Protocol layers and

Wireshark
Rahul Hiran
TDTS11:Computer Networks and Internet
Protocols

Textbook: Computer Networking: A

Top Down Approach, by Jim Kurose
and Keith Ross.
Note: The slides are adapted and modified based on slides
from the books companion Web site, as well as modified
slides by Niklas Carlsson
1
 What will I talk about?
Short description from lecture 1
about computer networks
Internet protocol stack
How to see what different stack layer
does
Using network analysis tool called
wireshark

2
Whats the Internet: Slide from lecture
1
PC millions of connected Mobile network
server computing devices: Global ISP
wireless
hosts = end systems
laptop running network
cellular Home network
handheld apps
communication links Regional ISP
fiber, copper, radio,
access satellite
points Institutional network
wired
links

routers: forward packets

router (chunks of data)

3 1-3
Introduction
 Whats a protocol?
(slide from lecture 1)
human protocols: network protocols:
whats the time? machines rather

I have a question than humans

all communication
introductions
activity in Internet
governed by
specific msgs sent protocols
specific actions protocols define format, order of
msgs sent and received among
taken when msgs network entities, and actions
received, or other taken on msg transmission, receipt
events

4 1-4
Introduction
 More about protocols
There are many protocols that are
involved in working of computer network
There is a internet protocol stack. A
protocol normally belongs to one of the
layers in the stack.
Let us look at the airline functionality

5
 Layering of airline
functionality
ticket (purchase) ticket (complain) ticket

baggage (check) baggage (claim baggage

gates (load) gates (unload) gate

runway (takeoff) runway (land) takeoff/landing

airplane routing airplane routing airplane routing airplane routing airplane routing

departure intermediate air-traffic arrival

airport control centers airport

Layers: each layer implements a service

via its own internal-layer actions
relying on services provided by layer
below
6
Introduction 1-6
 Internet protocol stack
application: supporting network
applications application
FTP, SMTP, HTTP
transport: process-process data transport
transfer network
TCP, UDP
network: routing of datagrams from link
source to destination
physical
IP, routing protocols
link: data transfer between
neighboring network elements
Ethernet, 802.111 (WiFi), PPP
physical: bits on the wire

7
Introduction 1-7
Encapsulation

8
 wireshark
How can we analyze the network
data?
Using tools such as wireshark
Wireshark: a network packet
analyzer. A network packet analyzer
will try to capture network packets
and tries to display that packet data
as detailed as possible.
Let us start wireshark.!
9
Start screen of wireshark

10
Make your own capture or open
existing trace files

11
Graphical User Interface

12
 Reduce clutter
Disable the checksum error
messages from Views->Coloring
rulesmenu item
Enter data in the filter to show only
http packets
Let us look at the example

13
After unnecessary data is
removed

14
Let us look at the application level
data

15
 Internet protocol stack
application: supporting network applications
FTP, SMTP, HTTP
application
transport: process-process data transfer
TCP, UDP
TCP is responsible for the establishment of a TCP
transport
connection, the sequencing and acknowledgment
of packets sent, and the recovery of packets lost
during transmission
network: routing of datagrams from source network
to destination
IP, routing protocols
Link
link: data transfer between neighboring physical
network elements
Ethernet, 802.111 (WiFi), PPP
physical: bits on the wire

16
Introduction 1-16
Encapsulation

17
TCP header

18
TCP header data in our
packet

19
 How to look at
time/sequence plot
Select tcp-ethereal-trace-1
Filter by entering tcp
Select TCP segment
Go to statistics-> TCP streamgraph
-> Time-sequence graph (stevens)

20
 Internet protocol stack
application: supporting network
applications application
FTP, SMTP, HTTP
transport: process-process data transfer
TCP, UDP transport
network: routing of datagrams from
source to destination network
IP, routing protocols
The Internet layer is responsible for addressing,
Link
packaging, and routing functions.
link: data transfer between neighboring physical
network elements
Ethernet, 802.111 (WiFi), PPP
physical: bits on the wire

21
Introduction 1-21
Encapsulation

22
 Internet layer
Let us first open ip-ethereal-trace-1
And look at the first ICMP message
We also look at the IP protocol
header format

23
IP header

24
IP header in collected traces

25
 Internet protocol stack
application: supporting network
applications application
FTP, SMTP, HTTP
transport: process-process data
transport
transfer
TCP, UDP
network: routing of datagrams from network
source to destination
Link
IP, routing protocols.
link: data transfer between physical
neighboring network elements
Ethernet, 802.111 (WiFi), PPP
physical: bits on the wire

26
Introduction 1-26
Whats the Internet: Slide from lecture
1
Network layers job is end- Mobile network
to-end movement of data Global ISP
from source to destination
Link layers job is node-to-
node movement of Home network
network-layer datagrams Regional ISP
over a single link in the
path
Institutional network
Ethernet is quite popular
protocol
Let us look at the header

27 1-27
Introduction
Ethernet header and trailer

28
 Conclusion
application: supporting network
applications application
FTP, SMTP, HTTP
transport: process-process data transport
transfer network
TCP, UDP
network: routing of datagrams from link
source to destination
physical
IP, routing protocols
link: data transfer between
neighboring network elements
Ethernet, 802.111 (WiFi), PPP
physical: bits on the wire

29
Introduction 1-29
Conclusion

30
Questions?

31
www.liu.se 32