Ethereal Lab: ICMP
Version: 1.0
© 2005 J.F. Kurose, K.W. Ross. All Rights Reserved
Computer Networking: A Top-
down Approach Featuring the
Internet, 3
rd
edition.
In this lab, we’ll explore several aspects of the ICMP protocol:
• ICMP messages generating by the Ping program;
• ICMP messages generated by the Traceroute program;
• the format and contents of an ICMP message.
Before attacking this lab, you’re encouraged to review the ICMP material in the textbook
(Section 4.4.3 in the 3
rd
edition.) We present this lab in the context of the Microsoft
Windows operating system. However, it is straightforward to translate the lab to a Unix
or Linux environment.
1. ICMP and Ping
Let’s begin our ICMP adventure by capturing the packets generated by the Ping program.
You may recall that the Ping program is simple tool that allows anyone (for example, a
network administrator) to verify if a host is live or not. The Ping program in the source
host sends a packet to the target IP address; if the target is live, the Ping program in the
target host responds by sending a packet back to the source host. As you might have
guessed (given that this lab is about ICMP), both of these Ping packets are ICMP packets.
Do the following
1
:
1
If you are unable to run Ethereal live on a computer, you can download the zip file
http://gaia.cs.umass.edu/ethereal-labs/ethereal-traces.zip
and extract the file ICMP-ethereal-trace-1. The
traces in this zip file were collected by Ethereal running on one of the author’s computers, while
performing the steps indicated in the Ethereal lab. Once you have downloaded the trace, you can load it
into Ethereal and view the trace using the File pull down menu, choosing Open, and then selecting the
ICMP-ethereal-trace-1 trace file. You can then use this trace file to answer the questions below.
评论1