2012 .
, , .
210700 - ( , ) 5 , 210400 ( 210406 ).
, . - .
2012., .
:
..
:
.
, ... ..
.
, ... ..
1.
WireShark.................................................................. 4
2. TCP/IP
-....................................................... 7
3. Ethernet
VLAN.................. 11
4 IP/MPLS
.................................................... 19
1
- WireShark
() WireShark. Ethernet-, ( , - ..). (ICMP, ARP).
[1] - WireShark.
WireShark c [2].
|
|
IMP. 5 ( ).
ARP (RARP). 5 ( ).
WireShark
Wireshark WinPCAP 4.0.2, . , Wireshark.
, Wireshark . , Capture > Options (Ctrl + k), Start. , , , 2-, 3- 4- . . .
, . , . , Filter, Expression . , , , , tcp.srcport == 12345, TCP- 12345.
ICMP-, ARP. ARP , MAC- IP-. ARP RARP. MAC-, ARP. MAC- Windows arp d, MAC- arp a. MAC- ARP ICMP IP-. ICMP ping, ping www.google.com ping 192.168.0.1.
ARP ICMP , MAC- .
10.16.64.106 | http://ru.tc.alcatel.ru/ | www.google.com | |
10.16.64.105 | http://ru.tc.alcatel.ru/ | www.google.com | |
10.16.64.104 | http://ru.tc.alcatel.ru/ | www.google.com | |
10.16.64.103 | http://ru.tc.alcatel.ru/ | www.google.com | |
10.16.64.102 | http://ru.tc.alcatel.ru/ | www.google.com | |
10.16.64.101 | http://ru.tc.alcatel.ru/ | www.google.com |
|
|
Wireshark. ARP ICMP ICMP.
1. ARP Broadcast?
2. , ?
3. DHCP request (Source) IP- 0.0.0.0?
4. ping?
5. DNS ?
1. http://www.wireshark.org/docs/wsug_html/
2. http://www.wireshark.org/download.html
2
TCP/IP - HTTP-
TCP/IP WireShark TCP-. TCP- , TCP-. HTTP-.
[1, 2, 3] TCP.
HTTP.
HTTP. TCP HTTP.
5 ( ).
.
TCP HTTP. Wireshark
TCP . . TCP , , . TCP- TCP- . TCP .
HTTP - TCP. - , . GET, HTTP-. HTTP TCP-, HTTP/1.1 . - 80 TCP-.
HTTP- -, . DNS, -. HTTP- TCP- . Analyze TCP sequence numbers Edit > Preferences > TCP.
TCP Wireshark TCP-. TCP/HTTP Follow TCP stream ( ), HTTP- TCP-. Wireshark TCP- Statistics > Flow graph.
|
|
HTTP/TCP -:
Ø www.tc.alcatel.ru
Ø www.mail.ru
Ø - 20.
DNS . 80 , .
TCP- -. :
Ø DNS DNS;
Ø TCP TCP;
Ø HTTP ( GET).
- ( Visio) TCP- . :
( , TCP-, -, -);
TCP- - , ;
TCP- (, , , , );
TCP- RTT (Rount-Trip Time) RTO (Retransmission TimeOut);
GET.
1. , -?
2. Duplicated Ack, ?
3. TCP segment of reassembled PDU?
4. Win?
5. ?
1. . . , . . . . , , . . 3- . . . , . . .
2. . , . . Microsoft Windows Server 2003. TCP/IP. .
3. . .. . . .: , 2008. 168 .
4. .. : - .: , 2004. 336 .
3.