\documentclass{ictlab} % Copyright (c) 2003 by Nick Urbanik . % This material may be distributed only subject to the terms and % conditions set forth in the Open Publication License, v1.0 or later % (the latest version is presently available at % http://www.opencontent.org/openpub/). \RCS $Revision: 1.6 $ \usepackage{verbatim,key,alltt,amstext,amsmath,answer2} \usepackage[hang,bf,nooneline]{caption2} \ifx\pdftexversion\undefined \else \usepackage[pdfpagemode=None,pdfauthor={Nick Urbanik}]{hyperref} \fi %\renewcommand*{\subject}{Workshop Series} \newcommand*{\labTitle}{% Network Troubleshooting Tools} \providecommand*{\BGP}{\acro{BGP}\xspace} \providecommand*{\IOS}{\acro{IOS}\xspace} \providecommand*{\KDE}{\acro{KDE}\xspace} \providecommand*{\VTI}{\acro{VTI}\xspace} \begin{document} % \Large \section{Background} \label{sec:background} In the lecture we have looked at various techniques for using common tools to make measurements of network conditions. Here we get some practice with some of these techniques. \section{Procedure} \label{sec:procedure} \subsection{Measuring throughput with \texttt{ttcp}, \texttt{ping}} \label{sec:throughput} \begin{enumerate} \item Choose a partner. \item Use the \texttt{ttcp} program to measure throughput between your machines. Take several measurements. Take turns in being the client (\texttt{ttcp -r -s}) and server (\texttt{ttcp -t -s \meta{ip-address}}). Remember to start the client first. \texttt{ttcp} gives throughput in bytes per second. Record the throughput measurements here in bits per second, indicating whether you were the client or server. \mbox{}% \marginpar% [{ \raggedright% \protect% \makebox[50pt][r]% {% \protect\writeSymbol% }% }]% {% \raggedright% \protect% \makebox[50pt][r]% {% \protect\writeSymbol% }% }% \fbox{% \begin{minipage}[t][1.6cm]{\linewidth-2\fboxrule-2\fboxsep} \mbox{}\s{% } \end{minipage}% } \item Ping your partner with two different sized packets. Do this a number of times. Calculate the throughput between your machines. \begin{align*} TP &= 16 \times \frac{P_l - P_s}{t_{l} - t_{s}} \quad \text{bits per second} \intertext{where:} P_l &= \text{\textbf{l}arge packet size}\\ P_s &= \text{\textbf{s}mall packet size}\\ t_{l} &= \text{ping time for \textbf{l}arger packet}\\ t_{s} &= \text{ping time for \textbf{s}maller packet}\\ \end{align*} Do your calculations here:\\ \mbox{}% \marginpar% [{ \raggedright% \protect% \makebox[50pt][r]% {% \protect\writeSymbol% }% }]% {% \raggedright% \protect% \makebox[50pt][r]% {% \protect\writeSymbol% }% }% \fbox{% \begin{minipage}[t][4cm]{\linewidth-2\fboxrule-2\fboxsep} \mbox{}\s{% } \end{minipage}% } How does this compare with your measurements using \texttt{ttcp}? Explain discrepancies. Try big packets: \texttt{ping -s 8872 gw} \item Use the method described in the lectures (using \texttt{ping}) to measure the bandwidth between the gateway and \texttt{nickpc.tyict.vtc.edu.hk}. The formula is: \begin{align*} TP &= 16 \times \frac{P_l - P_s}{t_{2l} - t_{2s} - t_{1l} + t_{1s}} \quad \text{bits per second} \intertext{where:} P_l &= \text{\textbf{\emph{l}}arge packet size}\\ P_s &= \text{\textbf{\emph{s}}mall packet size}\\ t_{1l} &= \text{ping time for \textbf{\emph{l}}arger packet to the near link}\\ t_{1s} &= \text{ping time for \textbf{\emph{s}}maller packet to the near link}\\ t_{2l} &= \text{ping time for \textbf{\emph{l}}arger packet to the far link}\\ t_{2s} &= \text{ping time for \textbf{\emph{s}}maller packet to the far link}\\ \end{align*} \enlargethispage{6pt} \vspace*{-4ex} Do your calculations here: \mbox{}% \marginpar% [{ \raggedright% \protect% \makebox[50pt][r]% {% \protect\writeSymbol% }% }]% {% \raggedright% \protect% \makebox[50pt][r]% {% \protect\writeSymbol% }% }% \fbox{% \begin{minipage}[t][10cm]{\linewidth-2\fboxrule-2\fboxsep} \mbox{}\s{% } \end{minipage}% } \item Compare the ping times to the gateway and to \texttt{nickpc}. Do they surprise you? Explain what you see. \end{enumerate} \subsection{Ethereal and DHCP} \label{sec:ethereal-dhcp} \begin{figure}[htb] \centering% %\includegraphics[scale=0.5]{dhcp-client-state-diagram-cropped} \includegraphics[width=0.82\linewidth]{dhcp-client-state-diagram} \caption{A state diagram showing states of a \DHCP client. Note that $T$ is the lease time, $T\mathit{1} = \frac{T}{2}$, $T\mathit{2} = \frac{7T}{8}$. See also table~\vref{tab:dhcp-messages} from the \DHCP \RFC 2131 (available in full at \texttt{/home\allowbreak/nfs\allowbreak/ietf\allowbreak /rcf\allowbreak/rfc2131\allowbreak.txt}), which sumarises \DHCP messages.} \label{fig:dhcp-client-state-diagram} \end{figure} \begin{enumerate} \item Start up \texttt{ethereal}: \begin{alltt} $ \textbf{ethereal &} \end{alltt}%$ %% \begin{alltt} %% $ \textbf{sudo -v} %% $ \textbf{sudo ethereal &} %% \end{alltt} %\vspace{-2ex} \item Choose \textsf{Capture} $\to$ \textsf{Start} \item For the Filter, enter: \texttt{port 67 or port 68} \item Select (turn \emph{on}) the check box item \textsf{Update list of packets in real time}, but make sure that the item \textsf{Enable network name resolution} is turned \emph{off}. \item Click on \key{\textsf{OK}}, and wait until you have captured at least 20 packets, preferably more. \item Examine the exchanges between the \DHCP servers and clients. Expand the {\setlength{\fboxsep}{0pt}\fbox{\texttt{+}}} for the \emph{Bootstrap Protocol}. Note that the \emph{transaction ID} is the same for a \DHCP session between client and server. \item Figure~\vref{fig:dhcp-client-state-diagram} shows the states that a \DHCP client passes through. Examine this together with the data from \texttt{ethereal}. \item List the \IP addresses of \DHCP server(s). See table~\vref{tab:dhcp-messages} for the messages that come from servers.\answerbox{172.19.64.52, may be others} \item List the \IP addresses of some clients that were successfully given an address: \mbox{}% \marginpar% [{ \raggedright% \protect% \makebox[50pt][r]% {% \protect\writeSymbol% }% }]% {% \raggedright% \protect% \makebox[50pt][r]% {% \protect\writeSymbol% }% }% \fbox{% \begin{minipage}[t][2cm]{\linewidth-2\fboxrule-2\fboxsep} \mbox{}\s{% } \end{minipage}% } \item Which port do clients use? \answerbox{port 68} \item Which port do servers use? \answerbox{port 67} \item What is the lease time? (Examine the \texttt{Bootp Flags} in the \texttt{DHCPACK} message)\\ \answerbox{2 hours} \item Can you see any unauthorised \DHCP servers? (These will be any server that is not \texttt{ictlab}!) \answerbox{} \item Identify a path through the state diagram in figure~\vref{fig:dhcp-client-state-diagram} that you can see from your \texttt{ethereal} data. You can recognise a session by its \emph{transaction ID}. Examine the \emph{Bootstrap Protocol} section in the middle pane of the \texttt{ethereal} window. \mbox{}% \marginpar% [{ \raggedright% \protect% \makebox[50pt][r]% {% \protect\writeSymbol% }% }]% {% \raggedright% \protect% \makebox[50pt][r]% {% \protect\writeSymbol% }% }% \fbox{% \begin{minipage}[t][2.4cm]{\linewidth-2\fboxrule-2\fboxsep} \mbox{}\s{% } \end{minipage}% } \item List the \IP addresses of any clients that were denied a requested address; can you see why? \mbox{}% \marginpar% [{ \raggedright% \protect% \makebox[50pt][r]% {% \protect\writeSymbol% }% }]% {% \raggedright% \protect% \makebox[50pt][r]% {% \protect\writeSymbol% }% }% \fbox{% \begin{minipage}[t][1.5cm]{\linewidth-2\fboxrule-2\fboxsep} \mbox{}% \s{% } \end{minipage}% } \bigskip \begin{table}[htb] \begin{tabularx}{\linewidth}[t]{@{}>{\ttfamily}l@{\hspace{2ex}---\hspace{2ex}}X@{}} \toprule% \multicolumn{1}{@{}l}{\textbf{Message}} & \textbf{Use}\\ \midrule% DHCPDISCOVER & Client broadcast to locate available servers.\\ % DHCPOFFER & Server to client in response to \texttt{DHCPDISCOVER} with offer of configuration parameters.\\ % DHCPREQUEST & Client message to servers either (a) requesting offered parameters from one server and implicitly declining offers from all others, (b) confirming correctness of previously allocated address after, e.g., system reboot, or (c) extending the lease on a particular network address.\\ % DHCPACK & Server to client with configuration parameters, including committed network address.\\ % DHCPNAK & Server to client indicating client's notion of network address is incorrect (e.g., client has moved to new subnet) or client's lease as expired\\ % DHCPDECLINE & Client to server indicating network address is already in use.\\ % DHCPRELEASE & Client to server relinquishing network address and cancelling remaining lease.\\ % DHCPINFORM & Client to server, asking only for local configuration parameters; client already has externally configured network address.\\ \bottomrule% \end{tabularx} \caption{DHCP Messages: this is ``table 2'' from \RFC 2131; the \RFC is available in full from \texttt{ictlab} at \texttt{/home\allowbreak /nfs\allowbreak /ietf\allowbreak/rcf\allowbreak/rfc2131\allowbreak.txt}.} \label{tab:dhcp-messages} \end{table} \end{enumerate} \end{document}