VLabNetISECON 2007 - Sheraton Station Square, Pittsburgh - November 1 VLabNet: A Virtual Laboratory Environment for Teaching Networking and Data Communications

VLabNet ISECON 2007 - Sheraton Station Square, Pittsburgh - November

1

VLabNet: A Virtual Laboratory Environment for Teaching

Networking and Data Communications

Valerie J. H. Powell, John C. Turchek,Peter Y. Wu, Lawrence C. FranziComputer and Information SystemsRandall S. Johnson, Ian W. Parker

Technical Services, Information SystemsChristopher T. Davis

Educational Technology Center, Robert Morris University

Moon Township, PA 15108 USA


2

VLabNet Software

• This project uses Debian Xen and the Quagga Routing Suite. Xen is a Virtual Machine Monitor (VMM) originally developed by the Systems Research Group of the University of Cambridge Computer Laboratory, as part of the UK-EPSRC funded XenoServers project. The Quagga routing suite simulates the RIP, OSPF, and BGP protocols. A Cisco 2610 router was attached to the Xen array of virtual machines to provide some direct Cisco router experience. Since a single rack mounted server can deliver the array of virtual machines, no special hardware (wiring or garage drive) is needed. Students can access this system anywhere.


3

VLabNet Hardware

• Hardware: HP ML370G3 with a single 2.8 GHz CPU, two 36 GB SCSI disks in a hardware-based RAID-1 mirror, and 1 GB RAM. This server supported a lab of 19 virtual machines each with 48 MB RAM, 1 GB disk. RAM is the limiting factor, because Xen allocates the full amount of RAM for each virtual machine out of the host’s physical RAM at domU startup.


4

VLabNet Design 3

• The learning environment was designed to support the exploration of networks and subnets, switches, bridges, routers, and of the individual host in the role of a router. As shown in Slide 10 each host has three different addresses, one each for the three interfaces: eth0, eth1, and eth1:1. For example, for host 101, those would be x.y.z.101 (x.y.z. represents the first three octets of VLabNet’s externally routable IPv4 addresses) for interface eth0 (an externally routable address), 10.10.10.101 for interface eth1 (non-routable externally), and 10.10.101.2 for interface eth1:1 (also non-routable externally. Students become accustomed to their assigned host having multiple addresses and to using the various addresses each for certain purposes and in certain situations.


5

VLabNet Design 4

• A variety of addresses and corresponding masks were designed to assure a variety of address encounters and make it practical and necessary to learn about classless inter-domain routing (CIDR) addressing (see Figure 2.2, Appendix B).

• The interface identified as eth1:1 has the property that the nodes reached by that interface are not connected with each other and can only be reached by the respective host to which connected. Thus the host becomes a router to nodes such as 10.10.101.2.


6

Learning Focus Areas• Computing Environment: Xen Linux Virtual Machines• Protocol Stack:

– Describe Hybrid 5-layer Protocol Stack and Functions of Layers, – Recognize and Analyze Protocol Data Units and their Headers, Payloads, Trailers for

Layers (Segment, Packet, Frame)• Addresses and Masks (Recognition, Classification, Bit Budgets):

– MAC addresses (Data Link and Physical Layers)– IP addresses: Multicast, Loopback, Routable, Non-routable private or restricted,

Broadcast (Network Layer)– CIDR (Classless Interdomain Routing) addresses and masks– Port Numbers (Transport Layer)– Application Layer Addresses

• Routing and Routing Information Protocols:– Neighbors– Configure Static Routing and RIP and Verify Results– Configure Dynamic Routing and OSPF and Verify Results– Consult Cisco 2610 Router– Configure Border Gateway Routing (BGP) and Verify Results

• Encapsulation – Review Encapsulation in the Protocol Stack: Message (Portion) in Segment in Packet

in Frame– Implement and Verify a Tunnel Using Generic Routing Encapsulation


7

Practice Strategies

– Open two session instances at the same time so you can, for example, ping in one session and capture the results using tshark in the other session.

– Teamwork: one member of team ping and the other capture using tshark; verify if routings exist in both directions between team’s hosts.

– Use ping count parameter ping –c 1 to make capture easier.

– Routing experiments: check before during and after setting up static routings.

– Verify impact of RIP.


8

Practices (Routing, Fragmentation)

– What routing is available to your host? Check before establishing static routing.

– Establish static routing and then check routes. Use traceroute.

– Ping with oversized ICMP packets to get fragmentation. (Oversize = > MTU/MSS)

– telnet to check TCP connection establishment/release.

– ssh to check secure TCP connection establishment/release.

– Use RIP to set up and verify neighbors.


9

Things to Note

– Packets/frames marked don’t fragment: RIP, TCP SSH

– MTU: verify MTU.– Fragments: check for fragment offsets 0 or > 0,

more fragments flag set or not set.– Unicast or Multicast destinations in RIP frames.– Learn about ports and TCP. Use netstat –an | less

to check and see which ports are open (LISTEN) and which TCP connections are established.


10

VLabNet Archi-tecture

V L a b N e t A rc h ite c tu reR M U C & I S I N F S 6 2 3 0

M o d e l

b r 0

D o m 1 0 1

D o m 1 0 2

D o m 1 1 7

...

x .y .z .1 0 1

x .y .z .1 0 2

x .y .z .11 7

x.y.z.

96/

27 1

0.1

0.1

0.n/2

7

b r 1

C is c o 2610

Alc ate l Switc hx .y .z .97

x .y .z .9 6 /2 72 5 5 .2 5 5 .2 5 5 .2 2 4

Inte rne t

1 0 .1 1 .0 .0 /1 6 2 5 5 .2 5 5 .0 .0virtual netw o rk to d is c o vera ro ute to (lo o p b ac k)

2 5 5 .2 5 5 .2 5 5 .01 0 .1 0 .n .0 /2 9

1 0 .1 0 .1 0 .1 0 0 /2 72 5 5 .2 5 5 .2 5 5 .2 2 4

x .y.z . = fir s t th re e o cte ts o f a s s ig n e dro u ta b le n e tw o rk a d d re s se s fo r IN FS 6 2 3 0n. = u n iq u e n u m b e r a s s ig n e d to h o s t(x (x 1 0 1 ) (x 11 7 ))

eth0 eth1

1 0 .1 0 .1 0 .9 9

1 0 .1 0 .1 0 .1 0 0

1 0 .1 0 .1 0 .1 0 1

1 0 .1 0 .1 0 .1 0 2

1 0 .1 0 .1 0 .1 1 7

...

U sin g D eb ia n X en O p en S ou rce T ech n olog y


11

VLabNet Themes 1

• Several themes follow the learning process throughout the course: layered protocol stack reference models, routing discovery, encapsulation, addressing, data units, protocol identification, bit budget (Maximum Transmission Unit (MTU; see slide 18), Maximum Segment Size (MSS). In performing the Generic Routing Encapsulation (GRE) tunneling exercise, students should notice the reduced MTU (1476) for the tunnel, due to more bits being consumed by headers in the encapsulation process. Here is an example of the “Protocols in frame” report for a captured tunnel message: eth:ip:gre:ip:icmp:data, document-ing the encapsulation.


12

VLabNet Perspective

• Students begin the course with a naïve impression of Internet messages that transmit Web and e-mail data. Gradually their perspective develops to include all the kinds of messages necessary to support the Internet as they observe traffic using the various interfaces available in VLabNet and document the different types of messages.


13

Information Bits vs.Overhead Bits

• Information bits: the message to be transmitted; payload

• Overhead bits – everything else (the container): error control, addressing, encapsulation support, etc. (header, trailer); the concept of “tare,” comparison with transportation


14

Theme: Routing Discovery

• The most important theme in the course is routing discovery. Students are shown how to consult routing tables at different stages in the course and are encouraged to determine how the data in routing tables develops and is maintained. To ascertain where routing comes from, students explore routing information and routing information protocols. They begin with the concepts of neighbor and neighborhood, so that they realize that the “heart” of routing information and routing discovery is always direct communication among neighbors.


15

Routing Discovery Progression• The sequence of exploration in the course is • (1) static routing, • (2) dynamic routing 1: Routing Information Protocol (RIP, distance

vector; unicast peers), • (3) dynamic routing 2: Open Shortest Path First (OSPF, link state;

multicast peers), and • (4) dynamic routing 3: a Cisco 2610 Router and Cisco’s EIGRP

rationale. The culmination of routing experience in the course is • (5) using generic routing encapsulation (GRE) to establish

tunnels. A tunnel needs to be established in both directions between a pair of hosts before proceeding to verification. Close teamwork collaboration is required in this process

• (6) path vector routing: Border Gateway Protocol (BGP)


16

Data Unit Components• To understand protocol data units and their components and

encapsulation, they begin with the concepts of payload and “tare.” They analyze data unit components to distinguish the payload from the other parts of a PDU component.

• In the process they learn about the concepts of message delineation, addressing at different protocol stack levels, differentiating types of messages, and error control information (CRC).

• They learn by inspection about length and specifying length, MTUs (see Slide 18), MSSs, fixed-length elements, and variable-length elements.

• They explore lengths of PDUs and PDU components by causing fragmentation (using ping to generate oversize packets) and documenting and analyzing the impacts of fragmentation. Concepts that seem very abstract in textbooks become practical exercises.


17

Directory Model/

R O O T d ir ec to r y

/ e t cd ire c to ry

syslo g .co n f

/v ard ir ec to r y

/v ar / lo gd ir ec to r ya u th . lo g

/v ar / lo g /q u ag g ad ir ec to r yrip d . lo g

Directory m odel ( selected subdirectories) for RMUV irtual Laboratory N etw ork ( VLabN et) Hosts

/e tc /q u ag g ad ir ec to r yr ip d .c o n f

ze b ra .c o n fo sp f.c o n f

/u s rd ir ec to r y

/u s r / libd ir ec to r y

/u s r / lib /q u ag g ad ir ec to r y

/v ar /r u nd ir ec to r y

/v ar /r u n /q u ag g ad ir ec to r yo sp f d .p idrip d .p id


18

Packet Structure

M T U = 5 7 6

I P H e a de r = 4 0 D a ta S e g m e n t = 5 3 6

I P H e a de r = 4 0 D a ta S e g m e n t = 1 4 6 0

M T U = 1 5 0 0


19

The Bit Budget Concept All computer storage is finite.

FIXED BIT BUDGETS:• Understanding the bit allocation in software or hardware as a bit budget: with a bit budget of n

bits, any one of 2n different values can be stored (range from 0 through 2n-1). In other words, n bits makes 2n unique different addresses possible.

• For example, with a bit budget of 12, 4096 different unique numbers or addresses (bit combinations, from zero through 4095) can be stored (in registers or protocol fields).

• For example, with a bit budget of 4, I can support enough unique addresses for 14 subnets (CIDR addressing, 2n-2 subnets (for subnets, always subtract the 2 addresses consisting of all 1s (broadcast) and all 0s (current environment); 24 = 16; 16–2 = 14).

• If I need to store 4096 different numbers or store any number or address greater/higher than 4095, my budget is not adequate and I need a larger budget.

• A bit budget can be established for a register, an address, a bus, or a protocol field. Fixed bit budgets are established for particular technologies (address fields in data communications and networking protocols, registers in processors). Bit budgets have to be calculated in applications such as DVDs, where the bit requirement of a particular DVD is determined for that DVD.

• Bit budgets are associated with different ($, £, ¥, €) costs for different size registers, address operands for commands, message header address components, or buses.

• A register that can hold 32 bits has a bit budget of 32; a network protocol address field that can hold 3 bits has a bit budget of 3.

• Underlying bit budgets determine the maximum size of identifiers and values in standard programming and database languages.


20

BIT BUDGETS AND LARGEST NUMBERS/HIGHEST

ADDRESSES• How many different numbers (addresses, bit

patterns, or bit combinations) can be stored with a bit budget of… ?2, 3, 4, 5, 6, 7, 8, 16, 32, 64, or 128 bits

• What is the largest number or highest address (hint: 1 less than number of different bit combinations based on bit budget allocation) that can be stored with this bit budget?2, 3, 4, 5, 6, 7, 8, 16, 32, 64, or 128 bits:


21

ESTABLISHED BIT BUDGETS for PARTICULAR (standardized or

proprietary) TECHNOLOGIES: What are the bit budgets for… ?• an ASCII byte• an EBCDIC byte• a UCS/Unicode character• an octet• Bluetooth “active slave” address (INFS3230, INFS6230)• MAC address OUI octets (Organization Unique Identifier)• Ethernet address• Port Number (UDP or TCP, Internet)• an IPv4 address• an IPv6 address• registers in Burd Ch. 4 (INFS2210, INFS6210)• IEEE 802.1Q VLAN identification tag for frame (INFS4410, INFS6230)• IEEE 802.1p bits in IEEE 801.1Q header to assign Class of Service (CoS) (INFS4410,

INFS6230)• Differential Services Code Point (DSCP) prioritization using bits from IP header Type of Service

(ToS) octet (INFS4410, INFS6230)• “Kind of Option” field in TCP header options (INFS6230) What is the maximum number of options

supported?• “Maximum Segment Size” length field in TCP header MSS option (INFS6230) What is the highest

maximum segment size supported?


22

Support for Learning CIDR

subnet mask

x.y.z.96/27 255.255.255.224

10.10.n.0/29 255.255.255.0

10.10.10.100/27 255.255.255.224

10.10.10.n/27 255.255.255.224

10.11.0.0/16 255.255.0.0


23

Educational Strategies

• The use of real-time simulations in the classroom is strongly supported by educational theory as a productive and effective pedagogical practice. Major theories that support the use of this technology include, Bloom’s Taxonomy, Tomei’s Taxonomy, and Gardener’s theory of Multiple Intelligences.


24

ProtocolStackModel

5. Ap p licatio n Laye r - M e ssag e G e n e rate d b y/th ro u g h Ap p licatio n ; Ad d re sse d to Re cip ie n t

4. Tran sp o rt Laye r - Segmen t - Packe tizin g

s f or your department w i l l

T he Hybrid 5-Layer Protocol Stack: A M odel

"s for your departm ent will"Po rt #

Payload

3. Ne tw o rk Laye r - Packet - Ro u tin g

2. Data Lin k Laye r (M AC/LLC) - Frame - In te rface to /fro m Ph ysical Laye r

1. Ph ysical Laye r - Ph ysical Tran smissio n o f F rame o v e r M e d iu m(G u id e d o r Rad iate d ), u sin g lo cal n e tw o rk te ch n o lo g y, su ch asIEEE 802.3 (Eth e rn e t), IEEE 802.11 (W ire le ss LAN), e tc .

"s for your departm ent will"Po rt #IP Ad d r

Payload

Payload

T o Next Node in In tern et

T o Host in LocalNetw ork

Application Iden tified

Sen t con n ection less (UDP)or con n ection -or ien ted (T CP)

in th is c as e TCP

error d

etectio

n

info

"s for your departm ent will"Po rt #IP Ad d rM AC Ad d r CRC

To mary@ xyzcorp.com

To [email protected]

DN

S r

es

olv

esa

pp

lic

ati

on

la

ye

r a

dd

res

sto

nu

me

ric

IP A

ddr

es

s

AR

P r

es

olv

es

IP a

ddre

ss

to

loc

al

MA

C(s

uc

h a

s E

the

rne

t)a

dd

ress

AddressResolu tion

" you r de pa r tme n t w

il l b e "

P o r t #

IPAd d r

MAC

Ad d r

C R C

"you r departmen t w ill b e"Po rt #IP Ad d rM AC Ad d r CRC

(w ire less access poin t)

twis

ted

pa

irc

oa

xia

l c

ab

leo

pti

ca

l fi

be

r

T he audit reports for your department w i l l be sent by noon on M onday.

T he audit reports for your department w i l l be sent by noon on M onday.


25

Neighborhood Graph Model

a

gh

d

c

b

e

f

G ra p h G

Vertices h and b are ad jacent ( path hb has apath length of 1 ) and aretherefore neighbors .S o are h and f, h and c.N(h) , the neighborhood of h, is show n byvertices that have b lack fi ll; the vertices not inthe neighborhood of h have no fi ll.

Note the use of the concept of neighbors inbu ild ing link state packets for link state routing orin distance vector routing algorithm s.


26

SpanningTree

Modela

b c

d

e

f

Graph G o fNetwork withS panning T ree TS uperimposed;T ree T is aspanningsubgraph o f G

Tree T

Connects allvert ices o f G(spanning);s tart vertex b

Graph G o fNetwork

Note cyclea,b,e,f,a(Many o thercycles can befound in G )

a

b c

d

e

f

b

a

c

d

ef


27

GRE Model

1 0 .1 0 .1 0 .1 2 1 1 0 .1 0 .1 0 .1 2 2

1 0 .1 0 .1 2 1 .2 1 0 .1 0 .1 2 2 .2

e th 1 :1 e th 1 :1

S ta tic T u n n el

RMU VLabNet Generic Routing Encapsulation Exercise

Tunne l E ndpo int Tunne l E ndpo int

1 7 2 .1 6 .1 2 1 .2 1 7 2 .1 6 .1 2 2 .2


28

Important Resources 1

• Schmied (2005). Schmied, G. Integrated Cisco and UNIX Network Architectures (Cisco Press, 2005).

• Tomei (2001). Tomei, L.A.,. Teaching digitally: A guide for integrating technology into the classroom. Christopher-Gordon Publishers, Inc., 2001


29


• Tanenbaum (2003). Tanenbaum, Andrew S., Computer Networks, 4th ed. (Prentice Hall PTR, 2003.)

• Sanders (2007). Sanders, Chris, Practical Packet Analysis: Using Wireshark to Solve Real-World Network Problems, (No Starch Press, 2007).


30


• Odom and McDonald (2006). Odom, Wendell, and McDonald, Rick, Router and Routing Basics: CCNA 2 Companion Guide, Cisco Press, 2006).

• Orebaugh et al. (2007). Orebaugh, Angela, Ramirez, Gilbert, Burke, Josh, Morris, Greg, Pesce, Larry, and Wright, Joshua, Wireshark & Ethereal: Network Protocol Analyzer Kit (Syngress, 2007).


31

VLabNet Links• General introduction: entry point:

http://www.infroref.org/VLabNetIntro.htm

• Entry point for students in INFS6230 (Networking): http://infroref.org/i6230vlabnet.htm

• Entry point for students in INFS6760 (Information Security): http://infroref.org/i6760vlabnetis.htm

http://www.infroref.org/VLabNetIntro.htm

http://infroref.org/i6230vlabnet.htm

http://infroref.org/i6760vlabnetis.htm

Documents

VLabNetISECON 2007 - Sheraton Station Square, Pittsburgh - November 1 VLabNet: A Virtual Laboratory Environment for Teaching Networking and Data Communications