MITS4004 Research Study: Networking

Verified

Added on  2023/04/23

|17
|2522
|493
AI Summary
This research study focuses on networking and covers topics like ICMP and Ping, ICMP and Traceroute, and Wireshark Lab: IP v6.0. It includes a table of contents and packet captures of ping commands and traceroutes. The document also provides answers to questions related to the packet captures.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.
Document Page
Running Head: MITS4004 RESEARCH STUDY
MITS4004 Research Study : Networking
[Student Name]
[University Name]

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
1MITS4004 RESEARCH STUDY
Table of Contents
Wireshark Lab: ICMP v6.0........................................................................................................2
ICMP and Ping.......................................................................................................................2
ICMP and Traceroute.............................................................................................................7
Wireshark Lab: IP v6.0............................................................................................................12
Document Page
2MITS4004 RESEARCH STUDY
Wireshark Lab: ICMP v6.0
ICMP and Ping
Run Ping Command in command prompt
C:\Windows\System32>ping -n 10 www.ece.ust.hk
Pinging www.ece.ust.hk [143.89.44.246] with 32 bytes of data:
Reply from 143.89.44.246: bytes=32 time=104ms TTL=44
Reply from 143.89.44.246: bytes=32 time=104ms TTL=44
Reply from 143.89.44.246: bytes=32 time=104ms TTL=44
Reply from 143.89.44.246: bytes=32 time=103ms TTL=44
Reply from 143.89.44.246: bytes=32 time=104ms TTL=44
Reply from 143.89.44.246: bytes=32 time=103ms TTL=44
Reply from 143.89.44.246: bytes=32 time=103ms TTL=44
Reply from 143.89.44.246: bytes=32 time=104ms TTL=44
Document Page
3MITS4004 RESEARCH STUDY
Reply from 143.89.44.246: bytes=32 time=104ms TTL=44
Reply from 143.89.44.246: bytes=32 time=104ms TTL=44
Ping statistics for 143.89.44.246:
Packets: Sent = 10, Received = 10, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 103ms, Maximum = 104ms, Average = 103ms
C:\Windows\System32>
Wireshark Packet Capture of Ping Command
Answers

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
4MITS4004 RESEARCH STUDY
1. IP address of the host is 10.10.30.148. IP address of the destination host is
143.89.44.246
2. ICMP packet communicate network layer information between hosts and routers.
Therefore, ICMP packets does not have the source and destination port number.
3. ICMP packet brief
Frame 976: 74 bytes on wire (592 bits), 74 bytes captured (592 bits) on interface 0
Interface id: 0 (\Device\NPF_{57C7D7B6-27B9-4DA4-A941-901908A75822})
Encapsulation type: Ethernet (1)
Arrival Time: Jan 22, 2019 18:53:46.882458000 India Standard Time
[Time shift for this packet: 0.000000000 seconds]
Epoch Time: 1548163426.882458000 seconds
[Time delta from previous captured frame: 0.037381000 seconds]
[Time delta from previous displayed frame: 0.000000000 seconds]
[Time since reference or first frame: 17.737885000 seconds]
Frame Number: 976
Frame Length: 74 bytes (592 bits)
Capture Length: 74 bytes (592 bits)
[Frame is marked: False]
[Frame is ignored: False]
[Protocols in frame: eth:ethertype:ip:icmp:data]
[Coloring Rule Name: ICMP]
[Coloring Rule String: icmp || icmpv6]
Ethernet II, Src: 58:8a:5a:40:59:64 (58:8a:5a:40:59:64), Dst: Sophos_49:1c:a8
(7c:5a:1c:49:1c:a8)
Document Page
5MITS4004 RESEARCH STUDY
Destination: Sophos_49:1c:a8 (7c:5a:1c:49:1c:a8)
Source: 58:8a:5a:40:59:64 (58:8a:5a:40:59:64)
Type: IPv4 (0x0800)
Internet Protocol Version 4, Src: 10.10.30.148, Dst: 143.89.44.246
0100 .... = Version: 4
.... 0101 = Header Length: 20 bytes (5)
Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT)
Total Length: 60
Identification: 0x3846 (14406)
Flags: 0x00
Fragment offset: 0
Time to live: 128
Protocol: ICMP (1)
Header checksum: 0x0000 [validation disabled]
[Header checksum status: Unverified]
Source: 10.10.30.148
Destination: 143.89.44.246
[Source GeoIP: Unknown]
[Destination GeoIP: Unknown]
Internet Control Message Protocol
Type: 8 (Echo (ping) request)
Code: 0
Checksum: 0x47bc [correct]
[Checksum Status: Good]
Identifier (BE): 1 (0x0001)
Document Page
6MITS4004 RESEARCH STUDY
Identifier (LE): 256 (0x0100)
Sequence number (BE): 1439 (0x059f)
Sequence number (LE): 40709 (0x9f05)
[Response frame: 978]
Data (32 bytes)
ICMP type 8 and code number 0. There are many other fields such as Checksum, Sequence
number, Identifier, data. 2 bytes each.
4. Replay Ping Packets
Internet Control Message Protocol
Type: 0 (Echo (ping) reply)
Code: 0
Checksum: 0x4fbc [correct]
[Checksum Status: Good]
Identifier (BE): 1 (0x0001)
Identifier (LE): 256 (0x0100)
Sequence number (BE): 1439 (0x059f)
Sequence number (LE): 40709 (0x9f05)
[Request frame: 976]
[Response time: 103.816 ms]
Data (32 bytes)
Data: 6162636465666768696a6b6c6d6e6f707172737475767761...
[Length: 32]

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
7MITS4004 RESEARCH STUDY
ICMP type and Code number is 0 and 0. There are many other fields such as
Checksum, Sequence number, Identifier, data. Total 32 bytes are in these fields.
ICMP and Traceroute
C:\Windows\System32>tracert www.inria.fr
Tracing route to ezp3.inria.fr [128.93.162.84]
over a maximum of 30 hops:
1 <1 ms <1 ms <1 ms 10.10.30.1
2 1 ms 2 ms 1 ms Kol-223.29.204.241.PMPL-Broadband.net [223.29.204.241]
3 2 ms 1 ms 1 ms 10.2.5.1
4 1 ms <1 ms <1 ms 22.22.22.1
5 2 ms 1 ms 1 ms 10.100.100.61
Document Page
8MITS4004 RESEARCH STUDY
6 1 ms 1 ms 1 ms 10.200.30.2
7 * * * Request timed out.
8 * * * Request timed out.
9 <1 ms 1 ms 1 ms 10.200.10.1
10 3 ms 3 ms 3 ms 220.225.118.117
11 30 ms 29 ms 29 ms sriperumbudur-eg-173.232.249.45.powergrid.in
[45.249.232.173]
12 30 ms 29 ms 30 ms chennai-igw-172.232.249.45.powergrid.in [45.249.232.172]
13 31 ms 31 ms 31 ms 115.249.226.130
14 57 ms 56 ms 57 ms 115.255.253.146
15 53 ms 61 ms 53 ms 62.216.147.45
16 177 ms 175 ms 186 ms xe-3-1-0.0.cjr01.prs001.flagtel.com [85.95.25.114]
17 171 ms 173 ms 172 ms ge-5-0-0.0.ejr02.prs002.flagtel.com [62.216.128.198]
18 * * * Request timed out.
19 183 ms 183 ms 183 ms 193.51.180.44
20 194 ms 195 ms 194 ms te1-1-inria-rtr-021.noc.renater.fr [193.51.177.107]
21 183 ms 183 ms 183 ms inria-rocquencourt-te1-4-inria-rtr-021.noc.renater.fr
[193.51.184.177]
22 183 ms 183 ms 182 ms unit240-reth1-vfw-ext-dc1.inria.fr [192.93.122.19]
23 180 ms 179 ms 179 ms ezp3.inria.fr [128.93.162.84]
Trace complete.
C:\Windows\System32>
Document Page
9MITS4004 RESEARCH STUDY
Frame 397: 106 bytes on wire (848 bits), 106 bytes captured (848 bits) on interface 0
Interface id: 0 (\Device\NPF_{57C7D7B6-27B9-4DA4-A941-901908A75822})
Encapsulation type: Ethernet (1)
Arrival Time: Jan 22, 2019 19:40:58.555045000 India Standard Time
[Time shift for this packet: 0.000000000 seconds]
Epoch Time: 1548166258.555045000 seconds
[Time delta from previous captured frame: 0.022576000 seconds]
[Time delta from previous displayed frame: 0.000000000 seconds]
[Time since reference or first frame: 28.423130000 seconds]
Frame Number: 397
Frame Length: 106 bytes (848 bits)
Capture Length: 106 bytes (848 bits)
[Frame is marked: False]
[Frame is ignored: False]
[Protocols in frame: eth:ethertype:ip:icmp:data]

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
10MITS4004 RESEARCH STUDY
[Coloring Rule Name: ICMP]
[Coloring Rule String: icmp || icmpv6]
Ethernet II, Src: 58:8a:5a:40:59:64 (58:8a:5a:40:59:64), Dst: Sophos_49:1c:a8
(7c:5a:1c:49:1c:a8)
Destination: Sophos_49:1c:a8 (7c:5a:1c:49:1c:a8)
Source: 58:8a:5a:40:59:64 (58:8a:5a:40:59:64)
Type: IPv4 (0x0800)
Internet Protocol Version 4, Src: 10.10.30.148, Dst: 128.93.162.84
0100 .... = Version: 4
.... 0101 = Header Length: 20 bytes (5)
Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT)
Total Length: 92
Identification: 0x783d (30781)
Flags: 0x00
Fragment offset: 0
Time to live: 1
Protocol: ICMP (1)
Header checksum: 0x0000 [validation disabled]
[Header checksum status: Unverified]
Source: 10.10.30.148
Destination: 128.93.162.84
[Source GeoIP: Unknown]
[Destination GeoIP: Unknown]
Internet Control Message Protocol
Type: 8 (Echo (ping) request)
Document Page
11MITS4004 RESEARCH STUDY
Code: 0
Checksum: 0xf255 [correct]
[Checksum Status: Good]
Identifier (BE): 1 (0x0001)
Identifier (LE): 256 (0x0100)
Sequence number (BE): 1449 (0x05a9)
Sequence number (LE): 43269 (0xa905)
[No response seen]
Data (64 bytes)
Data: 000000000000000000000000000000000000000000000000...
[Length: 64]
5. IP address of the host is 10.10.30.148. IP address of the destination host is
128.93.162.84
6. No. If ICMP sent UDP packets instead, the IP protocol number should be 0x11
7. No, both packets are same fields. They are not different.
Document Page
12MITS4004 RESEARCH STUDY
8.
No, it is not same as the first ICMP ping packet. It has IP header and first 8 bytes of
the original ICMP packets.
9. The last three ICMP packet message type is 0 rather then 8. These are different
because the datagram has made it all the way to the destination, therefore, the TTL is
expired.
10. There is the link between the 15 to 16 is significantly delay then other links. In figure
4 from the lab, the link between the New York to Pastourelle is delay then other links.
Wireshark Lab: IP v6.0

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
13MITS4004 RESEARCH STUDY
Internet Protocol Version 4, Src: 10.10.30.148, Dst: 128.119.245.12
0100 .... = Version: 4
.... 0101 = Header Length: 20 bytes (5)
Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT)
0000 00.. = Differentiated Services Codepoint: Default (0)
.... ..00 = Explicit Congestion Notification: Not ECN-Capable Transport (0)
Total Length: 56
Identification: 0x63a2 (25506)
Flags: 0x00
0... .... = Reserved bit: Not set
.0.. .... = Don't fragment: Not set
..0. .... = More fragments: Not set
Fragment offset: 0
Time to live: 255
Protocol: ICMP (1)
Header checksum: 0x0000 [validation disabled]
[Header checksum status: Unverified]
Source: 10.10.30.148
Destination: 128.119.245.12
[Source GeoIP: Unknown]
[Destination GeoIP: Unknown]
1. IP address of my computer is 10.10.30.148
2. Value of upper layer protocol field is ICMP (1).
Document Page
14MITS4004 RESEARCH STUDY
3. Header length is 20 bytes and (50-20) = 36 bytes in the payload of the IP datagram.
4. Fragment offset is 0. So the datagram is not fragmented.
5. Identification, Time to live and Header checksum always change.
6. Fields
Fields those are stay constant in IP datagrams are :
Version (because the IPv4 protocol is used for all the packets)
Header length (All packets are ICMP packets)
Source IP and Destination IP (a single source and destination is used for all the
packets)
Upper layer Protocol (all packets are ICMP packets)
The Fields must stay constant:
Version (because the IPv4 protocol is used for all the packets)
Header length (All packets are ICMP packets)
Source IP and Destination IP (a single source and destination is used for all the
packets)
Upper layer Protocol (all packets are ICMP packets)
Identification (all packets have different identity)
Time to live (it is changed for all the packets)
Header checksum (it is also change for all the packets)
7. ICMP Echo (ping) request
8. Identification Value : 25506, TTL Value : 255
9. Identification field value is changing for the ICMP fields. Because, the identification
field value is a unique value. TTL value is remains unchanged because the TTL for
the first hop router is always the same.
Document Page
15MITS4004 RESEARCH STUDY
10. Yes the IP datagram is fragmented.
Internet Protocol Version 4, Src: 10.10.30.148, Dst: 128.119.245.12
0100 .... = Version: 4
.... 0101 = Header Length: 20 bytes (5)
Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT)
0000 00.. = Differentiated Services Codepoint: Default (0)
.... ..00 = Explicit Congestion Notification: Not ECN-Capable Transport (0)
Total Length: 1500
Identification: 0x652f (25903)
Flags: 0x01 (More Fragments)
0... .... = Reserved bit: Not set
.0.. .... = Don't fragment: Not set
..1. .... = More fragments: Set
Fragment offset: 0
Time to live: 255
Protocol: ICMP (1)
Header checksum: 0x0000 [validation disabled]
[Header checksum status: Unverified]
Source: 10.10.30.148
Destination: 128.119.245.12
[Source GeoIP: Unknown]
[Destination GeoIP: Unknown]
Reassembled IPv4 in frame: 1369
11. The flag bit for more fragment is set. This is indicating that the IP datagram is
fragmented. The offset is 0 and the length is 1500.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
16MITS4004 RESEARCH STUDY
Internet Protocol Version 4, Src: 10.10.30.148, Dst: 128.119.245.12
0100 .... = Version: 4
.... 0101 = Header Length: 20 bytes (5)
Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT)
Total Length: 1500
Identification: 0x6751 (26449)
Flags: 0x01 (More Fragments)
0... .... = Reserved bit: Not set
.0.. .... = Don't fragment: Not set
..1. .... = More fragments: Set
Fragment offset: 1480
Time to live: 255
Protocol: ICMP (1)
Header checksum: 0x0000 [validation disabled]
[Header checksum status: Unverified]
Source: 10.10.30.148
Destination: 128.119.245.12
[Source GeoIP: Unknown]
[Destination GeoIP: Unknown]
Reassembled IPv4 in frame: 3553
12. The fragment offset is 1480. This is determine that this is not the first fragment.
13. total length, flags, fragment offset, and checksum
14. 3 packets created from the original datagram.
15. Fragment offset, and checksum.
1 out of 17
circle_padding
hide_on_mobile
zoom_out_icon
[object Object]

Your All-in-One AI-Powered Toolkit for Academic Success.

Available 24*7 on WhatsApp / Email

[object Object]