CS 176B -- Network Computing
Homework Assignment #4
Due in class on Tuesday, March 12, 2002
Assignment Overview
In this assignment, you will explore the various tools that an end user
can use to discover how a machine is connected to the network and what
the network looks like beyond the first hop. You investigation
will use the following six tools:
- ifconfig
- arp
- traceroute
- netstat
- nslookup
- whois
Assignment Details
All of these tools should be available on any machine running a UNIX-based
operating system, i.e. the machines in CSIL. However, unlike the other
assignments, you can do this assignment from any machine that has all
of these commands available.
You will want to make extensive use of the man pages for
each command.
0. ifconfig
- Run ``ifconfig -a'' on the machine you will be using. Capture the
output, and identify and explain as much of what is printed as you can.
NOTE: You should be able to understand almost all of it.
- What command should you run to determine whether the host is running
DHCP or not?
1. ARP
- How do you show the full ARP table for your machine? Capture
a printout of what it is. Explain each column of what is printed.
- If you try and use the arp command to add or delete an entry to the
ARP table what happens? Why do you suppose this the case?
- You still have the ability to modify the ARP table, just not directly.
How can you affect (either add, delete, or change) entries in the ARP table?
Use this mechanism to add at least two new hosts to the ARP table and include
a printout.
- How long do entries stay cached in the ARP table? Describe a
trail-and-error method to discover the timeout value.
- What will happen if two IP addresses map to the same Ethernet address?
Be specific on how all hosts on the subnet operate.
2. traceroute
- Explain in detail how traceroute works.
- Perform a traceroute from your machine to tourism.at.ru. Include a copy
of the output and explain what happened including a description of what
each of the fields means.
- Here's the challenge for this question: we want to traceroute to a
non-existant machine outside
of UCSB. The first problem is how do we KNOW that a particular machine does
not exist? If we just pick an IP address and ping it, why is that
not sufficient?
- Determine an IP address for a machine that you know definitely does not exist.
Do a traceroute to that machine. Include a copy of the result.
- Identify a completely different (in all octets) IP address for a non-existant
machine. Do a traceroute to this machine. Include a copy of this result.
- Repeat the above exercise (but you don't have to include traceroutes to
more than two machines in your writeup) enough times so you can detect a
pattern about what is happening. What pattern exists and why?
3. netstat
- What is netstat and what is it used for?
- What parameters for netstat should you use to show all the TCP
connections established? Include a printout of this list for your machine.
Be sure to explain what all fields are.
- What does netstat -r show? What are each of the fields in this
output?
- netstat can be used to display network interface status. What option
of netstat does this? By using netstat, figure out the number of interfaces
on your machine. In the output you will find an interface named lo0
as a loopback interface. Can you say anything about this interface, about
its function?
4. nslookup
- What is the IP address for the machine bach.cs.depaul.edu?
- What local machine is this information coming from? Why is
it coming from this machine?
- Here is the problem: I want to find the IP address of where my email
to somebody@hotmail.com goes. What you really need to do is find the
``mail exchanger''
for hotmail.com. There is an option in nslookup that tells you what the mail
exchanger is for hotmail.com. Figure out the exact syntax of the format of
this command, and execute it. Now what is the IP address of where my email
to hotmail goes?
5. whois
HINT: You will need to use a different server than the default
whois server. One to try is: whois.arin.net.
HINT: Getting whois.arin.net to return information is a challenge.
Make sure you try all combinations of the network name, the host address,
and the network address.
HINT: You can also do a domain search at someplace like
http://www.networksolutions.com/.
- Who is the ``coordinator'' for the network on which funnies.cs.ucsb.edu
resides?
- Who is the coordinator for the network that bach.cs.depaul.edu is on?
- Like the hotmail example, I have another friend I send email to at AOL.
Her email address is something@aol.com. What can you say about
the coordinator for the AOL email network, i.e. contact info, etc?
Include information about the steps you took and the
results of the queries you made to figure out this information.
- I've always been curious about what happens when I send email
to president@whitehouse.gov. Run the following two commands:
whois -h whois.arin.net 198.137.241.40
whois -h whois.arin.net whitehouse.gov
Where did I get the IP address: 198.137.241.40? What can you say
about the reason that each commands returns a different set of
information?
- What machine has IP address 198.182.196.56? What machines act
as the DNS nameserver for the domain that 198.182.196.56 is in?
What to Turn In
This assignment is to be done individually, though you may
discuss your thoughts and ideas with your classmates.
You only need to turn in a hard copy of your homework (due in class),
but the assignment must be done entirely in some kind of digital
format. Since I will not see the source, you can use anything you
want, for example: HTML, Latex, Word, etc.
Finally, make sure to cut-and-paste the output of the commands
you run when the assignment asks for it.