Computer networks -- 2007-2008 -- info.uvt.ro/Laboratory 5
Quick links:
- front;
- courses 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13;
- laboratories agenda, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, evaluation, tools, repository.
Prerequisites
editIn order to successfully accomplish this laboratory, you should be familiar with:
- a command line interpreter (wikipedia:Command line interpreter);
- Linux/UNIX shell (wikipedia:Bash in general);
- Windows command line (wikipedia:Command Prompt (Windows));
- man pages or info pages -- see below;
Man pages
editPlease consult User:Ciprian Dorin Craciun/Tools/Man.
SSH clients
editping
editThis tool is used for checking that a specific host is reachable in an IP network, or for testing the local configuration. PING works by sending ICMP ECHO_REQUEST datagrams to the target host and listening for ICMP ECHO_RESPONSE replies.
ECHO_REQUEST datagrams have an IP and ICMP header, followed by a struct timeval and then an arbitrary number of "pad" bytes used to fill out the packet.
PING provides estimates the round-trip time and records any packet loss, and prints a statistical summary when finished.
Links
editExample
edituser$ ping -c 4 k.ro PING k.ro (194.102.255.23) 56(84) bytes of data. 64 bytes from www.k.ro (194.102.255.23): icmp_seq=1 ttl=55 time=10.6 ms 64 bytes from www.k.ro (194.102.255.23): icmp_seq=2 ttl=55 time=10.5 ms 64 bytes from www.k.ro (194.102.255.23): icmp_seq=3 ttl=55 time=10.4 ms 64 bytes from www.k.ro (194.102.255.23): icmp_seq=4 ttl=55 time=10.7 ms --- k.ro ping statistics --- 4 packets transmitted, 4 received, 0% packet loss, time 3015ms rtt min/avg/max/mdev = 10.449/10.592/10.717/0.165 ms
Usage
editThe ping tool can be used for:
- fault isolation -- It is first run on the localhost in order to verify that the local network interface is running. Then, hosts and gateways further and further away should be "pinged" in order to check their status.
- metrics -- PING computer Round-trip times and packet loss statistics. When PING sends the specified number of packets (and possibly has received them) a summary is displayed
Drawbacks
editAlthough RFC 1122 prescribes that any host must accept an echo-request and issue an echo-reply in return, one finds that this standard is frequently not followed on the public Internet.
arping
editarping is similar in functionality with ping, but operates by using the ARP protocol (opposed to ping which uses ICMP). Due to the usage of the ARP protocol the arping tool is only useful in the local network or in networks that provide an PROXY ARP.
Links
editExample
editroot# arping -I eth1 192.168.1.1 ARPING 192.168.1.1 from 192.168.1.230 eth1 Unicast reply from 192.168.1.1 [00:1D:60:95:77:16] 2.024ms Unicast reply from 192.168.1.1 [00:1D:60:95:77:16] 1.083ms Unicast reply from 192.168.1.1 [00:1D:60:95:77:16] 1.601ms Sent 3 probes (1 broadcast(s)) Received 3 response(s)
nslookup and dig
editnetcat and telnet
editnetstat
editifconfig
editipconfig
editip
edit- ip man page (the utility);
Wireshark and tcpdump
edit- Wireshark:
- tcpdump:
- sample captures: