Wireshark Lab: ICMP v7.0

时间：2022-10-14 19:02:40浏览次数：77

标签：What v7.0 IP packets packet Lab fields ICMP

0. 实验文件地址

Wireshark Lab: ICMP v7.0
ICMP: 被主机和路由器用来彼此沟通网络层的信息。最典型的应用是差错报告。

在这里插入图片描述

1. ICMP and Ping

在这里插入图片描述

Question & Answer

1. What is the IP address of your host? What is the IP address of the destination host?

在这里插入图片描述

2. Why is it that an ICMP packet does not have source and destination port numbers?

ICMP是网络层协议，端口是应用层协议才有的东西。

3. Examine one of the ping request packets sent by your host. What are the ICMP type and code numbers? What other fields does this ICMP packet have? How many bytes are the checksum, sequence number and identifier fields?

在这里插入图片描述

ICMP的type为request(128)，编号为0。

在这里插入图片描述
Checksum大小为16字节。

在这里插入图片描述
Sequence大小为16字节。

在这里插入图片描述
Identifier大小为16字节。

4. Examine the corresponding ping reply packet. What are the ICMP type and code numbers? What other fields does this ICMP packet have? How many bytes are the checksum, sequence number and identifier fields?

在这里插入图片描述

ICMP的type为reply(129)，编号为0。
Checksum、Sequence、Identifier都是16字节（可以自己验证）。

2. ICMP and Traceroute

在这里插入图片描述

Question & Answer

5. What is the IP address of your host? What is the IP address of the target destination host?

在这里插入图片描述

6. If ICMP sent UDP packets instead (as in Unix/Linux), would the IP protocol number still be 01 for the probe packets? If not, what would it be?

不清楚....

7. Examine the ICMP echo packet in your screenshot. Is this different from the ICMP ping query packets in the first half of this lab? If yes, how so?

在这里插入图片描述
主要的不同就是No response seen，你可以检验一下上一小节的请求包。

8. Examine the ICMP error packet in your screenshot. It has more fields than the ICMP echo packet. What is included in those fields?

在这里插入图片描述
可以看到在错误包的IMCP中包含了原始IP和上层端口号ICMP的信息。

9. Examine the last three ICMP packets received by the source host. How are these packets different from the ICMP error packets? Why are they different?

在这里插入图片描述
以红框标出的就是源主机收到的最后三个ICMP包。与错误包相比，它的ICMP协议中不包含原始IP和ICMP。

10. Within the tracert measurements, is there a link whose delay is significantly longer than others? Refer to the screenshot in Figure 4, is there a link whose delay is significantly longer than others? On the basis of the router names, can you guess the location of the two routers on the end of this link?

在这里插入图片描述
我们看一下上图，第5个链路延迟明显高于其他链路。
这条链路的头路由器应该就是我们的源主机，尾路由器就是目的主机。

标签：What,v7.0,IP,packets,packet,Lab,fields,ICMP
From： https://www.cnblogs.com/astralcon/p/16792663.html

Wireshark Lab: NAT v7.0
0.实验文件地址WiresharkLab:NATv7.01.NATMeasurementScenarioQuestion&Answer1.WhatistheIPaddressoftheclient?2.Theclientactuallycommuni......
Wireshark Lab: IP v7.0
实验文件地址http://www-net.cs.umass.edu/wireshark-labs/Wireshark_IP_v7.0.pdfQuestion&Answer1.SelectthefirstICMPEchoRequestmessagesentbyyourcom......
Wireshark Lab: DHCP v7.0
0.实验文件地址WiresharkLab:DHCPv7.0DHCP：动态主机配置协议。允许主机自动获取（被分配）一个IP地址（即插即用）。还允许一台主机得知其他信息，例如它的子网掩码、它的第一跳......
Wireshark Lab: Ethernet and ARP v7.0
0.实验文件地址WiresharkLab:EthernetandARPv7.0数据字段（46~1500字节）：这个字段承载了IP数据报。以太网的最大传输单元（MTU）是1500字节。目的地址（6字节）：这个字段包含......
Wireshark Lab: HTTP v7.0
0.实验文件地址http://www-net.cs.umass.edu/wireshark-labs/Wireshark_HTTP_v7.0.pdf方法字段可以取不同的值：GET、POST、HEAD、PUT和DELETE。GET：请求服务器发送某个......
Wireshark Lab: TCP v7.0
0.实验文件地址http://www-net.cs.umass.edu/wireshark-labs/Wireshark_TCP_v7.0.pdf序号（seq）：用来标识从TCP发送端向TCP接收端发送的数据字节流。它表示在这个报文段......
Wireshark Lab: DNS v7.0
0.实验文件地址http://www-net.cs.umass.edu/wireshark-labs/Wireshark_DNS_v7.0.pdf1.nslookup2.ipconfig3.TracingDNSwithWireshark3.1www.ietf.org3......
部署 GitLab、配置 GitLab、CI/CD 概述、部署 Jenkins
版本控制版本库版本控制是一种记录一个或若干文件内容变化，以便将来查阅特定版本修订情况的系统。简单来说，就是为目录打快照。将来可以回到某一个历史记录点。是一个典型的......
MATLAB实战—最优Copula函数的选择
Copula函数模型本文讲解Copula函数在实际生活中的应用，Copula函数描述的是变量间的相关性，实际上是一类将联合分布函数与它们各自的边缘分布函数连接在一起的函数，因此也有人将......
GitLab服务器修改用户密码
重置密码:1、切换到相应路径cd/opt/gitlab/bin/2、进入控制台gitlab-railsconsole3、根据序号查询用户账号信息并赋值给uu=User.find(2)[注:2为用户序号]4、设置密......

Wireshark Lab: ICMP v7.0

0. 实验文件地址

1. ICMP and Ping

Question & Answer

1. What is the IP address of your host? What is the IP address of the destination host?

2. Why is it that an ICMP packet does not have source and destination port numbers?

3. Examine one of the ping request packets sent by your host. What are the ICMP type and code numbers? What other fields does this ICMP packet have? How many bytes are the checksum, sequence number and identifier fields?

4. Examine the corresponding ping reply packet. What are the ICMP type and code numbers? What other fields does this ICMP packet have? How many bytes are the checksum, sequence number and identifier fields?

2. ICMP and Traceroute

Question & Answer

5. What is the IP address of your host? What is the IP address of the target destination host?

6. If ICMP sent UDP packets instead (as in Unix/Linux), would the IP protocol number still be 01 for the probe packets? If not, what would it be?

7. Examine the ICMP echo packet in your screenshot. Is this different from the ICMP ping query packets in the first half of this lab? If yes, how so?

8. Examine the ICMP error packet in your screenshot. It has more fields than the ICMP echo packet. What is included in those fields?

9. Examine the last three ICMP packets received by the source host. How are these packets different from the ICMP error packets? Why are they different?

相关文章

赞助商

阅读排行