Capture ARP packets and answer the following questions:
a)Describe the method by which you obtained ARP packets?
b)What is the purpose of ARP protocol? Explain with the help of a diagram.
c)From the captured packets, determine your computers MAC address and the destinations MAC address? Provide the screen shot.
d)Find a suitable command to use on MS-DOS command prompt to determine the contents of your computer’s ARP cache. What command did you use? What is the meaning of each column value in the resulting output?
e)What is the approximate time that an entry resides in your PCs ARP cache before its removal?
2) TCP/UDP/IP Protocols
In this exercise, you will need to run an application that uses UDP and an application that uses TCP. Capture the UDP and TCP packets.
aSelect a UDP packet and answer the following:
I.What is the length of the IP header and what value the “Protocol” field has?
II.What is the checksum value in IP header? Is it enabled or disabled?
III.What are the fields in UDP header?
b) Select a TCP packet and display all the TCP exchanges for this TCP packet (TCP stream). Answer the following:
I.What is meant by TCP connection establishment?
II.Provide a screenshot of 3-way handshake in the selected TCP establishment
c) If the checksum validation is disabled in IP, UDP and TCP headers, how would you enable the validation?
3) HTTP Protocol [15 Marks]
Use a web browser to connect to any overseas based website to generate HTTP packets. Run Wireshark and capture packets for around 1-2 min. Stop Wireshark and use HTTP in the filter bar to filter only the HTTP packets.
Note – Screen shots are required for sections (b) up to (e).
a)Explain what HTTP protocol is.
b)How would you filter HTTP packets based on request methods, GET and POST?
c)How would you display all the TCP packets (a complete TCP session) that were exchanged between your browser and one of the servers?
d)Use the “Flow Graph” feature to show the exchanges between your browser and one of the servers. You may use the same packets as in (c).
e)Select a complete HTTP/TCP session used in section (c) and provide a through put analysis.
f)Use the Wireshark feature to display all HTTP exported objects.
Performance problems have been observed in your company’s internetwork and being the network administrator of your company, your task is to do an analysis and submit a report.
Many employees have made complaints that real time multimedia applications could not be run at peak traffic hours.
The tool available for you is Wireshark.
You are aware that busy communication lines can cause variations of delays and you suspect the TCP retransmissions and duplicate ACKs can be the problem.
Your report should provide the following:
a)Explain the purpose of sequence number and acknowledgement number in TCP header.
b)Why do TCP retransmissions occur in networks?
c)How would you use and setup Wireshark features to analyse the above performance problems?
PART B - Riverbed Simulation Experiments [25 marks]
You are a newly recruited Network Designer for a company that is specialized in network designs and you are asked to demonstrate the performance of the Switch based 10BaseT LAN against that of Hub based 10BaseT LAN.
You will use the Riverbed simulator for the demonstration. Topology of the network is 25 ethernet stations connected to the central device (i.e. Hub or the Switch). Ethernet stations are connected to the centre node with 10BaseT links. And you need to create two scenarios, one for the Hub and the other for the Switch.
Appropriate parameters need to be selected for traffic generation and packet sizes. Simulation statistics should include delay, throughput and collisions.
Your report requires the following:
a)Screenshots of the topology for each scenario
b)Specification of traffic/packet generation parameters selected for simulation
c)Statistics of interest
d)Comparison and analysis of results of two scenarios for each statistical parameter (provide screenshots)