Exploring the Internet with Ping and Traceroute

Introduction

In this assignment, you will use the ping and traceroute tools to investigate network connectivity and performance.

Goals

• To understand how ping and traceroute work.
• To gain an empirical basis for your understanding of Internet route characteristics.

Acknowledgments

This lab borrows from experiment 3.4 in Hands-On Networking with Internet Technologies by Douglas Comer (2nd edition, 2005) and exercises from Peterson and Davie's Computer Networks: A Systems Approach (4th edition, 2007).

References

• RFC 792 - Internet Control Message Protocol 

Logistics

You may work individually or in pairs. You have one week to complete this assignment.

Preparation

You can complete this assignment on any MathLAN workstation. You do not need to obtain any particular files or software.

Assignment

Part A: Experiments with ping

1. Determine how to run the ping program on your computer. At a minimum, ping takes the name or address of a remote computer to connect to. 

2. Experiment with pinging each of the following hosts 20 times. The ping program provides an option, the count, to let you do this easily. What are the minimum, average, and maximum RTTs for each host?

   1. www.grinnell.edu (on campus)
   2. www.one-eyed-alien.net (in your professor's basement a block away)
   3. www.cs.uchicago.edu (in Chicago)
   4. www.cs.iit.edu (also in Chicago)
   5. www.cs.hmc.edu (on the West Coast)
   6. www.cs.mit.edu (on the East Coast)
   7. www.cs.adelaide.edu.au (in Adelaide, Australia)
   8. www.grinnellplans.com (where is it?)

   In the discussion questions, you will use this information to help you consider the relationship between geographic distance, distance in hops (number of routers traversed), and RTT.

3. Ping another host in the MathLAN using packets of different sizes, up to 1 KB. Does the RTT vary with the size of the packet? What do you think accounts for the differences?

4. Ping a host farther away using packets of different sizes, up to 1 KB. Does the RTT vary with the size of the packet?  What do you think accounts for the differences?

5. Open up four terminal windows and ping four of the hosts listed above concurrently. Do the RTTs differ from when you ping only one host at a time? What do you think accounts for the differences?

6. (Finish this part of the lab later.) Choose one or two hosts, measure the RTT values at different times of day, and compare the results. Is there any difference? If so, what do you think accounts for the differences?

7. Did you observe anything else interesting? What questions do you have?

Part B: Experiments with traceroute

1. Determine how to run the traceroute program on your computer and how to read the output. At a minimum, traceroute takes the name or address of a remote computer to connect to.

2. How many hops does it take to get out of Grinnell College? What routers do packets traverse on their way out? Who appears to be Grinnell's ISP?

3. Use traceroute to determine the routes to the hosts listed above. What are the hop counts? What else do you observe about the paths taken, for example, to the two different networks in Chicago?

4. What happens if you use traceroute to find the path to an unassigned address? Does it matter if the network portion or only the host portion is unassigned?

Part C: Observing traceroute

1. Run Wireshark and start a trace. 

2. Run traceroute, giving for the hostname a host that you know is several hops away.

3. Stop the trace.

4. Apply the filter "protocol is icmp" to see only ICMP packets. What do you notice? 

5. Change the filter to "ip.dst==X" where X is the IP address of the host that you tracerouted. Look at the contents of the IP headers of these packets, focusing on the TTL field. What do you observe?

6. Close Wireshark.

Part D: Experiments with a public traceroute server

1. From within the MathLAN or CS Network, run traceroute www.cs.washington.edu.

2. Public traceroute servers allow Internet users to learn about network routes from sources that are outside their own networks.  The website www.traceroute.org is a directory of public traceroute servers. Using this website, find the public traceroute server at the University of Washington and do a traceroute back to www.cs.grinnell.edu.  In comparing the forward trace (from Grinnell to UW) and the reverse trace (from UW to Grinnell), what do you see?

3. Trace to www.cs.grinnell.edu from several different public traceroute servers, and/or from public traceroute servers to each other. Do you have any further observations?

4. Use public traceroute servers to investigate the route from Psychosis.net to Datapipe (both in the USA) and vice versa. What do you see? What inferences might you draw about Internet routes in general?

Part E: Implementing traceroute (extra credit)

Implement the traceroute algorithm.  You can write a C program using raw sockets. Or you can use a scripting language to repeatedly invoke the ping command, varying the TTL for each ping.

Report on your experiences: How long did it take? What were the tricky bits? What references or other resources did you use?

You can turn in this part for extra credit at any time up to the final deadline for all coursework.

Assessment

To earn a B, complete parts A, B, and C of the assignment, along with the discussion questions.

To earn an A, complete parts A, B, C, and D of the assignment, along with the discussion questions.

For extra credit, also complete part E.

Lab Notebook Issues

Include the questions along with the answers  to the questions in the assignment.

Advice & Hints

Remember that you can use the man program to learn how to use other programs such as ping.

You can find an index of Internet RFCs at www.rfc-editor.org.

Discussion Questions

1. Briefly explain (a) what traceroute does from the user's perspective, and (b) how it works. To explain how it works, draw on your reading from the man page and your observations using Wireshark.

2. Imagine that you are trying to visit the website www.one-eyed-alien.net, and the web browser is not able to connect. How might you use ping and traceroute as diagnostic tools in this situation?

3. Based on your experiments with ping and traceroute, what conclusions would you draw about the relationships between RTT, number of hops, and geographic distance? (Are there any relationships?)

4. Based on your experiments, what would you guess is the average RTT between any two hosts on the Internet? The longest RTT? Explain your reasoning.

5. What would you guess is the average number of hops between any two hosts on the Internet? The greatest number of hops? Explain your reasoning.

6. In writing standards for Internet protocols, does it matter what the longest RTT or greatest number of hops is? Why or why not? (Answering this question may require some speculation.)

7. How long did you spend on this assignment?

8. What did you think of the different parts of this lab? What additional activities might be interesting to add?

Janet Davis (davisjan@cs.grinnell.edu)