- Name: Xie Lingling
- Student ID: 201821121094
- Class: calculated 1814
1 Purpose
Familiar with Packet Tracer tool. Analysis caught application layer protocol packets, application layer protocol-depth understanding, including syntax, semantics, timing.
2 experimental content
Use Packet Tracer, properly configured network parameter, packet data capture and analysis application layer protocol, the protocol comprising DNS, FTP, DHCP, stmp, pop3. Steps include:
- Establish a network topology
- Configuration parameters
- Ethereal
- Analysis of the data packet
3. The test report
Establish a network topology
Consists of a PC and the server
3.1 DNS
( 1 ) Configuration Parameters
IP address of the client: 192.168.1.94
IP address of the server: 192.168.1.95
Set the domain name
( 2 ) capture and analyze packets captured
Access domain
Analysis of data packets captured
DNS Query: request packets
DNS Answer: response message
NAME: domain name, or 2-byte fixed length
TYPE: query type; 4 here, you can also have a "1" to obtain IPV4 address from the domain name, or "2" indicates that the query domain name server
CLASS: Query class, usually 1, indicating that Internet data
TTL: (Time to live) survival time
3.2 FTP
( 1 ) Configuration Parameters
Server FTP protocol is set to on, and has an initial user name and password, you can directly use
( 2 ) capture and analyze packets captured
Open the Command Prompt in the PC Desktop, enter ftp192.168.1.95 , and then enter the user name and password
Analysis of data packets captured
Code: 220 indicates that the service is ready
User sends the message containing the user name
User sends the message contains password
login successful
3.3 DHCP
( 1 ) Configuration Parameters
Open the DHCP server
Open the IP Configuration PC side, changed the Static DHCP
( 2 ) capture and analyze packets captured
Request packet
OP: packet type, 1 represents a request packet, response packet represents 2;
HW TYPE: Hardware address type, the Ethernet is a 10Mb / s hardware address;
HW LEN: Hardware address length, the Ethernet is 6;
HOPS: hops. The client is set to 0, a proxy can also be provided;
SECS: filled by the client, indicating the start to obtain the IP address or IP address is used to renew the number of seconds from the client;
FLAGS: Flags field. This 16-bit field, only the leftmost one bit is useful, this bit is 0, showing dissemination server unicast packet to the Client, 1 indicates a broadcast manner propagated to Client;
YOUR CLICENT ADDRESS: 192.168.1.1; expressed as a PC assigned IP address of 192.168.1.1;
SERVER ADDRESS: 192.168.1.95; means that the server's IP address is 192.168.1.95
RELAY AGENT ADDRESS: 0.0.0.0; IP address of the DHCP relay. // Note: The definition is not the gateway address pool
CLIENT HARDWARE ADDRESS: 0060.3E04.635D; client hardware address;
SERVE HOSTNAME; Optional server host name, the field is a null-terminated string, filled in by the server;
FILE: boot file name, an empty string is ending;
OPYIONS: optional parameter field, the format of "+ length + Code Data";
DOMAIN NAME SERVER: 192.168.1.95; domain name server;
3.4 smtp and pop3
( 1 ) Configuration Parameters
Set up two accounts and password, a user name and password xie, another user name and password for ling
Open DNS, set the domain name
Login User xie, send an email to ling
Edit Message
Sent successfully
Login user ling receive mail
Successfully received
( 2 ) capture and analyze packets captured
Mail transfer process messages:
1, the connection is established
SMTP servers and SMTP client must first establish a TCP connection to
the domain name from the client 1. using well-known port number 25 to establish a TCP connection with the server, the SMTP server reply code sent back to the client 220, and further to provide a client server
2. the client receives a response code, send HELO command to start an SMTP session between the client and the server. The HELO sent by the client to the server to provide the identification information of the client
3. The server response response code 250, notify clients: Mail service requests to establish a session has been achieved
2, packet transmission
After the connection between the SMTP client and the SMTP server is established, users can exchange letters with one or more recipients of the e-mail message.
1. The client reports to the server with the domain name Your email
response to the response code "250" represents the complete request command 2. server to the client
3. The client reports to the server the recipient's mailbox and domain name
in response to the response code to the client 4. The server "250 ", representing the completion request command
5. customers with" DTAT "command to initialize the packet transmission
6. the server response" 354 "to indicate the message may be inputted
content 7. the customer packet transmission to the server with a continuous line, two rows of characters per line end flag (CR and LF) terminates. Message to only one. "" The end of line
8. response server response code "250" to the customer, on behalf of the request command completion