计网实验IPandTCPProtocoalAnalysiswithWireShark文档格式.docx
- 文档编号:14930180
- 上传时间:2022-10-26
- 格式:DOCX
- 页数:16
- 大小:1.55MB
计网实验IPandTCPProtocoalAnalysiswithWireShark文档格式.docx
《计网实验IPandTCPProtocoalAnalysiswithWireShark文档格式.docx》由会员分享,可在线阅读,更多相关《计网实验IPandTCPProtocoalAnalysiswithWireShark文档格式.docx(16页珍藏版)》请在冰豆网上搜索。
Thislabshouldbedoneindividually.
Ifyoudonotwanttocapturethelivepacketsinthislab,youcandownloadmydatafilesforanalysis(lab4.zip).
Answerallquestionswithsupportingscreenshots.Pleasealsofillinthefollowingfeedbackformandappendittothereport.Yourfeedbackisvaluabletoussothatwecanimprovethislab,andmakethelabbetter.
Foreachtask,pleaseratethefollowinginthescaleof1through5:
∙Thedegreeofdifficulty:
1=tooeasy;
5=toodifficult
∙Thelearningexperience:
1=learnednothing;
5=learnedalot
∙Yourinterest:
1=nointerest;
5=highinterest
∙Timeusedforthetask:
inminutes
Task
Difficulty(1—5)
Learning(1—5)
Interest(1—5)
Time(min)
background
Task1
Task2
Task3
Yoursuggestion/comment:
Background
Youneedtoreadandanswerthequestionsinthisbackgroundpartbeforethelab.
ReadLecturesonIPandICMPprotocols.ReadLecturesonTCPprotocol.
Question1:
InIPheader,thereisafieldcalled“protocol(type)”.Whatisitusedfor?
用来规范数据传输方法,使不同电脑之间可以通信
Question2:
HowanICMPmessageistransported(encapsulation)?
ICMP信息封装在IP报文当中。
Question3:
WhichICMPmessagesareusedtoimplementthePingprogram?
Echorequestandechoresponse。
Ping使用type8requests和type0replies。
Question4:
Useafiguretoshowthe3-wayhandshaketoestablishaconnectionintheTCPprotocol.
第一次握手:
主机A发送位码为syn=1,随机产生seqnumber=1234567的数据包到服务器,主机B由SYN=1知道,A要求建立联机;
第二次握手:
主机B收到请求后要确认联机信息,向A发送acknumber=(主机A的seq+1),syn=1,ack=1,随机产生seq=7654321的包第三次握手:
主机A收到后检查acknumber是否正确,即第一次发送的seqnumber+1,以及位码ack是否为1,若正确,主机A会再发送acknumber=(主机B的seq+1),ack=1,主机B收到后确认seq值与ack=1则连接建立成功。
完成三次握手,主机A与主机B开始传送数据
Traceroute(tracert)isanimportantandusefulutilitytoolfornetworktestinganddebugging.Readmoreonitandlearnhowtouseit:
∙MSWindowstracertcommand,
Task1StudyWindowstracertprogramandhowtofindaroute
InMSWindows,tracertcanbeusedtofindaroutefromthesourcehost,viarouters,todestinationhost.Thistaskisabouthowtracertworksandhowwecanuseitfor.Followthestepstostartuptheprogramsandcapturethepackets.
(1)
Startupacommandwindow
ClickStartontheleftcornerofyourdesktop,andchooseRun.ThentypecmdtostartupaDOScommandwindow.Inthiswindow,youcanalsotypecommand"
tracert/?
"
tolearnmoreonthecommand,orreadmoreviathelinkabove.
(2)StartuptheWireSharkprogram
StartupWiresharkandbeginpacketcapture.
(3)
Runthetracertprogram
Typethefollowingcommandtofindarouteto
:
tracert
(4)StoptheWireSharkcapturing
Whentracert
ends,stopthecapturing,andsavethedatatoafile(youcanopenthefiletoanalyzethepacketslater).
(5)Copytheoutputoftracerttothelabreportfile.
Byanalyzingtheoutput,wecanlearnaroutefromthesourcetothedestination,andhowabouttheresponsetimebetweenthesourceandintermediaterouters.
Question5:
Howmanyroutersareontheroutefromyourcomputerto?
WhataretheirIPaddresses?
1、192.168.156.254
2、210.32.39.250
3、60.191.32.65
4、218.75.123.233
5、61.130.127.249
6、220.191.142.49
7、115.239.209.18
8、115.239.210.27
Question6:
Basedontheoutputfromthetracert,drawthemapofthenetworksbasedontheoutput.ShowtheIPaddressesforthesourcecomputer,destinationcomputer,androuters.
Nowlookatthecaptureddata.
source:
192.168.156.57
Destination:
115.239.210.27
Routers:
(6)analyzethefirstICMPmessage
SincetracertusesICMPmessagestotracetheroutetothedestinationcomputer,youcanuse“icmpandip.addr==192.168.x.x”asthedisplayfilerinWireSharktoonlydisplayICMPmessages,where192.168.x.xshouldbeyourcomputerIPaddress.ThenselectthefirstICMPEchoRequestmessagesentbyyourcomputer,andexpandtheInternetProtocolandICMPheadersofthepacketinthepacketdetailswindow(asIdidbelow,tooviewbetter,youcanusezooming).
Question7:
WhatisthevalueintheprotocoltypefieldofIPpacket?
Whyitisthisvalue?
WhatisthetypevalueinICMPheader?
Whatdoesitmean?
Howmanyb
- 配套讲稿:
如PPT文件的首页显示word图标,表示该PPT已包含配套word讲稿。双击word图标可打开word文档。
- 特殊限制:
部分文档作品中含有的国旗、国徽等图片,仅作为作品整体效果示例展示,禁止商用。设计者仅对作品中独创性部分享有著作权。
- 关 键 词:
- 实验 IPandTCPProtocoalAnalysiswithWireShark
链接地址:https://www.bdocx.com/doc/14930180.html