ECEN4533 Homework Problem (20 points,
due 2 May 2008.
Purpose: To (slightly) familiarize the student with some tools used in
network troubleshooting.
Procedure:
On your home PC...
*Find Dr. Scheets' personal home page.
*Scroll down to "THE SCIENCE AND ENGINEERING
EXPERIENCE".
*Click on one of the following links:
Bridge Building 101
Museum of Unworkable Devices
Welcome Mat
Annuals of Improbable Research
Ig Noble Prizes
Museum of Retro Technology (then click on an article)
The Null Hypothesis (then click on an article)
*Claim this link by emailing Dr. Scheets, who will
turn around and notify the class as each site is claimed. Each
student must use a different link.
*From the command line of your home PC, execute a
trace route (tracert xxx) to the claimed web site. If you get two
"request timed out" notifications in a row, you've probably hit a
destination firewall which will block further progress. Hit the
"control" and "c" buttons simultaneously to terminate the trace
route. Save this file to a text document such as Microsoft
Word. To load this into the copy buffer, right click on some
text, click "mark", highlight the entire file, then hit your keyboard's
carriage return. You should then be able to paste the file.
*Identify the listed owners of all unnamed routers
traversed. Sites such as www.arin.net or openrbl.org can provide
such info.
*As best you can, from the trace route, identify the
cities traversed.
*Using Wireshark, capture the downloading of a
web page from this site.
-Fire up Wireshark, click on "Capture",
"Interfaces", then click the "Start" button on the interface with an
Ethernet NIC. You need to have administrator privileges to see
these.
-Hit the reload button on your web browser.
When the reload is completed, shut down the Wireshark capture process
by clicking on "Capture", "Stop".
-Save your capture file.
-Depending on your firewall settings, whether or not
you're using a home router, and the type of protocol you're attached to
the Internet with, you may or may not capture traffic that is not
addressed to your computer.
Verify the packets shown have either the source or
destination IP addresses for your computer. Your IP address can
be found by typing "ipconfig/all" or just "ipconfig" on the command
line or poking around Wireshark. If other addresses are on the
line, in the "filter" box on Wireshark (3rd row from the top) type
"ip.addr eq x.x.x.x" without the quotes. The x.x.x.x should be
your PC's IP address in dotted decimal format. The box will turn
green when everything is correct. Click "apply". This will
hide the other packets and allow you to focus on the web page down load.
-Identify and record the numbers of the
captured packets containing TCP's three way handshake that opened the
initial logical link from your PC to the server. Record the
server & PC advertised window sizes. Identify and record the
advertised Maximum Segment Sizes.
-Within a packet, identify a portion of text that is
printed on the web page. This is easiest to do if you click on
the magnifying glass on the 2nd row of Wireshark, click on "string",
type in 1-2 words in the filter line, the click "Find". Dig down
into the packet highlighted and verify you've got the text that matches
your web page screen. Record the packet number.
Identify the ACK associated with this particular
packet, and the round trip time. You can find these by digging
into the TCP header.
-Execute a screen capture (simultaneously press
"alt" and "print screen") of the web page in question. Paste it
into Microsoft Paint, Word, or Power Point, or some other program and
save the file.
-Using Wireshark and tools such as...
Analyze: Follow TCP Stream, Expert Info
Statistics: Summary, Conversations, Destinations
or others, answer the following questions.
(1) Were there any packets lost or received out of
order in your web page down load?
(2) Was Fast Retransmission used? If so, how
many times.
(3) How many servers provided data for this web page
display?
Turn in:
(1) Trace route listing
(2) List of owners for each router traversed, and
your best guess of the cities traveled by packets moving between your
PC and the server.
(3) Wireshark capture file.
(4) Packet numbers where the initial TCP 3-way
handshake occurred, and where your selected portion of the web page
text is located. Answers to the three questions above.
(5) Screen capture of the web page in (4)
above. Somewhere you need to note your selected text.
Feel free to contact Dr. Scheets or a class mate if you're having
trouble.
<<<<<>>>>>