Lab Manual

Building a network
Data Communications and Computer Networks Lab 2G1316/2E1616 Data Links and Local Area Networks Lab 2E1623
Ignacio Ms Ivars Evgueni Ossipov Hctor Velayos Mikael Rudholm Version 4.0
Laboratory for Communication Networks Department of Signals, Sensors and Systems KTH, Royal Institute of Technology
Laboratory Manual
Chapter 1
Introduction
1.1 Purpose of the laboratory
The main goal of this laboratory is to give you an overview of the different processes involved in building a network, such as a corporate network. You will have to plan the IP address scheme, congure and test the equipment, as well as congure several applications and servers typical of any corporate network (DNS servers for example). After you have completed the laboratory exercises, you should be familiar with the practical issues of the different concepts explained in the course, as well as with the real equipment used nowadays in computer networks.
1.2 Duties before the lab starts

Students are required to book their lab positions and submit the homeworks before the lab starts. Students missing the homework submission will not be accepted to the lab. Students without a booking cannot be guaranteed a place in the lab.
1.2.1 Homeworks
The lab sessions will be performed in groups of two persons. Each of these groups has to hand in one solved copy of the homeworks that are included at the end of this manual. The graded homeworks will be handed back during the rst laboratory session. The maximum number of failed questions to pass is stated in the homework header. Those students who do not pass the homeworks will have to correct the failed questions during the rst lab session and submit the corrected version by the end of the session. The homeworks check that you have enough theoretical knowledge of the tasks that you will perform in the lab. Since these tasks are not part of the course book, you will have to read this manual and its references carefully to complete the homeworks.
1.2.2 Booking lab positions

1. The lab booking will be available from the rst lecture of the course. 2. The lab work is divided into three sessions. Each student must book a date for each one of the lab sessions. 3. The booking is individual, but there will be two students per group during the lab session. If you have a preferred mate for the lab, make sure you both book the same dates. 4. Every session is offered on different dates and times for your convenience.
1.3 Rules of behavior in the laboratory

1. Every laboratory sessions begins SHARP at the specied time in the schedule. Be on time! Students who arrive later than 15 minutes after the laboratory session had begun will not be accepted to that session. 2. Each lab session is four hours long. Students are welcome to take 10 minutes break during the session when they consider convenient. 3. Please bring your identity cards with you. 3
1.4. How to use/read this manual 4. Students must have their own copies of the laboratory manual. 5. Food and drinks are not allowed inside the laboratory.
1.4 How to use/read this manual

This manual is divided into different chapters and sections. Each chapter corresponds to a logical unit in the lab, like this introduction, the different lab sessions and the homeworks that you are required to do before the lab. The lab sessions have two parts: before the lab and during the lab. Each of the sessions is self-contained and includes the theory that you will need, either written in this lab manual or as pointers to the proper places to nd it. You are required to read both sections carefully and to have a clear idea of the different concepts that you will have to manage while executing the lab tasks. Before the laboratory session: The rst thing that you should do is to read the manual completely and start studying the concepts explained in the Before the session sections. Your understanding of these concepts will be tested in the homeworks. During the laboratory session: While you are in the lab you must have a copy of the lab manual and your solved homeworks, and perform the different tasks specied. Each of the tasks contains questions that you have to answer. To pass the lab, students must successfully complete all tasks. You must also read this part of the manual before you attend the lab, so that you are familiar with the tasks and their questions. You will not have time to read the manual during the lab!
1.5 Notation used in the manual

Whenever an example of syntax is given in the manual, the following conventions apply: The commands meant to be written in the different terminals, whether it is a router or a PC, are written in bold letters.

Parameters that you have to substitute with their proper values are written in italic. Parameters inside square brackets are optional and if applied should be written without the square brackets.
Example of syntax in this manual:

ping [-LRUbdfnqrvVaA] destination
Example of issued command:

ping -b 255.13.1.0
1.6 Credits
Parts of this lab manual have been transcribed literally or with small modications from the white paper Understanding IP addresses: everything you ever wanted to know by Chuck Semeria ( c 3Com corporation), used with kind permission of 3Com, and from different Linux HOWTOs and manuals.
Laboratory Manual
Chapter 2
Lab Session 1: Building a network Before the session

2.1 Representation of networks in diagrams
Network diagrams show the relationship between the elements of communication networks such as computers, peripheral devices and network equipment. A diagram is the main documentation of a network and its importance cannot be overemphasized. Often, it is the key resource when troubleshooting the network. The network diagram shows how the network operates, so the main task of the network administrator is to maintain the network functioning as its diagram species. As a general rule, any modication to the network must rst be made to the network diagram, the side effects analyzed and then, if everything works properly, the network equipment will be recongured following the new diagram. Despite the fact that there are standards for most of the network parts, the network diagrams are not standardized at all. Developing appropriate network diagrams requires a mixture of experience, knowledge and likely some art. It is a skill that will only be developed through practice, although the study of existing diagrams helps a lot. In these brief notes you will receive some guidelines to interpret network diagrams and then you will practice with the diagram for the lab session. When reading a network diagram, the rst thing to discover is the represented layer. As the network diagram shows the relationships between networked elements and these happen at different layers, it is natural that diagrams are classied according to the network layers. The most frequent diagram is the network layer diagram, which shows IP networks and routers between the networks. Usually they are fairly complex, so they do not show any information of other network layers. It is important not to overload the diagrams with information, therefore the details of the individual networks are included in link layer network diagrams. This type of diagrams have a narrower scope (a single sub-network typically) and contains a lot of details about the link and possibly physical layers. Higher level diagrams are also frequent, showing the arrangement of network services like DNS or DHCP, or the relationship between application servers Figure 2.1: Network symbols often used in network and clients. Common to all these types of diagrams is the use of symbols diagrams. to represent the different entities. These symbols are not standardized. The diagram author can use any symbols he likes. However, these symbols must be used in a consistent way. This means that both a square and a circle can represent a router, but all routers in the diagram must be represented using the same symbol. In this lab, we will use the symbols in Figure 2.1. Files with these symbols in different formats can be downloaded freely from the Internet (http://www.cisco.com/warp/public/503/2.html). The symbols are classied into three categories: network devices, user devices and media. Among the network devices you can nd the representation for hubs, switches and routers. The user devices group contains icons for PCs, servers and PCs that act as routers. Finally, the media category contains the symbols for Ethernet connections, serial lines and the cloud. The cloud is a special symbol used to represent parts of the network not shown in a particular 5
2.2. Equipment description
Before the session
diagram. Thus, it can represent an unspecied network media or whole networks, which is its normal usage. Additional information can be included in the diagram using alphanumeric strings, like IP addresses, host names or device ports. The next section contains some network diagrams that will be used during the lab. At the same time, these diagrams are good examples for the brief notes just introduced.
2.1.1 The network diagram for this session

During this lab session you will work with what could be a corporate network of a company with several hundreds of users. The name of the ctitious company is Acme. It has four departments: administration, production, marketing as well as research and development. Each department is divided into four areas, with a Fast Ethernet serving each area. There is a router per area, which connects the Fast Ethernet to the departments backbone network. The company has four backbones, one per department. All the backbones are connected to the main router of the company, which provides access to the Internet among other services. This network is depicted in Figure 2.2. It is a network level diagram of Acmes network, containing also the IP addresses used. It is natural that this diagram of a relatively complex network looks confusing at the beginning. Take your time to review it and understand all its data. It will be your guide for troubleshooting the network. As you can see in the gure, the network is quite symmetric. The whole network is called "ACME network", its domain name is "acme" and it will use the block of IP addresses from 192.168.0.0 to 192.168.0.255 (i.e. 192.168.0.0/24). These addresses are dened as "private" by IANA (see http://www.iana.org and RFC 1918), thus they can only be used internally. The main router of the company, the PC-router depicted in the center of the gure, will implement NAT (Network Address Translation) to provide access for the hosts to the Internet, using public IP addresses. Each department has a backbone implemented with a Fast Ethernet. Each backbone has a block of eight IP addresses assigned. The rst address of the block identies the network, the second is assigned to the gateway connecting it to other networks, while the rest of the addresses are assigned to the interfaces of the routers that connect the backbone with the departmental area networks. Note that the last address of the block is reserved for the network broadcast. The domain name for the four backbones is acme. An example of a interface name in the backbone is pro.acme (interface to the production network backbone in the main router). Another example is mar1-in.acme (access interface to the area 1 network of the marketing department from the marketing backbone). The names are meant to help you nd its correspondent interface in the network diagram. Each departmental network is composed of the backbone and four area networks. The user hosts are connected to the area network, never to the backbone. Each area network is a Fast Ethernet network with a router to the departmental backbone. A block of eight IP addresses is assigned to each area network. The rst one identies the network, the second is given to the internal router interface, the third to the switch (needed for its remote conguration features), the fourth to the area server, the last is the network broadcast and the rest can be assigned to user terminals. Each department has its own domain name. Administration has adm.acme, marketing has mar.acme, production has pro.acme and research & development has rad.acme. In addition, there are special domain names per area network. Examples of names in the area networks are ns.area1.adm.acme (DNS server of the area 1 network of administration) or sw.area2.pro.acme (switch of the area 2 network of production). Again the names are meant to help you nd the position of the interface in the network diagram. Figure 2.3 contains more details of the area network. It depicts the network and link layers, including some physical details such as the router ports. This gure corresponds to the area 1 of the R&D department and also includes the departmental backbone. The rest of the areas and backbones are connected in the same way.
2.2 Equipment description

You will work with different pieces of network equipment such as cables, switches and routers during this lab. You should know what their functions and capabilities are in general terms. This section shows the actual models that you will nd in the lab. It also contains some guidelines to identify the equipment and its interfaces. All the equipment is classied into four groups: cables, switches, routers and terminals. Below there is one subsection dedicated to each group.
2.2.1 Cables and connectors

All the cables used in the lab are terminated with adequate connectors on both ends. Two major types of cables will be used in the lab, power supply and data cables. The power supply cable is necessary for the equipment to be powered, but it does not participate in the transmission of data signals. Figure 2.4 shows the power supply cable for PCs, routers and switches.
Laboratory Manual
Before the session
Figure 2.2: Acmes network diagram.
Laboratory Manual
Before the session
Figure 2.3: Detailed network and link layer diagram.
Figure 2.4: Power supply cable.
Figure 2.5: RJ 45 plug.
For data communication we will use different cables depending on the link layer technology, though the media will always be copper. For the Ethernet connections, we will use four-pair category 5 Unshielded Twisted-Pair (UTP) cabling with RJ45 plugs on both ends. Figure 2.5 shows the RJ45 plug at the end of the UTP cable. This type of cable contains eight individually insulated wires twisted in pairs. Each pair is colored with one wire having a solid color (blue, orange, green, or brown) and the other wire having a stripe of the same color over a white background. Each wire is named by its color when it is solid (e.g. green) or by the pair white and color of the stripe otherwise (e.g. white-green). The pairs are identied by the solid colors (e.g. green pair). The RJ45 plug has eight pins, numbered from 1 to 8. So that each one of the wires of the four-pairs UTP cable will be connected to one pin. The assignment of wires to pins is named color code and it is different depending on the standard. We will use both the EIA/TIA 568A and 568B standards. Their color assignment can be Figure 2.6: Standards for color codes. seen in Figure 2.6. We will need two different types of cables for Ethernet connections: crossover cables and straight-through cables. A crossover cable must be used to connect Ethernet ports of two PCs directly, or two routers or two switches (when the uplink port of the switches is not used). It has one RJ45 plug wired following the 568A standard and the other following the 568B standard. A straight-through cable must be used to Laboratory Manual 8
Before the session
Figure 2.7: DB9 to RJ45 adapter.
Figure 2.8: Rollover cable.
Figure 2.9: Cabling rack in the lab connect the Ethernet ports of a switch to PCs or routers. It has both RJ45 plugs wired following the 568B standard. The only way to identify whether an Ethernet cable is a crossover or straight-through cable is to check the color code at both ends. More information about Ethernet cables and how to make them can be found at http://www.duxcw.com/ digest/Howto/network/cable/cable5.htm. General information about connectors, pin-outs, cables and adapters can be consulted at http://www.hardwarebook.net/ A different cable must be used to connect a PC to the console port of a Cisco device. The console port is a serial port, thus it must be connected to the PC serial port. The console port is a RJ45 jack while the PC serial port is a DB9 connector. To connect both ports properly, we will use the DB9 to RJ45 adapter (see Figure 2.7) and a new type of cable known as roll-over cable. A roll-over cable also uses 8 wires with RJ45 plugs on both ends, but it is different from the straight-through or crossover cables. In a roll-over cable, the pins on one end are reversed on the other end. Thus pin 1 on one end connects to pin 8 on the other end. Pin 2 connects to pin 7, pin 3 connects to pin 6 and so on. Figure 2.8 shows a roll-over cable. Finally, yet another arrangement must be used to connect two PCs through their serial ports. In this case, we would link two DB9 to RJ45 adapters using a roll-over cable. And then each DB9 plug will be connected to the serial ports of each PC. In addition to these cables, there is permanent cabling in the lab room that you will need to use to connect the routers outer interface to the departmental backbones. The permanent cables run in the ceiling and link each lab position with the labs cabling rack. The cabling rack is right by the entrance. It contains the departmental switches and two patch panels above them. Figure 2.9 shows the interior of the cabling rack. Each switch has a label indicating to which departmental backbone belongs. Each patch panel socket is marked with Laboratory Manual 9
2.3. Cisco software
Before the session
a label (e.g. 11A-21) and connects to a similar socket with the same label by the tables. The sockets by the table are labeled Laboratory LAN. Figure 2.10 shows the sockets by the tables. The connection between the sockets in the patch panel and by the tables is equivalent to straight-through cable. The connection of the routers outer interface to the departmental backbone requires two straight-through cables. Use one to connect the routers outer Ethernet interface to one socket by the table labeled Laboratory LAN. Use the other to connect the socket in the patch panel with the same label to any port of the appropriate departmental switch.
2.2.2 Switches
The switch you will use in the lab is a Cisco Catalyst 3512 XL. In the front it has twelve 10/100 Ethernet switched RJ45 ports plus two additional Gigabit Ethernet slots. The Ethernet ports will be used to connect the equipment of the area network. The Gigabit slots will not be used in this lab. In the back it has the RJ45 console port for its conguration and the three-pin power supply socket. It does not have a power switch, the equipment is turned on when connected to the power supply. Each port is labeled on the box with a name, which it is also used to identify the port in the conguration menus. Figure 2.12 shows the front and Figure 2.13 shows a closer view of the Ethernet ports in the front. Note that each port is given a number, with number one in the top left corner. The number allows identication of the ports in the conguration le, but there is no difference in the behavior of the ports. Any of them can be used to connect equipment to the switch. More information about this model can be found at http: //www.cisco.com/univercd/cc/td/doc/product/lan/c2900xl/29_35xu/index.htm There are additional switches inside the cabling rack. You will use them to connect your router to the departmental backbone, but you do not have to change their conguration.
2.2.3 Routers
The router you will use in the lab is a Cisco 2621. All its ports are situated in the back. It has two 10/100 Ethernet RJ45 ports, a RJ45 console port for its conguration, a three-pin power socket and a power switch. Each port is labeled in the box with a name, which it is also used to identify the port in the conguration le. Since the router forwards packets between its ports, it is very important to connect each network to the proper port. Figure 2.14 shows the front and Figure 2.15 shows the ports in the back. Figure 2.11: Back of the More information about this equipment can be found at http://www.cisco.com/ Dell PC. en/US/products/hw/routers/ps259/index.html
2.2.4 Terminals
Personal Computers (PCs) running Linux will be used as terminals in the lab. Each area network has a laptop PC, which will be used as the network server for the area network. All the ports of this PC are in the back. Its most important ports for this lab are the 10/100 Ethernet RJ45 port and the DB9 serial port. Figure 2.11 shows the back of the laptop PC at the lab. Additional PCs, laptops or desktops, can be connected to the area network. These PCs must have a RJ45 Ethernet port. This port will be connected to any free port in the switch to join the area network.
2.3 Cisco software

In this section we will review the conguration process of the Cisco equipment in the lab. The best way to prepare yourself for this task, it is to read the manufacturers documentation. This is available on line, so we will not copy it here but we will give you some references. Read these references in advance. You will not have time during the lab. Since there is a huge amount of published documentation, the next paragraphs contain some guides on what are the parts that you must study for this lab. The software conguration guide for the Cisco 2600 router is available on line at http://www.cisco.com/ univercd/cc/td/doc/product/access/acs_mod/cis2600/sw_conf/26_swcg/index.htm. Start reading from the section "About this guide" on the objectives, organization and conventions of the document. Then go to the chapter 1, "First-time conguration", which explains how to congure the router initially. This chapter describes both the 3600 and 2600 model series, read only the part related to the Cisco 2600 series. It is important to review the "Cisco 2600 Series Interface Numbering". While reading this part, recall that the routers in the lab have two Fast Ethernet ports in slot 0. Then read the following sections to overview the initial conguration process of the router: "Using the Setup Command Facility", "Conguring Global Parameters" and "Conguring Interface Parameters". This last section describes several interface types, read only the "Fast Ethernet Interface Conguration" section. Finally read the "Completing the conguration" section. During the lab you will congure the router as these sections describe, so Laboratory Manual 10
2.3. Cisco software
Before the session
Figure 2.10: Cabling sockets by the tables in the lab
Figure 2.12: Front of the Cisco Catalyst 3512 XL.
Figure 2.13: Ethernet ports in the front-left of the Cisco Catalyst 3512 XL.
Figure 2.14: Front of the Cisco 2621.
Figure 2.15: Ports in the back of the Cisco 2621. Laboratory Manual 11
2.3. Cisco software
Before the session
read them carefully. After reading it, read section 2.3.3 of this manual about the same topic. It contains the answers to the set up questions that you should use during the lab. After reading the rst chapter, move on to the second, "Cisco IOS software basics". It describes general aspects of the Cisco IOS software, which you need to know before working with the router. Read it completely, with special attention to the different conguration modes, how to get help on the commands from the command line interface and how to undo a command or feature. To complete the review of the router documentation, read chapter 3 titled "Conguring with the Command Line Interface". It describes the commands to actually congure particular functions of the router. Read sections "Conguring Fast Ethernet Interfaces", "Checking the Interface Conguration" and "Saving Conguration Changes". By reading thoroughly these sections of the documentation, you will obtain a good knowledge of the router, its software and of how to congure it. However you might still need more information of particular commands. To obtain it, use the master index of the Cisco IOS Conguration Guide, Release 12.0 available at http://www.cisco.com/ univercd/cc/td/doc/product/software/ios120/12cgcr/cbkixol.htm. Use this reference to read about the "ip route" commands. It will be used during the lab to create the routing table of the router. Read also about the commands "ping" and "trace" in their privileged and user versions, since you will use them to troubleshoot the network. All this information only applies to the router conguration. There is an equivalent document for conguring the switch called "Cisco IOS Desktop Switching Software Conguration Guide". If you read this document, you will discover that the way the switch is congured is similar to that of the router, but some commands are different. You can nd these commands in a document called "Cisco IOS Desktop Switching Command Reference" available at http:// www.cisco.com/univercd/cc/td/doc/product/lan/c2900xl/29_35xu/cmdref/index.htm. If you need information on a particular command, go directly to section "Cisco IOS commands". Before the lab, it is enough that you read section "Using the command-line interface" of the switch manual. Note that it is similar to that section in the router conguration. Since we will not congure complex functions in the switch during this lab, you do not have to study deeply any of the switch commands. After reading this information about the switch, read below section 2.3.2 which describes how to start up the switch. You will start up and initially congure the switch during the lab.
2.3.1 Management console

We will congure both the router and the switch typing commands in the command-line interface (CLI). To access the CLI, we will connect a management console to the router or switch. There is specic hardware that can be connected to the console port of the router or switch and behaves like a management console. However, in our lab we will instead use a PC running Linux and a serial communication program called minicom, which all together offers the same functionality. First you have to connect the PC to the console port of the network equipment (i.e. the router or the switch). Use the supplied roll over cable and DB-9 adapter to connect a PC serial port to the switch console port. Once the serial port and console port are connected, open a new terminal on Linux. Then type minicom to start the minicom program. If everything is working ne, minicom will display the messages from the network equipment as character strings and it will display the prompt for you to type commands. At any moment, you have all the minicom conguration commands available by pressing Ctrl+a z. Before the lab, read the section "use" of the minicoms manual page available on-line at http://man.he.net/man1/ minicom to learn how to use this software.
2.3.2 Starting up the switch

This subsection describes how to start up your Catalyst 3500 XL switch, to interpret the power-on self-test (POST) and to congure the switch. Starting Up The switch will start booting as soon as the power supply is connected, since there is no power switch. It is important to connect the management console before the switch is powered on, so it will display the messages generated during the start up process. For the initial conguration, there is no need to connect any cable to the Ethernet ports. When the switch starts up, it begins POST, a series of eight tests that run automatically to ensure that the switch works properly. When the switch begins POST, the port LEDs turn amber for 2 seconds, and then they turn green. The System LED ashes green, and the RPS LED turns off. As each test runs, the port LEDs, starting with number 1, turn off. The port LEDs for ports 2 to 8 each turn off in turn as the system completes a test. When POST completes successfully, the port LEDs return to the status mode display, indicating that the switch is operational. If a test fails, the port LED associated with the test turns amber, and the system LED turns amber as well. To initiate the start-up conguration of the switch, send a break command from your terminal program. Then you should see the initial conguration screen of the switch. Laboratory Manual 12
2.3. Cisco software
Before the session
Using the Setup command of the Command Line Interface The command setup from the set of privileged commands is used to assign IP information and to create a default conguration for continued operation. When you boot the switch (or the router) for the rst time, there is no conguration so you will be asked whether you want to enter the "initial setup dialog". Answer yes and you will be conguring everything from scratch. If this question does not appear, it means that some conguration was found. In this case, you will have to start the setup procedure from the privileged mode using these commands:
Switch> enable Password: passwd Switch# setup Continue with configuration dialog? [yes/no]: y
The password should be "qwerty". The setup procedure consists of a sequence of questions that you should answer. This information is used to create the initial conguration. After the last question, this initial conguration is shown, so it is possible to review it before saving. Here are the questions and the suggested answers: Question 1: Enter your switchs IP address and press Return:
Enter IP address: ip_address
Question 2: Enter your switchs subnet mask and press Return:

Enter IP net mask: ip_netmask
Question 3: Enter "Y" to specify a default gateway (router):

Would you like to enter a default gateway address? [yes]: y
Question 4: Enter the IP address of your switchs default gateway and press Return:
IP address of the default gateway: ip_address
Question 5: Enter a host name for the switch and press Return:
Enter host name: Switch
Question 6: Enter a secret password (which ensures switch security) and press Return:
Enter enable secret: qwerty
Question 7: Enter "Y" to enter a Telnet password:

Would you like to configure a Telnet password? [yes]: y
Question 8: Enter the Telnet password and press Return:

Enter Telnet password: qwerty
Question 9: You would enter Y to congure this switch as the cluster command switch. Enter N to congure it as a member switch or as a stand-alone switch.
Would you like to enable as a cluster command switch? n
Question 10: Verify that the addresses are correct in the initial conguration displayed:
The following configuration command script was created: ip subnet-zero interface VLAN1 ip address ip_address ip_netmask ip default-gateway ip_address hostname Switch enable secret 5 $1$jJql$VA6U.6uTjsa56Xx2yy/t30 line vty 0 15 password telnet_password snmp community private rw snmp community public ro cluster disable ! end ! Use this configuration? [yes/no]:
Question 11: If the information is correct, enter y at the prompt and press return to use it. When you see the message Press RETURN to get started, the setup program is complete. If the information is not correct, enter n at the prompt, press Return, and begin again at Question 1. These switches are far more powerful than what it is shown here. If you would like to know more about them, you can check their manual at the Cisco web site. Laboratory Manual 13
2.3. Cisco software
Before the session
2.3.3 Starting up the router

This subsection describes how to start up your Cisco 2621 router, to interpret the power-on self-test (POST) and to initially congure the router. Starting Up In contrast to the switch, the router will not boot when the power supply is connected. It will boot when the power switch in the back part is set to on. It is important to connect the management console before the router is powered on, so the console will display the messages generated during the start up process. For the initial conguration, there is no need to connect any cable to the Ethernet ports. When the router starts up, it performs the POST without producing external signals. When POST completes successfully, the bootstrap program is loaded from ROM into the RAM. This process produces the rst messages in the console. After bootstrap is loaded, it searches and loads the Cisco IOS. In our case, this software is retrieved from the internal ash memory, decompressed and loaded into RAM. More messages appear in the console reporting the evolution of these steps. When it is successfully loaded, the routers conguration le is searched and loaded. When you boot the router for the rst time, there is no conguration le, so you will be asked whether you want to enter the initial conguration dialog. Answer "yes" and you will be conguring everything from scratch in the set-up mode. If this question does not appear, it means that the router found some conguration. In this case, you will have to start the initial conguration procedure from the privileged mode using the setup command as described below:
Router> enable Password: passwd Router# setup Continue with configuration dialog? [yes/no]: y
The password should be "qwerty". Initial conguration dialog The set up procedure consists of a sequence of questions that you should answer. This information is used to create the initial conguration. After the last question, this initial conguration is shown, so it is possible to review it before saving. Here are the questions and the suggested answers: Question 1: Answer "no" to enter the extended setup:
Would you like to enter basic management setup? [yes/no]: no
Question 2: Answer "no" to skip the interface summary:

First, would you like to see the current interface summary? [yes]: no
After these two questions, the conguration of the global parameters begins: Question 3: Type a name for the router:
Enter host name [Router]: Router
Question 4: Enter qwerty as the enable secret password:

Enter enable secret: qwerty
Question 5: Enter "lab" as the enable password:

Enter enable password: lab
Question 6: Enter "qwerty" as the virtual terminal password:

Enter virtual terminal password: qwerty
Question 7: Answer "no" to skip SNMP conguration:

Configure SNMP Network Management? [yes]: no
Question 8: Answer "yes" to enter the IP conguration:

Configure IP? [yes]: yes
Question 9: Answer "no" since we will use static routing: Laboratory Manual 14
2.3. Cisco software

Configure IGRP routing? [yes]: no
Before the session
Question 10: Answer "no" again to this dynamic routing protocol:

Configure RIP routing? [no]: no
Question 11 Answer "no" since bridging will not be used

Configure bridging? [no]: no
Question 12: No user dialing in via modems, so answer "no" here

Configure Async lines? [yes]: no
Now the conguration of the interface parameters begins. The FastEthernet 0/0 port is rst: Question 13: Answer "yes" to congure FastEthernet 0/0 interface
Do you want to configure FastEthernet0/0 interface? [yes]: yes
Question 14: Answer "yes" to use the RJ45 connector in the back part of the router
Use the 100 Base-TX (RJ-45) connector? [yes]: yes
Question 15: Answer "yes" to activate Ethernet full-duplex mode

Operate in full-duplex mode? [no]: yes
Question 16: Answer "yes" to initiate the IP conguration of the interface

Configure IP on this interface? [yes]: yes
Question 17: Type the proper IP address for this interface in dotted-decimal format. The network diagram should help nding out what this address should be. We have included an IP address as an example of the expected answer.
IP address for this interface: 192.168.0.129
Question 18: Type the proper mask in dotted-decimal format corresponding to the previous IP address. We have included a mask as an example of the expected answer.
Subnet mask for this interface: 255.255.255.0
After this question, similar questions will appear to congure the second FastEthernet interface of the router. Answer them in the same way you did with the questions for the other FastEthernet interface. Mind that the IP address and possibly the mask should be different for this second interface. After this set of questions on the second FastEthernet interface, the initial conguration is generated and displayed for you to verify it. The screen should look similar to this:
The following configuration command script was created: hostname Router enable secret 5 $1$EDYp$8IwOwl7TATzo8lYdAeuIV1 enable password lab line vty 0 4 password qwerty no snmp-server ! ip routing no bridge 1 ! interface FastEthernet0/0 media-type 100BaseX full-duplex ip address 192.168.0.129 255.255.255.0 ! interface FastEthernet0/1 media-type 100BaseX full-duplex ip address 192.168.0.26 255.255.255.0 dialer-list 1 protocol ip permit dialer-list 1 protocol ipx permit ! end 0 Go to the IOS command prompt without saving this config. 1 Return back to the setup without saving this config. 2 Save this configuration to nvram and exit. Enter your selection [2]:
Laboratory Manual
15
2.4. IP: General concepts
Before the session
Figure 2.16: The ve classes of IP addresses, where the prex identies the network and the sux the particular host inside that network.
Check the conguration, specially the IP addresses and masks, and if everything is correct, answer "2" to save the conguration and exit from the set up mode. If there is some incorrect information, you can answer "1" to repeat the set up. After you save it, the router is working with your initial conguration. Note that you have not introduced the static routing table yet, thus the router can only reach directly connected networks. If any static route is needed, use the routers command ip route to add static entries to the routing table.
2.4 IP: General concepts

2.4.1 IP addressing
When the Internet Protocol (IP) was designed and standardized, the specication required that each system interface had a unique Internet address of 32 bits. Some of these systems could have more than one network interface, like routers, and thus they would need a unique IP address for each interface. An IP address is divided in two parts: the rst part identies the network and the second part identies the particular host in the network. During the early years of IP addressing, the rst part of the IP address was called the network number because the leading portion of each IP address identies the network, while the last part of the address was called the host number. In one particular network, all the hosts contain the same network number, but they must have different host numbers. On the other hand, if two hosts are in different networks their network number must be different, but they can have the same host number. There is one exception to the required uniqueness for IP addresses, and it is the group of addresses reserved for private use. These private IP addresses can be repeated in different organizations, but they should never be directly connected to the Internet.
2.4.2 Primary Address Classes

One of the main goals when designing the IP protocol was supporting networks of different size. For that purpose, the IP address space was divided into ve different address classes Class A, B, C, D, and E. This way of partitioning is called classful addressing because the address space is split into predened classes, groupings, or categories. The different classes x the boundary between the network number and the host number at different points within the three rst bytes of the address. The different formats are illustrated in Figure 2.16. Classful IP addressing is quite convenient from the routing point of view, since each address contains a selfencoding key that identies the dividing point between the network number and the host number. This way, early routers on the Internet could know the length of the network number without having a network mask. For example, when the rst two bits of an IP address are 10, the dividing point is between the 16th and 17th bits. Class A Networks Class A network addresses have an 8bit network number, which starts with a 0, followed with a 24bit host number. Nowadays, class A addresses are referred to as /8, because of their 8bit network number. There are 126 (27 2) class A networks. We have to subtract 2 because the 0.0.0.0 network is reserved for the default route and 127.0.0.0 is used for the loopback interface. Each /8 network contains 2 24 2 (16,777,214) hosts. Again, we subtract two addresses because the all0s ("this network") and all1s ("broadcast") host numbers cannot be assigned to individual hosts. There are in total 231 (2,147,483,648) individual addresses available in class A, which are 50% of the total IPv4 address space. Laboratory Manual 16
2.4. IP: General concepts 32bit binary number 10000001 11000000 00001010 10000000 10000000
Before the session Equivalent dotted decimal 129.52.6.0 192.5.48.3 10.2.0.37 128.10.2.3 128.128.255.0
00110100 00000101 00000010 00001010 10000000
00000110 00110000 00000000 00000010 11111111
00000000 00000011 00100101 00000011 00000000
Table 2.1: Examples of 32bit addresses and their equivalent in dotted-decimal notation. Address class A (/8 prexes) B (/16 prexes) C (/24 prexes) D (multicast) E (reserved) Range of values 0 through 127 128 through 191 192 through 223 224 through 239 240 through 255
Table 2.2: The range of decimal values in the rst octet of each class. Class B Networks Class B network addresses have a 16bit network number, with the two highest order bits set to 10, followed by a 16bit host number. They are usually referred to as /16s. There are 16,384 (2 14 ) /16 networks, with 65,534 (216 2) hosts per network. The entire class B address space contains 2 30 (1,073,741,824) addresses. Class C Networks Class C network addresses have the three highest order bits set to 110 and a 24bit network number, followed by a 8bit host number. They are referred to as /24s. There are 254 (2 8 2) hosts per network, with 2,097,152 (221 ) possible /24 networks, giving a maximum of 229 (536,870,912) addresses. Other Classes In addition to the three classes used to identify individual network interfaces, there are two additional classes: Class D addresses have their four highest order bits set to 1110 and are used to support IP Multicasting, while Class E addresses have their leading fourbits set to 1111 and are reserved for future use.
2.4.3 DottedDecimal Notation

In order to facilitate the use of IP addresses, they are often expressed as four decimal numbers, each separated by a dot. This format is called dotteddecimal notation. In this notation, each 32bit Internet address is divided into four 8bit (byte) elds. Then, the value of each eld is specied independently as a decimal number with the elds separated by dots. Table 2.1 shows typical Internet addresses expressed this way. Table 2.2 displays the range of decimal values that can be assigned to the rst byte of each address classes.
2.4.4 Problems with Classful Addressing

The Internet nowadays has surpassed in size all the original expectations of its creators. The design decisions made in the early years of the Internet have created complex problems with difcult solutions: When the Internet started, IP addresses were allocated to organizations based on simple requests, instead of the actual needs. The decision to create 32bit addresses gave only 2 32 (4,294,967,296) IPv4 addresses available, which has led to an actual lack of addresses.

The division of IP addresses based on octet boundaries was easy to implement and deploy, but it created a lack of proper support for medium-size organizations. A /16, supporting 65,534 hosts, can be too large for this type of organizations, while a /24, with only 254 possible hosts can be far too small. In the past, sites with several hundred hosts were assigned a single /16 address, instead of two or three /24 addresses, thus quickly nishing off the /16 address space. Also, the need to give several /24 addresses to the same organization has increased the size of the routing tables.
2.4.5 IP subnetting
In 1985, IETF RFC 950 dened a way to divide single class addresses into smaller pieces. Subnetting was introduced to overcome the problems the Internet was suffering with the twolevel addressing hierarchy: rst, local administrators Laboratory Manual 17
Before the session networknumber 10000010.00000101 11111111.11111111 Extendednetworknumber Table 2.3: Subnet mask. subnetnumber 00000101 11111111 hostnumber 00011001 00000000
IP address: Subnet Mask:
130.5.5.25 255.255.255.0
had to apply for a new network address before installing a new network at their site; and, second, the Internet routing tables were beginning to grow to an unmanageable size. The way to attack these problems was to add a new hierarchy to the addressing scheme. With subnetting the host number was divided into two parts, the subnet number and the host number on that subnet, thus creating a threelevel hierarchy. With the new subnetting scheme, the subnet structure of a network is not visible outside the organizations domain. This helps reducing the routing tables of the outside routers, as the route to any subnet is the same as all subnets share the same network number. It is only inside the organizations private network were routers need to differentiate between the different subnets to route packets, reducing the complexity of the routing tables to the domain of the local administrator. With the new scheme, a site with several logical networks uses subnet addressing to cover them with a single /16 (Class B) network address. This concept is sometimes called supernetting. The router accepts all trafc from the Internet to network 132.5.0.0, and forwards trafc to the interior subnetworks based on the third octet of the address.
2.4.6 Extended Network Number

When a router in the Internet routes a packet, it uses the network number of the destination address. In a subnetted environment, once a packet arrives to the subnetted domain the routers use the extended network number to distinguish among the different subnets. The extended network number is composed of the classful network number plus the subnet number. To identify the extended subnet number routers use the subnet mask. For example, with the /16 address 130.5.0.0, if you are using the entire third byte for the subnet number, then you need to use a subnet mask of 255.255.255.0. The bits in the subnet mask are 1 for those bits on the IP address that correspond to the extended network number, and are 0 for those bits belonging to the host number. This is illustrated in Table 2.3 Nowadays, most of the modern routing protocols use the extended network number length instead of the subnet mask. The length is the number of 1 bits in the mask, so instead of saying that the mask is 255.255.255.0, we denote the IP address as 130.5.0.0/24. Anyway, all the routing protocols still need the subnet mask, as there is no Internet routing protocol that contains a onebyte eld to carry the extended network number length.
2.4.7 Design Considerations

The design of an address plan for an organization requires the network administrator to carefully consider different aspects that will inuence the nal design: How many subnets do we need today?

How many subnets will we need in the future? How many hosts are in the largest subnet? How many hosts can the largest subnet contain in the future?
The rst step to perform is to take the maximum number of subnets required and round that value up to the closest power of two. This computation should take into account the possible growth of the network. For example, if we need 11 subnets, then 23 will not provide enough subnets, so we will have to round up to 2 4 . This will give us three extra subnets for our organization to grow. The second step is checking the number of hosts that we will need in the largest subnet. Imagine that we will need 26 hosts. If this is the case, then we will need at least 25 (or 32) addresses. Finally, we have to check the address space of our organization to see if we have enough bits to deploy the required sub-netting plan. For example, with a single /16 address, we could have four bits for the subnet number and ve bits for the host number. If we instead have several /24s and we want to have 11 subnets, then we will have to subnet each /24 into four subnets (with two bits of subnet number) and then combine three of them to get the required topology. Laboratory Manual 18
2.4. IP: General concepts Base Net: Subnet 0: Subnet 1: Subnet 2: Subnet 3: Subnet 4: Subnet 5: Subnet 6: Subnet 7:
Before the session 11000001.00000001.00000001.00000000 11000001.00000001.00000001.00000000 11000001.00000001.00000001.00100000 11000001.00000001.00000001.01000000 11000001.00000001.00000001.01100000 11000001.00000001.00000001.10000000 11000001.00000001.00000001.10100000 11000001.00000001.00000001.11000000 11000001.00000001.00000001.11100000 193.1.1.0/24 193.1.1.0/27 193.1.1.32/27 193.1.1.64/27 193.1.1.96/27 193.1.1.128/27 193.1.1.160/27 193.1.1.192/27 193.1.1.224/27
Table 2.4: Subnet numbers for the sub-netting example.
2.4.8 Subnet Example

Problem: Lets assume that we have the network number 193.1.1.0/24 and we want to dene six subnets, with a maximum of 25 hosts per subnet. Obtaining the Subnet Mask: To obtain the number of bits required for our six subnets, we need to create them in blocks of powers of two. To dene six subnets, we need, thus, 8 (2 3 ) subnets and we will have two free subnets for future use. To enumerate our eight subnets, we will need to use three bits. In our example, we have a /24 address, so we will have /27 as the extended network number length, which gives a network mask of 255.255.255.224 When we have /27 subnets, we are allocating ve more bits for the host number, so we have 2 5 (32) individual IP addresses in each subnet. However, there are only 30 (25 2) possible host addresses on each subnet, as the all0s and all1s host addresses cannot be used. Obtaining the Subnet Numbers: We will number the eight subnets from 0 to 7, which in binary notation are: 0 (000 2) to 7 (1112 ). To dene subnet n, we place the binary representation of n into the bits of the subnet number. The eight subnet numbers for this example are given in Table 2.4. The eight subnet numbers for this example are given in Table 2.4. The bold portion of each address identies the network number, while the underlined digits identify the 3bits representing the subnet-number eld: The Reserved Subnets: The initial denition of subnetting prohibited the use of the all0s and the all1s subnets. The reason was to avoid possible confusions in the original classful routers. Nowadays, routers can be running classful and classless protocols at the same time. The all0s subnet, originally denes the entire network, so a router needs that each routing table update include the route/<prex-length> pair to differentiate between a route to the all-0s subnet and a route to the entire network. If we are using a classful routing protocol, the routing advertisements for subnet 193.1.1.0/27 and for network 193.1.1.0/24 are identical 193.1.1.0, so without knowing the network number length, or the netmask, a router will not be able to differentiate between them. The problem with the all1s subnet is exactly the same. Routers need to have the network number length so that they are able to determine if a broadcast (directed or allsubnets) should be sent only to the all1s subnet or to the entire network. For example, when the routing table does not contain a mask or prexlength for each route, confusion can occur because the same broadcast address (193.1.1.255) is used for both the entire network 193.1.1.0/24 and the all1s subnet 193.1.1.224/27. The new classless routing protocols contain the mask or length with each route, so the all0s and all1s subnets can be used again. Of course, the other routers in the organizations network need to be able to correctly interpret, learn, and forward trafc to other subnetworks with all-0s and all-1s in their subnet number eld. Dening Host Addresses for Each Subnet The host-number eld of an IP address cannot contain all 0bits or all 1bits. The all0s host number identies the base network (or subnetwork) number, while the all1s host number represents the broadcast address for the network (or subnetwork). In our current example, there are 5 bits in the host number eld of each subnet address. This means that each subnet represents a block of 30 host addresses (25 2 = 30, note that the 2 is subtracted because the all0s and the all1s host addresses cannot be used). The hosts on each subnet are numbered 1 through 30. In general, to dene the address assigned to Host n of a particular subnet, the network administrator places the binary representation of n into the sub-nets host number eld. For example, to dene the address assigned to Host 15 on Subnet 2, the network administrator simply places the binary representation of 15 (01111 2) into the 5bits of Subnet 2s host number eld. Laboratory Manual 19
2.4. IP: General concepts Subnet 2: Host 1: Host 2: Host 3: ... Host 30:
Before the session 11000001.00000001.00000001.01000000 11000001.00000001.00000001.01000001 11000001.00000001.00000001.01000010 11000001.00000001.00000001.01000011 11000001.00000001.00000001.01011110 193.1.1.64/27 193.1.1.65/27 193.1.1.66/27 193.1.1.67/27 193.1.1.94/27
Subnet 6: Host 1: Host 2: Host 3: ... Host 30:
11000001.00000001.00000001.11000000 11000001.00000001.00000001.11000001 11000001.00000001.00000001.11000010 11000001.00000001.00000001.11000011 11000001.00000001.00000001.11011110
193.1.1.192/27 193.1.1.193/27 193.1.1.194/27 193.1.1.195/27 193.1.1.222/27
Table 2.5: Host addresses for the sub-netting example.
The valid host addresses for Subnet 2 and 6 in our example are given in Table 2.5. The bold portion of each address identies the extended-network-prex, while the underlined digits identify the 5-bit host-number eld:
Dening the Broadcast Address for Each Subnet The broadcast address for Subnet 2 is the all 1s host address or: 11000001.00000001.00000001.01011111 = 193.1.1.95 Note that the broadcast address for Subnet 2 s exactly one less than the base address for Subnet 3 (193.1.1.96). This is always the case the broadcast address for Subnet n is one less than the base address for Subnet (n+1). The broadcast address for Subnet 6 is simply the all 1s host address or: 11000001.00000001.00000001.11011111 = 193.1.1.223 Again, the broadcast address for Subnet 6 is exactly one less than the base address for Subnet 7 (193.1.1.224).
2.4.9 The use of ARP

When computers communicate in a network using a particular link layer technology (for instance, Ethernet), they need to have more information than the IP address of the host they want to communicate with. Imagine that we have a small TCP/IP network, built over an Ethernet segment with a class C network address (192.168.0.X), that allows us to have 254 nodes. In our example network (see Fig. 2.17), we have three nodes, with host numbers A, B, C, respectively. Each one of this nodes have an Ethernet address, like 05-ED-34-4F-37-BC (written in hexadecimal form). When A wants to send a packet to C for the rst time, it needs to know its Ethernet address. The only thing A knows about C is its IP address, so A uses the Address Resolution Protocol (ARP) to discover Cs Ethernet address. ARP keeps an internal table of Ethernet addresses and corresponding IP addresses. If the address A is looking for is not in the table, then ARP will broadcast a special Ethernet packet asking for the Ethernet address corresponding to Cs IP address. The host on the Ethernet segment that has the particular IP address A is asking for will then answer back to A, and then A will update its table and use that Ethernet address to send the packet to C. The entries in the ARP table are ushed after a certain period of time. Imagine now that instead of having one single Ethernet segment, we have two different segments, like in Figure 2.18. In this gure, R is an IP router, which could be a PC or a dedicated piece of hardware. Of course, R needs to have two different Ethernet interfaces to each one of the two segments it is connected to, with two different IP addresses. Since each network is a different Ethernet segment, we have two different class C addresses. Now consider that A wants to send a packet to D. The only way to do this is by sending the packet rst to R, which will forward the packet to D. This way, A needs to use Rs Ethernet address, but Ds IP address in the packet it is sending. R will then receive a packet for D, and will write the proper Ethernet address (Ds address) in the packet it is forwarding. All these machines obtain the Ethernet addresses they need by using ARP. The difference with the previous case is that now A cannot obtain Ds Ethernet address with an ARP request, because D would never see As request, they are in different physical wires! A knows that D is in a different IP network, so it knows that it must send the packet to R to get it forwarded to the proper destination. Laboratory Manual 20
Before the session

192.168.0.A 192.168.0.B
A
Network 192.168.0.X 192.168.0.R
192.168.0.A
192.168.0.B
192.168.0.C
R
192.168.1.R Network 192.168.1.X
C
Network 192.168.0.X
192.168.1.C
D
192.168.1.D
Figure 2.17: An IP network on one Ethernet segment.
Figure 2.18: Two IP networks on two different Ethernet segments.
2.4.10 IP routing
Direct or indirect routing When two machines are on the same network, there is no need to forward a packet between them on the IP layer. In this case direct routing is used. In the rst example, A and C are in the same network, so they know that they can reach each other just by using the proper Ethernet address. On the other hand, if the network addresses of source and destination are not the same, then the packet must be forwarded by a router who knows how to reach the destination. In the second example, if A wants to reach D, it needs to have some routing information to know where to send the packet to reach D. The way to add routes to the routing table in a Unix machine is to use the route command. R needs to have two IP addresses, one for each network interface. A can then know that R is on its network just looking at the IP address of the interface of R connected to the rst Ethernet segment. The same way, D sees the second network interface of R and is able to obtain the Ethernet address of this interface. Most of the times it is not necessary to manually add the routing entry for the other Ethernet segment. It is sufcient to have R as the default gateway, which is the machine to send the packets addressed to machines out of my network segment. Of course, the default gateway needs to have a routing table properly congured to forward the packets to the correct destinations. Static or dynamic routing There are two different methods to get the information that the routing table needs: static or dynamic routing. With static routing, the routing table is manually written by the system administrator, and it usually requires all the machines to have statically congured addresses. In case there is a change in the network topology, it is up to the system administrator to manually update the routing tables in all the machines needed. Usually, most of the computers and routing devices add by default a static entry in the routing table when the network interface is congured. Dynamic routing is a more complex process. It uses special routing protocols to update the information of the routing table. The routers in the different networks exchange routing information about the different networks they know about and the different metrics or costs needed to reach those networks (like number of hops, load or bandwidth and so on...). The routing protocols can be classied in Interior Gateway Protocols (IGP), which are used to distribute routing information inside Autonomous Systems (AS), or Exterior Gateway Protocols (EGP), that transmit this information between ASs. An autonomous system is a set of machines inside one particular domain administered by one authority, group or organization. Examples of IGP are OSPF and RIP, while BGP is an example of an EGP. Understanding a routing table The process to choose a particular route from the routing table is a mathematical operation. It requires a little bit of binary arithmetic and logic: An IP address matches a particular route if the network address in the routing table is exactly the same as the destination IP address logically ANDed with the network mask. In simple words, a route in the routing table is chosen if the number of bits specied by the network mask from the destination IP address are equal to the same number of bits in the network address in the routing table entry. There can be more than one entry that matches the target address in the routing table, so how does IP nd the proper route? There is one difference between the different routes, the network mask. We have previously said that the network mask is used to split our address space into smaller networks, so, of course, the larger netmask, the more precisely a target address is matched. We should always use the route that has the largest network mask. There are different ways to build a routing table. For a small LAN, like ours, the most efcient way is to build it by hand with the route command, but for larger networks, they are built and modied by routing daemons, which usually Laboratory Manual 21
2.5. Debugging
Before the session
run in each router on the network. These daemons are the ones that use dynamic routing protocols to exchange routing information to compute the best routes for the different networks.
2.5 Debugging
2.5.1 General model: top down or bottom up approaches
The main tasks of a network administrator are to keep a network running and to x it in case of failure. Basically these tasks can be decomposed in the following set of subtasks. Locate the point of failure.

Fix the problem.
In general one can discover that a failure occurs by simple facts like: you cannot open a web page, you cannot print on the network printer, you cannot make a remote connection to a distant computer. . . . In this case you, as the network administrator, should perform certain steps to discover why these strange things are happening. You can use two general approaches to nd out the reason of the failure and to locate the place of the problem in the network. These two approaches are called Top-Down and Bottom-Up. From the name of the approaches you can understand that you should check the work of the network on the different levels starting from application level to physical in the top-down approach, or from physical to application layer in the bottom-up approach. Recall the main layers in the TCP/IP stack. Physical layer - On this layer you can check whether the cabling is made correctly. Check that all cables are properly connected to the network cards. And in the far end check that a network device (your PC, router etc) is powered ON! Link layer - On this layer you can check the link layer conguration, status, and statistical information of the network interfaces. In the PCs for this purpose you can use the command ifcong. This command will provide you with necessary statistics of the interface usage and its current status. You will nd in the next subsection a description on how to use this command. One of the possible problems at the link layer can be an automatic disabling of the network interface due to incorrect cabling. In this case when executing ifcong in the PC you either will not see the record about the problematic interface at all, or in the status eld (see the output of ifcong in the next subsection) will be written DOWN. In the switches and routers the command to see the status of the interfaces is show interfaces, but the meaning of these commands is exactly the same as of ifcong. To x the problem on this level rst check that the cabling is correct. Then, bring the interface up manually with the proper commands. Network layer (IP) - The typical problem on this layer is an incorrect IP conguration of the network interface. The sequence of your actions to x the problem should be: 1. Check if the network interface is congured with the proper IP address and network mask. 2. Test the conguration by checking if you can communicate with other network devices. 3. If the problem remains repeat from the conguration. There are different commands to check the IP conguration of the interfaces in PCs, switches, and routers. For example in the PCs use for this purpose ifcong. Another item which is included in the term IP conguration is proper conguration of the routing table. In the PCs, for example, you can use the command route for this purpose. Check the next subsection for details of usage of these commands. In order to test the correctness of the step one, the easiest way is to use the ping command which exists in all network devices (so in the simplest case the syntax of the command is common for PCs and Cisco devices). Check if you can ping a machine (a PC or a router) which you know for sure that it is up and running. If you can not ping this machine repeat the conguration step. If you checked the conguration and you are 100% sure that it is correct but ping still does not work, maybe the problem is not in your PC, but in an intermediate device (e.g. router). The way to locate the erroneous device is to use the traceroute command (which again exists both in the PCs and the Cisco devices). If you nd out that one of the routers which you have an access to congure is not responding, apply the same approach to locate and x the failure in this router. Transport layer - On this level you can try to establish a TCP connection to a particular port and check whether it works or not. For this purpose you can use the telnet program on your PC in the form: telnet destination_IP:port_number. The possible reason of the failure on this level could be a special set of rules in your Laboratory Manual 22
2.6. Tools and commands in the PC
Before the session
PC which forbids an access to certain IP addresses and/or TCP/UDP ports. This kind of ltering has the name "IP rewalling". Check the rewalling rules for correctness. Application layer - On this layer you can discover that something is going wrong by observing whether your applications work as they should. Most probably, applications will generate meaningful errors when they cannot work. The error message is the best hint to nd the problem. Read it carefully and make sure you understand it. Read the application manual if needed.
2.6 Tools and commands in the PC

Here is a description of the most useful commands for debugging a network from your PC. ifcong The rst action you should performs when you are trying to connect your computer to the Internet is to congure your network interface (network card). Basically you should be able to: 1. Bring the interface up 2. Congure the IP parameters of the interface (assign an IP address, and specify the network mask) 3. Display the conguration information of the interface In Unix-like operating systems there is a command which performs exactly this. The command is ifcong. To bring the network interface up manually, the syntax of this command is:
ifconfig Interface_name up
The syntax of the command when you would like to assign IP parameters is
ifconfig Interface_name IP_Address netmask Network_mask broadcast Broadcast_address
In the case you run ifcong without arguments, you will get a summary of the conguration of the interfaces which are up, like the one you can see below:
[lab@localhost lab]# ifconfig eth0 Link encap:Ethernet HWaddr 00:50:DA:E9:12:9C inet addr:193.150.254.81 Bcast:193.150.255.255 Mask:255.255.252.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:359 errors:0 dropped:0 overruns:0 frame:0 TX packets:72 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:100 Interrupt:11 Base address:0x200 lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:6 errors:0 dropped:0 overruns:0 frame:0 TX packets:6 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0
As you can notice from the output, the rst line gives you information about the link layer; the second and the third show IP conguration; the fourth line gives you a status of the interface; and nally, the next three strings show the interface usage statistic. In the lab you will use this command with or without arguments. You can nd information about other arguments and options of this command typing in the terminal window:
man ifconfig
Ping Sometimes the connection to a remote machine cannot be established. This could be due to several reasons. One of these reasons could be network failure at any part of the network. If you cannot connect to a specic computer how do you know whether it is due to network failure, the computer being down or perhaps some error in a program running on the computer? As a rst step you could try to gure out if the computer is reachable through the network. For this purpose you could use the ping program available on most networked systems. Ping simply sends a number of special packets, called ECHO REQUEST packets, to the destination computer. When the destination computer receives these packets it is supposed to send back ECHO REPLY packets. Your ping program will display the received ECHO REPLY packets. These types of packets are part of the ICMP protocol which ping uses. The syntax of this command is
ping Name_of_the_machine
Laboratory Manual
23
Before the session
One option that might be useful to use in this command is - n. With this option the ping will produce only numeric output, without trying to resolve symbolic names for host addresses. This option is useful in the case when DNS is not working. If this option is not specied the ping trying to resolve a name will block the terminal window for some tens of seconds. The syntax of the ping in this case is:
ping -n Name_of_the_machine
Traceroute The Internet is a large and complex aggregation of network hardware, connected together by gateways/ routers. Tracking the route your packets follow to their destination (or nding the miss-congured router that throws away your packets) can be difcult. The command traceroute utilizes the IP protocol TTL (time to live) eld which is decremented by every router a packet passes through. When this counter is zero the packet is thrown away and an ICMP TIME_EXCEEDED packet is sent back to the sender. This ICMP TIME_EXCEEDED packet contains among other things the identity of the router that dropped the packet. The traceroute attempts to force such response from each gateway/router along the path to the destination by rst sending a packet with the TTL set to one, then a packet with the TTL set to two and so on until it reaches the destination. The syntax of this command is:
traceroute Name_of_the_machine
As with ping you can use the option - n, which will disable name resolution. The syntax of the traceroute in this case is:
traceroute -n Name_of_the_machine
Route After you have checked that your interface is congured properly, but you still do not have any response from ping or traceroute, it is a good time to check that the routing information in your PC is correct. You can check the content of the routing table by typing
route
in the terminal window. You will see the output of this command like the one below.
[lab@localhost lab]# route Kernel IP routing table Destination Gateway Genmask 10.0.213.0 * 255.255.255.0 127.0.0.0 * 255.0.0.0 default itguest-gw.gues 0.0.0.0
Flags Metric Ref U 0 0 U 0 0 UG 0 0
Use Iface 0 eth0 0 lo 0 eth0
Or, if you execute this command with the option -n:
[lab@localhost lab]# route -n Kernel IP routing table Destination Gateway 10.0.213.0 * 127.0.0.0 * 0.0.0.0 10.0.213.1
Genmask 255.255.255.0 255.0.0.0 0.0.0.0
Flags U U UG
Metric 0 0 0
Ref 0 0 0
Use 0 0 0
Iface eth0 lo eth0
If your PC has one network card the routing table will consistof three records: the route to your network, the route to the 127.0.0.0 network, and the default route. When sending packets to an IP address that is inside of your own network, your PC will use the rst record; for the packets which destination is outside of your network the PC will use the third record, and send them to the default gateway. Check the entry corresponding to the default route (the network address for default route is 0.0.0.0), it should point to the rst router in your network. If you do not have this record or it does not point to the rst router congure the routing table as described in During the Laboratory Session section. ARP In our lab you will use this command to check the content of the arp table in your PC. The syntax of arp is:
arp -a
In this form the command will output the content of the arp table. You can nd more information about usage of this command executing: Laboratory Manual 24

man arp
Before the session
Telnet Telnet is a program which allows you to login to a distant device (e.g. computer, router). Use the following syntax of telnet:
telnet Destination_IP Port_number
If you do not want to connect to a specic port, use

telnet Destination_IP
With this syntax telnet will connect you to the default telnet port (TCP port 23). Network sniffers A network sniffer is a tool that picks up a copy of each and every packet that traverses the communication link on which your network interface is attached. We will use a sniffer so that you can see for yourself exactly what is going on when two computers start talking to each other. This will give you a chance to see how all the protocols and mechanisms you have read about so far interact and work together. There exists many network sniffers, in our lab we will use a program called Ethereal since it has some features that make it attractive for us. In the next subsection you will nd the description of Ethereal. To summarize: In a PC the troubleshooting sequence is as follows: 1. Check the conguration of the interfaces (ifcong) 2. Test the network connection (ping and traceroute) 3. Check the routing table (route) 4. Fix the problem and repeat from 1 until it works ne.
2.6.1 Short introduction to Ethereal (only for 2E1623 students)

Sniffer programs have their main application in two basic areas. First, network administrators can use sniffers for a variety of purposes such as security monitoring. Second, they are very useful tools for researchers in the networking area. For example, one can build a statistical model of trafc by observing traces of particular applications. This data can be used for engineering the network topology, or the creation of high performance network devices with certain quality parameters. Using Ethereal you can hack almost all kinds of network protocols by creating rules of special format, called display lters. Display lters in Ethereal are very powerful; you have more elds in Ethereal than in other protocol analyzer, and the syntax you can use to create your lters is richer. As Ethereal progresses, expect more and more protocol elds to be allowed in display lters. Another attractive feature of Ethereal is its ability to assemble all the packets in a TCP conversation and show you the ASCII (or EBCDIC or hex) data in that conversation. The following description provides a brief overview of the key features of Ethereal. Brief GUI description Whenever you launch Ethereal you will see the main window of the graphical interface (see Figure 2.19), which consists of three panes that you can re-size. Below the panes there is a strip that shows the current lter and some informational text. The top pane contains the list of network packets that you can scroll through and select. By default, the packet number, packet time stamp, source and destination addresses, protocol, and description are displayed for each packet. The Columns page in the dialog box popped up by Edit:Preferences lets you change this (although, unfortunately, you currently have to save the preferences, and exit and restart Ethereal for those changes to take effect). If you click on the heading of a column, the display will be sorted by that column; clicking on the heading again will reverse the sort order for that column. An effort is made to display information as high up in the protocol stack as possible, e.g. IP addresses are displayed for IP packets, but the MAC layer address is displayed for unknown packet types. The right mouse button can be used to pop up a menu of operations.The middle mouse button can be used to mark a packet. The middle pane contains a protocol tree for the currently selected packet. The tree displays each eld and its value in each protocol header in the stack. You can expand each item and see the content of the different protocols by clicking the + sign left to the name of the protocol. The lowest pane contains a dump of the actual packet data. Selecting a eld in the protocol tree highlights the corresponding bytes in this section. Laboratory Manual 25
Before the session

These are captured packets
Press HERE to start capturing
Information about chosen packet on all layers Payload of chosen packet
Type your filter HERE
Figure 2.19: Ethereal - main window. eq ne gt lt ge le == != > < >= <= Equal Not Equal Greater that Less than Greater than or equal to Less than or equal to
Table 2.6: Basic operations. Display lters syntax and how to make the traces more attractive Display lters help you to remove the noise from a packet trace and let you see only the packets that interest you. If a packet meets the requirements expressed in your display lter, then it is displayed in the list of packets. Display lters let you compare the elds within a protocol against a specic value, compare elds against elds, and check the existence of specied elds or protocols. The simplest display lter allows you to check for the existence of a protocol or eld. If you want to see all packets which contain the IPX protocol, the lter would be ipx (without the quotation marks!). To see all packets that contain a Token-Ring RIF eld, use tr.rif. Fields can also be compared against values. The comparison operators can be expressed either through C-like symbols, or through English-like abbreviations as in Table 2.6 To create a lter click on Filter button in the left down corner of the main window. In the appearing window, type the name of your lter (for example TCP trafc) in the Filter name eld. Then, in the Filter string eld, print the string of your lter, like ip.addr eq 130.237.215.84. Click on New; your lter will be added to the widow of available lters, then click on save to save your lter. To apply your new lter click on the Apply button. After you applied your lter you can start capturing. Choose Start from the Capture menu and the Capture window will appear, as shown in Figure 2.20 In this window you will have to congure your session, and for that you have to activate the live update of packets in real time and the automatic scrolling, so you are able to see the packets passing by. In addition, you have to select the monitored interface in the upper most part of the window. Select the interface called "eth0". Do NOT put anything in the Filter string!. In this string, you are supposed to set tcpdump like lters. This type of lters uses different syntax (see the tcpdump manual page for more information). In fact, you can use either display or tcpdump lters, or even both of them, but it is enough to use only display lters. Moreover, the syntax of display lters is richer and can allow you to do much more than tcpdump lters. After you congured the Capture options click Laboratory Manual 26
2.7. Linux hints
Before the session
Figure 2.20: Ethereal - capture window. OK to start capturing. After some time, you can stop capturing and analyze the trace. You can simplify understanding the trace by coloring certain packets. This is good if you want to see for example packets from a particular host and port number out of all captured packets. For this you need to choose Colorize Display from the Display menu (note that this item is inactive before you start capturing). Click on New and set the Display lter in appeared window, with the syntax described above. Choose the foreground and background by clicking on appropriate button. Then click on Apply, to apply your settings. In Table 2.7 you have some important protocol elds, while Table 2.8 gives some useful port numbers and Table 2.9 contains some examples.
2.7 Linux hints

In this lab we do not assume that you have experience working with Unix-like operating systems such as Linux. Therefore, we briey describe in this section some basic operations that will help you to complete the lab work.
2.7.1 Logging in
Unix is a multiuser operating system. This basically means that many people may work on the same computer at the same time; therefore to work with Linux you have to identify yourself by a process called logging in. When you switch on your PC the Linux will prompt your user name and password. Depending on the conguration this prompt can appear either in textual console or in graphical user interface (XWindows). After entering both correct name and password you are authorized to use the system.
localhost login: lab password:
If you work in graphical mode you will see an environment like the one in Figure 2.21 which looks similar to Microsoft Windows. If you are working in textual mode you will see something like this:
[lab@localhost lab]$
This is a command prompt and you are supposed to write Unix commands after the symbol $. Laboratory Manual 27
2.7. Linux hints
Before the session
Protocol name Ethernet (eth) Ethernet (eth) Ethernet (eth) Ethernet (eth) Ethernet (eth) Ethernet (eth) IP IP IP IP IP IP IP IP IP IP IP IP TCP TCP TCP TCP TCP TCP TCP TCP TCP TCP UDP UDP UDP UDP UDP SMTP SMTP
Field name Source or Destination Address Destination Length Source Trailer Type Source or Destination Address Header checksum Differentiated Services eld Destination Flags Header Length Identication Total Length Protocol Source Time to live Version Acknowledgement number Checksum Destination Port Flags Header Length Next sequence number Source or Destination Port Sequence number Source Port Window size Checksum Destination Port Length Source or Destination Port Source Port Request Response
Filter name eth.addr eth.dst eth.len eth.src eth.trailer eth.type ip.addr ip.checksum ip.dseld ip.dst ip.ags ip.hdr_len ip.id ip.len ip.proto ip.src ip.ttl ip.version tcp.ack tcp.checksum tcp.dstport tcp.ags tcp.hdr_len tcp.nxtseq tcp.port tcp.seq tcp.srcport tcp.window_size udp.checksum udp.dstport udp.length udp.port udp.srcport smtp.req smtp.rsp
Filter description 6-byte Hardware Address 6-byte Hardware Address Unsigned 16-bit integer 6-byte Hardware Address Byte array Unsigned 16-bit integer IPv4 address Unsigned 16-bit integer Unsigned 8-bit integer IPv4 addres Unsigned 8-bit integer Unsigned 8-bit integer Unsigned 16-bit integer Unsigned 16-bit integer Unsigned 8-bit integer IPv4 address Unsigned 8-bit integer Unsigned 8-bit integer Unsigned 32-bit integer Unsigned 16-bit integer Unsigned 16-bit integer Unsigned 8-bit integer Unsigned 8-bit integer Unsigned 32-bit integer Unsigned 16-bit integer Unsigned 32-bit integer Unsigned 16-bit integer Unsigned 16-bit integer Unsigned 16-bit integer Unsigned 16-bit integer Unsigned 16-bit integer Unsigned 16-bit integer Unsigned 16-bit integer Boolean Boolean
Table 2.7: Important protocol elds in Ethereal
Application Telnet WWW SMTP DNS
Protocol TCP TCP TCP UDP
Number 23 80 25 53
Table 2.8: Some useful port numbers
Filter string ip tcp.dstport eq 25 ip.src eq 192.x.x.x and udp.dstport eq 53 ip.addr eq 192.x.x.x and tcp.port eq 80 arp
Description display only IP packets display SMTP requests display DNS requests display HTTP communication display ARP trafc
Table 2.9: Some useful display lters
Laboratory Manual
28
2.7. Linux hints
Before the session

These are "terminal windows" LAUNCH SEVERAL OF THEM
This is "Start" buttom
To launch terminal window click HERE
Task pannel
Figure 2.21: Graphical User Interface. REMEMBER IN THE LAB THE USER AND PASSWORD ARE: User: lab

Password: labo
2.7.2 The Linux le system

It is very important to know at least a minimum of information about the Linux le system to perform successfully in our lab. The le system in Linux is organized as a tree where all directories are branching out from the root. The root of the Linux le system is denoted as /. Under the root there are a number of subdirectories (execute ls / to see the content of the root directory). Among them the most interesting for us are: /bin, /usr/sbin, /sbin, /etc/, and /home. The rst three directories contain the binary les which are capable to change the key parameters of the system. The directory /etc contains the system conguration les. Conguration les are the textual les which can be modied by the administrator of the system. The directory /home contains the directories of the users. So, for example, if a user with the user name lab exists in the system then all his les will be placed in the directory /home/lab. Obviously, in Linux the rights to access different directories are restricted for different users. By default for a normal user, a write access is forbidden for the whole /etc directory, and the execution of all programs that can modify system parameters is limited (e.g. ifcong, route etc.). Therefore you have to know that in order to modify any system parameter you must be a superuser (root) or have special priviledges (such as the user lab has). Another important thing for you to know is the concept of paths. In Linux there is a special system le for each user which contains the paths to the most used directories. Since the access to some parts of the le system is restricted for the normal user, there is no path to the programs which are in the /bin /usr/sbin. If, for example, you have logged in as a normal user you will not be able to execute traceroute command. In this case you have to specify the full path to this command (e.g. /usr/sbin/traceroute) to execute it. But the easiest way to avoid this problem is to login as lab initially. To summarize the discussion: All directories are branching out from the root (/) The record /usr/sbin/traceroute means: The program traceroute is in the sbin directory, which is in the usr directory. The usr directory branches directly from the root (/) The most used programs in our lab have the following paths (try to specify the whole path when you see an error like bash: name_of_command: command not found): 1. 2. 3. 4. /sbin/ifcong /bin/ping /usr/sbin/traceroute /sbin/route 29
Laboratory Manual
2.7. Linux hints Command ls cd [name of a directory] less [name of a le] more [name of a le] cp [le1] [le2] mv [le1] [le2] rm [le1]
Before the session Meaning List the content of your working directory Change the directory Display the content of a le (you can use both) Copy les Move les Remove le (i.e, delete)
Table 2.10: Unix commands
2.7.3 XWindows and virtual consoles

The graphical user interface in Linux has the name XWindows. We will not describe all functionality of XWindows; you will nd it easy to use. Remember, even if you work in graphical mode it is still a Unix system and whenever you would like to execute something you could need to type a command somewhere. For this purpose XWindows offers the so-called terminal windows. The screen shoot in Figure 2.21 shows how to launch a terminal and how it looks like. In this window you will see a command prompt such as:
[lab@localhost lab]$
You can open as many terminal windows as you want - they will work in parallel. There is however another way to execute commands. Linux allows switching between graphical mode (XWindows) and textual mode by means of virtual consoles. Linux by default offers 6 consoles to the user and you can switch between them by pressing the following sequence of keys: CTRL-ALT-F1 ... CTRL-ALT-F6. When you switch to a console you will see the login prompt:
localhost login:
After you log in, you will see the command prompt. You can always return to the graphical mode by pressing CTRL-ALT-F7.
2.7.4 Unix commands

Let us remind you again that all commands have to be written in the terminal window. Here we give you a list of the most useful commands. You can always get online help about the syntax of a particular command typing
man Name_of_a_command
Note, that this may be the most useful command in Unix. Use it always when you are unsure about the syntax of a command. The commands which you will use in the lab are listed in Table 2.10. You can edit text les using many available text editors like: vi, pico, emacs, or any graphical editor you can nd in XWindows such as gedit.
2.7.5 Getting help

Remember, if you are working with Linux you can always get online help about a particular command by typing: man [name of a command]. A summary about the usage of a particular command can be obtained using the option -help. For example : ifcong - -help. However, if you want to access help via Internet there are sites that contain all Linux documentation. The documents about all Linux concepts have the name HOWTO. You can nd them at http://en.tldp.org/. You can also access online manuals for Linux commands at http://man.he.net.
Laboratory Manual
30
Tasks
During the laboratory session

2.8 Task 1: Review your network diagram
The rst thing you should do when creating a network is to carefully review your network diagram and identify the different elements in it. Figures 2.2 and 2.3 show the network diagram for this session. Look at them and answer the following questions: 1. How many departmental backbones are there in the whole network? 2. How many LANs are there per backbone? 3. How many link-layer hops do the packets perform from the PC in your LAN to the gateway to the Internet? (Hint: How many cables are your packets crossing in Figure 2.3?) 4. How many hops do the packets perform considering ONLY the network layer in the same path? (Hint: How many IP-level devices are your packets crossing?) 5. Each position in the lab corresponds to an area network of a particular department. Write below the name of the network you are in and the range of the assigned IP addresses. Network address:

Broadcast address: The range of addresses available for the devices in your network: Network mask:
6. Figure 2.22 represents the equipment in your area network and part of the departmental backbone. Using gure 2.2 and gure 2.3 as a guide, ll in the IP addresses, names and interface names corresponding to your position. Assign the IP addresses following the rules given in section 2.1.1.
2.9 Task 2: Identify your equipment

This task focuses in the identication of the equipment in your lab position. You will work with the router, the switch and the PC to nd their external ports. The guidelines given at section 2.2 will be a great help here. This task is both simple and important. You need to be familiar with the aspect and location of the different ports, before you can perform more complex conguration tasks. In addition to the network devices, here you will also work with the cables that interconnect them. Knowing how to identify the different cables is also very important for the rest of the tasks in the lab. 1. Following the indications of section 2.2, nd the router, the switch and the PC server. Note that the model name of the Cisco equipment appears in the front top-right corner of the box. Search in the Cisco boxes and write down the model series: Cisco router: Cisco switch: series Catalyst
2. Start working with the router. Find all its Ethernet ports, its console port, its power switch and its power supply socket. 3. In the switch, nd its Ethernet ports and its power supply socket. 4. In the PC, nd its serial and Ethernet ports. 5. Classify the cables in your lab position into crossover, straight-through and roll-over cables. Find also the DB9 to RJ45 adapter. Laboratory Manual 31
Tasks
Figure 2.22: Area diagram
Laboratory Manual
32
Tasks
During the laboratory session The different types of cables in the lab can also be identied by the color of their external covers. Please write here the color corresponding to each type of cable: Crossover cable: Straight-through cable: Roll-over cable:
Note: The color of the external cover is not standardized at all. Different brands can use different colors for the same type of cables. Check the color code in the RJ45 plugs to properly identify the type of cable.
2.10 Task 3: Congure the PC server

In this task you will congure the PC using the commands described in the subsection 2.6. In order to do this you will need to perform two actions. First you have to congure the network interface of your computer (assign the proper IP address and the proper netmask). The second action is to write proper information in the routing table of the PC. 1. Switch on your PC and wait for the boot menu. 2. Choose 2G1316-2G1317 in the boot menu to load the operating system. 3. Log in to your PC as user lab with password labo. If this dosent work check that you chose the 2G13162G1317 in the boot menu. 4. Open a terminal window. You will type all commands in there. 5. Put up your Ethernet interface (in your PC the interface name is eth0) with the command ifcong. Recall the IP information of your network and congure your interface using the following command:
ifconfig Interface_ID IP_of_your_PC netmask Your_Netmask broadcast Broadcast_address
Check the values of your interface by typing ifcong without options. You should see the conguration information in the form shown below. Fill in below the missing elds of the ifcong output:

eth0
Link encap:Ethernet HWaddr inet addr: Bcast: Mask: UP BROADCAST RUNNING MULTICAST MTU: Metric:1 RX packets:1217 errors:0 dropped:0 overruns:1 frame:0 TX packets:303 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:100 Interrupt:11 Base address:0x200 Link encap:Local Loopback inet addr: Mask:255.0.0.0 UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:6 errors:0 dropped:0 overruns:0 frame:0 TX packets:6 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0
lo
6. Add a route to the default gateway with the route command. The default gateway should be the inner interface of your LAN router.
route add default gw Address_of_your_router
Check the content of the routing table by executing

route -n
Fill in the missing elds of the routing table of your PC:

Kernel IP routing table Destination Gateway 0.0.0.0 169.254.0.0 0.0.0.0 127.0.0.0 0.0.0.0 0.0.0.0 Genmask 255.255.0.0 255.0.0.0 0.0.0.0 Flags Metric Ref U 0 0 U 0 0 U 0 0 UG 0 0 Use Iface 0 eth0 0 lo 0 0 eth0
Laboratory Manual
33
Tasks
During the laboratory session Looking at the routing table above, answer the following question (you should not run any command to answer this question, just look at the table, which you have lled in above). Suppose you ping a computer inside your network and a computer which is outside of your network. Look at the routing table of your computer and mark which routing entry is the one that is used to send these ping packets, both to the switch and a computer outside your network.
2.11 Task 4: Congure the switch

This task deals with the conguration of the switch in our network. You will create the conguration le of the switch following the steps described in 2.3.2. You will use the PC running Linux as the management console. 1. Before starting the initial conguration of the switch, you need to nd out the answers to the question that will appear during the setup process. Most of these answers already appeared in 2.3.2. The IP conguration data must be obtained from the network diagram for your session (See Figure 2.2 considering the position of the switch in the network and your IP addressing scheme) Fill in the gaps below with the information to be used for the conguration of the switch:

Switch IP address: Switch net mask address: Switch default gateway address: Switch secret password: Switch Telnet password: If the switch is a link-layer device and thus independent of the IP layer, why does it requires an IP address?
2. Connect a management console to the switch following the instructions in 2.2.1. 3. Start the management console following the instructions in 2.3.1. 4. Power on the switch. Some messages should be displayed in the console while the switch boots. If there are no messages displayed, check the connection and conguration of the emulated console. 5. Perform the initial conguration of the switch as described in 2.3.2 6. Once you have nished and saved the initial conguration, reboot the switch using the switchs command reload. 7. After the switch completes the reboot process, connect the PC Ethernet port to any port of the switch. In the PC open a terminal window. Execute telnet IP_of_the_Switch to login from the PC to the switch. Display the conguration of the switch using the proper CLI command. With the information shown, ll in the gaps below.
interface VLAN1 ip address ip default-gateway
Laboratory Manual
34
Tasks
2.12 Task 5: Congure the router

This task deals with the conguration of the router in our network. You will create the conguration le of the router following the steps described in 2.3.3. You will use the PC running Linux as the management console. 1. Before starting the initial conguration of the router, you need to nd out the answers to the question that will appear during the setup process. Most of these answers already appeared in 2.3.3, but the IP conguration data must be obtained from the network diagram for your session (See Figure 2.2 considering the position of the router in the network and your IP addressing scheme). Fill in the gaps below with the information to be used for the conguration of the router:

FastEthernet 0/0 IP address: FastEthernet 0/0 subnetwork mask address: FastEthernet 0/1 IP address: FastEthernet 0/1 subnetwork mask address: Router default gateway address: Router secret password: Router Telnet password:
Looking at the network diagram, you can discover that the router needs four static routes to reach all the networks. Fill in the routing information in the table below. Remember that the router needs a static route to the network behind each of the other area routers in the same departmental backbone. Since there are three additional routers per departmental backbone, three statics routes are needed. In addition, the router needs a static route indicating that any other network can be reached through the PC-router interface in the backbone. Use the network number 0.0.0.0 and network mask 0.0.0.0 to identify any other network. Note that the router can reach any host in a directly connected network without a static route to that network. No 1 2 3 4 Destination network Subnet mask Next hop address
2. Connect a management console to the router following the instructions in 2.2.1. 3. Start the management console following the instructions in 2.3.1 4. Connect the router Fast Ethernet ports to the corresponding switch ports. Remember to use the proper type of Ethernet cable. Refer to Figure 2.3 to nd out which ports of the router should be connected to each network. 5. Power the router on. Some messages should be displayed in the console while the router boots. If there are no messages displayed, check the connection and the conguration of the emulated console. 6. Perform the initial conguration of the router as described in 2.3.3. 7. Once you have nished and saved the initial conguration, add the static routes of the table above using the "ip route" command. The parameters to this command can be discovered using the question mark character in the CLI while in conguration mode. 8. Once you have added the routing table save the conguration with the copy command. Use the proper parameters to this command. 9. Once you have completed and saved the conguration, reboot the router using the command reload. 10. After the router completes the reboot process, open a terminal window in the PC. Execute telnet IP_of_the_Router to login from the PC to the router. Display the conguration of the router using the proper CLI command. With the information shown, ll in the gaps below. Laboratory Manual 35
Tasks
interface FastEthernet0/0 ip address no ip directed-broadcast speed full-duplex ! interface FastEthernet0/1 ip address no ip directed-broadcast speed full-duplex !
11. Ping from the router to its default gateway (the interface of the PC-router in your departmental backbone). Which is the symbol used to display a successfully received ping reply?
2.13 Task 6: Using ping and understanding its output

1. Now after you have congured your computer and the network equipment, you can test the connection. If something does not work, do the troubleshooting described in Section 2.5.1. In a terminal window of the PC try the ping command to check that the following hosts are alive (reachable from your machine). Pinging the PC-Router use the IP address of the interface which belong to your department (Check Figure 2.2 for the proper address).

ping -n router_IP ping -n IP_of_PC-outer ping -n www.imit.kth.se
Ping the machine www.it.kth.se and stop it after a few replies typing Ctrl+C; ll in the missing parts of the ping output given below and answer to the following questions.
PING www.it.kth.se ( bytes from bytes from bytes from ) ( ( ( (84) bytes ): ): ): of data. icmp_seq=1 ttl= icmp_seq=2 ttl= icmp_seq=3 ttl= time= time= time=
How many IP hops away is the machine www.it.kth.se from your current position? (Remember ping requests/replays are sent with maximum value of TTL = 255)
2.14 Task 7: Using traceroute and understanding its output

1. Run traceroute to the following destinations (do not forget the option -n, which switches off DNS lookup):
traceroute -n IP of the gateway to the Internet traceroute -n www.it.kth.se traceroute -n www.berkeley.edu
If traceroute does not work, do the troubleshooting. 2. Most of the large corporations try to hide the internal structure of their network. Because of this the routers are congured not to send ICMP messages back. Make a traceroute to the following machine and answer the following questions: www.microsoft.com. Which is the sequence number of the rst router which does not respond? 36
Laboratory Manual
Tasks
2.15 Task 8: Checking ARP (only for 2E1623 students)

1. Discover how exactly your PC does the mapping between MAC and IP addresses and how that affects the protocols and their performance. Execute : arp -a . How many entries has the ARP table of your PC?

What is the Ethernet address of your PC(you can also nd this information using ifcong command)?
2.16 Task 9: Using ethereal (only for 2E1623 students)

1. In this task you should discover some details of the protocols work by observing the trafc using Ethereal. First, remember the facts about construction of the lters and do the following: The following lter will display all Ethernet frames from and to your machine which contain the ARP protocol (we will refer to this lter later as ARP_FILTER). Execute ifcong to discover Your_MAC_Address.
eth.addr==Your_MAC_Address and arp
The following lter will display only IP trafc (we will refer to this lter later as IP_FILTER).
ip
The following lter will display traceroute trafc from and to your PC (we will refer to this lter later as TRACEROUTE_FILTER).
(ip.src==IP_of_Your_PC and ip.proto==0x11) or (ip.dst==IP_of_Your_PC and ip.proto==0x01)
2. Before proceeding further run the following command in a terminal window:

arp -d switch_IP
If you see an error message after executing this command this means that your ARP table does not have an entry for this IP address. This is ne, just proceed with the task. Now gow back to your Ethereal window. While capturing, make a ping to the switch in your network. Type the ARP_FILTER in the Filter eld of the main window of Ethereal and answer the following questions: On which layer of the TCP/IP stack does ARP work?
What is the meaning of the rst message of ARP (look at info column)?
What is the meaning of the second message of ARP (look at info column)?
What is the destination address of an ARP request?
What is the destination address of an ARP reply?
3. While capturing, make a ping to the ROUTER in your network. Type the IP_FILTER in the Filter eld of the main window of Ethereal and answer the following questions: In the main window of Ethereal choose one of the ICMP request packets. Look at Figure 2.23, nd appropriate information in Ethereal and ll in the gaps (Hint: you need to calculate how many bytes the ICMP header of the PING packet is). 37
Laboratory Manual
Tasks
Figure 2.23: Format of the Ping message 4. While capturing the trafc in Ethereal, make a traceroute to 194.71.11.40 without the -n option. Type the TRACEROUTE_FILTER in the Filter eld of the main window of Ethereal and answer the following questions: How many times does the PC send traceroute probes to each hop? Hint: Choose consequently at least 7 UDP packets starting from the rst one. Look at Time To Live value of the IP header in each packet.

Choose one of the last three ICMP messages of the traceroute (these message came from the destination machine). What is the code (number and meaning) of this ICMP message?
Choose any other ICMP message of the traceroute (this message came from one of the routers on the path to the destination). What is the code (number and meaning) of this ICMP message?
What is the UDP port number(s) to which the traceroute sends its probes?
List the names of all protocols which are involved in the traceroute communications (look at the Protocols column in Ethereals main window).
5. Repeat the task in item 4 with -n option in the traceroute. Which protocols are missing now?
Laboratory Manual
38
Chapter 3
Lab Session 2: Digging in the protocols Before the session

3.1 Trafc ltering
The purpose of the routing is to provide enough information to the routers so they are able to forward trafc to any destination in the network. However, sometimes it is required that some part of the trafc does not reach certain destinations. For instance, we would like to avoid users from outside of our network to access the router in our network for remote conguration using telnet. In addition to security, there are more reasons to place restrictions on the network trafc. Load balancing is another typical example, where the trafc is classied and routed depending on its nature and not only its destination. The set of restrictions on certain types of trafc is usually referred as trafc policies. The mechanism to enforce these policies in the network is called trafc ltering, and a router applying it is commonly known as a rewall. The syntax for policies varies between different vendors and platforms, but all implementations allow us to express rules to check whether the trafc should be forwarded or dropped. Thus, it is important to note that trafc ltering is applied in addition to the routing. Since we are using Cisco equipment in the lab, we will use their syntax. In Cisco IOS, the ltering is called the access control and it is expressed through Access Control Lists (ACL). An ACL is a sequential collection of statements that establish what kind of packets to permit or deny based on their source address, destination address and/or port. It is possible to store several ACLs in the conguration of the routers, but only two ACLs can be applied per interface, one for the outgoing trafc and another one for the incoming trafc. Each packet arriving or leaving the interface is tested against the statements to determine whether it should be forwarded or dropped. These concepts are better illustrated with an example. Imagine that we want to create a policy that forbids HTTP trafc (web browsing) to get in our network 192.168.10.0/24. Using the Cisco ACLs, this is written as follows:
ip access-list extended noHTTPtraffic deny tcp 0.0.0.0 255.255.255.255 192.168.10.0 0.0.0.255 eq 80 permit ip 0.0.0.0 255.255.255.255 0.0.0.0 255.255.255.255
These lines should be included in the conguration le of the router as the rest of the conguration. The rst line declares that the denition of an ACL is starting. The keywords ip access-list are mandatory, while extended species the type of ACL. There are several types of ACL, but we will always use extended ACL because they provide the richest syntax. The rst line ends with the name we gave to this ACL, noHTTPtraffic, that can be used for reference to this ACL later. The second and third lines are the statements, which establish our policy. The rst keyword deny or permit indicates whether the statement will deny or accept respectively the trafc if the condition is satised. The rest of the line contains the condition against which each packet will be tested. The condition starts with a keyword and then it has two mandatory addresses source address and destination address and optionally port. The rst keyword in the condition indicates the type of trafc to match. Possible values for this eld are tcp,udp,ip or icmp. After the trafc type, each address is specied with two words, the rst is the expected IP address and the second is called a wildcard mask. The wildcard mask indicates which bits of the packets IP address must match the expected address for the statement to be applied. The wildcard mask looks like a network mask, but it operates in a completely different way. Each 0 bit in the wildcard means to check the corresponding packets address bit, while a 1 bit means to ignore. So the destination address 192.168.10.0 0.0.0.255 of the rst statement means that the rst 3 octets of the packets destination 39
Tasks
Before the session
address must match the rst 3 octets of the given address for this rule to be applied. The last octet of the packets address is not checked since the wildcard mask contains ones there. As a special case, the address 0.0.0.0 means any IP address and the wildcard mask 255.255.255.255 means do not check any bit of the packets address. In our example, the couple 0.0.0.0 255.255.255.255 in the source address of the rst statement means accept any address as the source address of the tested packet. The router will display the word any instead of this couple. The condition nishes with the port to be matched, being this information optional. In our example, the rst statement contains a port limitation in the condition but not the second. In the rst condition, eq 80 means that the packet must contain the port 80 (HTTP port) to match the condition. To summarize, our ACL has two statements. The rst one denies tcp trafc from any source with destination any host in our network (192.168.10.0/24) if the packet contains HTTP trafc (port 80). The second one permits any other packet. It is important to highlight that the packets are tested against the statements in the order in which the statements were created and that when a packet matches a statement, the permit or deny decision is made and the rest of the statements are not checked. For example, if the second statement were in the rst position, all packets would be accepted since all would match the permit condition and the deny condition would never be tested. To nish with the syntax of the ACLs, mind that by default they contain a nal statement deny 0.0.0.0 255.255.255.255 0.0.0.0 255.255.255.255, which will deny all packets not matching any of the previous statements. It is always there, even though it is never displayed. This means that the second statement of our example is important, otherwise the default statement would have drop all the packets not containing port 80. Remember that you always need to permit the allowed trafc explicitly. Once the desired ACLs are included in the conguration of the router, they must be linked to a particular interface. This linking mechanism provides great exibility because different interfaces in the router can apply different policies (ACLs). The syntax to link our ACL to the incoming trafc to the FastEthernet0/1 port of the router would be:
interface FastEthernet0/1 ... ip access-group noHTTPtraffic in ...
It is a straightforward command in the interfaces conguration where the name of the ACL is used to identify it. The nal keyword in means that the ACL is to be checked against incoming trafc, thus outgoing trafc will not be ltered. The other value of this nal keyword can be out to lter outgoing trafc. Remember that there is an additional restriction; at most two ACL can be linked to one interface (one per direction). To close this section, we will give you some useful hints when working with ACLs. The ACL must be created in global conguration mode, but they are linked to interfaces from the particular interfaces conguration mode. The statements are tested in the order in which they were created, thus if you need to change the order of the statements, you have to delete them rst using the no form and retype them again in the desired order. The command show ip interface executed in privileged mode lists the ACLs, which are set for each interface. And the command show access-list [name] displays the contents of the ACL given by name. When the optional name is omitted all ACLs are displayed.
Laboratory Manual
40
Tasks
Figure 3.1: Area diagram

3.2 Task 1: Initial conguration of the equipment
This task will guide you through the initial conguration of the equipment for this lab session. We will use the network diagrams depicted in Figures 2.2 and 2.3. 1. Figure 3.1 represents the equipment in your area network and part of the departmental backbone. Using gure 2.2 and gure 2.3 as a guide, ll in the IP addresses, names and interface names corresponding to your position. Assign the IP addresses following the rules given in section 2.1.1. 2. Following this diagram, connect the interfaces of the router, the switch and the PC. 3. First you need to congure the router in your network. Connect the management console to the router. Use the PC running Linux as management console. Remember to link the console port of the router to the serial port of the PC using the rollover cable and the RJ-45 to DB9 converter. Laboratory Manual 41
Tasks
4. Once the cable is connected, login to your PC as user lab using password labo. Open a terminal window in the PC and start the program minicom there. 5. Connect the power cable to the router and switch it on. Check that some messages appear in the management console as the router boots. 6. Wait until the router boots. Then if the router asks you whether you would like to enter the initial conguration dialog, answer no. When the routers prompt appears, enter in global conguration mode using the enable command. 7. This time we will not congure the router typing all commands in the command line interface, but we will download the conguration from a TFTP server in the network. So the rst step is to congure the router to reach the TFTP server. In our network, the TFTP server is running in the PC-router, which is also the default gateway to the Internet. This PC can be reached through the routers port named FastEthernet0/1. Using the information in gure 3.1, congure the routers interface FastEthernet0/1 with the proper IP address and network mask. Remember to use the proper commands to enter in interface conguration mode (i.e. configure terminal and interface FastEthernet0/1). 8. Once you have congured the interface, check that it is not shutdown. In order to check this display the running conguration of the router (show running-config). Find the description of the interfaces. If the word shutdown is part of the conguration of any of the two interfaces (i.e FastEthernet0/0 or FastEthernet0/1) the interface does not work. If this is the case you have to switch it on manually by performing the following steps; otherwise omit them. (a) Enter in the interface conguration mode (i.e. configure terminal and interface FastEthernet0/x, where x is the number of the shutdown interface). (b) Type no shutdown. (c) Exit from the interface conguration mode. 9. At this point you must be able to reach the TFTP server. Check it using ping from the router to the PC-routers closest interface. If you cannot reach the IP address of the TFTP server, review all previous steps until you nd the problem. Do not proceed to the next step, before you can reach the TFTP server. 10. The TFTP server stores a different conguration le for every router. So you have to download the le corresponding to your router using the right lename. The lename of your routers conguration is composed by your network name and the sufx -r-cong. For example, if your position is area 2 of the production department, the lename is pro2-r-cong. If your position is area 4 of the research and development department, the lename is rad4-r-cong and so on. Download that le to your routers running conguration, using the following Cisco command in global conguration mode: copy tftp running-config Firstly, you will be asked for the IP address of the remote host. This should be the IP address of the closest interface of the PC-router to your router. After this you need to indicate the lename and the destination lename (use the default value running-config). After you answer the third and last question, the conguration le will be downloaded to your router. The conguration will become the running conguration in the router immediately after the download process is completed. 11. The router is now congured as gure 3.1 indicates, including passwords and routing table. Looking at the running-conguration, check that none of the FastEthernet interfaces is shutdown as explained in Step 8 above. 12. Check that the received conguration is correct. To do this: (a) Check that the IP addresses assigned to the interfaces correspond to those in gure 3.1. (b) Check the routing table. You should be able to ping and traceroute any hostname in the Internet from the router. For instance, try to traceroute www.imit.kth.se. 13. Save the conguration of the router using copy running-config startup-config. 14. Now that the router is ready, congure the switch. Connect the management console to the switch and power it on. Some messages should appear in the console while the switch boots. Laboratory Manual 42
Tasks
15. Wait until the switch boots. Then if the switch asks you whether you would like to enter the initial conguration dialog, answer no. When the switch prompt appears, enter in global conguration mode using the enable command. Note that the switch can ask you to log in. 16. Using the information in Figure 3.1, congure the switchs interface VLAN1 with the proper IP address and network mask. Remember to use the proper commands to enter in interface conguration mode (i.e. configure terminal and interface vlan1). 17. Set the default gateway for the switch with the command ip default-gateway privileged mode. IP_of_Gateway in
18. Once you have congured the interface and the default gateway, you must be able to reach the TFTP server. It is the same server for both the switch and router. Check it using ping from the switch. If you cannot reach the IP address of the TFTP server, review all the previous steps until you nd the problem. Do not proceed to the next step, before you can reach the TFTP server. 19. The TFTP server stores a different conguration le for every switch. So you have to download the le corresponding to your switch using the right lename. The lename of your switchs conguration is composed by your network name and the sufx -sw-cong. For example, if your position is area 2 of the production department, the lename is pro2-sw-cong. If your position is area 4 of the research and development department, the lename is rad4-sw-congand so on. Download that le to your switchs running conguration, using the following Cisco command in global conguration mode: copy tftp running-config Firstly, you will be asked for the IP address of the remote host. This should be the IP address of the closest interface of the PC-router to your router. After this you need to indicate the lename and the destination lename (use the default value running-config). After you answer the third and last question, the conguration le will be downloaded to your switch. The conguration will become the running conguration in the switch immediately after the download process is complete. The switch is now congured as gure 3.1 indicates, including passwords and the IP address. 20. Check that the received conguration is correct. Check that the IP addresses assigned to the vlan interface is right and check the default gateway. You should be able to ping and traceroute any host in the Internet from the switch. For instance, try to traceroute www.imit.kth.se. 21. Now, save the conguration of the switch using copy running-config startup-config. 22. Finally, congure the PC Ethernet interface using the commands described in the section 2.6. You will need to congure the network interface with proper IP address and network mask, and then the PC routing table. Open a terminal window in your PC. You will type all commands there. 23. Congure your Ethernet interface (Remember that in your PC the ID of the Ethernet interface in the PC is eth0) with the command ifconfig. Recall the IP information of your network and congure your interface using the following command:
ifconfig Interface_ID IP_of_your_PC netmask Your_Netmask broadcast Broadcast_address
24. Add a route to the default gateway with the route command. The default gateway should be the inner interface of your LAN router.
route add default gw Address_of_your_router
25. Now the conguration of the PC is nished. You should be able to ping and traceroute any hostname in the Internet from the PC. For instance, traceroute to www.imit.kth.se.
3.3 Task 2: Trafc ltering

In this task you will have to use Cisco ACLs to enforce a couple of policies in your area network. The policies are: Policy 1: All incoming telnet connections must be blocked, while outgoing telnet connections must be allowed. Policy 2: Users within the area network should be only permitted to browse the Internet with a web browser or telnet to remote locations. Any other application must be blocked. The rst policy would be part of the network security because it would avoid remote conguration of our network equipment from outside the area network. The second policy would enforce the correct use of the network resources, restricting the user trafc to the allowed applications. Laboratory Manual 43
Tasks
1. From the PC telnet to the PC router in the lab, the one that offers Internet access to all the routers. It can be reached at any IP address shown in Figure 2.3. Use the same user and password that you are using in the PC at your position. The Linux command should look like this:
telnet IP_of_PC-Router -l Lab
2. From the PC-router telnet to your own router and enter in privileged mode (command enable) so you can change the conguration of the router. Note that this is exactly the type of connection that policy 1 tries to forbid. 3. Write below the ACL corresponding to the above policy 1 using the the proper Cisco syntax. Remember that telnet uses tcp port 23.
4. Add the ACL above to the router conguration using the telnet connection established through the PC-router. Do not link the ACL to the interface yet. Close the telnet connection from the PC-router to your router with the command exit after adding the ACL. 5. Connect the management console to the router, enter in the conguration mode and link the previous ACL to the proper interface. Note that the proper interface depends on how you wrote the ACL. Mind that the telnet connection to PC-router from your PC should keep working after the ACL is set. 6. Now that the ACL is set, check that you cannot establish a telnet connection from the PC-router to your router any longer. What is the error message displayed when the telnet connection fails?
7. Before starting with the second policy, check that you can open with a web browser in the PC both ftp://ftp.sunet.se and http://ftp.sunet.se. Both URLs will reach the FTP archive of the Swedish University Network, but the former will use the FTP protocol while the second will use the HTTP protocol. The second policy will only permit the HTTP connection to this site. 8. Close the web browser. 9. Write below the ACL corresponding to the policy 2 using the proper Cisco syntax. Note that this ACL should permit some additional trafc not mentioned in the text of the policy before blocking the rest of the trafc: Web browsing (tcp port 80) will work if Domain Name Resolution (DNS) is working, thus DNS (udp port 53) should be permitted as well. In addition, you should allow the trafc useful for network maintenance, so permit also ICMP trafc.
Laboratory Manual
44
Tasks
10. Add this second ACL to the router conguration using a telnet connection from your PC to the router. 11. Link this new ACL to the proper interface. Note that the proper interface depends on how you wrote the ACL. Mind also that the outgoing telnet connection to the router from your PC allowed by policy 1 should keep working after this ACL is set. 12. Now that the ACL is set, check that you can still open this URL http://ftp.sunet.se with a web browser in the PC. 13. Now check that you cannot open this URL ftp://ftp.sunet.se with a web browser in the PC. What is the error message displayed when the connection fails?
14. Now check that ftp.sunet.se is still alive using ping from the PC. Why does ping work when the site cannot be browsed?
15. Now trace the route from the PC to ftp.sunet.se using the Linux command traceroute. Why cannot traceroute reach the destination even when ICMP trafc is allowed? (Hint: read traceroute manual page with man traceroute if you are not sure how it works).
Laboratory Manual
45
Tasks
Laboratory Manual
46
Chapter 4
Lab Session 3: Offering network services Before the session

4.1 Domain Name System
The Domain Name System converts hostnames to IP addresses and vice-versa. DNS is one of the most obscure areas of network administration, but we will try to give you a good introduction to it, so that you are able to congure a DNS server and understand what you are doing. Some simple words of caution, though: DNS is a net-wide database, so take care about what you put into it. Keep your DNS tidy and consistent and you will get good service from it. Learn to use it, administer it, debug it and you will be another good administrator keeping the net from failing due to mismanagement.
4.1.1 What is DNS?

The Domain Name System is a distributed database, that operates on a clientserver scheme. It support replication and caching to provide robustness and adequate performance. The name servers are the programs that contain information about different parts of the database and provide that information to the clients, which are called resolvers. Most of the time, the resolvers are just libraries that send queries across the network to the name servers. The structure of DNS is seen as an inverted tree with the root node at the top, very similar to the UNIX le system. Each node in the tree has a label that identies it to its parent. The root node has reserved the . label. Each of the subtrees of the whole tree represent a part of the DNS database, or in other words a domain in the Domain Name System. Each domain can also be divided into subdomains, that are drawn as children of their parent domains. Every domain has a unique name, which identies its position in the database. In DNS, the domain name is a sequence of labels from the node at the root of that particular domain to the root of the whole tree, with . separating the labels. Domain names are the indexes to the DNS database. Each domain may contain nal hosts and subdomains Each host on the network has a domain name, which points to the information about that host in DNS database. This information can include IP address, e-mail information, etc. A host in the Internet may have several different names. However, one of them must be declared as an ofcial canonical name. Other names are just domain name aliases, which are equivalent to the canonical name. In DNS, each domain can be managed by a different organization or company, and they can break their domain in as many subdomains as they want. Even more, the organizations can give responsibility of those subdomains to different organizations.
4.1.2 How DNS works

When a DNS client wants to look up a name, it queries DNS servers to resolve the name. The query that the client sends contains three pieces of information: A Fully Qualied Domain Name (FQDN), which is the specic domain you are looking for

A query type, specifying a simple resource record or a more complex query A class for the DNS domain name 47
Tasks
Before the session
DNS queries are resolved in different ways. Sometimes your machine contains a local cache that contains information previously looked for, or the DNS server can use its own cache to answer a query. However, most of the time, the DNS server needs to contact other DNS servers to resolve the name and then send back the answer to the client. This is called a recursive query. The client machine can also contact additional DNS servers using separate queries. This process is called iteration. The local name resolver The rst step when resolving a name is to contact the local resolver, which tries to answer using locally cached information. The local resolver operates with information obtained from two possible sources: A hosts le congured locally, which contains hosts name to address mappings. These manually inserted mappings are stored in the local cache when the DNS client is started.

Some Resource Records (RR) that came in previous responses from DNS servers, and that are kept in the local cache for some time.
If the local resolver is not able to solve a query, then the process continues with the client querying a DNS server. The DNS server When a client wants to query a DNS server, it needs to know the IP address of the server. This IP address can be stored locally in a conguration le or it can be received from the network when the network conguration takes place. Sometimes the list of DNS servers contains more than one entry, in which case the client usually selects the DNS servers one by one. In Linux operating system the le, which contain IP addresses of DNS servers is /etc/resolv.conf Each DNS server contains information about one or more domains. In the terminology of DNS the domain is also referred as a zone. When a DNS server receives a query, it rst checks whether the information is stored in one of its locally congured zone les. If it is, then the server answers the query authoritatively based on the resource information in that le. If no information exists in the local zone les, then the server checks whether it can answer the query with a cached response from a previous query. If this is not the case, then the query continues recursively. The process of recursion to resolve a query involves more DNS servers. By default, the DNS client asks the server to use recursion if needed before returning an answer. In most of the cases, the server is congured to support the recursion. The rst thing a DNS server needs in order to perform the recursion properly is some root hints. In other words it needs a list of IP addresses of DNS servers, which are authoritative for the root of the DNS tree. These root servers are authoritative for all the top level domains, like .com or .net. Using these root hints, a DNS server can recursively complete any query and locate the servers which are authoritative for any other DNS domain used at any branch of the DNS tree. Lets follow the example in Figure 4.1 to clarify it. Imagine that you have a laptop connected to your LAN in area1.rad.acme and you want to connect to another laptop in area3.mar.acme. Imagine the name of this second laptop is laptop1.area3.mar.acme. The rst thing that your laptop does is contacting the DNS server of your area, in this case ns.area1.rad.acme to obtain the IP address of laptop1.area3.mar.acme. The DNS server of your area has no information at all about anything out of its own area (we assume that the local cache is empty). Your DNS server decides that it needs to contact one of the root servers to obtain the authoritative server for the acme domain. In the environment of our laboratory, there is only one root server and its IP address is 192.168.0.1. The root server sends a referral to the authoritative server of acme domain (ns.acme). In our case the DNS server ns.acme runs on the same machine, its IP address is 192.168.0.1. After receiving the referral your DNS server proceeds with the recursion asking ns.acme to give an IP address of the DNS server responsible for the mar.acme domain. We congured the DNS server ns.acme so that it is authoritative for all its subdomains (adm.acme, pro.acme, rad.acme, and mar.acme).When the answer saying that ns.acme is also authoritative DNS server for mar.acme domain is received from ns.acme your DNS server will proceed with the recursion and ask ns.acme to give a referral to the DNS server of area3.mar.acme. It is important to understand that these two servers (i.e root, ns.acme) could be located in different machines, and most of the time they will be! Since ns.acme is authoritative for mar.acme domain it has a description of this zone, which includes the records about authoritative DNS servers for all its subdomains (area1.mar.acme, area2.mar.acme, area3.mar.acme, and area4.mar.acme). In our example the DNS server ns.acme will pick the IP address of ns.area3.mar.acme and will send it back to your DNS server. At the nal step of the recursion, your DNS server will send the full query for laptop1.area3.mar.acme to ns.area3.mar.acme. This last DNS server will give an authoritative answer with the IP address we are requesting to the DNS server of your area, nishing the recursion process. Finally, your DNS server (ns.area1.rad.acme) will forward the answer to the DNS client in your PC and the query will be nished. This recursion process can be time consuming and resource intensive, but it has some advantages for the DNS server, as it obtains information about the DNS name space and caches it in its local cache to speed up subsequent queries. The local DNS cache is cleared when the DNS server is restarted. Laboratory Manual 48
Tasks
Before the session
Figure 4.1: DNS conguration for an example domain.
Laboratory Manual
49
Tasks Alternative query responses
Before the session
When a server answers a query for a client, there are different types of responses that it can give. For example: An authoritative answer. It has the authoritative bit set and means that the answer was obtained from a server with direct authority over the queried name.

A positive answer, which contains the demanded resource records (RR) or a set of RRs that comply with the questioned DNS name and record type. A referral answer, which contains additional resource records not included in the query. This answers is given back to the client when recursion is not supported by the server, so that the client can continue the query using iteration. If the client is unable to use iteration, it can make further queries using the referral information. A negative answer, which can indicate that either an authoritative server answered that the queried name does not exist, or that it exists but there are no records of the specied type for that name.
How iteration and caching work When the use of recursion is disabled in the DNS server, or the client does not request its use, then the client uses iteration to resolve a name. An iterative query from a client demands the best possible answer from the server, but without contacting other DNS servers. If this is the case, the DNS server answers with the knowledge it has in its own cache or zone les. If the server does not have the right answer, it provides a list of name servers and resource records for other DNS servers that are closer in the DNS tree to the name queried. When the answer from the DNS server is a referral, it is up to the client to continue the iterative query to the other DNS servers, until it gets the denitive authoritative answer. The use of the cache by the server is fundamental in the whole DNS scheme. Caching provides the means to speed up the performance of DNS resolution and it also reduces the amount of DNS related trafc in the network. When DNS servers make recursive queries, they temporarily cache resource records with information obtained from other authoritative servers. This cached information coming from authoritative servers can be used to answer later queries about the same RRs. The information cached on the servers has a maximum TimeToLive (TTL). As long as the TTL does not expire the server can use the RR cached to answer queries. The cached RRs are assigned by default the minimum TTL, which is set in the zones start of authority (SOA) resource record. This default value is usually 3600 seconds, but it can be adjusted, or individual TTLs can be given to each RR.
Laboratory Manual
50
Tasks
During the laboratory session Your Position adm1 adm2 adm3 adm4 rad1 rad2 rad3 rad4 mar1 mar2 mar3 mar4 pro1 pro2 pro3 pro4 Name of the web server www.webcrawler.com www.adobe.com www.digits.com www.alltheweb.com www.dit.upm.es www.csu.edu.au www.abc.es www.ucc.ie www.semanticweb.org www.cbi-web.org www.healthweb.org www.un.org www.auckland.ac.nz www.rmit.edu.vn www.mult.ru www.anekdot.ru
Table 4.1: The hostnames to use in Task 2.2

4.2 Task 1: Initial conguration of the equipment
The rst task in this lab is to congure the router, the switch and the PC. For this, you will repeat the tasks in section 3.2. Follow all the steps you performed in lab 2 and congure properly these devices.
4.3 Task 2: Checking DNS operation

In this exercise we want you to understand the way DNS works. You will have to edit the conguration les in your PC that control the operation of DNS. In order to edit a conguration le you can use any text editor such as gedit, emacs, or vi. If you are not familiar with any of them, we suggest to use gedit. It can be started by typing gedit in a terminal window. 1. Edit the le /etc/resolv.conf. It contains the IP address of the DNS server to contact when resolving names. Change the name-servers IP address to the IP of the PC-router in the network: 192.168.0.1. After editing, the rst line of the le should contain the following:
nameserver 192.168.0.1
2. First, perform a recursive query to get the IP address corresponding to a hostname. In this step use dig without options to resolve hostnames. This is an example of the syntax:
dig Name_of_a_machine
Answer these two questions: Look in Table 4.1 and pick up the name of the web server which corresponds to your position. Resolve its IP address using dig. Look at the statistics part (the last part of digs output). What is the query time?

Repeat the previous exercise with the same name. What is the query time now? Why do you observe this phenomenon?
3. Second, perform a non-recursive query. In the last step, your DNS client contacted several servers to complete the recursive query. Now you will use dig to contact the different servers one by one until you get the IP address corresponding to the given hostname. The goal of this step is to discover how the DNS client in your PC resolves IP addresses given symbolic names. Execute these commands and answer the questions: Laboratory Manual 51
Tasks
During the laboratory session Execute the following command to obtain the list of available root servers.
dig +nostats +nocmd
How many ROOT servers does your machine recognize?
Choose a ROOT server from the list and write its name here:
Now perform non-recursive queries to resolve the IP address of the machine www.fokus.gmd.de. Write below the list of DNS servers (name and IP address) contacted. Start querying from the root server that you chose above and use the following syntax of dig to do non-recursive queries:
dig +norec +nostats +nocmd www.fokus.gmd.de @IP_of_the_DNS_server
Note: read the description of DNS in Section 4.1 if you do not remember how the recursion works.
How many DNS servers contain records about domain fokus.gmd.de?
Does the machine www.fokus.gmd.de have another name?
4.4 Task 3: Congure your own DNS

In this task you will congure a DNS server for your area network in the department. The process of conguring your DNS server is as follows: rst you will edit the conguration le of named, which is the program that listens to your queries. This le is called /etc/named.conf. In this le, you dene where the different les that contain the databases of your DNS zones are located. Second, you will have to edit these zone les appropriately, including the different mappings from IP addresses to names and vice-versa. All this zone les are usually located in /var/named, and in our case, they are inside the subdirectory /var/named/pz/. Remember the following! All les in the directory /var/named contain a serial number inside. A typical example is:
; ; Zone file for your_area.your_department.acme ; ; The full zone file ; $TTL 3D @ IN SOA ns.your_area.your_department.acme.
Laboratory Manual
52
Tasks

hostmaster.your_area.your_department.acme. ( 200203191 ; serial, todays date + todays serial #
Each time you edit this le, increment this eld by 1. This will tell your DNS server to ush the cache and load the edited zone information. Also, notice that in all templates that we provide to you, you need to change certain values. The values that you should change are written in italics in the manual. In general you should change the places where it says IP_of_Your_Router or your_area.your_department. One last comment: whenever you start named, you should always check the output messages of the initialization. All the output is forwarded to the ninth virtual terminal, so just press Ctrl+Alt+F9 to see named startup messages. To go back to the graphical environment X-Window, press Alt+F7. First, get the parameters for the conguration of your DNS server:
1. Considering the diagram in Figure 4.1 as an example identify the following information for your network.
What is the domain name of your department?

What is the domain name of your area?
What is the IP address of the machine which is able to resolve all domains of ACMEs network?
What is the IP address of the machine which run the DNS server for YOUR network?
Use Figure 4.1 as an example and assign the names to the devices in your network and ll them into the diagram in Figure 4.2 : 53
Laboratory Manual
Tasks
Figure 4.2: DNS information for your domain.
4.4.1 Conguring your domain

In this section you will set up your own domain. You should start by modifying the le /etc/named.conf. This le is the main conguration le for your DNS server. Before you start editing les, a few words about the syntax for comments in DNS related les. Comments in zone les start with a semicolon. Since all lines must nish with a semicolon, a line with a comment looks like this:
;This is a comment;
However, C-style /* */, C++-style // and Unix-style # comments are used in the le /etc/named.conf. Dont use a semicolon to mark a comment in this le. Finally, after each step that you perform, you should always save your conguration le before continuing. Look at the le /etc/named.conf. It should look like this:
options { directory "/var/named"; }; zone "." { type forward; forward only; forwarders { 192.168.0.1; }; }; zone "0.0.127.in-addr.arpa" { type master; file "pz/127.0.0"; };
Laboratory Manual
54
Tasks
During the laboratory session The directory line indicates the directory where the zone les are located. The name server changes its directory to this location before reading the les, allowing the lenames to be relative to this directory. On a primary master server, the named.conf le contains one record for each le to be read. The record starts with the keyword zone followed by the domain name and the class (in stands for the Internet). The word master indicates that this server is a primary master server for the zone, and the last line shows the le to be read. The special zone . is used when your server can not resolve the names by its own. Basically, you should read this zone description as For every name which is not under my responsibility forward the query to 192.168.0.1, which is the IP address of the PC-router; it will handle it. Open the le/var/named/pz/127.0.0. This le contains the database for your localhost (your own PC). You can check that it corresponds to the second zone in your named.conf le. It should contain the following:
Laboratory Manual
$TTL 3D @ IN SOA ns.your_area.your_department.acme. hostmaster.your_area.your_department.acme. ( 200203191; Year+Month+Date+Serial 8H ; Refresh 2H ; Retry 4W ; Expire 1D) ; Minimum TTL NS ns.your_area.your_department.acme. 1 PTR localhost.
Change all appearances of your_area and your_department to the names corresponding to your area and department (refer to Figure 4.2 for information). Save the le and proceed further. In this le you can see the structure of the database les (db). Remember that every line that starts with a semicolon is a comment. This le maps addresses to host names. Each le is named as the network number it represents, so 127.0.0 means that this particular le contains the mappings from IP addresses to names for any address of the form 127.0.0.x. As you can see, only the last part (the x) of the IP address needs to be written in the le, as all the other parts are already matched when this le is used. This is the reason why the localhost entry is only a 1, because the localhost address is 127.0.0.1. Notice also the . at the end of localhost. If a machine name does not end in a period in a zone le the origin is added to its end, so the entry would be localhost.127.0.0 which, of course, is wrong! Most entries in the db les are called DNS resource records, and they must start in column one. The ordering of resource records in the db les is as follows (not all of them need to be present): SOA record: Indicates authority for this zone le NS record: Lists a name server for this zone A record: Name to address mapping PTR record: Address to name mapping CNAME record: Canonical name (for aliases) Edit /etc/resolv.conf. Comment out the line that you already have and put the IP address of your PC as IP of the nameserver. Your le should look like this:
nameserver IP_address_of_your_PC #nameserver 192.168.0.1
Save the le and proceed further. Start named running /etc/init.d/named start. Check that named loads correctly by looking at the virtual terminal 9 (Remember: Ctrl+Alt+F9). Run dig -x 127.0.0.1 and ll the missing parts of its output below. Of course, some of the values will not be the same for you, as your localhost zone le could differ from this example, however the ANSWER SECTION should be there!
[lab@localhost lab]# dig -x 127.0.0.1 ;; Got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 22718 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1 ;; QUESTION SECTION: . . ;1.0.0.127. ;; ANSWER SECTION:
IN
PTR
55
Tasks
.in-addr.arpa. ;; AUTHORITY SECTION: 0.0.127.in-addr.arpa. ;; ;; ;; ;; Query time: msec #53( SERVER: WHEN: MSG SIZE rcvd:

IN .
IN
NS
4.4.2 Your own area

Now, you should create the database for your own area, that will translate from names to IP addresses. Construct the zone of your area, restart DNS server, and verify that the server is working properly by performing the following tasks: Edit /etc/named.conf le. Append the following text to the end of this le:

zone "your_area.your_department.acme" { type master; notify no; file "pz/your_area.your_department.acme"; };
This entry tells named where to nd the database about your own area. You should already know what each eld means. The notify no means that we do not want to notify all the rest of the DNS servers about the content of our le. . . after all we are only testing! Save the le and proceed further. Execute the following command with appropriate names for your_area and your_department (Check Figure 4.2 for needed information).
mv /var/named/pz/Your_Zone /var/named/pz/your_area.your_department.acme
Open the le /var/named/pz/your_area.your_department.acme. It should contain the following:

; ; Zone file for your_area.your_department.acme ; ; The full zone file ; $TTL 3D @ IN SOA ns.your_area.your_department.acme. hostmaster.your_area.your_department.acme. ( 200203191 ; serial, todays date + todays serial # 8H ; refresh, seconds 2H ; retry, seconds 4W ; expire, seconds 1D ) ; minimum, seconds ; ;--- -DESCRIPTION of THIS DNS server-------------; ;----------LABEL--VALUE--------COMMENT------; TXT "Area.Dept.acme DNS server" NS ns ; Inet Address of name server ; ;----ASSIGNMENT of IP ADDRESSES TO THE NETWORK DEVICES-; ;NAME-------------------------LABEL--IP ADDRESS---------; ; localhost A 127.0.0.1 ns A IP_of_your_DNS_Server www CNAME ns Name_of_the_inner_interface_of_your_router A IP_of_your_router sw A IP_of_your_switch other A IP_of_other_device
In this zone le you should be able to recognize most of the Resource Records (RR). Most of them are A resource records, that map names to IP addresses. There is also a CNAME record, which is an alias for the web server, which in your case would run on the same PC. That is why it points to the A record of your name server (your PC). Save the le and proceed further. Restart named running /etc/init.d/named restart and check log messages at CTRL+ALT+F9. In the case of error messages you need to search for an error in your conguration les. Otherwise, run
dig www.your_area.your_department.acme
Laboratory Manual
56
Tasks
During the laboratory session and ll in the missing parts of its output below:
[lab@localhost lab]# dig www.your_area.your_department.acme; DiG 9.1.0 www.your_area.your_department.acme ;; global options: printcmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 22718 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 1, ADDITIONAL: 0 ;; QUESTION SECTION: . .acme. ;www. ;; ANSWER SECTION: . . .acme. . .acme. ns. ;; AUTHORITY SECTION: . .acme. ;; ;; ;; ;;
IN
IN IN
. A
IN
NS
msec Query time: #53( SERVER: WHEN: MSG SIZE rcvd:
4.4.3 The reverse zone area

The last thing that we need to do is to construct the reverse zone of the area (the les that will translate from IP addresses to names). Edit /etc/named.conf le and append the following text to the end of this le:

zone "0.168.192.in-addr.arpa" { type master; notify no; file "pz/192.168.0"; };
Save the le and proceed further. Execute the following command:

mv /var/named/pz/Reverse_Zone /var/named/pz/192.168.0
Open the le /var/named/pz/192.168.0, it should contain the following:

; ; Zone file for 0.168.192.in-addr.arpa ; ; The reverse zone file ; $TTL 3D @ IN SOA ns.your_area.your_department.acme. hostmaster.your_area.your_department.acme. ( 200203191 ; serial, todays date + todays serial # 8H ; refresh, seconds 2H ; retry, seconds 4W ; expire, seconds 1D ) ; minimum, seconds ; NS ns.your_area.your_department.acme. ; ;-REVERSE ASSIGNMENT of IP ADDRESSES TO THE NETWORK DEVICES----------; ;Host Part of IP ADD--------LABEL---------------NAME----------------;
First_valid_host_address Second_valid_host_address Third_valid_host_address Fourth_valid_host_address
PTR PTR PTR PTR
Name_of_the_inner_interface_of_your_Router. your_area.your_department.acme. sw.your_area.your_department.acme. ns.your_area.your_department.acme. other.your_area.your_department.acme.
Laboratory Manual
57
Tasks
During the laboratory session You can easily understand the content of this le. All resource records are of type PTR, so they translate IP addresses to names. Edit the le and substitute the given strings by names and IP numbers of your network. Remember! You only have to write the host part of your IP addresses. For example if the IP address of the inner interface of your router is 192.168.0.129, then instead of the entry First_valid_host_address you should write only "129". Notice also the dots at the end of the names. If you do not add those dots, then the name of the zone le would be added at the end. Save the le and proceed further.
Restart named running /etc/init.d/named restart and check if any errors appear in the virtual console. If all is correct, run
dig -x IP_Address_of_Your_Router
and ll in the missing parts of its output below:

[lab@localhost lab]# dig -x IP_Address_of_Your_Router ;; Got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 23263 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1 ;; QUESTION SECTION: ; . . . ;; ANSWER SECTION: .in-addr.arpa. ;; AUTHORITY SECTION: .in-addr.arpa. ;; ADDITIONAL SECTION: ns. . .acme. ;; ;; ;; ;; Query time: msec SERVER: #53( WHEN: MSG SIZE rcvd:
IN
PTR
IN
IN
NS
IN
Laboratory Manual
58
Lab homework
Name: Name Wrong answers: Max. no. errors: 1/2/2/2 E-Mail: E-Mail: Course: 2G1316/2E1616 Pass: Yes No 2E1623
Equipment identication exercise

After reading the information about the types of cables in Section 2.2, draw lines connecting the pins of the plugs below to create:
A straight-through cable:
A crossover cable:
A rollover cable:
Exercises about the Cisco equipment conguration

After reading the information about conguring the Cisco equipment, answer to these multiple-choice questions: 1. Which is the Cisco IOS command to enter privileged mode? su

login enable telnet 1
Names: 2. Which is the Cisco IOS command to enter the conguration mode from a terminal in Cisco IOS? congure terminal
Commands are always entered from terminals without any special command
Commands are entered from terminals when in privileged mode without any additional command
terminal congure
3. Which is the correct mode and Cisco IOS command to enter the interface conguration mode of a Fast Ethernet interface in the router? router(cong)> interface fastethernet 0/0
router(cong)> interface fastethernet
router(cong)# interface fastethernet 0/0
the rst two options are correct
4. Which is the Cisco IOS command to exit from any conguration mode? exit
log out
nish
write
5. Which is the correct mode and Cisco IOS command to set the address of an Ethernet interface? router(cong)# ip address 192.168.10.4
router(cong)# ip address 192.168.10.4 255.255.255.0
router(cong-if)# ip address 192.168.10.4
router(cong-if)# ip address 192.168.10.4 255.255.255.0
6. Which is the Cisco IOS command to list the current conguration of the router? show running-cong
write running-cong
display running-cong
show startup-cong
7. Which is the Cisco IOS command to save the current conguration of the router so that it will be used the next time the router boots? save running-cong startup-cong
save startup-cong running-cong
copy running-cong startup-cong
copy startup-cong running-cong
8. Which is the Cisco IOS command to get help on command syntax? router> ?
router> help on
router> man
There is no interactive command syntax help
Homework
Names: 9. Which is the Cisco IOS command to delete a line from the current conguration? erase
delete
del
no
10. Which is the Cisco IOS command to add a static route? router (cong)# ip route 192.168.0.0 255.255.0.0 193.168.13.1
router (cong-if)# ip route 192.168.0.0 255.255.0.0 193.168.13.1
router (cong-if)# ip route 192.168.0.0 193.168.13.1
router (cong)# ip route 192.168.0.0 193.168.13.1 255.255.0.0
IP subnetting exercises
1. Complete the following table which provides practice in converting a number from binary to decimal format.
Bit Binary 11001100 10101010 11100011 10110011 00110101
7 128 1
6 64 1
5 32 0
4 16 0
3 8 1
2 4 1
1 2 0
0 1 0
Decimal 128+64+8+4 = 204
2. Complete the following table which provides practice in converting a number from decimal to binary format.
Decimal 48 222 119 135 60 Homework
128 0
64 0
32 1
16 1
8 0
4 0
2 0
1 0
Binary 48=32+16=001100002
Names: 3. Calculate the network address to which the IP addresses below belong. Calculte also the broadcast addresses of the networks. As a guideline, look at the example of such calculations.
EXAMPLE to calculate the network address given the IP address 192.168.0.17 with network mask 255.255.255.248
BIT-WISE AND
192.168. 0. 17 255.255.255.248
---> --->
11000000 . 10101000 . 00000000 . 00010001 11111111 . 11111111 . 11111111 . 11111000
Network address
192.168.
0. 16
<---
11000000 . 10101000 . 00000000 . 00010000
EXAMPLE to calculate the broadcast address for the network address 192.168.0.16 with network mask 255.255.255.248
192.168.
0. 16
--->
11000000 . 10101000 . 00000000 . 00010 network prefix
000 host part
In the broadcast address, all bits in the host part should be set to one, thus: 192.168.
0. 23
<---
11000000 . 10101000 . 00000000 . 00010
111
For network 1: IP address 192.168.0.1 network mask 255.255.255.248 Network address:
Broadcast address:
Broadcast address:
Broadcast address:
How long is the network prex in all three IP addresses:
How long is the host part in all three IP addresses:
Homework
Names: 4. Given a network mask in slash notation write below its binary and dotted decimal formats
EXAMPLE on conversion from the slash notation of the network mask to its binary and decimal formats
/29
--->
11111111 . 11111111 . 11111111 . 11111 000 29 bits host part 255 . 255 . 255 . 248
/24
/22
/27
Debugging and applications exercises (only for 2E1623 students)

1. Read the manual of the traceroute command in Linux and answer to the following questions. (a) What are the means by which the traceroute stops its attempts to discover the route? Traceroute tries to reach the host during 60 seconds then stops.
Traceroute receives three consequent ICMP Time Exceeded messages, then stops.
Traceroute receives an ICMP message Port Unreachable or hit the maximum count of hops (30 by default).

Traceroute receives PING requests from the destination. (b) Why do you see three time values in each string that traceroute outputs. What do these numbers mean? These numbers are values of TTL eld converted to seconds; traceroute sends three probes for each TTL value. These numbers are three timestamps which are used for control purposes. These numbers are round trip times (RTT); traceroute sends three probes for each TTL value. These numbers are RTTs; traceroute sends one probe to each router and gets three replies. 5
Homework
Names: (c) What is the reason for why you can see symbols * instead of names or IP numbers. No response within 5 seconds or a router sends ICMP message with too small TTL.
No response within 30 seconds or a router router sends ICMP message with too small TTL.
Traceroute cannot resolve a name of a router.
Indicates that a router is not in your network.
2. Read the manual of ping in Linux and answer why the round trip time of the rst packet is larger than the rest The rst packet is normally discarded by the rst router.

The destination machine resolves the name of your machine for security reasons. The source machine determines the MAC address of the rst router using ARP. Ping takes it easier with rst packet, maybe you will cancel the operation.
3. In Linux read the manual of the ifcong command and answer the following questions: (a) What information can you get by executing ifcong without arguments? Displays help on how to use ifcong.
Displays conguration of currently active interfaces (link layer, IP layer), statistic on transmitted received packets.
Congures all available interfaces with default values.

Gives you a list of applications which send data on a loopback interface (lo0). (b) If your computer is connected to an Ethernet network, why is it not possible to execute the following command:
ifconfig eth0 130.237.215.80 netmask 255.255.255.0 mtu 3000
(Hint: Just remember the meaning and values of the MTU) It will work! I tried! Instead of mtu it should be -ipmtu; MTU is an abbreviation for speed of the links and it is 3000 mtu by default. MTU stands for maximum transfer unit. For Ethernet it is 1500 bytes while in the example it is 3000 bytes. MTU stands for maximum transfer unit. For Ethernet it is 3500 bytes while in the example it is 3000 bytes.
4. Use the description of Ethereal that we provided in Section 2.6.1. to answer the following question: Your IP address is 130.237.215.80, and you are using traceroute to nd the path to a distant computer. Construct the display lter so that you will see only the exchange of messages between your PC and the rst router. (Hints: Traceroute uses UDP as transport layer protocol with code 0x11 in the IP header; the code of ICMP is 0x01. Every router sets ttl in the ICMP time exceeded message to the maximum value: 255)
(ip.src==130.237.215.80 and ip.proto==0x11 and ip.ttl==1) || (ip.dst==130.237.215.80 and ip.proto==0x01 and ip.ttl==255) (ip.src==130.237.215.80 and ip.proto==0x11) || (ip.dst==130.237.215.80 and ip.proto==0x01) (ip.src==130.237.215.80 and udp.proto==0x11) || (ip.dst==130.237.215.80 and icmp.proto==0x01)
None of the above.
Homework

Lab Manual

Transféré par

Informations du document

Description originale:

Copyright

Formats disponibles

Partager ce document

Partager ou intégrer le document

Options de partage

Avez-vous trouvé ce document utile ?

Ce contenu est-il inapproprié ?

Droits d'auteur :

Formats disponibles

Lab Manual

Transféré par

Droits d'auteur :

Formats disponibles

Building a network

1.2 Duties before the lab starts

1.2.2 Booking lab positions

1.3 Rules of behavior in the laboratory

1.4 How to use/read this manual

1.5 Notation used in the manual

Example of syntax in this manual:

Example of issued command:

Lab Session 1: Building a network Before the session

2.2. Equipment description

Before the session

2.1.1 The network diagram for this session

2.2 Equipment description

2.2.1 Cables and connectors

2.2. Equipment description

Before the session

Figure 2.2: Acmes network diagram.

2.2. Equipment description

Before the session

Figure 2.3: Detailed network and link layer diagram.

Figure 2.4: Power supply cable.

Figure 2.5: RJ 45 plug.

2.2. Equipment description

Before the session

Figure 2.7: DB9 to RJ45 adapter.

Figure 2.8: Rollover cable.

2.3. Cisco software

Before the session

2.3 Cisco software

2.3. Cisco software

Before the session

Figure 2.10: Cabling sockets by the tables in the lab

Figure 2.12: Front of the Cisco Catalyst 3512 XL.

Figure 2.14: Front of the Cisco 2621.

2.3. Cisco software

Before the session

2.3.1 Management console

2.3.2 Starting up the switch

2.3. Cisco software

Before the session

Question 2: Enter your switchs subnet mask and press Return:

Question 3: Enter "Y" to specify a default gateway (router):

Question 7: Enter "Y" to enter a Telnet password:

Question 8: Enter the Telnet password and press Return:

2.3. Cisco software

Before the session

2.3.3 Starting up the router

Question 2: Answer "no" to skip the interface summary:

Question 4: Enter qwerty as the enable secret password:

Question 5: Enter "lab" as the enable password:

Question 6: Enter "qwerty" as the virtual terminal password:

Question 7: Answer "no" to skip SNMP conguration:

Question 8: Answer "yes" to enter the IP conguration:

2.3. Cisco software

Before the session

Question 10: Answer "no" again to this dynamic routing protocol:

Question 11 Answer "no" since bridging will not be used

Question 12: No user dialing in via modems, so answer "no" here

Question 15: Answer "yes" to activate Ethernet full-duplex mode

Question 16: Answer "yes" to initiate the IP conguration of the interface

2.4. IP: General concepts

Before the session

2.4 IP: General concepts