1 Lab 3 Transport Layer T.A. Youngjoo Han. 2 Transport Layer Providing logical communication b/w...
-
Upload
elvin-summers -
Category
Documents
-
view
215 -
download
0
Transcript of 1 Lab 3 Transport Layer T.A. Youngjoo Han. 2 Transport Layer Providing logical communication b/w...
1
Lab 3Transport Layer
T.A. Youngjoo Han
2
Transport Layer
Providing logical communication b/w application processes running on different hosts
Transport Layer Protocol TCP UDP
3
Objectives
Understanding role of transport layer
How to utilize toolkits to identify the TCP operation and performance measurement of underlying networks
4
Preparation for LAB 3 Wireshark is a network protocol analyzer for UNIX and Windows. We use
this tool in this LAB 3 Before installing Wireshark, we must install WinPcap. WinPcap is a library
for capturing packets and loock network status. WinPcap can be downloaded from the following site.
http://www.winpcap.org/install/default.htm
We also can download Wireshark from
http://sourceforge.net/projects/wireshark/files/win32/all-versions/wireshark-win32-1.6.2.exe/download
We also can download Wireshark User’s guide on
http://www.wireshark.org/download/docs/user-guide-a4.pdf
5
Starting Wireshark (1)
6
Starting Wireshark (2) Identifying TCP operation with Wireshark After starting Wireshark, you can find a button
which is in above red box. Click the button.
7
Starting Wireshark (3)Wireshark Capture Options
You don’t need to select Interface here. You can select Interface when running packet capture. See p10 of this ppt
“Promiscuous” means that receiving all the packet in all network related on this computer
Pcap-ng format is “PCAP Next Generation Dump File Format”. But we don’t deal with dump file in this lab.
8
Starting Wireshark (4) Update list of packets in real time This option allows you to specify that
Wireshark should update the packet list in real time. If you do not specify this, Wireshark does not display any packets until you stop the capture
Automatic scrolling in live capture This option allows you to specify that
Wireshare should scroll the packet list as new packets come in, so you are always looking at the last packet
Hide capture info dialog If this option is checked, the capture info
dialog will be hidden
Enable MAC name resolution This option allows you to control whether
or not Wireshark translates MAC address into names
Enable network name resolution This option allows you to control whether
or not Wireshark translates network address into names
Enable transport name resolution This option allows you to control whether
or not Wireshark translates transport address into names
Wireshark Capture Options (Cont.)
9
Starting Wireshark (5) Complete the following configuration as shown for this lab.
Check “Enable MAC name resolution” and “Enable transport name resolution”
10
Starting Wireshark (6)
Click the start button where finding packets increasing
Click the button to run
11
Starting Wireshark (7) After configuration, we can see the results.
• No. The number of the packet in the capture file.
• Time The timestamp of the packet.
• Source The address where this packet is coming from.
• Destination The address where this packet is going to.
• Protocol The protocol name in a short version.
• Info Additional information about the packet content
You can see the current packet in a more detailed form
You can see the data of the current packet in a hexdump style
12
TCP MEASURE USING APPLICATION
13
Lab 3 – Prerequisite (1) Let’s measure packets between 143.248.6.69 and your
computer
Prerequisite step for Lab 3I. Start Wireshark
II. Run to capture packets in Wireshark
III. Visit http://ancl.kaist.ac.kr/?page_id=402
IV. Download installer_r16-windows.exe
V. After finishing download, stop running
VI. You can see the result
VII. Then, enter “tcp” on Filter box in Wireshark like
VIII. Finally, you can see the result with only tcp like the figure in next page
14
Lab 3 – Prerequisite (2)
15
HOW TO TCP WORKS
*figures in following pages are based on the figure in previous page, Lab 3 – Prerequisite (2)
*143.248.6.69 is our homepage server
* 143.248.6.7 is TA’s computer
16
Lab 3-1 Understanding TCP Three-way Handshaking
(1) How to check TCP Three-way Handshaking?
TCP connections are established with a set of three messages called the three-way handshaking. This is for reliable and connection-oriented communication between server and client. Three-way handshaking follows these steps
First, client sends SYN packet to server. This segment requests the establishment of the connection.
Second, server sends SYN packet and ACK packet to client. ACK packet is for notifying well-receiving of packet that client sends.
Third, client sends ACK packet to server. Then, three-way handshaking ends
17
Operation of TCP Three-way Handshaking
SEQ:0, ACK:-
SEQ:0, ACK:1
SEQ:1, ACK:1
A : 210. 107. 139. 224 B : 143. 248. 4. 223
SYN
SYN+ACK
ACK
18
Lab 3-2 TCP Data Transmission(2) Data Transmission
• PDU is Protocol Data Unit. • [TCP segment of a reassembled PDU] means that divided data of one unit is transferred. This is because original one unit is too big to transfer with one packet.• We can also see 143.248.6.7 sends acknowledge to notify well-receiving
19
Lab 3-3 TCP Closing the connection (1)
(3) Closing the connection
Steps for closing TCP connection are like following. First, client sends FIN packets to server to notifying close of connection.
Then, server sends ACK packets. Second, server sends FIN packets to client to notifying close of connection.
Then, client sends ACK packets.
20
Operation of TCP Closing the connection
SEQ:222, ACK:-
SEQ:244, ACK:223
SEQ:223, ACK:245
A : 210. 107. 139. 224 B : 143. 248. 4. 223FIN
ACK
ACK
SEQ:244, ACK:223
FIN
21
LAB 3 ASSIGNMENT
22
Lab Assignment) IP address, server identification (1)
Let’s obtain an IP address for our machine. Our machine is running Windows and we will open up command prompt. We will start a Wireshark trace and then issued the following commands to command prompt.
DHCP: DHCP (Dynamic Host Configuration Protocol) is a network configuration protocol for hosts on IP networks. Computers that are connected to IP networks must be configured before they can communicate with other hosts. The most essential information needed is an IP address, and a default route and routing prefix. DHCP eliminates the manual task by a network administrator. It also provides a central database of devices that are connected to the network and eliminates duplicate resource assignments.
Operations of DHCP: DHCP discovery DHCP offer DHCP request DHCP ACK
23
Lab Assignment) IP address, server identification(2)
Ipconfig /release ipconfig /renew ipconfig /renew ipconfig /release Ipconfig /release is used to cut the connection with devices currently
connected. IPconfig /renew is used to renew the address.
24
Lab Assignment) IP address, server identification (3)
Packet 1817 is used to release the machine’s current IP address, 192.168.0.5. Notice that packet 1817 lists 192.168.0.5 as the source IP address. After it is released, the machine has no valid IP address and uses the address 0.0.0.0 as the source address in packet 1852.
25
Lab Assignment) IP address, server identification(4)
we input ipconfig /renew twice. DHCP Discovery: Especially, let’s look at packet 1852. Packet 1852 is a DHCP Discovery
message, and it is used by machines without an IP address to request one. It is sent to the special broadcast address, 255.255.255.255. This address will reach all connected hosts within a limited broadcast range. Logically, 255.255.255.255 means broadcast the entire Internet, but this is never literally the case because routers will not forward such a broadcast beyond the local network to avoid swamping the Internet with such requests.
DHCP Offer: DHCP server received DHCP Discovery message sends DHCP Offer message to client. Here, also DHCP uses broadcast.
DHCP request: Client selects the first arrived message from server’s DHCP offer message, then, broadcasts all DHCP servers.
DHCP ACK: DHCP server received DHCP Request sends ACK to client. If client receives this ACK well, TCP/IP becomes initiated and client is recognized as binding DHCP client.
26
Lab Assignment) IP address, server identification(5)
We commanded ipconfig /release finally. So, we can see like following picture.
27
Lab 3 Assignment
Please follow things from p22 to p26 in this ppt Submit the result as report form Report must contain all contents in slides from
p22 to p26 and related screen shot Also, you should write necessary explanation in
your report Due is up to 00:00, Sep. 22, 2012