CS 6390 - Advanced Computer Networks
Homework Assignment #3
Due on November 27,  2011, 11:30pm.

 

Assignment Details

The goal of the assignment is to examine real protocols in use and understand the communication that takes place in a network by examining the bits that flow across a network segment.

For this assignment you will use  Wireshark tool which is available on the web for Windows and Linux machines. First save this file into your home directory. The file includes the packets that we captured from the network and you will use wireshark to analyze the content of this file.

Using Wireshark: This is a GUI based tool that you can download from the web and run on your XP and/or Linux machine. Once you start Wireshark, just go to File->Open menu to open the above given wireshark_src file and work with it. Wireshark has many options that are preconfigured and aims at helping the user with some common things. One of them is to use relative sequence and ACK numbers for TCP. In this assignment, you SHOULD NOT use these options. To unselect these options, go to Edit -> Preferences from the menu. In the Preferences window, select Protocols and go down to find TCP. The tool will display several options and you should UNSELECT "Relative sequence numbers and window scaling" box on the options.

It is important to realize that while we have gone over a number of protocols you will see, we will not necessarily have gone over everything. You will have to use the class textbook and online sites as references to research the details of some of these protocols. I will also try to provide some in-class time to answer questions so be prepared to ask questions when the time comes.

This assignment will be graded based on your ability to communicate that you understand everything about the packet trace. For this, you are expected to provide correct answers for the following questions. Please note that there are over 200 packets in the trace file and for some packets, you can group them in answering the questions (Ex: packets 10-40 are part of a traceroute from host1 to host2).

• How many total packets are in the trace file?
• What protocols (at each layer of the Internet stack) are seen at least once somewhere in the trace?
• What are the contents and function of each packet (I do realize that this is a tedious work to do but it is quite a valuable experience for understanding all the details, especially for TCP. In this part, you need to provide information for application layer and transport layer protocol interactions when applicable. As an example, if you see a TCP connection, I need you to clearly indicate the packets used in 3-way handshake,  packets used in connection teardown clearly indicating which packet is a connection close request and which one is the response, etc. However for the packets that are not connection establishment or connection teardown packets, you can just combine them and summarize their function. As an example you can say something like: packets 100-150 are TCP data exchange packets for the TCP connection between A and B.)
• What Link/MAC layer addresses are seen in the trace? Who these MAC addresses belong to (clearly indicate the owner's identity)
• What transport-layer port numbers do you see? Are any of them reserved? Which ones and what services are they reserved for? How are the others chosen, explain briefly?
• What different IP `next protocol' values can be seen what does each mean?
• Does IP fragmentation ever occur?
• Why would some packets have the ``Don't fragment" bit set?  Your answer should be specific to this trace, if applicable.
• What are the ranges of sequence numbers in each TCP flow? Clearly indicate them and the TCP flows they correspond to.
• What are the ranges of acknowledgment numbers in each TCP flow? Clearly indicate them and the TCP flows they correspond to.
• In any of the TCP connections, what is the window size? Does it ever change during the connection?
• After answering the above questions and understanding what is going on in the trace, create a description of the session, what it does, what commands were probably executed by the target host during the trace. Using this set of commands, create a timeline about the order of execution and then fill in details about what happened in the trace and when.

 

Assignment Turnin

Please turn in a soft copy of your assignment via eLearning. Good luck.