CS 61C (Fall 2007)

Lab Assignment 14



Goals

The purpose of this lab is to give you an idea of how the nodes of the Internet are connected and what the typical delays are as a message (packet) goes from source to destination. You are also introduced to network protocols and how they relate to the contents of transmitted packets.

You will start by familiarizing yourself with two network measurement tools, ping and traceroute (both of these were initially written in Berkeley!). You will then use these tools to understand the network hierarchy of the campus network.

In the second part of the lab, you will use an open-source network analyzer named wirebreak to explore previously generated traces of network traffic.

Reading

man pages for ping and traceroute.

Setup

Work with a partner on these exercises.

Background: Internet Datacenters

A diagram of the datacenters on the Internet is online here. Each of the datacenters contains a gateway or router that transmits portions of a network communication to another datacenter and eventually to its destination. The portions of network communication are called packets. The diagram below illustrates the communication process.

The Internet is really a network of networks of networks ... Each level can differ in its bandwidth, communication protocols (procedures for exchanging information), and physical media (wires, fiber optics, or wireless devices). Each Internet node is identified by a four-byte IP address of the form n1.n2.n3.n4, where the first part of the word identifies a network and the remainder of the word identifies a host computer within that network.

Background: The Lab Machines

All of the sun-ray stations in 271 Soda are actually dumb terminals. They transmit network packets containing your keystrokes to nova.cs.berkeley.edu and display the graphics which nova sends to them. One consequence of this is that all of the programs you run in this lab are really running on nova, not on the little box next to your monitor.

Exercise 1a (1/2 point)

ping is a program that sends an echo request packet once a second to a target computer. Upon receiving the echo request packet (also called a ping packet), the target computer returns the packet to the sender. ping displays information about the packet sent and how long it took to receive the packet. This length of time is called the round trip time (RTT) and is representative of network latency.

To experiment with ping, start by pinging the computer you're logged in on. Do this by giving the command

    ping -s computer_name 56 5

This will give you a baseline with which to compare subsequent experiments. The "-s" says to send one ping request per second to the given site; the final 5 tells ping to send five packets before stopping and giving its summary. For more details about the various command line options, read the man pages (man ping).

Then try pinging other sites within EECS and within the campus, for example:

    cory.eecs.berkeley.edu
    ilinux1.eecs.berkeley.edu
    socrates.berkeley.edu
    registrar.berkeley.edu
    reshall.berkeley.edu
    library.berkeley.edu

The output from ping should provide evidence of the extra network segments, and thus longer network latencies, needed to access the non-EECS computers.

The high-level map of the North American segment of the Internet is available online, as noted above. In particular, the map lists link capacities between hubs: a brown line is a 2.5 gigabyte per second link, a thin blue line is a 2 megabyte per second link, and so on. Gather evidence that the map describes the links correctly (capacity and endpoint nodes), by comparing the ping output for sites along links of varying capacity and connectivity. A good way to find sites is to use your favorite search engine to look up "university" and a city or country name; for example, the query "university portland" reveals sites www.pdx.edu and www.ohsu.edu, and "university tokyo" suggests www.u-tokyo.ac.jp (along with a number of other links for which ping can't return a result). For checkoff, show your TA a few runs of ping that corroborate aspects of the diagram.

Exercise 1b (1/2 point)

Typically, on a local area network (LAN), every machine can directly contact every other machine. A larger network like the Internet is composed of many smaller networks, and it would be impossible for every machine to know how to reach every other machine. In order to connect two networks together, one might dedicate a computer (called a gateway or router) to routing traffic from one network to another. Suppose that a computer on the network A wanted to send a packet to a computer on the network B. Rather than storing the routing information for the network B, the computer on the network A would simply forward the packet to the gateway/router, and the gateway/router would forward it to its destination.

traceroute is a program that displays the routers between your computer and a destination computer (the argument for the traceroute command, e.g. traceroute www.mit.edu). Use traceroute on sites you've ping'ed outside Berkeley and see how the route varies. In particular, find out in general how many hops (network node visits, the first of which is your computer, the last of which is the destination and the ones in the middle are the routers) it takes to get out of the U.C. Berkeley campus, and show that to your TA for checkoff.

Note that traceroute may start displaying lines with * in them at some point.  If it displays a few of these lines, it is likely that either the host your are trying to traceroute to is uncreachable (offline) or some gateway/router is blocking the traceroute.  Either way you should type <Control>-C to end the traceroute, because it will probably not complete.

Exercise 2 (1 checkoff point)

You can also use traceroute to find information about the Berkeley network hierarchy. Run traceroute to the sites in the list below to answer the following questions:

Answer all the above questions for checkoff.

Background: network traces

The directory ~cs61c/files/lab/14/ contains four trace files (trace.1, trace.2, www.trace, and smtp.trace) of network traffic generated by the wireshark network analyzer, as shown in lecture last Friday. After copying these files to your directory, you can examine them by typing

    wireshark trace_file

(If you're close to your disk quota, be careful; three of the files are over 100K in size.) Exploration will reveal some interesting characteristics of network traffic.

As a side note, wireshark is one of the most powerful network analysis tools availible. We encourage you to make use of it outside of this class, in particular when your network connection is broken, or a certain network application cannot connect. Be warned however, that it can provide too much information, and wireshark alone cannot normally sniff (see) the packets sent by other computers on a wireless network. If you have your laptop in lab, consider running some of your own experiments..

Exercise 3 (2 checkoff points)

Answer the following questions for checkoff.