LAB MANUAL

COMPUTER NETWORK SYSTEMS

Department of Information and Computer Science

College of Computer Science and Engineering

King Fahd University of Petroleum and Minerals

2005

TABLE OF CONTENTS

LAB1 ..................................................................................................................................... 1 Getting start.......................................................................................................................... 1 1. Objectives:.............................................................................................................. 1 1.2 General Lab Description: .................................................................................... 1 1.2.1 Structure of the lab ............................................................................................... 1

1.2.2 Network Cable ............................................................................................... 3 1.3 Introduction to network device: ........................................................................ 4

1.3.1 3Com Switch 3300......................................................................................... 4 1.3.2 Cisco 2600 routers ......................................................................................... 5 1.3.3 Cable connection for network devices ...................................................... 6 13.3.4 Straight through cable............................................................................ 6 13.3.5 Cross-over cable...................................................................................... 7 13.3.6 Roll over cable......................................................................................... 7

13.4 Introduction to IP addressing:............................................................................ 8 13.4.4 Rules of IPv4 addressing....................................................................... 8

13.5 Software Packages:..............................................................................................11 13.6 References: ...........................................................................................................11 LAB 2 ..................................................................................................................................12 LAN SETUP and monitoring ........................................................................................12 2. Objectives.............................................................................................................12 2.1. Setting up a simple network..............................................................................12

2.1.1. Check Local Area Network Connections ........................................13 2.1.2. Plug in and connect the equipment...................................................13 2.1.3. Network Adapters and Protocols......................................................13 2.1.4. Check the TCP/IP Protocol Settings ...............................................14 2.1.5. Check the TCP/IP Settings with the IPCONFIG Utility ............15 2.1.6. Check the network connection with the Ping Utility.....................16

2.2. Learn various network related commands .....................................................16 2.2.1. PING Command..................................................................................16 2.2.2 TRACERT Command................................................................................18 2.2.3 PATHPING Command.............................................................................19 2.2.4 Enhanced Ping .............................................................................................19 2.2.5 NETSTAT Command................................................................................20 2.2.6 NetStat Live ..................................................................................................21 2.2.7 AT Command ..............................................................................................22 2.2.8 NET Command...........................................................................................23

2.2.9 ROUTE Command.....................................................................................24 2.2.10 ARP Command.....................................................................................26 2.2.11 IPCONFIG Command.......................................................................27 2.2.12 NETSH Command..............................................................................28

2.3 Reference..............................................................................................................30 LAB 3 ..................................................................................................................................31 Remote Access System and vpn.....................................................................................31 3. Objectives.............................................................................................................31 3.1 Installing and configuring RAS server ............................................................31

3.1.1 Installing RAS Server ..................................................................................31 3.1.2 Configuring a direct serial connection .....................................................34 3.1.3 Installing and Configuring RAS client .....................................................35 3.1.4 Dialup to the server.....................................................................................36 3.1.5 Testing the RAS Installation......................................................................37 3.2 Virtual Private Networks............................................................................40 3.3 Experimental Setup .....................................................................................40 3.3.1 Configuring VPN Server ............................................................................41 3.3.2 Configuring VPN Client.............................................................................44

3.4 Firewalls and VPN..............................................................................................49 3.4.1 Create a New Project ..................................................................................49 3.4.2 Create and Configure the Network ..........................................................49 3.4.3 Configure the Nodes...................................................................................50 3.4.4 Choose the Statistics....................................................................................51

3.5 The Firewall Scenario.........................................................................................52 3.6 The Firewall VPN Scenario ..............................................................................53

3.6.1 Configuring the VPN..................................................................................54 3.6.2 Run the Simulation......................................................................................55 3.6.3 View Results..................................................................................................56

3.7 References ............................................................................................................59 LAB4 ...................................................................................................................................60 Dynamic host configuration protocol – DHCP .........................................................60 and........................................................................................................................................60 network measurement ......................................................................................................60 4. Objectives.............................................................................................................60 4.1 Dynamic Host Configuration Protocol ..........................................................60

4.1.1 Configure your computer...........................................................................60 4.1.2 Configure Windows 2003 as a DHCP Client.........................................61 4.1.3 Configure Windows 2003 as a DHCP Server ........................................61 4.1.4 Capture DHCP traffic.................................................................................64

4.2 Network Measurement ......................................................................................67 4.2.1 Getting ready for measurement ................................................................67 4.2.2 Creating a Real-Time Performance Monitor chart................................68

ii

4.2.3 Install the Network Monitor .....................................................................68 4.2.4 Configure the chart......................................................................................68 4.2.5 Generation of data and its representation on the chart........................69 4.2.6 Summarizing performance data in a Performance Monitor report....69 4.2.7 Generating Alerts.........................................................................................70 4.2.8 Topology Diagrams.....................................................................................72 4.2.9 Cascade shared hubs ...................................................................................74 4.2.10 Segmented LAN ..........................................................................................74 4.2.11 High-density Fast Ethernet Switched workgroup .................................74 4.2.12 Data-entry tables ..........................................................................................74

3.8 Analysis .................................................................................................................77 3.9 References ............................................................................................................78 LAB5 ...................................................................................................................................79 domain name system ........................................................................................................79

5. Objectives:.............................................................................................. 79 5.1 Domain Name System.......................................................................................79

5.1.1 Background Information............................................................................79 5.1.2 Configure Windows 2003 to use DNS....................................................79 5.1.3 Execute some DNS queries using nslookup ..........................................81 5.1.4 Capturing DNS traffic using Ethereal .....................................................85

5.2 Setting up for the DNS Client and DNS Server...........................................87 5.2.1 Install and Configure a DNS Server Using the Wizard........................87

5.3 Configuring the DNS Server through Management Console ....................90 5.3.1 Adding a Host Address Record ................................................................91 5.3.2 Location of DNS data in Windows 2003................................................93 5.3.3 Testing the DNS Server configuration ....................................................94

5.4 Configuring the DNS Server to forward to other DNS Servers ...............94 5.5 Removing the service .........................................................................................95 5.6 References: ...........................................................................................................95 LAB 6 ..................................................................................................................................96 HTTP and WEb................................................................................................................96 6. Objectives.............................................................................................................96 6.1 Background Information:..................................................................................96 6.2 Install and Examine TCP/IP services ............................................................97 6.3 Install Internet Information Services and the FTP Service ........................98

6.3.1 Configure the FTP Service.........................................................................99 6.3.2 Using FTP...................................................................................................100

6.5 Capturing HTTP traffic using Ethereal: .......................................................106 6.5.1 Examining HTTP Requests and Replies...............................................106 6.5.2 Practice HTML tables, Styles and colors...............................................108 6.5.3 Practice Active Server Pages ( ASP )......................................................110 6.5.4 Web Caching...............................................................................................113

iii

6.5.5 Enable Content Expiration in IIS 5.0 ....................................................113 6.5.6 Prevent Caching using an ASP Script ....................................................113 6.5.7 Remove all the services you have installed ...........................................114

PART II ............................................................................................................................115 Remote desktop web connection.................................................................................115 Objectives: ........................................................................................................................115 6.6 Remote Desktop Web Connection ...............................................................115

6.6.1 To connect to another computer using Remote Desktop Web Connection................................................................................................................118 6.6.2 To work like using remote keyboard and remote mouse...................119

LAB 7 ................................................................................................................................120 Socket programming.......................................................................................................120 7. Objectives...........................................................................................................120 7.1. Background Information.................................................................................120

7.1.1. Socket-Definition................................................................................120 7.1.2. TCP/IP and UDP/IP communications ........................................120 7.1.3. Datagram communication ................................................................120 7.1.4. Stream communication......................................................................120 7.1.5. Sockets using UDP connection .......................................................121 7.1.6. Sockets using TCP connection ........................................................123 7.1.7 Creating an input stream ..........................................................................124 7.1.8 Creating an output stream........................................................................124 7.1.9 Closing sockets...........................................................................................125

7.2. Examples: ...........................................................................................................125 7.2.1 Handshaking of the client and the server..............................................125 7.2.2 Echo Client and Server Programs ..........................................................125 7.2.3 Server handling more than one client ....................................................125 7.2.4 A simple Web server .................................................................................126

7.3 Exercises .............................................................................................................126 7.4 Writing an SMTP and POP3 Client Program .............................................126

7.4.1 Setting up the POP3 Server .....................................................................127 7.4.2 SMTP Procedure........................................................................................130 7.4.3 Reading the email using POP3 service ..................................................131

LAB8 .................................................................................................................................133 Simulation using IT GURU ..........................................................................................133 6. Objectives:..........................................................................................................133 1.1 Overview: ...........................................................................................................133

1. Build the Simulation Model .....................................................................133 2. Configure the Simulation .........................................................................136 3. Duplicate the Scenario ..............................................................................137 4. Run the Simulation....................................................................................138 5. Inspect and Analyze Results ....................................................................138

iv

2.2 Exercises: ............................................................................................................142 PART -II...........................................................................................................................143 Switched LANs................................................................................................................143 Objective:..........................................................................................................................143 3.3 Overview: ...........................................................................................................143 8.4 Procedure: ..........................................................................................................144

8.4.1 Create a New Project ................................................................................144 8.4.2 Create the Network ...................................................................................144 8.4.3 Configure the Network Nodes ...............................................................145 8.4.4 Choose Statistics ........................................................................................146 8.4.5 Configure the Simulation .........................................................................147 8.4.6 Duplicate the Scenario ..............................................................................147 8.4.7 Run the Simulation....................................................................................148 8.4.8 View the Results.........................................................................................149

8.5 Questions............................................................................................................152 LAB9 .................................................................................................................................153 Protocol Analyzer and Network Design.....................................................................153 9. Objective.............................................................................................................153 1.1 General Lab setup.............................................................................................153

1. Capturing ARP traffic ...............................................................................154 2. Viewing the ARP cache ............................................................................154 3. Capturing and analyzing ARP frames using Ethereal .........................154

PART II ............................................................................................................................158 9.2 Overview ............................................................................................................158 9.3 Procedure ...........................................................................................................158

9.3.1 Create a New Project ................................................................................158 9.3.2 Create and Configure the Network ........................................................159 9.3.3 Configure All Departments .....................................................................161 9.3.4 Configure the Servers................................................................................ 162 9.3.5 Connect the Subnets ................................................................................. 163 9.3.6 Configure the Simulation ......................................................................... 164 9.3.7 Questions .................................................................................................... 167

LAB10 ...............................................................................................................................168 switching experiments ....................................................................................................168 10. Objectives...........................................................................................................168 10.1 Connecting to the switch.................................................................................168 10.2 Grouping of PCs into VLANs.......................................................................168 10.2 Enable security option of a switch port........................................................169 10.3 Create looping and break it using spanning tree .........................................170 10.5 Testing other settings .......................................................................................171

10.5.1 Auto-negotiation setup ......................................................................171 10.5.2 Resilient Links .....................................................................................172

v

10.5.3 Changing the switching modes ........................................................ 172 10.5.4 Broadcast Storm Control .................................................................. 173 10.5.5 VLT tagging......................................................................................... 173

10.6 Questions............................................................................................................173 10.7 References ..........................................................................................................174 LABS 11 and 12...............................................................................................................175 routing experiments ........................................................................................................175 13. Objectives:..........................................................................................................175 11.1 Review of IP address........................................................................................175 11.2 Configure the Lab as a set of networks connected by routers .................175

11.2.1 Configure Windows 2003 machine as router ................................176 11.2.2 Checking for connectivity .................................................................177

11.3 A Quick Guide to CISCO 2600 Routers .....................................................178 11.3.1 Connecting to Router ........................................................................178 11.3.2 Router Modes - Unprivileged and privileged modes ...................179 11.3.3 Global configuration (config)...........................................................180 11.3.4 Configuring interfaces........................................................................180 11.3.5 Routing .................................................................................................181 11.3.6 Saving your configuration .................................................................182 11.3.7 Viewing Configuration ......................................................................183 11.3.8 Exercise ................................................................................................184

11.4 Configure Router in your Segment................................................................184 11.4.1 Lab setup..............................................................................................184 11.4.2 Configure the router...........................................................................185

11.5 Capturing RIP traffic........................................................................................187 11.6 Using Static Routes...........................................................................................189 11.7 Adding a static default route ...........................................................................189 11.8 Dynamic Routing with OSPF within an area ..............................................190 11.9 Access List..........................................................................................................191 11.10 References ...................................................................................................193 LAB13 ...............................................................................................................................194 PART I..............................................................................................................................194 icmp and tcp packet analysis .........................................................................................194 13. Objectives [Lab 13A]: ......................................................................................194 13.1. General Lab setup.............................................................................................194 13.2. Capturing ICMP traffic....................................................................................195

13.2.1. Capture ICMP packets generated and received during TraceRoute 198 13.2.2. Capturing ICMP Destination Unreachable message ...................202 13.2.3. Generate IP fragmented packet .......................................................203 13.2.4. Viewing ICMP statistics ....................................................................204

13.3. Capturing TCP traffic.......................................................................................204

vi

vii

13.3.1. What goes on during a Web surfing session?................................204 13.3.2. Structure and Encapsulation of a TCP segment...........................207 13.3.3. Analyzing the Phases of a TCP connection ..................................208

13.4. References ..........................................................................................................210 LAB13 ...............................................................................................................................211 TCP Simulation ...............................................................................................................211 Objectives [Lab 13B]: ....................................................................................................211 13.5 Overview ............................................................................................................211 13.6 Create a New Project........................................................................................212 13.7 Create and Configure the Network ...............................................................212

13.7.1 Initialize the Network ........................................................................212 13.7.2 Configure the Applications...............................................................213 13.7.3 Configure the Profiles........................................................................214 13.7.4 Configure the West Subnet...............................................................215 13.7.5 Configure the East Subnet................................................................216 13.7.6 Connect the Subnets to the IP Cloud.............................................217

13.8 Choose the Statistics.........................................................................................217 13.9 Configure the Simulation.................................................................................218 13.10 Duplicate the Scenario ..............................................................................219 13.11 Run the Simulation....................................................................................219 13.12 View the Results.........................................................................................220 13.13 Questions ....................................................................................................222 LAB 14 ..............................................................................................................................224 ASSIGHNMENT...........................................................................................................224

Page

L A B 1

GETTING START

1. Objectives: • Lab structure orientation.

• Introduction to IP addressing.

• Listing various software packages that ought to be used in this course.

1.2 General Lab Description:

1.2.1 Structure of the lab Our lab is made up of five networks [LAN A, B, C, D, & E]. Each network is made up of

the following:

Rack consists of Cisco 2600 Router, 3Com 3300 [Superstack 3] Switch and 3Com hub.

4 PCs: Each having two operating systems [Windows 2003, Fedora Linux] and two

network cards per PC.

1. All the five networks are interconnected and can be used using the patch panel.

2. We use private IP addresses [IP’s that are used when we are not connected to the Internet]

in our lab. All our IP’s belong to Class C addresses. There are 5 Classes of IP addresses [A,

B, C, D, and E].

3. Subnet mask is used to get the Network address from an IP address. This is done by doing

binary AND operation between the IP address and the subnet mask.

4. The subnet mask we use in our lab is the default mask of Class B [255.255.0.0]. We use this

option so that we get same network address for all PCs in our lab and so, they all belong to

the same network. When we use routers, we change the subnet mask to 255.255.255.0 so

that each LAN belongs to different network.

5. A Linux Server is accessible at 192.168.230.252 and a Windows server is accessible at

192.168.230.250. These are connected to the Instructor Patch Panel.

6. Internet access is handled using Internet Sharing option at Instructor PC.

46 ULAN A

2 U PatchPanel

2 U Switch

4 U Router

2 U Hub

ICS-NWLA1 ICS-NWLA2 ICS-NWLA3 ICS-NWLA4

SAMPLE LAN STRUCTURE IN ICS-NETWORK LAB

WE HAVE 5 LANS IN OUR LAB [LAN A, B, C, D & E]

RACK

Figure 1.1: LAN setup in the Lab.

1 2221201918171615141312111098765432 2423

ICS-NW LA1 ICS-NW LA2 ICS-NW LA3 ICS-NW LA4

1 2221201918171615141312111098765432 2423

ICS-NW LB1 ICS-NW LB2 ICS-NW LB3 ICS-NW LB4

1 2221201918171615141312111098765432 2423

ICS-NW LC1 ICS-NW LC2 ICS-NW LC3 ICS-NW LC4

1 2221201918171615141312111098765432 2423

ICS-NW LD1 ICS-NW LD2 ICS-NW LD3 ICS-NW LD4

1 2221201918171615141312111098765432 2423

ICS-NW LE1 ICS-NW LE2 ICS-NW LE3 ICS-NW LE4

122

2120

1918

1716

1514

1312

1110

98

76

54

32

2423

PATCH PANEL LAN A

PATCH PANEL LAN B

PATCH PANEL LAN C

PATCH PANEL LAN D

PATCH PANEL LAN E

PATC

H PA

NEL IN

STRU

CTO

R LAN

OVERALL LAYOUT OF ICS NETW ORK LAB

Figure 1.2: Overall layout of ICS Network Lab

1.2.2 Network Cable

There are many types of network cables used in the real-world applications. Some of

them are given below:

1. Unshielded twisted pair: As the name indicates, the wires are twisted with one another

and there is no shield.

Figure 1.3: Unshielded twisted pair cable.

2. Shielded twisted pair: Shield with twisted pair.

Figure 1.4: Shielded twisted pair cable.

3. Coaxial cable: Similar to our cable TV cables.

Figure 1.5: Coaxial Cable.

1.3 Introduction to network device: 1.3.1 3Com Switch 3300

The SuperStack 3 Switch 3300 connects existing 10Mbps devices, connects high-

performance workgroup with a 100Mbps backbone or server connection, and connects power

users to dedicated 100Mbps ports – all in one switch. In addition, as part of the 3Com

SuperStack 3 range of products, we can combine it with any SuperStack 3 system as your

network grows.

The switch has the following hardware features:

1) There are 24 Fast Ethernet auto-negotiating 10Base-T/100Base-TX ports. 2) Matrix port for connecting units in the Switch 1100/3300 family to form a

stack. 3) Connect two units back-to-back using a single Matrix Cable 4) Connected up to four units using Matrix Cables linked to a Matrix Module. 5) Slot for an Expansion Module 6) SuperStack 3 architecture 7) Connects to Redundant Power System/Uninterruptible Power System 8) 19-inch rack or stand-alone mounting.

The front view of 3Com switch along with various LED information is provided

below:

10BASE-T / 100BASE-TX Ports

Port Status LEDsPacket: Yellow � Packets are being transmitted/

received on the portPacket: Off � No packets are being transmitted/

received on the port

Status: Green � Enabled, link OKStatus: Flashing Green � Disabled, link OK

Status: Off � No link

Power/Self Test LEDGreen: Powered up

Green flashing: Either downloading or initializingYellow: Failed its POST

Off: Without Power

Unit LEDsGreen: Position of the

switch in the stackOff: Stand-alone

Expansion Module Port Status LEDsPacket: Yellow � Packet is on expansion

module port(s)Off: No packet

Status: Yellow� Valid expansion module is installed

Yellow flashing: Unrecognized expansion module installed

Off: No expansion module

Figure 1.6: Front view of 3COM switch.

1.3.2 Cisco 2600 routers

The routers used in our lab are Cisco 2600. The front view of router has LEDs, that

indicates the following:

1. Power: Indicates the router's operating status. Comes on when power is supplied to the router and the router is operational.

2. RPS [Redundant Power System]: Off—No RPS is attached; On—RPS is attached and operational; Blinking—RPS is attached, but has a failure.

3. Activity: Off—In the Cisco IOS software, but no network activity; Blink (500 ms ON, 500 ms OFF)—In ROMMON, no errors; Blink (500 ms ON, 500 ms OFF, 2 seconds between codes)—In ROMMON, error detected; Blink (less than 500 ms)—In the Cisco IOS software, the blink rate reflects the level of activity.

The back view of our router: The router has serial and fast Ethernet ports. These ports

are mostly used for data transfer. It has console and auxiliary ports, which are used for

management purposes.

1.3.3 Cable connection for network devices

Students will be given a demonstration on various network devices like: Network

Interface Cards [NIC], BNC-Connectors, RJ45, etc. Students will be provided a tutorial about

various connectivity issues.

13.3.4 Straight through cable

Here, the connections are same on both the ends the cable. This type of cable is used

when we connect dissimilar devices [switch and router, router and hub, switch and PC, etc].

The colours of the wires and their respective pin numbers are mentioned below:

Green [Pin 1] Green [Pin 1] White Green [Pin 2] White Green [Pin 2]

White Orange [Pin 3] White Orange [Pin 3] Blue [Pin 4] Blue [Pin 4]

White Blue [Pin 5] White Blue [Pin 5] Orange [Pin 6] Orange [Pin 6]

White Brown [Pin 7] White Brown [Pin 7] Brown [Pin 8] Brown [Pin 8]

13.3.5 Cross-over cable

Here, the connections are different with a specific pattern. This type of cable is used

when we connect similar devices [router and router, switch and switch, PC and PC, etc] and

with some exceptions [switch and hub, Router and PC]. The colours of the wires and their

respective pin n*umbers are mentioned below:

Green [Pin 1] White Orange [Pin 1] White Green [Pin 2] Orange [Pin 2] White Orange [Pin 3] Green [Pin 3] Blue [Pin 4] White Brown [Pin 4] White Blue [Pin 5] Brown [Pin 5]

Orange [Pin 6] White Green [Pin 6] White Brown [Pin 7] Blue [Pin 7] Brown [Pin 8] White Blue [Pin 8]

13.3.6 Roll over cable

Here, the connections are made in reverse order. This type of cable is used to connect the

router/switch to the PC via console port for management purposes.

13.4 Introduction to IP addressing: Each Network Interface Card (NIC or Network card) present in a PC is assigned one

Network address called as IP address [or Network address]. This IP address is assigned by the

administrator of the network. No two PCs can have the same IP address.

There is a burned-in address on the NIC called as Physical Address [or MAC address or

Hardware address]. The MAC address of a network card indicates the vendor of that card and a

unique serial number.

13.4.4 Rules of IPv4 addressing

1. Format of IP address

IPv4 is made up of four parts, in the pattern as w.x.y.z. Each part has 8 binary bits and

the values in decimal can range from 0 to 255.

2. IP address classes

IP addresses are divided into different classes. These classes determine the maximum number of

hosts per network ID. Only three classes are actually used for network connectivity. The following

table lists all of the address class.

IP address class Value of the leftmost byte

Class A 1-126 [0 and 127 are not allowed]

Class B 128-191

Class C 192-223

3. Grouping of IP addresses into different classes.

a. Class A, B, C, D, E

b. Class A: first bit in w is 0 and others can be anything

i. 0.0.0.0 to 127.255.255.255

ii. First bits are used for network part and the remaining for host part.

c. Class B: First bit in w is 1 and second bit is 0.

i. 128.0.0.0 to 191.255.255.255

ii. First 16 bits for network part and remaining host part

d. Class C: first bit in w is 1, second bit in w is 1 and third bit is 0

i. 192.0.0.0 to 223.255.255.255

ii. First 24 bits for network part and last 8 bits for host part.

e. Class D: first, second, third bits in w are 1 and fourth bit is 0; used for multicast.

i. 224.0.0.0 to 247.255.255.255

f. Class E: future use or experimental purposes.

4. Default Subnet mask

it is used to identify the network part from the host part. Put binary one for the parts

that represent network part and zero for the part that represent host part.

a. Class A: 255.0.0.0

b. Class B: 255.255.0.0

c. Class C: 255.255.255.0

d. We can’t have mix of 1s and 0s in subnet mask. Only consecutive 1s is followed

by consecutive 0s

5. Invalid IP address.

a. If the network part is all 0s, the address belongs to class A. But this is an invalid

ip address because for an ip address all the network or host part should not be

all 1s or all 0s.

i. 0.0.0.0 is not valid. Routers use it internally.

b. If the network part is all 1s, this address belongs to class E. But due to presence

of all 1s, it is not valid. This represent broadcast to all networks.

i. 255.255.255.255 is not valid.

c. If the host part is all 0s, this represents network address. This is not a valid ip

address.

d. If the host part is all 1s, this represents broadcast address. This is not a valid ip

address.

e. We can’t use the ip address represented within private address range as part of

public ip address.

i. Class A: 10.0.0.0 to 10.255.255.255

ii. Class B: 172.16.0.0 to 172.31.255.255

iii. Class C: 192.168.0.0 to 192.168.255.255

f. 127.0.0.0 network address is used for loop-back testing. This will help you to

check the network card of your own PC [localhost].

g. The validity of the IP address is also based on the subnet mask used provided.

6. Default subnet masks for standard IP address classes

The following table lists the default subnet masks for each available class of TCP/IP

networks.

Address Class Bits for Subnet Mask Subnet Mask Class A 11111111 00000000 00000000 00000000 255.0.0.0 Class B 11111111 11111111 00000000 00000000 255.255.0.0 Class C 11111111 11111111 11111111 00000000 255.255.255.0

Exercises: In this exercise, you will determine the correct class for a given IP address. Q 1 Write the address class next to each IP address.

Address Class 131.107.2.89 3.3.57.0 200.200.5.2 191.107.2.10 127.0.0.1

Q 2 Which address class (es) will allow you to have more than 1000 hosts per network?

Q 3 Which address (es) will allow only 254 hosts per network?

Part B: Identify invalid IP address: Circle the portion of the IP address that would be invalid

if it were assigned to a host, and then explain why it is invalid.

a. 131.107.256.80

b. 222.222.255.222

c. 231.200.1.1

d. 126.1.0.0

e. 0.127.4.100

f. 190.7.2.0

g. 127.1.1.1

h. 198.121.254.255

i. 255.255.255.255

13.5 Software Packages: Throughout the whole semester, we would use the following packages:

1. Administration and Monitoring tools

2. Enhanced Ping [TJPing]

3. Ethereal

4. Network Simulator

5. OPNET IT GURU

13.6 References: Cisco 2600 Router http://www.cisco.com/warp/public/cc/pd/rt/2600/index.shtml 3Com Switch 3300 http://support.3com.com/infodeli/tools/switches/s_stack2/1698-5/manual.a01/chap1.htm Microsoft Visio http://www.microsoft.com/uk/office/visio/prodinfo/default.mspx TJPing http://www.dns.net/dnsrd/mark/wintools.html Ethereal http://www.ethereal.com/ Sniffem http://www.sniff-em.co.uk/ NS Simulator http://www.isi.edu/nsnam/ns/ WinGate http://www.wingate.com

L A B 2

LAN SETUP AND MONITORING

2. Objectives

Learn to create a simple LAN with two PCs using an Ethernet hub and two

straight-through cables to connect the workstations

Learn to configure and verify the network connectivity.

Learn about various network related commands

2.1. Setting up a simple network In this experiment, we will learn how to connect two PCs to create a simple Peer-to-

Peer network. The instructions for this lab focus on the Windows 2003 operating system. You

will share a folder on one workstation and connect to that folder from the other workstation.

This lab is divided into two exercises as follows:

Exercise: The two PCs will be connected with a hub between them [Refer Figure 1]. Using a

hub allows for more than just two workstations to be connected depending on the number of

ports on the hub. Hubs can have from 4 to 32 ports.

Figure 1. Network Connection via Hub

Tools / Preparation: The workstations should have Network Interface Cards (NIC)

installed with the proper drivers. The following resources will be required:

1. Two Pentium-based workstations with a NIC in each (NIC drivers should be available)

2. An Ethernet hub (4 or 8 port) and two CAT5 straight-wired cables.

2.1.1. Check Local Area Network Connections

Task: Verify the cables.

Explanation: You should check the cables to verify that you have good layer 1 physical

connections.

Exercise: Check each of the two CAT 5 cables from each workstation to the hub.

Verify that the pins are wired straight through by holding the two RJ-45 connectors for each

cable side by side with the clip down and inspect them. All pins should have the same color

wire on the same pin at both ends of the cable. (Pin 1 should match pin 1 and pin 8 should

match pin 8 etc.)

2.1.2. Plug in and connect the equipment

Task: Check the workstations and hub for exercise.

Exercise: Check to make sure that the NICs are installed correctly in each

workstation. Plug in the workstations and turn them on. Plug the straight through cable from

workstation 1 into port 1 of the hub and the cable from workstation 2 into port 2 of the hub.

After the workstations have booted, check the green link light on the back of each NIC and

the green lights on ports 1 and 2 of the hub to verify that the are communicating. This also

verifies a good physical connection between the Hub and the NICs in the workstations (OSI

Layers 1 and 2). If the link light is not on it usually indicates a bad cable connection, an

incorrectly wired cable or the NIC or hub may not be functioning correctly.

2.1.3. Network Adapters and Protocols

Task: Check the Network Adapter (NIC): Use the Control Panel System Device

Manager utility to verify that the Network Adapter (NIC) is functioning properly for both

workstations. Double click on Network Adapters and then right click the NIC adapter in use.

Click Properties to see if the device is working properly.

Explanation: If there is a problem with the NIC or driver, the icon will show a

yellow circle with an exclamation mark in it with (possible resource conflict) or a red X

indicating a serious problem (device could cause Windows to lock up).

2.1.4. Check the TCP/IP Protocol Settings

Task: Use the Control Panel/Network Connections (or Properties in Context Menu of

My Network Places) to display Network Connections Window. Then use Properties in Context

Menu of Local Area Connection to display Local Area Connection Properties Window. Select

the TCP/IP protocol from the Configuration Tab and click on properties. Check the IP

Address and Subnet mask for both workstations on the IP Address Tab.

Figure 2.1 Network Connections Window

Figure 2.4. TCP/IP Properties Window

Explanation: The IP addresses can be set to anything as long as they are compatible and on

the same network. Record the existing settings before making any changes in case they need

to be set back (for instance, they may be DHCP clients now). For this lab, use the Class C IP

network address of 192.168.230.0 and set workstation 1 to static IP address 192.168.230.1

and set workstation 2 to 192.168.230.2. Set the default subnet mask on each workstation to

255.255.0.0. For the purpose of this lab, you can leave the Gateway and DNS Server entries

blank.

Note: The lab has been configured into 5 class C IP networks with addresses:

192.168.230.0, 192.168.231.0, 192.168.232.0, 192.168.233.0, 192.168.234.0

2.1.5. Check the TCP/IP Settings with the IPCONFIG Utility

Task: Use the ipconfig.exe command to see your TCP/IP settings on one screen. Click

on Start Command Prompt.

Explanation: Enter ipconfig /all command to see all TCP/IP related settings for your

workstation.

1. Fill in the blanks below using the results of the IPCONFIG command from each

workstation:

Workstation 1 Name: Workstation 2 Name:

IP Address: IP Address:

Subnet Mask: Subnet Mask:

MAC (Hardware) Address: MAC (Hardware) Address:

2.1.6. Check the network connection with the Ping Utility

Task: Use the Ping Command to check for basic TCP/IP connectivity. Click on

Start Command Prompt. Enter the Ping command followed by the IP address of the other

workstation (Example - ping 192.168.230.1 or 192.168.230.2).

Explanation: This will verify that you have a good OSI Layers 1 through 3

connections.

2.2. Learn various network related commands To know and learn about various network related commands [ping, tracert, netstat, at,

net, route, arp] and few definitions cum settings.

2.2.1. PING Command

Ping is a basic Internet program that lets you verify that a particular IP address exists

and can accept requests. The verb ping means the act of using the ping utility or command. Ping

is used diagnostically to ensure that a host computer you are trying to reach is actually

operating.

Various options available in the ping command:

-t repetitively send packets.

-n number of echo to be sent

-l sending buffer size [Max: 65500 bytes]

-f Dont fragment; If this option is provided, then the packet should not be fragmented

and should be sent as it is.

-r count record route for count hops [3rd layer device]

-j loose source route [Optionally it can follow different route].

-k strict source route [MUST follow the route specified by us].

Note: For loopback address, you can ping it and get returns even when you are offline (not

connected to any network). If you don't get any valid replies, then there's a problem with the

computer's Network settings.

Example:

In order to send a packet to a host [192.168.230.1] with size of 60000 bytes each. We wish

to send the packets repetitively.

ping -t -l 60000 192.168.230.1

In order to send a packet with a size of 1000 bytes and don’t permit fragmenting.

ping -f -l 2000 192.168.230.1

In order to send a packet with a size of 1000 bytes and permit fragmenting.

ping -l 2000 192.168.230.1

In order to use loose route to a destination.

ping –j 10.221.0.64 10.140.1.201

In order to use strict route to a destination.

ping –k 10.221.0.64 10.140.1.201

• This will generate destination host unreachable message because this is not the first

device that the ping will meet.

ping –k 172.16.0.253 10.140.1.201

• This will work fine because this is the first device that the ping will meet.

Exercises:

1. Mention the difference between fragmenting and non-fragmenting packets.

2. Test the reach ability towards a PC [192.168.230.4] with fragmenting option enabled and

limit the number of echos to 5.

2.2.2 TRACERT Command

If someone would like to know how he goes from his house to his office he could just

tell the list of the crossroads where he passes. The same way we can ask the data sent over from

your computer to the web server which way does it go, through which devices? We ask it by

using the utility called traceroute. In most computers today you can use this tool from the

command line: In UNIX machines it is called traceroute, in MS Windows machines it is called

tracert.

Various options available in the tracert command:

-d Don’t resolve addresses to hostnames.

-h maximum_hops Maximum number of hops to search for target

-j host_list Loose source router along host list.

-w time-out wait timeout milliseconds for each reply.

Example:

• To check the options available in tracert,

tracert

• To check the trace from your PC to a server

tracert 196.1.64.1

• If you don’t want the names of the PC or devices on the way,

tracert –d 196.1.64.1

• To check the loose route trace from your PC to a server

tracert –j 10.221.0.64 10.140.1.201

Exercises:

• Find the route from your PC to ITC [itc.kfupm.edu.sa OR 10.140.3.171].

• Find the route from your PC to a CCSE server [vlsi.ccse.kfupm.edu.sa OR 196.1.64.70]

• Using the answers of the above, determine what is the first device your packet reaches

to move from our network lab.

2.2.3 PATHPING Command

This command is used as IP trace utility and so it is similar to the tracert command. It

has some extra features compared to tracert command.

PATHPING [-n] [-h max_hops] [-g host-list] [-p period] [-q num_queries] [-w timeout] [-t] [-

R] [-r] target_name

-n Don't resolve addresses to hostnames

-h max_hops Max number of hops to search

-g host-list Loose source route along host-list

-p period Wait between pings (milliseconds)

-q num_queries Number of queries per hop

-w timeout Wait timeout for each reply (milliseconds)

-T Test each hop with Layer-2 priority tags

-R Test if each hop is RSVP aware

Exercises: Do as in tracert command but provide options for setting the local source.

2.2.4 Enhanced Ping

TJPing is an excellent, widely acclaimed ping/lookup/traceroute utility for

Win95/98/Me/NT/2000/XP. It's fully configurable, multithreaded, and is very fast. All

configuration options, hosts, and interface settings are remembered from session to session.

Users can log all results to the file of their choice. A screen shot of the TJPing software is

shown below:

Exercise:

• Repeat the exercises provided to you in Ping and Tracert commands [Under sections

2.1 and 2.2] and store the result in a file for further reference.

2.2.5 NETSTAT Command

This command is used to get information about the open connections on your system

(ports, protocols being used, etc.), incoming and outgoing data and also the ports of remote

systems to which you are connected.

Various options available in the netstat command:

-a Displays all connections and listening ports.

-e Displays Ethernet statistics. This may be combined with the -s option.

-n Displays addresses and port numbers in numerical form.

-p proto Shows connections for the protocol specified by proto; proto may be TCP or

UDP. If used with the -s option to display per-protocol statistics, proto may be TCP, UDP, or

IP.

-r Displays the routing table.

-s Displays per-protocol statistics. By default, statistics are shown for TCP, UDP and IP;

the -p option may be used to specify a subset of the default.

Note: always use -a so as to see UDP packets also.

Example:

• To display all connections and listening ports

netstat –a

• To find out the statistics on your Ethernet card

netstat –e

• To get to know the routing table.

netstat -r

Exercise:

• Open a browser connection to http server [www.kfupm.edu.sa] and write down the

outcome of the command 'netstat -an'.

2.2.6 NetStat Live

Have you ever wondered just how fast your network connection is? Not just how fast

the modem is connected at, but how much data you can actually get? Does your internet

connection sometimes seem slower than normal? NetStat Live is a small, easy to use TCP/IP

protocol monitor which can be used to see your exact throughput on both incoming and

outgoing data - whether you're using a modem, cable modem, DSL, or even local network! NSL

doesn't just stop there, it lets you see how quickly your data goes from your computer to

another computer on the internet; it even will tell you how many other computers your data

must go through to get there! NSL also graphs your CPU usage of your system!

Exercise:

• Generate traffic to server [192.168.230.1] using ping command [with various packet size

options] and see how much of your outgoing interface is being used.

2.2.7 AT Command

This command is used to initiate any activity at a specific time. There are many options

in at command but we will concentrate on very few which we would use for network related

purposes.

Various options available in the at command:

/i interactive, which opens any window to show the pinging–[optional]

/c indicates command.

AT [\\computername] [ [id] [/DELETE] | /DELETE [/YES]]

/every:date[,...] Runs the command on each specified day(s) of the week or month.

If date is omitted, the current day of the month is assumed.

/next:date[,...] Runs the specified command on the next occurrence of the day (for

example, next Thursday). If date is omitted, the current day of the month is assumed.

"command" Is the Windows NT command, or batch program to be run.

The at command does not automatically load cmd, the command interpreter, before running

commands. Unless you are running an executable (.EXE) file, you must explicitly load

CMD.EXE at the beginning of the command; for example, cmd /c dir > c:\test.out.

Example:

• If we want to generate a ping at 13:15

at 13:15 /i cmd /c ping 192.168.232.2 -n 20

With interactive option, we don’t need to give cmd for general DOS

commands.

at 13:15 /i ping 192.168.232.2 –n 20

• If we want to generate a ping on a specific PC

at \\ics-nwle2 13:15 /i cmd /c ping 192.168.234.245 -n 20

• If we want to generate ping with specific options.

at 11:03am cmd /c ping 192.168.230.1 -t -l 3000

at 5:15pm cmd /c ping 192.168.231.1 -t -l 15000

Exercise:

• A network administrator wishes to check whether the sever [192.168.230.1] present in

his vicinity is reachable, at the start of the day [8:00am]. Accomplish this task using at

command.

2.2.8 NET Command

This command is used at the command prompt to display and control various network

related activities. We would refer to only to a small set of the options available.

Various options available in the net command:

net name name of the PC

net share details about shared resources

net start to start a service.

net stop to stop a service.

net use used to map a drive to the network path.

Example:

• To create a share called "shared" for the "c:\ics432" directory

net share shared=c:\ics432

• The computer would map the Z: drive to the network path //192.168.230.1/ics432

where c:\ics432 is already shared using the sharename ‘shared’.

net use z: \\192.168.230.1\shared

• To delete the mapped drive

net use z: /DELETE

• To remove the sharing option

net share shared /DELETE

• To send a text message to the computer with a host name of "ics-nwla1". If you receive

an error, Start Control Panel Administrative Tools Services. Make Messenger

service automatic. Click the Start Service button.

net send ics-nwla1 "ICS-NWLA1: A test message"

• To know the computer names that your computer can be sent messages TO

net name

• To know about more options in net share command.[Similar applies to other options

also]

net share /?

Exercise:

• Provide the command to create a share called "ics-network" for the "c:\ics432"

directory

2.2.9 ROUTE Command

This command manipulates network routing tables.

ROUTE [-f] [command [destination] [MASK netmask] [gateway]]

Various options available in the ROUTE command:

-f Clears the routing tables of all gateway entries. If this is used in conjunction with one of

the commands, the tables are cleared prior to running the command.

Command Specifies one of four commands

PRINT Prints a route

ADD Adds a route

DELETE Deletes a route

CHANGE Modifies an existing route

Destination Specifies the host to send command.

MASK If the MASK keyword is present, the next parameter is interpreted as the netmask

parameter.

Netmask If provided, specifies a sub-net mask value to be associated with this route entry.

If not specified, if defaults to 255.255.255.255.

Gateway Specifies gateway.

All symbolic names used for destination or gateway is looked up in the network and

host name database files NETWORKS and HOSTS, respectively. If the command is print or

delete, wildcards may be used for the destination and gateway, or the gateway argument may be

omitted.

Example:

• To display the routing table.

route PRINT

• To add a route a destination

route add <destination> mask <subnetmask> <gateway> metric <number>

IF <number>

destination is the destination network or ip address [200.20.20.0].

subnetmask is the subnet mask to be used [255.255.255.0].

gateway is the next hop through which the packet goes [192.168.230.254].

number after metric indicates the metric value [3].

number after IF indicates interface number [0x2].

route add 200.20.20.0 mask 255.255.255.0 192.168.230.254 metric 3 if 0x2

Exercise:

• Create a route entry in the routing table for a network 210.20.23.0 with the gateway

192.168.230.254 metric of 5.

2.2.10 ARP Command

The address resolution protocol (ARP) is a protocol used by the Internet Protocol (IP),

specifically IPv4, to map IP network addresses to the hardware addresses used by a data link

protocol. The protocol operates below the network layer as a part of the interface between the

OSI network and OSI link layer.

ARP -s inet_addr eth_addr [if_addr]

ARP -d inet_addr [if_addr]

ARP -a [inet_addr] [-N if_addr]

Various options available in the ARP command:

-a Displays current ARP entries by interrogating the current protocol data. If inet_addr is

specified, the IP and Physical addresses for only the specified computer are displayed. If more

than one network interface uses ARP, entries for each ARP table are displayed.

-d Deletes the host specified by inet_addr.

-s Adds the host and associates the Internet address inet_addr with the Physical address

eth_addr. The Physical address is given as 6 hexadecimal bytes separated by hyphens. The entry

is permanent.

eth_addr Specifies a physical address.

if_addr If present, this specifies the Internet address of the interface whose address

translation table should be modified. If not present, the first applicable interface will be

used.

Example:

• To display the entries in ARP cache

arp -a

• To delete an ARP entry in the cache

arp –d 192.168.230.1

Exercise:

• Remove all the entries in the ARP cache and then generate a PING command to a

specific PC [192.168.230.1]. Then, display all the entries in the ARP cache.

2.2.11 IPCONFIG Command

This command is used to get IP configurations present in your PC.

IPCONFIG /all Display full configuration information.

IPCONFIG /release [adapter] Release the IP address for the specified

adapter.

IPCONFIG /renew [adapter] Renew the IP address for the specified

adapter.

IPCONFIG /flushdns Purge the DNS Resolver cache. ##

IPCONFIG /registerdns Refresh all DHCP leases and re-register DNS names.

##

IPCONFIG /displaydns Display the contents of the DNS Resolver Cache. ##

IPCONFIG /showclassid adapter Display all the DHCP class IDs allowed for adapter.

##

IPCONFIG /setclassid adapter [classid] Modify the dhcp class id. ##

## works on Windows XP & 2K

Examples:

> ipconfig ... Show information.

> ipconfig /all ... Show detailed information

> ipconfig /renew ... renew all adapters

> ipconfig /renew EL* ... renew any connection that has its

name starting with EL

> ipconfig /release *Con* ... release all matching connections,

eg. "Local Area Connection 1" or

"Local Area Connection 2"

> ipconfig /setclassid "Local Area Connection" TEST

... set the DHCP class ID for the

named adapter to = TEST

Exercise: Get to know about the TCP/IP configuration on your PC using ipconfig /all.

2.2.12 NETSH Command

Configure interfaces, routing protocols, filters, routes, RRAS.

NETSH [-r router name] [-a AliasFile] [-c Context] [Command | -f ScriptFile]

context may be any of: DHCP, ip, ipx, netbeui, ras, routing, autodhcp, dnsproxy, igmp, mib,

nat, ospf, relay, rip, wins.

Under Windows XP the available contexts are: AAAA, DHCP, DIAG, IP, RAS, ROUTING,

WINS

To display a list of commands that can be used in a context, type the context name followed

by a space and a ? at the netsh> command prompt.

e.g.

netsh> routing ?

command may be any of:

/exec script_file_name Load the script file and execute commands from it.

/offline Set the current mode to offline. Changes made in this mode are

saved, but require a "commit" or "online" command to be set in

the router.

/online Set the current mode to online. Changes in this mode are

immediately reflected in the router.

/commit Commit any changes made in the offline mode to the router.

/popd Pop a context from the stack.

/pushd Push current context onto the stack.

/set mode [mode =] online | offline Set the current mode to online or offline.

/abort Discard changes made in offline mode.

/add helper DLL-name Install the helper .dll file in netsh.exe.

/delete helper .dll file name Remove the helper .dll file from Netsh.exe.

/show alias list all defined aliases.

/show helper list all top-level helpers.

/show mode show the current mode.

/alias List all aliases.

/alias [alias_name] Display the string value of the alias.

/alias [alias_name] [string1] [string2 ...] Set alias_name to the specified strings.

/unalias alias_name Delete an alias.

/dump - file name Dump or append configuration to a text file.

/bye Exit NETSH

/exit Exit NETSH

/quit Exit NETSH

/h Display help

/help Display help

/? Display help

Examples:

• Enter the netsh command.

netsh

• Dump all the network information as a script to the screen. Can also be sent to a file

by doing netsh dump > file.txt . This script can then be executed using the exec

command.

netsh dump

• Set the "Local Area Connection" to DHCP.

set address name="Local Area Connection" source=dhcp

• Set the local address to Static.

set address local static 10.0.0.9 255.0.0.0 10.0.0.1 1

• View network ip configuration. Below is an example of what may be seen.

netsh interface ip show config

Exercises:

• Provide the command to know the files that are needed for routing operation.

• Get the information about the various interfaces present in your PC.

2.3 Reference NetStat Live Software

http://www.analogx.com/contents/download/network/nsl.htm

NET Command

http://www.computerhope.com/nethlp.htm#04

ROUTE Command

http://www.computerhope.com/routehlp.htm

L A B 3

REMOTE ACCESS SYSTEM AND VPN

3. Objectives

Learn about Remote Access System

Configure RAS server and clients using Windows 2003

Learn about Virtual Private Networks

Configure VPN server and clients using Windows 2003

Configure a network which includes VPN with RAS

3.1 Installing and configuring RAS server 3.1.1 Installing RAS Server

1. Click Start Administrative Tools Routing and Remote Access

2. Right-click on Server Status and select Add Server…

3. Select This Computer and Click OK.

4. Select the name of the computer you are working on, which will appear under the Server

Status. Right-click and select Configure and enable Routing and Remote access

5. Routing and Remote access server setup wizard will appear. Click Next.

6. Configuration window will appear. Select Remote Access [Dialup or VPN]. Click

Next.

7. Select Dialup. Click Next.

8. Select any network card in Network Selection. Click Next. IP address assignment

window will appear.

9. Select From a specified range of addresses. Click Next.

10. Address range assignment window will appear. Click New.

11. Provide the address range as instructed by the instructor. Make sure this IP range doesn’t

have the already assigned IP addresses of our lab like 192.168.243.1 to 192.168.243.10.

12. Click OK. Click Next.

13. Managing multiple remote access servers window will appear. Click No, use routing

and remote access to authenticate connection requests.

14. Click Next. Click Finish.

15. Click OK.

3.1.2 Configuring a direct serial connection

Open Control Panel.

Double-click Phone and Modem Options, click the Modems tab, and then click New.

In the Install New Modem wizard, select the Don't detect my modem; I will select it

from a list check box, and then click Next.

In Manufacturer, click Standard Modem Types.

In Models, click Communications cable between two computers, and then click Next.

Follow the remaining instructions in the Install New Modem wizard.

3.1.3 Installing and Configuring RAS client

1. Click Start Control Panel Network Connections New Connection Wizard.

2. Click Next.

3. Network Connection Type window appears.

4. Click on Set up an advanced connection. Click Next.

5. Advanced connection options window will appear. Select Connect directly to another

computer. Click Next.

6. Select Guest [which indicates client]. Click Next.

7. Connection Name window appears. Type the server computer name in the computer

name text box. Click Next.

8. Select a device window appears. Select Communication cable between two

computers [COM1]. Click Next.

9. Connection availability window appears. Select Anyone’s Use. Click Next.

10. Click Finish.

3.1.4 Dialup to the server

1. The server and the client should be connected through COM1 port. This connection is

made using roll-over cable with DB9-to-RJ45 convertor.

2. Click Start Control Panel Network Connections.

3. An option appears in the name of the dialup server. Click this option.

4. Connect window appears. Enter the username and password for the server PC.

5. Click Connect.

6. Now that you are connected to the server.

3.1.5 Testing the RAS Installation

1. After the client is connected to the server, the following entry appears in the server.

2. Type the ipconfig /all command on both the RAS server and the RAS client to find

out:

At the Server:

1. From where does the PPP adapter get its own IP address?

2. Why is it that the subnet mask of the PPP is 255.255.255.255?

At the Client:

• IP address is assigned by the RAS server to the RAS client.

• Why the subnet mask is 255.255.255.255?

• Why is that the default gateway and the IP address be the same?

3. Ping from any network computer to the RAS client using:

• Its static IP address.

• The IP address assigned to it by the RAS server.

• Its host name.

4. What responses do you obtain in each case?

5. From a RAS client, use the Internet Explorer to view the default Web page on a Web

server in the network

6. What do you notice concerning the downloading speed between the networked Web

server and the RAS client?

7. From any computer on the network, use Internet Explorer to access the Web site of a

RAS client.

8. What RAS client address did you use? And what do you notice concerning the

downloading speed between the RAS client and the networked client?

Hint: http://static_IP_address

http://hostname

http://RAS_client_IP_address

9. If two or more RAS clients are available during this lab experiment; use Internet

Explorer on one of the RAS clients to access the Web server on another RAS client.

10. What do you notice concerning the downloading speed between the two RAS clients?

3.2 Virtual Private Networks A VPN utilizes public telecommunications networks to conduct private data

communications. Most VPN implementations use the Internet as the public infrastructure and

a variety of specialized protocols to support private communications through the Internet.

VPN follows a client and server approach. VPN clients authenticate users, encrypt data, and

otherwise manage sessions with VPN servers utilizing a technique called tunneling.

VPN clients and VPN servers are typically used in these three scenarios:

1. Remote access client connections: to support remote access to an intranet,

2. LAN-to-LAN internetworking: to support connections between multiple intranets

within the same organization, and

3. Controlled access within an intranet: to join networks between two organizations,

forming an extranet.

The main benefit of a VPN is the lower cost needed to support this technology

compared to alternatives like traditional leased lines or remote access servers. VPN servers can

also connect directly to other VPN servers. A VPN server-to-server connection extends the

intranet or extranet to span multiple networks.

3.3 Experimental Setup In this experiment, we are going to setup a network using three PCs. One PC (PC1) is

a RAS client, which dials to the RAS server (PC2). PC1 and PC2 are connected only using

COM1. PC3 is a VPN server that is connected to PC2 using the connection the switch. The

remote node (RAS client) wanting to log into the VPN site, calls into a local RAS server

connected to the public network. The VPN client establishes a connection to the VPN server

maintained at the other site. Once the connection has been established, the remote client can

communicate with the VPN site network just as securely over the public network as if it

resided on the internal LAN itself.

Note: For setting up RAS client and server, see the first part of the lab.

3.3.1 Configuring VPN Server

In Windows 2003, this can be setup from the RRAS (Routing and Remote Access

Server) Administrative Tool.

1. Click Start Administrative Tools Routing and Remote Access

2. Right-click on Server Status and select Add Server…

3. Select This Computer and Click OK.

4. Select the name of the computer you are working on, which will appear under the

Server Status. Right-click and select Configure and enable Routing and Remote

access

5. Routing and Remote access server setup wizard will appear. Click Next.

6. Configuration window will appear. Select Remote Access [VPN]. Click Next.

7. Select Dialup. Click Next.

8. Select any network card in Network Selection. Click Next. IP address assignment

window will appear.

9. Select From a specified range of addresses. Click Next.

10. Address range assignment window will appear. Click New.

11. Provide the address range as instructed by the instructor. Make sure this IP range

doesn’t have the already assigned IP addresses of our lab like 192.168.243.1 to

192.168.243.10.

12. Click OK. Click Next.

13. Managing multiple remote access servers window will appear. Click No, use routing

and remote access to authenticate connection requests.

14. Click Next. Click Finish.

15. Click OK.

16. The output of the ipconfig command should appear like the following.

17. Is it necessary to have more than one network card for VPN server? Justify.

18. If VPN server has two network cards, is it necessary that they both should belong to

different networks? Justify.

3.3.2 Configuring VPN Client

1. Right click the My Network Places icon and select Properties. This will bring you to the

Network Connections window that displays a list of your current network connections.

2. Double click the New Connection Wizard icon. You are faced with three options -

choose the second one, "Connect to the network at my workplace" and click Next.

Now choose the second option, "Virtual Private Network connection" and click Next.

3. Enter the name of the company or server you will be connecting to. Click Next.

4. Enter the host name or IP address of the VPN server. Hint: Entering the IP address is

recommended.

5. "Connection Availability" windows appear. "Anyone's use" will permit anyone who logs

onto the system to use the connection, whereas "My use only" will limit it's use to you

only. Choose “My use only”.

6. Click Next and Finish.Your new connection will be visible in the Network Connections

window.

7. Right click the new connection and select properties to open the properties window.

Here, you can configure, amongst others, the network settings and general options.

8. Select the Networking tab and in the "Type of VPN" drop down list, choose PPTP

VPN [Optional].

9. In the Options tab, you are able to configure dialing and redialing options on this page.

10. If you are using the same logon at your company network as you are for the VPN

server, then select the "Include Windows logon domain" check box.

11. Go to the security tab and verify that the screen looks like the one below.

12. If you select the General tab you can change the IP or Host Name of the VPN server

and select whether or not you want another connection to be established first before

initiating the VPN connection. For our experiment, we need to enable ‘Dial another

connection first’ option with the dial-up connection we have setup towards the RAS

server [Refer RAS experiment].

13. Press OK to close the window and return to the network connections window. If you

double click your VPN connection the logon window will appear.

14. Enter your username and password and click Connect. After the authentication process

is complete, you will be logged on to the VPN Server and two computers will appear at

the bottom right hand corner of your screen (default).

15. The output of the ipconfig command should appear like the following.

• Why do we have two PPP adapters here?

• Write about the route taken by the packet to go from the VPN client to the VPN

server.

3.4 Firewalls and VPN In this lab you will set up a network where servers are accessed over the Internet by

customers who have different privileges. You will study how firewalls and VPNs can provide

security to the information in the servers while maintaining access for customers with the

appropriate privilege.

3.4.1 Create a New Project

3 Start OPNET IT Guru Academic Edition Choose New from the File menu.

4 Select Project and click OK Name the project <your initials>_VPN, and the

scenario NoFirewall Click OK.

5 Click Quit on the Startup Wizard.

6 To remove the world background map, select the View menu Background Set

Border Map Select NONE from the drop-down menu Click OK.

3.4.2 Create and Configure the Network

Initialize the Network

6. Open the Object Palette dialog box by clicking . Make sure that the internet_toolbox

item is selected from the pull-down menu on the object palette.

7. Add the following objects, from the palette, to the project workspace (see figure below for

placement): Application Config, Profile Config, an ip32_cloud, one ppp_server, three

ethernet4_slip8_gtwy routers, and two ppp_wkstn hosts.

a. To add an object from a palette, click its icon in the object palette Move your

mouse to the workspace and click where you want to place the object Rightclick

to indicate you are done creating objects of this type.

b. Note: The ppp_server and ppp_wkstn support one underlying SLIP (Serial Line

Internet rotocol) connection at a selectable data rate. PPP DS1 connects two nodes

running IP. Its data rate is 1.544 Mbps.

8. Rename the objects you added and connect them using PPP_DS1 links, as shown below:

9. Save your project.

3.4.3 Configure the Nodes

Right-click on the Applications node Edit Attributes Assign Default to the

Application Definitions attribute Click OK.

Note: Several example application configurations are available under the Default

setting. For example, "Web Browsing (Heavy HTTP1.1)" indicates a Web browsing

application performing heavy browsing using HTTP 1.1 protocol.

Right-click on the Profiles node Edit Attributes Assign Sample Profiles to the

Profile Configuration attribute Click OK.

Right-click on the Server node Edit Attributes Assign All to the Application:

Supported Services attribute Click OK.

Right-click on the Sales A node Select Similar Nodes (make sure that both Sales

A and Sales B are selected).

Right-click on the Sales A node Edit Attributes Check the Apply Changes to

Selected Objects check-box.

Expand the Application: Supported Profiles attribute Set rows to 1 Expand

the row 0 hierarchy Profile Name = Sales Person (this is one of the “sample

profiles” we configured in the Profiles node).

Click OK.

Save your project.

3.4.4 Choose the Statistics

Right-click anywhere in the project workspace and select Choose Individual Statistics

from the pop-up menu.

In the Choose Results dialog, check the following statistics:

Global Statistics DB Query Response Time (sec).

Global Statistics HTTP Page Response Time (seconds).

Note: DQ Query Response Time is measured from the time when the database query

application sends a request to the server to the time it receives a response packet.

HTTP Page Response Time specifies the time required to retrieve the entire page

with all the contained inline objects.

Click OK.

Right-click on the Sales A node and select Choose Individual Statistics from the pop-up

menu.

In the Choose Results dialog, check the following statistics:

Client DB Traffic Received (bytes/sec).

Client Http Traffic Received (bytes/sec).

Click OK.

Right-click on the Sales B node and select Choose Individual Statistics from the pop-up

menu.

In the Choose Results dialog, check the following statistics:

Client DB Traffic Received (bytes/sec).

Client Http Traffic Received (bytes/sec).

Click OK and then save your project.

3.5 The Firewall Scenario In the network we just created, the Sales Person profile allows both sales sites to

access applications such as Database Access, Email, and Web Browsing from the server (check

the Profile Configuration of the Profiles node). Assume that we need to protect the database

in the server from external access, including the sales people. One way to do that is to replace

Router C with a firewall as follows:

Select Duplicate Scenario from the Scenarios menu and name it Firewall Click OK.

In the new scenario, right-click on Router C Edit Attributes.

Assign ethernet2_slip8_firewall to the model attribute.

Expand the hierarchy of the Proxy Server Information attribute Expand the row 1,

which is for the Database application, hierarchy Assign No to the Proxy Server

Deployed attribute as shown:

Note: Proxy Server Information is a table defining the configuration of the proxy servers

on the firewall. Each row indicates whether a proxy server exists for a certain application

and the amount of additional delay that will be introduced to each forwarded packet of that

application by the proxy server.

5. Click OK and then save your project.

Our Firewall configuration does not allow database-related traffic to pass through the firewall

(it filters such packets out). This way, the databases in the server are protected from external

access. Your Firewall scenario should look like the following figure.

3.6 The Firewall VPN Scenario In the Firewall scenario, we protected the databases in the server from “any” external

access using a firewall router. Assume that we want to allow the people in the Sales A site to

have access to the databases in the server. Since the firewall filters all database-related traffic

regardless of the source of the traffic, we need to consider the VPN solution. A virtual tunnel

can be used by Sales A to send database requests to the server. The firewall will not filter the

traffic created by Sales A because the IP packets in the tunnel will be encapsulated inside an IP

datagram.

While you are in the Firewall scenario, select Duplicate Scenario from the Scenarios

menu and give it the name Firewall_VPN Click OK.

Remove the link between Router C and the Server.

Open the Object Palette dialog box by clicking . Make sure that the opened palette is the

one called internet_toolbox.

Add to the project workspace one ethernet4_slip8_gtwy and one IP VPN Config

(see the figure below for placement).

From the Object Palette, use two PPP_DS1 links to connect the new router to

Router C (the firewall) and to the Server, as shown below.

Close the Object Palette dialog box.

Rename the IP VPN Config object to VPN.

Rename the new router to Router D as shown:

3.6.1 Configuring the VPN

Right-click on the VPN node Edit Attributes.

Expand the VPN Configuration hierarchy Set rows to 1 Expand row 0 hierarchy

Edit the value of Tunnel Source Name and write down Router A Edit the value of

Tunnel Destination Name and write down Router D.

Expand the Remote Client List hierarchy Set rows to 1 Expand row 0 hierarchy

Edit the value of Client Node Name and write down Sales A.

Click OK and then save your project.

3.6.2 Run the Simulation

To run the simulation for the three scenarios simultaneously:

Go to the Scenarios menu Select Manage Scenarios.

Change the values under the Results column to <collect> (or <recollect>) for the three

scenarios. Keep the default value of the Sim Duration (1 hour). Compare to the following

figure.

Click OK to run the three simulations. Depending on the speed of your processor, this may

take several minutes to complete.

After the three simulation runs complete, one for each scenario, click Close Save your

project.

3.6.3 View Results

To view and analyze the results:

Select Compare Results from the Results menu.

Expand the Sales A hierarchy Expand the Client DB hierarchy Select the Traffic

Received statistic.

Change the drop-down menu in the middle-lower part of the Compare Results dialog box

from As Is to time_average as shown.

Press Show and the resulting graph should resemble the following one:

Create a graph similar to the previous one, but for Sales B:

Create two graphs similar to the previous ones to depict the Traffic Received by the Client

Http for Sales A and Sales B.

Note: Results may vary slightly due to different node placement.

Questions

From the obtained graphs, explain the effect of the firewall, as well as the configured VPN, on

the database traffic requested by Sales A and Sales B.

Compare the graphs that show the received HTTP traffic with those that show the received

database traffic.

Generate and analyze the graph(s) that show the effect of the firewall, as well as the configured

VPN, on the response time (delay) of the HTTP pages and database queries.

In the Firewall_VPN scenario we configured the VPN node so that no traffic from Sales A is

blocked by the firewall. Create a duplicate of the Firewall_VPN scenario and name the new

scenario Q4_DB_Web. In the Q4_DB_Web scenario we want to configure the network so

that:

The databases in the server can be accessed only by the people in the Sales A site.

The web sites in the server can be accessed only by the people in the Sales B site.

3.7 References Errors with modem

http://www.modemhelp.net/dunerror/error_777.shtml

VPN

http://www.microsoft.com/windowsserver2003/technologies/networking/vpn/default.mspx

http://www.windowsnetworking.com/articles_tutorials/Client_Based_VPN_via_PPTP.html

GRE & PPTP

http://www.networksorcery.com/enp/protocol/gre.htm

L A B 4

DYNAMIC HOST CONFIGURATION PROTOCOL – DHCP

AND

NETWORK MEASUREMENT

4. Objectives

• Configure Windows 2003 as a DHCP Server

• Capture and analyze DHCP traffic generated

• Learn about different modes of network connections using hubs

and switches

• Analyze the network based on different parameters

4.1 Dynamic Host Configuration Protocol DHCP is a client/server protocol that automatically provides an IP host with its IP

address and other related configuration information such as the subnet mask and default

gateway. RFCs 2131 and 2132 define DHCP as an Internet Engineering Task Force (IETF)

standard based on the Boot Protocol (BOOTP), with which it shares many implementation

details. DHCP allows hosts to obtain all necessary TCP/IP configuration information from a

DHCP server.

4.1.1 Configure your computer

For this lab we will make all the lab computers as hosts on their respective network.

Thus at every computer modify the network configurations as follows:

1. Setup the first computer in every network as a DHCP server and have the other

computers in the group point to it as DHCP clients. Thus computer 192.168.230.1 –

which will be configured as DHCP server has static IP but all the clients get IP address

from the server.

2. Make sure that the Instructor PC is not acting as a connectivity between our lab

network and the CCSE network. This is to make sure that our DHCP server does not

provide IP address to the PC present in the CCSE network.

4.1.2 Configure Windows 2003 as a DHCP Client

Start Control Panel Network Connections. Right-click and select Open. Select

anyone of the local area connections and click. Click Properties. Local Area connection

properties window appears. Select Internet Protocol (TCP/IP) and click Properties.

Internet Protocol (TCP/IP) Properties window appears. Select the radio button ‘obtain an

IP address automatically’.

4.1.3 Configure Windows 2003 as a DHCP Server

Start Control Panel Add/Remove Programs. Click on Add/Remove Windows

Components.

Select Networking Services and check it. Then click Details button. Select DHCP and

Simple TCP/IP Services. Click Ok. Click Next. Click Finish.

Start Administrative Tools DHCP. DHCP Manager appears. Click on the computer

and right-click and select New Scope. New Scope Wizard appears. Enter the name of the

scope and its description. Enter the starting and ending IP address of the scope as instructed

by the instructor.

Click Next. If needed, add exclusion range and click Add. Click Next. On the lease

duration, click Next unless specified by the instructor.

Select Yes for DHCP configure options and Click Next. If needed specify the router [default

gateway] address and click Add. Click Next.

Click Next [for DNS server]. Click Next [for WINS server]. Select Yes for activating the

scope. Click Next. Completing the new scope wizard appears. Click Finish. DHCP window

appears.

4.1.4 Capture DHCP traffic

We will use Ethereal software to capture DHCP traffic. In order to install this software,

we need to install WinPCap software first. Then, we should install the Ethereal software. After

installation, follow these steps.

1. Run the Ethereal software. From the Capture Menu click Start. In the window that

pops up choose the appropriate network interface and Click Ok.

2. Generate DHCP traffic by using the commands ipconfig /release and ipconfig

/renew at the DHCP client. Stop the DHCP capture.

• What is the transport layer protocol DHCP uses?

• What is the use of port numbers 68 and 67?

• Why is that the Source IP address of the DHCP Discover all 0s?

• Why is that the Destination IP address of the DHCP Discover all 1s?

• What is the relationship between BOOTP protocol and DHCP?

• What is the use of physical address in DHCP?

• Why is the Destination IP address of DHCP Offer all 1s?

• Is DHCP Request a broadcast? If yes, what is the difference between DHCP Request

and DHCP Discover?

• How is the server identifier filled in the Bootstrap protocol?

• Does the client assign the IP address it got using DHCP Offer?

• Is the DHCP ACK a broadcast? Justify.

• What does DHCP Release do?

• Is DCHP Release Broadcast or Unicast? Justify.

4.2 Network Measurement 4.2.1 Getting ready for measurement

In this experiment, you are going to collect data about network parameters such as:

• Bytes sent/second

• Bytes received/second

• Bytes Total/second

• Current Bandwidth

• Packets sent Unicast/second

• Packets sent non-unicast/second

• Packets sent/second

• Packets/second These data will be recorded for different topologies to be discussed below [Section 5]:

Reference Name

A Cascaded shared hubs

B Segmented LAN

C High-Density Fast Ethernet switched workgroup

4.2.2 Creating a Real-Time Performance Monitor chart

Create a chart in Performance Monitor to display performance data real-time.

Note: For Windows 2003, you can find Network Monitor and Performance Monitor at:

Start Programs Administrative Tools Network Monitor

Start Programs Administrative Tools Performance

4.2.3 Install the Network Monitor

5 Click Start, click Control Panel.

6 Double-click Add/Remove Programs.

7 Click Add/Remove Windows Components.

8 Click Management and Monitoring Tools, and then click Details.

9 Select the Network Monitor Tools check box, and then click OK.

10 Click Next.

Note: In Windows 2003, Microsoft Network Segment is no longer available with Performance

Monitor. So, we can’t use the %Network Utilization option available under Network Segment

in Windows 2003. To view %Network Utilization, we have to use Network Monitor [Select

the network interface and start capture]. As the value keeps on changing, we just view that value

there.

4.2.4 Configure the chart

Click the Start button, point to Administrative Tools, and then click Performance.

To see the Graph or Histogram or Report, you can click on the respective button available at

the graphical part of the screen.

Select on Graph. To add entries to the chart, right-click on the graphical area and select Add

Counters.

In the Performance Object box, select Network Interface.

Notice that Processor is the default object. In the Counter list, to know about an

entry, select that entry and click on Explain.

Then select the Bytes Sent/second, Bytes Received/second, Bytes Total/sec,

Current Bandwidth, Packets/second, Packets Sent/second, Packets sent

unicast/second and Packets sent non-unicast/second. We can select them at the same

time using Control key.

We have to select all the above entries for both the network cards. We can select both

the network cards in the Instances list using Control key.

Click Close.

A graph appears, displaying the real-time activities for the processor.

4.2.5 Generation of data and its representation on the chart

Starting with topology A [Refer Section 5], for each topology [A to C], we need to

generate some traffic. The implementation of this part depends on the available resources for

network traffic generation in the lab. You can just use ping or view something from the server

to generate some traffic.

Example of generating traffic: Use ping command and generate continuous [repetitive]

traffic to the server [192.168.230.1] with the packet size of 65000.

ping –t –l 65000 192.168.230.1

4.2.6 Summarizing performance data in a Performance Monitor report

Use reports to view data in a non-graphical format. To create a report showing the

network parameters values for the entire graph period

1. To see the Report, you can click on the report button available at the graphical part of the

screen.

2. A report with the chosen counters is displayed, showing the averages. This report shows the

values for both the network cards.

Note: You might get zero value for one network card and some values for another network

card. This will happen if one of the cards is used for data transfer.

3. Write down the Average and Maximum values of each counter in the Counter list for the

entire graph period in the tables provided in Section 6.

4.2.7 Generating Alerts

In this exercise, you will generate alerts from the collected data. To generate

performance logs and alerts:

1. On the left pane of the Performance Window, click on Performance Logs and

Alerts.

2. Select Alert. To add an alert, right-click on it.

3. You can add an alert from a file or add a new one directly.

4. To add an alert directly, click New Alert Settings…

5. Enter the name for the alert in the Name text box.

6. Click on Add… to add counters.

7. Select the respective Performance Object, Counter and the instance.

8. In the Performance Object list, select Network Interface and

9. In the Counter box, select Bytes Total/sec along with one interface card at the

Instances list.

10. Click Add

11. Click Close if you have selected as many alert entries you need.

12. If you have wrongly selected an entry, you can delete it by selecting the alter entry and

click Remove.

13. Select the alert entry in Counters list, Select Over at Alert when the value is. Enter

100000 as the Limit.

14. Under Action tab, you can set the alert message to be logged on a file or display a

message or run a specific program.

• Select the ‘Log an entry in the application event log’ option and you can view the

log using: Administrative Tools Event Viewer.

• Select the ‘Send a network message to’ option and provide the name of the machine

to which you want to see the alert pop-up [on your network]. Make the messenger

service is running.

15. Under Schedule tab, you can select the time period over which you want to check for

these alerts.

16. Click OK.

17. A similar approach can be followed to add Counter or Trace logs.

4.2.8 Topology Diagrams

The topologies we set in this lab are the following:

AC TAC T10M 100M

1 2 3 4

13 1 4 15 16

5 6 7 8

17 18 19 20

9 10 11 12

21 22 23 24

UPLINK

1 2 3 4 5 6 7 8 9 10 1112

13141516171819202122 2324CO LCO L

PWR

SWITCH

19 20 21 22 23 2413 14 15 16 17 187 8 9 10 11 121 2 3 4 5 6

43 44 45 46 47 4837 38 39 40 41 4231 32 3 3 34 35 3625 26 27 28 29 30

AC TAC T10M 100M 1 2 3 4

13 1 4 15 16

5 6 7 8

17 18 19 20

9 10 11 12

21 22 23 24

UPLINK

1 2 3 4 5 6 7 8 9 10 1112

13141516171819202122 2324CO LCO L

PWR

SWITCH

AC TAC T10M100M

1 2 3 4

13 1 4 15 16

5 6 7 8

1 7 18 19 20

9 10 11 12

2 1 22 23 24

UPLINK

1 2 3 4 5 6 7 8 9 1011 12

1314151617181920212223 24C OLC OL

PWR

SWITCH

AC TAC T10M100M 1 2 3 4

13 1 4 15 16

5 6 7 8

1 7 18 19 20

9 10 11 12

2 1 22 23 24

UPLINK

1 2 3 4 5 6 7 8 9 1011 12

1314151617181920212223 24C OLC OL

PWR

SWITCH

CASCADED SHARED HUBS

Server ServerClient

ClientClient Client

Client

Client

Hub

HubHub

Hub

Patch Panel

A C TA C T1 0M 1 0 0 M

1 2 3 4

1 3 1 4 1 5 1 6

5 6 7 8

17 18 19 20

9 1 0 1 1 1 2

2 1 2 2 2 3 2 4

U P L IN K

1 2 3 4 5 6 7 8 9 10 11 1 2

1 3 141 5161 718 1 92 02 122 23 2 4C O LC O L

P W R

S W IT C H

19 2 0 2 1 22 23 2 413 14 1 5 16 17 187 8 9 10 11 1 21 2 3 4 5 6

43 4 4 4 5 46 47 4 837 38 3 9 40 41 4231 32 3 3 34 35 3 625 26 27 28 29 30

A C TA C T1 0M 1 00 M

1 2 3 4

1 3 1 4 1 5 1 6

5 6 7 8

17 1 8 1 9 2 0

9 1 0 1 1 1 2

2 1 2 2 2 3 2 4

U P L IN K

1 2 3 4 5 6 7 8 9 10 11 1 2

1 3 141 51 61 7 181 92 02 122 23 2 4C O LC O L

P W R

S W IT C H

A C TA C T1 0M 1 0 0 M

1 2 3 4

1 3 1 4 1 5 1 6

5 6 7 8

17 18 19 2 0

9 1 0 1 1 1 2

2 1 2 2 2 3 2 4

U P L IN K

1 2 3 4 5 6 7 8 9 10 11 1 2

1 3 141 51 61 7181 92 02 122 23 2 4C O LC O L

P W R

S W IT C H

A C TA C T1 0M 1 0 0 M

1 2 3 4

1 3 1 4 1 5 1 6

5 6 7 8

17 18 19 2 0

9 1 0 1 1 1 2

2 1 2 2 2 3 2 4

U P L IN K

1 2 3 4 5 6 7 8 9 10 11 1 2

1 3 141 51 61 7181 92 02 122 23 2 4C O LC O L

P W R

S W IT C H

S E G M E N T E D L A N

S e rv e r

S e rv e r

C lie n t

C lie n t

C lie n t C lie n t C lie n t

C lie n t

H u b

H u b

H u b

H u b

P a tc h P a n e l

S w itc h

S w itc h

19 20 21 22 23 2413 14 15 16 17 187 8 9 10 11 121 2 3 4 5 6

43 44 45 46 47 4837 38 39 40 41 4231 32 33 34 35 3625 26 27 28 29 30

High-Density FastEthernet Switched Workgroup

Server

Client

Client

Client

Patch Panel

Switch

COL-ACT-STA-

1 2 3 4 5 6 7 8 9101112HS1 HS2 OK1 OK2 PS

CONSOLE

COL-ACT-STA-

1 2 3 4 5 6 7 8 9101112HS1 HS2 OK1 OK2 PS

CONSOLE

Switch

Server

Client

Client

Client

Switch

COL-ACT-STA-

1 2 3 4 5 6 7 8 9101112HS1 HS2 OK1 OK2 PS

CONSOLE

COL-ACT-STA-

1 2 3 4 5 6 7 8 9101112HS1 HS2 OK1 OK2 PS

CONSOLE

Switch

4.2.9 Cascade shared hubs

PCs are connected to each other via hubs. Hubs can be connected directly or via patch

panel.

4.2.10 Segmented LAN

Clients are connected to the hub and the server is connected to the switch. Hubs are

connected to the switch.

4.2.11 High-density Fast Ethernet Switched workgroup

PCs are connected to each other via switches. Switches can be connected directly or via

patch panel.

4.2.12 Data-entry tables

The description about various network parameters is given below:

Bytes Received/sec is the rate at which bytes are received on the interface, including framing

characters.

Bytes Sent/sec is the rate at which bytes are sent on the interface, including framing

characters.

Bytes Total/sec is the rate at which bytes are sent and received on the interface, including

framing characters.

Current Bandwidth is an estimate of the interface's current bandwidth in bits per second

(BPS). For interfaces that do not vary in bandwidth or for those where no accurate estimation

can be made, this value is the nominal bandwidth.

Packets Sent Unicast/sec is the rate at which packets are requested to be transmitted to

subnet-unicast addresses by higher-level protocols. The rate includes the packets that were

discarded or not sent.

Packets Sent Non-Unicast/sec is the rate at which packets are requested to be transmitted to

non-unicast (i.e., subnet broadcast or subnet multicast) addresses by higher-level protocols. The

rate includes the packets that were discarded or not sent.

Packets Sent/sec is the rate at which packets are sent on the network interface.

Packets/sec is the rate at which packets are sent and received on the network interface.

Network parameters (Average) A B C

Bytes received/second

Bytes sent/second

Bytes Total/second

Current Bandwidth

Packets sent unicast/second

Packets sent non-unicast/second

Packets sent/second

Packets/second

Topology A

Network parameters Average Minimum Maximum

Bytes received/second

Bytes sent/second

Bytes Total/second

Current Bandwidth

Packets sent unicast/second

Packets sent non-unicast/second

Packets sent/second

Packets/second

Topology B

Network parameters Average Minimum Maximum

Bytes received/second

Bytes sent/second

Bytes Total/second

Current Bandwidth

Packets sent unicast/second

Packets sent non-unicast/second

Packets sent/second

Packets/second

Topology C

Network parameters Average Minimum Maximum

Bytes received/second

Bytes sent/second

Bytes Total/second

Current Bandwidth

Packets sent unicast/second

Packets sent non-unicast/second

Packets sent/second

Packets/second

Notes:

1. Both the switches [3Com superstack 3 switch 3300] and hubs [3Com superstack II

Hub 100 TX] in our lab supports both 10Mbps and 100Mbps.

2. The number of bytes received/second and number of bytes sent/second on the clients

will be the same because ping command generates both ICMP echo request [Bytes

sent/second] and ICMP echo reply [Bytes received/second] that carries the same data

size. The same applies to the server also because it receives the echo request [Bytes

received/second] from the client and sends echo reply [Bytes sent/second] to the client.

3. The hubs we have 3Com SuperStack II Hub 100 TX (3C250C) handles unicasts

similarly to that of switches. So, you don’t find the entries at the server and the client as

the same.

3.8 Analysis You may think that just comparing the Current Bandwidth with the Bytes/Sec proves

that the network is at full capacity. On closer inspection of the Scale, you can realize what is the

difference in scale between the Current Bandwidth and Bytes/Sec. There is one more factor;

the Current Bandwidth is in bits while the Bytes/Sec is in bytes. 1 bytes = 8 bits. When you

compute all these factors, the actual network utilization can be found. For example, if the

Bytes/Sec average is 103112.

Bytes /Sec = 103,112 bytes x 8

Bytes /Sec = 894,896 bits/Sec.

Current bandwidth = 100Mbps = 100 * 106 bps = 100,000,000 bits/Sec

Network Utilization = 894896/100000000 = 0.82%

One of the amazing features of an Ethernet network is that only one machine can

transmit at a time. Once the network reaches 30% capacity, pure chance means that two

machines try and end a packet at the same instant. The result is more and more collisions start

happening, this leads to re-transmissions and a slow down of network traffic.

Networks bottlenecks occur at surprisingly low levels of utilization. 40% would

normally be considered a bottleneck. The reason for getting a very low utilization value was that

there are fewer machines on network and the traffic generated by each machine is very

minimal. The more machines the greater the risk of collisions from two machines wanting to

transmit at once.

3.9 References DHCP FAQ

http://www.dhcp-handbook.com/dhcp_faq.html

Performance Monitor

http://www.windowsnetworking.com/articles_tutorials/Windows_2003_Performance_Monito

r.html

Performance Monitor – Getting Started

http://www.computerperformance.co.uk/HealthCheck/GettingStarted.htm

L A B 5

DOMAIN NAME SYSTEM

5. Objectives: Learn the structure of the Domain Name System and the role played by Name Servers.

Configure Windows 2003 to use DNS server with various options.

Use nslookup and DIG programs to issues DNS queries and analyze the results.

Use Ethereal software to capture DNS requests and replies.

5.1 Domain Name System

5.1.1 Background Information

In the context of DNS, A Name Server is the application that is acting as the server for

the DNS protocol. A Name Server performs two primary tasks:

a) Maintains among other things the host-name to IP address mappings for the hosts in its

zone. The information is stored in a form resembling a database table (hence, the name DNS

database) with each record, known as a Resource Record (RR) consisting of five fields:

(domain name, class, type, value, ttl).

b) Responds to DNS queries. Recall that a query is basically a partial resource record (i.e. having

the domain name, class and type). The name server job is to return the corresponding matching

resource records. The name server will normally lookup his local database or its cache and if

there is no match and the domain in question happens to be external then the name server will

forward the query to some other name server and awaits some reply. The received reply is

returned to the requester and also added to local cache.

5.1.2 Configure Windows 2003 to use DNS

1. For Instructor: To make the PCs access the local Intranet, we need to setup the Instructor

PC to enable Internet sharing via the 172.16.0.0 Network card. If the instructor PC runs

Windows 2000, we need to select the appropriate network card and enable Sharing

{TCP/IP Properties menu Sharing tab}. With enabled shared access, select the local

connection as the network card with 192.168.230.0 network address. Make sure that both

the network cards are enabled. If the instructor PC runs Windows 2003, then use routing

and remote access wizard.

2. Set the subnet mask as 255.255.0.0 & gateway address as 192.168.230.251 [IP address of the

instructor’s PC]

3. Use Start Control Panel Network Connections. Right Click and click ‘Open’. Click

Local Area Connection Properties. Select Internet Protocol(TCP/IP) and click

Properties. TCP/IP Window appears and set DNS Server to 172.16.0.1.

Optionally you can configure some suffixes [under TCP/IP Properties Advanced.

Select DNS tab] that will be appended to partial domain names (i.e. ones not ending with

"."). It is suggested that you add the following suffixes:

ccse.kfupm.edu.sa

kfupm.edu.sa

pc.ccse.kfupm.edu.sa

4. With the above setup the network of our lab will appear as below:

19 20 21 22 23 2413 14 15 16 17 187 8 9 10 11 121 2 3 4 5 6

43 44 45 46 47 4837 38 39 40 41 4231 32 33 34 35 3625 26 27 28 29 30

19 20 21 22 23 2413 14 15 16 17 187 8 9 10 11 121 2 3 4 5 6

43 44 45 46 47 4837 38 39 40 41 4231 32 33 34 35 3625 26 27 28 29 30

19 20 21 22 23 2413 14 15 16 17 187 8 9 10 11 121 2 3 4 5 6

43 44 45 46 47 4837 38 39 40 41 4231 32 33 34 35 3625 26 27 28 29 30

192.168.230.1 & 192.168.230.5

SM: 255.255.0.0GW: 192.168.230.251

ICS-NWLA1 ICS-NWLB1192.168.231.1 & 192.168.231.5

SM: 255.255.0.0GW: 192.168.230.251

INSTRUCTOR PC

192.168.230.251SM: 255.255..0

172.16.20.2SM: 255.255.0.0

Inter LANInter LAN

SwitchSwitch

Hub

CCSE Network

5.1.3 Execute some DNS queries using nslookup

The nslookup (abbreviation for name server lookup) program is one of the standard TCP/IP

utilities for testing DNS server configuration. Thus nslookup is simply a DNS client. In

Windows 2003, it can be executed from the command prompt by typing: nslookup <enter> as

shown below. Type nslookup at the command prompt.

As can be seen from the above figure, nslookup tries to contact the already configured DNS

server and then wait for additional commands. Type-in some host name and hit <enter>.

Nslookup returns some answer(s).

Note: nslookup assumes that the data given is a domain name and defaults to resource record

type=A and class=IN. Also note that the server identifies itself again at the start of every reply.

Issue the command help and notice the outcome.

Issue MX query [Mail Exchanger] using Set Option command as: set querytype=mx. Type some

e-mail domain.

You should find out the IP addresses for root servers. Find the IP addresses by issuing the set

command set querytype=ns and then the domain name.

Exercise:

• Find out the authoritative servers for the sa domain?

Get a detailed answer using set debug

The above interaction shows that if the given domain name does not end with "."

[www.kfupm.edu.sa Without a “.” At the end] then nslookup tries appending the pre-

configured suffixes one at a time. Clearly, a waste of computer time!. So, the same command as

the previous step but with a “.” at the end.

Type exit to close the nslookup window.

5.1.4 Capturing DNS traffic using Ethereal

In this experiment you will capture the requests and replies that are generated during

nslookup session. Ethereal software is able to highlight the data that is exchanged between the

client and server during a TCP or UDP session. This is a handy feature that can be used to

trace all the message requests and their corresponding replies and is a good way to learn how

the application protocol works.

Follow the following steps:

1. To Start the EtheReal Network Monitoring Tool, Goto Start – Programs –EtheReal -

EtheReal. Then you will fine the following window (Left).

2. Goto Capture menu and click on Start menu item (Shown in above figure (right)). Then you

will find the following window (left).

After entering the relevant details, click ok in the window then the capturing window will

appear as shown above in (right).

3. From the command prompt executes nslookup and type: www.ccse.kfupm.edu.sa and hit

<enter>.

4. In Ethreal window hit Stop button.

5.2 Setting up for the DNS Client and DNS Server Server and one as PC Client].

For the

l and Configure a DNS Server Using the Wizard

on Add/Remove Windows

king Services and check it. Then click Details button. Check Domain

Exercise:

• How does Ethereal know that these packets are related?

• Compare the queries and answers of DNS and know about the various types of DNS

entries.

• From the above figures, fill the format of the DNS given below.

20 byte IP Header

Ethernet Destination Address

This experiment can be done in pairs [One PC as DNS

DNS client, put the IP address of the DNS server as the Primary DNS Server [Under

TCP/IP Properties]. For the DNS server, assign it’s own IP address as the Primary DNS

Server.

5.2.1 Instal

Follow the following steps to install and configure DNS Server.

Start Control Panel Add/Remove Programs. Click

Components

Select Networ

Ethernet Source Address

IP Source Address

EtherType

IP Destination Address

Protocol*

14 byte Ethernet Frame Header

0800 indicate he frame contains IP packet 2 bytes: s that t

6 bytes

6 bytes

* indicates that the packet contains UDP message

4 bytes

4 bytes

4 bytes

Source Port

Length

DNS Request

UDP Header+Data

Ver HL*

Frame Checksum

Name System and Simple TCP/IP services. Click OK.

Windows Component Wizard appears. Click Next. It will for Windows 2003 CD-

asked

ROM. Enter the directory C:\software\i386 [or select via Browse button] under Copy

files from. Completing the windows component wizard appears. Click Finish.

To configure the DNS server, Start Administrative Tools DNS. If you are

whether to start the DNS on your local computer, click Ok. If you are asked whether to

add the service, click Yes.

OTE: N If the message appears as ‘Cannot connect to the DNS’, delete the DNS server you

ne, right-click forward lookup zone and click new

have added. Go to Start Administrative Tools Services. Click DNS Server and click All

Tasks Start. In the DNS manager, Click Action Connect to DNS server. If you still face

a problem, check your IP address.

To create a forward lookup zo

zone. Click Next. Select Primary Zone and then click Next.

New Zone Wizard appears. Enter the name as nwlab.ics.kfupm.edu.sa

Click Next. Zone file is shown. Click Next.

The window about Dynamic update appears. Select the ‘Do not allow dynamic

updates’ radio button. Click Next.

Completing the new zone wizard appears. Click Finish.

To create a reverse lookup zone, right-click reverse lookup zone and click new zone.

Click Next. Select Primary Zone and then click Next. Click Next. Click Next. Click

Finish.

5.3 Configuring the DNS Server through Management Console hine. From the

Contex

The left pane should show an icon corresponding to the local mac

t Menu you can choose to create Foreword Lookup or Reverse Lookup zone. Then

from the Context Menu for the zone allow you to add the appropriate type of resource records.

The Foreword Lookup zone can contain ordinary types such as SOA, A, MX, NS, HostInfo,

...etc., while the Reverse Lookup Zone contains only type PTR records.

The rightmost pane shows the various Resource Records. Double-click to view or modify the

corresponding record. The window below is obtained by double-clicking which for the SOA

record.

5.3.1 Adding a Host Address Record

Select a foreword lookup zone and from context menu select New Host (A). This

brings the following screen. Type the Name and IP address and Click Add Host to add a

host. The Create PTR record option will succeed if you have a corresponding Reverse Lookup

zone for this Foreword Lookup zone. If so then go the Reverse Lookup one and select

Refresh from the Context Menu.

Note: Make sure that you add a host entry for the local DNS server with both the network

interface card IP addresses.

In DNS Management Tool, select the Forward Lookup Zone and click on your domain

name. On the right pane, double-click the Name Server entry [under Type] and make sure

that you have the fully qualified name [which includes the name of the host along with the

domain name]. If the fully qualified name does not exist, click Edit. Choose Browse and select

the machine name on which you are running the DNS server. Repeat the procedure for

Reverse Lookup Zone.

5.3.2 Location of DNS data in Windows 2003

As shown below, the data for a zone is kept as a text file in Windows \ System32

\dns.

Note: To ensure that the file is up-to-date choose Update Server Data File from the Context

Menu for the zone.

5.3.3 Testing the DNS Server configuration

As shown below, following the nslookup prompt we till nslookup to use the locally

running name server by typing: server 127.0.0.1 <enter>.To test Reverse Lookup use the

command set type=ptr then type some IP address.

Note: Both at the DNS server and clients, under TCP/IP properties, click Advanced. Select the

DNS tab and check the ‘append these DNS suffixes’ and add your domain name

[nwlab.ics.kfupm.edu.sa] to it. Also enter the IP address of the DNS server as the ‘Preferred

DNS server’ in the TCP/IP properties. The DNS client should have its Primary DNS server

pointing to the IP address of the DNS server you have setup.

5.4 Configuring the DNS Server to forward to other DNS Servers In the management console [Start Administrative Tools DNS], point to the icon

associated with the DNS server and right-click and select properties to bring up the Window

shown below. Enter the IP address of some DNS Server that this DNS server will foreword to

(e.g. the DNS server used by CCSE – 172.16.0.1). Then click the Add button.

Exercise:

• Use nslookup and have it use your DNS server to lookup the IP address of some host

in CCSE [ics-saleem].

5.5 Removing the service Follow the steps mentioned below:

1. Put back the original IP address and the subnet masks.

2. Start Administrative Tools Services.

3. Stop the DNS Server.

4. Start Control Panel Add or remove programs Add/Remove Windows

Components.

5. Remove DNS under Networking Services.

5.6 References: ICMP

http://www.freesoft.org/CIE/Topics/81.htm

TCP

http://www.freesoft.org/CIE/Topics/83.htm

L A B 6

PART - I

HTTP AND WEB

6. Objectives

Learn the concepts of client/server applications

Setup a Web server and publish a Web site

Learn the format of HTTP requests and replies

Use Telnet to execute HTTP commands directly against a Web Server

Learn the architecture of the Web and distinguish between Web browser and server

Master the concept of a URL and distinguish between an absolute and relative URL

Learn the basics of HTML & ASP

Learn about Web Caching. This lab is designed to demonstrate the implementation of

switched local area networks. The simulation in this lab will help you examine the

performance of different implementations of LANs connected by switches and hubs.

6.1 Background Information: Networking protocols are normally developed in layers, with each layer responsible for

a different facet of the communications. A protocol suite, such as TCP/IP, is the combination

of different protocols at various layers. TCP/IP is normally considered to be a 5-layer stack as

shown in Figure 1.

Application Telnet, FTP, Web, e-mail, etc.

Transport TCP, UDP

Network IP, ICMP, IGMP

Data Link +Physical Device driver and interface card

Figure 1. The five layers of the TCP/IP protocol suite.

6.2 Install and Examine TCP/IP services To install some of the TCP/IP services in Windows 2003 use Start Control

Panel Add or Remove Programs Add/Remove Windows Components. This displays

the dialogs shown in the following Figure. Select Networking Services and click on Details.

Many services are found under Networking Services. Make sure that ‘Simple TCP/IP

Services’ is selected. If not selected, select it and give OK. If ask for CD, click OK and then

provide the location as C:\software\i386.

To verify, stop and resume any of these service use Start Administrative

Tools Services, which displays the Services Window shown below.

Finally, one can use Telnet client to interact with any of these services. If Telnet is not

enabled, you can enable it using: Start Administrative Tools Services Telnet; Right-

click and select Properties. Select Stratup type Automatic. You might need to click on

Start button or else, right-click and then select start.

For example, to access chargen (which listens on TCP port 19), type the following at the

Start Command Prompt: telnet 127.0.0.1 19

Note: Sometimes, you need to use the IP address of your PC.

Write down the command to access the Daytime service [Port number 13]. What is

the output?

6.3 Install Internet Information Services and the FTP Service Because FTP depends on Microsoft Internet Information Services (IIS), IIS and the

FTP Service must be installed on the computer. To install IIS and the FTP Service, follow these

steps.

NOTE: In Windows Server 2003, the FTP Service is not installed by default when you install

IIS. If you already installed IIS on the computer, you must use the Add or Remove Programs

tool in Control Panel to install the FTP Service.

1. Click Start, point to Control Panel, and then click Add or Remove Programs.

2. Click Add/Remove Windows Components.

3. In the Components list, click Application Server, click Internet Information

Services (IIS) (but do not select or clear the check box), and then click Details.

4. Click to select the following check boxes (if they are not already selected):

Common Files

File Transfer Protocol (FTP) Service

Internet Information Services Manager

World Web Wide Service

5. Click to select the check boxes next to any other IIS-related service or subcomponent

that you want to install, and then click OK.

6. Click Next.

7. When you are prompted, insert the Windows Server 2003 CD-ROM into the

computer's CD-ROM drive or provide a path to the location of the files

[C:\software\i386], and then click OK.

8. Click Finish.

IIS and the FTP service are now installed. You must configure the FTP Service before you can

use it.

6.3.1 Configure the FTP Service

To configure the FTP Service to allow only anonymous connections, follow these steps:

1. Start Start Administrative Tools Internet Information Services Manager.

2. Expand Server_name, where Server_name is the name of the server.

3. Expand FTP Sites

4. Right-click Default FTP Site, and then right-click and select Properties.

5. Click the Security Accounts tab.

6. Click to select the Allow Anonymous Connections check box (if it is not already

selected), and then click to select the Allow only anonymous connections check box.

When you click to select the Allow only anonymous connections check box, you

configure the FTP Service to allow only anonymous connections. Users cannot log on

by using user names and passwords.

7. Click the Home Directory tab. The default home directory is c:\inetpup\ftproot.

You may change it if you wish.

8. Click to select the Read and Log visits check boxes (if they are not already selected),

and then click to clear the Write check box (if it is not already cleared).

9. Click OK.

10. Quit Internet Information Services Manager.

The FTP server is now configured to accept incoming FTP requests. Copy or move the files

that you want to make available to the FTP publishing folder for access.

6.3.2 Using FTP

Before you try to interact with your local FTP server, make sure the FTP publishing

service is running and that you have create some FTP site (i.e. published some folder through

the FTP server). One-way to do this latter step is to use the Start Administrative

Tools Internet Information Services Manger as shown in the Window below.

Any FTP client program can access the folder made available by FTP server. These

include character-based client such as the FTP command or GUI-based client such as CuteFTP

and IE 6.0. Using IE 6.0, you use the word ftp in place of http to access an FTP server as

shown below.

The following is a sample interaction with an FTP server using the FTP command.

C:\>ftp 127.0.0.1 [Note: Sometimes you need to use the IP address]

Connected to 192.168.230.1.

220 Microsoft FTP service

User (192.168.230.1:(none)): anonymous

Anonymous access allowed, send identity (e-mail name) as password.

Password: a@b.c

230 anonymous user logged in.

ftp> cat

Invalid command.

ftp> dir

200 PORT command successful.

150 Opening ASCII mode data connection for /bin/ls.

02-25-04 02:00PM <DIR> images

226 Transfer complete.

ftp: 258 bytes received in 0.06Seconds 4.10Kbytes/sec.

ftp> help

Commands may be abbreviated. Commands are: delete literal prompt send debug ls put

status append dir mdelete pwd trace ascii disconnect mdir quit type bell get mget

quote user binary glob mkdir recv verbose bye hash mls remotehelp cd help mput

rename close lcd open rmdir

ftp> cd images 250 CWD command successful.

ftp> dir

…

ftp> get index.html index.html

200 PORT command successful.

150 ASCII data connection for index.html (196.1.65.148,1209) (211 bytes).

226 ASCII Transfer complete.

ftp: 219 bytes received in 0.01Seconds 14.60Kbytes/sec.

ftp>

……..

ftp> get RemoteFile LocalFile

……..

ftp> put Localfile RemoteFile

ftp> quit

221 Goodbye

Capture the FTP packets using Ethereal and answer the following queries:

• What is the transport layer protocol does FTP uses?

• What is the port number that is used for control and data transfer in FTP?

• How is the interaction between the FTP client and the FTP server when you issue the

‘ls’ command?

• How is the interaction between the FTP client and the FTP server when you issue the

‘get’ command?

• Is there any difference between the above two? Justify your answer.

• There are many ftp user-level commands [like mget, get, ls, …]. What is their actual

equivalent in FTP? Notice that using packet capture.

7.1. Publishing a Web site: 1. To create a site on the IIS web server, Create a new directory called mysite and then right

click on this directory in the Windows Explorer and select ‘Sharing and Security…’. Select

Web Sharing form the dialog and the dialog will appear as shown.

2. In the above dialog select Share this folder. You can use the suggested alias (this is the

part that will follow the host name in the URL used to access the site by the browser – see

the subsequent figure. Directory browsing will work if you enable directory browsing and

there is no default document (i.e. default.htm).

3. To access the above site, launch the Browser and use any of these URLs

http://ServerName/mysite or http://ServerIPAddress/mysite

The above URLs will work from any station.

Also you can use the following URLs to access the local web server

http://127.0.0.1/mysite or http://localhost/mysite

If you are not able to access the folder, you can put an HTML file named index.htm in that

FTP folder and try to access that website. Sometimes, you need to enter the

administrator along with its password to access the website. Also sometimes, you

might need to use your IP address instead of 127.0.0.1.

Note: You need to select the directory you enabled for directory listing from

Start Administrative Tools Internet Information Services Manager Default Web Site.

Then Right-click the directory and click Properties. Select Directory

Security Authentication and Access Control. Click Edit button. Then enable

Anonymous Access.

To have more control over the IIS configuration use Start Administrative Tools Internet

Information Services Manager.

6.5 Capturing HTTP traffic using Ethereal: Have Ethereal software run on Station A (web client) and try to capture the HTTP

traffic data during a web session between stations A (web browser) and station B (web server).

Open the web page from the client using web browser.

As the above figure shows there are three TCP packet exchanges (three-way hand

shake used to open a TCP connection) preceding the TCP packet containing the actual GET

request. Note that HTTP data immediately follows the TCP header and is readable in the

ASCII interpretation of the hex dump (right-bottom view)

6.5.1 Examining HTTP Requests and Replies

In this task we will be using Telnet client to interact with some HTTP server. It is

suggested that we use a graphical Telnet which is available for you in the software folder on the

c-drive of your machine. Once Telnet opens a TCP connection it may not echo what you are

typing. Thus it is suggested to you turn Local Echo on from Terminal Preferences menu

option as shown below. Increase the Buffer Size to 1000. Also you can log the interaction to a

text file Terminal Start Logging.

Next, choose Connect menu option and specify an IP address of the host running

HTTP server and port 80 as shown below and then click the Connect button.

The figure below shows a sample HTTP 1.1 GET request and the server's reply.

Note: End headers with two <enter> clicks to indicate that there is no body in the request.

Exercise:

1. Web share a folder (alias test) and enable directory browsing.

2. Access it using the browser using the URL: http://127.0.0.1/test

3. Use Telnet to connect to the local http server and type: GET /

HTTP/1.0<enter><enter>.

4. Compare the html you get from browser-view source with the body part of the HTTP

reply.

6.5.2 Practice HTML tables, Styles and colors

An HTML table (<table> ... </table>) is a collection of rows. Each row (<tr> ...

</tr>) is a collection of cells – a cell is enclosed in <td> ... </td>.

Note that a table cell can contain arbitrary html including img and table tags. Therefore,

HTML tables have become a key element for proper layout of a web page. In general, it best

to approach the layout of a page by having it as a table covering the entire width and height

of the page’s area as:

<body>

<table width="100%" height="100%">

...

</table>

<body>

Thus the following specifies a 2-row 3-column table.

<table cellspacing="0" width="200" border="1">

<tr><td>cell 11</td><td>cell 12</td></tr>

<tr><td>cell 11</td><td>cell 12</td></tr>

</table>

This should render as:

cell 11 cell 12 cell 13

cell 21 cell 22 cell 23

Why cell borders are doubled?

When the above table is rendered in the browser you will see that a double border

surrounds each cell. This is because when use the border="1" attribute within the table tag then

each cell will be surrounded by a one pixel border.

There are two solutions to this problem.

Solution 1: Use cellspacing="1" to reveal the table's background color.

<style> td { background-color:white; } </style>

<table cellspacing="1" width="200" style="background-color:gray;" border="0">

<tr><td>cell 11</td><td>cell 12</td></tr>

<tr><td>cell 11</td><td>cell 12</td></tr>

</table>

Solution 2 (better): Use border-collapse:collapse style specification to join adjacent borders.

<table cellspacing="0" width="200" border="1"

style="border-color:gray;border-collapse:collapse;" >

<tr><td>cell 11</td><td>cell 12</td></tr>

<tr><td>cell 11</td><td>cell 12</td></tr>

</table>

Exercise:

Utilize tables, styles and color techniques you have learned so far to produce the following page.

Follow the hints given by the instructor.

6.5.3 Practice Active Server Pages ( ASP )

ASP is a program that runs inside IIS. An ASP file is just the same as an HTML file.

An ASP file can contain text, HTML, XML, and scripts. Scripts in an ASP file are executed

on the server. An ASP file has the file extension ".asp"

When a browser request an asp file, IIS passes the request to the ASP Engine which

executes the ASP file and the response is sent back to the browser as plain HTML.

Benefits of ASP

1. Dynamically edit, change or add any content of a Web page

2. Respond to user queries or data submitted from HTML forms

3. Access any data or databases and return the results to a browser

4. Customize a Web page to make it more useful for individual users

5. The advantages of using ASP instead of CGI and Perl, are those of simplicity and speed

6. Provides security since your ASP code can not be viewed from the browser

7. Since ASP files are returned as plain HTML, they can be viewed in any browser

8. Clever ASP programming can minimize the network traffic

How to execute the ASP file

1. If IIS has been already installed on you pc an Inetpub folder will be created on your hard

drive

2. Open the Inetpub folder, and find a folder named wwwroot

3. Create a new folder, like "MyWeb", under wwwroot.

4. Use a text editor to write the examples given below, save the file as ".asp" in the

"MyWeb" folder

5. Make sure your Web server is running - The installation program has added a new icon

on your task bar (this is the IIS symbol). Click on the icon and press the Start button in

the window that appears.

6. Open your browser and type in "http://localhost/MyWeb/xyz.asp", to view your first

ASP page

7. If your ASP page is not displayed go to IIS Manager. In the left-pane select Web

service extension and then on the right-pane select Active Server Pages and click the

allow button.

Examples:

Example1

<html>

<body>

<% response.write("Hello World!") %>

</body>

</html>

Example 2

<html>

<body>

<%

Dim famname(6),i

famname(1) = “Abdallah"

famname(2) = “Ibrahim"

famname(3) = “Saeed"

famname(4) = “Tharig"

famname(5) = “Ismail"

famname(6) = “Mohamed"

For i = 1 to 6

response.write(famname(i) & "<br />")

Next

%>

</body>

</html>

Exercise:

Write an asp program to bring the following output.

6.5.4 Web Caching

Consider a http request that just occurred -- you sent a request for a file, the server

then went and hunted for the file, and if it found it, it fetched a copy for you. Now this would

seem to be the only way for such an operation to work, but in fact it's pretty inefficient.

Imagine that at any one time there might be thousands of users all requesting the same page.

Without a cache, the ISP's server has to keep going back to the same address and getting the

document for each individual request. However, if a Web cache is used, the routine is altered

slightly.

6.5.5 Enable Content Expiration in IIS 5.0

When content expiration is enabled, the Web browser compares the current date to the

expiration date to determine whether to display a cached page or request an updated page from

the server.

To set the expiration of Web site content in IIS 5.0, follow these steps:

1. In the Internet Information Services snap-in, select the Web site, virtual directory,

directory, or file for which you want to set content expiration.

2. Right-click the Web site, virtual directory, directory, or file and select Properties.

3. On the HTTP Headers property sheet, select Enable Content Expiration.

4. Select Expire Immediately, Expire after, or Expire on and enter the appropriate

expiration information in the corresponding box.

NOTE: Typically, time-sensitive information is limited to individual files, directories, or Web

sites; however, you can also set content expiration for all Web sites on a computer through the

configuration of WWW Master Properties

6.5.6 Prevent Caching using an ASP Script

You can also prevent individual pages from being cached by adding a script to ASP files. To do

this, follow these steps:

<%

Response.Expires = 0

Response.Expiresabsolute = Now() - 1

Response.AddHeader "pragma","no-cache"

Response.AddHeader "cache-control","private"

Response.CacheControl = "no-cache"

%>

6.5.7 Remove all the services you have installed

1. Start Control Panel Add or Remove Programs Add/Remove Windows

Components

2. Deselect those services you have selected before and click Next/Ok until Finish.

3. For Telnet, you can go to Start Control Panel Services and disable it [by right-

click].

The page should be displayed, even though you have no current connection to the Internet.

P A R T I I

REMOTE DESKTOP WEB CONNECTION

Objectives: Learn to setup remote desktop connection between a client and a server, via web.

6.6 Remote Desktop Web Connection To install Remote Desktop Web Connection follow these steps:

1. Open Add or Remove Programs in Control Panel.

2. Click Add/Remove Windows Components.

3. Click Application Server, and then click Details.

4. Select Internet Information Services, and then click Details.

5. In the Subcomponents of Internet Information Services list, select World Wide

Web Service, and then click Details.

6. In the Subcomponents of World Wide Web Service list, click the Remote Desktop

Web Connection check box. Click OK. Click OK again, and then click OK a third

time.

7. In the Windows Components wizard, click Next.

8. Click Start Administrative Tools Internet Information Services Manager.

9. Expand the folder hierarchy until you reach the local computer name\Web

Sites\Default Web Site\tsweb folder.

10. Right-click the tsweb folder and then click Properties.

11. Click the Directory Security tab on the Properties dialog box.

12. In Anonymous access and authentication control, click Edit.

13. Check the Anonymous access check box on the Authentication Methods dialog box,

and then click OK twice.

14. Click Start Control Panel System.

15. Click on Remote tab. Select the option for ‘Allow users to connect remotely to this

computer’ under Remote Desktop section. Click Ok.

16. Also, make sure RDP-TCP connection is present in Connections option under Start

Administrative Tools Terminal Services Configuration.

17. To check whether someone has connected, you can go to Start Administrative

Tools Terminal Services Manager.

Note:

1. To limit the number of connections, you can check via Start Administrative Tools

Terminal Services Configuration Connections. Select Network Adapter tab.

You can restrict the number of connections and also the network adapter through

which remote connections can be made.

2. To permit or deny remote access for specific users, Start Control Panel System

Remote Select Remote Users.

6.6.1 To connect to another computer using Remote Desktop Web Connection

1. Ensure that Remote Desktop Web Connection is installed and running on the Web

server.

2. Ensure that your client computer has an active network connection is functioning.

3. On your client computer, start Microsoft Internet Explorer.

4. In the Address box, type the Uniform Resource Locator (URL) for the home directory

of the Web server hosting Remote Desktop Web Connection.

5. The URL is "http://" followed by the IP address of your server, followed by the path

of the directory containing the Remote Desktop Web Connection files (default =

/Tsweb/). (Note the forward slash marks.) For example, if your Web server is

"192.168.230.250", in the Address box you type: http://192.168.230.250/tsweb/, and

then press ENTER. The Remote Desktop Web Connection page appears on the

screen.

6. In Server, type the IP of the remote computer to which you want to connect.

7. Optionally, specify the screen size and logon information for your connection.

8. Click Connect.

9. After you supply your username and password the Windows Server 2003 desktop

appears and you can begin to work.

6.6.2 To work like using remote keyboard and remote mouse

1. Install the VNC server at the Server.

2. Activate the options using Start Programs VNC Show User Settings.

3. From the client use, vncviewer and access this machine.

4. Note that you will be actually working on the server’s display.

7.1.4. Stream communication

The stream communication protocol is known as TCP (transfer control protocol).

Unlike UDP, TCP is a connection-oriented protocol. In order to do communication over the

L A B 7

SOCKET PROGRAMMING

7. Objectives • To learn the basics of Socket programming

• To learn the difference between TCP sockets and UDP datagrams

• To build a daytime C/S

• To build a SMTP mail user agent using JAVA

• To build a simple web server using JAVA

7.1. Background Information 7.1.1. Socket-Definition

A socket is one endpoint of a two-way communication link between two programs

running on the network. A socket is bound to a port number so that the TCP layer can identify

the application that data is destined to be sent.

7.1.2. TCP/IP and UDP/IP communications

There are two communication protocols that one can use for socket programming:

datagram communication and stream communication.

7.1.3. Datagram communication

The datagram communication protocol, known as UDP (user datagram protocol), is a

connectionless protocol, meaning that each time you send datagrams, you also need to send the

local socket descriptor and the receiving socket's address. As you can tell, additional data must

be sent each time a communication is made.

irst be established between the pair of sockets. While one of

the soc

ht help you decide which protocol you should use.

st be established before

commu

received

urs fewer overheads. It is often used in implementing client/server

applicat

lient, then you would open a

socket like this:

et

atagramSocket socket=new DatagramSocket();

TCP protocol, a connection must f

kets listens for a connection request (server), the other asks for a connection (client).

Once two sockets have been connected, they can be used to transmit data in both (or either one

of the) directions.

The selection of protocol [UDP or TCP] depends on the client/server application you

are writing. The following discussion shows the differences between the UDP and TCP

protocols; this mig

In UDP, as you have read above, every time you send a datagram, you have to send the

local descriptor and the socket address of the receiving socket along with it. Since TCP is a

connection-oriented protocol, on the other hand, a connection mu

nications between the pair of sockets start. So there is a connection setup time in TCP.

In UDP, there is a size limit of 64 kilobytes on datagrams you can send to a specified

location, while in TCP there is no limit. Once a connection is established, the pair of sockets

behaves like streams: All available data are read immediately in the same order in which they are

. UDP is an unreliable protocol and so there is no guarantee that the datagrams you

have sent will be received in the same order by the receiving socket. On the other hand, TCP is

a reliable protocol; it is guaranteed that the packets you send will be received in the order in

which they were sent.

In short, TCP is useful for implementing network services such as remote login (rlogin,

telnet) and file transfer (FTP) which require data of indefinite length to be transferred. UDP is

less complex and inc

ions in distributed systems built over local area networks.

7.1.5. Sockets using UDP connection

Creating a datagram socket: If you are programming a c

//Creating a sock

D

yte[] sendbuf = new byte[256];

56];

chine

InetAddress address = InetAddress.getByName("196.1.65.205");

String message="Hello Datagram server";

getBytes();

atagramPacket packet = new DatagramPacket(sendbuf, sendbuf.length, address,

the packet

socket.send(packet);

e

acket(receivebuf, receivebuf.length);

cket);

//create a buffer of size 256

b

byte[] receivebuf = new byte[2

//create an inet address of the server ma

//create the message

sendbuf=message.

//construct the packet

D

4445);

//send

// get respons

packet = new DatagramP

socket.receive(pa

If you are programming a server, then you would open a socket like this:

DatagramSocket socket= new DatagramSocket(4445);

w byte[256];

atagramPacket(receivebuf, receivebuf.length);

et);

//Create a socket

byte[] sendbuf = ne

byte[] receivebuf = new byte[256];

// receive request

DatagramPacket packet = new D

socket.receive(pack

ed);

t machine

InetAddress address = packet.getAddress();

int port = packet.getPort();

ess;

;

(sendbuf, sendbuf.length, address, port);

socket.send(packet);

String received = new String(packet.getData());

System.out.println(receiv

// get the address of the clien

// get the port of the client machine

dString = "Hello User from "+addr

sendbuf = dString.getBytes()

// construct the packet

packet = new DatagramPacket

//send the message

7.1.6. Sockets using TCP connection

pening a socket:

ing a client, then you would open a socket like this:

try {

ocket("Machine name", PortNumber);

(IOException e) {

O

If you are programm

Socket MyClient;

MyClient = new S

}catch

System.out.println(e);

}

Where Machine name is the machine you are trying to open a connection to, and

PortNumber is the port (a number) on which the server you are trying to connect to is running.

When selecting a port number, you should note that port numbers between 0 and 1,023 are

reserved for standard protocols, such as SMTP, FTP, and HTTP. When selecting a port

number for your server, select one that is greater than 1023.

ServerSocket MyService;

MyServerice = new ServerSocket(PortNumber);

(IOException e) {

If you are programming a server, then this is how you open a socket:

try {

}

catch

System.out.println(e);

}

When implementing a server you also need to create a socket object from the ServerSocket in

o listen for and accept connections from clients.

serviceSocket = MyService.accept();

em.out.println(e);}

order t

Socket clientSocket = null;

try {

}catch (IOException e) {

Syst

7.1.7 Creating an input stream

e, you can use the BufferedReader class to create an input stream to

ceive response from the server:

ed er(new

InputStr

putStream to receive input from the client:

On the client sid

re

Buffer Reader in = new BufferedRead

eamReader(socket.getInputStream()));

On the server side, you can use DataIn

BufferedReader in = new BufferedReader(new

InputStreamReader(socket.getInputStream()));

7.1.8 Creating an output stream

On the client side, you can create an output stream to send information to the server

socket using the class PrintWriter.

rintWriter out = new PrintWriter(socket.getOutputStream(), true);

s rintStream to send information to the client.

PrintWri

P

On the erver side, you can use the class P

ter out = new PrintWriter(socket.getOutputStream(), true);

7.1.9 Closing sockets

You should always close the output and input stream before you close the socket.

e client side:

try {

in.clos

socket.close();

(IOException e) {

System.out.println(e);

On the server side:

try {

socket.close();

(IOException e) {

System

On th

e(); in.close();

out.close();

}

catch

}

out.close();

serverSocket.close();

}

catch

.out.println(e);

}

7.2.7.2

Examples: .1 Handshaking of the client and the server

Download the following files.

HelloClient.java

va

elloClient.java and follow the prompt.

7.2.2 rams

files EchoClient.java and EchoServer1.java and study the

implem cket, execute and see the output.

7.2.3 a and EchoServerThread.java and study the

implem

HelloServer.ja

Execute HelloServer.java first, then execute H

Echo Client and Server Prog

Download the

entation of the so

Server handling more than one client

Download the files EchoServer.jav

entations of the socket. Now try to understand the difference in implementation of

:

sockets in these programs and those of Example 2.

7.2.4 A simple Web server

Download the Web server program in java given to you which serve web pages to the

browser and study the implementation using sockets.

7.3 Exercises Daytime C/S program: Write a server program which sends the time of day

information to the client.

Note T nd time in the server, you can use

im

orianCalendar();

Date t=c.getTime();

7.4 lient Program mail system is shown in the following figure. The email from the

urce is taken to the remote email server using SMTP. From the remote client, you need to use

a pull protocol like POP3 or IMAP and get the email from the respective email server.

o get the date a

port java.util.*;

Calendar c=new Greg

Writing an SMTP and POP3 CThe working of e

so

7.4.1 Setting up the

1. Go to Administrative To

POP3 Server

ols and select Add or Remove Windows Components.

2. Tick the E-Mail Services option and press details. Press OK and Next to start the

close all open windows. installation. Once this is complete,

3. ave installed the POP3 Service, you are ready to setup and configure mailboxes. After you h

Open the main window by pressing Start > Programs > Administrative Tools > POP3

Service.

4. nce that is done, the first thing you have to do is create a domain. Do this by right O

clicking the server name in the main window, select new > domain. Type the name of

your desired domain and click OK.

5. Further to this, you are now able to create a mailbox by right clicking the domain,

pressing New > Mailbox. Type the mailbox name and the password in the appropriate

boxes and press OK.

ld pop up notifying you that the

t show this message again" if you do not wish to hav

dd a mailbox.

6. A confirmation box shou mailbox was successfully added.

Select the "Do no e this box appear

everytime you a

ted is shown in the main windo

te" of the mailbox is "Unlocked" an

select "Lock", you will disable it.

7. The new mailbox you crea w. As you can see in the

following window, the "Sta d therefore available for use.

If you right click the mailbox and

7.4.2 SMTP Procedure

In order to work with SMTP server, you need to follow the following procedure:

1. Initially, you need to connect to the server via port number 25.

a. This can be done using telnet servername 25. Where servername is the IP address

of your SMTP server.

2. Issue the HELO command as

HELO domainname

3. We have to indicate from whom the email originates

MAIL FROM: <emailid@domainname>

Remember to use your email address along with the domain name.

Also, note that there is no blank space between the colon and the word FROM.

4. We have to indicate to whom the email designates

RCPT TO: <emailid@domainname>

Remember to use your email address along with the domain name.

Also, note that there is no blank space between the colon and the word TO.

5. In order to include the text data you wish to send to the recipient, DATA command as

DATA

6. Following the DATA command, you type your email text from the next line.

7. End your email contents by issuing

<CRLF>.<CRLF>

In programs, you can replace CRLF by \r\n

8. Quit the connection using the command

QUIT

This SMTP example shows mail sent by Ahmed at host mailer.ccse.kfupm.edu.sa, to Ibrahim

and Abdallah at host again in mailer.ccse.kfupm.edu.sa.

S: MAIL FROM:<ahmed@ccse.kfupm.edu.sa>

R: 250 OK

S: RCPT TO:< ibrahim@ccse.kfupm.edu.sa >

R: 250 OK

S: RCPT TO:< abdallah@ccse.kfupm.edu.sa >

R: 250 OK

S: DATA

R: 354 Start mail input; end with <CRLF>.<CRLF>

S: Blah blah blah...

S: ...etc. etc. etc.

S: <CRLF>.<CRLF>

R: 250 OK

S: QUIT

An SMTP server always listens to the port 25.

Exercise: Write the SMTP client program that can send emails from one account to another.

In order to write the SMTP client, you just need to connect to port number 25 using TCP

sockets. Then, you should issue all the commands specified above in order and receive the

reply. You can check whether your commands where successful or not by checking the

response you received from the server.

Note: You can check the receipt of your email using Start Programs Administrative

Tools POP3 Service. You can notice that the number of messages indicates the number of

emails received. To read these emails, you can use POP3.

7.4.3 Reading the email using POP3 service

1. You can read your email using telnet [POP3 runs on port number 110] as below:

telnet servername 110

USER username@domain

PASS password

LIST

RETR list-number

QUIT

2. Write a simple POP3 client that can read the emails in your mailbox and display them to

you. POP3 client program is also done similar to that of the SMTP client by connecting to

port number 110 and then issuing the POP3 commands in order.

telnet servername 110

USER username@domain

PASS password

STAT

LIST list-number

RETR list-number

QUIT

NOTE: For each command there is a reply from POP3 server. For the RETR command,

you need to read in a loop until you receive NULL because the email content might be

more than one line. The list-number given is the email sequence numbering as it appears in

the POP3 server.

L A B 8

PART - I

SIMULATION USING IT GURU

8. Objectives To know how to determine the throughput of a shared Ethernet network under various

loads, using Simulation.

8.1. Overview: In a shared Ethernet network, end systems are typically connected together using a

hub. The hub retransmits any incoming frames on all outgoing lines creating a single broadcast

domain for all the devices. Within this domain, the Carrier Sense Multiple Access with Collision

Detection (CSMA/CD) MAC protocol is used to determine which node may transmit at any

given time and to resolve collisions if two or more nodes transmit at the same time.

8.1.1. Build the Simulation Model

1. Since Start up OPNET IT Guru Academic Edition.

2. Select the File tab => New...

3. Choose Project and click on OK.

4. Change the Project Name to Shared_Ethernet.

5. Change the Scenario Name to Low_Load, and click on OK.

6. In the Initial Topology window, select Create Empty Scenario and click on Next.

7. In the Choose Network Scale window, select Office and click on Next.

8. In the Specify Size window, leave the parameters unchanged and click on Next.

9. In the Select Technologies window, scroll down and include the ethernet and links

model families, and click on Next.

10. In the Review window, click on OK.

First, we will build a LAN in which the workstations are connected together with an

Ethernet hub. An easy way to create a network with a large number of nodes in OPNET is to

use the Rapid Configuration tool.

1. Select the Topology tab => Rapid Configuration.

2. Set the Configuration to Star and click on OK.

3. Set the Center Node Model to ethernet16_hub. Set the Periphery Node Model to

ethernet_station. Set the Link Model to 10BaseT. Set the Number to 12, and click

on OK to create the LAN.

4. Right click on the hub (the device at the center of the star) and choose View Node

Description. This device can support up to 16 Ethernet links at 10, 100, or 1000 Mbps.

Note that the processing time within the device is considered to be zero, and that the

hub retransmits incoming frames on all outgoing lines. Click on the close window icon

to close the window.

5. Right click on the hub and select Set Name. Set the Name to Hub. Click on OK to

close the window.

6. Right click on one of the Ethernet station and choose View Node Description. This

device generates and receives Ethernet frames at configurable rates. Note that collision

detection and resolution is handled by the hub. Click on the close window icon to close

the window.

7. Now we need to set up the traffic patterns for the Ethernet stations. Right click on any

of the stations and choose Select Similar Nodes. Now, right click on one of the

stations and choose Edit Attributes. Put a check in the checkbox next to Apply

Changes to Selected Objects. Expand the Traffic Generation Parameters and

Packet Generation Arguments attributes. Set the ON State Time to

constant(1000), and the OFF State Time to constant(0). This will ensure that the

stations are always sending. Set the Interarrival Time (seconds) to

exponential(0.004) and the Packet Size (bytes) to constant (100). Click on OK to

apply the changes and close the window. Each station will now generate traffic at an

average rate of one 100 byte packet every 4 milliseconds. You can calculate the average

traffic that each node will generate from the interarrival time and the packet size.

For instance: 100 bytes/packet * 8 bits/byte * 1 packet/0.004 sec = 200 Kbps

We are now done building the LAN model

8.1.2. Configure the Simulation

1. Select the Simulation tab => Choose Individual Statistics…

2. Expand the Global Statistics item, and the Ethernet item, and select the Delay (sec)

statistic.

3. Expand the Traffic Sink item and select the Traffic Received (bits/sec) statistic.

4. Expand the Traffic Source item and select the Traffic Sent (bits/sec) statistic.

5. Expand the Node Statistics item, and the Ethernet item, and select the Collision Count,

Load (bits/sec), Traffic Forwarded (bits/sec), Traffic Received (bits/sec), and

Utilization statistics. Click on OK to close window.

6. Select Simulation => Configure Discrete Event Simulation…

7. Under the Common tab, modify the Duration to 20, and the unit to second(s). Click on

OK to close the window.

8.1.3. Duplicate the Scenario

Now, we will build another scenario in which each Ethernet station generates much

more traffic. This will allow us to compare the performance of the LAN under different

conditions. Choose Scenarios => Duplicate Scenario, and name the new scenario

High_Load. Click on OK to create the scenario.

Right click on any of the stations and choose Select Similar Nodes. Now, right click

on one of the stations and choose Edit Attributes. Put a check in the checkbox next to Apply

Changes to Selected Objects. Expand the Traffic Generation Parameters and Packet

Generation Arguments attributes. Set the Interarrival Time (seconds) to

exponential(0.001). Click on OK to apply the changes and close the window. Note that a

shorter interarrival time means that packets will be generated more frequently.

8.1.4. Run the Simulation

1. Select the Scenarios tab => Manage Scenarios…

2. Edit the Results field in both rows and set the values to <collect> or <recollect>.

3. Click on OK to run both scenarios (one after the other). When the simulation has completed,

click on Close to close the window.

8.1.5 Inspect and Analyze Results

1. Select the Scenarios tab => Switch to Scenario and choose the Low_Load scenario. Select

the Results tab => View Results…

2. Select and expand the Global Statistics item, and the Traffic Source item, and select the

Traffic Sent (bits/sec) statistic. Also expand the Traffic Sink item and select the Traffic

Received (bits/sec) statistic.

3. View all statistics in this lab exercise using As Is mode. For this level of load, the received bit

rate is approximately equal to the sent bit rate.

4. Click on the Traffic Sent (bits/sec) and Traffic Received (bits/sec) statistics again to disable

the preview. Note that you may always click on Show for a more detailed graph than the

preview provides. Click on Close to close the View Results window.

Now we will examine the same statistics for the High_Load scenario. Repeat the

previous steps including switching to the High_Load scenario, viewing results, and selecting

statistics to view. In this case, you can see that much more traffic was sent than was received.

The hub has become overloaded and cannot deliver all the traffic that it receives. Click on

Close to close the View Results window.

Now we will compare results generated by the two scenarios. Select the Results tab =>

Compare Results… Select and expand the Object Statistics item, the Office Network item,

the node_0 item, and the Ethernet item. Select the Load (bits/sec) statistic and view in As Is

mode. Click on Show for a more detailed graph. This statistic shows how much traffic was

generated by this device. The measured values should approximately match the calculations we

made earlier using the configuration parameters. Again, for the Low_Load scenario, 100

bytes/packet * 8 bits/byte * 1 packet/0.004 sec = 200 Kbps load per station. You may do a

similar calculation for the High_Load scenario. Click on the close window icon and choose to

Delete the panel to close the window. Click on the Load (bits/sec) statistic again to disable

the preview.

Discrepancies between the send and receive rate can be accounted for by inspecting the

Collision Count statistic. Expand the Hub item, and the Ethernet item. Select the Collision

Count statistic. Click on Show for a more detailed graph. Some of the packets that were sent

collided and required retransmissions, reducing the throughput. This is true of both scenarios,

but the High_Load scenario experienced far more collisions. Click on the close window icon

and Delete the panel. Click on the statistic again to disable the preview.

The hub’s utilization can be viewed by selecting the Utilization statistic. Click on Show

for a more detailed graph. The utilization essentially describes what percentage of the network’s

capacity is being used. Since 10BaseT links were used to connect the hub to the Ethernet

stations, the capacity is 10 Mbps. You can see that the High_Load scenario traffic utilized a

great deal more of the hub’s capacity than the Low_Load scenario traffic. Click on the close

window icon and Delete the panel. Click on the Utilization statistic again to disable the

preview.

Lastly, expand the Global Statistics item, and the Ethernet item, and select the Delay

(sec) statistic. Click on Show for a more detailed graph. This statistic shows the delay

experienced by all packets which have been successfully delivered. You can see that the delay is

fairly consistent in the Low-Load scenario, but that the high level of traffic causes growing

delays in the High_Load scenario. Click on the close window icon and Delete the panel. Click

on Close to close the Compare Results window.

Save your model and close all windows.

8.2 Exercises: 1. Create several duplicate scenarios and modify the interarrival times for all the

Ethernet stations to 0.0008, 0.002, 0.003, 0.005, and 0.006 respectively. Rerun the

simulation, and record the Traffic Received (bits/sec) statistic for each scenario. Find

the interarrival time for which the maximum throughput is achieved. Calculate the

offered load that corresponds to this interarrival time. Why does the throughput stop

increasing even when the load is increased further?

2. Modify the interarrival time and rerun the simulation to determine how large the

interarrival time must be in order for the number of collisions per second to become

negligible (less than 10 per second). What is the per-node load that corresponds to the

interarrival time you found?

PART -II

SWITCHED LANs

8.3 Objective This lab is designed to demonstrate the implementation of switched local area

networks. The simulation in this lab will help you examine the performance of different

implementations of local area networks connected by switches and hubs.

8.4 Overview: There is a limit to how many hosts can be attached to a single network and to the size

of a geographic area that a single network can serve. Computer networks use switches to enable

the communication between one host and another, even when no direct connection exists

between those hosts. A switch is a device with several inputs and outputs leading to and from

the hosts that the switch interconnects. The core job of a switch is to take packets that arrive on

an input and forward (or switch) them to the right output so that they will reach their

appropriate destination.

A key problem that a switch must deal with is the finite bandwidth of its outputs. If

packets destined for a certain output arrive at a switch and their arrival rate exceeds the capacity

of that output, then we have a problem of contention. In this case, the switch will queue, or

buffer, packets until the connection subsides. If it lasts too long, however, the switch will run

out of buffer space and be forced to discard packets. When packets are discarded too

frequently, the switch is said to be congested.

In this lab you will set up switched LANs using two different switching devices: hubs and

switches. A hub forwards the packet that arrives on any of its inputs on all the outputs

regardless of the destination of the packet. On the other hand, a switch forwards incoming

packets to one or more outputs depending on the destination(s) of the packets. You will study

how the throughput and collision of packets in a switched network are affected by the

configuration of the network and the types of switching devices that are used.

8.5 Procedure: 8.5.1 Create a New Project

1. Start the OPNET IT Guru Academic Edition Choose New from the File menu.

2. Select Project and click OK Name the project <your initials>_SwitchedLAN, and

the scenario OnlyHub Click OK.

3. In the Startup Wizard: Initial Topology dialog box, make sure that Create Empty

Scenario is selected Click Next Choose Office from the Network Scale list Click

Next three times Click OK.

4. Close the Object Palette dialog box.

8.5.2 Create the Network

To create our switched LAN:

1. Select Topology Rapid Configuration. From the drop-down menu choose Star

and click OK.

2. Click the Select Models button in the Rapid Configuration dialog box. From the Model

List drop-down menu choose ethernet and click OK.

3. In the Rapid Configuration dialog box, set the following six values: Center Node

Model = ethernet16_hub, Periphery Node Model = ethernet_station, Link

Model = 10BaseT, Number = 16, Y = 50, and Radius = 42 Click OK.

Note: The prefix ethernet16_ indicates that the device supports up to 16 Ethernet

connections. The 10BaseT link represents an Ethernet connection operating at 10 Mbps.

4. Right-click on node_16, which is the hub Edit Attributes Change the name

attribute to Hub1 and click OK.

5. Now that you have created that network, it should look like the following one.

6. Make sure to save your project.

8.5.3 Configure the Network Nodes

Here you will configure the traffic generated by the stations:

1. Right-click on any of the 16 stations (node_0 to node_15) Select Similar Nodes.

Now all stations in the network are selected.

2. Right-click on any of the 16 stations Edit Attributes.

a. Check the Apply Changes to Selected Objects check box. This is important

to avoid reconfiguring each node individually.

3. Expand the hierarchies of the Traffic Generation Parameters attribute and the

Packet Generation Arguments attribute Set the following four values: ON State

time (seconds) = exponential(100.0), OFF State time (seconds) = exponential(0.0),

Interarrival time (seconds) = exponential(0.02) and Packet Size (bytes) =

constant(1500).

4. Click OK to close the attribute editing window(s). Save your project.

8.5.4 Choose Statistics

To choose the statistics to be collected during the simulation:

1. Right-click anywhere in the project workspace and select Choose Individual Statistics

from the pop-up menu.

2. In the Choose Results dialog box, choose the following four statistics:

a. Global Statistics Ethernet Delay(sec)

b. Global Statistics Traffic Sink Traffic Received (packets/sec)

c. Global Statistics Traffic Source Traffic Sent (packets/sec)

d. Node Statistics Ethernet Collision Count.

Note: The Ethernet Delay represents the end to end delay of all packets received by all the

stations. Traffic Received (in packets/sec) by the traffic sinks across all nodes. Traffic

Sent (in packets/sec) by the traffic sources across all nodes. Collision Count is the total

number of collisions encountered by the hub during packet transmissions.

3. Click OK.

8.5.5 Configure the Simulation

Here we need to configure the duration of the simulation:

1. Click on the Configure/Run Simulation button :

2. Set the duration to be 2.0 minutes.

3. Click OK.

8.5.6 Duplicate the Scenario

The network we just created utilizes only one hub to connect the 16 stations. We need

to create another network that utilizes a switch and see how this will affect the performance of

the network. To do that we will create a duplicate of the current network:

1. Select Duplicate Scenario from the Scenarios menu and give it the name

HubAndSwitch Click OK.

2. Open the Object Palette by clicking on . Make sure that Ethernet is selected in the

pull-down menu on the object palette.

3. We need to place a hub [ethernet16_hub] and a switch [ethernet16_switch] in the

new scenario.

4. To add the Hub, click its icon in the object palette Move your mouse to the

workspace Click to drop the hub at a location you select. Right-click to indicate you

are done deploying hub objects.

5. Similarly, add the Switch.

6. Close the Object Palette.

7. Right-click on the new hub Edit Attributes Change the name attribute to Hub2

and click OK.

8. Right-click on the switch Edit Attributes Change the name attribute to Switch

and click OK.

9. Reconfigure the network of the HubAndSwitch scenario so that it looks like the

following one.

Hints:

a. To remove a link, select it and choose Cut from the Edit menu (or simply hit

the Delete key). You can select multiple links and delete all of them at once.

b. To add a new link, use the 10BaseT link available in the Object Palette.

10. Save your project.

8.5.7 Run the Simulation

To run the simulation for both scenarios simultaneously:

1. Select Manage Scenarios from the Scenarios menu.

2. Change the values under the Results column to <collect> (or <recollect>) for both

scenarios. Compare to the following figure.

3. Click OK to run the two simulations. Depending on the speed of your processor, this

may take several minutes to complete.

4. After the two simulation runs complete, one for each scenario, click Close.

5. Save your project.

8.5.8 View the Results

To view and analyse the results:

1. Select Compare Results from the Results menu.

2. Change the drop-down menu in the lower-right part of the Compare Results dialog box

from As Is to time_average, as shown.

Note: time_average is the average value over time of the values generated during the

collection window. This average is performed assuming a “sample-and-hold” behaviour

of the data set (i.e., each value is weighted by the amount of time separating it from the

following update and the sum of all the weighted values is divided by the width of the

collection window). For example, suppose you have a 1-second bucket in which 10

values have been generated. The first 7 values were generated between 0 and 0.3

seconds, the 8th value at 0.4 seconds, the 9th value at 0.6 seconds, and the 10th at 0.99

seconds. Because the last 3 values have higher durations, they are weighted more

heavily in calculating the time average.

3. Select the Traffic Sent (packets/sec) statistic and click Show. The resulting graph

should resemble the one below. As you can see, the traffic sent in both scenarios in

almost identical.

4. Select the Traffic Received (packets/sec) statistic and click Show. The resulting

graph should resemble the one below. As you see, the traffic received with the second

scenario, HubAndSwitch, is higher than that of the OnlyHub scenario.

5. Select the Delay (sec) statistic and click Show. The resulting graph should resemble

the one below. (Note: Result may vary slightly due to different node placement.)

6. Select the Collision Count statistic for Hub1 and click Show.

7. On the resulting graph right-click anywhere on the graph area Choose Add Statistic

Expand the hierarchies as show below Select the Collision Count statistic for

Hub2 Change As Is to time_average Click Add.

8. The resulting graph should resemble the one below.

9. Save your project.

8.6 Questions 1. Explain why adding a switch makes the network perform better in terms of throughput

and delay.

2. We analyzed the collision counts of the hubs. Can you analyze the collision count of the

“Switch”? Explain your answer.

3. Create two new scenarios. The first one is the same as the OnlyHub scenario but

replace the hub with a switch. The second new scenario is the same as the

HubAndSwitch scenario but replace both hubs and switches, remove the old switch

and connect the two switches you just added together with a 10BaseT link. Compare

the performance of the four scenarios in terms of delay, throughput, and collision

count. Analyze the results. Note: To replace a hub with a switch, right-click on the hub

and assign ethernet16_switch to its model attribute.

L A B 9

PART I

PROTOCOL ANALYZER and NETWORK DESIGN

9. Objective Comprehend the role played by ARP protocol

Analyze the ARP request that is issued in two cases: target host is on the local

network vs. a remote network

View and modify ARP cache

Use Ethereal software to capture ARP packets using a proper user-defined packet

filter. This lab is designed to demonstrate the implementation of switched local area

networks. The simulation in this lab will help you examine the performance of

different implementations of local area networks connected by switches and hubs.

9.1 General Lab setup Set the gateway address as 192.168.230.251 and DNS Server to 172.16.0.1.

19 20 21 22 23 2413 14 15 16 17 187 8 9 10 11 121 2 3 4 5 6

43 44 45 46 47 4837 38 39 40 41 4231 32 33 34 35 3625 26 27 28 29 30

19 20 21 22 23 2413 14 15 16 17 187 8 9 10 11 121 2 3 4 5 6

43 44 45 46 47 4837 38 39 40 41 4231 32 33 34 35 3625 26 27 28 29 30

19 20 21 2 2 23 2413 14 15 16 17 187 8 9 10 11 121 2 3 4 5 6

43 44 45 4 6 47 4837 38 39 40 41 4231 32 33 34 35 3625 26 27 28 29 30

192.168.230.1 & 192.168.230.5

SM: 255.255.0.0GW: 192.168.230.251

ICS-NWLA1 ICS-NWLB1192.168.231.1 & 192.168.231.5

SM: 255.255.0.0GW: 192.168.230.251

INSTRUCTOR PC

192.168.230.251SM: 255.255..0

172.16.20.2SM: 255.255.0.0

Inter LANInter LAN

SwitchSwitch

Hub

CCSE Network

9.1.1. Capturing ARP traffic

On an Ethernet LAN, an ARP message (i.e. a request or a reply) is directly encapsulated

in an Ethernet frame with EtherType value set to (0x0806).

9.1.2. Viewing the ARP cache

Generate traffic, using the ping command. Ping to any PC within your network and

analyze the captured packets. You can view the ARP cache from Command Prompt {DOS

prompt} by using the command arp –a.

At the command prompt, type the command: arp –a. Do you see an entry for the machine you

just pinged? How long does this entry remain in the cache?

Exercise: Do you ever see an entry in the ARP cache for a machine outside of your network?

Why?

9.1.3. Capturing and analyzing ARP frames using Ethereal

1. To Start the EtheReal Network Monitoring Tool, Goto Start – Programs –

EtheReal - EtheReal. Then you will fine the following window (Left).

2. Goto Capture menu and click on Start menu item (Shown in above figure (right)).

Then you will find the following window (left).

After entering the relevant details, click ok in the window then the capturing window

will appear as shown above in (right).

3. Frame Details: To see the Frame details, click on stop on the above (right) window

and you will get the following window, which shows the details of all the frames

captured. If you double click on one (frame) line, the details related to that frame can be

seen as shown below.

4. Filters: To set the filter for displaying, in the capture menu, after clicking sta t, in the

following window, give the protocol you want to display in the place of Filter, and then

click OK Now you will get only the Frame details for ARP protocol alone since you

have set the filter to show only ARP frames.

r

Example:

Capture the outgoing and incoming packets of ARP only. To set the filter according to this

scenario, we should do the above procedure to get only ARP packets.

The following figure shows some of the ARP Broadcast frames.

Exercise:

Fill in the values marked with * below for an Ethernet frame containing an ARP Request.

• The 48-bit destination address in Ethernet frame is made of all Fs. Why?

• The 48-bit Target MAC address in ARP packet is all 0s. Why?

• Look at the 16-bit type field along with this website

http://192.168.230.250/ics432/ethernet-numbers.htm and write about its

importance.

• Find your machine’s Ethernet addresses and compare them with Ethernet Source

Address present in the packet. Indicate through which card, the packet has traveled.

14 byte Ethernet Frame Header

Ethernet Destination Address *

Ethernet Source Address

EtherType*

6 bytes

6 bytes 2 bytes: 0806 indicates that the frame contains ARP message

ARP Message* (Specify the format)

4 bytes Frame Checksum

PART II

Objective:

The objective of this lab is to demonstrate the basics of designing a network, taking into

consideration the users, services, and locations of the hosts.

9.2 Overview Optimizing the design of a network is a major issue. Simulations are usually used to

analyze the conceptual design of the network. The initial conceptual design is usually refined

several times until a final decision is made to implement the design. The objective is to have a

design that maximizes the network performance, taking into consideration the cost constraints

and the required services to be offered to different types of users. After the network has been

implemented, network optimization should be performed periodically throughout the lifetime

of the network to ensure maximum performance of the network and to monitor the utilization

of the network resources.

In this lab you will design a network for a company that has four departments:

Research, Engineering, E-Commerce, and Sales. You will utilize a LAN model that allows you

to simulate multiple clients and servers in one simulation object. This model dramatically

reduces both the amount of configuration work you need to perform and the amount of

memory needed to execute the simulation. You will be able to define a profile that specifies the

pattern of applications employed by the users of each department in the company. By the end

of this lab, you will be able to study how different design decisions can affect the performance

of the network.

9.3 Procedure

9.3.1 Create a New Project

1. Start OPNET IT Guru Academic Edition Choose New from the File menu.

2. Select Project and click OK Name the project <your initials>_NetDesign, and the

scenario SimpleNetwork Click OK.

3. In the Startup Wizard: Initial Topology dialog box, make sure that Create Empty Scenario is

selected Click Next Choose Campus from the Network Scale list Click Next

Choose Miles from the Size drop-down menu and assign 1 for both X Span and Y Span

Click Next twice Click OK.

9.3.2 Create and Configure the Network

Initialize the Network:

1. The Object Palette dialog box should be now on the top of your project space. If it is not

there, open it by clicking . Make sure that the internet_toolbox is selected from the

pull-down menu on the object palette.

2. Add to the project workspace the following objects from the palette: Application Config,

Profile Config, and a subnet.

a. To add an object from a palette, click its icon in the object palette Move your

mouse to the workspace Left-click to place the object. Right-click when finished.

The workspace should contain the following three objects:

Note: Application Config is used to specify applications that will be used to configure

users profiles.

Profile Config describes the activity patterns of a user or group of users in terms of the

applications used over a period of time. You must define the applications using the

Application Config object before using this object.

3. Close the Object Palette dialog box and save your project.

Configure the Services:

1. Right-click on the Application Config node Edit Attributes Change the name

attribute to Applications Change the Application Definitions attribute to Default

Click OK.

2. Right-click on the Profile Config node Edit Attributes Change the name attribute

to Profiles Change the Profile Configuration attribute to Sample Profiles Click

OK.

Note: Sample Profiles provides patterns of applications employed by users such as

engineers, researchers, salespeople, and multimedia users.

Configure a Subnet:

1. Right-click on the subnet node Edit Attributes Change the name attribute to

Engineering and click OK.

2. Double-click on the Engineering node. You get an empty workspace, indicating that the

subnet contains no objects.

3. Open the object palette and make sure it is still set to internet_toolbox.

4. Add the following items to the subnet workspace: 10BaseT LAN, ethernet16_Switch, and

a 10BaseT link to connect the LAN with the Switch Close the palette.

5. Right-click on the 10BaseT LAN node Edit Attributes Change the name attribute

to LAN Observe that the Number of Workstations attribute has a value of 10. Click

in the Value column for the Application: Supported Profiles attribute, and select Edit.

You should get a table in which you should do the following:

a. Set the number of rows to 1.

b. Set the Profile Name to Engineer. Note: Engineer is one of the “sample” profiles

provided within the Profile Config object.

c. Click OK twice.

The object we just created is equivalent to a 10-workstation star topology LAN. The

traffic generated from the users of this LAN resembles that generated by “engineers.”

6. Rename the ethernet16 Switch to Switch.

7. The subnet should look like the shown one.

8. Save your project.

9.3.3 Configure All Departments

1. Now you have completed the configuration of the Engineering department subnet. To go

back to the main project space, click the Go to the higher level button.

The subnets of the other departments in the company should be similar to the engineering

one except for the supported profiles.

2. Make three copies of the Engineering subnet we just created: Click on the Engineering

node From the Edit menu, select Copy From the Edit menu, select Paste three

times, placing the subnet in the workspace after each, to create the new subnets.

3. Rename (right-click on the subnet and select Set Name) and arrange the subnets as shown

below [Research, Sales, E-Commerce]:

4. Double-click the Research node Edit the attributes of its LAN Edit the value of the

Application: Supported Profiles attribute Change the value of the Profile Name from

Engineer to Researcher Click OK twice Go to the higher level by clicking the

button.

5. Repeat step 4 with the Sales node and assign to its Profile Name the profile Sales Person.

6. Repeat step 4 with the E-Commerce node and assign to its Profile Name the profile E-

commerce Customer.

7. Save your project.

9.3.4 Configure the Servers

Now we need to implement a subnet that contains the servers. The servers have to

support the applications defined in the profiles we deployed. You can double-check those

applications by editing the attributes of our Profile node. Inspect each row under the

Applications hierarchy, which in turn, is under the Profile Configuration hierarchy. You will

see that we need servers that support the following applications: Web browsing, Email, Telnet,

File Transfer, Database, and File Print.

1. Open the Object Palette and add a new subnet Rename the new subnet to

Servers Double-click the Servers node to enter its workspace.

2. From the Object Palette, add three ethernet_servers, one ethernet16_switch, and three

10BaseT links to connect the servers with the switch.

3. Close the Object Palette.

4. Rename the servers [Web Server, File Server, Database Server] and the switch [Server

Switch] as follows:

5. Right-click on each one of the above servers and Edit the value of the Application:

Supported Services attribute.

a. For the Web Server add four rows to support the following services: Web Browsing

(Light HTTP1.1), Web Browsing (Heavy HTTP1.1), Email (Light), and

Telnet Session (Light).

b. For the File Server add two rows to support the following services: File Transfer

(Light) and File Print (Light).

c. For the Database Server add one row to support the following service: Database

Access (Light).

6. Go back to the project space by clicking the Go to the higher level button.

7. Save your project.

9.3.5 Connect the Subnets

Now all subnets are ready to be connected together.

1. Open the Object Palette and add four 100BaseT links to connect the subnets of the

departments to the Servers subnet.

As you create each link, make sure that it is configured to connect the “switches” in both

subnets to each other. Do this by choosing them from the drop-down menus as follows:

2. Close the Object Palette.

3. Now your network should resemble the following one:

4. Save your project.

Choose the Statistics: To test the performance of our network we will collect one of the

many available statistics as follows:

1. Right-click anywhere in the project workspace and select Choose Individual Statistics

from the pop-up menu.

2. In the Choose Results dialog box, choose the following statistic [Global Statistics HTTP

Page Response Time (seconds)]:

Note: Page Response Time is the required time to retrieve the entire page.

3. Click OK.

9.3.6 Configure the Simulation

Here we need to configure the duration of the simulation:

1. Click on the Configure/Run Simulation button.

2. Set the duration to be 30.0 minutes.

3. Press OK.

Duplicate the Scenario: In the network we just created we assumed that there is no

background traffic already in the links. In real networks, the links usually have some existing

background traffic. We will create a duplicate of the SimpleNetwork scenario but with

background utilization in the 100BaseT links.

1. Select Duplicate Scenario from the Scenarios menu and give it the name BusyNetwork

Click OK.

2. Select all the 100BaseT links simultaneously (click on all of them while holding the Shift

key) Right-click on anyone of them Edit Attributes Check the Apply Changes

to Selected Objects check box.

3. Expand the hierarchy of the Background Utilization attribute Expand the row 0

hierarchy Assign 99 to the background utilization (%) as shown below.

Note: Link utilization is the percentage of the used link bandwidth.

4. Click OK.

5. Save your project.

Run the Simulation: To run the simulation for both scenarios simultaneously:

1. Go to the Scenarios menu Select Manage Scenarios.

2. Change the values under the Results column to <collect> (or <recollect>) for both

scenarios. Compare to the following figure.

3. Click OK to run the two simulations. Depending on the speed of your processor, this may

take several seconds to complete.

4. After the two simulation runs complete (one for each scenario), click Close.

5. Save your project.

View the Results: To view and analyze the results, follow the steps given below.

1. Select Compare Results from the Results menu.

2. Change the drop-down menu in the lower-right part of the Compare Results dialog box from

As Is to time_average as shown.

3. Select the Page Response Time (seconds) statistic and click Show. The resulting graph

should resemble the one below. (Note: Results may vary slightly due to different node

placement.)

9.3.7 Questions

1. Analyze the result we obtained regarding the HTTP page response time. Collect

four other statistics, of your choice, and rerun the simulation of the Simple and the

Busy network scenarios. Get the graphs that compare the collected statistics.

Comment on these results.

2. In the BusyNetwork scenario, study the utilization% of the CPUs in the servers

(Right-click on each server and select Choose Individual Statistics CPU

Utilization).

3. Create a new scenario as a duplicate of the BusyNetwork scenario. Name the new

scenario Q3_OneServer. Replace the three servers with only one server that

supports all required services. Study the utilization% of that server’s CPU.

Compare this utilization with the three CPU utilizations you obtained in the

previous question.

4. Create a new scenario as a duplicate of the BusyNetwork scenario. Name the new

scenario Q4_FasterNetwork. In the Q4_FasterNetwork scenario, replace all

100BaseT links in the network with 10Gbps Ethernet links and replace all

10BaseT links with 100BaseT links. Study how increasing the bandwidth of the

links affects the performance of the network in the new scenario (e.g., compare the

HTTP page response time in the new scenario with that of the BusyNetwork).

L A B 1 0

SWITCHING EXPERIMENTS

10. Objectives Learn how to configure switches.

Learn how to implement and manage VLANs.

Learn about the usage of spanning tree protocol in switches.

10.1 Connecting to the switch 1. In order to configure our switch, we need to use Hyperterminal. Make sure that the

Hyperterminal software is installed. If not, you can install the software from

C:\ics432\software\htpe63.exe.

2. Connect the COM1 port of the PC to the Console port of the switch with the following

settings:

a. As the console port of the 3Com switch is also DB9 [like COM1], we need to use

two DB9-to-RJ45 adaptors.

b. Bits per second: 2400

3. Do the following configurations via Hyperterminal.

10.2 Grouping of PCs into VLANs The aim of this experiment is to show how to form and make their members connect

to each other.

1. Use the switch available in your LAN. Create two VLANs; namely, VLAN 100 and

VLAN 101.

2. Create VLANs.

• Using browser: Configuration – VLAN

• Using telnet/console: bridge vlan create

• You will be asked about the VLAN number, local number and the VLAN name.

Local VLAN number is the number that is applicable only within a single switch.

3. Remove all the 8 ports [1 to 8] that are used by these PCs from VLAN 1.

• Using telnet/console: bridge vlan removeport 1 all

4. Add port numbers 1, 2, 5 & 6 to VLAN 100 without tagging.

• Using telnet/console: bridge vlan addport 100 1 none

5. Add port numbers 3, 4, 7 & 8 to VLAN 101 without tagging.

• Using telnet/console: bridge vlan addport 101 3 none

6. Test their connectivity by pinging among these PCs.

• What is the result of ping, if we ping among those PCs in same VLAN?

• What is the result of ping, if we ping among those PCs in different VLAN?

7. If we wish to have one port to support more than one VLAN, tagging is needed.

• Using browser: Enable 802.1Q VLAN learning at Port Menu

• Using telnet/console: bridge vlan addport 1 3 802.1Q

o Where 1 is the VLAN number and 3 is the port number

10.2 Enable security option of a switch port 1. Switch learns the MAC address of the packet that follows through it and maps that

MAC address with the respective port number. This mapping is stored in the switching

database. This information is used for delivery of packets to respective PC.

2. We can fix a switch port to a respective MAC address so that people can connect any

PC with this port. Fix a switch port to the MAC address that is connected to it.

a. First, you need to know the MAC address of the network card that connected

to this port using ipconfig /all. As we have two cards per PC, you might need

to disable one card and note the MAC address.

• Using browser: Port Menu – Security – Enabled

• Using telnet/console: bridge port address add

b. After setting the above, try to swap the ports [of one PC] on the switch and

check if it works. Remember, each PC has two networks and so they are

connected to two ports of the switch. Swapping them will make the port to

learn a different MAC address.

3. We can make the switch learn a MAC address and maintain it for a specific period of

time known as ageing concept.

a. Using browser: Configuration – Advanced Stack Setup – Ageing time (secs)

b. Using telnet/console: bridge agingtime

10.3 Create looping and break it using spanning tree Connecting switches in the form of a loop creates rounding of packets. This will be

handled using Spanning tree protocol.

1. Connect two switches together using crossover cable. Make sure that you are able to

ping from one PC, which is connected to one switch to another PC, which is connected

to other switch.

2. Before creating the loops, generate traffic to other LANs by using ping.

a. ping –t –l 65500 192.168.230.1

3. Make sure all the networks are in same VLAN. Connect the switches in a loop using

two crossover wires. Remember, one wire already exists.

4. Before enable spanning tree, now note the change in the timing values in the ping

operation that you have started earlier.

5. To enable spanning tree

a. Using browser: Configuration – Advanced Stack setup – Spanning Tree

b. Using telnet/console: bridge stpstate enable

6. Check the ping operation now to notice that it has come back to normal state.

7. One port of the switch can handle 100Mbps. If we need more than 100Mbps for the

connectivity between the switches then we should connect more than one link between

the switches. We are forced to disable spanning tree and treat the links as one single link

with high capacity [using trunking].

a. To disable spanning tree

• Using telnet/console: bridge stpstate disable

b. To create port trunk

i. Using browser: Configuration – Port – Trunk – Move ports to the

needed port trunk

8. Check the ping operation now to notice the change.

10.5 Testing other settings 10.5.1 Auto-negotiation setup

Auto-negotiation is a method by which two connected devices can talk to each other

and negotiate about speed and mode of operation. These setups can be done on a specific port

by selecting the respective port on the switch picture that appears in the browser.

• Connect two switches with a crossover wire.

a. Enable auto-negotiation at the ports that connect these switches. Note down

what is the speed and mode of the connectivity at both ends.

Switch 1: ________________________________

Switch 2: ________________________________

b. Enable auto-negotiation at one port. Fix the other end to 10Mbps and Full-

duplex mode. Note down what is the speed and mode of the connectivity at

both ends.

Switch 1: ________________________________

Switch 2: ________________________________

c. Set to different speed and mode at both these ports. Note down what is the

speed and mode of the connectivity at both ends.

Switch 1: ________________________________

Switch 2: ________________________________

d. What is the link between Auto-negotiation, Speed/Duplex, FD Flow Control

and HD Flow control?

i. If we set the duplex as HD in Switch I and FD in Switch II, the

switches can still run as they are provided the HD Flow control option

is enabled in Switch II.

Switch 1: ________________________________

Switch 2: ________________________________

ii. We cannot enable flow control when auto-negotiation is enabled. Also,

it is recommended that the flow control should be made as same for

both the switches that are connected via the specific port.

• Connect a PC via Hub to the switch and note the following:

a. This specific port that connects the switch to hub becomes as HD, even if auto-

negotiation is enabled.

b. The switch-database contains many addresses learnt for the port of the switch

that is connected to the hub. To check this, we might need to ping from the

PCs that are connected to the switch via the hub.

10.5.2 Resilient Links

Resilient links are used to have backup links when the main link between two switches

goes off. This connectivity can be of two types:

a. Symmetric: Here, both the links [main and standby] are considered to be the same. If

main link goes off, the standby link comes up. If the standby link goes off, the main

link comes up. But, while the standby link is working if the main links comes up, it

will not be enabled. It has to act as standby at that time.

b. Switchback: If main link goes off, the standby link comes up. If the standby link goes

off, the main link comes up. But, while the standby link is working if the main links

comes up, the standby link will be put to standby and the main link will start to work.

Don’t connect the two cables that you want to work as resilient.

Make one link as main link and the other as standby link.

Using browser: Configuration Resilient Links Add {for main and standby

link}

We can swap the active and inactive links, click resilient link swap.

10.5.3 Changing the switching modes

Switches can operate in many modes. WE can change the modes to fast-forward or

store and forward, etc.

• Set to switching operation to fast-forward or others and see its impact.

• Using browser: Configuration Advanced Stack setup Select the forwarding

mode Apply.

10.5.4 Broadcast Storm Control

• Broadcast Storm Control is enabled, the stack automatically creates an alarm for

each port to monitor the level of broadcast traffic on that port. If the broadcast

traffic level rises to 2976 frames per second, the broadcast traffic on the port is

blocked until the broadcast traffic level drops to 1488 frames per second.

• Enable broadcast storm control using browser: Configuration Advanced Stack

setup Enable the Broadcast Storm Control

10.5.5 VLT tagging

VLT tagging is an additional option provided by 3Com switch similar to standard

802.1Q tagging. By specifying that the ports at both ends of a link use VLT tagging, you can

create a VLT tagged link that carries traffic for all of the VLANs defined on your Switch.

• VLT tagging works only with 3Com switches.

• We can not use VLT tagging when:

o When 802.1Q tagging is used.

o It is the main or standby port of a resilient link, and the other port does not

use VLT tagging.

o It belongs to a port trunk.

• You cannot disable VLT tagging if the port is part of a resilient link pair.

• In browser, under unit menu [which is the picture of the switch on the browser],

you have to select the necessary port and then enable VLT tagging.

10.6 Questions What happens if a port is tagged with two VLANs [using 802.1Q] and that port is

connected to the hub?

a. This will not work because 802.1Q tagging can be set only on ports whose other

end also understands this tagging. Hub doesn’t understand this tagging.

Can we add a port to two VLANs without tagging?

a. Two VLANs cannot be differentiated without tagging. So, to add two VLANs to a

port, we surely need tagging.

b. If we add two VLANs without tagging to a port, then the old VLAN will be

overwritten with the new VLAN.

10.7 References 3Com Switch 3300 User Guide http://support.3com.com/infodeli/tools/switches/ss3/3300/3c16980a/index.htm 3Com Switch 3300 Management Guide http://support.3com.com/infodeli/tools/switches/ss3/management/ug/index.htm

L A B S 1 1 a n d 1 2

ROUTING EXPERIMENTS

13. Objectives: 10 Configure and test Windows 2003 as a router.

11 Learn how to configure CISCO 2600 Router.

12 Divide the lab network into different networks.

13 Examine and comprehend the routing table maintained by a router.

14 Modify routing table by adding dynamic routes.

15 Use Ethereal software to capture RIP packets and analyze them.

16 Use Ping and TraceRoute to test connectivity through a router.

11.1 Review of IP address

Every interface on an IP network must have a unique IP address. Every IP packet

traveling through an IP network contains a source IP address and a destination IP address.

These addresses are 32-bit numbers. An IP address actually consists of two parts: one

part identifies the network and referred to as Network ID (or simply NetID) and another part

identifies the host and referred to as HostID. How do we know the length of each part? This

information is specified through a subnet mask, which is a 32-bit value with the bits

corresponding to the NetID set to 1's and the bits corresponding to the HostID set to 0's. For

example, a subnet mask value of 255.0.0.0 specifies that the NetID is 8 bits and the HostID is

24 bits.

These 32-bit addresses are normally written as four decimal numbers, one for each byte

of the address. This is called dotted-decimal notation.

11.2 Configure the Lab as a set of networks connected by routers Since the lab contains 5 networks, convert the first computer on each network to act as

a router between it and the next network in accordance with the figure below.

192.168.231.1 &192.168.231.8

SM: 255.255.255.0GW: 192.168.231.10

Switch B

192.168.230.1SM: 255.255.255.0

ROUTER CLIENTS

192.168.230.2 &192.168.230.8

SM: 255.255.255.0GW: 192.168.230.1

CLIENTS

192.168.231.10SM: 255.255.255.0

Switch A

11.2.1 Configure Windows 2003 machine as router

Configure Windows 2003 machine as router using the following:

1. Start Administrative Tools Routing and Remote access

2. Select Local Computer and right-click it.

3. Select Configure and Enable routing and remote access. Routing and remote

access wizard appears.

4. Click Next. Configuration Window appears. Select Custom Configuration Next.

Custom configuration window appears.

5. Tick LAN Routing Next. Click Finish.

6. Click Yes to start the service.

11.2.2 Checking for connectivity

To ensure that the router is working properly, all you need is to ping a machine outside of your

network. But first to ensure that the router on your network is up, try to ping the IP addresses

associated with the router interfaces, then if that is successful, ping a machine on the remote

network

Use the commands from a computer on Network A:

1. To test the router interface which is connected to the source host.

ping 192.168.230.1

2. To test the router interface which is connected to another network.

ping 192.168.231.5

3. To ping to a computer in another network.

ping 192.168.231.2

11.3 A Quick Guide to CISCO 2600 Routers 11.3.1 Connecting to Router

There are two ways to connect to the Cisco router for the purposes of configuration

and maintenance. First, initially you will probably configure your router from a terminal.

Second, if the router is already configured and at least one port is configured with an IP

address, and it has a physical connection to the network, you might be able to telnet to the

router and configure it across the network.

If the router is not already configured, then you will have to use the first method and directly

connect to it with a terminal and a serial cable [Roll-over cable].

• Plug a serial cable into a serial (COM) port on the PC and the other end into the

console port on the Cisco router.

• Using a PC running Microsoft Windows, you can use HyperTerminal program found in

Accessories Communications to access the router's console. If Hyperterminal is not

present, install it from the Software directory [htpe63.exe].

• Start HyperTerminal, tell it which COM port to use and click OK. Set the speed of

the connection to 9600 baud and click OK. You may need to hit the Enter key to see

the prompt from the router.

Notes:

1. You need to configure the IP address for an FastEthernet interface using

Hyperterminal.

2. Connect the configured FastEthernet port to the switch so as to make sure you PC is

connected to this FastEthernet port.

3. Telnet to the IP address of the port and practice the basic commands of router.

11.3.2 Router Modes - Unprivileged and privileged modes

When you first connect to the router and provide the password (if necessary), you

enter EXEC mode, the first mode in which you can issue commands from the command-

line. From here you can use such unprivileged commands as ping, telnet, and rlogin. You

can also use some of the show commands to obtain information about the system. In

unprivileged mode you use commands like, show version to display the version of the IOS

the router is running. Type show ? to display all the show commands available in the mode

you are presently in.

Router>show ?

You must enter privileged mode to configure the router. You do this by using the

command enable. Privileged mode will usually be password protected unless the router is

unconfigured. You have the option of not password protecting privileged mode, but it is

HIGHLY recommended that you do. Issue the command enable and provide the password,

you will enter privileged mode. To help the user keep track of what mode they are in, the

command-line prompt changes each time you enter a different mode. When you switch from

unprivileged mode to privileged mode, the prompt changes from:

Router>

to

Router#

Cisco describes two modes, unprivileged and privileged, and then a hierarchy of

commands used in privileged mode. There to be many sub-modes of privileged mode, that is

called parent mode.

The command show ? will display all the show commands available in the current

mode. Do the following commands:

Router#show interfaces

Router#show ip protocols

Router#show ip route

Router#show ip arp

As you configure the router, you will enter various sub-modes to set options and then

return to the parent mode to display the results of your commands. You also return to the

parent mode to enter other sub-modes. To return to the parent mode, you hit ctrl-z. This

puts any commands you have just issued into effect, and returns you to parent mode.

11.3.3 Global configuration (config)

To configure any feature of the router, you must enter configuration mode. This is

the first sub-mode of the parent mode. In the parent mode, issue the command config

terminal.

Router#config terminal

Router(config)#

To change the name of the router, issue the hostname command.

Router(config)#hostname r1

r1(config)#

As demonstrated above, when you set the name of the host with the hostname

command, the prompt immediately changes by replacing Router with r1.

11.3.4 Configuring interfaces

To display the configuration of the interface you use the command:

r1#show interface fastethernet 0/0

r1#show interface serial 1/0

Here is an example of configuring a fastethernet port with an IP address:

r1#config

r1(config)#interface fastethernet 1/0

r1(config-if)#ip address 172.1.1.1 255.255.0.0

r1(config-if)#no shutdown

r1(config-if)#ctrl-Z

r1#

Note the no shutdown command. An interface may be correctly configured and physically

connected, yet be “administratively down”. In this state it will not function.

To reverse or delete the results of any command is to simply put no in front of it. For

instance, if we wanted to unassign the IP address we had assigned to interface fastethernet

1/0:

r1(config)#interface fastethernet 1/0

r1(config-if)#no ip address 172.1.1.1 255.255.0.0

r1(config-if)ctrl-Z

r1#show interface serial 1/0

11.3.5 Routing

IP routing is automatically enabled on Cisco routers. If it has been previously disabled

on your router, you turn it back on in config mode with the command ip routing.

r1(config)#ip routing

r1(config)#ctrl-Z

There are two main ways a router knows where to send packets. The administrator

can assign static routes, or the router can learn routes by employing a dynamic routing

protocol.

These days static routes are generally used in very simple networks or in particular

cases that necessitate their use. To create a static route, the administrator tells the router

operating system that any network traffic destined for a specified network layer address

should be forwarded to a similarly specified network layer address. In the Cisco IOS this is

done with the ip route command.

r1#config

r1(config)#ip route 172.16.0.0 255.255.255.0 192.168.2.1

r1(config)#ctrl-Z

r1#show ip route

Two things are to be said about this example. First, the packet destination address must

include the subnet mask for that destination network. Second, the address it is to be forwarded

is the specified address of the next router along the path to the destination. This is the most

common way of setting up a static route.

Dynamic routing protocols, running on connected routers, enable those routers to

share routing information. This enables routers to learn the routes available to them. The

advantage of this method is that routers are able to adjust to changes in network topologies. If a

route is physically removed, or a neighbor router goes down, the routing protocol searches for a

new route. Routing protocols can even dynamically choose between possible routes based on

variables such as network congestion or network reliability.

Configure the Routing Information Protocol (RIP) on Cisco routers. From the

command-line, we must explicitly tell the router which protocol to use, and what networks the

protocol will route for.

r1#config

r1(config)#router rip

r1(config-router)#network 192.168.230.0

r1(config-router)#network 192.168.231.0

r1(config-router)#ctrl-Z

r1#show ip protocols

Now when you issue the show ip protocols command, you should see an entry

describing RIP configuration.

11.3.6 Saving your configuration

If you turned the router off right now, and turned it on again, you would have to start

configuration over again. Your running configuration is not saved to any permanent storage

media. You can see this configuration with the command show running

r1#show running

If you do want to save your successful running configuration, issue the command copy

running startup

r1#copy running startup

Your configuration is now saved to non-volatile RAM (NVRAM). Then, issue the

command show startup

r1#show startup

Now any time you need to return your router to that configuration, issue the command

copy startup running

r1#copy startup running

11.3.7 Viewing Configuration

Issue the following command and write down their outputs:

1. Get the routing table

sh ip route

If you get ‘ICMP redirect cache is empty’, then that means the ip routing is not

enabled.

2. Check whether ‘no ip routing’ exists.

sh run

If yes, then we need to enable ip routing. Issue the command ‘ip routing’ at the

(config)#.

3. Check the running configuration

sh run

4. Get the details about the router and write it down.

sh ver

What version of the IOS is running?

What is the name of the Cisco IOS image file loaded?

What kind of router (platform type) is this?

What is the revision level of the image?

How much NVRAM (startup config) memory is there?

How much RAM is there?

show flash Used to verify the contents of the Flash memory.

If the flash file name is c2500-js-l.112-18.bin.

c2500 is the platform

j indicates that the file is an enterprise image.

s indicates the file contains extended capabilities.

l indicates that the file can be moved from flash memory if needed and is not

compressed.

11.2-18 is the revision number.

.bin indicates that the Cisco IOS is a binary executable file.

What is the name and length of the Cisco IOS image stored in flash?

What attributes can you identify from codes in the Cisco IOS filename?

Note: 27648K/5120K memory means 27M of processor memory and 5M of I/O memory. In

total, 32M of DRAM is present.

11.3.8 Exercise

Implement the following network diagram. Make sure that the gateways of the PCs are

properly set as the IP address of the network interface of the router that it is connected to.

192.168.230.240255.255.255.0

192.168.231.240255.255.255.0

192.168.230.1255.255.255.0

192.168.231.2255.255.255.0

192.168.231.1255.255.255.0

192.168.230.2255.255.255.0

192.168.230.230255.255.255.0

192.168.231.230255.255.255.0

11.4 Configure Router in your Segment 11.4.1 Lab setup

Setup the lab network according to the figure given below.

192.168.230.240255.255.255.0

192.168.231.240255.255.255.0

192.168.230.1255.255.255.0

192.168.231.2255.255.255.0

192.168.231.1255.255.255.0

192.168.230.2255.255.255.0

192.168.230.230255.255.255.0

192.168.231.230255.255.255.0

192.168.232.240255.255.255.0

192.168.233.240255.255.255.0

192.168.232.1255.255.255.0

192.168.233.2255.255.255.0

192.168.233.1255.255.255.0

192.168.232.2255.255.255.0

192.168.232.230255.255.255.0

192.168.233.230255.255.255.0

192.168.235.240255.255.255.0

192.168.235.241255.255.255.0

Step 1: You should configure the TCP/IP setting in each host appropriately with respective

subnet mask and gateway addresses. The gateway address is the interface address of the router

that is connected to the specific network. For example, the first host on LAN Segment B should

use the following setting:

IP Address: 192.168.231.1

Subnet Mask: 255.255.255.0

Gateway: 192.168.231.240

11.4.2 Configure the router

You need to configure the router for few things:

1. To connect to the router, you need to assign an IP address for each interface of

the router. When we get a new router, we use console cable to assign an IP

address and then connect via telnet.

2. We need to assign an IP address for both the fast Ethernet interface cards. We

should be at the privileged mode. An example is given below:

#config t

(config)# interface FastEthernet 0/0 → configure Ethernet interface 0/0

(config-if)#ip address 192.168.230.240 255.255.255.0 IP address and the

subnet mask.

(config-if)#no shut (or no shutdown) → ensure that interface is not

administratively down

(config-if)#ctrl-z (or exit) → execute all of the above and return to parent

3. Now the connection between networks connected via a single router should

work. We can ping among 192.168.230.0 & 192.168.231.0 network and between

192.168.232.0 & 192.168.233.0 networks.

4. All the hosts can connect to the router using telnet. You can telnet to the

respective gateway address. The routing table at this time can be viewed using

show ip route

5. Now we need to assign an IP address for the Serial interface. We should be at

the privileged mode.

#config t

(config)# interface Serial 1/0 → configure Serial interface 1/0

(config-if)#ip address 192.168.230.240 255.255.255.0

(config-if)#no shutdown (or no shut)

(config-if)#bandwidth 64

(config-if)#clock rate 64000 will work only with DCE connections

(config-if)#ctrl-z (or exit) → execute all of the above and return to parent

Note: To identify whether a connection is DCE or DTE, we can use the

command ‘show controllers’

6. From the hosts, the users should be able to ping to IP address of the serial

interface present in the router connected to their network.

7. All the necessary IP address setups are done. We need to enable routing

protocols to have the necessary routing among the networks connected to

different routers. To setup the RIP protocol, we do as below:

# config t

(config)# router rip

(config-router)# network 192.168.230.0

Note: We need to add the network entries for the serial connection that

connects different routers. We need to add entry for all the directly connected

networks [both fastethernet and serial].

8. All the necessary connections are done and all the hosts should be able to ping

other hosts present in different networks. Show ip route command will show

that routes are learnt using RIP protocol.

9. We can refer to various configuration settings on the router using:

#show ip protocols

#show ip route → shows routing table

#show running-conf or show run

#show interfaces

10. We can view the actual RIP packets using the command:

#debug ip rip → displays RIP routing updates as they are sent or received

If we are not able to see the RIP information at our telnet prompt, issue the

command,

#terminal monitor

To stop viewing the RIP routing information,

#undebug all → stop display debug information

Exercise

• Using the appropriate command to dump the IP routing table in your segment and

write it below.

11.5 Capturing RIP traffic

RIP data is encapsulated in UDP messages which source port and destination port are

both set to 520. We will use the same procedure we have learnt in previous labs to capture

RIP traffic using Ethereal. The captured images for both RIP request and response are given

below.

From above the captures, answer the following queries:

• Which protocol does RIP use? Does it have any specific port number?

• In RIP request, there is no request specified. Why?

• The version of RIP is specified as RIPv1. Is there any other version of RIP? If so,

what is their difference?

• Why is it that the RIP messages [request and response] are sent as IP broadcast?

• What is the use of Metric in RIP request and response messages?

• In the last snap-shot provided there is different metric for different IP addresses

given. Why?

Exercise: Fill the RIP format using the packets captures given.

11.6 Using Static Routes Static routes can serve as an alternative to using RIP. For example, we could disable

RIP on router A and add static routes for networks B, C, D and E as follows:

(config)#no router rip → disable RIP

(config)#ip route 192.168.230.0 255.255.255.0 192.168.235.240

(config)#ip route 192.168.231.0 255.255.255.0 192.168.235.240

(config)#ip route 192.168.232.0 255.255.255.0 192.168.235.241

(config)#ip route 192.168.233.0 255.255.255.0 192.168.235.241

11.7 Adding a static default route

To have Router A use the Instructor's router as the default route (used when there is no

match with ordinary entries in the routing table), use the following command (a default route is

entered with IP address 0.0.0.0 and a subnet mask 0.0.0.0),

Source Port*

20 byte IP Header

Ethernet Destination Address

Ethernet Source Address

IP Source Address

EtherType

IP Destination Address*

Protocol*

14 byte Ethernet Frame Header

2 bytes: 0800 indicates that the frame contains IP packet

6 bytes

6 bytes

1 byte: ___* indicates that the packet contains UDP message

Ver * HL*

4 bytes

4 bytes

4 bytes Length

RIP data

Frame Checksum

UDP Header+Data

(config)#ip route 0.0.0.0 0.0.0.0 192.168.230.251

Question: Is the presence of the Instructor's router necessary to route traffic between the

segments A and C? Justify your answer.

Exercise: Testing Router Connectivity

• A good test to ensure that the router in your segment is working properly is to ping a

host outside of your network. Another useful test is to use TraceRoute (sometimes

abbreviated as TraceRT) command to print the IP addresses of routers along the path

to a target host.

• From your host, traceroute to the first host on a segment that is next to your segment.

For example, if you happen to be on Segment C then issue the command: tracert

192.168.230.97. Write down the results below.

11.8 Dynamic Routing with OSPF within an area

Use OSPF routing protocol as the dynamic routing protocol. Make the whole network

into one single area. The administrative distance of OSPF is 110.

1. Log into your routers and go into privileged mode by typing en or enable.

2. From the configuration mode on Router A, type router ospf ?.

3. Notice that it asks for a process number. Type 100 and press Enter.

4. To configure neighbors in OSPF [Configure all routers in area 0]

RouterA(config-router)# network 192.168.230.1 0.0.0.0 area 0

OR

RouterA(config-router)# network 192.168.230.0 0.0.0.255 area 0

OR

RouterA(config-router)# network 192.168.230.0 0.0.255.255 area 0

Note: Here, we don’t provide the subnet mask. Instead a wild-card is provided. Wild-

card means, if we wish to consider a bit, we provide 0 and to ignore a bit, we provide 1.

For example, in the first command given [192.168.230.1 0.0.0.0], we want to match the

IP exactly. In 192.168.230.0 0.0.0.255, we wish to match the first three parts of the IP

address and the last part is not configured.

5. Press Ctrl+Z to get out of configuration mode.

6. Do similarly for other routers

7. Verify that OSPF is running by typing the following command at each router:

show ip route

show ip ospf neighbor

Note: Process number is a number local to the router. It is possible to have more than one

process running on a router, although this is an unusual and expensive configuration in terms of

router resources. The process number does not have to be the same on every router in the area

or the autonomous system. In the interest of sanity, however, many administrators make it the

same number.

11.9 Access List Access list is used to deny or permit control for packets that pass via the router. Access

lists are executed sequentially based on the order of rules provided. Once an access list is added,

there exists an implicit deny at the end of the list. Any packet that is not matched with the rules

in the list is denied entry by the implicit deny. There are two types of access lists, namely:

1. Standard Access list: The control of the packet is based on the source address only. The

list number ranges from 0 to 99. This list is applied near the destination of the packet.

2. Extended Access list: The control of the packet is based on source address, destination

address, source port, destination port, protocol, etc. The list number ranges from 100 to

199. This list is applied near to the source of the packet. Takes more time to process

than the standard list but it is more powerful.

Specify the access rules at the global configuration level.

(config)# access-list access-list-number {permit | deny} source-address [wildcard mask]

Add the specified access list to an interface.

(config-if)# ip access-group access-list-number {in | out}

Note: Out means the packet is coming out of the specific interface and in means the packet is

entering the interface.

Examples:

a. To block a non-192.168.0.0. network

(config)# access-list 1 permit 192.168.0.0 0.0.255.255 Last part is wild-card

(config)# interface fastethernet 0/0

(config-if)# ip access-group 1 out

Note: Use ‘in’ to act on directly connected networks. This is because we need to

take action without taking any routing decision. Wildcard is used, which is opposite

to subnet mask.

b. Access list blocking traffic from a single host

(config)# access-list 1 deny 192.168.230.1 0.0.0.0

(config)# access-list 1 permit 0.0.0.0 255.255.255.255

(config)# interface fastethernet 0/0

(config-if)# ip access-group 1 out

c. Access list blocking traffic from a single subnet

(config)# access-list 1 deny 192.168.230.0 0.0.0.255

(config)# access-list 1 permit any

(config)# interface fastethernet 0/0

(config-if)# ip access-group 1 out

d. To permit vty access to a specific network

(config)# access-list 2 permit 192.168.230.0 0.0.0.255

(config)# line vty 0 4

(config-line)# access-class 2 in

e. Extended access list blocking Telnet traffic from a specified subnet

(config)# access-list 101 deny tcp 192.168.230.0 0.0.0.255 192.168.231.0

0.0.0.255 eq 23

(config)# access-list 101 permit ip any any

(config)# interface fastethernet 0/0

(config-if)# ip access-group 101 out

Note: with ‘ip access-group 101 in’, we can block telnet to the router even from the

directly connected networks. Another way to do this is:

line vty 0 4

login

no password

Note: This requires a password. Because a password has not been established,

however, it is impossible to correctly input a password. The result is no access.

no line vty 0 4

OR

(config)# access-list 12 permit 192.168.230.0 0.0.0.255

(config)# line vty 0 4

(config-if)# access-class 12 in

f. show access-lists displays the contents of all access lists.

g. show ip access-lists displays the IP access lists.

11.10 References Cisco 2600 router: Technical reference http://www.cisco.com/en/US/products/hw/routers/ps259/prod_technical_documentation.html RIP http://www.cisco.com/univercd/cc/td/doc/cisintwk/ito_doc/rip.pdf OSPF http://www.cisco.com/univercd/cc/td/doc/cisintwk/ito_doc/ospf.pdf

L A B 1 3

PART I

ICMP AND TCP PACKET ANALYSIS

13. Objectives [Lab 13A]: 17 Examine the ICMP message structure and encapsulation.

18 Expose the role played by ICMP in Ping and TraceRoute utilities.

19 Show ICMP statistics using netstat command.

20 Examine the TCP Segment structure and encapsulation.

21 Examine the three phases of a TCP connection.

22 Capture and analyze the TCP traffic generated during a Web session.

13.1. General Lab setup Set the gateway address as 192.168.230.251. Set DNS Server to 172.16.0.1.

19 20 21 22 23 2413 14 15 16 17 187 8 9 10 11 121 2 3 4 5 6

43 44 45 46 47 4837 38 39 40 41 4231 32 33 34 35 3625 26 27 28 29 30

19 20 21 22 23 2413 14 15 16 17 187 8 9 10 11 121 2 3 4 5 6

43 44 45 46 47 4837 38 39 40 41 4231 32 33 34 35 3625 26 27 28 29 30

19 20 21 22 23 2413 14 15 16 17 187 8 9 10 11 121 2 3 4 5 6

43 44 45 46 47 4837 38 39 40 41 4231 32 33 34 35 3625 26 27 28 29 30

192.168.230.1 & 192.168.230.5

SM: 255.255.0.0GW: 192.168.230.251

ICS-NWLA1 ICS-NWLB1192.168.231.1 & 192.168.231.5

SM: 255.255.0.0GW: 192.168.230.251

INSTRUCTOR PC

192.168.230.251SM: 255.255..0

172.16.20.2SM: 255.255.0.0

Inter LANInter LAN

SwitchSwitch

Hub

CCSE Network

13.2. Capturing ICMP traffic An ICMP message (i.e. a request or a reply) is directly encapsulated in an IP packet with

protocol field in the IP header set to 1. On an Ethernet LAN, the IP packet itself is

encapsulated in an Ethernet frame with EtherType value set to (0x0800). Thus the simplest way

to capture ICMP traffic is to use a filter on the Protocol field in the IP header. Use Ethereal to

Capture ICMP packets that are generated when you ping your neighbor's IP address.

1. Follow the steps as discussed in 2.2 and specify icmp instead of arp as the protocol to

filter.

2. Observe the details of the ICMP frames after doing ping.

Details of ICMP request frame during ping:

Details of ICMP Reply frame:

Exercise: Based on the above capture state how Ping works. Also fill in the values marked

with * below for an Ethernet frame containing an ICMP Echo Request. State the role of the

ICMP fields: type, code, checksum, identification, seqno, data.

• What is the relation between source and destination Ethernet address in the ICMP

request and reply?

• What is the use of Don’t fragment and More fragment fields?

• How do you differentiate between the ICMP request and reply packet using the

ICMP header information?

• What is the use of Identifier field in the ICMP request and reply messages?

• What is the use of sequence number along with Identifier field in ICMP request and

reply messages?

• Does the Header checksum in ICMP request and reply messages are consistent?

Explain.

20 byte IP Header

Ethernet Destination Address

Ethernet Source Address

IP Source Address

EtherType

IP Destination Address

Protocol*

14 byte Ethernet Frame Header

2 bytes: 0800 indicates that the frame contains IP packet

6 bytes

6 bytes

1 byte: ___** indicates that the packet contains ICMP message

Ver * HL*

4 bytes

4 bytes

type code checksum 4 bytesSeqNoIdentification 4 bytesICMP

Header+Data Data (variable length)Frame Checksum

13.2.1. Capture ICMP packets generated and received during TraceRoute

TraceRoute (sometimes abbreviated as TraceRT) is one of the basic IP diagnostic tools.

It is used to discover the routers that an IP packet would traverse to reach a given target host

(i.e. IP address). TraceRoute first sends one or more ICMP Echo Request packets with

TTL=1. Any packet with TTL=1 will be discarded by the first router along the path to

destination but the router will send an ICMP Time Exceeded message (type/code= ____ /

_____) to the source host. TraceRoute receives this ICMP message and notes the IP source

address as the address of the first router.

Then TraceRoute sends one or more ICMP Echo Request packets with TTL value=2.

Any such packet crosses the first router where its TTL value is decremented by 1. At the

second router, the packet is dropped and an ICMP Time Exceeded message is sent back to the

source host. The IP source address of this message is that of the second router. The process

continues until TraceRoute actually gets an ICMP Echo Reply from the target host or the TTL

value exceeds some preset maximum.

To verify all of this, follow theses steps.

1. From your computer, traceroute to KFUPM (or CCSE) Web Server by issuing the

command:

tracert www.kfupm.edu.sa. You should get results similar to the one shown below.

2. Use Ethereal with the filter set as in the previous task and capture the resulting traffic.

• As first step, the domain name www.kfupm.edu.sa should be resolved to its IP

address and so a DNS query is generated.

• In the DNS query, what is the destination IP address? Justify.

• Is there a fixed source port in the DNS query? Explain.

• What is the reason for the destination port being selected as 53? Justify.

• The flags in the DNS indicate whether the packet is query or response. Discuss the

relationship between the flag values in query and response.

• Immediately after the DNS response, ICMP packets are generated. Initially, ICMP

packets are generated with TTL as 1.

• The response for the ICMP query does not come from the actual destination. Why?

• What does ‘Time-to-live exceeded’ mean?

• The Time-to-live is increased to 2 because the source received ‘Time-exceeded’

message.

• What is the relationship between the source and destination IP address of the ICMP

request messages with TTL=1 and TTL=2? Justify.

• The ‘Time-to-live exceeded’ message arrive from a different IP compared to the

pervious Time-to-live exceeded message. Why?

• Why is it that the TTL value of the ‘Time-to-live exceeded’ message is 1? Explain.

• Following the above mentioned procedure, the TTL gets incremented and finally, the

request reaches the actual destination. The destination then replies to the source.

• How can traceroute calculate the minimum, maximum and average response time?

•

Exercise: Traceroute to some host on the Internet, say www.ibm.com. Explain the result.

13.2.2. Capturing ICMP Destination Unreachable message

This ICMP message uses a Type field value of 3 and is generated under various

conditions (cases) indicated by the value used for the Code field. Here we will consider two cases

only.

Case 1: Host Unreachable

Recall that when an IP packet finally reaches a router attached to the destination network, the

router would then encapsulate the received packet in a frame addressed to the destination

host. Thus the router will issue an ARP Request for the MAC address corresponding to the

destination IP address, and if no ARP Reply is received, the router will discard the packet and

send an ICMP Destination Unreachable/Host Unreachable message back to the source host.

To capture such message, use filter as set previously and run the command:

ping <ipaddress of a dead host on a remote network>

Case 2: Port Unreachable

The destination host generates this message when there is no process listening on the

specified TCP (or UDP) destination port.

To capture such message, use filter as set previously and run the command:

traceroute <ipaddress of your neighbor> -p 1000 - assume no process listens on port 1000.

Note: This command works only with Unix platform.

13.2.3. Generate IP fragmented packet

To see the IP fragmentation process in action, one can use the Ping command with the

option for the size of Ping data set large enough to causes the IP packet size to exceed the

underlying data link layer Maximum Transmission Unit (MTU) - For Ethernet, MTU is 1500

bytes. Subtracting 20 bytes for IP header and 8 bytes for ICMP header → maximum ICMP

data of 1472 byes. Thus setting a Ping length option of 1473 will lead to a fragmented packet.

Exercise: Setup a filter to capture IP/ICMP and run the command:

ping –n 1 –l 1473 <ipaddress>.

If all goes well, you should get a screen like the one shown below. Note that the size of

the first IP packet is set to 1500 (i.e. subtracting the length of IP header (20) → fragment size is

1480). Can you guess the value of the fragment offset in the IP packet containing the second

fragment?

13.2.4. Viewing ICMP statistics

As shown in the snapshot below, one can use the netstat command. At the command

prompt type the command: netstat –s.

Note: It is good to know that the command netsat –e gives statistics about the local Ethernet's

interface. A value of zero for received erroneous frames would indicate a network free of bad (or

lose) wiring and malfunctioning network interface cards.

Exercise: Capture ICMP packets using Ethereal.

13.3. Capturing TCP traffic

13.3.1. What goes on during a Web surfing session?

HTTP is an example of an Application Layer protocol that is encapsulated in TCP.

Thus one way to capture TCP Segments is use the browser to fetch some URL and at the same

time capture the frames that go out or come to the network interface associated with the local

station. Therefore, we will use a filter that restricts the MAC source or destination address to

match that of local station. Follow these steps.

Have Ethereal set to Capture Mode and browse to some site such as

http://www.ccse.kfupm.edu.sa. If all goes well then you should get a capture similar to the one

shown below.

Based on the above capture write down the steps (tasks) that the browser goes through.

Step (Task) Application/Transport

Protocols used

# of application-

data packets

exchanged

ARP Request for

1.Open a TCP

connection

TCP Syn-SynAck-Ack

2. Send an HTTP

GET Request

HTTP/TCP

3. Get Reply HTTP/TCP

4. Repeat Steps 3, 4

a number of times

HTTP/TCP

5. Close the TCP

Connection

TCP Fin and Ack

Note that before a TCP connection is opened the IP address of the host in URL is

needed. Thus a DNS query needs to be issued**. The DNS query will be encapsulated in a

frame destined to the IP address of DNS server but what would be the MAC address? Will

we send an ARP request asking for MAC address of DNS server?

**If you don't see DNS Query and Reply this in your capture, can you explain why?

13.3.2. Structure and Encapsulation of a TCP segment

By considering one of the frames that contains a TCP segment verifies that the

encapsulation and the structure of a TCP segment is in accordance with the diagram shown

below.

• What is the relationship between sequence number and acknowledgement number?

• How can we use the HEADER LENGTH field of the IP datagram to locate the

beginning of the TCP segment?

• Compute and display the size of the payload carried in the segment. Note: you must

use the TOTAL LENGTH field in the IP datagram to compute the segment size.

• What is the indication of the source and destination port number in the TCP packets?

20 byte IP Header

Ethernet Destination Address

Ethernet Source Address

IP Source Address

EtherType

IP Destination Address

Protocol*

14 byte Ethernet Frame Header

6 bytes

2 bytes: 0800 indicates that the frame contains IP packet

6 bytes

Ver * HL*

1 byte: 6* indicates that the packet contains TCP message

4 bytes 4 bytes

4 bytes source port dest. port

4 bytes

TCP Header 4 bytes AckNo

SeqNo

offset-re-uaprsf win sizechecksum urg ptr

options + padding

Frame Checksum

TCP data

4 bytes

• Use the above capture, indicate the following:

o What do you understand by ‘Sequence number’ and ‘Next sequence number’?

o Format of HTTP messages.

o Impact of HTTP messages on the TCP flags.

13.3.3. Analyzing the Phases of a TCP connection

A TCP connection goes through three phases in sequence:

Open Connection phase using Three-Way handshake

Data Exchange phase

Close Connection phase

The Connection Opening Phase uses the three-way handshake.

The Data Exchange Phase uses the sliding window technique including the provision for

SeqNo and AckNo to allow the proper ordering of the data. The flow control is managed using

the Window Size field.

Note that for an outgoing segment we set the AckNo using the formula,

AckNo = (SeqNo + Data Size) of the last correctly received segment

Note: For the Initial SYN Segments we assume a data size of 1 byte.

Exercise: Verify the above formula by tracking a received segment (say, the one containing

the first GET request) and the segment that is sent following it.

ClientServer

Ack, SeqNo=201AckNo=501

Syn, Ack, SeqNo=500AckNo=201

Syn, SeqNo=200

SeqNo (Hex) AckNo (Hex) Data Size (in bytes)

Received Segment

Sent Segment

The Close Connection Phase uses a pair of Fin-Ack segments (i.e. two Fins and two

Acks). When one side has no more data then he should send a Fin segment and when

acknowledged he must not send any more data but can continue sending Ack segments for

the data it receives. After a while the other side, can do the same.

13.4. References ICMP http://www.freesoft.org/CIE/Topics/81.htm TCP http://www.freesoft.org/CIE/Topics/83.htm

L A B 1 3

PART II

TCP SIMULATION

Objectives [Lab 13B]: 23 Demonstrate the congestion control algorithms implemented by the Transmission Control

Protocol (TCP).

24 Provides a number of scenarios to simulate congestion control algorithms.

25 Compare the performance of the algorithms through the analysis of the simulation results.

13.5 Overview The Internet’s TCP guarantees the reliable, in-order delivery of a stream of bytes. It

includes a flow-control mechanism for the byte streams that allows the receiver to limit how

much data the sender can transmit at a given time. In addition, TCP implements a highly tuned

congestion-control mechanism. The idea of this mechanism is to throttle how fast TCP sends

data to keep the sender from overloading the network.

The idea of TCP congestion control is for each source to determine how much capacity

is available in the network, so that it knows how many packets it can safely have in transit. It

maintains a state variable for each connection, called the congestion window, which is used by the

source to limit how much data it is allowed to have in transit at a given time. TCP uses a

mechanism, called additive increase/multiplicative decrease, that decreases the congestion window

when the level of congestion goes up and increases the congestion window when the level of

congestion goes down. TCP interprets timeouts as a sign of congestion. Each time a timeout

occurs, the source sets the congestion window to half of its previous value. This halving

corresponds to the multiplicative decrease part of the mechanism. The congestion window is not

allowed to fall below the size of a single packet (the TCP maximum segment size, or MSS).

Every time the source successfully sends a congestion window’s worth of packets, it adds the

equivalent of one packet to the congestion window; this is the additive increase part of the

mechanism.

TCP uses a mechanism called slow start to increase the congestion window “rapidly”

from a cold start in TCP connections. It increases the congestion window exponentially, rather

than linearly. Finally, TCP utilizes a mechanism called fast retransmit and fast recovery. Fast

retransmit is a heuristic that sometimes triggers the retransmission of a dropped packet sooner

than the regular timeout mechanism.

In this lab you will set up a network that utilizes TCP as its end-to-end transmission

protocol and analyze the size of the congestion window with different mechanisms.

13.6 Create a New Project 1. Start OPNET IT Guru Academic Edition Choose New from the File menu.

2. Select Project and click OK Name the project <your initials>_TCP, and the

scenario No_Drop Click OK.

3. In the Startup Wizard: Initial Topology dialog box, make sure that Create Empty

Scenario is selected Click Next Select Choose From Maps from the Network

Scale list Click Next Choose mideast from the Map List Click Next twice

Click OK.

13.7 Create and Configure the Network 13.7.1 Initialize the Network

1. The Object Palette dialog box should now be on the top of your project space. If it is not

there, open it by clicking . Make sure that the internet_toolbox item is selected from

the pull-down menu on the object palette.

2. Add to the project workspace the following objects from the palette: Application Config,

Profile Config, an ip32_Cloud, and two subnets.

• To add an object from a palette, click its icon in the object palette Move your

mouse to the workspace Click to drop the object in the desired location

Right-click to finish creating objects of that type.

Note: The ip32_cloud node model represents an IP cloud supporting up to 32 serial

line interfaces at a selectable data rate through which IP traffic can be modeled. IP

packets arriving on any cloud interface are routed to the appropriate output interface

based on their destination IP address. The RIP or OSPF protocol may be used to

automatically and dynamically create the cloud's routing tables and select routes in an

adaptive manner. This cloud requires a fixed amount of time to route each packet, as

determined by the Packet Latency attribute of the node.

3. Close the palette.

4. Rename the objects [Applications, Profiles, West, East, KSA Internet] you added as shown

and then save your project:

13.7.2 Configure the Applications

1. Right-click on the Applications node Edit Attributes Expand the Application

Definitions attribute and set rows to 1 Expand the new row Name the row

FTP_Application.

• Expand the Description hierarchy Edit the FTP row as shown (you will need

to set the Special Value to Not Used while editing the shown attributes):

• Inter-Request Time specifications: Distribution Name = constant, Mean Outcome

= 3600

• File Size (bytes): Distribution Name = constant, Mean Outcome = 10000000.

2. Click OK twice and then save your project.

13.7.3 Configure the Profiles

1. Right-click on the Profiles node Edit Attributes Expand the Profile Configuration

attribute and set rows to 1.

a. Name and set the attributes of row 0 as shown Click OK.

1. Profiles configuration rows = 1.

2. row 0 Profile Name = FTP_Profile

3. Applications rows = 1.

4. Applications row 0 Name = FTP_Application

5. Applications row 0 Start Time Offset = constant(5)

6. Applications row 0 Repeatability = Once at Start Time

7. Applications Start Time Offset = constant(100)

13.7.4 Configure the West Subnet

1. Double-click on the West subnet node. You get an empty workspace, indicating that the

subnet contains no objects.

2. Open the object palette and make sure that the internet_toolbox item is selected from

the pull-down menu.

3. Add the following items to the subnet workspace: one ethernet_server, one

ethernet4_slip8_gtwy router, and connect them with a bidirectional 100_BaseT link

Close the palette Rename the objects [Server_West, Router_West] as shown.

Note: The ethernet4_slip8_gtwy node model represents an IP-based gateway supporting

four Ethernet hub interfaces and eight serial line interfaces.

4. Right-click on the Server_West node Edit Attributes:

a. Edit Application: Supported Services Set rows to 1 Set Name to

FTP_Application Click OK.

b. Edit the value of the Server Address attribute and write down Server_West.

c. Expand the TCP Parameters hierarchy Set both Fast Retransmit and Fast

Recovery to Disabled.

5. Click OK and then save your project.

Now, you have completed the configuration of the West subnet. To go back to the top level of

the project, click the Go to next higher level button.

13.7.5 Configure the East Subnet

1. Double-click on the East subnet node. You get an empty workspace, indicating that the

subnet contains no objects.

2. Open the object palette and make sure that the internet_toolbox item is selected from

the pull-down menu.

3. Add the following items to the subnet workspace: one ethernet_wkstn, one

ethernet4_slip8_gtwy router, and connect them with a bidirectional 100_BaseT link

Close the palette Rename the objects [Router_East, Client_East] as shown.

4. Right-click on the Client_East node Edit Attributes:

a. Expand the Application: Supported Profiles hierarchy Set rows to 1

Expand the row 0 hierarchy Set Profile Name to FTP_Profile.

b. Assign Client_ East to the Client Address attributes.

c. Edit the Application: Destination Preferences attribute as follows:

Set rows to 1 Set Symbolic Name to FTP Server Edit Actual Name

Set rows to 1 In the new row, assign Server_West to the Name column.

5. Click OK three times and then save your project.

6. You have now completed the configuration of the East subnet. To go back to the project

space, click the Go to next higher level button.

13.7.6 Connect the Subnets to the IP Cloud

1. Open the object palette .

2. Using two PPP_DS3 bidirectional links connect the East subnet to the IP Cloud and the

West subnet to the IP Cloud.

3. A pop-up dialog box will appear asking you what to connect the subnet to the IP Cloud

with. Make sure to select the “routers.”

4. Close the palette.

13.8 Choose the Statistics 1. Right-click on Server_West in the West subnet and select Choose Individual

Statistics from the pop-up menu.

2. In the Choose Results dialog box, choose the following statistic:

TCP Connection Congestion Window Size (bytes) and Sent Segment

Sequence Number.

3. Right-click on the Congestion Window Size (bytes) statistic Choose Change

Collection Mode In the dialog box check Advanced From the drop-down

menu, assign all values to Capture mode as shown Click OK.

4. Right-click on the Sent Segment Sequence Number statistic Choose Change

Collection Mode In the dialog box check Advanced From the drop-down

menu, assign all values to Capture mode.

OPNET provides the following capture modes:

All values — collects every data point from a statistic.

Sample — collects the data according to a userspecified time interval or sample count.

For example, if the time interval is 10, data is sampled and recorded every 10th second.

If the sample count is 10, every 10th data point is recorded. All other data points are

discarded.

Bucket — collects all of the points over the time interval or sample count into a “data

bucket” and generates a result from each bucket. This is the default mode.

5. Click OK twice and then save your project.

6. Click the Go to next higher level button.

13.9 Configure the Simulation Here we need to configure the duration of the simulation:

1. Click on and the Configure Simulation window should appear.

2. Set the duration to be 10.0 minutes.

3. Click OK and then save your project.

13.10 Duplicate the Scenario In the network we just created we assumed a perfect network with no discarded

packets. Also, we disabled the fast retransmit and fast recovery techniques in TCP. To analyze

the effects of discarded packets and those congestion-control techniques, we will create two

additional scenarios.

1. Select Duplicate Scenario from the Scenarios menu and give it the name

Drop_NoFast Click OK.

2. In the new scenario, right-click on the IP Cloud Edit Attributes Assign 0.05%

to the Packet Discard Ratio attribute.

3. Click OK and then save your project.

4. While you are still in the Drop_NoFast scenario, select Duplicate Scenario from the

Scenarios menu and give it the name Drop_Fast.

5. In the Drop_Fast scenario, right-click on Server_ West, which is inside the West

subnet Edit Attributes Expand the TCP Parameters hierarchy Enable the

Fast Retransmit attribute Assign Reno to the Fast Recovery attribute.

Note: With fast retransmit, TCP performs a retransmission of what appears to be the

missing segment, without waiting for a retransmission timer to expire. After fast

retransmit sends what appears to be the missing segment, congestion avoidance but not

slow start is performed. This is the fast recovery algorithm. The fast retransmit and fast

recovery algorithms are usually implemented together (RFC 2001).

6. Click OK and then save your project.

13.11 Run the Simulation To run the simulation for the three scenarios simultaneously:

1. Go to the Scenarios menu Select Manage Scenarios.

2. Change the values under the Results column to <collect> (or <recollect>) for the

three scenarios. Compare to the following figure.

3. Click OK to run the three simulations. Depending on the speed of your processor, this

may take several minutes to complete.

4. After the three simulation runs complete, one for each scenario, click Close Save

your project.

13.12 View the Results To view and analyze the results:

1. Switch to the Drop_NoFast scenario (the second one) and choose View Results from

the Results menu.

2. Fully expand the Object Statistics hierarchy and select the following two results:

Congestion Window Size (bytes) and Sent Segment Sequence Number.

Note: To switch to a scenario, choose Switch to Scenario from the Scenarios menu or

just press Ctrl+<scenario number>.

3. Click Show. The resulting graphs should resemble the ones below.

4. To zoom in on the details in the graph, click and drag your mouse to draw a rectangle, as

shown above.

5. The graph should be redrawn to resemble the following one:

6. Notice the Segment Sequence Number is almost flat with every drop in the congestion

window.

7. Close the View Results dialog box and select Compare Results from the Result menu.

8. Fully expand the Object Statistics hierarchy as shown and select the following result:

Sent Segment Sequence Number.

9. Click Show. After zooming in, the resulting graph should resemble the one below.

13.13 Questions 1. Why does the Segment Sequence Number remain unchanged (indicated by a

horizontal line in the graphs) with every drop in the congestion window?

2. Analyze the graph that compares the Segment Sequence numbers of the three

scenarios. Why does the Drop_NoFast scenario have the slowest growth in sequence

numbers?

3. In the Drop_NoFast scenario, obtain the overlaid graph that compares Sent Segment

Sequence Number with Received Segment ACK Number for Server_West.

Explain the graph.

Hint: Make sure to assign all values to the Capture mode of the Received Segment

ACK Number statistic.

4. Create another scenario as a duplicate of the Drop_Fast scenario. Name the new

scenario Q4_Drop_Fast_Buffer. In the new scenario, edit the attributes of the

Client_East node and assign 65535 to its Receiver Buffer (bytes) attribute (one of

the TCP Parameters). Generate a graph that shows how the Congestion Window

Size (bytes) of Server_West gets affected by the increase in the receiver buffer

(compare the congestion window size graph from the Drop_Fast scenario with the

corresponding graph from the Q4_Drop_Fast_Buffer scenario.)

L A B 1 4

ASSIGHNMENT

It will be given to the students at the end of each term and it varies from term to term.