ECE 529 Lab Report 2

The Fundamentals of Network

Communication

Submitted to:
Engr. Chuck Steven R. Torre

Submitted by: Lemuel

E. Gallego

December 20, 2015

Hands-On Project 2-1: Downloading and Installing a Protocol Analyzer

If students cant install applications on classroom computers,
Wireshark should be installed ahead of time, and this project can be started at Step 6.
Time Required: 15 minutes
Objective: Install the Wireshark protocol analyzer for use in upcoming projects.
Required Tools/Equipment: Your classroom computer with a connection to the Internet
or the Wireshark setup program the instructor has supplied on a network share.
Description: In this project, you download and install the Wireshark protocol analyzer. A
protocol analyzer, sometimes called a packet sniffer or packet capture program,
captures network data the NIC receives and displays it in a user-friendly format. For this
procedure, the NIC is placed in promiscuous mode. (A NIC normally receives and
processes only broadcast frames and frames addressed to it, but a NIC operating in
promiscuous mode processes all frames it receives.) Wireshark is used in projects
throughout this book so that you can see how certain devices and protocols work. Not
all NICs can operate in promiscuous mode. This is particularly true of wireless NICs. If
promiscuous mode isnt supported, your NIC will capture only broadcast frames and
frames addressed to it.
1. Log on to your computer as an administrator. Start a Web browser, go to
www.wireshark.org, and click Download Wireshark. In the Download Wireshark box,
click Windows Installer (32-bit) or Windows Installer (64-bit), depending on the Windows
version you have installed.
2. When prompted to run or save the file, click Run. If the User Account Control (UAC)
message box opens, click Continue.
3. When the setup wizard begins, click Next. In the License Agreement window, click
I Agree. In the Choose Components window, accept the defaults and click Next. Click
Next in the Select Additional Tasks window, and click Next to accept the default install
location. Click Install in the Install WinPcap window.
4. When you see the WinPcap window, click Next, and then click Next again in the next
window. Click I Agree in the WinPcap License Agreement window. Click Install in the
Installation options window. In the next three windows, click Finish, click Next, and then
click Finish.

5. Exit your Web browser.

6. To run Wireshark, click Start, point to All Programs, and click Wireshark. You see a
window similar to Figure 2-6.
7. To begin a capture, click the interface name in the Interface List section. In Figure 26, the interface name is Intel(R) PRO/1000 MT Network Connection, but your interface
name will be different.
8. The number of packets you see in the Wireshark capture window depends on how
busy your network is and the type of device used to connect your computers (a hub or
switch). If you see few or no packets, start a Web browser and go to some Web sites to
create network activity, and then exit the browser. After you see some packets, click the
Stop the running live capture toolbar icon shown in Figure 2-7.
9. The Wireshark packet capture window is divided into three panes. The top pane lists
the captured packets in summary form, showing the arrival time, source and destination
address, protocol, and a description of the packet contents. Scroll through the top pane
to see the different packet types that were captured, and then click a packet. The middle
pane shows the details of whats in the packet in a more readable format. Click the plus
sign next to any line to see more information on that part of the packet. The bottom
pane shows the packets contents in hexadecimal form on the left, and on the right is
any data that can be shown as printable alphanumeric characters. Stop the running live
capture.
10. Exit Wireshark. When prompted to save the capture file, click Quit without Saving.
Shut down your computer for the next project.

Conclusion:
Wireshark is a useful program that monitors the connection to other computer
connected with the users may it be incoming or outgoing.

Hands-On Project 2-2: Using Wireshark with a Hub

Time Required: 20 minutes
Objective: Use Wireshark on a computer connected to other computers via a
hub to see that all data is repeated to all stations.
Required Tools/Equipment: Three computers (minimum) with Ethernet NICs installed;
10/100 or 10/100/1000 NICs are preferable, but 10 Mbps NICs will also work.
Computers can be configured with static IP addresses or can use Automatic Private IP
Addressing (APIPA). Three patch cables and a 10/100 hub, although a single-speed
hub will also work.
Description: In this project, you run Wireshark on a group of computers connected via a
hub. This project shows that a hub repeats all data to all stations so that Wireshark can
capture packets generated by all stations. In the next project, you compare this behavior
with a switch.
This project requires at least three computers connected to a hub, with at least one
computer running Wireshark. Its probably best done in groups. If necessary, the
instructor can perform it as a demonstration. The steps in this project assume three
computers are connected to the hub and labeled Computer1, Computer2, and
Computer3. Wireshark is assumed to be installed on Computer1, but it can be installed
on all computers. Its preferable that the computers arent attached to the classroom
network and dont have access to the Internet.
1. Connect three computers running Windows XP or later to a central hub with patch
cables. Make sure the device is a hub, not a switch.
2. Turn on the computers and log on with an administrator account. Open a command
prompt window on each computer. On each computer, type ipconfig and press Enter
to display its IP address configuration. Write down these IPv4 addresses so that you
know each computers address:
Computer1:
Computer2:
Computer3:
3. If youre using Windows 7, disable Windows Firewall on each machine. By default,
Windows 7 blocks ping packets if the network is categorized as Public, which yours is

because you dont have a default gateway configured. To disable the firewall, click
Start, Control Panel, and under Network and Internet, click View network status and
tasks. In the Network and Sharing Center, click Windows Firewall at the bottom left, and
then click Turn Windows Firewall on or off. Under Public network location settings, click
Turn off Windows Firewall, and then click OK. Close the Windows Firewall window.
4. To verify connectivity, from each computer, type ping IPaddress and press Enter
(replacing IPaddress with another computers IP address). Repeat this step until you
have successfully pinged each computer from the other computers. Leave the
command prompt window open.
5. On Computer1, start Wireshark, and click Capture Options on the left. In the Capture
Filter text box, type icmp. You must use lowercase letters. The capture filter tells
Wireshark to capture only certain types of packets. Internet Control Message Protocol
(ICMP) packets are created by the Ping program, so youre going to capture only ping
packets. Click Start.
6. On Computer2 at the command prompt, type ping IPaddress and press Enter
(replacing IPaddress with the IP address of Computer1).
7. On Computer1, click the Stop the running live capture toolbar icon to stop the
capture. You should see a window similar to Figure 2-8.
8. On Computer1, in Wireshark, click Capture, Start from the menu. Click Continue
without Saving.
9. On Computer2 at the command prompt, type ping IPaddress and press Enter
(replacing IPaddress with the IP address of Computer3). Wireshark running on
Computer1 should have captured the ping packets.
10. Stop the capture and exit Wireshark. If youre continuing to the next project, stay
logged on and leave the command prompt window open on all computers. Otherwise,
close all open windows and shut down the computers.

Conclusion:
The experiment was not implemented due to the lack of hub availability.

Hands-On Project 2-3: Using Wireshark with a Switch

Time Required: 20 minutes
Objective: Use Wireshark on a computer connected to other computers via a
switch to see that all data isnt repeated to all stations.
Required Tools/Equipment: Three computers (minimum) with Ethernet NICs installed;
10/100 or 10/100/1000 NICs are preferable, but 10 Mbps NICs will also work.
Computers can be configured with static IP addresses or can use APIPA addresses.
Three patch cables and a 10/100 switch, although a single-speed switch or Gigabit
switch will also work.
Description: In this project, you run Wireshark on a group of computers connected via a
switch. This project shows that a switch only forwards data to the station to which the
frame is addressed. In Hands-On Project 2-2, you configured Wireshark to capture only
ICMP packets. In this project, you configure Wireshark to also capture Address
Resolution Protocol (ARP) broadcast packets to show that switches forward broadcasts
to all stations.
1. Connect the computers you used in Hand-On Project 2-2 to a switch instead of a hub,
using the same patch cables you used previously.
2. Turn on the computers and log on with an administrator account, if necessary. Open
a command prompt window on each computer, if necessary. If the computers were shut
down or restarted, their IP addresses might have changed. If so, write down each
computers IP address again.
3. To make sure you have connectivity with the switch, at each computer, type ping
IPaddress and press Enter (replacing IPaddress with the IP address of another
computer). Repeat this step until you have successfully pinged each computer from all
other computers. Leave the command prompt window open.
4. At each computer, type arp -d and press Enter. As you learned in Chapter 1, ARP
manages the MAC addresses your computer has learned. The arp -d command deletes
the entries created from the pings you did in Step 3. Youre deleting these entries so
that the computers have to learn the MAC addresses of other computers again. Leave
the command prompt window open.

5. On Computer1, start Wireshark, and click Capture Options. In the Capture Filter text
box, type icmp or arp. (You must use lowercase letters.) This capture filter tells
Wireshark to capture only ICMP or ARP packets. Click Start.
6. On Computer2 at the command prompt, type ping IPaddress and press Enter
(replacing IPaddress with the IP address of Computer1).
7. On Computer1, click the Stop the running live capture toolbar icon. You should see a
window similar to Figure 2-9. Notice that the first ARP packet you see has the
destination address Broadcast. Click this packet, and the middle pane displays the
MAC address ff:ff::ff:ff:ff:ff.
8. On Computer1, click Capture, Start from the Wireshark menu, and then click
Continue without Saving.
9. On Computer2 at the command prompt, type ping IPaddress and press Enter
(replacing IPaddress with the IP address of Computer3). Wireshark running on
Computer1 should have captured only the ARP broadcast packet, not the actual ping
ICMP packets, which are unicast packets (explained later in NIC Basics). Because the
switch doesnt forward unicast packets except to the intended destination, Computer1
never received the ping packets between Computer2 and Computer3.
10. Stop the capture in Wireshark. Close all open windows and shut down the
computers.

Conclusion:
The wireshark and -arp command in the command prompt can be used in
monitoring the connections in the computer. By filtering the icmp and arp in wireshark it
will show the list of who is connected in real time.

Hands-On Project 2-4: Examining Hub and Switch

Indicator Lights and Uplink Ports
Time Required: 30 minutes
Objective: Examine the indicator lights of a hub or switch and understand the
purpose of the uplink port.
Required Tools/Equipment: Three computers (minimum) with Ethernet NICs installed;
10/100 or 10/100/1000 NICs are preferable, but 10 Mbps NICs will also work.
Computers can be configured with static IP addresses or can use APIPA addresses.
Four patch cables and one crossover cable, two 10/100 hubs with uplink switch, and a
10/100 switch.
Description: In this project, you view the indicator lights of hubs and switches. Ideally,
your hub has indicators for link status, activity, and collisions. In addition, if your hub has
an uplink port, you test its function. Like the previous two projects, this project can be
done in groups or as a class demonstration.
1. The computers should be shut down and one hub should be plugged in and turned
on, if necessary. Connect all three computers to the hub with patch cables, but dont
use the uplink port on the hub. Turn on the computers.
2. Examine the hubs indicator lights. A link status light should be glowing for each port
a computer is connected to. Next, examine the indicator lights on the NIC, which should
also be glowing to indicate a good connection. See whether the hubs indicator lights
vary for different connection speeds. Write the link status lights color and the
connection speed, if available, in the following chart:
Computer

Link status

lights color

Connection speed

Computer1
Computer2
Computer3
3. Generate some traffic by using ping commands on each computer. At each
computer, open a command prompt window and ping another computer (Computer1
ping Computer2, Computer2 ping Computer3, and Computer3 ping Computer1, for
example) by typing ping -n 20 IPaddress and pressing Enter. Examine the activity
indicator lights, which should blink as data is received. (On hubs combining the activity

indicator with the link status, network activity just causes the link status indicator to
blink.) The -n 20 option in the ping command specifies sending 20 ICMP packets
instead of just 4.
4. Next, if your hub has collision indicators, try to get them to glow. Note that the pings
must be sent from each computer at the same time for a collision to occur. At each
computer, perform the same ping, but this time, type ping -n 20 -l 60000 IPaddress and
press Enter. The -l 60000 (lowercase L) option makes each ping packet 60,000 bytes
in length. Even with these large amounts of data being transferred, you might not see a
collision. Remember that a collision occurs when two or more computers send data
simultaneously, which isnt permitted when using a hub. However, if your hub and
NICs are operating at 100 Mbps, data is transferred so quickly that producing a collision
might be difficult.
5. While leaving the first hub powered on, power on the second hub. With a regular
patch cable, connect the first hub to the second hub, but dont use the uplink port. In
most cases, you wont see the link lights glow at the ports where the two devices are
connected. To fix this problem, plug one end of the patch cable into the uplink port on
one hub (not on both hubs) and set the switch to the uplink position. You should now
have connectivity between the hubs, and the link lights should be on.
6. If your hubs dont have an uplink port, you can connect two hubs with a crossover
cable. To do this, disconnect the two hubs, and using a crossover cable from your
instructor, connect each end of it to regular (not uplink) ports on the two hubs. The link
lights should glow. (You learn more about patch and crossover cables in Chapter 4. lol)
7. List any other indicator lights you find on the hub and what these lights tell you:
8. Disconnect the computers from the hubs and put the hubs away. Connect the
computers to the switch, and then power on the switch.
9. Along with link status lights, most switches have lights on each port to indicate
whether the port is operating in full-duplex or half-duplex mode. If your switch has these
indicators, find them and try to determine in which mode your NIC and switch are
communicating. Most NICs and switches support full-duplex communication, and this
mode is chosen automatically.
10. List any other indicator lights you find on the switch and what these lights tell you:

11. Close all open windows, and shut down the computers.
Conclusion:
Due to the lack of hub, the comparison could not be properly described.

Hands-On Project 2-5: Connecting to a Wireless Access Point

Time Required: 15 minutes
Objective: Install a wireless NIC and connect to an access point.
Required Tools/Equipment: Two or more computers with 802.11 wireless NICs installed.
USB wireless NICs work well, as they dont require opening the computer case. Laptops
with built-in wireless NICs will also do. One wireless AP or wireless router configured
with the SSID NetEss. The 802.11 standard supported doesnt matter as long as the
AP is compatible with the NICs. Windows 7 is the preferred OS, but some steps can be
changed to accommodate other OSs. The computers shouldnt be connected to a hub
or switch.
Description: In this project, you connect to a wireless AP and test the connection by
pinging another computer connected to the same AP.
1. Start your computer and log on as an administrator. If the wireless NIC isnt installed
yet, install it according to your instructors instructions.
2. After the wireless NIC has been installed, click the network connection icon in the
notification area to display a list of available wireless networks (see Figure 2-16).
3. Click the NetEss wireless network. (Remember that the wireless network name is
called the SSID.) A message is displayed, stating that information sent over the network
might be visible to others because its not secured with encryption. You secure the
network later, so click the Connect button.
4. After a short time, you should see the Set Network Location window. The network
location can be Home, Work, or Public and is used to set up firewall rules for the
connection. Click Work network, and then click Close.
5. Youre now connected to the NetEss wireless network. To test the connection, get the
IPaddress of another computer connected to the wireless network and ping this
address. Alternatively, you can ping the router, which should be at address 192.168.1.1.
Ask your instructor for the correct address if pinging 192.168.1.1 doesnt work.
6. Click the wireless network connection icon in the notification area and click Open
Network and Sharing Center. Youll see a window similar to Figure 2-15, shown
previously.
7. Click See full map at the upper right. Figure 2-17 shows the network map for the

wireless connection. If other computers are attached to the wireless network, theyre
displayed in the map. The dotted lines indicate a wireless network connection; a wired
connection is shown with solid lines. If the network map cant be created, it might be
because the NIC driver doesnt support the protocol used to create the map.
8. Close all open windows.
Conclusion:
Wireless and wired connection have almost the same settings the advantage is
that of the wireless from a wired connection is that it can be access anywhere inside the
signal range.

Hands-On Project 2-6: Examining Properties of Your NIC

Time Required: 15 minutes
Objective: View the properties of your NIC in Windows and look up its vendor
by using the MAC address.
Required Tools/Equipment: Your classroom computer; no other tools or equipment are
required. Windows 7 is the assumed OS, but this project can also be done in Windows
Vista or Windows XP.
Description: When describing a NIC as a component of networking, it means both the
hardware
NIC and its driver. NIC drivers are configured in the OS in which theyre installed and
control certain operational aspects of the network interface as a whole. In this project,
you examine the properties of your installed NIC. You also use your NICs MAC address
to look up the vendor. Not all NICs or NIC drivers are equivalent in features, so your
NIC might have more or fewer features than are described here.
1. Turn on your computer and log on as NetAdmin, if necessary.
2. Click the network connection icon in the notification area and click Open Network and
Sharing Center.
3. In the Network and Sharing Center, click the Change adapter settings link on the left.
Right-click Local Area Connection and click Status if necessary.
4. The Local Area Connection Status window shows a summary of information of your
network connection. To see more information about the connection, click Details.
The ipconfig/all command shows the same information as the Local Area Connection
Status window.
5. The Network Connection Details window shows information about your connection,
including the NIC model, the physical (MAC) address, and your IP address
configuration. Write down your MAC address, which you use later to look up the NIC
vendor. Review the remaining information, and then click Close.
MAC address: 78-24-AF-8D-ED-7B
6. In the Local Area Connection Status window, click Properties. In the Local Area
Connection Properties dialog box, click the Configure button under the Connect using

text box. In the Network Connection Properties dialog box, click the Advanced tab (see
Figure 2-18). Your NIC might have fewer, more, or different options.
7. Review the available properties for your NIC. When you select a property, you can
see its possible values in the Value drop-down list.
8. Click Link Speed & Duplex (if this property is available), and then click the Value
down arrow to see the possible values. On most NICs, the default value is Auto
Negotiation, which means the NIC and hub or switch exchange signals to determine
the optimum operational mode. Other modes usually include combinations of
10, 100, and 1000 Mbps and full- and half-duplex. Normally, you dont need to
change these values unless auto negotiation fails to work. If this happens, youll
probably see the link status light change from on to off repeatedly or never turn
on at all.
9. Click the Locally Administered Address property. (It might also be referred to as
network address, physical address, or MAC address.) In most cases, this propertys
value is set to Not Present. You can use this property to override the NICs burned-in
MAC address by entering a new address in the Value text box. Normally, however, you
shouldnt override the burned-in MAC address because if you duplicate an existing
address accidentally, it can cause a loss of communication. Click Cancel to close
Network Connection Properties.
10. Close the Local Area Connection Status window and the Network Connections
window.
11. Start a Web browser, and go to www.coffer.com/mac_find.
12. In the MAC Address or Vendor to look for text box, type the first six digits of the
MAC address you wrote down in Step 5. You dont need to enter the hyphen between
each pair of digits, but you do need to enter the leading zeros. Click string to find the
vendor of the MAC address. Knowing the vendor can help you track down devices
that might be causing problems on your network.
13. Close all open windows. If you arent going on to the next project, shut down your
computer; otherwise, stay logged on.

Conclusion:
Properties are not entirely shown in the network connection settings as the
company who made the NIC kept them hidden from the users. The actual manufacture
can be found by searching through databases using the MAC address.

Hands-On Project 2-7: Communicating over a Router

Time Required: 20 minutes
Objective: Configure workstations to communicate with one another through
a router.
Required Tools/Equipment: Three workstations, two hubs or switches, a router, and five
patch cables are required. The router can be the same router/AP you used for HandsOn Project 2-5. Assuming youre using a typical home network router/AP, such as a
Linksys WRT54GL, the router should be set up so that the WAN interface is assigned
the address 192.168.2.1 with subnet mask 255.255.255.0, and the LAN interface is left
as the default 192.168.1.1 address.
Description: This project requires some setup by your instructor. You should verify with
your instructor that its complete before starting this project. In this project, you configure
workstations to communicate with each other through a router. The router is configured
to support two networks: 192.168.1.0 and 192.168.2.0. Computer1 and Computer2 are
configured to operate in the 192.168.1.0 network, and Computer3 is configured to work
in the 192.168.2.0 network. Figure 2-26 shows the initial network setup, in which all
three computers are connected to the same hub or switch. Cable the network as shown.
The router should already be configured. Start all three computers, if necessary. To
configure the IP address of each computer, click the network connections icon in the
notification area and click Open Network and Sharing Center. Click the Change adapter
settings link on the left. Right-click Local Area Connection and click Properties. Doubleclick Internet Protocol Version 4, and then click Use the following IP address. For now,
just set the IP address and subnet mask, using the following values:
Computer1: IP address 192.168.1.11, subnet mask 255.255.255.0
Computer2: IP address 192.168.1.12, subnet mask 255.255.255.0
Computer3: IP address 192.168.2.21 subnet mask 255.255.255.0
2. After you have entered these values, click OK twice and close all windows.
3. To test your configuration, open a command prompt window on Computer1 and
Computer2, and ping each others IP address. The ping should be successful. If its
not, verify that the IP address settings are correct by typing ipconfig and pressing
Enter and comparing the values you see with the ones listed in Step 1. From both

computers, type ping 192.168.1.1 and press Enter to verify that they can communicate
with the router.
4. On Computer1, ping Computer3 by typing ping 192.168.2.21 and pressing Enter. You
should get a message that the ping failed or timed out. The reason the ping between
Computer1 and Computer3 failed is that the two computers are configured to be on
different networks. In this case, Computer1 is configured to be on network 192.168.1.0,
and Computer2 is configured to be on network 192.168.2.0. When two computers are
configured to be on separate networks, their connection to each other must be
separated by a router. Move Computer3 to the other network by plugging the cable from
Computer3 into the other hub or switch so that your network configuration now looks
like Figure 2-27.
5. Try the ping again from Computer1 to Computer3. Again, you get an error because
one piece of the IP address configuration has been omitted. When a computer needs to
send a packet to a device on another network, it must know the address of the router to
which to send the packet. This address is called the default gateway. To set the default
gateway for all three computers, follow the instructions in Step 1 to get to the IP
settings. In the Default gateway text box, enter the following values:
Computer1: 192.168.1.1
Computer2: 192.168.1.1
Computer3: 192.168.2.1
6. After you have finished configuring the default gateway for all three computers, you
should be able to ping from Computer1 to Computer3 and from Computer2 to
Computer3 and vice versa. Try it now, and write down your results.
7. Next, try another command that shows the route your packet travels to get to the
other computer. From Computer1 and Computer2, type tracert 192.168.2.21 and press
Enter. From Computer3, type tracert 192.168.1.11 and press Enter. Youll see a few
lines of output showing that the packet had to travel through the router to get to its
destination. This command is used again in the next project.
8. Close all open windows on all three computers.

Conclusion:
The experiment was not conducted due to the router was not accessible at the
time.

Hands-On Project 2-8: Using Trace Route to See How

Packets Travel Through the Internet
Time Required: 10 minutes
Objective: Use the Trace Route program to see the routers packets must travel
through to get from your computer to a destination on the Internet.
Required Tools/Equipment: Your classroom computer, Internet access, and a valid DNS
server; no other tools or equipment are required
Description: The importance of routers is made clear when you need to access servers
on the Internet. The Trace Route program (tracert.exe) lists each router your packets
must travel through between your computer and an Internet server.
1. Log on to your computer as NetAdmin, if necessary, and open a command prompt
window.
2. Type tracert www.yahoo.com and press Enter. You should see output thats similar to
Figure 2-28, but the details will vary, depending on your location. In this output, there
are five columns of information. The first column is just a count of how many routers
the packet traversed. The second, third, and fourth columns show the amount of time
in milliseconds (ms) the router took to respond. Three packets are sent, so three times
are listed. The last column is the routers IP address or name and IP address.
3. You can garner some information about the geography of the path your packet took
by looking at the routers name. For example, in Figure 2-28, the domain name of the
third router is yc.edu, which is a router at Yavapai College in Prescott, Arizona, where
this book has been written. The fourth and fifth routers have the domain name
qwest.net, and the routers name begins with phn, which tells you that the router is on
Qwests network in Phoenix. You get the idea. However, looking up router names can
sometimes make the trace run slowly. To do the same trace without looking up names,
type tracert -d www.yahoo.com and press Enter. This time, you should see only the IP
address of each router.
4. Try using Trace Route to determine the path packets take to other destinations. Try
books.tomsho.com, and for a destination on the East Coast, try www.course.com. For
a destination in Germany, try www.kontron.de. If the trace repeatedly times out
(indicated by an asterisk, *, in the output), press Ctrl+C to stop the trace.

5. Close the command prompt window.

6. You can also find tools that show you the route on a map. Start your Web browser,
and go to www.yougetsignal.com/tools/visual-tracert. In the Remote Address text box,
type any of the destinations in Step 4 or any other address you like. This online tool
attempts to map out the path your packets take to get to their destination.
7. Exit your Web browser and shut down your computer.
Conclusion:
Tracert is a program that can show specific IP addresses that are connected
going to the specific sites. As in some cases the link that are already cut, it will not stop
midway.