Scribd
Upload
22 views

Lab 7

This document analyzes the fields in an IPv4 packet trace captured from a traceroute. It identifies which fields remain constant between packets sent to the same destination from the same source, such as the version, header length, source/destination IPs, and protocol. Fields like identification, TTL, and checksum change with each packet. Fragmentation is also examined, noting that the fragment offset and checksum change between fragments while more fragments are expected.

Uploaded by

Shivend Menon
Copyright
© © All Rights Reserved
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
22 views

Lab 7

This document analyzes the fields in an IPv4 packet trace captured from a traceroute. It identifies which fields remain constant between packets sent to the same destination from the same source, such as the version, header length, source/destination IPs, and protocol. Fields like identification, TTL, and checksum change with each packet. Fragmentation is also examined, noting that the fragment offset and checksum change between fragments while more fragments are expected.

Uploaded by

Shivend Menon
Copyright
© © All Rights Reserved
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 3

2.

A look at the captured trace

1) My Ip address is given as 192.168.0.1

2) The value given for the upper-layer protocol is given: ICMP (0x01)

3) The header length is given as 20 bytes and there is 86 bytes in total. Which means that
66 bytes are the payload.

4) The data has not been fragmented; we are able to know this because the section with:
more fragments = 0.

5) Identification, Time to live and the Header checksum always change with each
portion.

6) The fields that stay constant are:

• Version (Because IPv4 is used for all the packets)

• header length (Because they are ICMP packets)

• source IP (Because being sent from the same PC)

• destination IP (The location being sent to is the same)

• Differentiated Services (since all packets are ICMP they use the same Type of Service
class)

• Upper Layer Protocol (Because these are ICMP packets)

The fields that must always stay constant are:

• Version (Because IPv4 is used for all the packets)

• header length (Because they are ICMP packets)

• source IP (Because being sent from the same PC)

• destination IP (The location being sent to is the same)

• Differentiated Services (since all packets are ICMP they use the same Type of Service
class)

• Upper Layer Protocol (Because these are ICMP packets)


The fields that must be subject to change:

• Identification (The IP packets must all have different IDs)

• Time to live (The traceroute increments each of the subsequent packets)

• Header checksum (The header changes, thus must the checksum also)

7) With each ICMP Echo, the IP header identification field increments down by one.

8) The identification is: 48082 and the TTL (Time to Live) is: 237

9) The identification of each ICMP TTL exceeded changes due to the fact that the
identification is a unique property. Unless belonging to the same reply. While the TTL does
not change because for the first-hop-router it is always the same.

Fragmentation
10) The packet has been fragmented.
11) In the flags field it says more fragments. Furthermore, it says fragment offset is at zero,
hence we are at the first fragment. The total length is given as 1500 bytes.

12) For the next fragment we can tell it isn’t the first as the offset value differs from the first.
More fragments are still expected as in the flags field it says more fragments.

13) The fields that changed in the header between the two fragments are: fragment offset,
checksum, flags, and total length.

14) After having changed the settings to 3500, three packets were created.

15) Among the fragments the things that are changed are: the value of the fragment offset,
and the checksum.

You might also like