Scribd Logo
Upload

Welcome to Scribd!

  • Nguyentiendat Icmp

    Uploaded by

    Đạt Nguyễn
    2 views10 pages
    The document discusses ICMP packet fields and types. It examines ICMP echo request, reply and error packets captured in a network trace. It notes that ICMP packets do not contain source and destination ports but instead use type and code fields. An ICMP error packet contains additional fields like the original IP header and data. There is one link in a traceroute with a significantly longer delay, likely crossing between two countries.

    Original Description:

    ICMP

    Original Title

    NGUYENTIENDAT-ICMP

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    The document discusses ICMP packet fields and types. It examines ICMP echo request, reply and error packets captured in a network trace. It notes that ICMP packets do not contain source and destination ports but instead use type and code fields. An ICMP error packet contains additional fields like the original IP header and data. There is one link in a traceroute with a significantly longer delay, likely crossing between two countries.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as docx, pdf, or txt
    2 views10 pages

    Nguyentiendat Icmp

    Uploaded by

    Đạt Nguyễn
    The document discusses ICMP packet fields and types. It examines ICMP echo request, reply and error packets captured in a network trace. It notes that ICMP packets do not contain source and destination ports but instead use type and code fields. An ICMP error packet contains additional fields like the original IP header and data. There is one link in a traceroute with a significantly longer delay, likely crossing between two countries.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as docx, pdf, or txt
    of 10

    1. What is the IP address of your host? What is the IP address of the destination host?

    The IP address of my host: 192.168.1.101


    The IP address of the destination host: 143.89.14.34
    NGUYEN TIEN DAT
    CO1203
    ICMP

    1. What is the IP address of your host? What is the IP address of the destination host?

    The IP address of my host: 192.168.1.101


    The IP address of the destination host: 143.89.14.34

    Why is it that an ICMP packet does not have source and destination port numbers?
    The ICMP packet does not have source and destination port numbers because its purpose is to
    communicate network-layer information between hosts and routers (not between application
    layer processes). Moreover, the combination of “Type” and “Code” in each ICMP packet
    identifies the specific message being received
    2. Why is it that an ICMP packet does not have source and destination port numbers?

    The ICMP packet does not have source and destination port numbers because its purpose is tocommunicate
    network-layer information between hosts and routers (not between applicationlayer processes). Moreover, the
    combination of “Type” and “Code” in each ICMP packetidentifies the specific message being received

    3. Examine one of the ping request packets sent by your host. What are the ICMP type and
    codenumbers? What other fields does this ICMP packet have? How many bytes are the checksum,sequence
    number and identifier fields?

    Here, I will examine packet number 3 as the ping request packet sent by my host.
    The ICMP type is 8 (Echo (ping) request). The ICMP code number is 0
    Other fields this ICMP packet has are:
    + Checksum fields
    + Identifier fiels
    + Sequence number fields
    + Data fields
    Here, I will examine packet number 3 as the ping request packet sent by my host.
    The ICMP type is 8 (Echo (ping) request). The ICMP code number is 0.
    Other fields this ICMP packet has are:
    + Checksum fields
    + Identifier fiels
    + Sequence number fields
    + Data fields

    Each of the checksum, sequence number and identifier fields has 2 bytes.
    Checksum: 2 bytes
    Each of the checksum, sequence number and identifier fields has 2 bytes.

    Checksum: 2 bytes
    Identifier (BE): 2 bytes (Identifier (BE): 512 (0x0200))
    Identifier (BE): 2 bytes (Identifier (BE): 512 (0x0200))

    Identifier (LE): 2 bytes (Identifier (LE): 2 (0x0002))

    Sequence number (BE): 2 bytes (Sequence Number (BE): 26369 (0x6701))

    Sequence number (BE): 2 bytes (Sequence Number (BE): 26369 (0x6701))


    Sequence number (LE): 2 bytes (Sequence Number (LE): 26369 (0x6701))
    4. Examine the corresponding ping reply packet. What are the ICMP type and code numbers?What
    other fields does this ICMP packet have? How many bytes are the checksum, sequencenumber and
    identifier fields?

    5. Here, I will examine packet number 4 as the corresponding ping reply packet (reply packet of
    6. packet number 3).
    7. The corresponding ping reply packet has:
    8. + The ICMP type: 0 (Echo (ping) reply)
    9. + The code number: 0
    10. Other fields this ICMP packet has:
    11. + Checksum fields
    12. + Identifier fiels
    13. + Sequence number fields
    14. + Response time field
    15. + Data fields
    Here, I will examine packet number 4 as the corresponding ping reply packet (reply packet ofpacket number 3).

    The corresponding ping reply packet has:


    + The ICMP type: 0 (Echo (ping) reply)
    + The code number: 0

    Other fields this ICMP packet has:


    + Checksum fields
    + Identifier fiels
    + Sequence number fields
    + Response time field
    + Data fields
    Each of the checksum, sequence number and identifier fields has 2 bytes.
    Each of the checksum, sequence number and identifier fields has 2 bytes.
    Checksum => 2 bytes

    Identifier (BE): 512 (0x0200) => 2 bytes

    Identifier (LE): 2 (0x0002) => 2 bytes


    Sequence number (LE): 359 (0x0167) => 2 bytes

    Sequence number (BE): 26369 (0x6701) => 2 bytes

    5. What is the IP address of your host? What is the IP address of the target destination host?

    The IP address of your host is 192.168.1.101


    The IP address of the target destination host is 138.96.146.2
    6. If ICMP sent UDP packets instead (as in Unix/Linux), would the IP protocol number still be 01for the
    probe packets? If not, what would it be?

    If ICMP sent UDP packets instead (as in Unix/Linux), the IP protocol number would not be 01 for
    the probe packets. It would be 0x11 (17 in decimal)
    If ICMP sent UDP packets instead (as in Unix/Linux), the IP protocol number would not be 01 forthe probe
    packets. It would be 0x11 (17 in decimal)

    7. Examine the ICMP echo packet in your screenshot. Is this different from the ICMP ping querypackets
    in the first half of this lab? If yes, how so?

    Here, I will examine packet number 1 as the ICMP echo packet.

    The ICMP echo packet is not different from the ICMP ping query packets in the first half of thislab.

    It also has fields like: Type, Code, Checksum, Identifier, Sequence Number, Data. Below figure willshow these
    fields of ICMP echo packet (packet number 1):

    Recall ICMP ping query packet (packet number 3) in the first half of this lab (they have the samefields):
    8. Examine the ICMP error packet in your screenshot. It has more fields than the ICMP echopacket.
    What is included in those fields?

    Herer, I will examine packet number 2 as the ICMP error packet.


    We can see that it has more fields than the ICMP echo packet. Apart from Type,
    Code,Checksum, Unused field, the ICMP error packet also includes the IP header and the first 8 bytesof the
    original ICMP packet that the error is for.

    9. Examine the last three ICMP packets received by the source host. How are these packetsdifferent
    from the ICMP error packets? Why are they different?

    The last three ICMP reply messages are packet number 98, 100, 102 respectively.These three ICMP reply
    packets have Type 0 (Echo (ping) reply) instead of Type 11 (Time-to-liveexceeded). Because the datagrams have
    made it all the way to the destination host before theTime-to-live expired.

    The packet number 98 ICMP reply message:


    The packet number 100 ICMP reply message:

    The packet number 100 ICMP reply message:


    The packet number 102 ICMP reply message:

    Recall Type 11 ICMP error packet (TTL exceeded):

    10. Within the tracert measurements, is there a link whose delay is significantly longer thanothers?
    Refer to the screenshot in Figure 4, is there a link whose delay is significantly longerthan others? On the
    basis of the router names, can you guess the location of the two routerson the end of this link?
    From step 9 to step 10, the link is significantly longer than the other links. My guess is that the jump between
    the two countries is the reason for the increase. ll ICMP ping query packet (packet number 3) in the first half of
    this lab (they have the same
    f
    f ICMP sent UDP packets instead (as in Unix/Linux), would the IP protocol number still be 01
    for the probe packets? If not, what would it be

    You might also like