1.了解ICMP协议下数据包相关格式和内容; 2.了解ping 和tracert两种指令功能。
二、实验条件
①联网的电脑; ②Ethereal软件; ③winpcap 4.0.
三、实验内容
ping指令操作
ljj为笔者
姓名拼音缩写
通过输入指令ping,检测通道是否导通。 Ethereal抓包
1. What is the IP address of your host? What is the IP address of the destination host?
2. Why is it that an ICMP packet does not have source and destination port numbers? 答:因为ICMP数据包在网络层封装在IP数据包中,因此不需要destination和source 3. Examine one of the ping request packets sent by your host. What are the ICMP
type and code numbers? What other fields does this ICMP packet have? How many bytes are the checksum, sequence number and identifier fields? 在其他的地方没有ICMP数据包因为它没有分组
4. Examine the corresponding ping reply packet. What are the ICMP type and Code numbers? What other fields does this ICMP packet have? How many bytes are the checksum, sequence number and identifier fields?
在其他的地方没有ICMP数据包因为它没有分组 tracer指令操作 Ethereal抓包 5. What is the IP address of your host? What is the IP address of the target destination host?
6. If ICMP sent UDP packets instead (as in Unix/Linux), would the IP protocol number still be 01 for the probe packets? If not, what would it be?
答:不是01,因为它的上层协议UDP,所以它的protocol number 不是ICMP(1)
7. Examine the ICMP echo packet in your screenshot. Is this different from the ICMP ping query packets in the first half of this lab? If yes, how so? Ping指令 Tracer指令
可以看出二者的checksum,sequence number,data不同
8. Examine the ICMP error packet in your screenshot. It has more fields than the ICMP echo packet. What is included in those fields? error packet ecoh packet
可以看出,error packet比echo packet多出了Internet protocol,src:…,dst:…部分 9. Examine the last three ICMP packets received by the source host. How are thes packets different from the ICMP error packets? Why are they different?
10. Within the tracert measurements, is there a link whose delay is significantly longer than others? Refer to the screenshot in Figure 4, is there a link whose delay is significantly longer than others? On the basis of the router names, can you guess the location of the two routers on the end of this link?
答:tracert指令操作,得出时延差距很大的结论,且不能猜出两条线路在末端的连接位置。
四、实验心得
本次实验了解到了ICMP协议的格式,其作用在于报告差错,并且验证通道的导通性,学会使用ping 和tracert指令ICMP协议的使用,并进行了两者产生的数据包的进一步比较。在ICMP数据包中是没有destination和source的,且ICMP是封装先交给UDP其次再交给IP数据包。对英文文献的筛读有着更清晰的认识。
因篇幅问题不能全部显示,请点此查看更多更全内容