CS 725/825 Computer Networks, IT 725 Network Technology

Assignment 2

Due: Wednesday, October 15, 2025, 2:10 pm (start of the class)

Problems:

  1. (10 points) Use the dig command to emulate name resolution of a hostname of your choice by someone outside of the domain of that hostname. That is, first query one of the root name servers, get a list of TLD name servers for the TLD of the hostname that you have picked, get a list of name servers serving the domain, query one of those to get the IP addresses that correspond to that domain. Remember that the command option @<IP address> allows you to select a specific name server. Option +norecurse prevents a name server from performing a recursive query. The authoritative list of root name servers (named.root) can be downloaded from https://www.iana.org/domains/root/files. There is an option of dig that will make it perform all the steps in one go; you are not allowed to use it.
  2. (5 points) Redo the first step of the process described above (finding an IP address of the TLD name server for the TLD of the hostname you picked) by looking up the information in the Root Zone file (root.zone) that can also be downloaded from https://www.iana.org/domains/root/files. This file is used by the root name servers, and you will be effectively performing the task of a root name server. In the report, give the lines from the root.zone file that you used to get the answer (an IP address of one of the TLD name servers).
  3. (5 points) Even though there are 13 root name servers listed in the named.root file, the corresponding IPv4/IPv6 addresses are anycast, each of which corresponds to multiple geographically distributed sites. Try performing a traceroute to one of the root name servers from multiple different networks and see if you get different sites. Pay attention to the route itself; given the way anycast works, the final hop will always be the IP address/hostname of the root name server you are targeting. An online tool, Network Looking Glass provided by a network service provider, Hurricane Electric can help you with running a traceroute from multiple vantage points.
  4. (10 points) Analyze a trace of network traffic https://www.cloudshark.org/captures/80398e0fd263 and answer the following questions:
    1. In a few sentences, describe the content of the trace.
    2. What is the name of the program that initiated the network traffic captured in the trace?
    3. What is the hostname of the machine where the command was executed?
    4. What type of DNS query did the client make? Was an IPv6 address requested?
    5. What was the hostname of the DNS server used?
    6. How long did the name resolution (DNS) take?
    7. Was the DNS response authoritative?
    8. Which HTTP command was used?
    9. What was the result?
  5. (10 points) When you look more closely at what is happening in the trace above, you can observe something odd. The client is trying to connect to host mask.apple-dns.net, a hostname that is owned by Apple and yet the returned IP address, 132.177.102.27, is within UNH's address space.

    6. What is going on here? 132.177.102.27 (notice.unh.edu) is not affiliated with Apple in any way.

    Trying to resolve the name on the UNH network, even when using an external resolver, confirms the result:

    % dig mask.apple-dns.net @1.1.1.1

; <<>> DiG 9.10.6 <<>> mask.apple-dns.net @1.1.1.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6114
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;mask.apple-dns.net.		IN	A

;; ANSWER SECTION:
mask.apple-dns.net.	1	IN	A	132.177.102.27

;; Query time: 1 msec
;; SERVER: 1.1.1.1#53(1.1.1.1)
;; WHEN: Tue Sep 23 17:14:02 EDT 2025
;; MSG SIZE  rcvd: 52

    However, when you try to resolve the name from outside of the UNH network, you get quite different (and correct!) results:

    % dig mask.apple-dns.net @1.1.1.1

; <<>> DiG 9.10.6 <<>> mask.apple-dns.net @1.1.1.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 63940
;; flags: qr rd ra; QUERY: 1, ANSWER: 8, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;mask.apple-dns.net.		IN	A

;; ANSWER SECTION:
mask.apple-dns.net.	96	IN	A	17.248.138.139
mask.apple-dns.net.	96	IN	A	17.248.254.100
mask.apple-dns.net.	96	IN	A	17.248.254.106
mask.apple-dns.net.	96	IN	A	17.248.138.135
mask.apple-dns.net.	96	IN	A	17.248.138.137
mask.apple-dns.net.	96	IN	A	17.248.254.105
mask.apple-dns.net.	96	IN	A	17.248.138.136
mask.apple-dns.net.	96	IN	A	17.248.254.101

;; Query time: 15 msec
;; SERVER: 1.1.1.1#53(1.1.1.1)
;; WHEN: Tue Sep 23 17:07:13 EDT 2025
;; MSG SIZE  rcvd: 175
  6. (10 points) Explore basic HTTP/1.1 protocol exchange using command line utility nc:
    1. Connect to a web server, send a well-formed GET request and capture the server's response. You can see an example of an HTTP request/response in Question 4. Briefly describe each line in the HTTP response. No need to analyze the document itself.
    2. Pretend to be a server and capture an HTTP request made by a browser. Briefly describe each line in the request.

    You are expected to look up the meaning of the header lines that were not discussed in the class but there is no need to go beyond one sentence. nc, a.k.a. netcat, is just one example of a utility that can be used. socat is another popular one. telnet can be used for the first part. Any tool/method that allow you to see the entire HTTP request and response is fine.

Programming assignment:

  1. (50 points) The goal of this assignment is to write a pair of programs that allows you to measure the offset between the system clocks of two computers connected over a network. The solution must take into an account the time it takes to propagate the messages from one system to another.

    2. More specifically, the client notes the current time t1, sends a request to the server, the server notes the time the request arrived t2, prepares the response, gets the time the response is ready to leave t3, and sends both t2 and t3 back to the client. The client notes the arrival time of the response t4 and calculates the round trip time (RTT) as (t4 - t1) - (t3 - t2), and the clock offset as (t1 + RTT/2) - t2:

    timing diagram

    As you will see, your clock offset observation will differ slightly from run to run. This is a result of variable latencies in the underlying system. In order to get more precise results, your program must run the message exchange outlined above multiple times and use the multiple measurements to come up with a more precise estimate of the clock offset. How exactly you combine the measurements is an open part of the assignment and should be outlined in the program report.

    You are free to pick any underlying protocol for the message exchange as well as the programming language. While it is perfectly fine to run both client and server on the same machine for initial testing (in that case, both use the same clock and your program should report an offset close to zero). You do have to carry out the final experiments between two different computers. You can pick any pair of computers but two Linux servers are set up on the CS network (rb1.cs.unh.edu and rb2.cs.unh.edu) and available for your experiments. The servers have the standard development tools installed. Accounts are being set up for all students in the course with the same username as you have on Agate but with a different password. Your password has been stored and can be found in your home directory on Agate in a file named cs725.info, cs825.info, or it725.info, depending on what course you are registered for. The servers do not mount your Agate filesystem. The best way to keep your code in sync between your development environment and both machines is to use git and create multiple clones of your repository.

    You will not be able to install software on rb1.cs.unh.edu and rb2.cs.unh.edu beyond what a regular user can do (e.g., Python users are encouraged to use virtual environments). Check early if a library/module/tool that you plan to use is actually there. You can ask for anything reasonable to be installed there but it will take at least till the next business day. As always, you are encouraged to start early.

    Extra Credit: Network interfaces on rb1.cs.unh.edu and rb2.cs.unh.edu support hardware timestamping of packets. A functional solution that utilizes this capability will earn you 50 extra assignment points.

    Submission instructions:

    Upload your submission as a single PDF file using myCourses (mycourses.unh.edu). Any source code used in the assignment must be committed to the course Git repository. More details can be found in the standard assignment submission instructions.