Question

In: Computer Science

Objective To explore the details of Ethernet frames. Ethernet is a popular link layer protocol that...

Objective

To explore the details of Ethernet frames. Ethernet is a popular link layer protocol that is covered in §4.3 of your text; modern computers connect to Ethernet switches (§4.3.4) rather than use classic Ethernet (§4.3.2). Review section §4.3 before doing this exercise.

Requirements

Wireshark: This lab uses the Wireshark software application to capture and examine a packet trace. A packet trace is a record of traffic at a location on the network, as if a snapshot was taken of all the bits that passed across a particular wire. The packet trace records a timestamp for each packet, along with the bits that make up the packet, from the lower-layer headers to the higher-layer contents. Wireshark shows the sequence of packets and the meaning of the bits when interpreted as protocol headers and data. It color-codes packets by their type, and has various ways to filter and analyze packets to let you investigate the behavior of network protocols.

ping: This exercise uses ping to send and receive messages. ping is a standard command-line utility for checking that another computer is responsive. It is widely used for network troubleshooting and comes pre-installed on Window, Linux, and Mac. While ping has various options, simply issuing the command “ping www.sdsu.edu” will cause your computer to send a small number of ICMP ping requests to the remote computer www.sdsu.edu, which should elicit an ICMP ping response.

Recall that there are two types of Ethernet frames, IEEE 802.3 and DIX Ethernet. DIX is common and what we considered above, while IEEE 802.3 is rare. If you are rather lucky, you may see some IEEE 802.3 frames in the trace you have captured. To search for IEEE 802.3 packets, enter a display filter (above the top panel of the Wireshark window) of “llc” (that was lowercase “LLC”) because the IEEE 802.3 format has the LLC protocol on top of it. LLC is also present on top of IEEE 802.11 wireless, but it is not present on DIX Ethernet.

Have a look at the details of an IEEE 802.3 frame, including the LLC header. Observe that the Type field is now a Length field. The frame may be short enough that there is also padding of zeros identified as a Trailer or Padding.

  1. How long are the combined IEEE 802.3 and LLC headers compared to the DIX Ethernet headers? Note that the Trailer/Padding and Checksum may be shown as part of the header, but they come at the end of the frame.
  2. How does the receiving computer know whether the frame is DIX Ethernet or IEEE 802.3? Hint: you may need to both use Wireshark to look at packet examples and read your text near where the Ethernet formats are described.
  3. If IEEE 802.3 has no Type field, then how is the next higher layer determined? Use Wireshark to look for the demultiplexing key.

Solutions

Expert Solution

Let's start with wireshark and capture some packets:

1. First step to select an interface. Mine is Wireless so i am selecting wifi. You can selecr ethernet if you have one connected.

2. Start the interface and open cmd for windows and terminal for linux. In my case i am using windows cmd for ping. I will ping google.com and trace some packets, you can ping any website you like:

Based on the screenshot, we can observe complete three way handshake. Now for the Ethernet based analysis, we can expand Ethernet information which is downside with other fields.

3. Lets Analyze Ethernet field and see the headers:

we can see the encrypted frames which ethernet is using to transfer the requests.

4. Demultiplexing Keys - After the arrival of Ethernet frames in a computer, the ethernet layer has to provide the packet to next upper layer for the transmission. For finding the right upper layer Ethernet frames uses Demultiplexing keys.

Hope my answer will help.


Related Solutions

A sender wants to transmit 16 frames in data link layer to a receiver, and every...
A sender wants to transmit 16 frames in data link layer to a receiver, and every 4th transmission is lost. How many total transmissions are required if A) Go-back-3 flow control is used? B) Selective repeat is used? C) Stop-and-wait is used?
Briefly list and describe several functions of the Data Link layer of any given communications protocol.
Briefly list and describe several functions of the Data Link layer of any given communications protocol.
explain operation of Ethernet protocol on a shared medium bus
explain operation of Ethernet protocol on a shared medium bus
Link Layer Describe the idea of self-learning in a link layer switch. Specifically, describe how a...
Link Layer Describe the idea of self-learning in a link layer switch. Specifically, describe how a switch fills the switch table entries.
What are the potential dangers to merge network layer with transport layer of computer networking protocol...
What are the potential dangers to merge network layer with transport layer of computer networking protocol stack?
Ethernet (10Mbps) frames must be at least 64 bytes (512 bits) long to ensure that the...
Ethernet (10Mbps) frames must be at least 64 bytes (512 bits) long to ensure that the transmitter is still going in the event of a collision at the far end of the cable. Fast Ethernet (100Mbps) has the same 64-byte minimum frame size but can get the bits out ten times faster. How is it possible to maintain the same minimum frame size?
Can i say that the main difference between link state routing protocol and distance vector protocol...
Can i say that the main difference between link state routing protocol and distance vector protocol is that in link state routing protocol every node in the network flood the link metrics of the links contact to It then after all node get the map of all link metrics every node begin to make its forwarding table But in distance vector routing protocol every node make its forwarding table (using just the link metrics which contacted to It) then flood...
Explain with appropriate diagrams the Logic Link Control (LLC) Layer and Medium Access Control (MAC) layer.
Explain with appropriate diagrams the Logic Link Control (LLC) Layer and Medium Access Control (MAC) layer.
A common protocol stack used by many applications is to use TCP at the transport layer...
A common protocol stack used by many applications is to use TCP at the transport layer and IP at the network layer. The ICMP protocol is also used to report on problems encountered by IP. The IP protocol provides a service referred to as “best effort”. Describe the services of the IP protocol, and potentially ICMP protocol, with respect to flow control (ensuring the sender does not overwhelm the receiver). Describe the service TCP provides with respect to flow control...
A common protocol stack used by many applications is to use TCP at the transport layer...
A common protocol stack used by many applications is to use TCP at the transport layer and IP at the network layer. The ICMP protocol is also used to report on problems encountered by IP. The IP protocol provides a service referred to as “best effort”. Describe the services of the IP protocol, and potentially ICMP protocol, with respect to flow control (ensuring the sender does not overwhelm the receiver). Describe the service TCP provides with respect to flow control...
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT