1. What is routing? And list some of the routing protocols.
Routing is the process of determining path through which a message travels from the sending computer to the receiving computer. In some network there could be a lot of paths available from the sender to receiver (e.g. Internet) in others there could be a very few options available however someone needs to make the decision of routing.
Routing protocol used inside an autonomous system are called interior routing protocol. Routing protocol used between autonomous systems are called exterior routing protocol.
There are five commonly used routing protocol :
#.RIP-Routing information protocol
#.BGP-Border Gateway Protocol
#.ICMP-Internet control message protocol
#.IS-IS- Intermediate system to Intermediate system protocol
#.OSPF-Open shortest path first.
2. How does decentralized routing differ from centralized routing?
There are two types of routing available :
# Centralized and De-centralized
Decentralized could be divided into two :
Static and Dynamic.
Centralized routing - In this process of routing, a centralized computer makes all the routing decisions. This mostly takes place in host base networks. All the computers are connected to this central computer. When a message needs to be routed, the message gets sent to the central computer which re transmits the message to the adequate circuit to the destination.
Static Routing:
Individual computers make their own routing decision based on the routing table. The routing table gets set by the network manager who shares the information. This is what happens in WAN and MAN. For LAN and BN the committee or network manager as an individual makes the routing decision. This routing system is pretty self adjusting. If it finds any computer as non responding one, it updates the respective routing table by keeping that path as a deactivated one.
Dynamic Routing:
This Routing system is mainly used where there are more than one routing option available in the notwork. Using dynamic routing methodology the best route gets chosen for sending and receiving messages by avoiding busy networks and computers. Initially the router table gets set by the network manager, however afterwords it gets changed or updated depending on the networks variable conditions.
There are two types of Dynamic routing which are as follows :
# Distance vector Dynamic routing
# Link state Dynamic routing
3. What is a session? In relation to data communications.
A session is a semi permanent interactive information interchange. Often to exchange data a Session is required between computers over the network. Sessions could be connection based and connectionless.
4. What is Quality of Service routing and why is it useful?
5. Compare and contrast unicast, broadcast, and multicast messages.
6. Explain how multicasting works and reasons for using multicasting?
7. Explain how the client computer in Figure 5.14 would obtain the data link layer address of its subnet gateway.
When a computer is installed on a TCP/IP network (or dials into a TCP/IP network), it knowsthe IP address of its subnet gateway. This information can be provided by a configuration file or via a bootp or DHCP server. However, the computer does not know the subnet gateway’sEthernet address (data link layer address). Therefore, TCP would broadcast an ARP request toall computers on its subnet, requesting that the computer whose IP address is 128.192.98.1 torespond with its Ethernet address.All computers on the subnet would process this request, but only the subnet gateway would respond with an ARP packet giving its Ethernet address. The network layer software on theclient would then store this address in its data link layer address table.
Ref
8. Explain why HTTP protocol uses the transport layer protocol TCP and why the DNS server uses the transport layer protocol UDP?
9. How does static routing differ from dynamic routing? When would you use static routing? When would you use dynamic routing?
10. What is the transmission efficiency of a 10-byte Web request sent using HTTP, TCP/IP, and Ethernet? Assume the HTTP packet has 100 bytes in addition to the 10-byte URL. Hint: Remember from Chapter 4 that efficiency = user data/total transmission size.
Data = 10 Byte
Total Transmission size = 192 Bytes
Efficiency = User data / Total Transmission size = 10/192 = 0.05
11. What is the transmission efficiency of a 1000 byte file sent in response to a web request HTTP, TCP/IP, and Ethernet? Assume the HTTP packet has 100 bytes in addition to the 1000-byte file. Hint: Remember from Chapter 4, that efficiency = user data / total transmission size.
12. What is the transmission efficiency of a 5000 byte file sent in response to a web request HTTP, TCP/IP, and Ethernet? Assume the HTTP packet has 100 bytes in addition to the 5000-byte file. Assume that the maximum packet size is 1200 bytes Hint:
############################################################################
****************************************************************************
############################################################################
Tutorial Questions :
FIT5135: Tutorial 5 in Week 6 - V1.2
Instructions
1. Form groups of 3 students to perform this week’s exercises.
2. Activities in this tutorial are based on material from, Topic Notes – Network and Transport Layers and chapter 5 of prescribed textbook
Part 1: Using Windows Network Commands
In this exercise we will be using a number of commands available in your windows operating system. We will be following the “Hands-on-activities” from the pages 188-194 of the prescribed textbook. If you do not have a textbook you can download the required pages from Moodle week 6.
You must open a Command Window to use the network commands.
1. IPCONFIG: Reading your computer’s network settings
a. Display the network settings, type ipconfig /all
done
b. What is the ip address of your PC?
IPV4 Address 118.138.160.207
c. What subnet is the PC in?
255.255.254.0
d. How many DNS Servers are there?
130.194.1.99
130.194.7.99
e. What does a DNS Server do?
Find domain names
f. What does a DHCP Server do?
Dynamic Host Configuration Protocol assigns IP address to the computers in a network.
g. At what time does the Lease of the IP address expire?
Tuesday 8th april 2014 2:16:20 PM
h. What is the IP address of your PC’s default gateway?
118.138.161.254
i. What is the purpose of the default gateway?
In computer networking, a gateway is a node (a router) on a TCP/IP network that serves as an access point to another network. A default gateway is the node on the computer network that the network software uses when an IP address does not match any other routes in the routing table
2. ARP: Reading the physical and IP address mappings
a. Display the ARP table, type arp -a
done
b. What is the physical address of your PC’s default gateway?
00-00-0c-9f-f0-04
3. NSLOOKUP: Finding the IP address of a Web Server
a. Find IP address of www.google.com, type nslookup www.google.com
74.125.237.183
74.125.237.184
74.125.237.191
b. Find IP address of the web you are accessing in assignment 1
www.navy.gov.au 130.194.1.99
non authorative answer 103.11.78.154
4. DNS Cache: A record of the sites you have visited
a. Use IE Browser to visit the websites: www.cisco.com, www.racv.com.au, www.commbank.com.au
b. Save your DNS cache to a text file, type ipconfig /displaydns > dnscache.txt
done
c. The file will be saved in c:\users\
done
d. Open text file with Notepad and check the entries for the web sites you have visited
done
5. TRACERT: Finding routes through Internet
a. Trace the route to each of these web sites:
i. type tracert www.monash.edu.au
ii. type tracert www.cisco.com
b. For each site, if trace completed, type the last IP address into IE browser, what happens?
for monash it takes to the website however for the cisco one the last website doesnt work
2-2
Part 2: Protocols Analysis using Wireshark
This exercise aims to:
Examine captured packet trace files that demonstrate basic features of selected protocols: 3-way TCP handshake, ARP, DNS, DHCP and PING
(Extracted from "TCP/IP Analysis and Troubleshooting" by Laura A Chappell. Protocol Analysis Institute).
Download five files WSHxxx.cap from the Moodle Week 6 folder
i. 1. TCP Handshake
Run Wireshark on WSHtcpshake.cap
This trace shows the three-way handshake process used to establish a TCP connection.
a. In this trace, the source (130.57.20.10) sends a SYN (synchronize sequence number) request to the destination (130.57.20.1).
The second segment is the reply that contains a SYN request (since both sides maintain separate sequence numbers) with an ACK.
The final packet is the ACK that finishes up the process.
b. One interesting area to examine is the MSS (maximum segment size) negotiation that takes place in the first and second segments of the handshake process. Each side of this connection offers an MSS value of 1460 bytes. Where did that come from?
Well.... 1460 bytes + 20 bytes typical TCP header length + 20 bytes typical IP header length + 18 bytes Ethernet header and CRC = 1518 bytes. That is the maximum allowable packet size on an Ethernet network.
c. Can you tell what application has prompted this handshake process to occur? Do you recognize port value 524? (Basic port value list. A more complete list is available from www.iana.org).
NCP - Network core protocol
2-3
ii. 2. Basic ARP
Run Wireshark on WSHarp1.cap
These two frames show the basic ARP (Address Resolution Process) that enables one IP device to obtain the MAC (media access control) address of another local device. The MAC address is required to build the Ethernet frame and header for IP packets going from one local device to another local device.
a. In this example, you will notice that ARP packets do not have an IP header – ARP is actually protocol independent. The Ethernet type field value for ARP communications is 0x0806 (whereas IP packets use 0x0800).
b. Inside the ARP request, you'll notice that the target hardware address field is filled out with all 1s (0xFFFFFFFFFFFF). This is an indication that the source does not know the hardware address for 10.0.0.99 (the target's IP address).
c. In the reply, the source and target devices are now reversed with 10.0.0.99 being the source of the reply. The desired MAC address is seen in the reply.
iii. 3. DNS Configuration Fault
Run Wireshark on WSHdnsfault.cap
Assume the following:
i. The subnet mask is 255.0.0.0
ii. Three DNS servers are configured for the Client
This trace contains 9 packets that show what happens when DNS configurations are done improperly.
a. In this case, we can see in packets 1 and 2, the client (10.0.0.99) is ARPing for two devices that never answer. Those were the client's first choices as DNS servers, but they are not up currently.
b. In packet 3, we can see the client make a DNS query to 10.0.0.1.
c. The reply (ICMP port unreachable) indicates that the desired port number (53) is not in use at the destination -- 10.0.0.1 does not have the DNS server daemon loaded.
d. The client tries again to ARP for the first two DNS queries, but again receives no answer.
e. Then it tries again on 10.0.0.1 and gets rejected with the ICMP port unreachable message.
2-4
iv. 4. DHCP Bootup Sequence
Run Wireshark on WSHdhcpboot.cap
This trace depicts the typical four-packet startup sequence of a DHCP client.
a. The DHCP Discovery (sent to the broadcast address) indicates that this client last used
10.0.99.2 as its address (see 'Request Specific IP Address' in the trace file). You will also notice that the Discovery packet came from source IP address 0.0.0.0.
b. The offered address is 10.0.99.2 -- this packet is sent directly to the clients known hardware address and the assumed IP address (this won't conflict with any duplicate IP address yet, because it was directed to the correct host at the data link layer).
c. When the client sends the DHCP Request packet (packet #3), look at the source and destination addresses – the client does not assume anything yet.
d. Finally, the server ACKs the client and provides the desired information regarding default gateway server IP address, subnet mask, lease time, DNS server and DNS domain.
v. 5. Simple PING
A simple ping from one device (10.0.0.1) to another device (10.0.99.2) on the same network.
Run Wireshark on WSHping1.cap
a. Ping uses ICMP type 8 (echo) and type 0 (echo reply) packets.
b. This ping was executed on a server. Notice the matching identifiers in the ICMP header.
c. Do the captured packets comply with typical ICMP echo request/reply traffic? Look for the protocol specifications for ICMP. What do the specifications say about the size of echo request/reply messages?
2-5
vii. 6. For General Discussion, comment on the implications of using packet capture and protocol analyzer tools on the public Internet.
a. What are the implications of using a hub as against using a switch?
b. Should packet capture be allowed to anyone, or the operators of, a public Internet cafe that uses a hub?
c. How does the potential for unauthorized Internet eavesdropping affect the responsibilities of application developers?
d. What options are available to application developers and network designers in order to mitigate the risks of unauthorized eavesdropping?
e. What network standards would be useful in mitigating such risks?
2-6
True location fig for networking and routing
