Design and Performance Evaluation of TLC Networks -- 2007
Professor Nelson Fonseca
Objective: learn to use basic tools that give information and statistics about network in a Unix-like system, and interpret a real network trace to understand the involved steps during the connection establishment to a Internet server.
Obs.1: the tools are programs which run in the command shell.
Obs.2: excepting the questions 12 to 18, the command output must be included in the answer.
Obs.3: include into the PATH environment variable, the directories /usr/bin:/bin:/usr/sbin:/sbin. The command bellow can be used to this inclusion:
export PATH=/usr/bin:/bin:/usr/sbin:/sbin:${PATH}
Questions:
ping:
is used to check connectivity to a host (to check if a host operating and
network connections are intact). A small packet is sent through the network
to a particular IP address. The host that sent the packet then waits (or
'listens') for a return packet. If the connections are good and the target
host is up, a good return packet will be received. The ping can also measure
the round trip time of a packet. It sends and receives packets with messages
of the ICMP network layer protocol.
1-) Answer the following questions (In these questions you will run the
ping -c 10 command):
1.1-) What is the function of the -c parameter? What are the
minimum, average and maximum RTT from your station to the University of
Trento web server (www.unitn.it)?
1.2-) What are the minimum, average and maximum RTT from your station to the
State University of Campinas web server (www.unicamp.br)? Are these times
lower or higher than times obtained in the previous question? Why?
1.3-) Is the host www.lrc.ic.unicamp.br reachable by ping?
Is the web site at the host accessible (http://www.lrc.ic.unicamp.br)? By
the observed in these questions, is the ping a trustable
tool to verify the host availability in the Internet?
ifconfig:
is used to assign an address to a network interface and to configure or
display the current network interface configuration information. If a single
interface argument is given, it displays the status of the given interface
only.
route:
displays and manipulates the kernel routing table.
2-) Run the ifconfig command and answer: What are the IP
addresses of your station? What are the network interfaces? How many bytes
were sent and received by each interface?
nslookup:
is used to find out the corresponding IP address of a host name by
contacting Internet Domain Name Servers. It also does reverse name lookup
and find the host name for an specified IP address. It sends and receives
packets with messages of the DNS application layer protocol.
5-) Answer the following questions (In these questions you will run the
nslookup command):
5.2-) What are the IP addresses of the host www.google.com? Is there any
advantage to a host name have more than one IP address? What is the
configured DNS server at your station?
5.3-) What is the name associated to IP address 127.0.0.1? What is special
in this address?
traceroute:
traces the route that an IP packet follows from your station to another
Internet host. Along the way it gives an understanding of how networks
inter-connect. It sends and receives packets with messages of the ICMP
network layer protocol.
6-) Answer the following questions (In these questions you will run the
traceroute command):
6.1-) How many hops are between your station and the host www.google.com?
By looking the host names of the hosts, how many are located in Italy?
6.2-) How many hops are between your station and the host www.unicamp.br?
How many hops are common with the route of the previous question?
6.3-) How many hops are between your station and the host home.pl? Is the
reverse route made by the same hops used in the normal route? (Check the
reverse route at http://home.pl/test).
6.4-) By looking the RTT values at the command output in question 6.2, do the
packets reach transatlantic links at which hop?
netstat:
allows to print the various data related to the network configuration of a
station, including the active connections.
7-) Answer the following questions (In these questions you will run the
netstat command):
7.1-) Access the University of Trento site and in parallel verify the output
of the netstat command. What are the informations provided
by netstat about the connection to the site?
7.2-) Besides the connection made in the previous question, are there more
connections made by your station? What is the transport protocol,
destination IP address and destination port of these connections?
7.3-) Is there any rule to define the ports used by your station during the
accesses to web servers? (Access 5 different sites and verify the
netstat output)
telnet:
is used to connect from one host to another (remote login) via the Internet
network. By default, it sends and receives packets with messages of the
TELNET application layer protocol.
8-) Answer the following questions (In these questions you will run the
telnet command):
8.1-) Which port is used by HTTP? Is it possible connect to a web server
using telnet? How do you run the telnet in order to connect to the default
HTTP port at host www.google.com? How do you finish a connection via
telnet?
8.2-) What happens if there isn't a process at the server listening in the
port accessed by telnet? Is it possible connect to default
HTTP port at host localhost? What is missing at host localhost to it accept
connections in default HTTP port?
9-) Use telnet in order to connect to the
default HTTP port at host www.ic.unicamp.br. After the establishment of
the connection, answer the following questions:
9.1-) The GET / HTTP 1.0 command, typed inside of the
telnet session, and followed by two ENTER (Line Break), get a
.html file like a web browser. Run this command. After the server reply,
answer: What is the reply size? What is the Content Type of the
server reply? What is the HTTP protocol version used by server?
9.2-) As in the previous question, connect to the default HTTP port at host
www.ic.unicamp.br, but this time send the HEAD / HTTP
1.1 command to the web server. What is the server reply? Based in the
reply, how do you define the function of the HEAD
command?
10-) Use telnet in order to connect to the
default SMTP port at host 143.106.7.163. After the establishment of
connection, answer the following questions:
10.1-) What is the server identification?
10.2-) What is the name of the software listening at server in the default
SMTP port?
10.3-) Simulate the behaviour of an email client running the following
commands inside the telnet session (Replace the strings
"REPLY" with the server replies):
helo 143.106.7.163 REPLY mail from: your_email_address REPLY rcpt to: daniel@lrc.ic.unicamp.br REPLY data REPLY This message is the answer to the question 10.3. My name is your_name_here. . REPLY quit REPLY10.4-) As in the previous question, connect to the default SMTP port at host 143.106.7.163, but this time attribute the subject "Question 10.4 your_name_here" to the message. (Hint: some special fields of the emails are identified inside the "data" area by the delimiter : ).
arp:
is used to view and manipulate the ARP cache contents. The ARP protocol
typically maintains a cache of IP-to-Ethernet address translation pairs on
your computer.
11-) Run the arp -v command. The command output will show
all the IP addresses from your local network of which the MAC (Ethernet)
addresses are known by your station. After the command execution, answer
the following questions:
11.1-) Is there any IP address from your local network missing in the ARP
cache? (Ask your classmates the IP address of their stations) Choose one
address missing in the ARP cache and send five ICMP packets by
ping command to it. After the ping, run the
arp -v command again. In this time, is the chosen IP address
in the ARP cache? Why?
11.2-) Access some web server out of the University. After the complete
loading of the site stored at web server run the arp
-v command. Did the ARP cache change? Is the MAC address of the web server
in the ARP cache? Why?
11.3-) What is the MAC address of the default gateway?
Network trace: Real network traces can be useful to
understand the protocols behaviour in the real world and to evaluate
simulators with real loads. At http://www.lrc.ic.unicamp.br/~daniel/trento/captura-simples.txt
there is a trace of frames which passed through a Ethernet segment during an
HTTP access. Each line of this trace describes the details about one frame
and has six columns: frame identifier, capture time (relative to the capture
start), source IP address, destination IP address, protocol from the higher
layer detected in the frame and informations about this protocol. At http://www.lrc.ic.unicamp.br/~daniel/trento/captura.txt,
there is another trace with more details (frame size, MAC addresses, etc...)
about the frames from the first trace. Open the two traces and answer the
following questions:
12-) What is the HTTP server name?
13-) What is the IP address of the client which accessed the HTTP server?
14-) What are the frames containing the TCP 3-way handshake in the connection
establishment of the HTTP access?
15-) What is the protocol used before the connection establishment? What is
the objective of this protocol?
16-) Besides the HTTP access, two more activities can be noted on the
network. What are these activities?
17-) What is the DNS server configured at the client which accessed the HTTP
server?
18-) What is the MAC address of the default router configured at the client?