Assignment Overview

1. ifconfig
2. arp
3. traceroute
4. netstat
5. nslookup
6. whois

Assignment Details

You will want to make extensive use of the man pages for each command.

0. ifconfig

1. Run ``ifconfig -a'' on the machine you will be using. Capture the output, and identify and explain as much of what is printed as you can. NOTE: You should be able to understand almost all of it.

2. What command should you run to determine whether the host is running DHCP or not?

1. ARP

1. How do you show the full ARP table for your machine? Capture a printout of what it is. Explain each column of what is printed.

2. If you try and use the arp command to add or delete an entry to the ARP table what happens? Why do you suppose this the case?

3. You still have the ability to modify the ARP table, just not directly. How can you affect (either add, delete, or change) entries in the ARP table? Use this mechanism to add at least two new hosts to the ARP table and include a printout.

4. How long do entries stay cached in the ARP table? Describe a trail-and-error method to discover the timeout value.

5. What will happen if two IP addresses map to the same Ethernet address? Be specific on how all hosts on the subnet operate.

2. traceroute

1. Explain in detail how traceroute works.

2. Perform a traceroute from your machine to tourism.at.ru. Include a copy of the output and explain what happened including a description of what each of the fields means.

3. Here's the challenge for this question: we want to traceroute to a non-existant machine outside of UCSB. The first problem is how do we KNOW that a particular machine does not exist? If we just pick an IP address and ping it, why is that not sufficient?

4. Determine an IP address for a machine that you know definitely does not exist. Do a traceroute to that machine. Include a copy of the result.

5. Identify a completely different (in all octets) IP address for a non-existant machine. Do a traceroute to this machine. Include a copy of this result.

6. Repeat the above exercise (but you don't have to include traceroutes to more than two machines in your writeup) enough times so you can detect a pattern about what is happening. What pattern exists and why?

3. netstat

1. What is netstat and what is it used for?

2. What parameters for netstat should you use to show all the TCP connections established? Include a printout of this list for your machine. Be sure to explain what all fields are.

3. What does netstat -r show? What are each of the fields in this output?

4. netstat can be used to display network interface status. What option of netstat does this? By using netstat, figure out the number of interfaces on your machine. In the output you will find an interface named lo0 as a loopback interface. Can you say anything about this interface, about its function?

4. nslookup

1. What is the IP address for the machine bach.cs.depaul.edu?

2. What local machine is this information coming from? Why is it coming from this machine?

3. Here is the problem: I want to find the IP address of where my email to somebody@hotmail.com goes. What you really need to do is find the ``mail exchanger'' for hotmail.com. There is an option in nslookup that tells you what the mail exchanger is for hotmail.com. Figure out the exact syntax of the format of this command, and execute it. Now what is the IP address of where my email to hotmail goes?

5. whois

HINT: You will need to use a different server than the default whois server. One to try is: whois.arin.net.

HINT: Getting whois.arin.net to return information is a challenge. Make sure you try all combinations of the network name, the host address, and the network address.

HINT: You can also do a domain search at someplace like http://www.networksolutions.com/.

1. Who is the ``coordinator'' for the network on which funnies.cs.ucsb.edu resides?

2. Who is the coordinator for the network that bach.cs.depaul.edu is on?

3. Like the hotmail example, I have another friend I send email to at AOL. Her email address is something@aol.com. What can you say about the coordinator for the AOL email network, i.e. contact info, etc? Include information about the steps you took and the results of the queries you made to figure out this information.

4. I've always been curious about what happens when I send email to president@whitehouse.gov. Run the following two commands:

   whois -h whois.arin.net 198.137.241.40
   whois -h whois.arin.net whitehouse.gov
   

   Where did I get the IP address: 198.137.241.40? What can you say about the reason that each commands returns a different set of information?

5. What machine has IP address 198.182.196.56? What machines act as the DNS nameserver for the domain that 198.182.196.56 is in?

What to Turn In

You only need to turn in a hard copy of your homework (due in class), but the assignment must be done entirely in some kind of digital format. Since I will not see the source, you can use anything you want, for example: HTML, Latex, Word, etc.

Finally, make sure to cut-and-paste the output of the commands you run when the assignment asks for it.