Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Networking

Ping - Wofford

advertisement 
Lab 5: ping
Please read completely before you begin!
This lab should extend your knowledge of connectivity testing and bandwidth measurement.
Review
Originally written by Mike Muuss, ping is a basic and ubiquitous utility for checking connectivity. It
derives its name from the sound sonar makes. It is also the basis for a number of variants and advanced
tools and is available in a number of forms.
Its basic operation is quite simple. It sends an ICMP echo request packet to a remote host. If properly
configured, the remote host will send back an ICMP echo reply packet. Reception of the reply indicates
basic connectivity between the source host and the destination. Consequently, ping is often the first tool
that a network administrator or savvy user will turn to when confronted with a network problem.
ping and ping-like tools can be used to estimate the transmission rate of a connection. To understand how
this works, we need to be very clear on what the terms we are using mean. Whenever a packet is sent
across a network, there are three timing-components (or delays) that determine how long it takes for the
packet to arrive—the propagation delay, the transmission delay, and the queuing delay. For a link along
the path, the propagation delay depends on the length of the link and the propagation speed (usually
expressed as a percentage of the speed of light). This is unaffected by packet size. The transmission delay
is the product of the speed at which the bits can be placed on the media (the transmission rate usually
measured in bits per second) and the number of bits that must be transmitted. While technically inaccurate,
the transmission rate is often described as the bandwidth of a connection. The final delay is the queuing
delay—the amount of time a packet spends in routers waiting to be transmitted. This depends on the
number and size of the other packets in the queue before it as well as the transmission rate of the interface.
The total propagation time in simply the sum of these three delays for each link along the path.
Since only the transmission delay depends on size of the packet, it is possible to vary the packet size and
use the difference in delays to estimate the amount of time to estimate the transmission rate of an interface.
A privileged user can specify the packet size used by ping with the -s option.
Unfortunately, ping has been implicated in a number of security threats in recent years. For example, in the
ping-of-death attack, an ill-formed ping packet may cause an older system to crash. (Actually any illformed packet would cause this problem. It is just easier to create the problem with ping packets.) ping
has been used for denial-of-service attacks such as the Smurf Attacks where a host is flooded with ping
packets. ping has also been used to probe systems. While the real problem in each of these cases has been
misconfigured systems or firewalls, some system administrators have naively configured their systems not
to respond to ping. As a result, they and their users have lost a valuable tool.
Lab
For each of the following steps describe your results, give the syntax of the command you used, and, where
appropriate, the output produced. Include screen captures as needed in your output. Be sure to label your
results carefully and organize your results in the order of steps as given here and to answer each question in
your report.
For most of this assignment, you will be better served if you use an SSH connection. For the step involving
packet capture, however, you will need a graphics connection to use Ethereal. As with previous labs, you
will use maud.
1.
Read the Unix manual page for ping. Experiment with the various options. Describe the five that you
found most useful.
2.
ping a remote computer and capture the traffic using Ethereal. Fully decode an echo request and echo
reply packet. Explain your results.
3.
Try pinging the site 207.46.230.218. Try visiting the site with a web browser. What can you
conclude?
4.
You can estimate the transmission rate of an interface onto a link if you ping devices at either end of
the link with two different packet sizes. Consider the following diagram where Rn and Rn+1 are the
routers at either end of the link in question:
Rn
Rn+1
If the packets are sent close together or if multiple packets are sent and times averaged, you would
expect the queuing delay to be relatively constant and independent of the size of the packet used. The
propagation delay will also be independent of the packet size. Thus, the difference in times among
packets will depend on the packet size and the transmission delays.
Let Tn,200 be the total amount of time it takes to receive a reply for a ping sent to router Rn using a 200
byte packet. Tn,1200, Tn+1,200, and Tn+1,1200 can be similarly defined. These four times can be used to
estimate the amount of time it takes to transmit 1000 Bytes onto the link between the two devices.
Derive an expression that estimates the transmission delay over the link in terms of these times. (Hint:
Don’t forget you are using round-trip times!)
5.
It is not possible for an unprivileged user to vary the packet size with ping on most Unix systems.
Suggest a reason for this restriction. What follows is data collected for three adjacent routers using
two packet sizes. Use this data and the expression you derived to estimate the transmission rate onto
the links joining the routers. The order of the routers is 205.153.60.1 to 144.232.213.181 to
144.232.12.17.
maud# ping -s200 -c5 205.153.60.1
PING 205.153.60.1 (205.153.60.1): 200 data bytes
208 bytes from 205.153.60.1: icmp_seq=0 ttl=254 time=4.928
208 bytes from 205.153.60.1: icmp_seq=1 ttl=254 time=5.489
208 bytes from 205.153.60.1: icmp_seq=2 ttl=254 time=3.397
208 bytes from 205.153.60.1: icmp_seq=3 ttl=254 time=3.094
208 bytes from 205.153.60.1: icmp_seq=4 ttl=254 time=2.886
ms
ms
ms
ms
ms
--- 205.153.60.1 ping statistics --5 packets transmitted, 5 packets received, 0% packet loss
round-trip min/avg/max/stddev = 2.886/3.959/5.489/1.048 ms
maud# ping -s1200 -c5 205.153.60.1
PING 205.153.60.1 (205.153.60.1): 1200 data bytes
1208 bytes from 205.153.60.1: icmp_seq=0 ttl=254 time=9.196
1208 bytes from 205.153.60.1: icmp_seq=1 ttl=254 time=8.928
1208 bytes from 205.153.60.1: icmp_seq=2 ttl=254 time=9.974
1208 bytes from 205.153.60.1: icmp_seq=3 ttl=254 time=7.525
1208 bytes from 205.153.60.1: icmp_seq=4 ttl=254 time=7.776
--- 205.153.60.1 ping statistics --5 packets transmitted, 5 packets received, 0% packet loss
round-trip min/avg/max/stddev = 7.525/8.680/9.974/0.911 ms
maud# ping -s200 -c5 144.232.213.181
PING 144.232.213.181 (144.232.213.181): 200 data bytes
ms
ms
ms
ms
ms
208
208
208
208
208
bytes
bytes
bytes
bytes
bytes
from
from
from
from
from
144.232.213.181:
144.232.213.181:
144.232.213.181:
144.232.213.181:
144.232.213.181:
icmp_seq=0
icmp_seq=1
icmp_seq=2
icmp_seq=3
icmp_seq=4
ttl=253
ttl=253
ttl=253
ttl=253
ttl=253
time=73.705
time=33.237
time=72.254
time=32.915
time=31.819
ms
ms
ms
ms
ms
--- 144.232.213.181 ping statistics --5 packets transmitted, 5 packets received, 0% packet loss
round-trip min/avg/max/stddev = 31.819/48.786/73.705/19.765 ms
maud# ping -s1200 -c5 144.232.213.181
PING 144.232.213.181 (144.232.213.181): 1200 data bytes
1208 bytes from 144.232.213.181: icmp_seq=0 ttl=253 time=464.361
1208 bytes from 144.232.213.181: icmp_seq=1 ttl=253 time=464.921
1208 bytes from 144.232.213.181: icmp_seq=2 ttl=253 time=430.751
1208 bytes from 144.232.213.181: icmp_seq=3 ttl=253 time=541.593
1208 bytes from 144.232.213.181: icmp_seq=4 ttl=253 time=555.484
ms
ms
ms
ms
ms
--- 144.232.213.181 ping statistics --5 packets transmitted, 5 packets received, 0% packet loss
round-trip min/avg/max/stddev = 430.751/491.422/555.484/48.449 ms
maud# ping -s200 -c5 144.232.12.17
PING 144.232.12.17 (144.232.12.17): 200 data bytes
208 bytes from 144.232.12.17: icmp_seq=0 ttl=252 time=380.011
208 bytes from 144.232.12.17: icmp_seq=1 ttl=252 time=351.226
208 bytes from 144.232.12.17: icmp_seq=2 ttl=252 time=401.390
208 bytes from 144.232.12.17: icmp_seq=3 ttl=252 time=383.546
208 bytes from 144.232.12.17: icmp_seq=4 ttl=252 time=120.389
ms
ms
ms
ms
ms
--- 144.232.12.17 ping statistics --5 packets transmitted, 5 packets received, 0% packet loss
round-trip min/avg/max/stddev = 120.389/327.312/401.390/104.705 ms
maud# ping -s1200 -c5 144.232.12.17
PING 144.232.12.17 (144.232.12.17): 1200 data bytes
1208 bytes from 144.232.12.17: icmp_seq=0 ttl=252 time=476.327
1208 bytes from 144.232.12.17: icmp_seq=1 ttl=252 time=557.971
1208 bytes from 144.232.12.17: icmp_seq=2 ttl=252 time=579.227
1208 bytes from 144.232.12.17: icmp_seq=3 ttl=252 time=622.096
1208 bytes from 144.232.12.17: icmp_seq=4 ttl=252 time=590.073
ms
ms
ms
ms
ms
--- 144.232.12.17 ping statistics --5 packets transmitted, 5 packets received, 0% packet loss
round-trip min/avg/max/stddev = 476.327/565.139/622.096/48.996 ms
6.
There are a number of tools that automate this process including pathchar, pchar, and bing. Both
pchar and pathchar will calculate the bandwidth of every link on a path. These can give a more
accurate estimate of bandwidth because they send a large number of packets but can create a
significant load on a slow link. Look at the Unix manual page for pchar. Use pchar to estimate the
transmission rates along the path from maud to some other server on campus such as
www.netlab.lander.edu. You’ll want to send the five repetitions, an increment of 256 bytes, and
verbose mode without name resolution. (Performance can be abysmal if you use too many repetitions
or too large an increment.) What is the number of probes and the number of different sizes being
used? Estimate the number of packets sent.
7.
Switches typically operate in one of two modes—store and forward mode and cut-through mode. In
store and forward mode, a packet is completely read into the switch before retransmission begins. In
cut-through mode, the switch starts retransmitting the packet as soon as the destination address is
known. Cut-through mode is more efficient but is not as versatile as store and forward mode. For
example, cut-through mode is required for rate conversion. Unidentified switches along a path
operating in store and forward mode can create problems for the approach used to estimate bandwidth
in this lab. Switches operating in cut-through mode have a very small impact. Explain why this is the
case.
Please notice that some of these parts ask several questions. Be sure you answer every question for every
part.
Original copyright © 2002, Dr. Joseph D. Sloan.
This laboratory was published in the Journal of Computer Sciences in Colleges and the copyright was
transferred to the CCSC with publication.
Related documents
第一讲 - 信息工程学院
第一讲 - 信息工程学院
Lab_3_Results_Sheet
Lab_3_Results_Sheet
Algebra 1 Preparing for Success Packet
Algebra 1 Preparing for Success Packet
Covert File Transfer through ICMP
Covert File Transfer through ICMP
Ping and Traceroute
Ping and Traceroute
Lab 3 results sheet
Lab 3 results sheet
“shooting stars,” are small particles of dust left behind by a comet`s tail
“shooting stars,” are small particles of dust left behind by a comet`s tail
Document
Document
CMPE 352 LAB 3
CMPE 352 LAB 3
Download
advertisement