计算机网络实验4Wireshark Lab ICMP.docx
《计算机网络实验4Wireshark Lab ICMP.docx》由会员分享,可在线阅读,更多相关《计算机网络实验4Wireshark Lab ICMP.docx(12页珍藏版)》请在冰点文库上搜索。
计算机网络实验4WiresharkLabICMP
Lab4WiresharkLab:
ICMP
STEPS
•Let’sbeginthisadventurebyopeningtheWindowsCommandPromptapplication(whichcanbefoundinyourAccessoriesfolder).
•StartuptheWiresharkpacketsniffer,andbeginWiresharkpacketcapture.
•Thepingcommandisinc:
\windows\system32,sotypeeither“ping–n10hostname”or“c:
\windows\system32\ping–n10hostname”intheMS-DOScommandline(withoutquotationmarks),wherehostnameisahostonanothercontinent.Ifyou’reoutsideofAsia,youmaywanttoenterwww.ust.hkfortheWebserveratHongKongUniversityofScienceandTechnology.Theargument“-n10”indicatesthat10pingmessagesshouldbesent.ThenrunthePingprogrambytypingreturn.
•WhenthePingprogramterminates,stopthepacketcaptureinWireshark.
QUESTIONS
1、WhatistheIPaddressofyourhost?
WhatistheIPaddressofthedestinationhost?
TheIPaddressofmyhostis172.18.40.131.TheIPaddressofthedestinationhostis143.89.14.2.
2、WhyisitthatanICMPpacketdoesnothavesourceanddestinationportnumbers?
BecausethattheICMPisaprotocolinnetworklayer,anditisdesignedtocommunicateinformationinnetworklayerbetweenhostsandrouters,ratherthanapplicationlayerprocesses.WehavetonoticethateachICMPpackethasa“Type”and“Code”field.Theywillidentifiesthemessagebeingreceived.NetworksoftwarecanunderstandtheICMPmessage.SoICMPpacketdoesnotneedtohavesourceanddestinationportnumbers.
3、Examineoneofthepingrequestpacketssentbyyourhost.WhataretheICMPtypeandcodenumbers?
WhatotherfieldsdoesthisICMPpackethave?
Howmanybytesarethechecksum,sequencenumberandidentifierfields?
TheICMPtypeis8,andthecodenumbersis0.ThisICMPpacketstillhaveChecksum、Identifier、Sequencenumberanddatafields.Checksumfieldhas2bytes.Sequencenumberfieldshas2bytes.Identifierfieldhas2bytes.
4、Examinethecorrespondingpingreplypacket.WhataretheICMPtypeandcodenumbers?
WhatotherfieldsdoesthisICMPpackethave?
Howmanybytesarethechecksum,sequencenumberandidentifierfields?
TheICMPtypeis0,andthecodenumbersis0.TheICMPpacketstillhaveChecksum、Identifier、Sequencenumberanddatafields.Checksumfieldhas2bytes.Sequencenumberfieldshas2bytes.Identifierfieldhas2bytes.
STEPS
•Let’sbeginbyopeningtheWindowsCommandPromptapplication(whichcanbefoundinyourAccessoriesfolder).
•StartuptheWiresharkpacketsniffer,andbeginWiresharkpacketcapture.
•Thetracertcommandisinc:
\windows\system32,sotypeeither“tracerthostname”or“c:
\windows\system32\tracerthostname”intheMS-DOScommandline(withoutquotationmarks),wherehostnameisahostonanothercontinent.(NotethatonaWindowsmachine,thecommandis“tracert”andnot“traceroute”.)Ifyou’reoutsideofEurope,youmaywanttoenterwww.inria.frfortheWebserveratINRIA,acomputerscienceresearchinstituteinFrance.ThenruntheTracerouteprogrambytypingreturn.
•WhentheTracerouteprogramterminates,stoppacketcaptureinWireshark.
QUESTIONS
5.WhatistheIPaddressofyourhost?
WhatistheIPaddressofthetargetdestinationhost?
TheIPaddressofmyhostis172.18.40.131.TheIPaddressofthetargetdestinationhostis128.93.162.84
6.IfICMPsentUDPpacketsinstead(asinUnix/Linux),wouldtheIPprotocolnumberstillbe01fortheprobepackets?
Ifnot,whatwoulditbe?
TheIPprotocolnumberwouldn’tstillbe01fortheprobepackets.Itwouldbe17.
7.ExaminetheICMPechopacketinyourscreenshot.IsthisdifferentfromtheICMPpingquerypacketsinthefirsthalfofthislab?
Ifyes,howso?
TheICMPechopackethasthesamefieldsasthepingquerypacket.Butthedatafield’ssizeisdifferent.TheICMPpingquerypackets’datafieldsizeis32bytes.ButthesizeofdatafieldinICMPechopacketisnotthenumber.
ICMPechopacket
ICMPpingquerypackets
8.ExaminetheICMPerrorpacketinyourscreenshot.IthasmorefieldsthantheICMPechopacket.Whatisincludedinthosefields?
Itcontainstheheaderandthefirst8bytesoftheIPdatagramthatcausetheICMPmessagetobegenerated.Besides,wecanseethatithastheoriginalICMPmessage,andithasownType、CodeandChecksumfields.
ICMPechopacket
ICMPerrorpacket
9.ExaminethelastthreeICMPpacketsreceivedbythesourcehost.HowarethesepacketsdifferentfromtheICMPerrorpackets?
Whyaretheydifferent?
ThelastthreeICMPpackets’typeis0ratherthan11.ThatmeanstheICMPpacketisanechoreplypacket.TheyaredifferentbecausethatthelastthreeICMPpackethavearrivedthedestinationbeforetheTTLexpired..
ICMPerrorpackets
thelastthreeICMPpackets
10.Withinthetracertmeasurements,istherealinkwhosedelayissignificantlylongerthanothers?
RefertothescreenshotinFigure4,istherealinkwhosedelayissignificantlylongerthanothers?
Onthebasisoftherouternames,canyouguessthelocationofthetworoutersontheendofthislink?
Inthepicture,wecanseethatalinkbetweenstep12andstep13hasasignificantlydelaylongerthanothers.Butsadly,wecan’tgettheroutername,soit’shardtogettheinformationabouttheirlocation.ButwecansearchthemontheInternet.WhatsurprisemeisthatbothofthemareinChina,whichmeansthattheyarenotindifferentcountry.InFigure4,wecanseethatalinkbetweenstep9andstep10hasasignificantlydelaylongerthanothers.Basedontheroutername,IcanguessthelinkisfromNewYorkCitytoPastourelle,France.
QUESTIONS
ForoneoftheprogrammingassignmentsyoucreatedaUDPclientpingprogram.Thispingprogram,unlikethestandardpingprogram,sendsUDPprobepacketsratherthanICMPprobepackets.UsetheclientprogramtosendaUDPpacketwithanunusualdestinationportnumbertosomelivehost.Atthesametime,useWiresharktocaptureanyresponsefromthetargethost.ProvideaWiresharkscreenshotfortheresponseaswellasananalysisoftheresponse.
Mycomputerruntheclient,andtheIPaddressis172.18.40.131.Anothercomputerruntheserver,andtheIPaddressis172.18.43.93,andtheportnumberis1048.SoIgettheWiresharkscreenshotasthefollow.
Theclient’sinformationisfollow.
WecangetthattheminimumRTTsis6ms.ThemaximumRTTsis264ms.TheaverageRTTsis132.9ms.Inthiscondition,Packet2islostorthereplyforpacket2islost,sopacket2didn’tgetreply.Butotherpacketgettheirreply.
Thecodeforclientisfollow.
importjava.io.*;
import.*;
importjava.util.*;
importjava.text.SimpleDateFormat;
publicclassPingClient
{
privatestaticfinaldoubleLOSS_RATE=0.3;
privatestaticfinalintAVERAGE_DELAY=100;//milliseconds
publicstaticvoidmain(String[]args)throwsException
{
if(args.length!
=2)
{
System.out.println("Requiredarguments:
hostport");
return;
}
Stringhost=args[0].toString();
intport=Integer.parseInt(args[1]);
//建立socket
DatagramSocketclientSocket=newDatagramSocket();
//等待1秒钟
clientSocket.setSoTimeout(1000);
InetAddressIPAddress=InetAddress.getByName(host);
for(inti=0;i<10;i++)
{
//发送报文
byte[]sendData=newbyte[1024];
byte[]receiveData=newbyte[1024];
DatecurrentTime=newDate();
SimpleDateFormatformatter=newSimpleDateFormat("yyyy-MM-ddHH:
mm:
ss:
SSS");
StringtimeStamp=formatter.format(currentTime);
StringpingMessage="PING"+i+""+timeStamp+""+"\r\n";
sendData=pingMessage.getBytes();
DatagramPacketsendPacket=newDatagramPacket(sendData,sendData.length,IPAddress,port);
try
{
DatecurTime1=newDate();
clientSocket.send(sendPacket);
DatagramPacketreceivePacket=newDatagramPacket(receiveData,receiveData.length);
clientSocket.receive(receivePacket);
DatecurTime2=newDate();
printData(receivePacket);
System.out.println("RTT:
"+(curTime2.getTime()-curTime1.getTime())+"ms");
}
catch(.SocketTimeoutExceptionex)
{
System.out.println("NoReplyFromServer!
");
}
}
clientSocket.close();
}
privatestaticvoidprintData(DatagramPacketreceivePacket)throwsException
{
//Obtainreferencestothepacket'sarrayofbytes.
byte[]buf=receivePacket.getData();
//Wrapthebytesinabytearrayinputstream,sothatyoucanreadthedataasastream
//ofbytes.
ByteArrayInputStreambais=newByteArrayInputStream(buf);
//Wrapthebytearrayoutputstreaminaninputstreamreader,
//soyoucanreadthedataasastreamofcharacters.
InputStreamReaderisr=newInputStreamReader(bais);
//Wraptheinputstreamreaderinabufferedreader,
//soyoucanreadthecharacterdataalineatatime.
//(Alineisasequenceofcharsterminatedbyanycombinationof\rand\n.)
BufferedReaderbr=newBufferedReader(isr);
//Themessagedataiscontainedinasingleline,soreadthisline.
Stringline=br.readLine();
//Printhostaddressanddatareceivedfromit.
System.out.println("PacketFromServer"+":
"+newString(line));
}
}