15-441: Computer NetworksHomework 3Assigned: Nov 2, 2006Due: Nov 9, 20061 Using ’dig’ to Understand DNS1. In this question you will use the unix utility ’dig’ to explor e the contents of DNS messages. Please usedig on unix.andrew.cmu.edu.The format of a dig request issimple. Just typ e: dig www.princeton.edu to perform a look-up for thatDNS name. As you now k now, DNS requests can do more than just ask for the IP address correspo ndingto a single DNS name. Type dig princeton.edu ANY to see DNS records of all types that are a ssociatedwith the domain ‘princeton.edu’.(a) What IP address did the computer you are logged into contact to make the DNS request? Wheredo you think this server is located?(b) List all of the different types of records received as a result of your query. For each record, explainits purpose, using o ne of the entries provided in the reply as a concrete example.(c) Note that some of the names in the reply are not in the doma in ’princeton.edu’. Use the DNSnames and/or ’traceroute’ to find the genera l location of o ne of these servers. Where is it? Giventhe type of record, why would Princeto n do this?(d) Use dig to find the names of two non-local servers you could contact in the pr ocess of identifyingthe nameserver for the domain ’cnn.com’ (assume no DNS information is cached anywhere).(e) Use dig to find the TTL for the DNS mappings of ’www.cnn.com’ and ’www.cs.stanfor d.edu’. Whatare they? If your boss asks you to provide two positive and two negative effects of having a shortDNS TTL for the company’s e-commerce site, what would you say?2 Tools2. In this section, you will learn a couple of practical tools: route, and ifconfig, and netstat. Below isa very brief description of what they do. For more detailed informatio n, check the ma n pa ges (Note onunix.andrew route and ifconfig ar e located under / sbin/. Either add this to your PATH or use the fullpath to run the commands).route The route command can b e used to view and manipulate the IP routing table.netstat is a too l that can be use d to display network connections, routing tables, interface statistics andmany other things.ifconfig The ifconfig command is used to configure a network interface and to display the status ofthe currently active interfaces.1(a) Run the route command. What is the use of the entry with netmask 0.0.0.0?(b) Suppose a malicious attacker runs ”route del ” to delete the routing entry corresponding to 128.2.13.128/26on one of the unix.andrew.cmu.edu machines. Now you try to run ”ping www.cnn.co m”. Do youexp ect the ping to g e t through? Harr y Bovik, the local netwo rking guru argues that ”Well, thereis still a default route, so the ping should go through!”. Harry’s pessimistic alter ego suggestsotherwise, but does not have a reason. Should Harry believe his alter ego or dismiss it as a case ofunjustified pessimism? Give a short 1-2 line answer why.(c) What does the command netstat -a show you? E xplain the two parts of the output.(d) What is the command to view the routing table of your machine using netstat? What is thecommand to only show IP addresses and not host names in the routing table?(e) How can you use netstat to find out what the netwo rk interfaces of your machine are? What is theMTU of your Ethernet interface?(f) Run ifconfig. What infor mation does the field ” Mask” give you?(g) What happens if you run ifconfig and configure an interface to be in promiscuous mode?3 Understanding label switchingYou are trying to debug a problem with your company’s virtual circuit-based network. A diagram of thenetwork is shown below. A, B, and C are hosts attached to the network. S1, S2, and S3 are switchesconfigured to act as labe l swapping virtual circuit switches.C132413241324A S1S2S3BThe label swapping tables for the switches are configured as follows. Some of the entries are stale and notactually in use right now.Switch Input Port Input Label Output Port Output LabelS1 2 2 3 4S1 4 2 3 1S1 4 17 2 2S2 2 19 4 2S2 3 1 2 19S2 3 2 2 15S2 3 5 4 2S2 4 2 2 1S2 4 1 4 1S3 2 1 1 2S3 2 2 4 5S3 4 1 1 1S3 4 4 1 5Page 23. Write the sequence of (Switch, Input Port, Input Label) tuples and the destination node and label foreach of these packets. We’ve given you the start node and starting label. The intermediate tuples sho uldlook like (S1, 1, 999) [e.g., switch S1, input port 1, label 999].(a) Sta rt node A, label 17.Switch tuples:Dest node and final la bel:(b) Start node A, label 2.Switch tuples:Dest node and final la bel:(c) Start node C, label 1.Switch tuples:Dest node and final la bel:4. You are explaining your network to a collea gue, who remarks on an interesting feature of your network.(a) What do you tell your colleague when she asks why you configured the paths for packets (a) and(b) above?(b) Your colleague thinks this feature is neat, and asks you how to implement it in her packet-switched,IP network. What do you tell her?5. You notice that the network seems much more slug gish than normal. Packets are getting through, butthey take a lot longer than they did before your as sistant made some changes to the label swapping tablesyesterday. You do some debugging a nd find that the problem shows up when node B starts transmittingwith local label 19. What’s going on?Page 34 TCP ForensicsYou are the TCP spe c ialist at the FBI. One day an FBI agent gives you a packet trace of a TCPconnection between two ma chines on the Internet. The trace is believed to contain important informationpertaining to national security.This packet trace co ntains 63 packets and each line in the trace is o ne packet, identified by its packetnumber (from 1 to 63). The rest of the line in a sequence of bytes, represented as hex numbers. Forexample, consider the first line of the trace:1 45 00 00 3c fd b1 40 00 40 06 fd 45 80 02 8c ea 8cd3 a6 0 4 8f 37 1a 0b b5 3c c 0 85 00 0 0 00 00 a0 0216 d0 88 c6 00 00 02 04 05 b4 04 02 08 0a 0c 6c3d 34 00 00 00 00 01 03 03 07The first number “1” (packet number 1) implies that this is the first packet received at the trace point.The first byte of the packet is “45” in hex, which is “69” in decimal. As a hint, the first byte seemsto indicate tha t this is a n IPv4 packet, where the IP header contains 20 by tes . The fourth byte of thepacket is “3c”.This trace, hw3.trace.txt, is available on the cours e web page under the Assignments link. To reducethe amount of work you have, we provide a template code
View Full Document