CS 4390/5390 - Computer Networks
Homework Assignment #4
Due on August 2, 2009, 11:30pm.
The goal of the assignment is to examine real protocols in use and understand the communication that takes place in a network by examining the bits that flow across a network segment. I
collected a number of packets that are generated by running some network application between my desktop PC and some remote computers and put these packets into a file. The file is available at
http://www.utdallas.edu/~kxs028100/cn/Homeworks/HW4.ethereal. You should first download this file and save it on your disk. This file
contains the data that you will open and read with a network analyzer (Wireshark) and investigate.
Using Wireshark: This is a GUI based tool that you can download from the web and run on
your Windows and/or Linux machine. Once you start Wireshark, just go to File->Open menu to open the above given HW4.ethereal file and work with it. Wireshark has many options that are preconfigured and aims
at helping the user with some common things. One of them is to use relative sequence and ACK numbers for TCP. In this assignment, you SHOULD NOT use these options. To unselect these options, go to Edit
-> Preferences from the menu. In the Preferences window, select Protocols and go down to find TCP. The tool will display several options and you should UNSELECT "Relative sequence numbers and window scaling"
box on the options.
It is important to realize that while we have gone over a most of protocols you will see, there may be some new stuff that you may encounter. You will have to use the class textbook and
online sites as references to research the details of some of these. I will also try to provide some in-class time to answer questions so be prepared to ask questions when the time comes.
will be graded based on your ability to communicate that you understand everything about the packet trace. For this, you are expected to provide correct answers for the following questions:
- How many total packets are in the trace file?
- What protocols (at each layer of the Internet stack) are seen at least once somewhere in the trace?
- What are the contents and function of each packet (I do realize that this is a tedious work to do but it is quite a valuable experience for understanding all the details, especially
for TCP. In this part, you need to provide information for application layer and transport layer protocol interactions when applicable. As an example, if you see a TCP connection, I need you to clearly
indicate the packets used in 3-way handshake, packets used in connection teardown clearly indicating which packet is a connection close request and which one is the response, etc. However for the packets
that are not connection establishment or connection teardown packets, you can just combine them and summarize their function. As an example you can say something like: packets 100-150 are TCP data exchange
packets for the TCP connection between A and B.)
- What Link/MAC layer addresses are seen in the trace? Which machines these MAC addresses belong to (note that I am not asking the producer of the card but the computer that this card
- What IP addresses are seen in the trace?
- What transport-layer port numbers do you see? Are any of them reserved? Which ones and what services are they reserved for? How are the others chosen, explain briefly?
- What different IP 'upper layer protocol' values can be seen what does each mean?
- Does IP fragmentation ever occur?
- What are the ranges of sequence numbers in each TCP flow? Clearly indicate them and the TCP flows they correspond to.
- What are the ranges of acknowledgment numbers in each TCP flow? Clearly indicate them and the TCP flows they correspond to.
- After answering the above questions and understanding what is going on in the trace, create a description of the session, what it does, what commands were probably executed by the
target host during the trace. Using this set of commands, create a timeline about the order of execution and then fill in details about what happened in the trace and when.
Please turn in a soft copy of your assignment via WebCT6. Good luck.