1. Ethereal
Freezing: I
installed the downloaded exe file on Windows 98, but every time I try to open example.cap, the program
freezes and I get the Not Responding
thing.
Answers: According to the FAQ the win32 binary is
supposed to look for the WinPCap stuff (download it from
http://netgroup-serv.polito.it/winpcap/) and disable capturing if it doesn't find
it. Make sure you have installed that library (GTK+ and Perl
as well) and
giving it another shot. Also, some
students report that in win98 and win2k, it takes a really long time to load a file. So you
might just want to wait a while and see what happens.
2. Ethereal
Filters
I tried to use a filter so
I could look only at the GET packets. And when I tried to add the new filter, my
computer crashed rather violently. Anyone got any ideas?
Answers: Go to www.ethereal.com and read the
documentation; they have a pretty good manual up there. I had the program segfault on me once or
twice when I was playing with the filters, too. Mostly, though, they seem to work well.
3. Homework 2
Typos
There are a
couple of typos in HW2. None of these should really affect the answers to the
questions.
1. Trace 4 was only
taken for 1 second. It’s wrongly written as 5 seconds.
2. Trace 5 was taken
with bandwidth set at 3.88 Mbps instead of 2.88 Mbps used for other traces.
4. Question 1:
Why does the RTT
graph show a round trip time much higher than the 10 ms set using Nistnet?
If you carefully
analyze the trace 1, taken at the receiving side. You can observe that there is
a long gap from the time a packet is received and an acknowledgment is sent. This
is a weird artifact of TCP flow-control.
TCP delays acknowledgements for reasons listed in the text book section
on flow control.
5. Question 5b:
Why are ICMP
error packets sent from the destination to the sender?
We believe that
under cases where packets bombard the receiver, as a result of which the
receiver’s buffer gets overfull, ICMP error packets are returned to prevent
further bombardment.