Search for question
Question

Traceroute Background: The Traceroute program sends a series of probes from a source to a destination. In each iteration the probes get closer to the destination until finally, in the final

iteration, the destination is reached. Traceroute's iterations operate in this way: • It first sends one or more (usually 3) datagrams (probes) with the time-to-live (TTL) field in the IP header set to 1. This causes the probe to stop at the first router, which returns an ICMP message (type 11- TTL-exceeded) to the source host. • It then sends one or more datagrams towards the same destination with a TTL value of 2. This causes the probe to stop at the second router on the path to the destination and again an ICMP message (type 11- TTL-exceeded) is returned to the source host. • It then sends one or more datagrams datagrams towards the same destination with a TTL value of 3 and so on... until the final destination is reached. Recall that every router on the path decrements the TTL in the received datagram's header by 1 (actually, RFC 791 says that the router must decrement the TTL by at least one). Upon receiving a packet with a TTL=0, all routers returns an ICMP message (type 11 - TTL-exceeded) to the sending host. Important to note: Traceroute can operate by sending probes using either the UDP protocol or by using ICMP Echo Request messages. You will investigate using Wireshark to determine which method is being used in your traces. As a result of this behavior, a datagram with a TTL of 1 (sent by the host executing traceroute) will only travel one hop and the router one hop away from the sender will send an ICMP TTL-exceeded message back to the sender, the datagram sent with a TTL of 2 will cause the router two hops away to send an ICMP message back to the sender; the datagram sent with a TTL of 3 will cause the router three hops away to send an ICMP message back to the sender; and so on... In this manner, the host executing traceroute can learn the IP addresses of the routers between itself and the destination by looking at the source IP addresses in the datagrams containing the ICMP TTL-exceeded messages. The Traceroute program nicely displays that information for you in its output. In this lab you will use Wireshark to observe Traceroute's probes sent by the sender and the TTL-Expired messages returned by the receiving router (or the final destination)! You will identify the probes with the increasing TTL values and the corresponding TTL-exceeded ICMP messages that are returned in response. [50 pts] Traceroute Exercises - All exercises are to be run on the Mininet Virtual Machine (either installed on your own computer or in the lab). Traces run from other environments cannot be graded. For all the questions below that require a screenshot, make sure that a timestamp with the date is visible. No credit if a requested timestamp is not provided. Installing Traceroute: Traceroute might not be installed on the VM. To install it, use the command: "sudo apt-get install traceroute"/n

Fig: 1

Fig: 2