EEL7200 :

Data Communication and Networking

Lab Report

Name: ADITYA PRATAP SINGH

Roll Number: M24EEI019
Program: Intelligent Communication System
2
Chapter 1

Lab-1

1.1 Objective
Introduction to Wireshark

1.2 Problem-1
Open the network interface and list 5 different protocols you are able to trace.
Solution 1(a): After opening the network interface in Wireshark and capturing packets for a
brief period, the following five protocols were traced:

• TCP (Transmission Control Protocol): A reliable transport protocol used for HTTP,
HTTPS, and other services.

• UDP (User Datagram Protocol): A connectionless protocol used for lightweight services
like DNS.

• TLSv1.2 (Transport Layer Security v1.2): A protocol used for secure encrypted commu-
nication (commonly for HTTPS).

• NBNS (NetBIOS Name Service): Used for name resolution in older Windows networks.

• ARP (Address Resolution Protocol): A protocol for mapping IP addresses to MAC ad-
dresses on a local network.

1.3 Problem-2
Send a request to 3 websites using HTTP and capture the packets using Wireshark.
Solution 2: To perform this task:

1. Open Wireshark and start capturing packets.

2. Open a browser and visit the websites google.co.in, facebook.com, and github.com.

3. Stop the packet capture once the websites have loaded completely.

4. Filter the captured packets using the Wireshark filter dns.

3
4 CHAPTER 1. LAB-1

1.4 Problem-3
For each of the websites, complete the following tasks:

1.4.1 Part (a): Identify the source and destination IP addresses

Solution 3(a): For the HTTP GET request packets:

• Source IP Address: This is the IP address of your computer (23.223.243.57).

• Destination IP Address: This is the IP address of the server hosting the website:

– For google.co.in, the IP address is 142.250.194.227.

– For facebook.com, the IP address is 163.70.145.35.
– For github.com, the IP address is 20.207.73.82.

1.4.2 Part (b): Identify the source and destination MAC addresses
Solution 3(b): In the Ethernet II frame section of the packets:

• Source MAC Address: (cc:b6:c8:fe:32:9f) This is the MAC address of your computer’s
network interface.

• Destination MAC Address: (98:fa:9b:1c:c2:30) This is the MAC address of your gateway
or router.
1.4. PROBLEM-3 5

1.4.3 Part (c): Are the addresses the same or different? Explain.
Solution 3(c):
• The 23.223.243.57 and cc:b6:c8:fe:32:9f remain the same for all three websites because the
requests originate from the same client device.
• The destination IP addresses are different because each website is hosted on a different
server.
• The destination MAC addresses may remain the same if all requests are routed through
the same gateway/router on your local network.

1.4.4 Part (d): What is the response for the HTTP requests?
Solution 3(d): For each HTTP GET request, the responses were:
• google.co.in: HTTP/1.1 200 OK.
• facebook.com: HTTP/1.1 200 OK.
• github.com: HTTP/1.1 200 OK.

1.4.5 Part (e): Time taken from request to response

Solution 3(e): The response time for each website is calculated as:
Response Time = Timestamp of HTTP Response − Timestamp of HTTP GET Request
In our case:
• google.co.in: 13 ms.
• facebook.com: 13 ms.
• github.com: 37 ms.

1.4.6 Part (f ): Reload the website and capture traffic again

Solution 3(f ): Reloading the websites resulted in the following HTTP response codes:
• google.co.in: HTTP/1.1 304 Not Modified.
• facebook.com: HTTP/1.1 304 Not Modified.
• github.com: HTTP/1.1 304 Not Modified.

1.4.7 Part (g): Measure the time for response after reload
Solution 3(g): The response times after reload were observed to be shorter:
• google.co.in: 11 ms.
• facebook.com: 12 ms.
• github.com: 20 ms.
6 CHAPTER 1. LAB-1

1.4.8 Part (h): Identify whether the packets use TCP or UDP
Solution 3(h): All HTTP packets were sent using TCP, as HTTP relies on a reliable transport
layer protocol.

1.4.9 Part (i): Client and server port numbers

Solution 3(i):

• Client Port: A random high port number assigned by the client (e.g., 49152, 49153, 49154).

• Server Port: Typically 80 for HTTP or 443 for HTTPS.

1.4.10 Part (j): Print the packets into a PDF

Solution 3(j):

1. In Wireshark, select the HTTP GET and corresponding response packets for any website (e.g.,
google.co.in).

2. Go to File > Export Specified Packets.

3. Save the packets in PDML or Plain Text format.

4. Use a PDF editor to highlight the IP and MAC addresses in the exported packets.