LAB MANUAL COMPUTER NETWORK SYSTEMS. Department of Information and Computer Science. College of Computer Science and Engineering

Transcription

1 LAB MANUAL COMPUTER NETWORK SYSTEMS Department of Information and Computer Science College of Computer Science and Engineering King Fahd University of Petroleum and Minerals 2005

2 TABLE OF CONTENTS LAB1...1 Getting start Objectives: General Lab Description: Structure of the lab Network Cable Introduction to network device: Com Switch Cisco 2600 routers Cable connection for network devices Straight through cable Cross-over cable Roll over cable Introduction to IP addressing: Rules of IPv4 addressing Software Packages: References:...11 LAB LAN SETUP and monitoring Objectives Setting up a simple network Check Local Area Network Connections Plug in and connect the equipment Network Adapters and Protocols Check the TCP/IP Protocol Settings Check the TCP/IP Settings with the IPCONFIG Utility Check the network connection with the Ping Utility Learn various network related commands PING Command TRACERT Command PATHPING Command Enhanced Ping NETSTAT Command NetStat Live AT Command NET Command...23

3 2.2.9 ROUTE Command ARP Command IPCONFIG Command NETSH Command Reference...30 LAB Remote Access System and vpn Objectives Installing and configuring RAS server Installing RAS Server Configuring a direct serial connection Installing and Configuring RAS client Dialup to the server Testing the RAS Installation Virtual Private Networks Experimental Setup Configuring VPN Server Configuring VPN Client Firewalls and VPN Create a New Project Create and Configure the Network Configure the Nodes Choose the Statistics The Firewall Scenario The Firewall VPN Scenario Configuring the VPN Run the Simulation View Results References...59 LAB Dynamic host configuration protocol DHCP...60 and...60 network measurement Objectives Dynamic Host Configuration Protocol Configure your computer Configure Windows 2003 as a DHCP Client Configure Windows 2003 as a DHCP Server Capture DHCP traffic Network Measurement Getting ready for measurement Creating a Real-Time Performance Monitor chart...68 ii

4 4.2.3 Install the Network Monitor Configure the chart Generation of data and its representation on the chart Summarizing performance data in a Performance Monitor report Generating Alerts Topology Diagrams Cascade shared hubs Segmented LAN High-density Fast Ethernet Switched workgroup Data-entry tables Analysis References...78 LAB domain name system Objectives: Domain Name System Background Information Configure Windows 2003 to use DNS Execute some DNS queries using nslookup Capturing DNS traffic using Ethereal Setting up for the DNS Client and DNS Server Install and Configure a DNS Server Using the Wizard Configuring the DNS Server through Management Console Adding a Host Address Record Location of DNS data in Windows Testing the DNS Server configuration Configuring the DNS Server to forward to other DNS Servers Removing the service References:...95 LAB HTTP and WEb Objectives Background Information: Install and Examine TCP/IP services Install Internet Information Services and the FTP Service Configure the FTP Service Using FTP Capturing HTTP traffic using Ethereal: Examining HTTP Requests and Replies Practice HTML tables, Styles and colors Practice Active Server Pages ( ASP ) Web Caching iii

5 6.5.5 Enable Content Expiration in IIS Prevent Caching using an ASP Script Remove all the services you have installed PART II Remote desktop web connection Objectives: Remote Desktop Web Connection To connect to another computer using Remote Desktop Web Connection To work like using remote keyboard and remote mouse LAB Socket programming Objectives Background Information Socket-Definition TCP/IP and UDP/IP communications Datagram communication Stream communication Sockets using UDP connection Sockets using TCP connection Creating an input stream Creating an output stream Closing sockets Examples: Handshaking of the client and the server Echo Client and Server Programs Server handling more than one client A simple Web server Exercises Writing an SMTP and POP3 Client Program Setting up the POP3 Server SMTP Procedure Reading the using POP3 service LAB Simulation using IT GURU Objectives: Overview: Build the Simulation Model Configure the Simulation Duplicate the Scenario Run the Simulation Inspect and Analyze Results iv

6 2.2 Exercises: PART -II Switched LANs Objective: Overview: Procedure: Create a New Project Create the Network Configure the Network Nodes Choose Statistics Configure the Simulation Duplicate the Scenario Run the Simulation View the Results Questions LAB Protocol Analyzer and Network Design Objective General Lab setup Capturing ARP traffic Viewing the ARP cache Capturing and analyzing ARP frames using Ethereal PART II Overview Procedure Create a New Project Create and Configure the Network Configure All Departments Configure the Servers Connect the Subnets Configure the Simulation Questions LAB switching experiments Objectives Connecting to the switch Grouping of PCs into VLANs Enable security option of a switch port Create looping and break it using spanning tree Testing other settings Auto-negotiation setup Resilient Links v

7 Changing the switching modes Broadcast Storm Control VLT tagging Questions References LABS 11 and routing experiments Objectives: Review of IP address Configure the Lab as a set of networks connected by routers Configure Windows 2003 machine as router Checking for connectivity A Quick Guide to CISCO 2600 Routers Connecting to Router Router Modes - Unprivileged and privileged modes Global configuration (config) Configuring interfaces Routing Saving your configuration Viewing Configuration Exercise Configure Router in your Segment Lab setup Configure the router Capturing RIP traffic Using Static Routes Adding a static default route Dynamic Routing with OSPF within an area Access List References LAB PART I icmp and tcp packet analysis Objectives [Lab 13A]: General Lab setup Capturing ICMP traffic Capture ICMP packets generated and received during TraceRoute Capturing ICMP Destination Unreachable message Generate IP fragmented packet Viewing ICMP statistics Capturing TCP traffic vi

8 What goes on during a Web surfing session? Structure and Encapsulation of a TCP segment Analyzing the Phases of a TCP connection References LAB TCP Simulation Objectives [Lab 13B]: Overview Create a New Project Create and Configure the Network Initialize the Network Configure the Applications Configure the Profiles Configure the West Subnet Configure the East Subnet Connect the Subnets to the IP Cloud Choose the Statistics Configure the Simulation Duplicate the Scenario Run the Simulation View the Results Questions LAB ASSIGHNMENT Page vii

9 LAB1 GETTING START 1. Objectives: Lab structure orientation. Introduction to IP addressing. Listing various software packages that ought to be used in this course. 1.2 General Lab Description: Structure of the lab Our lab is made up of five networks [LAN A, B, C, D, & E]. Each network is made up of the following: Rack consists of Cisco 2600 Router, 3Com 3300 [Superstack 3] Switch and 3Com hub. 4 PCs: Each having two operating systems [Windows 2003, Fedora Linux] and two network cards per PC. 1. All the five networks are interconnected and can be used using the patch panel. 2. We use private IP addresses [IP s that are used when we are not connected to the Internet] in our lab. All our IP s belong to Class C addresses. There are 5 Classes of IP addresses [A, B, C, D, and E]. 3. Subnet mask is used to get the Network address from an IP address. This is done by doing binary AND operation between the IP address and the subnet mask. 4. The subnet mask we use in our lab is the default mask of Class B [ ]. We use this option so that we get same network address for all PCs in our lab and so, they all belong to the same network. When we use routers, we change the subnet mask to so that each LAN belongs to different network. 5. A Linux Server is accessible at and a Windows server is accessible at These are connected to the Instructor Patch Panel. 6. Internet access is handled using Internet Sharing option at Instructor PC.

10 SAMPLE LAN STRUCTURE IN ICS-NETWORK LAB 46 U LAN A RACK ICS-NWLA1 ICS-NWLA2 4 U Router ICS-NWLA3 ICS-NWLA4 2 U Switch 2 U Hub 2 U Patch Panel WE HAVE 5 LANS IN OUR LAB [LAN A, B, C, D & E] Figure 1.1: LAN setup in the Lab. ICS-NWLA1 ICS-NWLA2 ICS-NWLA3 ICS-NWLA4 OVERALL LAYOUT OF ICS NETWORK LAB PATCH PANEL LAN A ICS-NWLB1 ICS-NWLB2 ICS-NWLB3 ICS-NWLB4 PATCH PANEL LAN B ICS-NWLC1 ICS-NWLC2 ICS-NWLC3 ICS-NWLC4 PATCH PANEL LAN C ICS-NWLD1 ICS-NWLD2 ICS-NWLD3 ICS-NWLD4 PATCH PANEL LAN D ICS-NWLE1 ICS-NWLE2 ICS-NWLE3 ICS-NWLE4 PATCH PANEL LAN E Figure 1.2: Overall layout of ICS Network Lab PATCH PANEL INSTRUCTOR LAN

11 1.2.2 Network Cable There are many types of network cables used in the real-world applications. Some of them are given below: 1. Unshielded twisted pair: As the name indicates, the wires are twisted with one another and there is no shield. Figure 1.3: Unshielded twisted pair cable. 2. Shielded twisted pair: Shield with twisted pair. Figure 1.4: Shielded twisted pair cable.

12 3. Coaxial cable: Similar to our cable TV cables. Figure 1.5: Coaxial Cable. 1.3 Introduction to network device: Com Switch 3300 The SuperStack 3 Switch 3300 connects existing 10Mbps devices, connects highperformance workgroup with a 100Mbps backbone or server connection, and connects power users to dedicated 100Mbps ports all in one switch. In addition, as part of the 3Com SuperStack 3 range of products, we can combine it with any SuperStack 3 system as your network grows. The switch has the following hardware features: 1) There are 24 Fast Ethernet auto-negotiating 10Base-T/100Base-TX ports. 2) Matrix port for connecting units in the Switch 1100/3300 family to form a stack. 3) Connect two units back-to-back using a single Matrix Cable 4) Connected up to four units using Matrix Cables linked to a Matrix Module. 5) Slot for an Expansion Module 6) SuperStack 3 architecture 7) Connects to Redundant Power System/Uninterruptible Power System 8) 19-inch rack or stand-alone mounting.

13 below: The front view of 3Com switch along with various LED information is provided 10BASE-T / 100BASE-TX Ports Port Status LEDs Packet: Yellow Packets are being transmitted/ received on the port Packet: Off No packets are being transmitted/ received on the port Status: Green Enabled, link OK Status: Flashing Green Disabled, link OK Status: Off No link Expansion Module Port Status LEDs Packet: Yellow Packet is on expansion module port(s) Off: No packet Status: Yellow Valid expansion module is installed Yellow flashing: Unrecognized expansion module installed Off: No expansion module Power/Self Test LED Green: Powered up Green flashing: Either downloading or initializing Yellow: Failed its POST Off: Without Power Unit LEDs Green: Position of the switch in the stack Off: Stand-alone Figure 1.6: Front view of 3COM switch Cisco 2600 routers The routers used in our lab are Cisco The front view of router has LEDs, that indicates the following: 1. Power: Indicates the router's operating status. Comes on when power is supplied to the router and the router is operational. 2. RPS [Redundant Power System]: Off No RPS is attached; On RPS is attached and operational; Blinking RPS is attached, but has a failure. 3. Activity: Off In the Cisco IOS software, but no network activity; Blink (500 ms ON, 500 ms OFF) In ROMMON, no errors; Blink (500 ms ON, 500 ms OFF, 2 seconds between codes) In ROMMON, error detected; Blink (less than 500 ms) In the Cisco IOS software, the blink rate reflects the level of activity. The back view of our router: The router has serial and fast Ethernet ports. These ports are mostly used for data transfer. It has console and auxiliary ports, which are used for management purposes.

14 1.3.3 Cable connection for network devices Students will be given a demonstration on various network devices like: Network Interface Cards [NIC], BNC-Connectors, RJ45, etc. Students will be provided a tutorial about various connectivity issues Straight through cable Here, the connections are same on both the ends the cable. This type of cable is used when we connect dissimilar devices [switch and router, router and hub, switch and PC, etc]. The colours of the wires and their respective pin numbers are mentioned below: Green [Pin 1] Green [Pin 1] White Green [Pin 2] White Green [Pin 2] White Orange [Pin 3] White Orange [Pin 3] Blue [Pin 4] Blue [Pin 4] White Blue [Pin 5] White Blue [Pin 5] Orange [Pin 6] Orange [Pin 6] White Brown [Pin 7] White Brown [Pin 7] Brown [Pin 8] Brown [Pin 8]

15 Cross-over cable Here, the connections are different with a specific pattern. This type of cable is used when we connect similar devices [router and router, switch and switch, PC and PC, etc] and with some exceptions [switch and hub, Router and PC]. The colours of the wires and their respective pin n*umbers are mentioned below: Green [Pin 1] White Orange [Pin 1] White Green [Pin 2] Orange [Pin 2] White Orange [Pin 3] Green [Pin 3] Blue [Pin 4] White Brown [Pin 4] White Blue [Pin 5] Brown [Pin 5] Orange [Pin 6] White Green [Pin 6] White Brown [Pin 7] Blue [Pin 7] Brown [Pin 8] White Blue [Pin 8] Roll over cable Here, the connections are made in reverse order. This type of cable is used to connect the router/switch to the PC via console port for management purposes.

16 13.4 Introduction to IP addressing: Each Network Interface Card (NIC or Network card) present in a PC is assigned one Network address called as IP address [or Network address]. This IP address is assigned by the administrator of the network. No two PCs can have the same IP address. There is a burned-in address on the NIC called as Physical Address [or MAC address or Hardware address]. The MAC address of a network card indicates the vendor of that card and a unique serial number Rules of IPv4 addressing 1. Format of IP address IPv4 is made up of four parts, in the pattern as w.x.y.z. Each part has 8 binary bits and the values in decimal can range from 0 to IP address classes IP addresses are divided into different classes. These classes determine the maximum number of hosts per network ID. Only three classes are actually used for network connectivity. The following table lists all of the address class. IP address class Class A Value of the leftmost byte [0 and 127 are not allowed] Class B Class C Grouping of IP addresses into different classes. a. Class A, B, C, D, E b. Class A: first bit in w is 0 and others can be anything i to ii. First bits are used for network part and the remaining for host part. c. Class B: First bit in w is 1 and second bit is 0.

17 i to ii. First 16 bits for network part and remaining host part d. Class C: first bit in w is 1, second bit in w is 1 and third bit is 0 i to ii. First 24 bits for network part and last 8 bits for host part. e. Class D: first, second, third bits in w are 1 and fourth bit is 0; used for multicast. i to f. Class E: future use or experimental purposes. 4. Default Subnet mask it is used to identify the network part from the host part. Put binary one for the parts that represent network part and zero for the part that represent host part. a. Class A: b. Class B: c. Class C: d. We can t have mix of 1s and 0s in subnet mask. Only consecutive 1s is followed by consecutive 0s 5. Invalid IP address. a. If the network part is all 0s, the address belongs to class A. But this is an invalid ip address because for an ip address all the network or host part should not be all 1s or all 0s. i is not valid. Routers use it internally. b. If the network part is all 1s, this address belongs to class E. But due to presence of all 1s, it is not valid. This represent broadcast to all networks. i is not valid. c. If the host part is all 0s, this represents network address. This is not a valid ip address. d. If the host part is all 1s, this represents broadcast address. This is not a valid ip address. e. We can t use the ip address represented within private address range as part of public ip address. i. Class A: to

18 ii. Class B: to iii. Class C: to f network address is used for loop-back testing. This will help you to check the network card of your own PC [localhost]. g. The validity of the IP address is also based on the subnet mask used provided. 6. Default subnet masks for standard IP address classes The following table lists the default subnet masks for each available class of TCP/IP networks. Address Class Bits for Subnet Mask Subnet Mask Class A Class B Class C Exercises: In this exercise, you will determine the correct class for a given IP address. Q 1 Write the address class next to each IP address. Address Class Q 2 Which address class (es) will allow you to have more than 1000 hosts per network? Q 3 Which address (es) will allow only 254 hosts per network? Part B: Identify invalid IP address: Circle the portion of the IP address that would be invalid if it were assigned to a host, and then explain why it is invalid. a b c d

19 e f g h i Software Packages: Throughout the whole semester, we would use the following packages: 1. Administration and Monitoring tools 2. Enhanced Ping [TJPing] 3. Ethereal 13.6 References: 4. Network Simulator 5. OPNET IT GURU Cisco 2600 Router 3Com Switch Microsoft Visio TJPing Ethereal Sniffem NS Simulator WinGate

20 LAB 2 LAN SETUP AND MONITORING 2. Objectives Learn to create a simple LAN with two PCs using an Ethernet hub and two straight-through cables to connect the workstations Learn to configure and verify the network connectivity. Learn about various network related commands 2.1. Setting up a simple network In this experiment, we will learn how to connect two PCs to create a simple Peer-to- Peer network. The instructions for this lab focus on the Windows 2003 operating system. You will share a folder on one workstation and connect to that folder from the other workstation. This lab is divided into two exercises as follows: Exercise: The two PCs will be connected with a hub between them [Refer Figure 1]. Using a hub allows for more than just two workstations to be connected depending on the number of ports on the hub. Hubs can have from 4 to 32 ports. Figure 1. Network Connection via Hub

21 Tools / Preparation: The workstations should have Network Interface Cards (NIC) installed with the proper drivers. The following resources will be required: 1. Two Pentium-based workstations with a NIC in each (NIC drivers should be available) 2. An Ethernet hub (4 or 8 port) and two CAT5 straight-wired cables Check Local Area Network Connections Task: Verify the cables. connections. Explanation: You should check the cables to verify that you have good layer 1 physical Exercise: Check each of the two CAT 5 cables from each workstation to the hub. Verify that the pins are wired straight through by holding the two RJ-45 connectors for each cable side by side with the clip down and inspect them. All pins should have the same color wire on the same pin at both ends of the cable. (Pin 1 should match pin 1 and pin 8 should match pin 8 etc.) Plug in and connect the equipment Task: Check the workstations and hub for exercise. Exercise: Check to make sure that the NICs are installed correctly in each workstation. Plug in the workstations and turn them on. Plug the straight through cable from workstation 1 into port 1 of the hub and the cable from workstation 2 into port 2 of the hub. After the workstations have booted, check the green link light on the back of each NIC and the green lights on ports 1 and 2 of the hub to verify that the are communicating. This also verifies a good physical connection between the Hub and the NICs in the workstations (OSI Layers 1 and 2). If the link light is not on it usually indicates a bad cable connection, an incorrectly wired cable or the NIC or hub may not be functioning correctly Network Adapters and Protocols Task: Check the Network Adapter (NIC): Use the Control Panel System Device Manager utility to verify that the Network Adapter (NIC) is functioning properly for both

22 workstations. Double click on Network Adapters and then right click the NIC adapter in use. Click Properties to see if the device is working properly. Explanation: If there is a problem with the NIC or driver, the icon will show a yellow circle with an exclamation mark in it with (possible resource conflict) or a red X indicating a serious problem (device could cause Windows to lock up) Check the TCP/IP Protocol Settings Task: Use the Control Panel/Network Connections (or Properties in Context Menu of My Network Places) to display Network Connections Window. Then use Properties in Context Menu of Local Area Connection to display Local Area Connection Properties Window. Select the TCP/IP protocol from the Configuration Tab and click on properties. Check the IP Address and Subnet mask for both workstations on the IP Address Tab. Figure 2.1 Network Connections Window

23 Figure 2.4. TCP/IP Properties Window Explanation: The IP addresses can be set to anything as long as they are compatible and on the same network. Record the existing settings before making any changes in case they need to be set back (for instance, they may be DHCP clients now). For this lab, use the Class C IP network address of and set workstation 1 to static IP address and set workstation 2 to Set the default subnet mask on each workstation to For the purpose of this lab, you can leave the Gateway and DNS Server entries blank. Note: The lab has been configured into 5 class C IP networks with addresses: , , , , Check the TCP/IP Settings with the IPCONFIG Utility Task: Use the ipconfig.exe command to see your TCP/IP settings on one screen. Click on Start Command Prompt. Explanation: Enter ipconfig /all command to see all TCP/IP related settings for your workstation.

24 1. Fill in the blanks below using the results of the IPCONFIG command from each workstation: Workstation 1 Name: IP Address: Subnet Mask: MAC (Hardware) Address: Workstation 2 Name: IP Address: Subnet Mask: MAC (Hardware) Address: Check the network connection with the Ping Utility Task: Use the Ping Command to check for basic TCP/IP connectivity. Click on Start Command Prompt. Enter the Ping command followed by the IP address of the other workstation (Example - ping or ). Explanation: This will verify that you have a good OSI Layers 1 through 3 connections Learn various network related commands To know and learn about various network related commands [ping, tracert, netstat, at, net, route, arp] and few definitions cum settings PING Command Ping is a basic Internet program that lets you verify that a particular IP address exists and can accept requests. The verb ping means the act of using the ping utility or command. Ping is used diagnostically to ensure that a host computer you are trying to reach is actually operating. Various options available in the ping command: -t repetitively send packets. -n number of echo to be sent

25 -l sending buffer size [Max: bytes] -f Dont fragment; If this option is provided, then the packet should not be fragmented and should be sent as it is. -r count record route for count hops [3rd layer device] -j loose source route [Optionally it can follow different route]. -k strict source route [MUST follow the route specified by us]. Note: For loopback address, you can ping it and get returns even when you are offline (not connected to any network). If you don't get any valid replies, then there's a problem with the computer's Network settings. Example: In order to send a packet to a host [ ] with size of bytes each. We wish to send the packets repetitively. ping -t -l In order to send a packet with a size of 1000 bytes and don t permit fragmenting. ping -f -l In order to send a packet with a size of 1000 bytes and permit fragmenting. ping -l In order to use loose route to a destination. ping j In order to use strict route to a destination. ping k This will generate destination host unreachable message because this is not the first device that the ping will meet. ping k This will work fine because this is the first device that the ping will meet. Exercises: 1. Mention the difference between fragmenting and non-fragmenting packets. 2. Test the reach ability towards a PC [ ] with fragmenting option enabled and limit the number of echos to 5.

26 2.2.2 TRACERT Command If someone would like to know how he goes from his house to his office he could just tell the list of the crossroads where he passes. The same way we can ask the data sent over from your computer to the web server which way does it go, through which devices? We ask it by using the utility called traceroute. In most computers today you can use this tool from the command line: In UNIX machines it is called traceroute, in MS Windows machines it is called tracert. Various options available in the tracert command: -d Don t resolve addresses to hostnames. -h maximum_hops Maximum number of hops to search for target -j host_list Loose source router along host list. -w time-out wait timeout milliseconds for each reply. Example: To check the options available in tracert, tracert To check the trace from your PC to a server tracert If you don t want the names of the PC or devices on the way, tracert d To check the loose route trace from your PC to a server tracert j Exercises: Find the route from your PC to ITC [itc.kfupm.edu.sa OR ]. Find the route from your PC to a CCSE server [vlsi.ccse.kfupm.edu.sa OR ] Using the answers of the above, determine what is the first device your packet reaches to move from our network lab.

27 2.2.3 PATHPING Command This command is used as IP trace utility and so it is similar to the tracert command. It has some extra features compared to tracert command. PATHPING [-n] [-h max_hops] [-g host-list] [-p period] [-q num_queries] [-w timeout] [-t] [- R] [-r] target_name -n Don't resolve addresses to hostnames -h max_hops Max number of hops to search -g host-list Loose source route along host-list -p period Wait between pings (milliseconds) -q num_queries Number of queries per hop -w timeout Wait timeout for each reply (milliseconds) -T Test each hop with Layer-2 priority tags -R Test if each hop is RSVP aware Exercises: Do as in tracert command but provide options for setting the local source Enhanced Ping TJPing is an excellent, widely acclaimed ping/lookup/traceroute utility for Win95/98/Me/NT/2000/XP. It's fully configurable, multithreaded, and is very fast. All configuration options, hosts, and interface settings are remembered from session to session. Users can log all results to the file of their choice. A screen shot of the TJPing software is shown below:

28 Exercise: Repeat the exercises provided to you in Ping and Tracert commands [Under sections 2.1 and 2.2] and store the result in a file for further reference NETSTAT Command This command is used to get information about the open connections on your system (ports, protocols being used, etc.), incoming and outgoing data and also the ports of remote systems to which you are connected. Various options available in the netstat command: -a Displays all connections and listening ports. -e Displays Ethernet statistics. This may be combined with the -s option. -n Displays addresses and port numbers in numerical form. -p proto Shows connections for the protocol specified by proto; proto may be TCP or UDP. If used with the -s option to display per-protocol statistics, proto may be TCP, UDP, or IP. -r Displays the routing table.

29 -s Displays per-protocol statistics. By default, statistics are shown for TCP, UDP and IP; the -p option may be used to specify a subset of the default. Note: always use -a so as to see UDP packets also. Example: To display all connections and listening ports netstat a To find out the statistics on your Ethernet card netstat e To get to know the routing table. netstat -r Exercise: Open a browser connection to http server [ and write down the outcome of the command 'netstat -an' NetStat Live Have you ever wondered just how fast your network connection is? Not just how fast the modem is connected at, but how much data you can actually get? Does your internet connection sometimes seem slower than normal? NetStat Live is a small, easy to use TCP/IP protocol monitor which can be used to see your exact throughput on both incoming and outgoing data - whether you're using a modem, cable modem, DSL, or even local network! NSL doesn't just stop there, it lets you see how quickly your data goes from your computer to another computer on the internet; it even will tell you how many other computers your data must go through to get there! NSL also graphs your CPU usage of your system!

30 Exercise: Generate traffic to server [ ] using ping command [with various packet size options] and see how much of your outgoing interface is being used AT Command This command is used to initiate any activity at a specific time. There are many options in at command but we will concentrate on very few which we would use for network related purposes. Various options available in the at command: /i interactive, which opens any window to show the pinging [optional] /c indicates command. AT [\\computername] [ [id] [/DELETE] /DELETE [/YES]] /every:date[,...] Runs the command on each specified day(s) of the week or month. If date is omitted, the current day of the month is assumed.

31 /next:date[,...] Runs the specified command on the next occurrence of the day (for example, next Thursday). If date is omitted, the current day of the month is assumed. "command" Is the Windows NT command, or batch program to be run. The at command does not automatically load cmd, the command interpreter, before running commands. Unless you are running an executable (.EXE) file, you must explicitly load CMD.EXE at the beginning of the command; for example, cmd /c dir > c:\test.out. Example: If we want to generate a ping at 13:15 at 13:15 /i cmd /c ping n 20 With interactive option, we don t need to give cmd for general DOS commands. at 13:15 /i ping n 20 If we want to generate a ping on a specific PC at \\ics-nwle2 13:15 /i cmd /c ping n 20 If we want to generate ping with specific options. at 11:03am cmd /c ping t -l 3000 at 5:15pm cmd /c ping t -l Exercise: A network administrator wishes to check whether the sever [ ] present in his vicinity is reachable, at the start of the day [8:00am]. Accomplish this task using at command NET Command This command is used at the command prompt to display and control various network related activities. We would refer to only to a small set of the options available. Various options available in the net command: net name name of the PC net share details about shared resources net start to start a service.

32 net stop to stop a service. net use used to map a drive to the network path. Example: To create a share called "shared" for the "c:\ics432" directory net share shared=c:\ics432 The computer would map the Z: drive to the network path // /ics432 where c:\ics432 is already shared using the sharename shared. net use z: \\ \shared To delete the mapped drive net use z: /DELETE To remove the sharing option net share shared /DELETE To send a text message to the computer with a host name of "ics-nwla1". If you receive an error, Start Control Panel Administrative Tools Services. Make Messenger service automatic. Click the Start Service button. net send ics-nwla1 "ICS-NWLA1: A test message" To know the computer names that your computer can be sent messages TO net name To know about more options in net share command.[similar applies to other options also] net share /? Exercise: Provide the command to create a share called "ics-network" for the "c:\ics432" directory ROUTE Command This command manipulates network routing tables. ROUTE [-f] [command [destination] [MASK netmask] [gateway]] Various options available in the ROUTE command:

33 -f Clears the routing tables of all gateway entries. If this is used in conjunction with one of the commands, the tables are cleared prior to running the command. Command Specifies one of four commands PRINT Prints a route ADD Adds a route DELETE Deletes a route CHANGE Modifies an existing route Destination Specifies the host to send command. MASK If the MASK keyword is present, the next parameter is interpreted as the netmask parameter. Netmask If provided, specifies a sub-net mask value to be associated with this route entry. If not specified, if defaults to Gateway Specifies gateway. All symbolic names used for destination or gateway is looked up in the network and host name database files NETWORKS and HOSTS, respectively. If the command is print or delete, wildcards may be used for the destination and gateway, or the gateway argument may be omitted. Example: To display the routing table. route PRINT To add a route a destination route add <destination> mask <subnetmask> <gateway> metric <number> IF <number> destination is the destination network or ip address [ ]. subnetmask is the subnet mask to be used [ ]. gateway is the next hop through which the packet goes [ ]. number after metric indicates the metric value [3]. number after IF indicates interface number [0x2]. route add mask metric 3 if 0x2

34 Exercise: Create a route entry in the routing table for a network with the gateway metric of ARP Command The address resolution protocol (ARP) is a protocol used by the Internet Protocol (IP), specifically IPv4, to map IP network addresses to the hardware addresses used by a data link protocol. The protocol operates below the network layer as a part of the interface between the OSI network and OSI link layer. ARP -s inet_addr eth_addr [if_addr] ARP -d inet_addr [if_addr] ARP -a [inet_addr] [-N if_addr] Various options available in the ARP command: -a Displays current ARP entries by interrogating the current protocol data. If inet_addr is specified, the IP and Physical addresses for only the specified computer are displayed. If more than one network interface uses ARP, entries for each ARP table are displayed. -d Deletes the host specified by inet_addr. -s Adds the host and associates the Internet address inet_addr with the Physical address eth_addr. The Physical address is given as 6 hexadecimal bytes separated by hyphens. The entry is permanent. eth_addr Specifies a physical address. if_addr If present, this specifies the Internet address of the interface whose address translation table should be modified. If not present, the first applicable interface will be used. Example: To display the entries in ARP cache arp -a To delete an ARP entry in the cache arp d

35 Exercise: Remove all the entries in the ARP cache and then generate a PING command to a specific PC [ ]. Then, display all the entries in the ARP cache IPCONFIG Command This command is used to get IP configurations present in your PC. IPCONFIG /all Display full configuration information. IPCONFIG /release [adapter] Release the IP address for the specified adapter. IPCONFIG /renew [adapter] Renew the IP address for the specified adapter. IPCONFIG /flushdns Purge the DNS Resolver cache. ## IPCONFIG /registerdns Refresh all DHCP leases and re-register DNS names. ## IPCONFIG /displaydns Display the contents of the DNS Resolver Cache. ## IPCONFIG /showclassid adapter Display all the DHCP class IDs allowed for adapter. ## IPCONFIG /setclassid adapter [classid] Modify the dhcp class id. ## ## works on Windows XP & 2K Examples: > ipconfig... Show information. > ipconfig /all... Show detailed information > ipconfig /renew... renew all adapters > ipconfig /renew EL*... renew any connection that has its name starting with EL > ipconfig /release *Con*... release all matching connections, eg. "Local Area Connection 1" or "Local Area Connection 2"

36 > ipconfig /setclassid "Local Area Connection" TEST... set the DHCP class ID for the named adapter to = TEST Exercise: Get to know about the TCP/IP configuration on your PC using ipconfig /all NETSH Command Configure interfaces, routing protocols, filters, routes, RRAS. NETSH [-r router name] [-a AliasFile] [-c Context] [Command -f ScriptFile] context may be any of: DHCP, ip, ipx, netbeui, ras, routing, autodhcp, dnsproxy, igmp, mib, nat, ospf, relay, rip, wins. Under Windows XP the available contexts are: AAAA, DHCP, DIAG, IP, RAS, ROUTING, WINS To display a list of commands that can be used in a context, type the context name followed by a space and a? at the netsh> command prompt. e.g. netsh> routing? command may be any of: /exec script_file_name /offline /online /commit /popd Load the script file and execute commands from it. Set the current mode to offline. Changes made in this mode are saved, but require a "commit" or "online" command to be set in the router. Set the current mode to online. Changes in this mode are immediately reflected in the router. Commit any changes made in the offline mode to the router. Pop a context from the stack.

37 /pushd Push current context onto the stack. /set mode [mode =] online offline Set the current mode to online or offline. /abort Discard changes made in offline mode. /add helper DLL-name Install the helper.dll file in netsh.exe. /delete helper.dll file name Remove the helper.dll file from Netsh.exe. /show alias list all defined aliases. /show helper list all top-level helpers. /show mode show the current mode. /alias List all aliases. /alias [alias_name] Display the string value of the alias. /alias [alias_name] [string1] [string2...] Set alias_name to the specified strings. /unalias alias_name Delete an alias. /dump - file name Dump or append configuration to a text file. /bye Exit NETSH /exit Exit NETSH /quit Exit NETSH /h Display help /help Display help /? Display help Examples: Enter the netsh command. netsh Dump all the network information as a script to the screen. Can also be sent to a file by doing netsh dump > file.txt. This script can then be executed using the exec command. netsh dump Set the "Local Area Connection" to DHCP. set address name="local Area Connection" source=dhcp Set the local address to Static.

38 set address local static View network ip configuration. Below is an example of what may be seen. netsh interface ip show config Exercises: Provide the command to know the files that are needed for routing operation. Get the information about the various interfaces present in your PC. 2.3 Reference NetStat Live Software NET Command ROUTE Command

39 LAB 3 REMOTE ACCESS SYSTEM AND VPN 3. Objectives Learn about Remote Access System Configure RAS server and clients using Windows 2003 Learn about Virtual Private Networks Configure VPN server and clients using Windows 2003 Configure a network which includes VPN with RAS 3.1 Installing and configuring RAS server Installing RAS Server 1. Click Start Administrative Tools Routing and Remote Access 2. Right-click on Server Status and select Add Server 3. Select This Computer and Click OK.

40 4. Select the name of the computer you are working on, which will appear under the Server Status. Right-click and select Configure and enable Routing and Remote access 5. Routing and Remote access server setup wizard will appear. Click Next. 6. Configuration window will appear. Select Remote Access [Dialup or VPN]. Click Next. 7. Select Dialup. Click Next. 8. Select any network card in Network Selection. Click Next. IP address assignment window will appear. 9. Select From a specified range of addresses. Click Next. 10. Address range assignment window will appear. Click New. 11. Provide the address range as instructed by the instructor. Make sure this IP range doesn t have the already assigned IP addresses of our lab like to

41 12. Click OK. Click Next. 13. Managing multiple remote access servers window will appear. Click No, use routing and remote access to authenticate connection requests. 14. Click Next. Click Finish. 15. Click OK.

42 3.1.2 Configuring a direct serial connection Open Control Panel. Double-click Phone and Modem Options, click the Modems tab, and then click New. In the Install New Modem wizard, select the Don't detect my modem; I will select it from a list check box, and then click Next. In Manufacturer, click Standard Modem Types. In Models, click Communications cable between two computers, and then click Next.

43 Follow the remaining instructions in the Install New Modem wizard Installing and Configuring RAS client 1. Click Start Control Panel Network Connections New Connection Wizard. 2. Click Next. 3. Network Connection Type window appears. 4. Click on Set up an advanced connection. Click Next. 5. Advanced connection options window will appear. Select Connect directly to another computer. Click Next. 6. Select Guest [which indicates client]. Click Next. 7. Connection Name window appears. Type the server computer name in the computer name text box. Click Next.

44 8. Select a device window appears. Select Communication cable between two computers [COM1]. Click Next. 9. Connection availability window appears. Select Anyone s Use. Click Next. 10. Click Finish Dialup to the server 1. The server and the client should be connected through COM1 port. This connection is made using roll-over cable with DB9-to-RJ45 convertor. 2. Click Start Control Panel Network Connections. 3. An option appears in the name of the dialup server. Click this option. 4. Connect window appears. Enter the username and password for the server PC.

45 5. Click Connect. 6. Now that you are connected to the server Testing the RAS Installation 1. After the client is connected to the server, the following entry appears in the server.

46 2. Type the ipconfig /all command on both the RAS server and the RAS client to find out: At the Server: 1. From where does the PPP adapter get its own IP address? 2. Why is it that the subnet mask of the PPP is ? At the Client: IP address is assigned by the RAS server to the RAS client.

47 Why the subnet mask is ? Why is that the default gateway and the IP address be the same? 3. Ping from any network computer to the RAS client using: Its static IP address. The IP address assigned to it by the RAS server. Its host name. 4. What responses do you obtain in each case? 5. From a RAS client, use the Internet Explorer to view the default Web page on a Web server in the network 6. What do you notice concerning the downloading speed between the networked Web server and the RAS client? 7. From any computer on the network, use Internet Explorer to access the Web site of a RAS client. 8. What RAS client address did you use? And what do you notice concerning the downloading speed between the RAS client and the networked client?

48 Hint: If two or more RAS clients are available during this lab experiment; use Internet Explorer on one of the RAS clients to access the Web server on another RAS client. 10. What do you notice concerning the downloading speed between the two RAS clients? 3.2 Virtual Private Networks A VPN utilizes public telecommunications networks to conduct private data communications. Most VPN implementations use the Internet as the public infrastructure and a variety of specialized protocols to support private communications through the Internet. VPN follows a client and server approach. VPN clients authenticate users, encrypt data, and otherwise manage sessions with VPN servers utilizing a technique called tunneling. VPN clients and VPN servers are typically used in these three scenarios: 1. Remote access client connections: to support remote access to an intranet, 2. LAN-to-LAN internetworking: to support connections between multiple intranets within the same organization, and 3. Controlled access within an intranet: to join networks between two organizations, forming an extranet. The main benefit of a VPN is the lower cost needed to support this technology compared to alternatives like traditional leased lines or remote access servers. VPN servers can also connect directly to other VPN servers. A VPN server-to-server connection extends the intranet or extranet to span multiple networks. 3.3 Experimental Setup In this experiment, we are going to setup a network using three PCs. One PC (PC1) is a RAS client, which dials to the RAS server (PC2). PC1 and PC2 are connected only using COM1. PC3 is a VPN server that is connected to PC2 using the connection the switch. The remote node (RAS client) wanting to log into the VPN site, calls into a local RAS server connected to the public network. The VPN client establishes a connection to the VPN server maintained at the other site. Once the connection has been established, the remote client can

49 communicate with the VPN site network just as securely over the public network as if it resided on the internal LAN itself. Note: For setting up RAS client and server, see the first part of the lab Configuring VPN Server In Windows 2003, this can be setup from the RRAS (Routing and Remote Access Server) Administrative Tool. 1. Click Start Administrative Tools Routing and Remote Access 2. Right-click on Server Status and select Add Server 3. Select This Computer and Click OK.

50 4. Select the name of the computer you are working on, which will appear under the Server Status. Right-click and select Configure and enable Routing and Remote access 5. Routing and Remote access server setup wizard will appear. Click Next. 6. Configuration window will appear. Select Remote Access [VPN]. Click Next. 7. Select Dialup. Click Next. 8. Select any network card in Network Selection. Click Next. IP address assignment window will appear. 9. Select From a specified range of addresses. Click Next. 10. Address range assignment window will appear. Click New.

51 11. Provide the address range as instructed by the instructor. Make sure this IP range doesn t have the already assigned IP addresses of our lab like to Click OK. Click Next. 13. Managing multiple remote access servers window will appear. Click No, use routing and remote access to authenticate connection requests. 14. Click Next. Click Finish. 15. Click OK.

52 16. The output of the ipconfig command should appear like the following. 17. Is it necessary to have more than one network card for VPN server? Justify. 18. If VPN server has two network cards, is it necessary that they both should belong to different networks? Justify Configuring VPN Client 1. Right click the My Network Places icon and select Properties. This will bring you to the Network Connections window that displays a list of your current network connections.

53 2. Double click the New Connection Wizard icon. You are faced with three options - choose the second one, "Connect to the network at my workplace" and click Next. Now choose the second option, "Virtual Private Network connection" and click Next. 3. Enter the name of the company or server you will be connecting to. Click Next. 4. Enter the host name or IP address of the VPN server. Hint: Entering the IP address is recommended.

54 5. "Connection Availability" windows appear. "Anyone's use" will permit anyone who logs onto the system to use the connection, whereas "My use only" will limit it's use to you only. Choose My use only.

55 6. Click Next and Finish.Your new connection will be visible in the Network Connections window. 7. Right click the new connection and select properties to open the properties window. Here, you can configure, amongst others, the network settings and general options. 8. Select the Networking tab and in the "Type of VPN" drop down list, choose PPTP VPN [Optional]. 9. In the Options tab, you are able to configure dialing and redialing options on this page. 10. If you are using the same logon at your company network as you are for the VPN server, then select the "Include Windows logon domain" check box. 11. Go to the security tab and verify that the screen looks like the one below. 12. If you select the General tab you can change the IP or Host Name of the VPN server and select whether or not you want another connection to be established first before initiating the VPN connection. For our experiment, we need to enable Dial another connection first option with the dial-up connection we have setup towards the RAS server [Refer RAS experiment].

56 13. Press OK to close the window and return to the network connections window. If you double click your VPN connection the logon window will appear. 14. Enter your username and password and click Connect. After the authentication process is complete, you will be logged on to the VPN Server and two computers will appear at the bottom right hand corner of your screen (default).

57 15. The output of the ipconfig command should appear like the following. Why do we have two PPP adapters here? Write about the route taken by the packet to go from the VPN client to the VPN server. 3.4 Firewalls and VPN In this lab you will set up a network where servers are accessed over the Internet by customers who have different privileges. You will study how firewalls and VPNs can provide security to the information in the servers while maintaining access for customers with the appropriate privilege Create a New Project 3 Start OPNET IT Guru Academic Edition Choose New from the File menu. 4 Select Project and click OK Name the project <your initials>_vpn, and the scenario NoFirewall Click OK. 5 Click Quit on the Startup Wizard. 6 To remove the world background map, select the View menu Background Set Border Map Select NONE from the drop-down menu Click OK Create and Configure the Network Initialize the Network 6. Open the Object Palette dialog box by clicking. Make sure that the internet_toolbox item is selected from the pull-down menu on the object palette.

58 7. Add the following objects, from the palette, to the project workspace (see figure below for placement): Application Config, Profile Config, an ip32_cloud, one ppp_server, three ethernet4_slip8_gtwy routers, and two ppp_wkstn hosts. a. To add an object from a palette, click its icon in the object palette Move your mouse to the workspace and click where you want to place the object Rightclick to indicate you are done creating objects of this type. b. Note: The ppp_server and ppp_wkstn support one underlying SLIP (Serial Line Internet rotocol) connection at a selectable data rate. PPP DS1 connects two nodes running IP. Its data rate is Mbps. 8. Rename the objects you added and connect them using PPP_DS1 links, as shown below: 9. Save your project Configure the Nodes Right-click on the Applications node Edit Attributes Assign Default to the Application Definitions attribute Click OK. Note: Several example application configurations are available under the Default setting. For example, "Web Browsing (Heavy HTTP1.1)" indicates a Web browsing application performing heavy browsing using HTTP 1.1 protocol. Right-click on the Profiles node Edit Attributes Assign Sample Profiles to the Profile Configuration attribute Click OK.

59 Right-click on the Server node Edit Attributes Assign All to the Application: Supported Services attribute Click OK. Right-click on the Sales A node Select Similar Nodes (make sure that both Sales A and Sales B are selected). Right-click on the Sales A node Edit Attributes Check the Apply Changes to Selected Objects check-box. Expand the Application: Supported Profiles attribute Set rows to 1 Expand the row 0 hierarchy Profile Name = Sales Person (this is one of the sample profiles we configured in the Profiles node). Click OK. Save your project Choose the Statistics Right-click anywhere in the project workspace and select Choose Individual Statistics from the pop-up menu. In the Choose Results dialog, check the following statistics: Global Statistics DB Query Response Time (sec). Global Statistics HTTP Page Response Time (seconds). Note: DQ Query Response Time is measured from the time when the database query application sends a request to the server to the time it receives a response packet. HTTP Page Response Time specifies the time required to retrieve the entire page with all the contained inline objects. Click OK. Right-click on the Sales A node and select Choose Individual Statistics from the pop-up menu. In the Choose Results dialog, check the following statistics: Client DB Traffic Received (bytes/sec). Client Http Traffic Received (bytes/sec). Click OK.

60 Right-click on the Sales B node and select Choose Individual Statistics from the pop-up menu. In the Choose Results dialog, check the following statistics: Client DB Traffic Received (bytes/sec). Client Http Traffic Received (bytes/sec). Click OK and then save your project. 3.5 The Firewall Scenario In the network we just created, the Sales Person profile allows both sales sites to access applications such as Database Access, , and Web Browsing from the server (check the Profile Configuration of the Profiles node). Assume that we need to protect the database in the server from external access, including the sales people. One way to do that is to replace Router C with a firewall as follows: Select Duplicate Scenario from the Scenarios menu and name it Firewall Click OK. In the new scenario, right-click on Router C Edit Attributes. Assign ethernet2_slip8_firewall to the model attribute. Expand the hierarchy of the Proxy Server Information attribute Expand the row 1, which is for the Database application, hierarchy Assign No to the Proxy Server Deployed attribute as shown: Note: Proxy Server Information is a table defining the configuration of the proxy servers on the firewall. Each row indicates whether a proxy server exists for a certain application and the amount of additional delay that will be introduced to each forwarded packet of that application by the proxy server.

61 5. Click OK and then save your project. Our Firewall configuration does not allow database-related traffic to pass through the firewall (it filters such packets out). This way, the databases in the server are protected from external access. Your Firewall scenario should look like the following figure. 3.6 The Firewall VPN Scenario In the Firewall scenario, we protected the databases in the server from any external access using a firewall router. Assume that we want to allow the people in the Sales A site to have access to the databases in the server. Since the firewall filters all database-related traffic regardless of the source of the traffic, we need to consider the VPN solution. A virtual tunnel

62 can be used by Sales A to send database requests to the server. The firewall will not filter the traffic created by Sales A because the IP packets in the tunnel will be encapsulated inside an IP datagram. While you are in the Firewall scenario, select Duplicate Scenario from the Scenarios menu and give it the name Firewall_VPN Click OK. Remove the link between Router C and the Server. Open the Object Palette dialog box by clicking. Make sure that the opened palette is the one called internet_toolbox. Add to the project workspace one ethernet4_slip8_gtwy and one IP VPN Config (see the figure below for placement). From the Object Palette, use two PPP_DS1 links to connect the new router to Router C (the firewall) and to the Server, as shown below. Close the Object Palette dialog box. Rename the IP VPN Config object to VPN. Rename the new router to Router D as shown: Configuring the VPN Right-click on the VPN node Edit Attributes. Expand the VPN Configuration hierarchy Set rows to 1 Expand row 0 hierarchy Edit the value of Tunnel Source Name and write down Router A Edit the value of Tunnel Destination Name and write down Router D.

63 Expand the Remote Client List hierarchy Set rows to 1 Expand row 0 hierarchy Edit the value of Client Node Name and write down Sales A. Click OK and then save your project Run the Simulation To run the simulation for the three scenarios simultaneously: Go to the Scenarios menu Select Manage Scenarios. Change the values under the Results column to <collect> (or <recollect>) for the three scenarios. Keep the default value of the Sim Duration (1 hour). Compare to the following figure. Click OK to run the three simulations. Depending on the speed of your processor, this may take several minutes to complete. After the three simulation runs complete, one for each scenario, click Close Save your project.

64 3.6.3 View Results To view and analyze the results: Select Compare Results from the Results menu. Expand the Sales A hierarchy Expand the Client DB hierarchy Select the Traffic Received statistic. Change the drop-down menu in the middle-lower part of the Compare Results dialog box from As Is to time_average as shown. Press Show and the resulting graph should resemble the following one: Create a graph similar to the previous one, but for Sales B:

65 Create two graphs similar to the previous ones to depict the Traffic Received by the Client Http for Sales A and Sales B.

66 Note: Results may vary slightly due to different node placement. Questions From the obtained graphs, explain the effect of the firewall, as well as the configured VPN, on the database traffic requested by Sales A and Sales B. Compare the graphs that show the received HTTP traffic with those that show the received database traffic. Generate and analyze the graph(s) that show the effect of the firewall, as well as the configured VPN, on the response time (delay) of the HTTP pages and database queries. In the Firewall_VPN scenario we configured the VPN node so that no traffic from Sales A is blocked by the firewall. Create a duplicate of the Firewall_VPN scenario and name the new scenario Q4_DB_Web. In the Q4_DB_Web scenario we want to configure the network so that: The databases in the server can be accessed only by the people in the Sales A site. The web sites in the server can be accessed only by the people in the Sales B site.

67 3.7 References Errors with modem VPN GRE & PPTP

68 LAB4 DYNAMIC HOST CONFIGURATION PROTOCOL DHCP AND NETWORK MEASUREMENT 4. Objectives Configure Windows 2003 as a DHCP Server Capture and analyze DHCP traffic generated Learn about different modes of network connections using hubs and switches Analyze the network based on different parameters 4.1 Dynamic Host Configuration Protocol DHCP is a client/server protocol that automatically provides an IP host with its IP address and other related configuration information such as the subnet mask and default gateway. RFCs 2131 and 2132 define DHCP as an Internet Engineering Task Force (IETF) standard based on the Boot Protocol (BOOTP), with which it shares many implementation details. DHCP allows hosts to obtain all necessary TCP/IP configuration information from a DHCP server Configure your computer For this lab we will make all the lab computers as hosts on their respective network. Thus at every computer modify the network configurations as follows: 1. Setup the first computer in every network as a DHCP server and have the other computers in the group point to it as DHCP clients. Thus computer which will be configured as DHCP server has static IP but all the clients get IP address

69 from the server. 2. Make sure that the Instructor PC is not acting as a connectivity between our lab network and the CCSE network. This is to make sure that our DHCP server does not provide IP address to the PC present in the CCSE network Configure Windows 2003 as a DHCP Client Start Control Panel Network Connections. Right-click and select Open. Select anyone of the local area connections and click. Click Properties. Local Area connection properties window appears. Select Internet Protocol (TCP/IP) and click Properties. Internet Protocol (TCP/IP) Properties window appears. Select the radio button obtain an IP address automatically Configure Windows 2003 as a DHCP Server Start Control Panel Add/Remove Programs. Click on Add/Remove Windows Components. Select Networking Services and check it. Then click Details button. Select DHCP and Simple TCP/IP Services. Click Ok. Click Next. Click Finish. Start Administrative Tools DHCP. DHCP Manager appears. Click on the computer and right-click and select New Scope. New Scope Wizard appears. Enter the name of the

70 scope and its description. Enter the starting and ending IP address of the scope as instructed by the instructor. Click Next. If needed, add exclusion range and click Add. Click Next. On the lease duration, click Next unless specified by the instructor.

71 Select Yes for DHCP configure options and Click Next. If needed specify the router [default gateway] address and click Add. Click Next. Click Next [for DNS server]. Click Next [for WINS server]. Select Yes for activating the scope. Click Next. Completing the new scope wizard appears. Click Finish. DHCP window appears.

72 4.1.4 Capture DHCP traffic We will use Ethereal software to capture DHCP traffic. In order to install this software, we need to install WinPCap software first. Then, we should install the Ethereal software. After installation, follow these steps. 1. Run the Ethereal software. From the Capture Menu click Start. In the window that pops up choose the appropriate network interface and Click Ok. 2. Generate DHCP traffic by using the commands ipconfig /release and ipconfig /renew at the DHCP client. Stop the DHCP capture.

73 What is the transport layer protocol DHCP uses? What is the use of port numbers 68 and 67? Why is that the Source IP address of the DHCP Discover all 0s? Why is that the Destination IP address of the DHCP Discover all 1s? What is the relationship between BOOTP protocol and DHCP? What is the use of physical address in DHCP? Why is the Destination IP address of DHCP Offer all 1s?

74 Is DHCP Request a broadcast? If yes, what is the difference between DHCP Request and DHCP Discover? How is the server identifier filled in the Bootstrap protocol? Does the client assign the IP address it got using DHCP Offer? Is the DHCP ACK a broadcast? Justify.

75 What does DHCP Release do? Is DCHP Release Broadcast or Unicast? Justify. 4.2 Network Measurement Getting ready for measurement In this experiment, you are going to collect data about network parameters such as: Bytes sent/second Bytes received/second Bytes Total/second Current Bandwidth Packets sent Unicast/second Packets sent non-unicast/second Packets sent/second Packets/second These data will be recorded for different topologies to be discussed below [Section 5]: Reference A B Name Cascaded shared hubs Segmented LAN

76 C High-Density Fast Ethernet switched workgroup Creating a Real-Time Performance Monitor chart Create a chart in Performance Monitor to display performance data real-time. Note: For Windows 2003, you can find Network Monitor and Performance Monitor at: Start Programs Administrative Tools Network Monitor Start Programs Administrative Tools Performance Install the Network Monitor 5 Click Start, click Control Panel. 6 Double-click Add/Remove Programs. 7 Click Add/Remove Windows Components. 8 Click Management and Monitoring Tools, and then click Details. 9 Select the Network Monitor Tools check box, and then click OK. 10 Click Next. Note: In Windows 2003, Microsoft Network Segment is no longer available with Performance Monitor. So, we can t use the %Network Utilization option available under Network Segment in Windows To view %Network Utilization, we have to use Network Monitor [Select the network interface and start capture]. As the value keeps on changing, we just view that value there Configure the chart Click the Start button, point to Administrative Tools, and then click Performance. To see the Graph or Histogram or Report, you can click on the respective button available at the graphical part of the screen. Select on Graph. To add entries to the chart, right-click on the graphical area and select Add Counters. In the Performance Object box, select Network Interface. Notice that Processor is the default object. In the Counter list, to know about an entry, select that entry and click on Explain.

77 Then select the Bytes Sent/second, Bytes Received/second, Bytes Total/sec, Current Bandwidth, Packets/second, Packets Sent/second, Packets sent unicast/second and Packets sent non-unicast/second. We can select them at the same time using Control key. We have to select all the above entries for both the network cards. We can select both the network cards in the Instances list using Control key. Click Close. A graph appears, displaying the real-time activities for the processor Generation of data and its representation on the chart Starting with topology A [Refer Section 5], for each topology [A to C], we need to generate some traffic. The implementation of this part depends on the available resources for network traffic generation in the lab. You can just use ping or view something from the server to generate some traffic. Example of generating traffic: Use ping command and generate continuous [repetitive] traffic to the server [ ] with the packet size of ping t l Summarizing performance data in a Performance Monitor report Use reports to view data in a non-graphical format. To create a report showing the network parameters values for the entire graph period 1. To see the Report, you can click on the report button available at the graphical part of the screen. 2. A report with the chosen counters is displayed, showing the averages. This report shows the values for both the network cards. Note: You might get zero value for one network card and some values for another network card. This will happen if one of the cards is used for data transfer. 3. Write down the Average and Maximum values of each counter in the Counter list for the entire graph period in the tables provided in Section 6.

78 4.2.7 Generating Alerts In this exercise, you will generate alerts from the collected data. To generate performance logs and alerts: 1. On the left pane of the Performance Window, click on Performance Logs and Alerts. 2. Select Alert. To add an alert, right-click on it. 3. You can add an alert from a file or add a new one directly. 4. To add an alert directly, click New Alert Settings 5. Enter the name for the alert in the Name text box. 6. Click on Add to add counters. 7. Select the respective Performance Object, Counter and the instance. 8. In the Performance Object list, select Network Interface and 9. In the Counter box, select Bytes Total/sec along with one interface card at the Instances list. 10. Click Add 11. Click Close if you have selected as many alert entries you need.

79 12. If you have wrongly selected an entry, you can delete it by selecting the alter entry and click Remove. 13. Select the alert entry in Counters list, Select Over at Alert when the value is. Enter as the Limit. 14. Under Action tab, you can set the alert message to be logged on a file or display a message or run a specific program. Select the Log an entry in the application event log option and you can view the log using: Administrative Tools Event Viewer. Select the Send a network message to option and provide the name of the machine to which you want to see the alert pop-up [on your network]. Make the messenger service is running. 15. Under Schedule tab, you can select the time period over which you want to check for these alerts.

80 PWR 10M100M ACTACT COLCOL SWITCH PWR 10M100M ACTACT COLCOL SWITCH UPLINK UPLINK PWR PWR 10M100M ACTACT COLCOL SWITCH 10M100M ACTACT COLCOL SWITCH UPLINK UPLINK 16. Click OK. 17. A similar approach can be followed to add Counter or Trace logs Topology Diagrams The topologies we set in this lab are the following: CASCADED SHARED HUBS Server Client Server Client Hub Hub Patch Panel Hub Hub Client Client Client Client

81 PWR PWR 10M100M ACTACT COLCOL SWITCH M100M ACTACT COLCOL SWITCH UPLINK UPLINK PWR PWR 10M100M ACTACT COLCOL SWITCH 10M100M ACTACT COLCOL SWITCH UPLINK UPLINK SEGMENTED LAN C lient Client C lient C lient Hub Hub Patch Panel Switch Hub Switch Hub Server C lient Server C lient High-Density FastEthernet Switched Workgroup Client Client Client Client HS1HS2 OK1OK2 PS COL- ACT- STA- CONSOLE HS1 HS2 OK1 OK2 PS COL- ACT- STA- CONSOLE Switch Switch Patch Panel COL- HS1HS2 OK1OK2 PS ACT- STA- CONSOLE COL- HS1 HS2 OK1 OK2 PS ACT- STA- CONSOLE Switch Switch Server Client Server Client

82 4.2.9 Cascade shared hubs PCs are connected to each other via hubs. Hubs can be connected directly or via patch panel Segmented LAN Clients are connected to the hub and the server is connected to the switch. Hubs are connected to the switch High-density Fast Ethernet Switched workgroup PCs are connected to each other via switches. Switches can be connected directly or via patch panel Data-entry tables The description about various network parameters is given below: Bytes Received/sec is the rate at which bytes are received on the interface, including framing characters. Bytes Sent/sec is the rate at which bytes are sent on the interface, including framing characters. Bytes Total/sec is the rate at which bytes are sent and received on the interface, including framing characters. Current Bandwidth is an estimate of the interface's current bandwidth in bits per second (BPS). For interfaces that do not vary in bandwidth or for those where no accurate estimation can be made, this value is the nominal bandwidth. Packets Sent Unicast/sec is the rate at which packets are requested to be transmitted to subnet-unicast addresses by higher-level protocols. The rate includes the packets that were discarded or not sent. Packets Sent Non-Unicast/sec is the rate at which packets are requested to be transmitted to non-unicast (i.e., subnet broadcast or subnet multicast) addresses by higher-level protocols. The rate includes the packets that were discarded or not sent. Packets Sent/sec is the rate at which packets are sent on the network interface. Packets/sec is the rate at which packets are sent and received on the network interface.

83 Network parameters (Average) A B C Bytes received/second Bytes sent/second Bytes Total/second Current Bandwidth Packets sent unicast/second Packets sent non-unicast/second Packets sent/second Packets/second Topology A Network parameters Average Minimum Maximum Bytes received/second Bytes sent/second Bytes Total/second Current Bandwidth Packets sent unicast/second Packets sent non-unicast/second Packets sent/second Packets/second

84 Topology B Network parameters Average Minimum Maximum Bytes received/second Bytes sent/second Bytes Total/second Current Bandwidth Packets sent unicast/second Packets sent non-unicast/second Packets sent/second Packets/second Topology C Network parameters Average Minimum Maximum Bytes received/second Bytes sent/second Bytes Total/second Current Bandwidth Packets sent unicast/second Packets sent non-unicast/second Packets sent/second Packets/second Notes: 1. Both the switches [3Com superstack 3 switch 3300] and hubs [3Com superstack II Hub 100 TX] in our lab supports both 10Mbps and 100Mbps.

85 2. The number of bytes received/second and number of bytes sent/second on the clients will be the same because ping command generates both ICMP echo request [Bytes sent/second] and ICMP echo reply [Bytes received/second] that carries the same data size. The same applies to the server also because it receives the echo request [Bytes received/second] from the client and sends echo reply [Bytes sent/second] to the client. 3. The hubs we have 3Com SuperStack II Hub 100 TX (3C250C) handles unicasts similarly to that of switches. So, you don t find the entries at the server and the client as the same. 3.8 Analysis You may think that just comparing the Current Bandwidth with the Bytes/Sec proves that the network is at full capacity. On closer inspection of the Scale, you can realize what is the difference in scale between the Current Bandwidth and Bytes/Sec. There is one more factor; the Current Bandwidth is in bits while the Bytes/Sec is in bytes. 1 bytes = 8 bits. When you compute all these factors, the actual network utilization can be found. For example, if the Bytes/Sec average is Bytes /Sec = 103,112 bytes x 8 Bytes /Sec = 894,896 bits/sec. Current bandwidth = 100Mbps = 100 * 10 6 bps = 100,000,000 bits/sec Network Utilization = / = 0.82% One of the amazing features of an Ethernet network is that only one machine can transmit at a time. Once the network reaches 30% capacity, pure chance means that two machines try and end a packet at the same instant. The result is more and more collisions start happening, this leads to re-transmissions and a slow down of network traffic.

86 Networks bottlenecks occur at surprisingly low levels of utilization. 40% would normally be considered a bottleneck. The reason for getting a very low utilization value was that there are fewer machines on network and the traffic generated by each machine is very minimal. The more machines the greater the risk of collisions from two machines wanting to transmit at once. 3.9 References DHCP FAQ Performance Monitor r.html Performance Monitor Getting Started

87 LAB5 DOMAIN NAME SYSTEM 5. Objectives: Learn the structure of the Domain Name System and the role played by Name Servers. Configure Windows 2003 to use DNS server with various options. Use nslookup and DIG programs to issues DNS queries and analyze the results. Use Ethereal software to capture DNS requests and replies. 5.1 Domain Name System Background Information In the context of DNS, A Name Server is the application that is acting as the server for the DNS protocol. A Name Server performs two primary tasks: a) Maintains among other things the host-name to IP address mappings for the hosts in its zone. The information is stored in a form resembling a database table (hence, the name DNS database) with each record, known as a Resource Record (RR) consisting of five fields: (domain name, class, type, value, ttl). b) Responds to DNS queries. Recall that a query is basically a partial resource record (i.e. having the domain name, class and type). The name server job is to return the corresponding matching resource records. The name server will normally lookup his local database or its cache and if there is no match and the domain in question happens to be external then the name server will forward the query to some other name server and awaits some reply. The received reply is returned to the requester and also added to local cache Configure Windows 2003 to use DNS 1. For Instructor: To make the PCs access the local Intranet, we need to setup the Instructor PC to enable Internet sharing via the Network card. If the instructor PC runs

88 Windows 2000, we need to select the appropriate network card and enable Sharing {TCP/IP Properties menu Sharing tab}. With enabled shared access, select the local connection as the network card with network address. Make sure that both the network cards are enabled. If the instructor PC runs Windows 2003, then use routing and remote access wizard. 2. Set the subnet mask as & gateway address as [IP address of the instructor s PC] 3. Use Start Control Panel Network Connections. Right Click and click Open. Click Local Area Connection Properties. Select Internet Protocol(TCP/IP) and click Properties. TCP/IP Window appears and set DNS Server to Optionally you can configure some suffixes [under TCP/IP Properties Advanced. Select DNS tab] that will be appended to partial domain names (i.e. ones not ending with "."). It is suggested that you add the following suffixes: ccse.kfupm.edu.sa kfupm.edu.sa pc.ccse.kfupm.edu.sa 4. With the above setup the network of our lab will appear as below:

89 ICS-NWLA & SM: GW: & SM: GW: ICS-NWLB1 Switch Switch Inter LAN Inter LAN Hub SM: INSTRUCTOR PC SM: CCSE Network Execute some DNS queries using nslookup The nslookup (abbreviation for name server lookup) program is one of the standard TCP/IP utilities for testing DNS server configuration. Thus nslookup is simply a DNS client. In Windows 2003, it can be executed from the command prompt by typing: nslookup <enter> as shown below. Type nslookup at the command prompt. As can be seen from the above figure, nslookup tries to contact the already configured DNS server and then wait for additional commands. Type-in some host name and hit <enter>. Nslookup returns some answer(s).

90 Note: nslookup assumes that the data given is a domain name and defaults to resource record type=a and class=in. Also note that the server identifies itself again at the start of every reply. Issue the command help and notice the outcome. Issue MX query [Mail Exchanger] using Set Option command as: set querytype=mx. Type some domain.

91 You should find out the IP addresses for root servers. Find the IP addresses by issuing the set command set querytype=ns and then the domain name. Exercise: Find out the authoritative servers for the sa domain?

92 Get a detailed answer using set debug The above interaction shows that if the given domain name does not end with "." [ Without a. At the end] then nslookup tries appending the preconfigured suffixes one at a time. Clearly, a waste of computer time!. So, the same command as the previous step but with a. at the end. Type exit to close the nslookup window.

93 5.1.4 Capturing DNS traffic using Ethereal In this experiment you will capture the requests and replies that are generated during nslookup session. Ethereal software is able to highlight the data that is exchanged between the client and server during a TCP or UDP session. This is a handy feature that can be used to trace all the message requests and their corresponding replies and is a good way to learn how the application protocol works. Follow the following steps: 1. To Start the EtheReal Network Monitoring Tool, Goto Start Programs EtheReal - EtheReal. Then you will fine the following window (Left). 2. Goto Capture menu and click on Start menu item (Shown in above figure (right)). Then you will find the following window (left). After entering the relevant details, click ok in the window then the capturing window will appear as shown above in (right).

94 3. From the command prompt executes nslookup and type: and hit <enter>. 4. In Ethreal window hit Stop button.

95 Exercise: How does Ethereal know that these packets are related? Compare the queries and answers of DNS and know about the various types of DNS entries. From the above figures, fill the format of the DNS given below. 14 byte Ethernet Frame Header Ethernet Destination Address Ethernet Source Address EtherType Ver HL* 6 bytes 6 bytes 2 bytes: 0800 indicates that the frame contains IP packet 20 byte IP Header Protocol* * indicates that the packet contains UDP message IP Source Address IP Destination Address 4 bytes 4 bytes UDP Header+Data Source Port Length DNS Request 4 bytes Frame Checksum 5.2 Setting up for the DNS Client and DNS Server This experiment can be done in pairs [One PC as DNS Server and one as PC Client]. For the DNS client, put the IP address of the DNS server as the Primary DNS Server [Under TCP/IP Properties]. For the DNS server, assign it s own IP address as the Primary DNS Server Install and Configure a DNS Server Using the Wizard Follow the following steps to install and configure DNS Server. Start Control Panel Add/Remove Programs. Click on Add/Remove Windows Components Select Networking Services and check it. Then click Details button. Check Domain

96 Name System and Simple TCP/IP services. Click OK. Windows Component Wizard appears. Click Next. It will for Windows 2003 CD- ROM. Enter the directory C:\software\i386 [or select via Browse button] under Copy files from. Completing the windows component wizard appears. Click Finish. To configure the DNS server, Start Administrative Tools DNS. If you are asked whether to start the DNS on your local computer, click Ok. If you are asked whether to add the service, click Yes. NOTE: If the message appears as Cannot connect to the DNS, delete the DNS server you have added. Go to Start Administrative Tools Services. Click DNS Server and click All Tasks Start. In the DNS manager, Click Action Connect to DNS server. If you still face a problem, check your IP address. To create a forward lookup zone, right-click forward lookup zone and click new

97 zone. Click Next. Select Primary Zone and then click Next. New Zone Wizard appears. Enter the name as nwlab.ics.kfupm.edu.sa Click Next. Zone file is shown. Click Next. The window about Dynamic update appears. Select the Do not allow dynamic updates radio button. Click Next. Completing the new zone wizard appears. Click Finish.

98 To create a reverse lookup zone, right-click reverse lookup zone and click new zone. Click Next. Select Primary Zone and then click Next. Click Next. Click Next. Click Finish. 5.3 Configuring the DNS Server through Management Console The left pane should show an icon corresponding to the local machine. From the Context Menu you can choose to create Foreword Lookup or Reverse Lookup zone. Then from the Context Menu for the zone allow you to add the appropriate type of resource records. The Foreword Lookup zone can contain ordinary types such as SOA, A, MX, NS, HostInfo,...etc., while the Reverse Lookup Zone contains only type PTR records.

99 The rightmost pane shows the various Resource Records. Double-click to view or modify the corresponding record. The window below is obtained by double-clicking which for the SOA record Adding a Host Address Record Select a foreword lookup zone and from context menu select New Host (A). This brings the following screen. Type the Name and IP address and Click Add Host to add a host. The Create PTR record option will succeed if you have a corresponding Reverse Lookup zone for this Foreword Lookup zone. If so then go the Reverse Lookup one and select Refresh from the Context Menu.

100 Note: Make sure that you add a host entry for the local DNS server with both the network interface card IP addresses. In DNS Management Tool, select the Forward Lookup Zone and click on your domain name. On the right pane, double-click the Name Server entry [under Type] and make sure that you have the fully qualified name [which includes the name of the host along with the domain name]. If the fully qualified name does not exist, click Edit. Choose Browse and select the machine name on which you are running the DNS server. Repeat the procedure for Reverse Lookup Zone.

101 5.3.2 Location of DNS data in Windows 2003 As shown below, the data for a zone is kept as a text file in Windows \ System32 \dns. Note: To ensure that the file is up-to-date choose Update Server Data File from the Context Menu for the zone.

102 5.3.3 Testing the DNS Server configuration As shown below, following the nslookup prompt we till nslookup to use the locally running name server by typing: server <enter>.to test Reverse Lookup use the command set type=ptr then type some IP address. Note: Both at the DNS server and clients, under TCP/IP properties, click Advanced. Select the DNS tab and check the append these DNS suffixes and add your domain name [nwlab.ics.kfupm.edu.sa] to it. Also enter the IP address of the DNS server as the Preferred DNS server in the TCP/IP properties. The DNS client should have its Primary DNS server pointing to the IP address of the DNS server you have setup. 5.4 Configuring the DNS Server to forward to other DNS Servers In the management console [Start Administrative Tools DNS], point to the icon associated with the DNS server and right-click and select properties to bring up the Window shown below. Enter the IP address of some DNS Server that this DNS server will foreword to (e.g. the DNS server used by CCSE ). Then click the Add button.

103 Exercise: Use nslookup and have it use your DNS server to lookup the IP address of some host in CCSE [ics-saleem]. 5.5 Removing the service Follow the steps mentioned below: 1. Put back the original IP address and the subnet masks. 2. Start Administrative Tools Services. 3. Stop the DNS Server. 4. Start Control Panel Add or remove programs Add/Remove Windows Components. 5. Remove DNS under Networking Services. 5.6 References: ICMP TCP

104 LAB 6 PART - I HTTP AND WEB 6. Objectives Learn the concepts of client/server applications Setup a Web server and publish a Web site Learn the format of HTTP requests and replies Use Telnet to execute HTTP commands directly against a Web Server Learn the architecture of the Web and distinguish between Web browser and server Master the concept of a URL and distinguish between an absolute and relative URL Learn the basics of HTML & ASP Learn about Web Caching. This lab is designed to demonstrate the implementation of switched local area networks. The simulation in this lab will help you examine the performance of different implementations of LANs connected by switches and hubs. 6.1 Background Information: Networking protocols are normally developed in layers, with each layer responsible for a different facet of the communications. A protocol suite, such as TCP/IP, is the combination of different protocols at various layers. TCP/IP is normally considered to be a 5-layer stack as shown in Figure 1. Application Transport Network Telnet, FTP, Web, , etc. TCP, UDP IP, ICMP, IGMP Data Link +Physical Device driver and interface card Figure 1. The five layers of the TCP/IP protocol suite.

105 6.2 Install and Examine TCP/IP services To install some of the TCP/IP services in Windows 2003 use Start Control Panel Add or Remove Programs Add/Remove Windows Components. This displays the dialogs shown in the following Figure. Select Networking Services and click on Details. Many services are found under Networking Services. Make sure that Simple TCP/IP Services is selected. If not selected, select it and give OK. If ask for CD, click OK and then provide the location as C:\software\i386. To verify, stop and resume any of these service use Start Administrative Tools Services, which displays the Services Window shown below. Finally, one can use Telnet client to interact with any of these services. If Telnet is not enabled, you can enable it using: Start Administrative Tools Services Telnet; Right-

106 click and select Properties. Select Stratup type Automatic. You might need to click on Start button or else, right-click and then select start. For example, to access chargen (which listens on TCP port 19), type the following at the Start Command Prompt: telnet Note: Sometimes, you need to use the IP address of your PC. Write down the command to access the Daytime service [Port number 13]. What is the output? 6.3 Install Internet Information Services and the FTP Service Because FTP depends on Microsoft Internet Information Services (IIS), IIS and the FTP Service must be installed on the computer. To install IIS and the FTP Service, follow these steps. NOTE: In Windows Server 2003, the FTP Service is not installed by default when you install IIS. If you already installed IIS on the computer, you must use the Add or Remove Programs tool in Control Panel to install the FTP Service. 1. Click Start, point to Control Panel, and then click Add or Remove Programs. 2. Click Add/Remove Windows Components.

107 3. In the Components list, click Application Server, click Internet Information Services (IIS) (but do not select or clear the check box), and then click Details. 4. Click to select the following check boxes (if they are not already selected): Common Files File Transfer Protocol (FTP) Service Internet Information Services Manager World Web Wide Service 5. Click to select the check boxes next to any other IIS-related service or subcomponent that you want to install, and then click OK. 6. Click Next. 7. When you are prompted, insert the Windows Server 2003 CD-ROM into the computer's CD-ROM drive or provide a path to the location of the files [C:\software\i386], and then click OK. 8. Click Finish. IIS and the FTP service are now installed. You must configure the FTP Service before you can use it Configure the FTP Service To configure the FTP Service to allow only anonymous connections, follow these steps:

108 1. Start Start Administrative Tools Internet Information Services Manager. 2. Expand Server_name, where Server_name is the name of the server. 3. Expand FTP Sites 4. Right-click Default FTP Site, and then right-click and select Properties. 5. Click the Security Accounts tab. 6. Click to select the Allow Anonymous Connections check box (if it is not already selected), and then click to select the Allow only anonymous connections check box. When you click to select the Allow only anonymous connections check box, you configure the FTP Service to allow only anonymous connections. Users cannot log on by using user names and passwords. 7. Click the Home Directory tab. The default home directory is c:\inetpup\ftproot. You may change it if you wish. 8. Click to select the Read and Log visits check boxes (if they are not already selected), and then click to clear the Write check box (if it is not already cleared). 9. Click OK. 10. Quit Internet Information Services Manager. The FTP server is now configured to accept incoming FTP requests. Copy or move the files that you want to make available to the FTP publishing folder for access Using FTP Before you try to interact with your local FTP server, make sure the FTP publishing service is running and that you have create some FTP site (i.e. published some folder through the FTP server). One-way to do this latter step is to use the Start Administrative Tools Internet Information Services Manger as shown in the Window below.

109 Any FTP client program can access the folder made available by FTP server. These include character-based client such as the FTP command or GUI-based client such as CuteFTP and IE 6.0. Using IE 6.0, you use the word ftp in place of http to access an FTP server as shown below. The following is a sample interaction with an FTP server using the FTP command. C:\>ftp [Note: Sometimes you need to use the IP address] Connected to Microsoft FTP service User ( :(none)): anonymous Anonymous access allowed, send identity ( name) as password. Password: a@b.c 230 anonymous user logged in. ftp> cat

110 Invalid command. ftp> dir 200 PORT command successful. 150 Opening ASCII mode data connection for /bin/ls :00PM <DIR> images 226 Transfer complete. ftp: 258 bytes received in 0.06Seconds 4.10Kbytes/sec. ftp> help Commands may be abbreviated. Commands are: delete literal prompt send debug ls put status append dir mdelete pwd trace ascii disconnect mdir quit type bell get mget quote user binary glob mkdir recv verbose bye hash mls remotehelp cd help mput rename close lcd open rmdir ftp> cd images 250 CWD command successful. ftp> dir ftp> get index.html index.html 200 PORT command successful. 150 ASCII data connection for index.html ( ,1209) (211 bytes). 226 ASCII Transfer complete. ftp: 219 bytes received in 0.01Seconds 14.60Kbytes/sec. ftp>.. ftp> get RemoteFile LocalFile.. ftp> put Localfile RemoteFile ftp> quit 221 Goodbye

111 Capture the FTP packets using Ethereal and answer the following queries: What is the transport layer protocol does FTP uses? What is the port number that is used for control and data transfer in FTP? How is the interaction between the FTP client and the FTP server when you issue the ls command? How is the interaction between the FTP client and the FTP server when you issue the get command? Is there any difference between the above two? Justify your answer. There are many ftp user-level commands [like mget, get, ls, ]. What is their actual equivalent in FTP? Notice that using packet capture.

112 7.1. Publishing a Web site: 1. To create a site on the IIS web server, Create a new directory called mysite and then right click on this directory in the Windows Explorer and select Sharing and Security. Select Web Sharing form the dialog and the dialog will appear as shown. 2. In the above dialog select Share this folder. You can use the suggested alias (this is the part that will follow the host name in the URL used to access the site by the browser see the subsequent figure. Directory browsing will work if you enable directory browsing and there is no default document (i.e. default.htm). 3. To access the above site, launch the Browser and use any of these URLs or The above URLs will work from any station. Also you can use the following URLs to access the local web server or

113 If you are not able to access the folder, you can put an HTML file named index.htm in that FTP folder and try to access that website. Sometimes, you need to enter the administrator along with its password to access the website. Also sometimes, you might need to use your IP address instead of Note: You need to select the directory you enabled for directory listing from Start Administrative Tools Internet Information Services Manager Default Web Site. Then Right-click the directory and click Properties. Select Directory Security Authentication and Access Control. Click Edit button. Then enable Anonymous Access.

114 To have more control over the IIS configuration use Start Administrative Tools Internet Information Services Manager. 6.5 Capturing HTTP traffic using Ethereal: Have Ethereal software run on Station A (web client) and try to capture the HTTP traffic data during a web session between stations A (web browser) and station B (web server). Open the web page from the client using web browser. As the above figure shows there are three TCP packet exchanges (three-way hand shake used to open a TCP connection) preceding the TCP packet containing the actual GET request. Note that HTTP data immediately follows the TCP header and is readable in the ASCII interpretation of the hex dump (right-bottom view) Examining HTTP Requests and Replies In this task we will be using Telnet client to interact with some HTTP server. It is suggested that we use a graphical Telnet which is available for you in the software folder on the

115 c-drive of your machine. Once Telnet opens a TCP connection it may not echo what you are typing. Thus it is suggested to you turn Local Echo on from Terminal Preferences menu option as shown below. Increase the Buffer Size to Also you can log the interaction to a text file Terminal Start Logging. Next, choose Connect menu option and specify an IP address of the host running HTTP server and port 80 as shown below and then click the Connect button. The figure below shows a sample HTTP 1.1 GET request and the server's reply. Note: End headers with two <enter> clicks to indicate that there is no body in the request.

116 Exercise: 1. Web share a folder (alias test) and enable directory browsing. 2. Access it using the browser using the URL: 3. Use Telnet to connect to the local http server and type: GET / HTTP/1.0<enter><enter>. 4. Compare the html you get from browser-view source with the body part of the HTTP reply Practice HTML tables, Styles and colors An HTML table (<table>... </table>) is a collection of rows. Each row (<tr>... </tr>) is a collection of cells a cell is enclosed in <td>... </td>. Note that a table cell can contain arbitrary html including img and table tags. Therefore, HTML tables have become a key element for proper layout of a web page. In general, it best to approach the layout of a page by having it as a table covering the entire width and height of the page s area as: <body> <table width="100%" height="100%">... </table> <body> Thus the following specifies a 2-row 3-column table.

117 <table cellspacing="0" width="200" border="1"> <tr><td>cell 11</td><td>cell 12</td></tr> <tr><td>cell 11</td><td>cell 12</td></tr> </table> This should render as: cell 11 cell 12 cell 13 cell 21 cell 22 cell 23 Why cell borders are doubled? When the above table is rendered in the browser you will see that a double border surrounds each cell. This is because when use the border="1" attribute within the table tag then each cell will be surrounded by a one pixel border. There are two solutions to this problem. Solution 1: Use cellspacing="1" to reveal the table's background color. <style> td { background-color:white; } </style> <table cellspacing="1" width="200" style="background-color:gray;" border="0"> <tr><td>cell 11</td><td>cell 12</td></tr> <tr><td>cell 11</td><td>cell 12</td></tr> </table> Solution 2 (better): Use border-collapse:collapse style specification to join adjacent borders. <table cellspacing="0" width="200" border="1" style="border-color:gray;border-collapse:collapse;" > <tr><td>cell 11</td><td>cell 12</td></tr> <tr><td>cell 11</td><td>cell 12</td></tr> </table> Exercise:

118 Utilize tables, styles and color techniques you have learned so far to produce the following page. Follow the hints given by the instructor Practice Active Server Pages ( ASP ) ASP is a program that runs inside IIS. An ASP file is just the same as an HTML file. An ASP file can contain text, HTML, XML, and scripts. Scripts in an ASP file are executed on the server. An ASP file has the file extension ".asp" When a browser request an asp file, IIS passes the request to the ASP Engine which executes the ASP file and the response is sent back to the browser as plain HTML. Benefits of ASP 1. Dynamically edit, change or add any content of a Web page 2. Respond to user queries or data submitted from HTML forms

119 3. Access any data or databases and return the results to a browser 4. Customize a Web page to make it more useful for individual users 5. The advantages of using ASP instead of CGI and Perl, are those of simplicity and speed 6. Provides security since your ASP code can not be viewed from the browser 7. Since ASP files are returned as plain HTML, they can be viewed in any browser 8. Clever ASP programming can minimize the network traffic How to execute the ASP file 1. If IIS has been already installed on you pc an Inetpub folder will be created on your hard drive 2. Open the Inetpub folder, and find a folder named wwwroot 3. Create a new folder, like "MyWeb", under wwwroot. 4. Use a text editor to write the examples given below, save the file as ".asp" in the "MyWeb" folder 5. Make sure your Web server is running - The installation program has added a new icon on your task bar (this is the IIS symbol). Click on the icon and press the Start button in the window that appears. 6. Open your browser and type in " to view your first ASP page 7. If your ASP page is not displayed go to IIS Manager. In the left-pane select Web service extension and then on the right-pane select Active Server Pages and click the allow button. Examples: Example1 <html> <body> <% response.write("hello World!") %> </body> </html>

120 Example 2 <html> <body> <% Dim famname(6),i famname(1) = Abdallah" famname(2) = Ibrahim" famname(3) = Saeed" famname(4) = Tharig" famname(5) = Ismail" famname(6) = Mohamed" For i = 1 to 6 response.write(famname(i) & "<br />") Next %> </body> </html> Exercise: Write an asp program to bring the following output.

121 6.5.4 Web Caching Consider a http request that just occurred -- you sent a request for a file, the server then went and hunted for the file, and if it found it, it fetched a copy for you. Now this would seem to be the only way for such an operation to work, but in fact it's pretty inefficient. Imagine that at any one time there might be thousands of users all requesting the same page. Without a cache, the ISP's server has to keep going back to the same address and getting the document for each individual request. However, if a Web cache is used, the routine is altered slightly Enable Content Expiration in IIS 5.0 When content expiration is enabled, the Web browser compares the current date to the expiration date to determine whether to display a cached page or request an updated page from the server. To set the expiration of Web site content in IIS 5.0, follow these steps: 1. In the Internet Information Services snap-in, select the Web site, virtual directory, directory, or file for which you want to set content expiration. 2. Right-click the Web site, virtual directory, directory, or file and select Properties. 3. On the HTTP Headers property sheet, select Enable Content Expiration. 4. Select Expire Immediately, Expire after, or Expire on and enter the appropriate expiration information in the corresponding box. NOTE: Typically, time-sensitive information is limited to individual files, directories, or Web sites; however, you can also set content expiration for all Web sites on a computer through the configuration of WWW Master Properties Prevent Caching using an ASP Script You can also prevent individual pages from being cached by adding a script to ASP files. To do this, follow these steps: <% Response.Expires = 0 Response.Expiresabsolute = Now() - 1

122 Response.AddHeader "pragma","no-cache" Response.AddHeader "cache-control","private" Response.CacheControl = "no-cache" %> Remove all the services you have installed 1. Start Control Panel Add or Remove Programs Add/Remove Windows Components 2. Deselect those services you have selected before and click Next/Ok until Finish. 3. For Telnet, you can go to Start Control Panel Services and disable it [by rightclick]. The page should be displayed, even though you have no current connection to the Internet.

123 PART II REMOTE DESKTOP WEB CONNECTION Objectives: Learn to setup remote desktop connection between a client and a server, via web. 6.6 Remote Desktop Web Connection To install Remote Desktop Web Connection follow these steps: 1. Open Add or Remove Programs in Control Panel. 2. Click Add/Remove Windows Components. 3. Click Application Server, and then click Details. 4. Select Internet Information Services, and then click Details. 5. In the Subcomponents of Internet Information Services list, select World Wide Web Service, and then click Details. 6. In the Subcomponents of World Wide Web Service list, click the Remote Desktop Web Connection check box. Click OK. Click OK again, and then click OK a third time. 7. In the Windows Components wizard, click Next. 8. Click Start Administrative Tools Internet Information Services Manager. 9. Expand the folder hierarchy until you reach the local computer name\web Sites\Default Web Site\tsweb folder. 10. Right-click the tsweb folder and then click Properties. 11. Click the Directory Security tab on the Properties dialog box. 12. In Anonymous access and authentication control, click Edit. 13. Check the Anonymous access check box on the Authentication Methods dialog box, and then click OK twice. 14. Click Start Control Panel System.

124 15. Click on Remote tab. Select the option for Allow users to connect remotely to this computer under Remote Desktop section. Click Ok.

125 16. Also, make sure RDP-TCP connection is present in Connections option under Start Administrative Tools Terminal Services Configuration. 17. To check whether someone has connected, you can go to Start Administrative Tools Terminal Services Manager. Note: 1. To limit the number of connections, you can check via Start Administrative Tools Terminal Services Configuration Connections. Select Network Adapter tab. You can restrict the number of connections and also the network adapter through which remote connections can be made. 2. To permit or deny remote access for specific users, Start Control Panel System Remote Select Remote Users.

126 6.6.1 To connect to another computer using Remote Desktop Web Connection 1. Ensure that Remote Desktop Web Connection is installed and running on the Web server. 2. Ensure that your client computer has an active network connection is functioning. 3. On your client computer, start Microsoft Internet Explorer. 4. In the Address box, type the Uniform Resource Locator (URL) for the home directory of the Web server hosting Remote Desktop Web Connection. 5. The URL is " followed by the IP address of your server, followed by the path of the directory containing the Remote Desktop Web Connection files (default = /Tsweb/). (Note the forward slash marks.) For example, if your Web server is " ", in the Address box you type: and then press ENTER. The Remote Desktop Web Connection page appears on the screen. 6. In Server, type the IP of the remote computer to which you want to connect. 7. Optionally, specify the screen size and logon information for your connection. 8. Click Connect. 9. After you supply your username and password the Windows Server 2003 desktop appears and you can begin to work.

127 6.6.2 To work like using remote keyboard and remote mouse 1. Install the VNC server at the Server. 2. Activate the options using Start Programs VNC Show User Settings. 3. From the client use, vncviewer and access this machine. 4. Note that you will be actually working on the server s display.

128 LAB 7 SOCKET PROGRAMMING 7. Objectives To learn the basics of Socket programming To learn the difference between TCP sockets and UDP datagrams To build a daytime C/S To build a SMTP mail user agent using JAVA To build a simple web server using JAVA 7.1. Background Information Socket-Definition A socket is one endpoint of a two-way communication link between two programs running on the network. A socket is bound to a port number so that the TCP layer can identify the application that data is destined to be sent TCP/IP and UDP/IP communications There are two communication protocols that one can use for socket programming: datagram communication and stream communication Datagram communication The datagram communication protocol, known as UDP (user datagram protocol), is a connectionless protocol, meaning that each time you send datagrams, you also need to send the local socket descriptor and the receiving socket's address. As you can tell, additional data must be sent each time a communication is made Stream communication The stream communication protocol is known as TCP (transfer control protocol). Unlike UDP, TCP is a connection-oriented protocol. In order to do communication over the

129 TCP protocol, a connection must first be established between the pair of sockets. While one of the sockets listens for a connection request (server), the other asks for a connection (client). Once two sockets have been connected, they can be used to transmit data in both (or either one of the) directions. The selection of protocol [UDP or TCP] depends on the client/server application you are writing. The following discussion shows the differences between the UDP and TCP protocols; this might help you decide which protocol you should use. In UDP, as you have read above, every time you send a datagram, you have to send the local descriptor and the socket address of the receiving socket along with it. Since TCP is a connection-oriented protocol, on the other hand, a connection must be established before communications between the pair of sockets start. So there is a connection setup time in TCP. In UDP, there is a size limit of 64 kilobytes on datagrams you can send to a specified location, while in TCP there is no limit. Once a connection is established, the pair of sockets behaves like streams: All available data are read immediately in the same order in which they are received. UDP is an unreliable protocol and so there is no guarantee that the datagrams you have sent will be received in the same order by the receiving socket. On the other hand, TCP is a reliable protocol; it is guaranteed that the packets you send will be received in the order in which they were sent. In short, TCP is useful for implementing network services such as remote login (rlogin, telnet) and file transfer (FTP) which require data of indefinite length to be transferred. UDP is less complex and incurs fewer overheads. It is often used in implementing client/server applications in distributed systems built over local area networks Sockets using UDP connection Creating a datagram socket: If you are programming a client, then you would open a socket like this: //Creating a socket DatagramSocket socket=new DatagramSocket();

130 //create a buffer of size 256 byte[] sendbuf = new byte[256]; byte[] receivebuf = new byte[256]; //create an inet address of the server machine InetAddress address = InetAddress.getByName(" "); //create the message String message="hello Datagram server"; sendbuf=message. getbytes(); //construct the packet DatagramPacket packet = new DatagramPacket(sendbuf, sendbuf.length, address, 4445); //send the packet socket.send(packet); // get response packet = new DatagramPacket(receivebuf, receivebuf.length); socket.receive(packet); If you are programming a server, then you would open a socket like this: //Create a socket DatagramSocket socket= new DatagramSocket(4445); byte[] sendbuf = new byte[256]; byte[] receivebuf = new byte[256]; // receive request DatagramPacket packet = new DatagramPacket(receivebuf, receivebuf.length); socket.receive(packet);

131 String received = new String(packet.getData()); System.out.println(received); // get the address of the client machine InetAddress address = packet.getaddress(); // get the port of the client machine int port = packet.getport(); dstring = "Hello User from "+address; sendbuf = dstring.getbytes() ; // construct the packet packet = new DatagramPacket(sendbuf, sendbuf.length, address, port); //send the message socket.send(packet); Sockets using TCP connection Opening a socket: If you are programming a client, then you would open a socket like this: Socket MyClient; try { MyClient = new Socket("Machine name", PortNumber); }catch (IOException e) { System.out.println(e); } Where Machine name is the machine you are trying to open a connection to, and PortNumber is the port (a number) on which the server you are trying to connect to is running. When selecting a port number, you should note that port numbers between 0 and 1,023 are reserved for standard protocols, such as SMTP, FTP, and HTTP. When selecting a port number for your server, select one that is greater than 1023.

132 If you are programming a server, then this is how you open a socket: ServerSocket MyService; try { MyServerice = new ServerSocket(PortNumber); } catch (IOException e) { System.out.println(e); } When implementing a server you also need to create a socket object from the ServerSocket in order to listen for and accept connections from clients. Socket clientsocket = null; try { servicesocket = MyService.accept(); }catch (IOException e) { System.out.println(e);} Creating an input stream On the client side, you can use the BufferedReader class to create an input stream to receive response from the server: BufferedReader in = new BufferedReader(new InputStreamReader(socket.getInputStream())); On the server side, you can use DataInputStream to receive input from the client: BufferedReader in = new BufferedReader(new InputStreamReader(socket.getInputStream())); Creating an output stream On the client side, you can create an output stream to send information to the server socket using the class PrintWriter.

133 PrintWriter out = new PrintWriter(socket.getOutputStream(), true); On the server side, you can use the class PrintStream to send information to the client. PrintWriter out = new PrintWriter(socket.getOutputStream(), true); Closing sockets You should always close the output and input stream before you close the socket. On the client side: On the server side: try { in.close(); out.close(); socket.close(); } catch (IOException e) { System.out.println(e); } try { in.close(); out.close(); socket.close(); serversocket.close(); } catch (IOException e) { System.out.println(e); } 7.2. Examples: Handshaking of the client and the server Download the following files. HelloClient.java HelloServer.java Execute HelloServer.java first, then execute HelloClient.java and follow the prompt Echo Client and Server Programs Download the files EchoClient.java and EchoServer1.java and study the implementation of the socket, execute and see the output Server handling more than one client Download the files EchoServer.java and EchoServerThread.java and study the implementations of the socket. Now try to understand the difference in implementation of

134 sockets in these programs and those of Example A simple Web server Download the Web server program in java given to you which serve web pages to the browser and study the implementation using sockets. 7.3 Exercises Daytime C/S program: Write a server program which sends the time of day information to the client. Note : To get the date and time in the server, you can use import java.util.*; Calendar c=new GregorianCalendar(); Date t=c.gettime(); 7.4 Writing an SMTP and POP3 Client Program The working of system is shown in the following figure. The from the source is taken to the remote server using SMTP. From the remote client, you need to use a pull protocol like POP3 or IMAP and get the from the respective server.

135 7.4.1 Setting up the POP3 Server 1. Go to Administrative Tools and select Add or Remove Windows Components. 2. Tick the Services option and press details. Press OK and Next to start the installation. Once this is complete, close all open windows. 3. After you have installed the POP3 Service, you are ready to setup and configure mailboxes. Open the main window by pressing Start > Programs > Administrative Tools > POP3 Service.

136 4. Once that is done, the first thing you have to do is create a domain. Do this by right clicking the server name in the main window, select new > domain. Type the name of your desired domain and click OK. 5. Further to this, you are now able to create a mailbox by right clicking the domain, pressing New > Mailbox. Type the mailbox name and the password in the appropriate boxes and press OK.

137 6. A confirmation box should pop up notifying you that the mailbox was successfully added. Select the "Do not show this message again" if you do not wish to have this box appear everytime you add a mailbox. 7. The new mailbox you created is shown in the main window. As you can see in the following window, the "State" of the mailbox is "Unlocked" and therefore available for use. If you right click the mailbox and select "Lock", you will disable it.

138 7.4.2 SMTP Procedure In order to work with SMTP server, you need to follow the following procedure: 1. Initially, you need to connect to the server via port number 25. a. This can be done using telnet servername 25. Where servername is the IP address of your SMTP server. 2. Issue the HELO command as HELO domainname 3. We have to indicate from whom the originates MAIL FROM: Remember to use your address along with the domain name. Also, note that there is no blank space between the colon and the word FROM. 4. We have to indicate to whom the designates RCPT TO: Remember to use your address along with the domain name. Also, note that there is no blank space between the colon and the word TO. 5. In order to include the text data you wish to send to the recipient, DATA command as DATA 6. Following the DATA command, you type your text from the next line. 7. End your contents by issuing <CRLF>.<CRLF> In programs, you can replace CRLF by \r\n 8. Quit the connection using the command QUIT

139 This SMTP example shows mail sent by Ahmed at host mailer.ccse.kfupm.edu.sa, to Ibrahim and Abdallah at host again in mailer.ccse.kfupm.edu.sa. S: MAIL R: 250 OK S: RCPT TO:< > R: 250 OK S: RCPT TO:< > R: 250 OK S: DATA R: 354 Start mail input; end with <CRLF>.<CRLF> S: Blah blah blah... S:...etc. etc. etc. S: <CRLF>.<CRLF> R: 250 OK S: QUIT An SMTP server always listens to the port 25. Exercise: Write the SMTP client program that can send s from one account to another. In order to write the SMTP client, you just need to connect to port number 25 using TCP sockets. Then, you should issue all the commands specified above in order and receive the reply. You can check whether your commands where successful or not by checking the response you received from the server. Note: You can check the receipt of your using Start Programs Administrative Tools POP3 Service. You can notice that the number of messages indicates the number of s received. To read these s, you can use POP Reading the using POP3 service 1. You can read your using telnet [POP3 runs on port number 110] as below: telnet servername 110

140 USER PASS password LIST RETR list-number QUIT 2. Write a simple POP3 client that can read the s in your mailbox and display them to you. POP3 client program is also done similar to that of the SMTP client by connecting to port number 110 and then issuing the POP3 commands in order. telnet servername 110 USER username@domain PASS password STAT LIST list-number RETR list-number QUIT NOTE: For each command there is a reply from POP3 server. For the RETR command, you need to read in a loop until you receive NULL because the content might be more than one line. The list-number given is the sequence numbering as it appears in the POP3 server.

141 LAB8 PART - I SIMULATION USING IT GURU 8. Objectives To know how to determine the throughput of a shared Ethernet network under various loads, using Simulation Overview: In a shared Ethernet network, end systems are typically connected together using a hub. The hub retransmits any incoming frames on all outgoing lines creating a single broadcast domain for all the devices. Within this domain, the Carrier Sense Multiple Access with Collision Detection (CSMA/CD) MAC protocol is used to determine which node may transmit at any given time and to resolve collisions if two or more nodes transmit at the same time Build the Simulation Model 1. Since Start up OPNET IT Guru Academic Edition. 2. Select the File tab => New Choose Project and click on OK. 4. Change the Project Name to Shared_Ethernet. 5. Change the Scenario Name to Low_Load, and click on OK. 6. In the Initial Topology window, select Create Empty Scenario and click on Next. 7. In the Choose Network Scale window, select Office and click on Next. 8. In the Specify Size window, leave the parameters unchanged and click on Next. 9. In the Select Technologies window, scroll down and include the ethernet and links model families, and click on Next. 10. In the Review window, click on OK.

142 First, we will build a LAN in which the workstations are connected together with an Ethernet hub. An easy way to create a network with a large number of nodes in OPNET is to use the Rapid Configuration tool. 1. Select the Topology tab => Rapid Configuration. 2. Set the Configuration to Star and click on OK. 3. Set the Center Node Model to ethernet16_hub. Set the Periphery Node Model to ethernet_station. Set the Link Model to 10BaseT. Set the Number to 12, and click on OK to create the LAN. 4. Right click on the hub (the device at the center of the star) and choose View Node Description. This device can support up to 16 Ethernet links at 10, 100, or 1000 Mbps. Note that the processing time within the device is considered to be zero, and that the hub retransmits incoming frames on all outgoing lines. Click on the close window icon to close the window. 5. Right click on the hub and select Set Name. Set the Name to Hub. Click on OK to close the window.

143 6. Right click on one of the Ethernet station and choose View Node Description. This device generates and receives Ethernet frames at configurable rates. Note that collision detection and resolution is handled by the hub. Click on the close window icon to close the window. 7. Now we need to set up the traffic patterns for the Ethernet stations. Right click on any of the stations and choose Select Similar Nodes. Now, right click on one of the stations and choose Edit Attributes. Put a check in the checkbox next to Apply Changes to Selected Objects. Expand the Traffic Generation Parameters and Packet Generation Arguments attributes. Set the ON State Time to constant(1000), and the OFF State Time to constant(0). This will ensure that the stations are always sending. Set the Interarrival Time (seconds) to exponential(0.004) and the Packet Size (bytes) to constant (100). Click on OK to apply the changes and close the window. Each station will now generate traffic at an average rate of one 100 byte packet every 4 milliseconds. You can calculate the average traffic that each node will generate from the interarrival time and the packet size. For instance: 100 bytes/packet * 8 bits/byte * 1 packet/0.004 sec = 200 Kbps We are now done building the LAN model

144 Configure the Simulation 1. Select the Simulation tab => Choose Individual Statistics 2. Expand the Global Statistics item, and the Ethernet item, and select the Delay (sec) statistic. 3. Expand the Traffic Sink item and select the Traffic Received (bits/sec) statistic. 4. Expand the Traffic Source item and select the Traffic Sent (bits/sec) statistic. 5. Expand the Node Statistics item, and the Ethernet item, and select the Collision Count, Load (bits/sec), Traffic Forwarded (bits/sec), Traffic Received (bits/sec), and Utilization statistics. Click on OK to close window. 6. Select Simulation => Configure Discrete Event Simulation 7. Under the Common tab, modify the Duration to 20, and the unit to second(s). Click on OK to close the window.

145 Duplicate the Scenario Now, we will build another scenario in which each Ethernet station generates much more traffic. This will allow us to compare the performance of the LAN under different conditions. Choose Scenarios => Duplicate Scenario, and name the new scenario High_Load. Click on OK to create the scenario. Right click on any of the stations and choose Select Similar Nodes. Now, right click on one of the stations and choose Edit Attributes. Put a check in the checkbox next to Apply

146 Changes to Selected Objects. Expand the Traffic Generation Parameters and Packet Generation Arguments attributes. Set the Interarrival Time (seconds) to exponential(0.001). Click on OK to apply the changes and close the window. Note that a shorter interarrival time means that packets will be generated more frequently Run the Simulation 1. Select the Scenarios tab => Manage Scenarios 2. Edit the Results field in both rows and set the values to <collect> or <recollect>. 3. Click on OK to run both scenarios (one after the other). When the simulation has completed, click on Close to close the window Inspect and Analyze Results 1. Select the Scenarios tab => Switch to Scenario and choose the Low_Load scenario. Select the Results tab => View Results 2. Select and expand the Global Statistics item, and the Traffic Source item, and select the Traffic Sent (bits/sec) statistic. Also expand the Traffic Sink item and select the Traffic Received (bits/sec) statistic. 3. View all statistics in this lab exercise using As Is mode. For this level of load, the received bit rate is approximately equal to the sent bit rate. 4. Click on the Traffic Sent (bits/sec) and Traffic Received (bits/sec) statistics again to disable the preview. Note that you may always click on Show for a more detailed graph than the preview provides. Click on Close to close the View Results window.

147 Now we will examine the same statistics for the High_Load scenario. Repeat the previous steps including switching to the High_Load scenario, viewing results, and selecting statistics to view. In this case, you can see that much more traffic was sent than was received. The hub has become overloaded and cannot deliver all the traffic that it receives. Click on Close to close the View Results window.

148 Now we will compare results generated by the two scenarios. Select the Results tab => Compare Results Select and expand the Object Statistics item, the Office Network item, the node_0 item, and the Ethernet item. Select the Load (bits/sec) statistic and view in As Is mode. Click on Show for a more detailed graph. This statistic shows how much traffic was generated by this device. The measured values should approximately match the calculations we made earlier using the configuration parameters. Again, for the Low_Load scenario, 100 bytes/packet * 8 bits/byte * 1 packet/0.004 sec = 200 Kbps load per station. You may do a similar calculation for the High_Load scenario. Click on the close window icon and choose to Delete the panel to close the window. Click on the Load (bits/sec) statistic again to disable the preview. Discrepancies between the send and receive rate can be accounted for by inspecting the Collision Count statistic. Expand the Hub item, and the Ethernet item. Select the Collision Count statistic. Click on Show for a more detailed graph. Some of the packets that were sent collided and required retransmissions, reducing the throughput. This is true of both scenarios, but the High_Load scenario experienced far more collisions. Click on the close window icon and Delete the panel. Click on the statistic again to disable the preview.

149 The hub s utilization can be viewed by selecting the Utilization statistic. Click on Show for a more detailed graph. The utilization essentially describes what percentage of the network s capacity is being used. Since 10BaseT links were used to connect the hub to the Ethernet stations, the capacity is 10 Mbps. You can see that the High_Load scenario traffic utilized a great deal more of the hub s capacity than the Low_Load scenario traffic. Click on the close window icon and Delete the panel. Click on the Utilization statistic again to disable the preview.

150 Lastly, expand the Global Statistics item, and the Ethernet item, and select the Delay (sec) statistic. Click on Show for a more detailed graph. This statistic shows the delay experienced by all packets which have been successfully delivered. You can see that the delay is fairly consistent in the Low-Load scenario, but that the high level of traffic causes growing delays in the High_Load scenario. Click on the close window icon and Delete the panel. Click on Close to close the Compare Results window. Save your model and close all windows. 8.2 Exercises: 1. Create several duplicate scenarios and modify the interarrival times for all the Ethernet stations to , 0.002, 0.003, 0.005, and respectively. Rerun the simulation, and record the Traffic Received (bits/sec) statistic for each scenario. Find the interarrival time for which the maximum throughput is achieved. Calculate the offered load that corresponds to this interarrival time. Why does the throughput stop increasing even when the load is increased further? 2. Modify the interarrival time and rerun the simulation to determine how large the interarrival time must be in order for the number of collisions per second to become negligible (less than 10 per second). What is the per-node load that corresponds to the interarrival time you found?

151 PART -II SWITCHED LANs 8.3 Objective This lab is designed to demonstrate the implementation of switched local area networks. The simulation in this lab will help you examine the performance of different implementations of local area networks connected by switches and hubs. 8.4 Overview: There is a limit to how many hosts can be attached to a single network and to the size of a geographic area that a single network can serve. Computer networks use switches to enable the communication between one host and another, even when no direct connection exists between those hosts. A switch is a device with several inputs and outputs leading to and from the hosts that the switch interconnects. The core job of a switch is to take packets that arrive on an input and forward (or switch) them to the right output so that they will reach their appropriate destination. A key problem that a switch must deal with is the finite bandwidth of its outputs. If packets destined for a certain output arrive at a switch and their arrival rate exceeds the capacity of that output, then we have a problem of contention. In this case, the switch will queue, or buffer, packets until the connection subsides. If it lasts too long, however, the switch will run out of buffer space and be forced to discard packets. When packets are discarded too frequently, the switch is said to be congested. In this lab you will set up switched LANs using two different switching devices: hubs and switches. A hub forwards the packet that arrives on any of its inputs on all the outputs regardless of the destination of the packet. On the other hand, a switch forwards incoming packets to one or more outputs depending on the destination(s) of the packets. You will study how the throughput and collision of packets in a switched network are affected by the configuration of the network and the types of switching devices that are used.

152 8.5 Procedure: Create a New Project 1. Start the OPNET IT Guru Academic Edition Choose New from the File menu. 2. Select Project and click OK Name the project <your initials>_switchedlan, and the scenario OnlyHub Click OK. 3. In the Startup Wizard: Initial Topology dialog box, make sure that Create Empty Scenario is selected Click Next Choose Office from the Network Scale list Click Next three times Click OK. 4. Close the Object Palette dialog box Create the Network To create our switched LAN: 1. Select Topology Rapid Configuration. From the drop-down menu choose Star and click OK. 2. Click the Select Models button in the Rapid Configuration dialog box. From the Model List drop-down menu choose ethernet and click OK. 3. In the Rapid Configuration dialog box, set the following six values: Center Node Model = ethernet16_hub, Periphery Node Model = ethernet_station, Link Model = 10BaseT, Number = 16, Y = 50, and Radius = 42 Click OK. Note: The prefix ethernet16_ indicates that the device supports up to 16 Ethernet connections. The 10BaseT link represents an Ethernet connection operating at 10 Mbps. 4. Right-click on node_16, which is the hub Edit Attributes Change the name attribute to Hub1 and click OK.

153 5. Now that you have created that network, it should look like the following one. 6. Make sure to save your project Configure the Network Nodes Here you will configure the traffic generated by the stations: 1. Right-click on any of the 16 stations (node_0 to node_15) Select Similar Nodes. Now all stations in the network are selected. 2. Right-click on any of the 16 stations Edit Attributes. a. Check the Apply Changes to Selected Objects check box. This is important to avoid reconfiguring each node individually. 3. Expand the hierarchies of the Traffic Generation Parameters attribute and the Packet Generation Arguments attribute Set the following four values: ON State time (seconds) = exponential(100.0), OFF State time (seconds) = exponential(0.0), Interarrival time (seconds) = exponential(0.02) and Packet Size (bytes) = constant(1500).

154 4. Click OK to close the attribute editing window(s). Save your project Choose Statistics To choose the statistics to be collected during the simulation: 1. Right-click anywhere in the project workspace and select Choose Individual Statistics from the pop-up menu. 2. In the Choose Results dialog box, choose the following four statistics: a. Global Statistics Ethernet Delay(sec) b. Global Statistics Traffic Sink Traffic Received (packets/sec) c. Global Statistics Traffic Source Traffic Sent (packets/sec) d. Node Statistics Ethernet Collision Count. Note: The Ethernet Delay represents the end to end delay of all packets received by all the stations. Traffic Received (in packets/sec) by the traffic sinks across all nodes. Traffic Sent (in packets/sec) by the traffic sources across all nodes. Collision Count is the total number of collisions encountered by the hub during packet transmissions.

155 3. Click OK Configure the Simulation Here we need to configure the duration of the simulation: 1. Click on the Configure/Run Simulation button : 2. Set the duration to be 2.0 minutes. 3. Click OK Duplicate the Scenario The network we just created utilizes only one hub to connect the 16 stations. We need to create another network that utilizes a switch and see how this will affect the performance of the network. To do that we will create a duplicate of the current network: 1. Select Duplicate Scenario from the Scenarios menu and give it the name HubAndSwitch Click OK. 2. Open the Object Palette by clicking on. Make sure that Ethernet is selected in the pull-down menu on the object palette. 3. We need to place a hub [ethernet16_hub] and a switch [ethernet16_switch] in the new scenario.

156 4. To add the Hub, click its icon in the object palette Move your mouse to the workspace Click to drop the hub at a location you select. Right-click to indicate you are done deploying hub objects. 5. Similarly, add the Switch. 6. Close the Object Palette. 7. Right-click on the new hub Edit Attributes Change the name attribute to Hub2 and click OK. 8. Right-click on the switch Edit Attributes Change the name attribute to Switch and click OK. 9. Reconfigure the network of the HubAndSwitch scenario so that it looks like the following one. Hints: a. To remove a link, select it and choose Cut from the Edit menu (or simply hit the Delete key). You can select multiple links and delete all of them at once. b. To add a new link, use the 10BaseT link available in the Object Palette. 10. Save your project Run the Simulation To run the simulation for both scenarios simultaneously: 1. Select Manage Scenarios from the Scenarios menu.

157 2. Change the values under the Results column to <collect> (or <recollect>) for both scenarios. Compare to the following figure. 3. Click OK to run the two simulations. Depending on the speed of your processor, this may take several minutes to complete. 4. After the two simulation runs complete, one for each scenario, click Close. 5. Save your project View the Results To view and analyse the results: 1. Select Compare Results from the Results menu. 2. Change the drop-down menu in the lower-right part of the Compare Results dialog box from As Is to time_average, as shown. Note: time_average is the average value over time of the values generated during the collection window. This average is performed assuming a sample-and-hold behaviour of the data set (i.e., each value is weighted by the amount of time separating it from the following update and the sum of all the weighted values is divided by the width of the collection window). For example, suppose you have a 1-second bucket in which 10

158 values have been generated. The first 7 values were generated between 0 and 0.3 seconds, the 8 th value at 0.4 seconds, the 9 th value at 0.6 seconds, and the 10 th at 0.99 seconds. Because the last 3 values have higher durations, they are weighted more heavily in calculating the time average. 3. Select the Traffic Sent (packets/sec) statistic and click Show. The resulting graph should resemble the one below. As you can see, the traffic sent in both scenarios in almost identical. 4. Select the Traffic Received (packets/sec) statistic and click Show. The resulting graph should resemble the one below. As you see, the traffic received with the second scenario, HubAndSwitch, is higher than that of the OnlyHub scenario.

159 5. Select the Delay (sec) statistic and click Show. The resulting graph should resemble the one below. (Note: Result may vary slightly due to different node placement.) 6. Select the Collision Count statistic for Hub1 and click Show. 7. On the resulting graph right-click anywhere on the graph area Choose Add Statistic Expand the hierarchies as show below Select the Collision Count statistic for Hub2 Change As Is to time_average Click Add. 8. The resulting graph should resemble the one below.

160 9. Save your project. 8.6 Questions 1. Explain why adding a switch makes the network perform better in terms of throughput and delay. 2. We analyzed the collision counts of the hubs. Can you analyze the collision count of the Switch? Explain your answer. 3. Create two new scenarios. The first one is the same as the OnlyHub scenario but replace the hub with a switch. The second new scenario is the same as the HubAndSwitch scenario but replace both hubs and switches, remove the old switch and connect the two switches you just added together with a 10BaseT link. Compare the performance of the four scenarios in terms of delay, throughput, and collision count. Analyze the results. Note: To replace a hub with a switch, right-click on the hub and assign ethernet16_switch to its model attribute.

161 LAB9 PART I PROTOCOL ANALYZER and NETWORK DESIGN 9. Objective Comprehend the role played by ARP protocol Analyze the ARP request that is issued in two cases: target host is on the local network vs. a remote network View and modify ARP cache Use Ethereal software to capture ARP packets using a proper user-defined packet filter. This lab is designed to demonstrate the implementation of switched local area networks. The simulation in this lab will help you examine the performance of different implementations of local area networks connected by switches and hubs. 9.1 General Lab setup Set the gateway address as and DNS Server to ICS-NWLA & SM: GW: & SM: GW: ICS-NWLB1 Switch Switch Inter LAN Inter LAN Hub SM: INSTRUCTOR PC SM: CCSE Network

162 Capturing ARP traffic On an Ethernet LAN, an ARP message (i.e. a request or a reply) is directly encapsulated in an Ethernet frame with EtherType value set to (0x0806) Viewing the ARP cache Generate traffic, using the ping command. Ping to any PC within your network and analyze the captured packets. You can view the ARP cache from Command Prompt {DOS prompt} by using the command arp a. At the command prompt, type the command: arp a. Do you see an entry for the machine you just pinged? How long does this entry remain in the cache? Exercise: Do you ever see an entry in the ARP cache for a machine outside of your network? Why? Capturing and analyzing ARP frames using Ethereal 1. To Start the EtheReal Network Monitoring Tool, Goto Start Programs EtheReal - EtheReal. Then you will fine the following window (Left). 2. Goto Capture menu and click on Start menu item (Shown in above figure (right)). Then you will find the following window (left).

163 After entering the relevant details, click ok in the window then the capturing window will appear as shown above in (right). 3. Frame Details: To see the Frame details, click on stop on the above (right) window and you will get the following window, which shows the details of all the frames captured. If you double click on one (frame) line, the details related to that frame can be seen as shown below. 4. Filters: To set the filter for displaying, in the capture menu, after clicking sta t, r in the following window, give the protocol you want to display in the place of Filter, and then click OK Now you will get only the Frame details for ARP protocol alone since you have set the filter to show only ARP frames.

164 Example: Capture the outgoing and incoming packets of ARP only. To set the filter according to this scenario, we should do the above procedure to get only ARP packets. The following figure shows some of the ARP Broadcast frames.

165 Exercise: Fill in the values marked with * below for an Ethernet frame containing an ARP Request. 14 byte Ethernet Frame Header Ethernet Destination Address * 6 bytes Ethernet Source Address 6 bytes EtherType* 2 bytes: 0806 indicates that the frame contains ARP message ARP Message* (Specify the format) Frame Checksum 4 bytes The 48-bit destination address in Ethernet frame is made of all Fs. Why? The 48-bit Target MAC address in ARP packet is all 0s. Why? Look at the 16-bit type field along with this website and write about its importance. Find your machine s Ethernet addresses and compare them with Ethernet Source Address present in the packet. Indicate through which card, the packet has traveled.

166 Objective: PART II The objective of this lab is to demonstrate the basics of designing a network, taking into consideration the users, services, and locations of the hosts. 9.2 Overview Optimizing the design of a network is a major issue. Simulations are usually used to analyze the conceptual design of the network. The initial conceptual design is usually refined several times until a final decision is made to implement the design. The objective is to have a design that maximizes the network performance, taking into consideration the cost constraints and the required services to be offered to different types of users. After the network has been implemented, network optimization should be performed periodically throughout the lifetime of the network to ensure maximum performance of the network and to monitor the utilization of the network resources. In this lab you will design a network for a company that has four departments: Research, Engineering, E-Commerce, and Sales. You will utilize a LAN model that allows you to simulate multiple clients and servers in one simulation object. This model dramatically reduces both the amount of configuration work you need to perform and the amount of memory needed to execute the simulation. You will be able to define a profile that specifies the pattern of applications employed by the users of each department in the company. By the end of this lab, you will be able to study how different design decisions can affect the performance of the network. 9.3 Procedure Create a New Project 1. Start OPNET IT Guru Academic Edition Choose New from the File menu. 2. Select Project and click OK Name the project <your initials>_netdesign, and the scenario SimpleNetwork Click OK. 3. In the Startup Wizard: Initial Topology dialog box, make sure that Create Empty Scenario is selected Click Next Choose Campus from the Network Scale list Click Next

167 Choose Miles from the Size drop-down menu and assign 1 for both X Span and Y Span Click Next twice Click OK Create and Configure the Network Initialize the Network: 1. The Object Palette dialog box should be now on the top of your project space. If it is not there, open it by clicking. Make sure that the internet_toolbox is selected from the pull-down menu on the object palette. 2. Add to the project workspace the following objects from the palette: Application Config, Profile Config, and a subnet. a. To add an object from a palette, click its icon in the object palette Move your mouse to the workspace Left-click to place the object. Right-click when finished. The workspace should contain the following three objects: Note: Application Config is used to specify applications that will be used to configure users profiles. Profile Config describes the activity patterns of a user or group of users in terms of the applications used over a period of time. You must define the applications using the Application Config object before using this object. 3. Close the Object Palette dialog box and save your project. Configure the Services: 1. Right-click on the Application Config node Edit Attributes Change the name attribute to Applications Change the Application Definitions attribute to Default Click OK. 2. Right-click on the Profile Config node Edit Attributes Change the name attribute to Profiles Change the Profile Configuration attribute to Sample Profiles Click OK.

168 Note: Sample Profiles provides patterns of applications employed by users such as engineers, researchers, salespeople, and multimedia users. Configure a Subnet: 1. Right-click on the subnet node Edit Attributes Change the name attribute to Engineering and click OK. 2. Double-click on the Engineering node. You get an empty workspace, indicating that the subnet contains no objects. 3. Open the object palette and make sure it is still set to internet_toolbox. 4. Add the following items to the subnet workspace: 10BaseT LAN, ethernet16_switch, and a 10BaseT link to connect the LAN with the Switch Close the palette. 5. Right-click on the 10BaseT LAN node Edit Attributes Change the name attribute to LAN Observe that the Number of Workstations attribute has a value of 10. Click in the Value column for the Application: Supported Profiles attribute, and select Edit. You should get a table in which you should do the following: a. Set the number of rows to 1. b. Set the Profile Name to Engineer. Note: Engineer is one of the sample profiles provided within the Profile Config object. c. Click OK twice. The object we just created is equivalent to a 10-workstation star topology LAN. The traffic generated from the users of this LAN resembles that generated by engineers. 6. Rename the ethernet16 Switch to Switch. 7. The subnet should look like the shown one. 8. Save your project.

169 9.3.3 Configure All Departments 1. Now you have completed the configuration of the Engineering department subnet. To go back to the main project space, click the Go to the higher level button. The subnets of the other departments in the company should be similar to the engineering one except for the supported profiles. 2. Make three copies of the Engineering subnet we just created: Click on the Engineering node From the Edit menu, select Copy From the Edit menu, select Paste three times, placing the subnet in the workspace after each, to create the new subnets. 3. Rename (right-click on the subnet and select Set Name) and arrange the subnets as shown below [Research, Sales, E-Commerce]: 4. Double-click the Research node Edit the attributes of its LAN Edit the value of the Application: Supported Profiles attribute Change the value of the Profile Name from Engineer to Researcher Click OK twice Go to the higher level by clicking the button. 5. Repeat step 4 with the Sales node and assign to its Profile Name the profile Sales Person. 6. Repeat step 4 with the E-Commerce node and assign to its Profile Name the profile E- commerce Customer. 7. Save your project.

170 9.3.4 Configure the Servers Now we need to implement a subnet that contains the servers. The servers have to support the applications defined in the profiles we deployed. You can double-check those applications by editing the attributes of our Profile node. Inspect each row under the Applications hierarchy, which in turn, is under the Profile Configuration hierarchy. You will see that we need servers that support the following applications: Web browsing, , Telnet, File Transfer, Database, and File Print. 1. Open the Object Palette and add a new subnet Rename the new subnet to Servers Double-click the Servers node to enter its workspace. 2. From the Object Palette, add three ethernet_servers, one ethernet16_switch, and three 10BaseT links to connect the servers with the switch. 3. Close the Object Palette. 4. Rename the servers [Web Server, File Server, Database Server] and the switch [Server Switch] as follows: 5. Right-click on each one of the above servers and Edit the value of the Application: Supported Services attribute. a. For the Web Server add four rows to support the following services: Web Browsing (Light HTTP1.1), Web Browsing (Heavy HTTP1.1), (Light), and Telnet Session (Light).

171 b. For the File Server add two rows to support the following services: File Transfer (Light) and File Print (Light). c. For the Database Server add one row to support the following service: Database Access (Light). 6. Go back to the project space by clicking the Go to the higher level button. 7. Save your project Connect the Subnets Now all subnets are ready to be connected together. 1. Open the Object Palette and add four 100BaseT links to connect the subnets of the departments to the Servers subnet. As you create each link, make sure that it is configured to connect the switches in both subnets to each other. Do this by choosing them from the drop-down menus as follows: 2. Close the Object Palette. 3. Now your network should resemble the following one: 4. Save your project.

172 Choose the Statistics: To test the performance of our network we will collect one of the many available statistics as follows: 1. Right-click anywhere in the project workspace and select Choose Individual Statistics from the pop-up menu. 2. In the Choose Results dialog box, choose the following statistic [Global Statistics HTTP Page Response Time (seconds)]: Note: Page Response Time is the required time to retrieve the entire page. 3. Click OK Configure the Simulation Here we need to configure the duration of the simulation: 1. Click on the Configure/Run Simulation button. 2. Set the duration to be 30.0 minutes. 3. Press OK. Duplicate the Scenario: In the network we just created we assumed that there is no background traffic already in the links. In real networks, the links usually have some existing

173 background traffic. We will create a duplicate of the SimpleNetwork scenario but with background utilization in the 100BaseT links. 1. Select Duplicate Scenario from the Scenarios menu and give it the name BusyNetwork Click OK. 2. Select all the 100BaseT links simultaneously (click on all of them while holding the Shift key) Right-click on anyone of them Edit Attributes Check the Apply Changes to Selected Objects check box. 3. Expand the hierarchy of the Background Utilization attribute Expand the row 0 hierarchy Assign 99 to the background utilization (%) as shown below. Note: Link utilization is the percentage of the used link bandwidth. 4. Click OK. 5. Save your project. Run the Simulation: To run the simulation for both scenarios simultaneously: 1. Go to the Scenarios menu Select Manage Scenarios. 2. Change the values under the Results column to <collect> (or <recollect>) for both scenarios. Compare to the following figure.

174 3. Click OK to run the two simulations. Depending on the speed of your processor, this may take several seconds to complete. 4. After the two simulation runs complete (one for each scenario), click Close. 5. Save your project. View the Results: To view and analyze the results, follow the steps given below. 1. Select Compare Results from the Results menu. 2. Change the drop-down menu in the lower-right part of the Compare Results dialog box from As Is to time_average as shown. 3. Select the Page Response Time (seconds) statistic and click Show. The resulting graph should resemble the one below. (Note: Results may vary slightly due to different node placement.)

175 9.3.7 Questions 1. Analyze the result we obtained regarding the HTTP page response time. Collect four other statistics, of your choice, and rerun the simulation of the Simple and the Busy network scenarios. Get the graphs that compare the collected statistics. Comment on these results. 2. In the BusyNetwork scenario, study the utilization% of the CPUs in the servers (Right-click on each server and select Choose Individual Statistics CPU Utilization). 3. Create a new scenario as a duplicate of the BusyNetwork scenario. Name the new scenario Q3_OneServer. Replace the three servers with only one server that supports all required services. Study the utilization% of that server s CPU. Compare this utilization with the three CPU utilizations you obtained in the previous question. 4. Create a new scenario as a duplicate of the BusyNetwork scenario. Name the new scenario Q4_FasterNetwork. In the Q4_FasterNetwork scenario, replace all 100BaseT links in the network with 10Gbps Ethernet links and replace all 10BaseT links with 100BaseT links. Study how increasing the bandwidth of the links affects the performance of the network in the new scenario (e.g., compare the HTTP page response time in the new scenario with that of the BusyNetwork).

176 LAB10 SWITCHING EXPERIMENTS 10. Objectives Learn how to configure switches. Learn how to implement and manage VLANs. Learn about the usage of spanning tree protocol in switches Connecting to the switch 1. In order to configure our switch, we need to use Hyperterminal. Make sure that the Hyperterminal software is installed. If not, you can install the software from C:\ics432\software\htpe63.exe. 2. Connect the COM1 port of the PC to the Console port of the switch with the following settings: a. As the console port of the 3Com switch is also DB9 [like COM1], we need to use two DB9-to-RJ45 adaptors. b. Bits per second: Do the following configurations via Hyperterminal Grouping of PCs into VLANs The aim of this experiment is to show how to form and make their members connect to each other. 1. Use the switch available in your LAN. Create two VLANs; namely, VLAN 100 and VLAN Create VLANs. Using browser: Configuration VLAN Using telnet/console: bridge vlan create You will be asked about the VLAN number, local number and the VLAN name. Local VLAN number is the number that is applicable only within a single switch.

177 3. Remove all the 8 ports [1 to 8] that are used by these PCs from VLAN 1. Using telnet/console: bridge vlan removeport 1 all 4. Add port numbers 1, 2, 5 & 6 to VLAN 100 without tagging. Using telnet/console: bridge vlan addport none 5. Add port numbers 3, 4, 7 & 8 to VLAN 101 without tagging. Using telnet/console: bridge vlan addport none 6. Test their connectivity by pinging among these PCs. What is the result of ping, if we ping among those PCs in same VLAN? What is the result of ping, if we ping among those PCs in different VLAN? 7. If we wish to have one port to support more than one VLAN, tagging is needed. Using browser: Enable 802.1Q VLAN learning at Port Menu Using telnet/console: bridge vlan addport Q o Where 1 is the VLAN number and 3 is the port number 10.2 Enable security option of a switch port 1. Switch learns the MAC address of the packet that follows through it and maps that MAC address with the respective port number. This mapping is stored in the switching database. This information is used for delivery of packets to respective PC. 2. We can fix a switch port to a respective MAC address so that people can connect any PC with this port. Fix a switch port to the MAC address that is connected to it. a. First, you need to know the MAC address of the network card that connected to this port using ipconfig /all. As we have two cards per PC, you might need to disable one card and note the MAC address. Using browser: Port Menu Security Enabled Using telnet/console: bridge port address add b. After setting the above, try to swap the ports [of one PC] on the switch and check if it works. Remember, each PC has two networks and so they are connected to two ports of the switch. Swapping them will make the port to learn a different MAC address.

178 3. We can make the switch learn a MAC address and maintain it for a specific period of time known as ageing concept. a. Using browser: Configuration Advanced Stack Setup Ageing time (secs) b. Using telnet/console: bridge agingtime 10.3 Create looping and break it using spanning tree Connecting switches in the form of a loop creates rounding of packets. This will be handled using Spanning tree protocol. 1. Connect two switches together using crossover cable. Make sure that you are able to ping from one PC, which is connected to one switch to another PC, which is connected to other switch. 2. Before creating the loops, generate traffic to other LANs by using ping. a. ping t l Make sure all the networks are in same VLAN. Connect the switches in a loop using two crossover wires. Remember, one wire already exists. 4. Before enable spanning tree, now note the change in the timing values in the ping operation that you have started earlier. 5. To enable spanning tree a. Using browser: Configuration Advanced Stack setup Spanning Tree b. Using telnet/console: bridge stpstate enable 6. Check the ping operation now to notice that it has come back to normal state. 7. One port of the switch can handle 100Mbps. If we need more than 100Mbps for the connectivity between the switches then we should connect more than one link between the switches. We are forced to disable spanning tree and treat the links as one single link with high capacity [using trunking]. a. To disable spanning tree Using telnet/console: bridge stpstate disable b. To create port trunk i. Using browser: Configuration Port Trunk Move ports to the needed port trunk 8. Check the ping operation now to notice the change.

179 10.5 Testing other settings Auto-negotiation setup Auto-negotiation is a method by which two connected devices can talk to each other and negotiate about speed and mode of operation. These setups can be done on a specific port by selecting the respective port on the switch picture that appears in the browser. Connect two switches with a crossover wire. a. Enable auto-negotiation at the ports that connect these switches. Note down what is the speed and mode of the connectivity at both ends. Switch 1: Switch 2: b. Enable auto-negotiation at one port. Fix the other end to 10Mbps and Fullduplex mode. Note down what is the speed and mode of the connectivity at both ends. Switch 1: Switch 2: c. Set to different speed and mode at both these ports. Note down what is the speed and mode of the connectivity at both ends. Switch 1: Switch 2: d. What is the link between Auto-negotiation, Speed/Duplex, FD Flow Control and HD Flow control? i. If we set the duplex as HD in Switch I and FD in Switch II, the switches can still run as they are provided the HD Flow control option is enabled in Switch II. Switch 1: Switch 2:

180 ii. We cannot enable flow control when auto-negotiation is enabled. Also, it is recommended that the flow control should be made as same for both the switches that are connected via the specific port. Connect a PC via Hub to the switch and note the following: a. This specific port that connects the switch to hub becomes as HD, even if autonegotiation is enabled. b. The switch-database contains many addresses learnt for the port of the switch that is connected to the hub. To check this, we might need to ping from the PCs that are connected to the switch via the hub Resilient Links Resilient links are used to have backup links when the main link between two switches goes off. This connectivity can be of two types: a. Symmetric: Here, both the links [main and standby] are considered to be the same. If main link goes off, the standby link comes up. If the standby link goes off, the main link comes up. But, while the standby link is working if the main links comes up, it will not be enabled. It has to act as standby at that time. b. Switchback: If main link goes off, the standby link comes up. If the standby link goes off, the main link comes up. But, while the standby link is working if the main links comes up, the standby link will be put to standby and the main link will start to work. Don t connect the two cables that you want to work as resilient. Make one link as main link and the other as standby link. Using browser: Configuration Resilient Links Add {for main and standby link} We can swap the active and inactive links, click resilient link swap Changing the switching modes Switches can operate in many modes. WE can change the modes to fast-forward or store and forward, etc. Set to switching operation to fast-forward or others and see its impact.

181 Using browser: Configuration Advanced Stack setup Select the forwarding mode Apply Broadcast Storm Control Broadcast Storm Control is enabled, the stack automatically creates an alarm for each port to monitor the level of broadcast traffic on that port. If the broadcast traffic level rises to 2976 frames per second, the broadcast traffic on the port is blocked until the broadcast traffic level drops to 1488 frames per second. Enable broadcast storm control using browser: Configuration Advanced Stack setup Enable the Broadcast Storm Control VLT tagging VLT tagging is an additional option provided by 3Com switch similar to standard 802.1Q tagging. By specifying that the ports at both ends of a link use VLT tagging, you can create a VLT tagged link that carries traffic for all of the VLANs defined on your Switch. VLT tagging works only with 3Com switches. We can not use VLT tagging when: o When 802.1Q tagging is used. o It is the main or standby port of a resilient link, and the other port does not use VLT tagging. o It belongs to a port trunk. You cannot disable VLT tagging if the port is part of a resilient link pair. In browser, under unit menu [which is the picture of the switch on the browser], you have to select the necessary port and then enable VLT tagging Questions What happens if a port is tagged with two VLANs [using 802.1Q] and that port is connected to the hub? a. This will not work because 802.1Q tagging can be set only on ports whose other end also understands this tagging. Hub doesn t understand this tagging.

182 Can we add a port to two VLANs without tagging? a. Two VLANs cannot be differentiated without tagging. So, to add two VLANs to a port, we surely need tagging. b. If we add two VLANs without tagging to a port, then the old VLAN will be 10.7 References overwritten with the new VLAN. 3Com Switch 3300 User Guide 3Com Switch 3300 Management Guide

183 LABS 11 and 12 ROUTING EXPERIMENTS 13. Objectives: 10 Configure and test Windows 2003 as a router. 11 Learn how to configure CISCO 2600 Router. 12 Divide the lab network into different networks. 13 Examine and comprehend the routing table maintained by a router. 14 Modify routing table by adding dynamic routes. 15 Use Ethereal software to capture RIP packets and analyze them. 16 Use Ping and TraceRoute to test connectivity through a router Review of IP address Every interface on an IP network must have a unique IP address. Every IP packet traveling through an IP network contains a source IP address and a destination IP address. These addresses are 32-bit numbers. An IP address actually consists of two parts: one part identifies the network and referred to as Network ID (or simply NetID) and another part identifies the host and referred to as HostID. How do we know the length of each part? This information is specified through a subnet mask, which is a 32-bit value with the bits corresponding to the NetID set to 1's and the bits corresponding to the HostID set to 0's. For example, a subnet mask value of specifies that the NetID is 8 bits and the HostID is 24 bits. These 32-bit addresses are normally written as four decimal numbers, one for each byte of the address. This is called dotted-decimal notation Configure the Lab as a set of networks connected by routers Since the lab contains 5 networks, convert the first computer on each network to act as a router between it and the next network in accordance with the figure below.

184 ROUTER & CLIENTS SM: GW: SM: SM: Switch A Switch B CLIENTS & SM: GW: Configure Windows 2003 machine as router Configure Windows 2003 machine as router using the following: 1. Start Administrative Tools Routing and Remote access 2. Select Local Computer and right-click it. 3. Select Configure and Enable routing and remote access. Routing and remote access wizard appears. 4. Click Next. Configuration Window appears. Select Custom Configuration Next. Custom configuration window appears.

185 5. Tick LAN Routing Next. Click Finish. 6. Click Yes to start the service Checking for connectivity To ensure that the router is working properly, all you need is to ping a machine outside of your network. But first to ensure that the router on your network is up, try to ping the IP addresses associated with the router interfaces, then if that is successful, ping a machine on the remote network Use the commands from a computer on Network A: 1. To test the router interface which is connected to the source host. ping To test the router interface which is connected to another network.

186 ping To ping to a computer in another network. ping A Quick Guide to CISCO 2600 Routers Connecting to Router There are two ways to connect to the Cisco router for the purposes of configuration and maintenance. First, initially you will probably configure your router from a terminal. Second, if the router is already configured and at least one port is configured with an IP address, and it has a physical connection to the network, you might be able to telnet to the router and configure it across the network. If the router is not already configured, then you will have to use the first method and directly connect to it with a terminal and a serial cable [Roll-over cable]. Plug a serial cable into a serial (COM) port on the PC and the other end into the console port on the Cisco router. Using a PC running Microsoft Windows, you can use HyperTerminal program found in Accessories Communications to access the router's console. If Hyperterminal is not present, install it from the Software directory [htpe63.exe]. Start HyperTerminal, tell it which COM port to use and click OK. Set the speed of the connection to 9600 baud and click OK. You may need to hit the Enter key to see the prompt from the router. Notes: 1. You need to configure the IP address for an FastEthernet interface using Hyperterminal. 2. Connect the configured FastEthernet port to the switch so as to make sure you PC is connected to this FastEthernet port. 3. Telnet to the IP address of the port and practice the basic commands of router.

187 Router Modes - Unprivileged and privileged modes When you first connect to the router and provide the password (if necessary), you enter EXEC mode, the first mode in which you can issue commands from the commandline. From here you can use such unprivileged commands as ping, telnet, and rlogin. You can also use some of the show commands to obtain information about the system. In unprivileged mode you use commands like, show version to display the version of the IOS the router is running. Type show? to display all the show commands available in the mode you are presently in. Router>show? You must enter privileged mode to configure the router. You do this by using the command enable. Privileged mode will usually be password protected unless the router is unconfigured. You have the option of not password protecting privileged mode, but it is HIGHLY recommended that you do. Issue the command enable and provide the password, you will enter privileged mode. To help the user keep track of what mode they are in, the command-line prompt changes each time you enter a different mode. When you switch from unprivileged mode to privileged mode, the prompt changes from: Router> to Router# Cisco describes two modes, unprivileged and privileged, and then a hierarchy of commands used in privileged mode. There to be many sub-modes of privileged mode, that is called parent mode. The command show? will display all the show commands available in the current mode. Do the following commands: Router#show interfaces Router#show ip protocols Router#show ip route Router#show ip arp

188 As you configure the router, you will enter various sub-modes to set options and then return to the parent mode to display the results of your commands. You also return to the parent mode to enter other sub-modes. To return to the parent mode, you hit ctrl-z. This puts any commands you have just issued into effect, and returns you to parent mode Global configuration (config) To configure any feature of the router, you must enter configuration mode. This is the first sub-mode of the parent mode. In the parent mode, issue the command config terminal. Router#config terminal Router(config)# To change the name of the router, issue the hostname command. Router(config)#hostname r1 r1(config)# As demonstrated above, when you set the name of the host with the hostname command, the prompt immediately changes by replacing Router with r Configuring interfaces To display the configuration of the interface you use the command: r1#show interface fastethernet 0/0 r1#show interface serial 1/0 Here is an example of configuring a fastethernet port with an IP address: r1#config r1(config)#interface fastethernet 1/0 r1(config-if)#ip address r1(config-if)#no shutdown r1(config-if)#ctrl-z r1#

189 Note the no shutdown command. An interface may be correctly configured and physically connected, yet be administratively down. In this state it will not function. To reverse or delete the results of any command is to simply put no in front of it. For instance, if we wanted to unassign the IP address we had assigned to interface fastethernet 1/0: r1(config)#interface fastethernet 1/0 r1(config-if)#no ip address r1(config-if)ctrl-z r1#show interface serial 1/ Routing IP routing is automatically enabled on Cisco routers. If it has been previously disabled on your router, you turn it back on in config mode with the command ip routing. r1(config)#ip routing r1(config)#ctrl-z There are two main ways a router knows where to send packets. The administrator can assign static routes, or the router can learn routes by employing a dynamic routing protocol. These days static routes are generally used in very simple networks or in particular cases that necessitate their use. To create a static route, the administrator tells the router operating system that any network traffic destined for a specified network layer address should be forwarded to a similarly specified network layer address. In the Cisco IOS this is done with the ip route command. r1#config r1(config)#ip route r1(config)#ctrl-z r1#show ip route Two things are to be said about this example. First, the packet destination address must include the subnet mask for that destination network. Second, the address it is to be forwarded

190 is the specified address of the next router along the path to the destination. This is the most common way of setting up a static route. Dynamic routing protocols, running on connected routers, enable those routers to share routing information. This enables routers to learn the routes available to them. The advantage of this method is that routers are able to adjust to changes in network topologies. If a route is physically removed, or a neighbor router goes down, the routing protocol searches for a new route. Routing protocols can even dynamically choose between possible routes based on variables such as network congestion or network reliability. Configure the Routing Information Protocol (RIP) on Cisco routers. From the command-line, we must explicitly tell the router which protocol to use, and what networks the protocol will route for. r1#config r1(config)#router rip r1(config-router)#network r1(config-router)#network r1(config-router)#ctrl-z r1#show ip protocols Now when you issue the show ip protocols command, you should see an entry describing RIP configuration Saving your configuration If you turned the router off right now, and turned it on again, you would have to start configuration over again. Your running configuration is not saved to any permanent storage media. You can see this configuration with the command show running r1#show running If you do want to save your successful running configuration, issue the command copy running startup r1#copy running startup

191 Your configuration is now saved to non-volatile RAM (NVRAM). Then, issue the command show startup r1#show startup Now any time you need to return your router to that configuration, issue the command copy startup running r1#copy startup running Viewing Configuration Issue the following command and write down their outputs: 1. Get the routing table sh ip route If you get ICMP redirect cache is empty, then that means the ip routing is not enabled. 2. Check whether no ip routing exists. sh run If yes, then we need to enable ip routing. Issue the command ip routing at the (config)#. 3. Check the running configuration sh run 4. Get the details about the router and write it down. sh ver What version of the IOS is running? What is the name of the Cisco IOS image file loaded? What kind of router (platform type) is this? What is the revision level of the image? How much NVRAM (startup config) memory is there? How much RAM is there? show flash Used to verify the contents of the Flash memory. If the flash file name is c2500-js-l bin. c2500 is the platform

192 j indicates that the file is an enterprise image. s indicates the file contains extended capabilities. l indicates that the file can be moved from flash memory if needed and is not compressed is the revision number..bin indicates that the Cisco IOS is a binary executable file. What is the name and length of the Cisco IOS image stored in flash? What attributes can you identify from codes in the Cisco IOS filename? Note: 27648K/5120K memory means 27M of processor memory and 5M of I/O memory. In total, 32M of DRAM is present Exercise Implement the following network diagram. Make sure that the gateways of the PCs are properly set as the IP address of the network interface of the router that it is connected to Configure Router in your Segment Lab setup Setup the lab network according to the figure given below.

193 Step 1: You should configure the TCP/IP setting in each host appropriately with respective subnet mask and gateway addresses. The gateway address is the interface address of the router that is connected to the specific network. For example, the first host on LAN Segment B should use the following setting: IP Address: Subnet Mask: Gateway: Configure the router You need to configure the router for few things: 1. To connect to the router, you need to assign an IP address for each interface of the router. When we get a new router, we use console cable to assign an IP address and then connect via telnet. 2. We need to assign an IP address for both the fast Ethernet interface cards. We should be at the privileged mode. An example is given below: #config t (config)# interface FastEthernet 0/0 configure Ethernet interface 0/0 (config-if)#ip address IP address and the subnet mask.

194 (config-if)#no shut (or no shutdown) ensure that interface is not administratively down (config-if)#ctrl-z (or exit) execute all of the above and return to parent 3. Now the connection between networks connected via a single router should work. We can ping among & network and between & networks. 4. All the hosts can connect to the router using telnet. You can telnet to the respective gateway address. The routing table at this time can be viewed using show ip route 5. Now we need to assign an IP address for the Serial interface. We should be at the privileged mode. #config t (config)# interface Serial 1/0 configure Serial interface 1/0 (config-if)#ip address (config-if)#no shutdown (or no shut) (config-if)#bandwidth 64 (config-if)#clock rate will work only with DCE connections (config-if)#ctrl-z (or exit) execute all of the above and return to parent Note: To identify whether a connection is DCE or DTE, we can use the command show controllers 6. From the hosts, the users should be able to ping to IP address of the serial interface present in the router connected to their network. 7. All the necessary IP address setups are done. We need to enable routing protocols to have the necessary routing among the networks connected to different routers. To setup the RIP protocol, we do as below: # config t (config)# router rip (config-router)# network Note: We need to add the network entries for the serial connection that connects different routers. We need to add entry for all the directly connected

195 networks [both fastethernet and serial]. 8. All the necessary connections are done and all the hosts should be able to ping other hosts present in different networks. Show ip route command will show that routes are learnt using RIP protocol. 9. We can refer to various configuration settings on the router using: #show ip protocols #show ip route shows routing table #show running-conf or show run #show interfaces 10. We can view the actual RIP packets using the command: #debug ip rip displays RIP routing updates as they are sent or received If we are not able to see the RIP information at our telnet prompt, issue the command, #terminal monitor To stop viewing the RIP routing information, #undebug all stop display debug information Exercise Using the appropriate command to dump the IP routing table in your segment and write it below Capturing RIP traffic RIP data is encapsulated in UDP messages which source port and destination port are both set to 520. We will use the same procedure we have learnt in previous labs to capture RIP traffic using Ethereal. The captured images for both RIP request and response are given below.

196 From above the captures, answer the following queries: Which protocol does RIP use? Does it have any specific port number? In RIP request, there is no request specified. Why? The version of RIP is specified as RIPv1. Is there any other version of RIP? If so, what is their difference? Why is it that the RIP messages [request and response] are sent as IP broadcast? What is the use of Metric in RIP request and response messages? In the last snap-shot provided there is different metric for different IP addresses given. Why?

197 Exercise: Fill the RIP format using the packets captures given. 14 byte Ethernet Frame Header Ethernet Destination Address 6 bytes Ethernet Source Address 6 bytes EtherType 2 bytes: 0800 indicates that the frame Ver * HL* contains IP packet 20 byte IP Header Protocol* 1 byte: * indicates that the packet contains UDP message UDP Header+Data IP Source Address IP Destination Address* Source Port* Length RIP data Frame Checksum 4 bytes 4 bytes 4 bytes 11.6 Using Static Routes Static routes can serve as an alternative to using RIP. For example, we could disable RIP on router A and add static routes for networks B, C, D and E as follows: (config)#no router rip disable RIP (config)#ip route (config)#ip route (config)#ip route (config)#ip route Adding a static default route To have Router A use the Instructor's router as the default route (used when there is no match with ordinary entries in the routing table), use the following command (a default route is entered with IP address and a subnet mask ),

198 (config)#ip route Question: Is the presence of the Instructor's router necessary to route traffic between the segments A and C? Justify your answer. Exercise: Testing Router Connectivity A good test to ensure that the router in your segment is working properly is to ping a host outside of your network. Another useful test is to use TraceRoute (sometimes abbreviated as TraceRT) command to print the IP addresses of routers along the path to a target host. From your host, traceroute to the first host on a segment that is next to your segment. For example, if you happen to be on Segment C then issue the command: tracert Write down the results below Dynamic Routing with OSPF within an area Use OSPF routing protocol as the dynamic routing protocol. Make the whole network into one single area. The administrative distance of OSPF is Log into your routers and go into privileged mode by typing en or enable. 2. From the configuration mode on Router A, type router ospf?. 3. Notice that it asks for a process number. Type 100 and press Enter. 4. To configure neighbors in OSPF [Configure all routers in area 0] RouterA(config-router)# network area 0 OR RouterA(config-router)# network area 0 OR RouterA(config-router)# network area 0 Note: Here, we don t provide the subnet mask. Instead a wild-card is provided. Wildcard means, if we wish to consider a bit, we provide 0 and to ignore a bit, we provide 1.

199 For example, in the first command given [ ], we want to match the IP exactly. In , we wish to match the first three parts of the IP address and the last part is not configured. 5. Press Ctrl+Z to get out of configuration mode. 6. Do similarly for other routers 7. Verify that OSPF is running by typing the following command at each router: show ip route show ip ospf neighbor Note: Process number is a number local to the router. It is possible to have more than one process running on a router, although this is an unusual and expensive configuration in terms of router resources. The process number does not have to be the same on every router in the area or the autonomous system. In the interest of sanity, however, many administrators make it the same number Access List Access list is used to deny or permit control for packets that pass via the router. Access lists are executed sequentially based on the order of rules provided. Once an access list is added, there exists an implicit deny at the end of the list. Any packet that is not matched with the rules in the list is denied entry by the implicit deny. There are two types of access lists, namely: 1. Standard Access list: The control of the packet is based on the source address only. The list number ranges from 0 to 99. This list is applied near the destination of the packet. 2. Extended Access list: The control of the packet is based on source address, destination address, source port, destination port, protocol, etc. The list number ranges from 100 to 199. This list is applied near to the source of the packet. Takes more time to process than the standard list but it is more powerful. Specify the access rules at the global configuration level. (config)# access-list access-list-number {permit deny} source-address [wildcard mask] Add the specified access list to an interface. (config-if)# ip access-group access-list-number {in out}

200 Note: Out means the packet is coming out of the specific interface and in means the packet is entering the interface. Examples: a. To block a non network (config)# access-list 1 permit Last part is wild-card (config)# interface fastethernet 0/0 (config-if)# ip access-group 1 out Note: Use in to act on directly connected networks. This is because we need to take action without taking any routing decision. Wildcard is used, which is opposite to subnet mask. b. Access list blocking traffic from a single host (config)# access-list 1 deny (config)# access-list 1 permit (config)# interface fastethernet 0/0 (config-if)# ip access-group 1 out c. Access list blocking traffic from a single subnet (config)# access-list 1 deny (config)# access-list 1 permit any (config)# interface fastethernet 0/0 (config-if)# ip access-group 1 out d. To permit vty access to a specific network (config)# access-list 2 permit (config)# line vty 0 4 (config-line)# access-class 2 in e. Extended access list blocking Telnet traffic from a specified subnet (config)# access-list 101 deny tcp eq 23 (config)# access-list 101 permit ip any any (config)# interface fastethernet 0/0

201 (config-if)# ip access-group 101 out Note: with ip access-group 101 in, we can block telnet to the router even from the directly connected networks. Another way to do this is: line vty 0 4 login no password Note: This requires a password. Because a password has not been established, however, it is impossible to correctly input a password. The result is no access. no line vty 0 4 OR (config)# access-list 12 permit (config)# line vty 0 4 (config-if)# access-class 12 in f. show access-lists displays the contents of all access lists. g. show ip access-lists displays the IP access lists References Cisco 2600 router: Technical reference tml RIP OSPF

202 LAB13 PART I ICMP AND TCP PACKET ANALYSIS 13. Objectives [Lab 13A]: 17 Examine the ICMP message structure and encapsulation. 18 Expose the role played by ICMP in Ping and TraceRoute utilities. 19 Show ICMP statistics using netstat command. 20 Examine the TCP Segment structure and encapsulation. 21 Examine the three phases of a TCP connection. 22 Capture and analyze the TCP traffic generated during a Web session General Lab setup Set the gateway address as Set DNS Server to ICS-NWLA & SM: GW: & SM: GW: ICS-NWLB1 Switch Switch Inter LAN Inter LAN Hub SM: INSTRUCTOR PC SM: CCSE Network

203 13.2. Capturing ICMP traffic An ICMP message (i.e. a request or a reply) is directly encapsulated in an IP packet with protocol field in the IP header set to 1. On an Ethernet LAN, the IP packet itself is encapsulated in an Ethernet frame with EtherType value set to (0x0800). Thus the simplest way to capture ICMP traffic is to use a filter on the Protocol field in the IP header. Use Ethereal to Capture ICMP packets that are generated when you ping your neighbor's IP address. 1. Follow the steps as discussed in 2.2 and specify icmp instead of arp as the protocol to filter. 2. Observe the details of the ICMP frames after doing ping. Details of ICMP request frame during ping:

204 Details of ICMP Reply frame: Exercise: Based on the above capture state how Ping works. Also fill in the values marked with * below for an Ethernet frame containing an ICMP Echo Request. State the role of the ICMP fields: type, code, checksum, identification, seqno, data.

205 14 byte Ethernet Frame Header Ethernet Destination Address Ethernet Source Address EtherType Ver * HL* 6 bytes 6 bytes 2 bytes: 0800 indicates that the frame contains IP packet 20 byte IP Header Protocol* 1 byte: ** indicates that the packet contains ICMP message IP Source Address IP Destination Address 4 bytes 4 bytes ICMP Header+Data type code checksum 4 bytes Identification SeqNo Data (variable length) Frame Checksum 4 bytes What is the relation between source and destination Ethernet address in the ICMP request and reply? What is the use of Don t fragment and More fragment fields? How do you differentiate between the ICMP request and reply packet using the ICMP header information? What is the use of Identifier field in the ICMP request and reply messages? What is the use of sequence number along with Identifier field in ICMP request and reply messages? Does the Header checksum in ICMP request and reply messages are consistent? Explain.

206 Capture ICMP packets generated and received during TraceRoute TraceRoute (sometimes abbreviated as TraceRT) is one of the basic IP diagnostic tools. It is used to discover the routers that an IP packet would traverse to reach a given target host (i.e. IP address). TraceRoute first sends one or more ICMP Echo Request packets with TTL=1. Any packet with TTL=1 will be discarded by the first router along the path to destination but the router will send an ICMP Time Exceeded message (type/code= / ) to the source host. TraceRoute receives this ICMP message and notes the IP source address as the address of the first router. Then TraceRoute sends one or more ICMP Echo Request packets with TTL value=2. Any such packet crosses the first router where its TTL value is decremented by 1. At the second router, the packet is dropped and an ICMP Time Exceeded message is sent back to the source host. The IP source address of this message is that of the second router. The process continues until TraceRoute actually gets an ICMP Echo Reply from the target host or the TTL value exceeds some preset maximum. To verify all of this, follow theses steps. 1. From your computer, traceroute to KFUPM (or CCSE) Web Server by issuing the command: tracert You should get results similar to the one shown below. 2. Use Ethereal with the filter set as in the previous task and capture the resulting traffic. As first step, the domain name should be resolved to its IP address and so a DNS query is generated.

207 In the DNS query, what is the destination IP address? Justify. Is there a fixed source port in the DNS query? Explain.

208 What is the reason for the destination port being selected as 53? Justify. The flags in the DNS indicate whether the packet is query or response. Discuss the relationship between the flag values in query and response. Immediately after the DNS response, ICMP packets are generated. Initially, ICMP packets are generated with TTL as 1. The response for the ICMP query does not come from the actual destination. Why? What does Time-to-live exceeded mean?

209 The Time-to-live is increased to 2 because the source received Time-exceeded message. What is the relationship between the source and destination IP address of the ICMP request messages with TTL=1 and TTL=2? Justify. The Time-to-live exceeded message arrive from a different IP compared to the pervious Time-to-live exceeded message. Why? Why is it that the TTL value of the Time-to-live exceeded message is 1? Explain.

210 Following the above mentioned procedure, the TTL gets incremented and finally, the request reaches the actual destination. The destination then replies to the source. How can traceroute calculate the minimum, maximum and average response time? Exercise: Traceroute to some host on the Internet, say Explain the result Capturing ICMP Destination Unreachable message This ICMP message uses a Type field value of 3 and is generated under various conditions (cases) indicated by the value used for the Code field. Here we will consider two cases only. Case 1: Host Unreachable Recall that when an IP packet finally reaches a router attached to the destination network, the router would then encapsulate the received packet in a frame addressed to the destination host. Thus the router will issue an ARP Request for the MAC address corresponding to the destination IP address, and if no ARP Reply is received, the router will discard the packet and send an ICMP Destination Unreachable/Host Unreachable message back to the source host. To capture such message, use filter as set previously and run the command: ping <ipaddress of a dead host on a remote network> Case 2: Port Unreachable The destination host generates this message when there is no process listening on the specified TCP (or UDP) destination port. To capture such message, use filter as set previously and run the command: traceroute <ipaddress of your neighbor> -p assume no process listens on port Note: This command works only with Unix platform.

211 Generate IP fragmented packet To see the IP fragmentation process in action, one can use the Ping command with the option for the size of Ping data set large enough to causes the IP packet size to exceed the underlying data link layer Maximum Transmission Unit (MTU) - For Ethernet, MTU is 1500 bytes. Subtracting 20 bytes for IP header and 8 bytes for ICMP header maximum ICMP data of 1472 byes. Thus setting a Ping length option of 1473 will lead to a fragmented packet. Exercise: Setup a filter to capture IP/ICMP and run the command: ping n 1 l 1473 <ipaddress>. If all goes well, you should get a screen like the one shown below. Note that the size of the first IP packet is set to 1500 (i.e. subtracting the length of IP header (20) fragment size is 1480). Can you guess the value of the fragment offset in the IP packet containing the second fragment?

212 Viewing ICMP statistics As shown in the snapshot below, one can use the netstat command. At the command prompt type the command: netstat s. Note: It is good to know that the command netsat e gives statistics about the local Ethernet's interface. A value of zero for received erroneous frames would indicate a network free of bad (or lose) wiring and malfunctioning network interface cards. Exercise: Capture ICMP packets using Ethereal Capturing TCP traffic What goes on during a Web surfing session? HTTP is an example of an Application Layer protocol that is encapsulated in TCP. Thus one way to capture TCP Segments is use the browser to fetch some URL and at the same

213 time capture the frames that go out or come to the network interface associated with the local station. Therefore, we will use a filter that restricts the MAC source or destination address to match that of local station. Follow these steps. Have Ethereal set to Capture Mode and browse to some site such as If all goes well then you should get a capture similar to the one shown below.

214 Based on the above capture write down the steps (tasks) that the browser goes through. Step (Task) Application/Transport Protocols used 1.Open a TCP TCP Syn-SynAck-Ack connection 2. Send an HTTP HTTP/TCP GET Request 3. Get Reply HTTP/TCP 4. Repeat Steps 3, 4 HTTP/TCP a number of times 5. Close the TCP TCP Fin and Ack Connection # of applicationdata packets exchanged ARP Request for Note that before a TCP connection is opened the IP address of the host in URL is needed. Thus a DNS query needs to be issued**. The DNS query will be encapsulated in a frame destined to the IP address of DNS server but what would be the MAC address? Will we send an ARP request asking for MAC address of DNS server? **If you don't see DNS Query and Reply this in your capture, can you explain why?

215 Structure and Encapsulation of a TCP segment By considering one of the frames that contains a TCP segment verifies that the encapsulation and the structure of a TCP segment is in accordance with the diagram shown below. 14 byte Ethernet Frame Header Ethernet Destination Address 6 bytes Ethernet Source Address 6 bytes EtherType 2 bytes: 0800 indicates that the frame Ver * HL* contains IP packet 20 byte IP Header Protocol* 1 byte: 6* indicates that the packet contains TCP message TCP Header IP Source Address IP Destination Address source port dest. port SeqNo AckNo offset-re-uaprsf win size checksum urg ptr options + padding 4 bytes 4 bytes 4 bytes 4 bytes 4 bytes TCP data Frame Checksum 4 bytes What is the relationship between sequence number and acknowledgement number? How can we use the HEADER LENGTH field of the IP datagram to locate the beginning of the TCP segment? Compute and display the size of the payload carried in the segment. Note: you must use the TOTAL LENGTH field in the IP datagram to compute the segment size. What is the indication of the source and destination port number in the TCP packets?

216 Use the above capture, indicate the following: o What do you understand by Sequence number and Next sequence number? o Format of HTTP messages. o Impact of HTTP messages on the TCP flags Analyzing the Phases of a TCP connection A TCP connection goes through three phases in sequence: Open Connection phase using Three-Way handshake Data Exchange phase Close Connection phase

217 The Connection Opening Phase uses the three-way handshake. Client Server Syn, SeqNo=200 Syn, Ack, SeqNo=500 AckNo=201 Ack, SeqNo=201 AckNo=501 The Data Exchange Phase uses the sliding window technique including the provision for SeqNo and AckNo to allow the proper ordering of the data. The flow control is managed using the Window Size field. Note that for an outgoing segment we set the AckNo using the formula, AckNo = (SeqNo + Data Size) of the last correctly received segment Note: For the Initial SYN Segments we assume a data size of 1 byte. Exercise: Verify the above formula by tracking a received segment (say, the one containing the first GET request) and the segment that is sent following it. Received Segment Sent Segment SeqNo (Hex) AckNo (Hex) Data Size (in bytes) The Close Connection Phase uses a pair of Fin-Ack segments (i.e. two Fins and two Acks). When one side has no more data then he should send a Fin segment and when

218 acknowledged he must not send any more data but can continue sending Ack segments for the data it receives. After a while the other side, can do the same References ICMP TCP

219 LAB13 PART II TCP SIMULATION Objectives [Lab 13B]: 23 Demonstrate the congestion control algorithms implemented by the Transmission Control Protocol (TCP). 24 Provides a number of scenarios to simulate congestion control algorithms. 25 Compare the performance of the algorithms through the analysis of the simulation results Overview The Internet s TCP guarantees the reliable, in-order delivery of a stream of bytes. It includes a flow-control mechanism for the byte streams that allows the receiver to limit how much data the sender can transmit at a given time. In addition, TCP implements a highly tuned congestion-control mechanism. The idea of this mechanism is to throttle how fast TCP sends data to keep the sender from overloading the network. The idea of TCP congestion control is for each source to determine how much capacity is available in the network, so that it knows how many packets it can safely have in transit. It maintains a state variable for each connection, called the congestion window, which is used by the source to limit how much data it is allowed to have in transit at a given time. TCP uses a mechanism, called additive increase/multiplicative decrease, that decreases the congestion window when the level of congestion goes up and increases the congestion window when the level of congestion goes down. TCP interprets timeouts as a sign of congestion. Each time a timeout occurs, the source sets the congestion window to half of its previous value. This halving corresponds to the multiplicative decrease part of the mechanism. The congestion window is not allowed to fall below the size of a single packet (the TCP maximum segment size, or MSS). Every time the source successfully sends a congestion window s worth of packets, it adds the

220 equivalent of one packet to the congestion window; this is the additive increase part of the mechanism. TCP uses a mechanism called slow start to increase the congestion window rapidly from a cold start in TCP connections. It increases the congestion window exponentially, rather than linearly. Finally, TCP utilizes a mechanism called fast retransmit and fast recovery. Fast retransmit is a heuristic that sometimes triggers the retransmission of a dropped packet sooner than the regular timeout mechanism. In this lab you will set up a network that utilizes TCP as its end-to-end transmission protocol and analyze the size of the congestion window with different mechanisms Create a New Project 1. Start OPNET IT Guru Academic Edition Choose New from the File menu. 2. Select Project and click OK Name the project <your initials>_tcp, and the scenario No_Drop Click OK. 3. In the Startup Wizard: Initial Topology dialog box, make sure that Create Empty Scenario is selected Click Next Select Choose From Maps from the Network Scale list Click Next Choose mideast from the Map List Click Next twice Click OK Create and Configure the Network Initialize the Network 1. The Object Palette dialog box should now be on the top of your project space. If it is not there, open it by clicking. Make sure that the internet_toolbox item is selected from the pull-down menu on the object palette. 2. Add to the project workspace the following objects from the palette: Application Config, Profile Config, an ip32_cloud, and two subnets. To add an object from a palette, click its icon in the object palette Move your mouse to the workspace Click to drop the object in the desired location Right-click to finish creating objects of that type.

221 Note: The ip32_cloud node model represents an IP cloud supporting up to 32 serial line interfaces at a selectable data rate through which IP traffic can be modeled. IP packets arriving on any cloud interface are routed to the appropriate output interface based on their destination IP address. The RIP or OSPF protocol may be used to automatically and dynamically create the cloud's routing tables and select routes in an adaptive manner. This cloud requires a fixed amount of time to route each packet, as determined by the Packet Latency attribute of the node. 3. Close the palette. 4. Rename the objects [Applications, Profiles, West, East, KSA Internet] you added as shown and then save your project: Configure the Applications 1. Right-click on the Applications node Edit Attributes Expand the Application Definitions attribute and set rows to 1 Expand the new row Name the row FTP_Application. Expand the Description hierarchy Edit the FTP row as shown (you will need to set the Special Value to Not Used while editing the shown attributes): Inter-Request Time specifications: Distribution Name = constant, Mean Outcome = 3600 File Size (bytes): Distribution Name = constant, Mean Outcome =

222 2. Click OK twice and then save your project Configure the Profiles 1. Right-click on the Profiles node Edit Attributes Expand the Profile Configuration attribute and set rows to 1. a. Name and set the attributes of row 0 as shown Click OK. 1. Profiles configuration rows = row 0 Profile Name = FTP_Profile 3. Applications rows = Applications row 0 Name = FTP_Application 5. Applications row 0 Start Time Offset = constant(5) 6. Applications row 0 Repeatability = Once at Start Time 7. Applications Start Time Offset = constant(100)

223 Configure the West Subnet 1. Double-click on the West subnet node. You get an empty workspace, indicating that the subnet contains no objects. 2. Open the object palette and make sure that the internet_toolbox item is selected from the pull-down menu. 3. Add the following items to the subnet workspace: one ethernet_server, one ethernet4_slip8_gtwy router, and connect them with a bidirectional 100_BaseT link Close the palette Rename the objects [Server_West, Router_West] as shown. Note: The ethernet4_slip8_gtwy node model represents an IP-based gateway supporting four Ethernet hub interfaces and eight serial line interfaces.

224 4. Right-click on the Server_West node Edit Attributes: a. Edit Application: Supported Services Set rows to 1 Set Name to FTP_Application Click OK. b. Edit the value of the Server Address attribute and write down Server_West. c. Expand the TCP Parameters hierarchy Set both Fast Retransmit and Fast Recovery to Disabled. 5. Click OK and then save your project. Now, you have completed the configuration of the West subnet. To go back to the top level of the project, click the Go to next higher level button Configure the East Subnet 1. Double-click on the East subnet node. You get an empty workspace, indicating that the subnet contains no objects. 2. Open the object palette and make sure that the internet_toolbox item is selected from the pull-down menu. 3. Add the following items to the subnet workspace: one ethernet_wkstn, one ethernet4_slip8_gtwy router, and connect them with a bidirectional 100_BaseT link Close the palette Rename the objects [Router_East, Client_East] as shown. 4. Right-click on the Client_East node Edit Attributes: a. Expand the Application: Supported Profiles hierarchy Set rows to 1 Expand the row 0 hierarchy Set Profile Name to FTP_Profile. b. Assign Client_ East to the Client Address attributes. c. Edit the Application: Destination Preferences attribute as follows: Set rows to 1 Set Symbolic Name to FTP Server Edit Actual Name Set rows to 1 In the new row, assign Server_West to the Name column. 5. Click OK three times and then save your project.

225 6. You have now completed the configuration of the East subnet. To go back to the project space, click the Go to next higher level button Connect the Subnets to the IP Cloud 1. Open the object palette. 2. Using two PPP_DS3 bidirectional links connect the East subnet to the IP Cloud and the West subnet to the IP Cloud. 3. A pop-up dialog box will appear asking you what to connect the subnet to the IP Cloud with. Make sure to select the routers. 4. Close the palette Choose the Statistics 1. Right-click on Server_West in the West subnet and select Choose Individual Statistics from the pop-up menu. 2. In the Choose Results dialog box, choose the following statistic: TCP Connection Congestion Window Size (bytes) and Sent Segment Sequence Number. 3. Right-click on the Congestion Window Size (bytes) statistic Choose Change Collection Mode In the dialog box check Advanced From the drop-down menu, assign all values to Capture mode as shown Click OK.

226 4. Right-click on the Sent Segment Sequence Number statistic Choose Change Collection Mode In the dialog box check Advanced From the drop-down menu, assign all values to Capture mode. OPNET provides the following capture modes: All values collects every data point from a statistic. Sample collects the data according to a userspecified time interval or sample count. For example, if the time interval is 10, data is sampled and recorded every 10th second. If the sample count is 10, every 10th data point is recorded. All other data points are discarded. Bucket collects all of the points over the time interval or sample count into a data bucket and generates a result from each bucket. This is the default mode. 5. Click OK twice and then save your project. 6. Click the Go to next higher level button Configure the Simulation Here we need to configure the duration of the simulation: 1. Click on and the Configure Simulation window should appear. 2. Set the duration to be 10.0 minutes. 3. Click OK and then save your project.

227 13.10 Duplicate the Scenario In the network we just created we assumed a perfect network with no discarded packets. Also, we disabled the fast retransmit and fast recovery techniques in TCP. To analyze the effects of discarded packets and those congestion-control techniques, we will create two additional scenarios. 1. Select Duplicate Scenario from the Scenarios menu and give it the name Drop_NoFast Click OK. 2. In the new scenario, right-click on the IP Cloud Edit Attributes Assign 0.05% to the Packet Discard Ratio attribute. 3. Click OK and then save your project. 4. While you are still in the Drop_NoFast scenario, select Duplicate Scenario from the Scenarios menu and give it the name Drop_Fast. 5. In the Drop_Fast scenario, right-click on Server_ West, which is inside the West subnet Edit Attributes Expand the TCP Parameters hierarchy Enable the Fast Retransmit attribute Assign Reno to the Fast Recovery attribute. Note: With fast retransmit, TCP performs a retransmission of what appears to be the missing segment, without waiting for a retransmission timer to expire. After fast retransmit sends what appears to be the missing segment, congestion avoidance but not slow start is performed. This is the fast recovery algorithm. The fast retransmit and fast recovery algorithms are usually implemented together (RFC 2001). 6. Click OK and then save your project Run the Simulation To run the simulation for the three scenarios simultaneously: 1. Go to the Scenarios menu Select Manage Scenarios. 2. Change the values under the Results column to <collect> (or <recollect>) for the three scenarios. Compare to the following figure.

228 3. Click OK to run the three simulations. Depending on the speed of your processor, this may take several minutes to complete. 4. After the three simulation runs complete, one for each scenario, click Close Save your project View the Results To view and analyze the results: 1. Switch to the Drop_NoFast scenario (the second one) and choose View Results from the Results menu. 2. Fully expand the Object Statistics hierarchy and select the following two results: Congestion Window Size (bytes) and Sent Segment Sequence Number. Note: To switch to a scenario, choose Switch to Scenario from the Scenarios menu or just press Ctrl+<scenario number>. 3. Click Show. The resulting graphs should resemble the ones below.

229 4. To zoom in on the details in the graph, click and drag your mouse to draw a rectangle, as shown above. 5. The graph should be redrawn to resemble the following one: 6. Notice the Segment Sequence Number is almost flat with every drop in the congestion window. 7. Close the View Results dialog box and select Compare Results from the Result menu. 8. Fully expand the Object Statistics hierarchy as shown and select the following result: Sent Segment Sequence Number.

230 9. Click Show. After zooming in, the resulting graph should resemble the one below Questions 1. Why does the Segment Sequence Number remain unchanged (indicated by a horizontal line in the graphs) with every drop in the congestion window? 2. Analyze the graph that compares the Segment Sequence numbers of the three scenarios. Why does the Drop_NoFast scenario have the slowest growth in sequence numbers? 3. In the Drop_NoFast scenario, obtain the overlaid graph that compares Sent Segment Sequence Number with Received Segment ACK Number for Server_West. Explain the graph.