Add TP3

network-protocols/Makefile

@@ -1,7 +1,7 @@
 filename=$(shell basename $(shell pwd))
 timestamp=$(shell date +%Y-%m-%d_%H:%M)
 
-all: tp1 tp2
+all: tp1 tp2 tp3
 
 tp1: tp1.tex
 	@latexmk -pdf tp1.tex
@@ -17,5 +17,12 @@ tp2: tp2.tex
 		echo "Updated"; \
 	fi
 
+tp3: tp3.tex
+	@latexmk -pdf tp3.tex
+	@if ! cmp --silent build/tp3.pdf tp3.pdf; then \
+		cp build/tp3.pdf tp3.pdf; \
+		echo "Updated"; \
+	fi
+
 clean:
 	@rm -rf build 2>/dev/null

network-protocols/tp3.tex

@@ -0,0 +1,139 @@
+\documentclass[a4paper,french,12pt]{article}
+
+\title{Networks and Protocols --- Wireshark Lab 3}
+\author{Yi Yang --- Alexandre Chen --- Tunui Franken}
+
+\usepackage{../cours}
+
+\begin{document}
+
+\maketitle
+
+\section{Ethernet --- ARP}
+
+    \subsection{Capturing and analyzing Ethernet frames}
+
+        \begin{enumerate}
+
+            \item \texttt{00:d0:59:a9:3d:68}.
+
+            \item \texttt{00:06:25:da:af:73}.
+                \texttt{gaia.cs.umass.edu} is not in the same network.
+                The MAC address is that of the next hop router (gateway).
+
+            \item \texttt{0x0800}.
+                This corresponds to IPv4.
+
+            \item \texttt{0x47} (71 in decimal) starts at byte 54.
+
+            \item \texttt{00:06:25:da:af:73}.
+                It is the destination address of the GET message (next hop router).
+
+            \item \texttt{00:d0:59:a9:3d:68} (our computer).
+
+            \item \texttt{0x0800}.
+                This corresponds to IPv4.
+
+            \item The O (\texttt{0x4f}) from the HTTP response can be found at byte 13.
+
+        \end{enumerate}
+
+    \subsection{The Address Resolution Protocol}
+
+        \begin{enumerate}\setcounter{enumi}{8}
+
+            \item First column~: IPv4 address\\
+                Second column~: MAC address\\
+                Third column~: Type, ie.\ how the entry was learned
+                \begin{lstlisting}[gobble=20]
+                    IP Address      MAC Address         Type
+                    10.3.0.3        64:12:25:4a:46:c1   static
+                    10.3.101.222    f8:ac:65:b5:59:28   static
+                    10.3.0.2        00:1a:1e:07:9c:d0   dynamic
+                    10.3.0.1        00:00:0c:07:ac:0d   static
+                    10.3.0.4        f8:72:ea:ae:df:3c   static
+                \end{lstlisting}
+
+            \item src~: \texttt{00:d0:59:a9:3d:68}\\
+                dst~: \texttt{ff:ff:ff:ff:ff:ff}\\
+
+            \item \texttt{0x0806}, which corresponds to ARP\@.
+
+            \item
+                \begin{enumerate}
+                    \item Opcode \texttt{request} is at byte 20.
+                    \item The hexadecimal value is \texttt{OxOOO1} (1).
+                    \item Yes, \texttt{192.168.1.105}, so that the sender can receive a response.
+                    \item The target MAC address is set to \texttt{00:00:00:00:00:00} because it is unknown.
+                \end{enumerate}
+
+            \item
+                \begin{enumerate}
+                    \item Opcode \texttt{reply} is at byte 20.
+                    \item The hexadecimal value is \texttt{OxOOO2} (2).
+                    \item The answer appears as Sender MAC address~: \texttt{00:06:25:da:af:73}, corresponding to IPv4 address \texttt{192.168.1.1}.
+                \end{enumerate}
+
+            \item src~: \texttt{00:06:25:da:af:73}\\
+                dst~: \texttt{00:d0:59:a9:3d:68}\\
+
+            \item Maybe no host in the network has the queried IP address (\texttt{192.168.1.117}).
+
+        \end{enumerate}
+
+\section{ICMP}
+
+    \subsection{ICMP and Ping}
+
+        \begin{enumerate}
+
+            \item src~: \texttt{192.168.1.101} \\
+                dst~: \texttt{143.89.14.34}
+
+            \item Although it resides on the Transport layer, ICMP does not use UDP nor TCP\@.
+                ICMP does not use ports.
+
+            \item Type~: 8 --- Echo (ping) request \\
+                Code~: 0.
+
+                The other fields are~: \\
+                Checksum~: 2 bytes \\
+                Identifier~: 2 bytes \\
+                Sequence Number~: 2 bytes \\
+                Data.
+
+            \item Type~: 0 --- Echo (ping) reply \\
+                Code~: 0.
+
+                The other fields are~: \\
+                Checksum~: 2 bytes \\
+                Identifier~: 2 bytes \\
+                Sequence Number~: 2 bytes \\
+                Data.
+
+        \end{enumerate}
+
+    \subsection{ICMP and Traceroute}
+
+        \begin{enumerate}\setcounter{enumi}{4}
+
+            \item src~: \texttt{192.168.1.101} \\
+                dst~: \texttt{138.96.146.2}
+
+            \item The number for UDP protocol would be 17 (\texttt{0x11}).
+
+            \item The echo request is the same is for the first half of this lab.
+
+            \item The error ICMP packet has an additional \texttt{Unused} field.
+                It also includes part of the Echo request that this error is for.
+
+            \item These packets are not error messages, but normal ICMP replies (Type 0 instead of Type 11).
+                The error messages had exceeded TTL values.
+                This indicates that the ping made it to the destination.
+
+            \item The delayed link seems to be NYC --- Pastourelle (n. 9 to n. 10).
+                This is a link the crosses the Atlantic ocean.
+
+        \end{enumerate}
+
+\end{document}