (Term 1, 2018)
VerifiedAdded on  2023/06/13
|21
|4298
|71
AI Summary
Get study material with solved assignments, essays, dissertation for COIT20261 Network Routing and Switching (Term 1, 2018) at Desklib. Find solutions for address usage, subnet allocation, and network tools like Wireshark, Netstat, and Tracert.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Running Head: COIT20261 Network Routing and Switching (Term 1, 2018) 1
Network Routing and Switching
Name
Tutor
Course
Date
Network Routing and Switching
Name
Tutor
Course
Date
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
COIT20261 Network Routing and Switching (Term 1, 2018) 2
Question 1 – Address usage (3 marks)
Consider the following classless address block:
154.78.177.3/27
List the addresses from this block that would be used as:
a) the network address,
b) the direct broadcast address, and
c) the range available for hosts to use
Following are the steps followed to arrive at the answer
Solution
154.78.177.3/27
The /27 in this address is an indication that the Ip address has its network address with a length
of 27 bits (the most significant bits). i.e. when we consider the ip address to be 32 bit long. So, in
my case scenario, 154.78.177.00000011 (the last 3 numbers have represented them as binary for
purposes of simplicity) up to 154.78.177.000 (8+8+8+3 = 27) is the network address and the
remaining 5 bits (00000) is for the host ip addresses (Fuller & Varadhan, 2013).
Note-
The network ID is simply the very first address of the total host ip’s while the direct broadcast
address is represented by the last address of total host ip’s (Fuller & Varadhan, 2013).
Question 1 – Address usage (3 marks)
Consider the following classless address block:
154.78.177.3/27
List the addresses from this block that would be used as:
a) the network address,
b) the direct broadcast address, and
c) the range available for hosts to use
Following are the steps followed to arrive at the answer
Solution
154.78.177.3/27
The /27 in this address is an indication that the Ip address has its network address with a length
of 27 bits (the most significant bits). i.e. when we consider the ip address to be 32 bit long. So, in
my case scenario, 154.78.177.00000011 (the last 3 numbers have represented them as binary for
purposes of simplicity) up to 154.78.177.000 (8+8+8+3 = 27) is the network address and the
remaining 5 bits (00000) is for the host ip addresses (Fuller & Varadhan, 2013).
Note-
The network ID is simply the very first address of the total host ip’s while the direct broadcast
address is represented by the last address of total host ip’s (Fuller & Varadhan, 2013).
COIT20261 Network Routing and Switching (Term 1, 2018) 3
So the conclusion to this question is:
1. The network address becomes 154.78.177.0. This has been realized by setting all the 5 bits of
the host id to 0.
2. The direct broadcast address is 154.78.177.31. This has been realized by setting all the 5 bits
of the host to 1.
3. The range of available hosts is from 1 to 30 in the very last octet. I.e. from the 154.78.177.1 ip
address to 154.78.177.30 ip address (this is because the first and the last ip addresses are
reserved for the network address of the block and its direct broadcast address respectively)
(Huegen et al, 2011).
Question 2– Allocating subnets from a block (8 marks)
A company has been granted a block of addresses which includes the address 138.77.216.5/24.
Answer the following questions, showing your calculations.
a) Calculate the network address of this block and how many host addresses including
special addresses this block can provide (1 mark)
b) Create the following 6 subnets for this company by calculating the subnet address for
each subnet. Answer this question by filling in the table in the Answer template. Use
CIDR format for the mask.
I. 2 subnets with 32 addresses each (2 marks)
II. 4 subnets with 16 addresses each (4 marks)
c) After some time, the company decides that it wants another subnet with 1,024 addresses.
Explain whether this can be allocated from the existing block. (1 mark)
So the conclusion to this question is:
1. The network address becomes 154.78.177.0. This has been realized by setting all the 5 bits of
the host id to 0.
2. The direct broadcast address is 154.78.177.31. This has been realized by setting all the 5 bits
of the host to 1.
3. The range of available hosts is from 1 to 30 in the very last octet. I.e. from the 154.78.177.1 ip
address to 154.78.177.30 ip address (this is because the first and the last ip addresses are
reserved for the network address of the block and its direct broadcast address respectively)
(Huegen et al, 2011).
Question 2– Allocating subnets from a block (8 marks)
A company has been granted a block of addresses which includes the address 138.77.216.5/24.
Answer the following questions, showing your calculations.
a) Calculate the network address of this block and how many host addresses including
special addresses this block can provide (1 mark)
b) Create the following 6 subnets for this company by calculating the subnet address for
each subnet. Answer this question by filling in the table in the Answer template. Use
CIDR format for the mask.
I. 2 subnets with 32 addresses each (2 marks)
II. 4 subnets with 16 addresses each (4 marks)
c) After some time, the company decides that it wants another subnet with 1,024 addresses.
Explain whether this can be allocated from the existing block. (1 mark)
COIT20261 Network Routing and Switching (Term 1, 2018) 4
Solution
Subnetting is said to have taken place after extending the default subnet mask. Subnetting
cannot be performed having the default subnet mask and every class having its own default
subnet mask. To be able to know a subnetted subnet mask, the subnet mask is first written down
we first. Next on line is finding the host bits which have been borrowed in creating the subnets
and then convert them into decimal form. For instance in my question, I first find the subnet
mask of my given address 138.77.216.5/24? Since the address belongs to a class B address, and
class B addresses usually have default subnet masks of 255.255.0.0[ /16 in CIDR ] (Postel&
Mogul, 2015).
This means I have to borrow 8 bits from the host portion to be able to satisfy the
requirements for the address I have been given (/24=/16+8 bits). Bearing in mind that subnetting
proceeds from left to right, without skipping any network bit, the subnet mask in my given case
in binary form it becomes 11111111. 11111111.11111111.00000000. The first three octet
contains the default value so that its value in terms of decimal becomes 255.255.255. The 4th
octet is characterized by all its bits being off and therefore, the decimal representation is
0+0+0+0+0+0+0+0 =0. So my answer for subnet mask becomes 255.255.255.0 (Postel& Mogul,
2015).
Total number of subnets provided by the subnet mask
To get the total number of subnets which can be realized from a certain subnet mask the
formula applied is 2N, where N = the bits which are obtained from the host part to create the
subnets. In my question 138.77.216.5/24, N is 8. Examining the address keenly it is clear that the
address belongs to class B and the class B addresses have 255.255.0.0 [/16 in CIDR] as the
Solution
Subnetting is said to have taken place after extending the default subnet mask. Subnetting
cannot be performed having the default subnet mask and every class having its own default
subnet mask. To be able to know a subnetted subnet mask, the subnet mask is first written down
we first. Next on line is finding the host bits which have been borrowed in creating the subnets
and then convert them into decimal form. For instance in my question, I first find the subnet
mask of my given address 138.77.216.5/24? Since the address belongs to a class B address, and
class B addresses usually have default subnet masks of 255.255.0.0[ /16 in CIDR ] (Postel&
Mogul, 2015).
This means I have to borrow 8 bits from the host portion to be able to satisfy the
requirements for the address I have been given (/24=/16+8 bits). Bearing in mind that subnetting
proceeds from left to right, without skipping any network bit, the subnet mask in my given case
in binary form it becomes 11111111. 11111111.11111111.00000000. The first three octet
contains the default value so that its value in terms of decimal becomes 255.255.255. The 4th
octet is characterized by all its bits being off and therefore, the decimal representation is
0+0+0+0+0+0+0+0 =0. So my answer for subnet mask becomes 255.255.255.0 (Postel& Mogul,
2015).
Total number of subnets provided by the subnet mask
To get the total number of subnets which can be realized from a certain subnet mask the
formula applied is 2N, where N = the bits which are obtained from the host part to create the
subnets. In my question 138.77.216.5/24, N is 8. Examining the address keenly it is clear that the
address belongs to class B and the class B addresses have 255.255.0.0 [/16 in CIDR] as the
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
COIT20261 Network Routing and Switching (Term 1, 2018) 5
default subnet mask. From the given address the bits borrowed from the host are 24 - 16 = 8 host
bits. Now 28 = 256, so the answer becomes 256 (Postel& Mogul, 2015).
Clarification
My original network is a class B, so it has 16 bits in its default subnet mask, i borrowed 8 bits
from the host part (nnnnnnnn.nnnnnnnn.ssssssss.hhhhhhhh) of the original network, now if i do
2^8 i will get the total number of subnets that the network 138.77.x.x would have, 2^8 = 256.
Now to know how many subnets there are in the range of 138.77.216.x/24, i can take in
consideration the bits that have been borrowed from the host part only in the fourth octet which
are 0 bits, since the first three octets must match the address 138.77.216., so 2^0 = 1, i have 1
subnet that starts with 138.77.216.x.x and that is 138.77.216.0 (Schuler, 2013).
2 (a)
So the network address for this block of address is 138.77.216.0
2 (b)
i) 138.77.216.0 to 138.77.216.31 and
138.77.216.32 to 138.77.216.64
ii) 138.77.216.0 to138.77.216.15
138.77.216.16 to 138.77.216.31
138.77.216.32 to 138.77.216.47
138.77.216.48 to 138.77.216.64
default subnet mask. From the given address the bits borrowed from the host are 24 - 16 = 8 host
bits. Now 28 = 256, so the answer becomes 256 (Postel& Mogul, 2015).
Clarification
My original network is a class B, so it has 16 bits in its default subnet mask, i borrowed 8 bits
from the host part (nnnnnnnn.nnnnnnnn.ssssssss.hhhhhhhh) of the original network, now if i do
2^8 i will get the total number of subnets that the network 138.77.x.x would have, 2^8 = 256.
Now to know how many subnets there are in the range of 138.77.216.x/24, i can take in
consideration the bits that have been borrowed from the host part only in the fourth octet which
are 0 bits, since the first three octets must match the address 138.77.216., so 2^0 = 1, i have 1
subnet that starts with 138.77.216.x.x and that is 138.77.216.0 (Schuler, 2013).
2 (a)
So the network address for this block of address is 138.77.216.0
2 (b)
i) 138.77.216.0 to 138.77.216.31 and
138.77.216.32 to 138.77.216.64
ii) 138.77.216.0 to138.77.216.15
138.77.216.16 to 138.77.216.31
138.77.216.32 to 138.77.216.47
138.77.216.48 to 138.77.216.64
COIT20261 Network Routing and Switching (Term 1, 2018) 6
2 (c)
From the above calculations, the total number of subnets is 1 (2^0) and the subnet is capable of
accommodating 256 hosts. This means the whole block of address will have 256 hosts. This
indicates that even if the company decides to add another subnet with 1024 addresses, there
would be no room for that.
Question 3 – Network Tools (Windows) (4 marks)
Often the best way to gain an initial familiarity with network tools is to simply use them, at a
basic level in exploratory mode as suggested in some of the tutorial exercises. Netstat and
Tracert are included in Windows, while Wireshark is free to download and install. Explore
Wireshark, Netstat and Tracert, then complete this question.
a) A Wireshark scan has produced a packet capture, saved to a file named
wireshark_capture01.pcapng and available on the Unit website. Download the file and
open it in Wireshark, then answer these questions about the scan:
i. Very briefly summarise in your own words the content in each of the three horizontal
display windows in Wireshark (.5 mark)
ii. In Frame 3, what brand of computer launched this scan and what was its IP address?
State where this information is found (.5 mark)
iii. Briefly explain the exchange event captured in frames 4 - 6 (.5 mark)
iv. Describe in your own words two specific network problems that a network
administrator could use Wireshark for as a troubleshooting tool?
A (I)
2 (c)
From the above calculations, the total number of subnets is 1 (2^0) and the subnet is capable of
accommodating 256 hosts. This means the whole block of address will have 256 hosts. This
indicates that even if the company decides to add another subnet with 1024 addresses, there
would be no room for that.
Question 3 – Network Tools (Windows) (4 marks)
Often the best way to gain an initial familiarity with network tools is to simply use them, at a
basic level in exploratory mode as suggested in some of the tutorial exercises. Netstat and
Tracert are included in Windows, while Wireshark is free to download and install. Explore
Wireshark, Netstat and Tracert, then complete this question.
a) A Wireshark scan has produced a packet capture, saved to a file named
wireshark_capture01.pcapng and available on the Unit website. Download the file and
open it in Wireshark, then answer these questions about the scan:
i. Very briefly summarise in your own words the content in each of the three horizontal
display windows in Wireshark (.5 mark)
ii. In Frame 3, what brand of computer launched this scan and what was its IP address?
State where this information is found (.5 mark)
iii. Briefly explain the exchange event captured in frames 4 - 6 (.5 mark)
iv. Describe in your own words two specific network problems that a network
administrator could use Wireshark for as a troubleshooting tool?
A (I)
COIT20261 Network Routing and Switching (Term 1, 2018) 7
Wireshark_ it denotes the software which was used in order to arrive at the results in the
given capture
Capture01_ it denotes the position in which this capture occupies in the repository folder
of the Wireshark software, for instance, in this case there was no any other capture in the
repository and that means that this capture was the first one
.pcapng_ (PCAP Next Generation Dump File Format) was adopted to overcome the
limitations of the format which was being used (libpcap format).it is a flexible and extensible
successor of the libpcap format. A file being saved in the format pcapng on default is a clear
indication that the version of Wireshark being used is 1.8 and later because prior Versions used
libpcap (Asrodia & Patel, 2012).
A (ii)
Mac computer, Ip address=10.0.0.58:139. This information is found in the 5th line of event
capture and which shows winsock2.h
A (iii)
Indicates the route followed by the packets from launch until they reaches the destination.
A (iv)
Wireshark which was initially known as Ethereal is a powerful tool in the network
security analysis being used by network administrators. As one of network packet analyzer,
Wireshark is used by the network administrators to peer into networks to examine the specifics
of network traffic at different levels which range from connection-level information to specific
bits making a single packet. The flexibility as well as the depth of such an inspection enables the
Wireshark_ it denotes the software which was used in order to arrive at the results in the
given capture
Capture01_ it denotes the position in which this capture occupies in the repository folder
of the Wireshark software, for instance, in this case there was no any other capture in the
repository and that means that this capture was the first one
.pcapng_ (PCAP Next Generation Dump File Format) was adopted to overcome the
limitations of the format which was being used (libpcap format).it is a flexible and extensible
successor of the libpcap format. A file being saved in the format pcapng on default is a clear
indication that the version of Wireshark being used is 1.8 and later because prior Versions used
libpcap (Asrodia & Patel, 2012).
A (ii)
Mac computer, Ip address=10.0.0.58:139. This information is found in the 5th line of event
capture and which shows winsock2.h
A (iii)
Indicates the route followed by the packets from launch until they reaches the destination.
A (iv)
Wireshark which was initially known as Ethereal is a powerful tool in the network
security analysis being used by network administrators. As one of network packet analyzer,
Wireshark is used by the network administrators to peer into networks to examine the specifics
of network traffic at different levels which range from connection-level information to specific
bits making a single packet. The flexibility as well as the depth of such an inspection enables the
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
COIT20261 Network Routing and Switching (Term 1, 2018) 8
network administrators to analyze security in a network and troubleshoot any security issues
(Banerjee, Vashishtha & Saxena, 2010).
The second important use of Wireshark is in troubleshooting security devices.
Specifically, when it comes to network firewall rules; whenever there are systems running in
connection with Wireshark on either side of the firewall, Wireshark makes it easy for the
network administrator to see the packets successfully traversing the device, and also can identify
the cause of a connectivity problem if associated with the firewall (Liu, 2012).
b) A ‘NETSTAT –aon’ command has given the output below (excerpted). Briefly describe
each column heading, and the states LISTENING, ESTABLISHED and CLOSE_WAIT.
(1 mark)
Active Connections
Proto Local Address Foreign Address State PID
TCP 10.0.0.58:139 0.0.0.0:0 LISTENING
TCP 10.0.0.58:5040 0.0.0.0:0 LISTENING 7480
TCP 10.0.0.118:139 0.0.0.0:0 LISTENING 4
TCP 10.0.0.118:52450 52.63.165.133:443 ESTABLISHED 14080
TCP 10.0.0.118:52458 104.116.191.195:443 CLOSE_WAIT 8912
TCP 10.0.0.118:52791 40.100.151.2:443 ESTABLISHED 22400
TCP 10.0.0.118:52811 162.125.34.129:443 ESTABLISHED 4696
TCP 10.0.0.118:52820 34.232.224.128:443 CLOSE_WAIT 4696
TCP 10.0.0.118:52879 162.125.34.129:443 ESTABLISHED 4696
network administrators to analyze security in a network and troubleshoot any security issues
(Banerjee, Vashishtha & Saxena, 2010).
The second important use of Wireshark is in troubleshooting security devices.
Specifically, when it comes to network firewall rules; whenever there are systems running in
connection with Wireshark on either side of the firewall, Wireshark makes it easy for the
network administrator to see the packets successfully traversing the device, and also can identify
the cause of a connectivity problem if associated with the firewall (Liu, 2012).
b) A ‘NETSTAT –aon’ command has given the output below (excerpted). Briefly describe
each column heading, and the states LISTENING, ESTABLISHED and CLOSE_WAIT.
(1 mark)
Active Connections
Proto Local Address Foreign Address State PID
TCP 10.0.0.58:139 0.0.0.0:0 LISTENING
TCP 10.0.0.58:5040 0.0.0.0:0 LISTENING 7480
TCP 10.0.0.118:139 0.0.0.0:0 LISTENING 4
TCP 10.0.0.118:52450 52.63.165.133:443 ESTABLISHED 14080
TCP 10.0.0.118:52458 104.116.191.195:443 CLOSE_WAIT 8912
TCP 10.0.0.118:52791 40.100.151.2:443 ESTABLISHED 22400
TCP 10.0.0.118:52811 162.125.34.129:443 ESTABLISHED 4696
TCP 10.0.0.118:52820 34.232.224.128:443 CLOSE_WAIT 4696
TCP 10.0.0.118:52879 162.125.34.129:443 ESTABLISHED 4696
COIT20261 Network Routing and Switching (Term 1, 2018) 9
...
Proto: The Proto column represents the protocol name which has been involved in the operation.
It can either be TCP or UDP.
Local Address: This column represents IP addresses of local computers and the respective ports
which are being utilized
Foreign Address: The Foreign Address column represents IP addresses as well as the port
numbers of the computers which are being accessed remotely.
The PID: This column shows the process identifier (PID) which is associated with a certain TCP
or UDP connection.
State: This column represents the TCP or UDP connections state. There are several states which
a connection can be. These states are (Liu, 2012):
a) LISTENING- this state indicates that a certain server is waiting for a connection bid
from any remote port or a TCP packet
b) SYN-SENT- it’s a state of any client waiting for any equivalent connection bid after
broadcasting a connection request.
c) SYN-RECEIVED- it’s a state of a server when waiting connection bid acknowledgment
confirmation after it both sends and receives a connection request.
...
Proto: The Proto column represents the protocol name which has been involved in the operation.
It can either be TCP or UDP.
Local Address: This column represents IP addresses of local computers and the respective ports
which are being utilized
Foreign Address: The Foreign Address column represents IP addresses as well as the port
numbers of the computers which are being accessed remotely.
The PID: This column shows the process identifier (PID) which is associated with a certain TCP
or UDP connection.
State: This column represents the TCP or UDP connections state. There are several states which
a connection can be. These states are (Liu, 2012):
a) LISTENING- this state indicates that a certain server is waiting for a connection bid
from any remote port or a TCP packet
b) SYN-SENT- it’s a state of any client waiting for any equivalent connection bid after
broadcasting a connection request.
c) SYN-RECEIVED- it’s a state of a server when waiting connection bid acknowledgment
confirmation after it both sends and receives a connection request.
COIT20261 Network Routing and Switching (Term 1, 2018)
10
d) ESTABLISHED- it’s a state associated with both the servers and clients and which
indicates the presence of an exposed connection where data received in either can be
conveyed to the users.
e) FIN-WAIT-1- this state is evident both in servers and clients to indicate a state of
waiting for a response in regard to connection cessation request already sent or
connection closure request from a secluded TCP
f) FIN-WAIT-2- is a state evident both in servers and clients to indicate a state of waiting
for connection cessation request from a secluded TCP.
g) CLOSE-WAIT- is a state evident both in servers and clients to indicate a state of waiting
for connection cessation request from a local users.
h) CLOSING- is a state evident both in servers and clients to indicate a state of waiting for
acknowledgment a remote TCP on connection termination request.
i) LAST-ACK- this state is evident both in servers and clients to indicate a state of waiting
for an acknowledgement in regard to connection termination request which had been
formerly sent to a secluded TCP
j) TIME-WAIT- this state is shared by both servers and clients to indicate that either a
server or a client is waiting for some adequate time to elapse to be sure that
acknowledgement was received by the remote TCP about its request to terminate the
connection.
k) CLOSED- this state is shared by both servers and clients to indicate a state of no
connection at all.
c) Do a TRACERT on your computer to www.google.com. Paste the output to your assignment
answer template and discuss the information being displayed (1 mark)
10
d) ESTABLISHED- it’s a state associated with both the servers and clients and which
indicates the presence of an exposed connection where data received in either can be
conveyed to the users.
e) FIN-WAIT-1- this state is evident both in servers and clients to indicate a state of
waiting for a response in regard to connection cessation request already sent or
connection closure request from a secluded TCP
f) FIN-WAIT-2- is a state evident both in servers and clients to indicate a state of waiting
for connection cessation request from a secluded TCP.
g) CLOSE-WAIT- is a state evident both in servers and clients to indicate a state of waiting
for connection cessation request from a local users.
h) CLOSING- is a state evident both in servers and clients to indicate a state of waiting for
acknowledgment a remote TCP on connection termination request.
i) LAST-ACK- this state is evident both in servers and clients to indicate a state of waiting
for an acknowledgement in regard to connection termination request which had been
formerly sent to a secluded TCP
j) TIME-WAIT- this state is shared by both servers and clients to indicate that either a
server or a client is waiting for some adequate time to elapse to be sure that
acknowledgement was received by the remote TCP about its request to terminate the
connection.
k) CLOSED- this state is shared by both servers and clients to indicate a state of no
connection at all.
c) Do a TRACERT on your computer to www.google.com. Paste the output to your assignment
answer template and discuss the information being displayed (1 mark)
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
COIT20261 Network Routing and Switching (Term 1, 2018)
11
Output after running the TRACERT on my computer
Tracing route to www.google.com [74.125.196.104]
1 3 ms 1 ms 1 ms www.huaweimobilewifi.com [192.168.8.1]
2 * * * Request timed out.
3 * * * Request timed out.
4 * * * Request timed out.
5 * * * Request timed out.
6 * * 79 ms 154.79.241.202
7 75 ms 76 ms 56 ms 72.14.203.47
8 52 ms 71 ms 53 ms 72.14.203.46
9 175 ms 196 ms 178 ms 108.170.229.83
10 195 ms 236 ms 198 ms 216.239.35.207
11 1066 ms 732 ms 262 ms 209.85.143.216
12 271 ms 262 ms 271 ms 216.239.48.9
13 267 ms 270 ms 264 ms 216.239.40.138
14 277 ms 266 ms 270 ms 216.239.50.104
15 266 ms 263 ms 290 ms 108.170.231.169
16 * * * Request timed out.
11
Output after running the TRACERT on my computer
Tracing route to www.google.com [74.125.196.104]
1 3 ms 1 ms 1 ms www.huaweimobilewifi.com [192.168.8.1]
2 * * * Request timed out.
3 * * * Request timed out.
4 * * * Request timed out.
5 * * * Request timed out.
6 * * 79 ms 154.79.241.202
7 75 ms 76 ms 56 ms 72.14.203.47
8 52 ms 71 ms 53 ms 72.14.203.46
9 175 ms 196 ms 178 ms 108.170.229.83
10 195 ms 236 ms 198 ms 216.239.35.207
11 1066 ms 732 ms 262 ms 209.85.143.216
12 271 ms 262 ms 271 ms 216.239.48.9
13 267 ms 270 ms 264 ms 216.239.40.138
14 277 ms 266 ms 270 ms 216.239.50.104
15 266 ms 263 ms 290 ms 108.170.231.169
16 * * * Request timed out.
COIT20261 Network Routing and Switching (Term 1, 2018)
12
17 * * * Request timed out.
18 * * * Request timed out.
19 * * * Request timed out.
20 * * * Request timed out.
21 * * * Request timed out.
22 * * * Request timed out.
23 * * * Request timed out.
24 * * * Request timed out.
25 886 ms 546 ms 517 ms yk-in-f104.1e100.net [74.125.196.104]
Trace complete.
Results description
Evident from the above results, each hop has been displayed on a different line (although the and
each numbered, so clearly from the results after running the command on my computer it took 25
hops to be able to reach the final destination server, yk-in-f104.1e100.net
[74.125.196.104],which is simply the Google website (Liu, 2012).
Each row has been displayed in 6 columns. The very first column is simply the number of the
hop.
1 3 ms 1 ms 1 ms www.huaweimobilewifi.com [192.168.8.1]
12
17 * * * Request timed out.
18 * * * Request timed out.
19 * * * Request timed out.
20 * * * Request timed out.
21 * * * Request timed out.
22 * * * Request timed out.
23 * * * Request timed out.
24 * * * Request timed out.
25 886 ms 546 ms 517 ms yk-in-f104.1e100.net [74.125.196.104]
Trace complete.
Results description
Evident from the above results, each hop has been displayed on a different line (although the and
each numbered, so clearly from the results after running the command on my computer it took 25
hops to be able to reach the final destination server, yk-in-f104.1e100.net
[74.125.196.104],which is simply the Google website (Liu, 2012).
Each row has been displayed in 6 columns. The very first column is simply the number of the
hop.
1 3 ms 1 ms 1 ms www.huaweimobilewifi.com [192.168.8.1]
COIT20261 Network Routing and Switching (Term 1, 2018)
13
What Traceroute did was actually sending three packets of data, and measuring the time
taken for each packet. In the hop of my results, each packet took different time in terms of
milliseconds. The server at the first hop is called www.huaweimobilewifi.com, and its address on
the Internet is 192.168.8.1. Also, from the results is clear that it took between 886, 546 and 517
milliseconds to get data right from the destination server, as indicated by the last hop (Liu,
2012).
25 886 ms 546 ms 517 ms yk-in-f104.1e100.net [74.125.196.104]
Hop number 16-24 in the obtained results indicated no time data and Request time out
errors. This is associated with the servers at those hops rejecting the Internet Control Message
Protocol (ICMP) traffic. Traceroute requests for information at such servers have therefore been
ignored. However, it is evident that the command could still sent data to the next hops as the
results indicate. Request timed out error should not be a big issue to worry about as some
network providers just choose to disable the ICMP traffic especially whenever their networks are
under heavy loads (Liu, 2012).
13
What Traceroute did was actually sending three packets of data, and measuring the time
taken for each packet. In the hop of my results, each packet took different time in terms of
milliseconds. The server at the first hop is called www.huaweimobilewifi.com, and its address on
the Internet is 192.168.8.1. Also, from the results is clear that it took between 886, 546 and 517
milliseconds to get data right from the destination server, as indicated by the last hop (Liu,
2012).
25 886 ms 546 ms 517 ms yk-in-f104.1e100.net [74.125.196.104]
Hop number 16-24 in the obtained results indicated no time data and Request time out
errors. This is associated with the servers at those hops rejecting the Internet Control Message
Protocol (ICMP) traffic. Traceroute requests for information at such servers have therefore been
ignored. However, it is evident that the command could still sent data to the next hops as the
results indicate. Request timed out error should not be a big issue to worry about as some
network providers just choose to disable the ICMP traffic especially whenever their networks are
under heavy loads (Liu, 2012).
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
COIT20261 Network Routing and Switching (Term 1, 2018)
14
References
Asrodia, P., & Patel, H. (2012). Analysis of various packet sniffing tools for network monitoring
and analysis. International Journal of Electrical, Electronics and Computer
Engineering, 1(1), 55-58.
Banerjee, U., Vashishtha, A., & Saxena, M. (2010). Evaluation of the Capabilities of WireShark
as a tool for Intrusion Detection. International Journal of computer applications, 6(7).
Orebaugh, A., Ramirez, G., & Beale, J. (2016). Wireshark & Ethereal network protocol analyzer
toolkit. Elsevier.
Schuler, T. P. (2013). U.S. Patent Application No. 11/776,651.
Postel, J., & Mogul, J. C. (2015). Internet standard subnetting procedure.
14
References
Asrodia, P., & Patel, H. (2012). Analysis of various packet sniffing tools for network monitoring
and analysis. International Journal of Electrical, Electronics and Computer
Engineering, 1(1), 55-58.
Banerjee, U., Vashishtha, A., & Saxena, M. (2010). Evaluation of the Capabilities of WireShark
as a tool for Intrusion Detection. International Journal of computer applications, 6(7).
Orebaugh, A., Ramirez, G., & Beale, J. (2016). Wireshark & Ethereal network protocol analyzer
toolkit. Elsevier.
Schuler, T. P. (2013). U.S. Patent Application No. 11/776,651.
Postel, J., & Mogul, J. C. (2015). Internet standard subnetting procedure.
COIT20261 Network Routing and Switching (Term 1, 2018)
15
Liu, H. (2012, October). A new form of DOS attack in a cloud and its avoidance mechanism.
In Proceedings of the 2010 ACM workshop on Cloud computing security workshop (pp.
65-76). ACM.
Huegen, C. A., Dobbins, E. R., Foo, I., & Gleichauf, R. E. (2011). U.S. Patent No. 8,068,414.
Washington, DC: U.S. Patent and Trademark Office.
Fuller, V., Li, T., Yu, J., & Varadhan, K. (2013). Classless inter-domain routing (CIDR): an
address assignment and aggregation strategy (No. RFC 1519).
TEMPLATE FOR YOUR ANSWERS
Type your answers in this section in the spaces provided
First Name:_________________________ Last Name:_________________________
Student ID: __________________________
Question Number Mark
allocated
Mark
earned
Question 1: (3 marks) 3
15
Liu, H. (2012, October). A new form of DOS attack in a cloud and its avoidance mechanism.
In Proceedings of the 2010 ACM workshop on Cloud computing security workshop (pp.
65-76). ACM.
Huegen, C. A., Dobbins, E. R., Foo, I., & Gleichauf, R. E. (2011). U.S. Patent No. 8,068,414.
Washington, DC: U.S. Patent and Trademark Office.
Fuller, V., Li, T., Yu, J., & Varadhan, K. (2013). Classless inter-domain routing (CIDR): an
address assignment and aggregation strategy (No. RFC 1519).
TEMPLATE FOR YOUR ANSWERS
Type your answers in this section in the spaces provided
First Name:_________________________ Last Name:_________________________
Student ID: __________________________
Question Number Mark
allocated
Mark
earned
Question 1: (3 marks) 3
COIT20261 Network Routing and Switching (Term 1, 2018)
16
a)
b)
c)
154.78.177.0
154.78.177.31
154.78.177.1 ip address to 154.78.177.30 ip address
1 mark
each
item,
total 3
Question 2: (8 marks) 8
a) 138.77.0.0 1
b) Subnet No. addresses Subnet address Mask /n
1 32 138.77.216.0 24
2 32 138.77.216.32 24
3 16 138.77.216.0 24
4 16 138.77.216.16 24
5 16 138.77.216.32 24
6 16 138.77.216.48 24
6
16
a)
b)
c)
154.78.177.0
154.78.177.31
154.78.177.1 ip address to 154.78.177.30 ip address
1 mark
each
item,
total 3
Question 2: (8 marks) 8
a) 138.77.0.0 1
b) Subnet No. addresses Subnet address Mask /n
1 32 138.77.216.0 24
2 32 138.77.216.32 24
3 16 138.77.216.0 24
4 16 138.77.216.16 24
5 16 138.77.216.32 24
6 16 138.77.216.48 24
6
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
COIT20261 Network Routing and Switching (Term 1, 2018)
17
c) From the above calculations, the total number of subnets is 1 (2^0) and
the subnet is capable of accommodating 256 hosts. This means the
whole block of address will have 256 hosts. This indicates that if the
company decides to add another subnet with 1024 addresses, there
would be no room for that.
1
Question 3: (4 marks) 4
a)
i) Wireshark_ it denotes the software which was used in order to arrive at
the results in the given capture
Capture01_ it denotes the position in which this capture occupies in the
repository folder of the Wireshark software, for instance, in this case
there was no any other capture in the repository and that means that this
capture was the first one
.pcapng_ (PCAP Next Generation Dump File Format) was adopted to
overcome the limitations of the format which was being used (libpcap
format).it is a flexible and extensible successor of the libpcap format. A
file being saved in the format pcapng on default is a clear indication that
.5 mark
each
item,
total 2
for 3a.
17
c) From the above calculations, the total number of subnets is 1 (2^0) and
the subnet is capable of accommodating 256 hosts. This means the
whole block of address will have 256 hosts. This indicates that if the
company decides to add another subnet with 1024 addresses, there
would be no room for that.
1
Question 3: (4 marks) 4
a)
i) Wireshark_ it denotes the software which was used in order to arrive at
the results in the given capture
Capture01_ it denotes the position in which this capture occupies in the
repository folder of the Wireshark software, for instance, in this case
there was no any other capture in the repository and that means that this
capture was the first one
.pcapng_ (PCAP Next Generation Dump File Format) was adopted to
overcome the limitations of the format which was being used (libpcap
format).it is a flexible and extensible successor of the libpcap format. A
file being saved in the format pcapng on default is a clear indication that
.5 mark
each
item,
total 2
for 3a.
COIT20261 Network Routing and Switching (Term 1, 2018)
18
(ii)
(iii)
(iv)
the version of Wireshark being used is 1.8 and later because prior
Versions used libpcap (Asrodia & Patel, 2012).
Mac computer, IP address= 10.0.0.58:139
Indicates the route followed by the packets from launch until they
reaches the destination.
Wireshark which was initially known as Ethereal is a powerful tool in
the network security analysis being used by network administrators. As
one of network packet analyzer, Wireshark is used by the network
administrators to peer into networks to examine the specifics of network
traffic at different levels which range from connection-level information
to specific bits making a single packet. The flexibility as well as the
depth of such an inspection enables the network administrators to
analyze security in a network and troubleshoot any security issues
(Banerjee, Vashishtha & Saxena, 2010).
The second important use of Wireshark is in troubleshooting
security devices. Specifically, when it comes to network firewall rules;
whenever there are systems running in connection with Wireshark on
either side of the firewall, Wireshark makes it easy for the network
administrator to see the packets successfully traversing the device, and
also can identify the cause of a connectivity problem if associated with
the firewall (Liu, 2012).
18
(ii)
(iii)
(iv)
the version of Wireshark being used is 1.8 and later because prior
Versions used libpcap (Asrodia & Patel, 2012).
Mac computer, IP address= 10.0.0.58:139
Indicates the route followed by the packets from launch until they
reaches the destination.
Wireshark which was initially known as Ethereal is a powerful tool in
the network security analysis being used by network administrators. As
one of network packet analyzer, Wireshark is used by the network
administrators to peer into networks to examine the specifics of network
traffic at different levels which range from connection-level information
to specific bits making a single packet. The flexibility as well as the
depth of such an inspection enables the network administrators to
analyze security in a network and troubleshoot any security issues
(Banerjee, Vashishtha & Saxena, 2010).
The second important use of Wireshark is in troubleshooting
security devices. Specifically, when it comes to network firewall rules;
whenever there are systems running in connection with Wireshark on
either side of the firewall, Wireshark makes it easy for the network
administrator to see the packets successfully traversing the device, and
also can identify the cause of a connectivity problem if associated with
the firewall (Liu, 2012).
COIT20261 Network Routing and Switching (Term 1, 2018)
19
b) Proto: The Proto column represents the protocol name which has been
involved in the operation. It can either be TCP or UDP.
Local Address: This column represents IP addresses of local computers
and the respective ports which are being utilized
Foreign Address: The Foreign Address column represents IP addresses
as well as the port numbers of the computers which are being accessed
remotely.
The PID: This column shows the process identifier (PID) which is
associated with a certain TCP or UDP connection.
State: This column represents the TCP or UDP connections state. There
are several states which a connection can be. These states are;
a) LISTENING- this state indicates that a certain server is waiting
for any connection request from a remote TCP and port.
b) ESTABLISHED- this is a state associated with both the servers
and clients and which indicates the presence of an open
connection where data received in either can be delivered to the
users
c) CLOSE-WAIT- this state is evident both in servers and clients
to indicate a state of waiting for connection termination request
1
19
b) Proto: The Proto column represents the protocol name which has been
involved in the operation. It can either be TCP or UDP.
Local Address: This column represents IP addresses of local computers
and the respective ports which are being utilized
Foreign Address: The Foreign Address column represents IP addresses
as well as the port numbers of the computers which are being accessed
remotely.
The PID: This column shows the process identifier (PID) which is
associated with a certain TCP or UDP connection.
State: This column represents the TCP or UDP connections state. There
are several states which a connection can be. These states are;
a) LISTENING- this state indicates that a certain server is waiting
for any connection request from a remote TCP and port.
b) ESTABLISHED- this is a state associated with both the servers
and clients and which indicates the presence of an open
connection where data received in either can be delivered to the
users
c) CLOSE-WAIT- this state is evident both in servers and clients
to indicate a state of waiting for connection termination request
1
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
COIT20261 Network Routing and Switching (Term 1, 2018)
20
from the local users.
c) Tracing route to www.google.com [74.125.196.104]
1 3 ms 1 ms 1 ms www.huaweimobilewifi.com [192.168.8.1]
2 * * * Request timed out.
3 * * * Request timed out.
4 * * * Request timed out.
5 * * * Request timed out.
6 * * 79 ms 154.79.241.202
7 75 ms 76 ms 56 ms 72.14.203.47
8 52 ms 71 ms 53 ms 72.14.203.46
9 175 ms 196 ms 178 ms 108.170.229.83
10 195 ms 236 ms 198 ms 216.239.35.207
11 1066 ms 732 ms 262 ms 209.85.143.216
12 271 ms 262 ms 271 ms 216.239.48.9
13 267 ms 270 ms 264 ms 216.239.40.138
14 277 ms 266 ms 270 ms 216.239.50.104
15 266 ms 263 ms 290 ms 108.170.231.169
16 * * * Request timed out.
17 * * * Request timed out.
18 * * * Request timed out.
1
20
from the local users.
c) Tracing route to www.google.com [74.125.196.104]
1 3 ms 1 ms 1 ms www.huaweimobilewifi.com [192.168.8.1]
2 * * * Request timed out.
3 * * * Request timed out.
4 * * * Request timed out.
5 * * * Request timed out.
6 * * 79 ms 154.79.241.202
7 75 ms 76 ms 56 ms 72.14.203.47
8 52 ms 71 ms 53 ms 72.14.203.46
9 175 ms 196 ms 178 ms 108.170.229.83
10 195 ms 236 ms 198 ms 216.239.35.207
11 1066 ms 732 ms 262 ms 209.85.143.216
12 271 ms 262 ms 271 ms 216.239.48.9
13 267 ms 270 ms 264 ms 216.239.40.138
14 277 ms 266 ms 270 ms 216.239.50.104
15 266 ms 263 ms 290 ms 108.170.231.169
16 * * * Request timed out.
17 * * * Request timed out.
18 * * * Request timed out.
1
COIT20261 Network Routing and Switching (Term 1, 2018)
21
19 * * * Request timed out.
20 * * * Request timed out.
21 * * * Request timed out.
22 * * * Request timed out.
23 * * * Request timed out.
24 * * * Request timed out.
25 886 ms 546 ms 517 ms yk-in-f104.1e100.net [74.125.196.104]
Trace complete.
Total marks awarded 15 (max)
Less late penalties if applicable
Less plagiarism penalties if applicable
Total marks earned
Markers comments:
21
19 * * * Request timed out.
20 * * * Request timed out.
21 * * * Request timed out.
22 * * * Request timed out.
23 * * * Request timed out.
24 * * * Request timed out.
25 886 ms 546 ms 517 ms yk-in-f104.1e100.net [74.125.196.104]
Trace complete.
Total marks awarded 15 (max)
Less late penalties if applicable
Less plagiarism penalties if applicable
Total marks earned
Markers comments:
1 out of 21
Related Documents
![[object Object]](/_next/image/?url=%2F_next%2Fstatic%2Fmedia%2Flogo.6d15ce61.png&w=640&q=75){kind=small}
Your All-in-One AI-Powered Toolkit for Academic Success.
 +13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024  |  Zucol Services PVT LTD  |  All rights reserved.