'ireshark .ab: D! *-.

+
2

Download the zip file http://gaia.cs.umass.edu/wireshark-labs/wireshark#upplement to Computer Networkin'( A Top-)own Approach, 6th ed., /.0. 1urose and 1.'. ,oss

traces.zip and extract the file http-ethereal-trace-5, which contains some D! packets carr"ing #$%! messages. &he traces in this zip file were collected b" 'ireshark running on one of the author(s computers. )nce "ou ha*e downloaded the trace, *Tell me and + ,or'et. -how me and + remem.er. +n/ol/e me and + "ou can understand.0 2hinese pro*erb load it into 'ireshark and *iew the trace using the File pull down menu, choosing Open, and 3 2445-2+4+2, /.0 1urose and 1.'. ,oss, 5ll ,ights ,eser*ed then selecting the http-ethereal-trace-5 trace file.

,ef erenc es to 6n this lab, we(ll take a 7uick look at the D! transport protocol. 5s we saw in 2hapter 8 of the text +, D! is a streamlined, no-frills protocol. 9ou ma" want to re-read section 8,8 in the text before doing this lab. :ecause D! is simple and sweet, we(ll be able to co*er it prett" 7uickl" in this lab. #o if "ou(*e another appointment to run off to in 84 minutes, no need to worr", as "ou should be able to finish this lab with ample time to spare. figures and sections are for the -th edition of our text, Computer Networks, A Top-down Approach, 6th ed., J.F. Kurose and K.W. 5t this stage, "ou should be a 'ireshark expert. &hus, we are not going to spell out the steps as oss, explicitl" as in earlier labs. 6n particular, we are not going to pro*ide example screenshots for all the steps. Addison-Wesle!"#earson, $%&$.
+

&he 5ssignment
#tart capturing packets in 'ireshark and then do something that will cause "our host to send and recei*e se*eral D! packets. 6t(s also likel" that ;ust b" doing nothing <except capturing packets *ia 'ireshark= that some D! packets sent b" others will appear in "our trace. 6n particular, the #imple $etwork %anagement !rotocol <#$%! -chapter > in the text= sends #$%! messages inside of D!, so it(s likel" that "ou(ll find some #$%! messages <and therefore D! packets= in "our trace.

5fter stopping packet capture, set "our packet filter so that 'ireshark onl" displa"s the D! packets sent and recei*ed at "our host. !ick one of these D! packets and expand the D! fields in the details window. 6f "ou are unable to find D! packets or are unable to run 'ireshark on a li*e network connection, "ou can download a packet trace containing some D! packets. 2

'hene*er possible, when answering a 7uestion below, "ou should hand in a printout of the packet<s= within the trace that "ou used to answer the 7uestion asked. 5nnotate the printout 8 to explain "our answer. &o print a packet, use File-1#rint, choose -elected packet onl!, choose #acket summar! line, and select the minimum amount of packet detail that "ou need to answer the 7uestion. 'hat do we mean b" ?annotate@A 6f "ou hand in a paper cop", please highlight where in the printout "ou(*e found the +. #elect one D! packet from "our trace. 0rom this packet, determine how man" fields there answer and are in the D! header. <9ou shouldn(t look in the textbookC 5nswer these 7uestions directl" some add from what "ou obser*e in the packet trace.= $ame these fields. text 2. :" consulting the displa"ed information in 'ireshark(s packet content field for this packet, determine the length <in b"tes= of each of the D! header fields. 8. &he *alue in the .ength field is the length of whatA <9ou can consult the text for this answer=. Derif" "our claim with "our captured D! packet. E. 'hat is the maximum number of b"tes that can be included in a D! pa"loadA <Fint: the answer to this 7uestion can be determined b" "our answer to 2. abo*e= 5. 'hat is the largest possible source port numberA <Fint: see the hint in E.= -. 'hat is the protocol number for D!A Gi*e "our answer in both hexadecimal and decimal notation. &o answer this 7uestion, "ou(ll need to look into the !rotocol field of the 6! datagram containing this D! segment <see 0igure E.+8 in the text, and the discussion of 6! header fields=. H. Ixamine a pair of D! packets in which "our host sends the first D! packet and the second D! packet is a repl" to this first D! packet. <Fint: for a second packet to be sent in response to a first packet, the sender of the first packet should be the destination of the second packet=. Describe the relationship between the port numbers in the two packets. <preferabl" with a colored pen= noting what "ou found in what "ou B*e highlight. 6f "ou hand in an electronic cop", it would be great if "ou could also highlight and annotate.
8