Computer networks -- 2007-2008 -- info.uvt.ro/Laboratory 5

Important! These pages are somehow outdated and it is recommended to consult the newer version at Computer networks -- 2008-2009 -- info.uvt.ro (by Ciprian Crăciun).

Quick links:


Prerequisites

edit

In order to successfully accomplish this laboratory, you should be familiar with:

Man pages

edit

Please consult User:Ciprian Dorin Craciun/Tools/Man.

SSH clients

edit

ping

edit

This tool is used for checking that a specific host is reachable in an IP network, or for testing the local configuration. PING works by sending ICMP ECHO_REQUEST datagrams to the target host and listening for ICMP ECHO_RESPONSE replies.

ECHO_REQUEST datagrams have an IP and ICMP header, followed by a struct timeval and then an arbitrary number of "pad" bytes used to fill out the packet.

PING provides estimates the round-trip time and records any packet loss, and prints a statistical summary when finished.

edit

Example

edit
user$ ping -c 4 k.ro

PING k.ro (194.102.255.23) 56(84) bytes of data.
64 bytes from www.k.ro (194.102.255.23): icmp_seq=1 ttl=55 time=10.6 ms
64 bytes from www.k.ro (194.102.255.23): icmp_seq=2 ttl=55 time=10.5 ms
64 bytes from www.k.ro (194.102.255.23): icmp_seq=3 ttl=55 time=10.4 ms
64 bytes from www.k.ro (194.102.255.23): icmp_seq=4 ttl=55 time=10.7 ms

--- k.ro ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3015ms
rtt min/avg/max/mdev = 10.449/10.592/10.717/0.165 ms

Usage

edit

The ping tool can be used for:

  • fault isolation -- It is first run on the localhost in order to verify that the local network interface is running. Then, hosts and gateways further and further away should be "pinged" in order to check their status.
  • metrics -- PING computer Round-trip times and packet loss statistics. When PING sends the specified number of packets (and possibly has received them) a summary is displayed

Drawbacks

edit

Although RFC 1122 prescribes that any host must accept an echo-request and issue an echo-reply in return, one finds that this standard is frequently not followed on the public Internet.

arping

edit

arping is similar in functionality with ping, but operates by using the ARP protocol (opposed to ping which uses ICMP). Due to the usage of the ARP protocol the arping tool is only useful in the local network or in networks that provide an PROXY ARP.

edit

Example

edit
root# arping -I eth1 192.168.1.1

ARPING 192.168.1.1 from 192.168.1.230 eth1
Unicast reply from 192.168.1.1 [00:1D:60:95:77:16]  2.024ms
Unicast reply from 192.168.1.1 [00:1D:60:95:77:16]  1.083ms
Unicast reply from 192.168.1.1 [00:1D:60:95:77:16]  1.601ms
Sent 3 probes (1 broadcast(s))
Received 3 response(s)

nslookup and dig

edit

netcat and telnet

edit

netstat

edit

ifconfig

edit

ipconfig

edit

Wireshark and tcpdump

edit