Network Parameter Analysis using Wireshark for ICMP Traffic under Various Network Conditions

Acknowledgements

I would like to express my sincere gratitude to my parents for their constant support, encouragement, and motivation throughout the completion of this assignment. Their guidance and belief in me have been a major source of strength.

I would also like to extend my heartfelt thanks to VIT University and VIT SCOPE for providing a strong academic environment, resources, and opportunities that made this learning experience possible.

I am especially grateful to my course instructor, Subbulakshmi T, for her valuable guidance, continuous support, and insightful instructions throughout the course. Her teaching has helped me understand the concepts of network analysis and practical tools like Wireshark more effectively.

I would also like to acknowledge the use of online resources, documentation, and tools that supported my learning and helped in completing this assignment successfully.

Introduction

In today's computer networks, it's important to check how well the network is working to ensure data moves quickly and reliably between computers.

A big part of how well a network works is how data packets travel and how much time it takes for them to go from one location to another, which shows how effectively data is sent between different systems.

Network settings such as ICMP traffic, TCP connections, and DNS activity provide helpful insights into how well and smoothly a network is working.

By checking these parameters in various traffic conditions, we can tell if the network is getting crowded, if data packets are being dropped, and how the performance is changing.

In this digital assignment, the network parameter we are looking at is how ICMP packets behave, and this is supported by examining TCP and DNS traffic.

The study was conducted using Wireshark, where controlled traffic was created under normal, low, medium, and high conditions. Graphs help show how packets move, track any changes, and give useful insights into how well the network is working.

Objectives

To observe how ICMP packets work using Wireshark.

To look at how network performance changes when there are different types of traffic.

To create and view input/output graphs for analyzing packet data.

To look at how patterns are similar or different in ICMP, TCP, and DNS traffic.

To learn how network congestion impacts the sending of packets.

Description of Source

The SharkFest tutorial provides a full beginner's guide to Wireshark, showing you how to capture network packets, apply filters, and perform statistical analysis.

It helped figure out how to create I/O graphs, apply filters such as ICMP, TCP, and DNS, and interpret packet data for this assignment.

Architecture of the Work

User System sends a command to Command Prompt to generate traffic using Ping. The traffic travels through the Internet Network and reaches the Destination Server at 8.8.8.8. Wireshark captures the network packets on its Capture Interface. Then, the packets are filtered and analyzed. Finally, the data is visualized in a graph.

This structure outlines the entire experiment process, beginning with generating traffic up to the final analysis.

Procedure

1. Normal Traffic

Wireshark was started and the current network connection was chosen.

Packet capture started without making any traffic

Background traffic was recorded for baseline comparison

2. Low Traffic

ping -n 10 8.8.8.8

A few ICMP packets were generated.

Capture was stopped after it finished

3. Medium Traffic

ping -n 50 8.8.8.8

Moderate traffic was made

Packet variation and response patterns were seen

4. High Traffic

ping -n 200 8.8.8.8

A large number of packets were created

Network congestion effects became visible

Additional Notes

All traffic was generated using command-line tools as required

Multiple browser tabs were not used, ensuring controlled traffic generation

Captured data was saved as .pcapng files and analyzed using Wireshark

Inferences (Based on 20 Graphs)

Low Traffic Analysis

The graph shows a steady and uniform packet flow with minimal spikes, indicating low network congestion and stable performance.

ICMP packets are consistently spaced due to controlled ping requests, showing predictable packet transmission behavior.

Packet sizes remain relatively constant, indicating uniform data transmission without significant variation.

A small number of SYN packets are observed, suggesting minimal connection initiation under low load conditions.

 TCP packet activity is limited, indicating low communication overhead in the network.

Medium Traffic Analysis

Packet activity increases significantly compared to low traffic, with noticeable spikes indicating moderate congestion.

ICMP traffic remains consistent but shows slight variation due to increased network load.

DNS packets appear intermittently, representing periodic domain resolution requests.

Packet size variation increases slightly, reflecting mixed traffic conditions.

Increased TCP traffic indicates higher communication overhead and more active sessions.

High Traffic Analysis

The graph shows dense packet activity with sharp spikes, indicating high congestion and heavy network load.

DNS request frequency increases significantly, indicating higher demand for domain resolution.

ICMP packets are densely packed, reflecting continuous ping requests and increased traffic load.

Packet size variation becomes more pronounced, indicating diverse and heavy data transmission.

TCP packet volume increases drastically, showing network congestion and heavy communication overhead.

Advanced Analysis

DNS query packets increase with traffic load, indicating higher request generation in the network.

DNS responses reflect server efficiency, with increased responses under higher traffic conditions.

SYN packets highlight connection initiation, which increases with traffic load.

ACK packets indicate reliable data transmission and acknowledgment behavior in TCP communication.

Larger packets are more frequent under high traffic, indicating increased data load and bandwidth usage.

New Findings and Recommendations

ICMP traffic remains stable under low load but varies under high traffic

TCP connections increase significantly with traffic intensity

DNS request and response rates increase with network usage

High traffic leads to congestion, delay, and packet variability

Efficient traffic management and load balancing can improve performance

Monitoring packet size variation helps identify heavy data usage

Use of AI in this DA

Artificial Intelligence tools were used to:

Create traffic commands and improve workflow

Help interpret Wireshark graphs

Give insights into packet behavior

Improve the structure, clarity, and presentation of the documentation

Conclusion

This assignment shows that network performance depends a lot on traffic conditions.

Under low traffic, the network works well with little delay and variation. However, as traffic increases, congestion becomes clear, leading to more packet variation and worse performance.

Wireshark is a great tool for checking network behavior, letting us look closely at each packet.

The study shows how important it is to manage and monitor traffic to keep the network running well.

YouTube Video Link

https://youtu.be/sdlkDSuUjnQ

GitHub Repository Link

https://github.com/rj2k06/DA3.git

References

SharkFest Wireshark Tutorial

Wireshark Official Documentation