Personal information:
Name: Zhong Jianmin
Class: calculated 1814
Student ID: 201821121101
table of Contents
1. The experiment
Familiar with Packet Tracer tool. Analysis caught application layer protocol packets, application layer protocol-depth understanding, including syntax, semantics, timing.
2. Experimental content
Use Packet Tracer, properly configured network parameter, packet data capture and analysis application layer protocol, the protocol comprising DNS, FTP, DHCP, stmp, pop3. Steps include:
- Establish a network topology
- Configuration parameters
- Ethereal
- Analysis of the data packet
3. The test report
-
DNS
1. The establishment of the network topology
2. With reference:
With DNS
Packet capture and analysis package:
Request packet:
NAME: domain name is the response packet corresponding to the DNS request packet to be parsed
TYPE is query type: usually 0x0001, representation is parsed from the IP host address
CLASS query class: usually 0x0001, express class IN
TTL survival time: Indicates how long other DNS servers cache before it expires to give up the record information. 86400 represents the time of day;
Length: the length of the resource data;
Reply message:
DNS domain name server returns the IP address is 192.168.1.2
-
FTP
pc-command:
Packet capture and analysis:
Response message:
It indicates that the server is ready
There the user, a password is required
User login success.
-
DHCP
Ethereal and the results show:
Request packet:
op for the types of packets: request packet is 1;
HW TYPE: Hardware address type, the Ethernet is a 10Mb / s hardware address
HW LEN: Hardware address length, the value in the Ethernet 6
HOPS: hops. The client is set to 0, it can also be a proxy server settings.
Transaction ID: transaction ID, a random number, there is generated a client, the server Reply, Request will be copied to the Transaction Reply message
SECS: after the start of representation to obtain an IP address or IP address used by the client to renew from a number of seconds
FLAGS: 0x00000000000000000000000000008000 flag, there are currently only use the first bit set to 1 indicate the radio, set to 0 indicate unicast
CLIENT ADDRESS: IP address of the client;
YOUR CLIENT ADDRESS: 192.168.1.3 "your own" or the client's IP address;
SERVER ADDRESS: 192.168.1.2 IP address indicates that the next stage of the process to use DHCP protocol servers
RELAY AGENT ADDRESS: IP address 0.0.0.0 repeater;
CLIENT HARDWARE ADDRESS: 00D0.588C.89B9 client's hardware address;
SERVER HOSTNAME (64 BYTES): Optional server host name;
FILE (128 BYTES): boot file name;
OPTIONS (312 BYTES): Optional parameters field;
OP: 0x3d 61 is converted to decimal, that the client identifier;
LEN: 0x3d 61 also indicates the data length;
Response message:
-
pop3 and smtp
With parameters:
server side:
pc-transmission information:
Capture and analyze packets:
analysis:
SOURCE PORT: 25 is the port number of the server
DESTINATION PORT: 1027 Client port;
SEQUENCE NUMBER: 1 relative to SEQ ID NO, the relative sequence numbers of the data packet is 1;
ACKNOWLEDGEMENT NUMBER: 1 32-bit acknowledge sequence number value equal to 1 indicates that the packet received and validated;
WINDOW: TCP flow control is provided by each end of the connection through the window size of the statement, 16384 represents a window size of 16384 bytes
SMTP Data represents the negotiation is successful, starts sending messages;
problem:
Why do I need DNS agreement?
Because the network layer of the package must be ip address, some do address the rules, can only be accessed through the domain name, ip address can not be resolved.