1.1.1.9 Lab – Mapping the Internet - Answers

Certification Answers

1.1.1.9 Lab – Mapping the Internet (Instructor Version – Optional Lab)

Instructor Note: Red font color or gray highlights indicate text that appears in the instructor copy only. Optional activities are designed to enhance understanding and/or to provide additional practice.

Objectives

  • Part 1: Determine Network Connectivity to a Destination Host
  • Part 2: Trace a Route to a Remote Server Using Tracert

Background / Scenario

Route tracing computer software lists the networks that data traverses from the user’s originating end device to a distant destination device.

This network tool is typically executed at the command line as:

tracert <destination network name or end device address>

(Microsoft Windows systems)

or

traceroute <destination network name or end device address>

(UNIX, Linux systems, and Cisco devices, such as switches and routers)

Both tracert and traceroute determine the route taken by packets across an IP network.

The tracert (or traceroute) tool is often used for network troubleshooting. By showing a list of routers traversed, the user can identify the path taken to reach a particular destination on the network or across internetworks. Each router represents a point where one network connects to another network and through which the data packet was forwarded. The number of routers is known as the number of hops the data traveled from source to destination.

The displayed list can help identify data flow problems when trying to access a service such as a website. It can also be useful when performing tasks, such as downloading data. If there are multiple websites (mirrors) available for the same data file, one can trace each mirror to get a good idea of which mirror would be the fastest to use.

Command-line based route tracing tools are usually embedded with the operating system of the end device. This activity should be performed on a computer that has Internet access and access to a command line.

Instructor Note: Some institutions disable ICMP echo replies throughout the network. Before students begin this activity, make sure there are no local restrictions related to ICMP datagrams. This activity assumes that ICMP datagrams are not restricted by any local security policy.

Required Resources

PC with Internet access

Part 1: Determine Network Connectivity to a Destination Host

To trace the route to a distant network, the PC used must have a working connection to the Internet. Use the ping command to test whether a host is reachable. Packets of information are sent to the remote host with instructions to reply. Your local PC measures whether a response is received to each packet, and how long it takes for those packets to cross the network.

a. At the command-line prompt, type ping www.cisco.com to determine if it is reachable.

b. Now ping one of the Regional Internet Registry (RIR) websites located in different parts of the world to determine if it is reachable:

Africa: www.afrinic.net
Australia: www.apnic.net
South America: www.lacnic.net
North America: www.arin.net

Note: At the time of writing, the European RIR www.ripe.net does not reply to ICMP echo requests.

The website you selected will be used in Part 2 for use with the tracert command.

Part 2: Trace a Route to a Remote Server Using Tracert

After you determine if your chosen websites are reachable by using ping, you will use tracert to determine the path to reach the remote server. It is helpful to look more closely at each network segment that is crossed.

Each hop in the tracert results displays the routes that the packets take when traveling to the final destination. The PC sends three ICMP echo request packets to the remote host. Each router in the path decrements the time to live (TTL) value by 1 before passing it onto the next system. When the decremented TTL value reaches 0, the router sends an ICMP Time Exceeded message back to the source with its IP address and the current time. When the final destination is reached, an ICMP echo reply is sent to the source host.

For example, the source host sends three ICMP echo request packets to the first hop (192.168.1.1) with the TTL value of 1. When the router 192.168.1.1 receives the echo request packets, it decrements the TTL value to 0. The router sends an ICMP Time Exceeded message back to the source. This process continues until the source hosts sends the last three ICMP echo request packets with TTL values of 8 (hop number 8 in the output below), which is the final destination. After the ICMP echo request packets arrive at the final destination, the router responds to the source with ICMP echo replies.

For hops 2 and 3, these IP addresses are private addresses. These routers are the typical setup for point-of-presence (POP) of ISP. The POP devices connect users to an ISP network.

A web-based whois tool is found at http://whois.domaintools.com/. It is used to determine the domains traveled from the source to destination.

a. At the command-line prompt, trace the route to www.cisco.com. Save the tracert output in a text file. Alternatively, you can redirect the output to a text file by using > or >>.

C:\Users\User1> tracert www.cisco.com

or

C:\Users\User1> tracert www.cisco.com > tracert-cisco.txt

Tracing route to e144.dscb.akamaiedge.net [23.67.208.170]
over a maximum of 30 hops:

  1     1 ms    <1 ms    <1 ms   192.168.1.1
  2    14 ms     7 ms     7 ms   10.39.0.1
  3    10 ms     8 ms     7 ms   172.21.0.118
  4    11 ms    11 ms    11 ms   70.169.73.196
  5    10 ms     9 ms    11 ms   70.169.75.157
  6    60 ms    49 ms     *      68.1.2.109
  7    43 ms    39 ms    38 ms   Equinix-DFW2.netarch.akamai.com [206.223.118.102]
  8    33 ms    35 ms    33 ms   a23-67-208-170.deploy.akamaitechnologies.com
[23.67.208.170]

Trace complete.

b. The web-based tool at http://whois.domaintools.com/ can be used to determine the owners of both the resulting IP address and domain names shown in the tracert tools output. Now perform a tracert to one of RIR web sites from Part 1 and save the results.

Africa: www.afrinic.net
Australia: www.apnic.net
Europe: www.ripe.net
South America: www.lacnic.net
North America: www.arin.net

List the domains below from your tracert results using the web-based whois tool. ______________________
Answers will vary. cox.net, level3.com, registro.br

c. Compare the lists of domains crossed to reach the final destinations.

Reflection

What can affect tracert results? ______________________
Answer will vary but could include network outages, high traffic loads, firewall blocking ICMP packets, ACL on intermediary devices prevents ICMP packets and asymmetric forwarding paths.