99210041950

Register No: 99210041950

Name: P. KARTHIK

Class/Section: 8507/S29

Ex. No: 8b

Name of the Distance vector routing protocol

Experiment:

1. Device Requirements:

1. PT-Router’s -3
2. Switch 2960-3
3. PC’s – 3
4. Ethernet cables

2. Network Diagram for your experiment (draw the diagram either hand drawing/MS
Paint or any other drawing tools)

3.Network Diagram (packet tracer diagram before configuration):

 99210041950
Register No: 99210041950

Name P. KARTHIK

Class/Section 8507/S29/SLOT-5

Ex.No: 10

Name of the
Experiment Capture and Analyse TCP and IP packets

Objective(s):

To capture and analyse TCP and IP packet using Wireshark.

Introduction: In this lab, we'll explore several aspects of the HTTP protocol: the basic GET/response
interaction, HTTP message formats, retrieving large HTML files, retrieving HTML files with embedded
objects, and HTΤΡ authentication and security. The Basic HTTP GET/response interaction

Let's begin our exploration of HTTP by downloading a very simple HTML file one that is very short,
and contains no embedded objects. Do the following:
• Start up your web browser.
• Start up the Wireshark packet sniffer, as described in the Introductory lab (but don't yet begin
packet capture). Enter "http" (just the letters, not the quotation marks) in the display-
filterspecification window, so that only captured HTTP messages will be displayed later in the
packetlisting window. (We're only interested in the HTTP protocol here, and don't want to see the
clutter of all captured packets).
• Wait a bit more than one minute (we'll see why shortly), and then begin Wireshark packet
capture.
• Enter the following to your browser http://wireshark.grydeske.net/file1.html Your browser should
display the very simple, one-line HTML file.
• Stop Wireshark packet capture.
• Your Wireshark window should look similar to the window shown below.

Figure 1: Wireshark after HTTP Get request

• The example in Figure 1 shows in the packet-listing window that four HTTP messages were
captured: the GET message (from your browser to the wireshark.grydeske.net server) and the
response message from the server to your browser, and a request for the favicon.ico that is not
available - please just ignore this pair.
• The packet-contents window shows details of the selected message (in this case the HTTP GET
request, which is highlighted in the packet-listing window). Recall that since the HTTP message
was carried inside a TCP segment, which was carried inside an IP datagram, which was carried
within an Ethernet frame, Wireshark displays the Frame, Ethernet, IP, and TCP packet
information as well. We want to minimize the amount of non-HTTP data displayed (we're
 99210041950

Register No: 99210041950

Name P. KARTHIK

Class/Section 8507/S29/SLOT-5

Ex.No: 11

Name of the
Experiment Capture and Analysing TCP 3 way handshake

Objective(s):

To capture and analyse TCP 3-way handshake packet using Wireshark.

Introduction:

TCP or Transmission Control Protocol is one of the most important protocols or standards for enabling
communication possible amongst devices present over a particular network. It has algorithms that
solve complex errors arising in packet communications, i.e. corrupted packets, invalid packets,
duplicates, etc. Since it is used with IP(Internet Protocol), many times it is also referred to as TCP/IP.
In order to start a communication, the TCP first establishes a connection using the threeway-
handshake. TCP’s efficiency over other protocols lies in its error detecting and correction attribute.
Not only this, it organizes packets and segments larger data into a number of packets without
disrupting the integrity of the data.

So now we are a bit familiar with TCP, let’s look at how we can analyze TCP using Wireshark, which is
the most
widely used protocol analyzer in the world.

Here you will have the list of TCP packets. The first three packets of this list are part of the three-way
handshake mechanism of TCP to establish a connection. Let’s get a basic knowledge of this mechanism
which happens in the following 3 steps:

• A synchronization packet (SYN) is sent by your local host IP to the server it desires to connect to.
• The server reciprocates by sending an acknowledgment packet (ACK) to the local host signaling that it has
received the SYN request of the host IP to connect and also sends a synchronization packet (SYN) to the local
host to confirm the connection. So this one is basically an SYN+ACK packet.
• The host answers this request by sending the ACK on receiving the SYN of the server.

Visit any one website by opening a browser fill your machine details (attach relevant screenshots) 1. .
Parameter Value
Your Machine IP Address. 10.2.0.118
Your Machine MAC Address D4-D8-53-E6-49-7A
Default Gateway address 10.2.0.1
Website URL www.msftconnecttest.com
Website IP Address 23.34.81.114
 99210041950
Register No: 99210041950

Name P. KARTHIK

Class/Section 8507/S29/SLOT-5

Ex.No: 12

Name of the
Experiment Capture and Analyse HTTP packets

Objective(s):

To capture and analyse TCP and IP packet using Wireshark.

Introduction:
Full form of HTTP is HyperText Transfer Protocol. HTTP is an application layer protocol in ISO or TCP/IP
model. See below picture to find out HTTP which resides under application layer.

HTTP is used by the World Wide Web (w.w.w) and it defines how messages are formatted and transmitted by
browser. So HTTP define rules what action should be taken when a browser receives HTTP command.
And also HTTP defines rules for transmitting HTTP command to get data from server.

For example, when you enter a url in browser (Internet explorer, Chrome, Firefox, Safari etc) it actually sends
an HTTP command to server. And server replies with appropriate command.
HTTP Methods:
There are some set of methods for HTTP/1.1 (This is HTTP version)
GET, HEAD, POST, PUT, DELETE, CONNECT, OPTION and
TRACE.
We will not go in details of each method instead we will get to know about the methods which are seen quite
often. Such as
GET: GET request asks data from web server. This is a main method used document retrival. We will see one
practical example of this method.
POST: POST method is used when it’s required to send some data to server.

HTTP is Wiresahark:
Let’s try something practical to understand how HTTP works ?
So in this example we will download “alice.txt” (Data file present in server) from “gaia.cs.umass.edu” server.
Setps:
1. Open any URL http://gaia.cs.umass.edu/wireshark-labs/alice.txt
 99210041950

Register No: 99210041950

Name P. KARTHIK

Class/Section 8507/S29/SLOT-5

Ex.No: 14

Name of the
Experiment Capture and Analyse DNS packet

Objective(s):

To capture and analyse DNS Query Response packet using Wireshark.

Introduction: What
is DNS?

The Domain Name System (DNS) is a hierarchical and decentralized naming system for computers, services,
or other resources connected to the internet or a private network.

To do DNS analysis in Wireshark, the nslookup command must be used.

What is nslookup?
nslookup is a network administration command-line tool available in many computer operating system for
querying the Domain Name System (DNS) to obtain a domain name or IP address mapping, or other DNS
records.
Now that we have learned the meanings of these terms, let’s examine the analysis steps in Wireshark.
• To analyze it, I first ran the nslookup command for wireshark.org in the terminal and viewed the site’s IP
address and non-authoritative replies with the nslookup command.
nslookup wireshark.org

• Then when I ran the Wireshark traffic capture application and applied the DNS filter, the traffic I made in
the terminal was displayed as follows.
When I looked at the first query, a small screen with information about the query appeared. The first feature
here is below the link layer, the second and third is below the network layer, the fourth is below the transport
layer, and the last feature is below the application layer.

• When I came to response and when I opened the section that says domain name system, I saw sub- features
named transaction id, flags and answers.