Project 2:  Using Ping for RTT Distribution and Tracert for Route Discovery


In this project we measure and compare the statistics of round-trip times (RTTs) to different destinations. In addition, we discover hop-by-hop routes to various destinations.

Visit the Wikipedia page to learn about the Ping (networking utility)  and  Tracert.
Another useful page is What is Ping?.

For your convenience, the usage information for both programs is printed here.

1.  Experiment Description

Select at least 5 different hosts around the US and on different continents. An example host in Asia is www.ust.hk for the Web server at Hong Kong University of Science and Technology.
Note: If the traced route looks suspiciously short (only few hops), it may be that your chosen website uses a content delivery network, such as akamai.com, in which case the endpoint server will be located within the US. To avoid such scenario and reach a truly intercontinental destination, you should avoid commercial websites and select a governmental or educational website.

Send the ping requests for at least 100 times (preferably 1,000 times). Use the option -n to specify the number of echo requests to send.
[Note: Some hosts refuse to answer the ping requests for security reasons, so you might not be able to ping them and will get a “Request time out” message.]
Try with different size request packets. Use the option -l to set the send buffer size.

Immediately after (or before) running ping,  run tracert for the same destination host.
Record all measurement results.

For each destination, repeat the ping / tracert measurement at least 10 times. Try on different days and during different times of the day, when you suspect that the network will be lightly used versus heavily used. Note that for worldwide locations you need to decide whether the network is heavily used in your region, versus in the destination host region, versus globally.
At the same time use Wireshark to capture all the ICMP packets sent from your host and received from the pinged host.

2.  Captured Data Analysis

Within the tracert measurements, determine if there is a link for which the delay is significantly longer than for others. On the basis of the router names, can you guess the geographic location (country) of the two routers at the endpoints of this link?

Draw a histogram of round-trip-times (RTTs). Your histogram should be shown so that RTT values are along the horizontal axis and the frequency of measurement is along the vertical axis. The scale of the horizontal axis should be from the smallest RTT value to the greatest RTT value. Indicate the time units (such as milliseconds) on the horizontal axis. The scale of the vertical axis should be from zero to the greatest frequency value.
Here “frequency” means how many times you observed a certain RTT value. Consider this example reported by ping:

> Approximate round trip times in milli-seconds:
>     Minimum = 21ms, Maximum = 24ms, Average = 22ms
Then your horizontal axis should show four values for RTTs:
     21, 22, 23, and 24 ms
The vertical axis should show how many times the RTT of 21 ms was observed, how many times 22 ms was observed, etc.

Recall that the IP protocol may deliver packets from the same session along different routes. Analyze the routes observed for the same destination, but during different observation instances. Determine if different routes were recorded during different experiments.

During the analysis of the ping results, compare also the ICMP packets captured by Wireshark.

3.  Report Preparation and Submission

Include the following information in your report:

  1. Name of the pinged destination host, number of ping requests, and the date and time for each measurement. Describe clearly your criteria for choosing “light” versus “heavy” usage periods.
  2. All the statistics (histograms) reported by the ping utility, as well as all the routes reported by tracert.
  3. Drawings of the chain of nodes and links for each traced route, where the nodes are represented as circles and links as lines that connect the nodes.
  4. Discussion of the frequency distributions (histograms) observed for different hosts and different observation periods.
  5. Discussion of tracert links, if any, with a significantly longer delay.
  6. Discussion of differences, if any, in the routes reported for the same destination during different observation instances.
  7. Discussion of the ICMP packets captured by Wireshark during the ping experiments.
  8. The list of references used during the data analysis and report preparation, such as websites, blogs, books, etc.
Label the charts so that it is clear which chart represents which observation.
When presenting a figure in your report, do not just say “see Figure 5”. Tell us where to look in Figure 5 and what should we see. If you don’t tell us where to look and what to see, we may not see interesting or important features that you wanted to highlight and as a result you will not receive credit for your analysis.

You may find useful a shareware version of a Windows program called pingplotter for graphing the Ping and Traceroute results.

The format for the cover page should be the same as for project 1.

To receive credit, it is not enough just to attach the raw Wireshark data to your report. Instead, you must analyze and discuss the data, and include diagrams and charts. It is critical that your report summarizes the captured data in diagrams, and the narrative provides discussion and explanation of the observations.
The items listed above form just a minimum requirement for the report and can be satisfied to a different degree. Only the students who have performed greatest number of experiments and provided most extensive analysis and discussion of their results shall receive the top score (100%). The reports that have satisfied all the required items, but only to a bare minimum, shall receive 60% out of 100% of the maximum score.

Submission deadline given on the course syllabus page.

4.  Related Information

Search keywords: "wireshark route discovery", "wireshark path mtu discovery", "wireshark rtp capture filter", "wireshark capture filter sip rtp"

Wireshark Q&A - measuring round trip time

Streaming media, From Wikipedia, the free encyclopedia

What protocol does youtube use to stream videos... RTSP or HTTP?

YouTube API Blog - News and Notes for Developers, Tuesday, June 29, 2010
Flash and the HTML5 <video> tag

Apple - iTunes - Podcasts - FAQs: For Podcast Fans


tracert usage information

C:\Users\ivan>tracert

Usage: tracert [-d] [-h maximum_hops] [-j host-list] [-w timeout]
               [-R] [-S srcaddr] [-4] [-6] target_name

Options:
    -d                 Do not resolve addresses to hostnames.
    -h maximum_hops    Maximum number of hops to search for target.
    -j host-list       Loose source route along host-list (IPv4-only).
    -w timeout         Wait timeout milliseconds for each reply.
    -R                 Trace round-trip path (IPv6-only).
    -S srcaddr         Source address to use (IPv6-only).
    -4                 Force using IPv4.
    -6                 Force using IPv6.

ping usage information

C:\Users\ivan>ping

Usage: ping [-t] [-a] [-n count] [-l size] [-f] [-i TTL] [-v TOS]
            [-r count] [-s count] [[-j host-list] | [-k host-list]]
            [-w timeout] [-R] [-S srcaddr] [-4] [-6] target_name

Options:
    -t             Ping the specified host until stopped.
                   To see statistics and continue - type Control-Break;
                   To stop - type Control-C.
    -a             Resolve addresses to hostnames.
    -n count       Number of echo requests to send.
    -l size        Send buffer size.
    -f             Set Don't Fragment flag in packet (IPv4-only).
    -i TTL         Time To Live.
    -v TOS         Type Of Service (IPv4-only. This setting has been deprecated
                   and has no effect on the type of service field in the IP Head
er).
    -r count       Record route for count hops (IPv4-only).
    -s count       Timestamp for count hops (IPv4-only).
    -j host-list   Loose source route along host-list (IPv4-only).
    -k host-list   Strict source route along host-list (IPv4-only).
    -w timeout     Timeout in milliseconds to wait for each reply.
    -R             Use routing header to test reverse route also (IPv6-only).
    -S srcaddr     Source address to use.
    -4             Force using IPv4.
    -6             Force using IPv6.

@   Back to Wireshark projects page

&   Back to Computer Networks textbook page

Last Modified: Wed Nov 14 18:24:37 EDT 2012

Maintained by: Ivan Marsic