Professional Documents
Culture Documents
ICMP Protocols
Objectives
1. Capture and study ICMP header.
2. Modify ICMP payload size.
3. Capture and study IPv4 header.
4. Identify network route to destination.
Network Parameters
Below are the network parameters that should be configured in your computer:
Page 1 of 8
Student Notes (3 points)
Take useful and meaningful notes while the instructor is explaining the lab as well as
important points acquired during your lab work and report them down. Each note out of
0.3 point.
9. IP header length = 20
Page 2 of 8
Student Lab Work (10 points)
1. Start a network traffic capture using Wireshark and then ping any classmate’s PC to
generate ICMP packets. Apply a display filter to display ICMP packets only.
i. How many types of ICMP packets did you record? (Give number)
ii. Indicate the recorded types, in the ICMP packets. (Give type name)
iii. Open the ICMP header of each ICMP packet type and then report the
name and size of each ICMP header field.
iv. What is the ICMP header length of each ICMP packet type?
Explain how you calculated the ICMP header length. (0.2 point)
By sum up all header fields length: Type, Code, Checksum, Identifier,
Sequence number
v. What is the default ICMP payload size of each ICMP packet type?
Page 3 of 8
vi. What is inside the payload of each ICMP packet type?
vii. What is the total ICMP packet size of each ICMP packet type?
554
i. How does the ICMP Echo reply relate to the ICMP Echo request?
ii. What is the relationship among the increment of the sequence number
fields and destination computers?
iii. What is the value inside the field Identifier? Does it change?
i. What is the type of the returned ICMP packet following an ICMP Echo
request with TTL equal to 1?
Page 5 of 8
Answer. (0.5 point)
Time-to-live exceeded
ii. What is the source IPv4 address of the above ICMP packet?
Why the above ICMP packet was generated. Explain with details (0.3
point)
When the packet with ttl = 1 has to move to the next router, it was
decreased by ONE and the packet arrived with ttl = 0 which in this case an error
has to be sent to the source indicating that the ttl = 0
iii. Repeat answering the above two steps each time the TTL value increments
by 1.
Answer. (1 point)
Pc4: Source IPv4: 10.254.22.1
ttl = 2 => R1 (ttl = 1) => R2 (ttl = 0) return Time-to-live exceeded
Pc6: Source IPv4: 10.22.255.253
Ttl = 3 => R1(ttl = 2) => R2 (ttl = 1) => R3 (ttl = 0) return Time-to-live
exceeded
Pc8 Source IPv4: 192.168.140.20
Ttl = 4 => R1(Ttl = 3) => R2(ttl = 2) => R3 (ttl = 1) => R4 (ttl = 0)
return Time-to-live exceeded
Pe10 Source IPv4:10.142.24.10
Ttl = 5 =>R1(Ttl = 4) => R2(Ttl = 3) => R3(ttl = 2) => R4 (ttl = 1) => R5
(return replay)
iv. What ICMP packet type indicates the end of TTL increment?
c. Find out the code, in hexadecimal, used by the IPv4 protocol to identify:
Page 6 of 8
i. ICMP protocol.
ii. Find out the code, in hexadecimal, used by the IPv4 protocol to
identify the TCP protocol. Show the proof of your answer.
iii. Find out the code, in hexadecimal, used by the IPv4 protocol to
identify the UDP protocol. Show the proof of your answer.
Page 7 of 8
Page 8 of 8