JMU
Homework Assignment 6


1 Instructions: Complete all of the steps below and answer all of the questions (each of which is enclosed in a box). Only submit your answers to the questions.
2 Steps and Questions:
  1. Download the following Java application (you only need the bytecode but may be interested in the source code as well):
    UDPPacketSender: Source (.java), Bytecode (.class)

    This application requires three command-line parameters: host, port, and payload-length.

  2. Start Wireshark, choose an appropriate device/interface, and filter for UDP.
  3. Start a live capture.
  4. Execute the UDPTimeClient (from an earlier assignment).
  5. Stop the capture.
  6. Expand the IP portion of the response.
  7. What is the protocol number for UDP?
  8. Expand the UDP portion of the request.
  9. How big is the UDP packet? Why? (Hint: How big is the payload of a response?)
  10. How big is the IP frame? Why?
  11. Suppose you were to run the UDPPacketSender with command line arguments w3.cs.jmu.edu 37 5112, how long would the "idealized" IP frame be? Why?
  12. Start Wireshark, choose an appropriate device/interface, and filter for UDP.
  13. Start a live capture.
  14. Run the UDPPacketSender with command line arguments w3.cs.jmu.edu 37 5112.
  15. Stop the capture.
  16. What well-known service runs on port 37?
  17. How will this information help you identify the appropriate part of the Wireshark capture?
  18. Select the appropriate part of the Wireshark capture and expand the information about IP.
  19. How many IPv4 fragments were used?
  20. Why were that many IPv4 fragments used? (Be specific!)
  21. Read a description of the ping utility.
  22. Clear the existing filter and start filtering for ICMP.
  23. Start a live capture.
  24. ping a host that is far away (e.g., the Hong Kong University of Science and Technology at www.ust.hk) with five requests. (Note: Use the appropriate command-line switch, do not execute ping five times.)
  25. Stop the capture.
  26. Expand the IP portion of a request.
  27. How big is the request? Why?
  28. Expand the ICMP portion of the request.
  29. What type is a ping/echo request?
  30. Read a description of the "trace route" utility (called traceroute in Unix and tracert in MS Windows).
  31. Clear the existing filter and start filtering for ICMP and UDP.
  32. Start a live capture.
  33. Trace the route to a host that is far away (e.g., the Hong Kong University of Science and technology at www.ust.hk).
  34. Stop the capture.
  35. What kinds of packets does your trace route utility use? (Note: It might differ across operating systems.)
  36. How many hops to the destination?
  37. Why do the different links/hops require different amounts of time?
  38. How does the last reply differ from (some of) the earlier replies? (Hint: Look at the type of some early replies and the type of the last reply.)
  39. How does the time to live (TTL) of the requests change?
  40. What happens when a packet arrives at a router with a TTL of 1?
  41. Based on your answers to the above questions, how do you think the trace route utility works?

Copyright 2013