Link-Layer Frames Analysis

F. Task(s)
Task 1. Link-Layer Frames Analysis
Part 1:
Figure 1
Consider the simplified building network (as shown in Figure 1) which consists of two aggregation
switches (SW1 and SW2) and two edge switches (SW3 and SW4). Each aggregation switch serves
as an aggregation point for all the edge switches. Edge switches serve the PCs of end users. The
switches have been configured to support for multiple VLANs. The IP addresses of PC C, D, and
Y are shown in Figure 1. The MAC address of PC W is 54:89:98:82:2c:21.
Download packet traces from Moodle. There are four packet traces collected using Wireshark
running on the network simulated with eNSP software. The descriptions of the packet traces are
listed in Table 1. Once you have downloaded the trace, you can load it into Wireshark and view
the trace using the File pull down menu, choosing Open, and then selecting the respective packet
trace file.
Table 1
File Name of Packet Trace Description
PCA-SW3.pcap Packet trace on the link between PC A and SW3.

  1. Examine one of the Control frames in the packet trace.
    a. Determine the Type value in the frame.
    b. Based on the Subtype value of your selected frame in 2(a), explain the function of the
    frame in 802.11 wireless LAN communication.
  2. Examine the Probe Request and Response frames.
    a. Determine the MAC address of the station sending the Probe Request frame to the
    linksys access point. Show the Wireshark’s filter that you use to answer this question.
    b. Identify the MAC addresses of the stations that may receive the Probe Response frames
    from the 30 Munroe St access point.
  3. Identify the MAC address of a station that entered sleep mode.
  4. Determine all the data rates that can be supported by linksys12 access point.
    Task 2. ICMP
    [Adapted from Computer Networking: A Top-Down Approach, 7th ed., J.F. Kurose and K.W. Ross. © 2005-2016, J.F
    Kurose and K.W. Ross, All Rights Reserved.]
    Let’s begin our ICMP adventure by capturing the packets generated by the Ping program. You
    may recall that the Ping program is a simple tool that allows anyone (for example, a network
    administrator) to verify if a host is live or not. The Ping program in the source host sends a packet
    to the target IP address; if the target is live, the Ping program in the target host responds by sending
    a packet back to the source host.
    Do the following:
    • Let’s begin this adventure by opening the Windows Command Prompt application (use the
    Terminal program for MacOS).
    • Start up the Wireshark packet sniffer, and begin Wireshark packet capture.
    • Enter ping –n 10 www.xmu.edu.my for the Web server at our University. The argument
    “-n 10” indicates that 10 ping messages should be sent. Then run the Ping program by
    typing return.
    If you are using MacOS, you should enter the following commands:
    Questions:
    Analyse the packet trace and answer the following questions. For each of your answer, support
    your finding with the aid of a screenshot based on the analysis on the packet traces. You should
    highlight where in the screenshot you have found the answer and add some relevant annotations
    (if necessary).
  5. Examine the ICMP echo packet. Is this different from the ICMP ping query packets in the first
    half of this lab? Discuss your observation.
  6. How does your computer craft an echo request packet to find the router N hops along the path
    towards the destination? How does it learn the IP address of a router along the path. You must
    explain your answer with the aid of the screenshots based on your captured packet traces.
  7. Examine the ICMP TTL-exceeded packet. Identify the similarities and differences between
    this ICMP packet and the ICMP echo packet.
  8. Examine the last three ICMP packets received by the source host. How are these packets
    different from the ICMP TTL-exceeded packets? Why are they different?

    WX:codehelp

你可能感兴趣的:(php)