COMPUTER NETWORKS

profileDamansandhu
Lab32.pdf
Home>Computer Science homework help>COMPUTER NETWORKS

Lab Assignment 3 COMP 3270-01 Computer Networks Fall 2017

Protocol Header Analysis

Objective:

• Understand the format of standard frames and packet headers.

1 Overview

Refer to the following layered architecture of the Internet protocol stack.

Figure 1: Layered architecture

In this lab assignment, you will be asked to interpret the encapsulated headers of captured Ethernet frames.

2 Background Material

2.1 Ethernet Frame

Figure 2 shows the format of Ethernet frames sent and received by the data link (MAC) layer. The preamble bits are not shown. If a frame is received without bit errors, the “Data” portion is passed on to the upper layer (network layer).

Figure 2: MAC layer frame format

1

Lab Assignment 3 COMP 3270-01 Computer Networks Fall 2017

2.2 IP/TCP/UDP Header

The IP protocol is defined in RFC 791 (RFC: Request for Comment), and a summary of the IP header is given in Figure 3. The number on the top is the bit number and each row is fourbyte long. Figures 4 and 5 show the format of the headers of TCP and UDP, respectively. They are defined in RFC 793 and RFC 768, respectively. All the RFCs can be found at http://www.ietf.org/rfc.html. The numbers on top again represent the bit number and each row is four-byte (32-bits) long. You will also need to refer to the ICMP protocol (RFC 792) and tell us what is the highest protocol (e.g., FTP, HTTP, etc.).

Figure 3: Example Internet Datagram Header

Figure 4: TCP Header Format

2.3 Protocol Header Analysis

The analysis of a sample MAC frame is being shown below.

2

Lab Assignment 3 COMP 3270-01 Computer Networks Fall 2017

Figure 5: UDP Header Format

3

Lab Assignment 3 COMP 3270-01 Computer Networks Fall 2017

4

Lab Assignment 3 COMP 3270-01 Computer Networks Fall 2017

3 Capture and Analysis

In this assignment, you will use Wireshark to analyze one TCP frame. The following steps show you how to capture a TCP frame.

(1) First, install the Wireshark on your own computer.

(2) Use Wireshark to capture TCP frames: Turn off any network-intensive programs you may already have running. Then, tell Wireshark to start capturing frames on the active network interface. Then, you should do something that will cause your host (computer) to send and receive several TCP frames. After you see a few TCP packets in your capture window, stop capture before you have a massive file!

(3) Set your packet filter so that Wireshark only displays TCP frames sent and received at your host.

Pick one of these TCP frames. Using the example given in section 2.3 as a template, parse the frame in a human readable format and comment. For example, write an IP address in the dotted decimal notation and header length as a positive integer. Also, color (or, underline) the different parts of the frames to indicate their layers: 2, 3, 4, or application data and indicate the name of the highest layer protocol. Submit your report (one single PDF file) on Moodle.

5