Transcript full
Protocol layers and Wireshark Rahul Hiran TDTS11:Computer Networks and Internet Protocols Textbook: “Computer Networking: A Top Down Approach”, by Jim Kurose and Keith Ross. Note: The slides are adapted and modified based on slides from the book’s companion Web site, as well as modified slides by Niklas Carlsson 1 What will I talk about? • Short description from lecture 1 about computer networks • Internet protocol stack • How to see what different stack layer does • Using network analysis tool called wireshark 2 What’s the Internet: Slide from lecture 1 PC millions of connected computing devices: hosts = end systems running network apps server wireless laptop cellular handheld fiber, copper, radio, satellite access points wired links router communication links Mobile network Global ISP Home network Regional ISP Institutional network routers: forward packets (chunks of data) 3 1-3 Introduction What’s a protocol? (slide from lecture 1) human protocols: “what’s the time?” “I have a question” introductions … specific msgs sent … specific actions taken when msgs received, or other events network protocols: machines rather than humans all communication activity in Internet governed by protocols protocols define format, order of msgs sent and received among network entities, and actions taken on msg transmission, receipt 4 1-4 Introduction More about protocols • There are many protocols that are involved in working of computer network • There is a internet protocol stack. A protocol normally belongs to one of the layers in the stack. • Let us look at the airline functionality 5 Layering of airline functionality ticket (purchase) ticket (complain) ticket baggage (check) baggage (claim baggage gates (load) gates (unload) gate runway (takeoff) runway (land) takeoff/landing airplane routing airplane routing airplane routing departure airport airplane routing airplane routing intermediate air-traffic control centers arrival airport Layers: each layer implements a service – via its own internal-layer actions – relying on services provided by layer below 6 Introduction 1-6 Internet protocol stack application: supporting network applications FTP, SMTP, HTTP transport: process-process data transfer TCP, UDP network: routing of datagrams from source to destination IP, routing protocols link: data transfer between neighboring network elements application transport network link physical Ethernet, 802.111 (WiFi), PPP physical: bits “on the wire” 7 Introduction 1-7 Encapsulation 8 wireshark • How can we analyze the network data? • Using tools such as wireshark • Wireshark: a network packet analyzer. A network packet analyzer will try to capture network packets and tries to display that packet data as detailed as possible. • Let us start wireshark….! 9 Start screen of wireshark 10 Make your own capture or open existing trace files 11 Graphical User Interface 12 Reduce clutter • Disable the checksum error messages from Views->Coloring rules…menu item • Enter data in the filter to show only http packets • Let us look at the example 13 After unnecessary data is removed 14 Let us look at the application level data 15 Internet protocol stack application: supporting network applications FTP, SMTP, HTTP transport: process-process data transfer TCP, UDP TCP is responsible for the establishment of a TCP connection, the sequencing and acknowledgment of packets sent, and the recovery of packets lost during transmission network: routing of datagrams from source to destination IP, routing protocols link: data transfer between neighboring network elements application transport network Link physical Ethernet, 802.111 (WiFi), PPP physical: bits “on the wire” 16 Introduction 1-16 Encapsulation 17 TCP header 18 TCP header data in our packet 19 How to look at time/sequence plot • • • • Select tcp-ethereal-trace-1 Filter by entering tcp Select TCP segment Go to statistics-> TCP streamgraph -> Timesequence graph (stevens) 20 Internet protocol stack application: supporting network applications FTP, SMTP, HTTP transport: process-process data transfer TCP, UDP network: routing of datagrams from source to destination IP, routing protocols The Internet layer is responsible for addressing, packaging, and routing functions. link: data transfer between neighboring network elements application transport network Link physical Ethernet, 802.111 (WiFi), PPP physical: bits “on the wire” 21 Introduction 1-21 Encapsulation 22 Internet layer • Let us first open ip-ethereal-trace-1 • And look at the first ICMP message • We also look at the IP protocol header format 23 IP header 24 IP header in collected traces 25 Internet protocol stack application: supporting network applications FTP, SMTP, HTTP transport: process-process data transfer TCP, UDP network: routing of datagrams from source to destination IP, routing protocols. link: data transfer between neighboring network elements application transport network Link physical Ethernet, 802.111 (WiFi), PPP physical: bits “on the wire” 26 Introduction 1-26 What’s the Internet: Slide from lecture 1 • Network layers job is end-toend movement of data from source to destination • Link layers job is node-tonode movement of networklayer datagrams over a single link in the path • Ethernet is quite popular protocol • Let us look at the header Mobile network Global ISP Home network Regional ISP Institutional network 27 1-27 Introduction Ethernet header and trailer 28 Conclusion application: supporting network applications FTP, SMTP, HTTP transport: process-process data transfer TCP, UDP network: routing of datagrams from source to destination IP, routing protocols link: data transfer between neighboring network elements application transport network link physical Ethernet, 802.111 (WiFi), PPP physical: bits “on the wire” 29 Introduction 1-29 Conclusion 30 Questions…? 31 www.liu.se 32