Arnav Sudan | 2019TT10954

Question 1: Networking Tools

(a) Find the IP address of your machine.

Results:

Here en0 represents my connection to the wifi. IP address of the interface is

192.168.1.3
Trying from a different ISP

Ip address of the interface is 192.168.43.55

Comments: ISP changes our External IP address so that we can’t be tracked on the
internet thus changing ISP leads to change in IP address
(b) Find IP address of google.com and facebook.com

Authoritative answer

● Iitd.ac.in:
10.10.211.212

● google.com:
216.239.32.10

● facebook.com
157.240.198.35
Non-authoritative answer

Using the following DNS servers:

● google.com
142.250.194.46

● facebook.com
31.13.79.35
Using following DNS servers

● google.com
142.250.196.174

● facebook.com
157.240.198.35
Using following DNS servers

● google.com
142.250.192.238

● facebook.com
31.13.79.35

Observation: IP address change by changing the DNS server.

(c)

● Ttl = 225, count 50, size 32, iitd.ac.in

● Ttl = 2, count 50, size 32, iitd.ac.in
● Ttl = 4, count 50, size 32, iitd.ac.in
 ● Ttl = 8, count 50, size 32, iitd.ac.in

● Ttl = 16, count 50, size 32, iitd.ac.in

● Ttl = 225, count 50, size 1472 and 1473, iitd.ac.in

Thus maximum size packet that can be sent is 1472 for iitd.ac.in
 ● Ttl = 225, count 50, size 1465 and 1464, facebook.com

Thus maximum size packet that can be sent is 1464 for facebook.com
 ● Ttl = 225, count 50, size 1465 and 1464, google.com

Thus maximum size packet that can be sent is 1464 for google.com

Therefore we conclude that the maximum size of ping packets are different for domains
mentioned in part b and part c.
(d)

Wifi Airtel | iitd.ac.in

After adding -I tag

Mobile hotspot Jio | iitd.ac.in

Using IITD VPN

iitd.ac.in : 3 hops

Conclusion: Different responses for different ISP and we get responses by using -I tag
Airtel Wifi:

google.com: 6 hops

facebook.com: 8 hops

youtube.com: 8 hops
As Mac OS is used for this experiment, by default it uses UDP for traceroute.
We can add -I to make UDP to IMAP which is a more reliable protocol so the hosts can
reply to it. We can also try to traceroute from other IP addresses.
 Question 2: Packet Analysis

Cleared cache, and flushed local DNS before the experiment.

First Experiment: Google Chrome with extensions like grammarly, youtube adblock etc

DNS request is made at time 23.906285 seconds

DNS response is made at time 23.922791 seconds
It took 0.016506 seconds for DNS request -response to complete
HTTP:

56 HTTP requests were generated.

An HTTP request is generated for every component of the web page. Every image
generates an HTTP request. All CSS files generate HTTP requests. Here from the
results we can see that html was generated in the beginning and then css. After that we
can see a lot of images, jquery, javascript requests were generated. From this
experiment we can conclude that a web page consists of a lot components for which
HTTP requests are generated.

Start time: 24.009383

End Time: 25.752859

Total time to download the whole page = 25.752859(last HTTP packet) -

23.906285(First DNS request) = 1.846574 seconds
With iitd.ac.in there were some HTTP packets because of the extensions so I decided to
install Mozilla Firefox.

Second Experiment: Mozilla firefox without any extensions

DNS request time: 49.103106

DNS response time: 49.119053
It took 0.015947 seconds for DNS request -response to complete which is a little faster
than chrome
First HTTP packet time: 49.161171
Last HTTP packet time: 50.831257

Total time to download the whole page = 50.831257(last HTTP packet) -

49.103106(First DNS request) = 1.728151 seconds
Which is less than total time time to download the whole page for chrome.
Iitd.ac.in

Reason for no HTTP packet is that http://www.cse.iitd.ac.in/ redirects to

https://www.cse.iitd.ac.in/
which is SSL secured thus not visible in the HTTP filter and using SSL.
 Question 3 Implementing Traceroute

For facebook.com

Programs output: reached destination in 7 hops

Graph of RTT vs hop