Lab 4

Chapter 5

Networking and Telecommunications

Using TCP/IP

In this chapter, we’ve discussed the basic components of TCP/IP such as IP addresses, subnet masks, DNS requests, and ARP requests. In this activity, we'll show you how to explore these items on your computer. Although this activity is designed for Windows computers, most of these commands will also work on Apple computers.

This activity will use the command prompt, so start by clicking START, then RUN, and then type CMD and press enter. You should see the command window, which in Windows is a small window with a black background. Like all other windows you can change its shape by grabbing the corner and stretching it.

On a MAC computer, you will need to open the terminal application.

IPCONFIG: Reading your computer’s settings

In a focus box earlier in the chapter, we showed you how to find your computer’s TRCP/IP settings using Windows. You can also do it by using the IPCONFIG command. In the command window, type IPCONFIG/ALL and press enter.

You should see a screen like that shown in Figure 1. The middle of the screen will show the TCP/IP information about your computer. You can see the IP address (192.168.1.133 in Figure 1), the subnet mask (255.255.255.0), the default gateway, which is the IP address of the router leading out of your subnet (192.168.1.1), the DHCP server (192.168.1.1), and the available DNS servers (e.g., 192.168.2.1,192.168.1.1). Your computer will have similar, but different information. As discussed in Technical Focus 5.3, your computer might be using “private” IP addresses the same as my computer shown in Figure 1, so your addresses may be identical to mine. We'll explain how network address translation (NAT) is done in Chapter 10.

If you have an Apple Mac or a Linux OS, use the command "ifconfig -a".

Deliverables

1. Use the ipconfig/all command on your computer. What is the IP address, subnet mask, IP address of default gateway, and MAC of your computer?

2. Why does every computer on the Internet need to have these four numbers?


C:\Users\Jim Skon>ipconfig/all

Windows IP Configuration

   Host Name . . . . . . . . . . . . : WIN-H935VB49VNC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Network Connection
   Physical Address. . . . . . . . . : 00-0C-29-D2-D8-26
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::207e:1449:e9c:b7ca%10(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.133(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Thursday, September 18, 2014 11:36:54 PM
   Lease Expires . . . . . . . . . . : Friday, September 19, 2014 11:36:54 PM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 234884137
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1A-DE-5A-44-00-0C-29-D2-D8-26
   DNS Servers . . . . . . . . . . . : 192.168.2.1
                                       192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

C:\Users\Jim Skon>

Figure 1 - ifconfig/all

PING: Finding other computers

The PING sends a small packet to any computer on the Internet to show you how long it takes the packet to travel from your computer to the target computer and back again. You can ping a computer using its IP address or Web URL. Not all computers respond to ping commands, so not every computer you ping will answer.

Start by pinging your default gateway: just type PING followed by the IP address of your gateway. Figure 2 shows that the PING command sends four packets to the target computer and then displays the maximum, minimum, and average transit times. In Figure 2, you can see that pinging my gateway is fast: less than one millisecond for the packet to travel from my computer to my router and back again.

Next, ping a well-known Web site in the United States to see the average times taken. Remember that not all Web sites will respond to the ping command. In Figure 2, you can see that it took an average of 51 milliseconds for a packet to go from my computer to Google and back again. Also note that www.google.com has an IP address of 74.125.228.115. Now, ping a Web site outside the United States. In Figure 2, you can see that it took an average of 90 milliseconds for a packet to go from my computer to the Asia-Pacific Nazarene Theological Seminary and back again. If you think about it, the Internet is amazingly fast.

Deliverables

1. Ping your own default gateway. How many packets were returned? How long did it take for you default gateway to respond?

2. Ping google.com. How many packets were returned? How long did it take for you default gateway to respond?

3. Ping National Australian University www.anu. edu.au. How many packets were returned? How long did it take for you default gateway to respond?


C:\Users\Jim Skon>ping 192.168.1.1

Pinging 192.168.1.1 with 32 bytes of data:
Reply from 192.168.1.1: bytes=32 time=1ms TTL=64
Reply from 192.168.1.1: bytes=32 time=1ms TTL=64
Reply from 192.168.1.1: bytes=32 time=1ms TTL=64
Reply from 192.168.1.1: bytes=32 time=1ms TTL=64

Ping statistics for 192.168.1.1:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 1ms, Maximum = 1ms, Average = 1ms

 C:\Users\Jim Skon>ping www.google.com

Pinging www.google.com [74.125.228.115] with 32 bytes of data:
Reply from 74.125.228.115: bytes=32 time=40ms TTL=128
Reply from 74.125.228.115: bytes=32 time=41ms TTL=128
Reply from 74.125.228.115: bytes=32 time=43ms TTL=128
Reply from 74.125.228.115: bytes=32 time=82ms TTL=128

Ping statistics for 74.125.228.115:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 40ms, Maximum = 82ms, Average = 51ms

 C:\Users\Jim Skon>ping www.apnts.edu.ph

Pinging apnts.edu.ph [74.220.215.108] with 32 bytes of data:
Reply from 74.220.215.108: bytes=32 time=100ms TTL=128
Reply from 74.220.215.108: bytes=32 time=90ms TTL=128
Reply from 74.220.215.108: bytes=32 time=97ms TTL=128
Reply from 74.220.215.108: bytes=32 time=94ms TTL=128

Ping statistics for 74.220.215.108:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 90ms, Maximum = 100ms, Average = 95ms

C:\Users\Jim Skon>

Figure 2 - Ping

ARP: Displaying Physical Addresses

Remember that in order to send a message to other computers on the Internet, you must know the physical address (aka data link layer address) of the next computer to send the message to. Most computers on the Internet will be outside your subnet, so almost all messages your computer sends will be sent to your gateway (i.e., the router leaving your subnet). Remember that computers use ARP requests to find physical addresses and store them in their ARP table. To find out what data link layer addresses your computer knows, you can use the ARP command.

At the command prompt, type ARP-A and press enter. This will display the contents of your ARP table. In Figure 3, you can see that the ARP table in my computer has only one entry, which means all the messages from my computer since I turned it on have only gone to this one computer—my router. You can also see the physical address of my router: 20-aa-4b-15-00-a4.

If you have another computer on your subnet, ping it and then take a look at your ARP table again. In Figure 3, you can see the ping of another computer my subnet (192.168.1.104) and then see the ARP table with this new entry. When I pinged 192.168.1.104, my computer had to find its physical address, so it issued an ARP request and 192.168.1.104 responded with an ARP response, which my computer added into the ARP table before sending the ping.

Deliverables

1. Type ARP-A at the command prompt. What are the entries in your ARP table?

2. Suppose, that there are no entries in your ARP table. Is this a problem? Why or why not?


C:\Users\Jim Skon>arp -a

Interface: 192.168.1.133 --- 0xa
  Internet Address      Physical Address      Type
  192.168.1.1           20-aa-4b-15-00-a4     dynamic


C:\Users\Jim Skon>ping 192.168.1.104

Pinging 192.168.1.104 with 32 bytes of data:
Reply from 192.168.1.104: bytes=32 time=90ms TTL=64
Reply from 192.168.1.104: bytes=32 time=3ms TTL=64
Reply from 192.168.1.104: bytes=32 time=2ms TTL=64
Reply from 192.168.1.104: bytes=32 time=2ms TTL=64

Ping statistics for 192.168.1.104:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 2ms, Maximum = 90ms, Average = 24ms

C:\Users\Jim Skon>arp -a

Interface: 192.168.1.133 --- 0xa
  Internet Address      Physical Address      Type
  192.168.1.1           20-aa-4b-15-00-a4     dynamic
  192.168.1.104         cc-6d-a0-ba-d2-63     dynamic

C:\Users\Jim Skon>
C:\Users\Jim Skon>

Figure 3 - ARP

NSLOOKUP: Finding IP Addresses

Remember that in order to send a message to other computers on the Internet, you must know their IP addresses. Computers use DNS servers to find IP addresses. You can issue a DNS request by using the NSLOOKUP command. Type NSLOOKUP and the URL of a computer on the Internet and press enter. In Figure 4, you’ll see that www.cnn.com has several IP addresses and is also known as cnn.com

Deliverable

Find the IP address of google.com and of another website of your choice.


C:\Users\Jim Skon>nslookup www.cnn.com
Server:  UnKnown
Address:  192.168.2.1

Non-authoritative answer:
Name:    cnn-56m.gslb.vgtf.net
Addresses:  157.166.248.11
          157.166.248.10
          157.166.249.11
          157.166.249.10
Aliases:  www.cnn.com
          www.cnn.com.vgtf.net


C:\Users\Jim Skon>

Figure 4 - NSLOOPUP

DNS Cache

The IPCONFIG/DISPLAYDNS command can be used to show the contents of the DNS cache. You can experiment with this by displaying the cache, visiting a new Web site with your browser, and then displaying the cache again. Figure 5.21 shows part of the cache on my computer after visiting a number of sites. The DNS cache contains information about all the Web sites I’ve visited, either directly or indirectly (by having a Web page on one server pull a graphics file off of a different server).

For example, the second entry in this figure is ns1. cisco.com, which has an IP address of 128.107.241.185 (a 4-byte long address). The record type is one, which means this is a “host”—that is, a computer on the Internet using IPv4. Because the DNS information might change, all entries have a maximum time to live set by the DNS that provides the information (usually 24 hours); the time to live value is the time in seconds that this entry will remain in the cache until it is removed.

The very last entry in this figure is for ns1.v6. telekom.at. The record type of 28 means that this is a host that uses IPv6, which you can see from the 16-byte long address in the record (2001:890:600:d1: :100).

Deliverables

1. Display your DNS cache using the command ipconfig /displaydns.

2. How many entries are there in your cache?

3. Open your browser and visit www.ietf.org. Once the page loads, display your DNS cache again. Copy the DNS entry entry for this website.


C:\Users\Jim Skon>ipconfig /displaydns

Windows IP Configuration

    cs.mvnu.edu
    ----------------------------------------
    Record Name . . . . . : cs.mvnu.edu
    Record Type . . . . . : 5
    Time To Live  . . . . : 73921
    Data Length . . . . . : 8
    Section . . . . . . . : Answer
    CNAME Record  . . . . : taris.mvnu.edu


    cs.mvnu.edu
    ----------------------------------------
    Record Name . . . . . : cs.mvnu.edu
    Record Type . . . . . : 5
    Time To Live  . . . . : 73921
    Data Length . . . . . : 8
    Section . . . . . . . : Answer
    CNAME Record  . . . . : taris.mvnu.edu


    twiki.org
    ----------------------------------------
    Record Name . . . . . : twiki.org
    Record Type . . . . . : 1
    Time To Live  . . . . : 2267
    Data Length . . . . . : 4
    Section . . . . . . . : Answer
    A (Host) Record . . . : 66.220.11.188


    ipv6.msftncsi.com
    ----------------------------------------
    Record Name . . . . . : ipv6.msftncsi.com
    Record Type . . . . . : 5
    Time To Live  . . . . : 943
    Data Length . . . . . : 8
    Section . . . . . . . : Answer
    CNAME Record  . . . . : ipv6.msftncsi.com.edgesuite.net

Figure 5 - DNS Cache

TRACERT: Finding Routes throughthe Internet

The TRACERT command will show you the IP addresses of computers in the route from your computer to another computer on the Internet. Many networks have disabled TRACERT for security reasons, so it doesn’t always work. Type TRACERT and the URL of a computer on the Internet and press enter. In Figure 6, you’ll see the route from my computer, through the Embarq network, through the Qwest network, and then through the Google network until it reaches the server. TRACERT usually sends three packets, so beside each hop is the total time to reach that hop for each of the three packets. You’ll see that it took just about 58ms for a packet to go from my computer to Google. You’ll also see that the times aren’t always “right,” in that the first packet took 62 ms to reach the 209.85.246.36router (step 9) but only 41 ms to reach the next hop to the72.14.236.153 router (step 10). The time to each hop is measured separately, each with a different packet, so sometimes a packet is delayed longer on one hop or another.

Note: use traceroute on Mac OS.

Deliverables

1. Type tracert google.com in your comand window.

2. How many computers/hops did it take the packet to reach google?

3. What was the shortest hop (in terms of time)? Why do you think this is the shortest hop?


C:\Users\Jim Skon>tracert www.google.com

Tracing route to www.google.com [74.125.228.115]
over a maximum of 30 hops:

  1     1 ms     1 ms     1 ms  192.168.1.1
  2    20 ms     1 ms    21 ms  192.168.2.1
  3    10 ms     9 ms     9 ms  oh-71-50-56-1.dhcp.embarqhsd.net [71.50.56.1]
  4    12 ms     9 ms     9 ms  mnfd-agw1.inet.qwest.net [75.160.216.9]
  5    21 ms    21 ms    21 ms  cer-edge-18.inet.qwest.net [67.14.122.6]
  6    21 ms    21 ms    21 ms  208.47.121.146
  7    22 ms    21 ms    46 ms  209.85.255.132
  8    24 ms    21 ms    22 ms  209.85.254.240
  9    68 ms    42 ms    48 ms  209.85.246.36
 10    41 ms    58 ms    41 ms  72.14.236.153
 11    42 ms    41 ms    41 ms  72.14.238.253
 12    58 ms    90 ms    41 ms  iad23s08-in-f19.1e100.net [74.125.228.115]

Trace complete.

Figure 6 - Trace Route

Topic revision: r3 - 2014-10-09 - JimSkon
 
This site is powered by the TWiki collaboration platformCopyright &© by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback