Wireshark Lab: ICMP v7.0

0. 实验文件地址

Wireshark Lab: ICMP v7.0
ICMP: 被主机和路由器用来彼此沟通网络层的信息。最典型的应用是 差错报告

Wireshark Lab: ICMP v7.0_第1张图片

1. ICMP and Ping

Wireshark Lab: ICMP v7.0_第2张图片
Wireshark Lab: ICMP v7.0_第3张图片

Wireshark Lab: ICMP v7.0_第4张图片

Question & Answer

1. What is the IP address of your host? What is the IP address of the destination host?

Wireshark Lab: ICMP v7.0_第5张图片

2. Why is it that an ICMP packet does not have source and destination port numbers?

ICMP是网络层协议,端口是应用层协议才有的东西。

3. Examine one of the ping request packets sent by your host. What are the ICMP type and code numbers? What other fields does this ICMP packet have? How many bytes are the checksum, sequence number and identifier fields?

Wireshark Lab: ICMP v7.0_第6张图片

ICMP的type为request(128),编号为0。

Wireshark Lab: ICMP v7.0_第7张图片
Checksum大小为16字节。

Wireshark Lab: ICMP v7.0_第8张图片
Sequence大小为16字节。

Wireshark Lab: ICMP v7.0_第9张图片
Identifier大小为16字节。

4. Examine the corresponding ping reply packet. What are the ICMP type and code numbers? What other fields does this ICMP packet have? How many bytes are the checksum, sequence number and identifier fields?

Wireshark Lab: ICMP v7.0_第10张图片

ICMP的type为reply(129),编号为0。
Checksum、Sequence、Identifier都是16字节(可以自己验证)。

2. ICMP and Traceroute

Wireshark Lab: ICMP v7.0_第11张图片
Wireshark Lab: ICMP v7.0_第12张图片

Question & Answer

5. What is the IP address of your host? What is the IP address of the target destination host?

Wireshark Lab: ICMP v7.0_第13张图片

6. If ICMP sent UDP packets instead (as in Unix/Linux), would the IP protocol number still be 01 for the probe packets? If not, what would it be?

不清楚…

7. Examine the ICMP echo packet in your screenshot. Is this different from the ICMP ping query packets in the first half of this lab? If yes, how so?

Wireshark Lab: ICMP v7.0_第14张图片
主要的不同就是No response seen,你可以检验一下上一小节的请求包。

8. Examine the ICMP error packet in your screenshot. It has more fields than the ICMP echo packet. What is included in those fields?

Wireshark Lab: ICMP v7.0_第15张图片
可以看到在错误包的IMCP中包含了原始IP和上层端口号ICMP的信息。

9. Examine the last three ICMP packets received by the source host. How are these packets different from the ICMP error packets? Why are they different?

Wireshark Lab: ICMP v7.0_第16张图片
以红框标出的就是源主机收到的最后三个ICMP包。与错误包相比,它的ICMP协议中不包含原始IP和ICMP。

10. Within the tracert measurements, is there a link whose delay is significantly longer than others? Refer to the screenshot in Figure 4, is there a link whose delay is significantly longer than others? On the basis of the router names, can you guess the location of the two routers on the end of this link?

Wireshark Lab: ICMP v7.0_第17张图片
我们看一下上图,第5个链路延迟明显高于其他链路。
这条链路的头路由器应该就是我们的源主机,尾路由器就是目的主机。

你可能感兴趣的:(#,Wireshark实验,计算机网络)