Lab Manual for Computer Networking

5/22/2018 Lab Manual for Computer Networking

1/232

LAB MANUAL

COMPUTERNETWORK SYSTEMS

Department of Information and Computer Science

College of Computer Science and Engineering

King Fahd University of Petroleum and Minerals

2005


2/232

TABLE OF CONTENTS

LAB1 .....................................................................................................................................1Getting start..........................................................................................................................11. Objectives:..............................................................................................................11.2 General Lab Description: ....................................................................................11.2.1 Structure of the lab ...............................................................................................1

1.2.2 Network Cable ...............................................................................................31.3 Introduction to network device: ........................................................................ 4

1.3.1 3Com Switch 3300.........................................................................................4

1.3.2 Cisco 2600 routers......................................................................................... 51.3.3 Cable connection for network devices ......................................................613.3.4 Straight through cable............................................................................613.3.5 Cross-over cable......................................................................................713.3.6 Roll over cable.........................................................................................7

13.4 Introduction to IP addressing:............................................................................ 813.4.4 Rules of IPv4 addressing.......................................................................8

13.5 Software Packages:..............................................................................................1113.6 References: ...........................................................................................................11LAB 2 ..................................................................................................................................12LAN SETUP and monitoring........................................................................................12

2. Objectives.............................................................................................................122.1. Setting up a simple network..............................................................................12

2.1.1. Check Local Area Network Connections ........................................132.1.2. Plug in and connect the equipment...................................................132.1.3. Network Adapters and Protocols......................................................132.1.4. Check the TCP/IP Protocol Settings ...............................................142.1.5. Check the TCP/IP Settings with the IPCONFIG Utility ............152.1.6. Check the network connection with the Ping Utility.....................16

2.2. Learn various network related commands.....................................................162.2.1. PING Command..................................................................................162.2.2 TRACERT Command................................................................................18

2.2.3 PATHPING Command.............................................................................192.2.4 Enhanced Ping .............................................................................................192.2.5 NETSTAT Command................................................................................202.2.6 NetStat Live ..................................................................................................212.2.7 AT Command ..............................................................................................222.2.8 NET Command...........................................................................................23


3/232

2.2.9 ROUTE Command.....................................................................................242.2.10 ARP Command.....................................................................................262.2.11 IPCONFIG Command.......................................................................27

2.2.12 NETSH Command..............................................................................282.3 Reference..............................................................................................................30LAB 3 ..................................................................................................................................31Remote Access System and vpn.....................................................................................313. Objectives.............................................................................................................313.1 Installing and configuring RAS server ............................................................31

3.1.1 Installing RAS Server ..................................................................................313.1.2 Configuring a direct serial connection .....................................................343.1.3 Installing and Configuring RAS client .....................................................353.1.4 Dialup to the server.....................................................................................363.1.5 Testing the RAS Installation......................................................................37

3.2 Virtual Private Networks............................................................................403.3 Experimental Setup.....................................................................................403.3.1 Configuring VPN Server............................................................................413.3.2 Configuring VPN Client.............................................................................44

3.4 Firewalls and VPN..............................................................................................493.4.1 Create a New Project ..................................................................................493.4.2 Create and Configure the Network..........................................................493.4.3 Configure the Nodes...................................................................................503.4.4 Choose the Statistics....................................................................................51

3.5 The Firewall Scenario.........................................................................................523.6 The Firewall VPN Scenario ..............................................................................53

3.6.1 Configuring the VPN..................................................................................543.6.2 Run the Simulation......................................................................................553.6.3 View Results..................................................................................................56

3.7 References ............................................................................................................59LAB4 ...................................................................................................................................60Dynamic host configuration protocol DHCP .........................................................60and........................................................................................................................................60network measurement......................................................................................................604. Objectives.............................................................................................................604.1 Dynamic Host Configuration Protocol..........................................................60

4.1.1 Configure your computer...........................................................................604.1.2 Configure Windows 2003 as a DHCP Client.........................................614.1.3 Configure Windows 2003 as a DHCP Server ........................................614.1.4 Capture DHCP traffic.................................................................................64

4.2 Network Measurement ......................................................................................674.2.1 Getting ready for measurement ................................................................674.2.2 Creating a Real-Time Performance Monitor chart................................68

ii


4/232

4.2.3 Install the Network Monitor .....................................................................684.2.4 Configure the chart......................................................................................684.2.5 Generation of data and its representation on the chart........................69

4.2.6 Summarizing performance data in a Performance Monitor report....694.2.7 Generating Alerts.........................................................................................704.2.8 Topology Diagrams.....................................................................................724.2.9 Cascade shared hubs ...................................................................................744.2.10 Segmented LAN ..........................................................................................744.2.11 High-density Fast Ethernet Switched workgroup.................................744.2.12 Data-entry tables..........................................................................................74

3.8 Analysis.................................................................................................................773.9 References ............................................................................................................78LAB5 ...................................................................................................................................79domain name system........................................................................................................79

5. Objectives:.............................................................................................. 795.1 Domain Name System.......................................................................................79

5.1.1 Background Information............................................................................795.1.2 Configure Windows 2003 to use DNS ....................................................795.1.3 Execute some DNS queries using nslookup ..........................................815.1.4 Capturing DNS traffic using Ethereal .....................................................85

5.2 Setting up for the DNS Client and DNS Server...........................................875.2.1 Install and Configure a DNS Server Using the Wizard........................87

5.3 Configuring the DNS Server through Management Console ....................905.3.1 Adding a Host Address Record................................................................915.3.2 Location of DNS data in Windows 2003................................................93

5.3.3 Testing the DNS Server configuration....................................................945.4 Configuring the DNS Server to forward to other DNS Servers ...............945.5 Removing the service.........................................................................................955.6 References: ...........................................................................................................95LAB 6 ..................................................................................................................................96HTTP and WEb................................................................................................................966. Objectives.............................................................................................................966.1 Background Information:..................................................................................966.2 Install and Examine TCP/IP services ............................................................976.3 Install Internet Information Services and the FTP Service ........................98

6.3.1 Configure the FTP Service.........................................................................996.3.2 Using FTP...................................................................................................100

6.5 Capturing HTTP traffic using Ethereal:.......................................................1066.5.1 Examining HTTP Requests and Replies...............................................1066.5.2 Practice HTML tables, Styles and colors...............................................1086.5.3 Practice Active Server Pages ( ASP )......................................................1106.5.4 Web Caching...............................................................................................113

iii


5/232

6.5.5 Enable Content Expiration in IIS 5.0....................................................1136.5.6 Prevent Caching using an ASP Script ....................................................1136.5.7 Remove all the services you have installed ...........................................114

PART II ............................................................................................................................115Remote desktop web connection.................................................................................115Objectives: ........................................................................................................................1156.6 Remote Desktop Web Connection ...............................................................115

6.6.1 To connect to another computer using Remote Desktop WebConnection................................................................................................................1186.6.2 To work like using remote keyboard and remote mouse...................119

LAB 7 ................................................................................................................................120Socket programming.......................................................................................................1207. Objectives...........................................................................................................1207.1. Background Information.................................................................................120

7.1.1. Socket-Definition................................................................................1207.1.2. TCP/IP and UDP/IP communications ........................................1207.1.3. Datagram communication ................................................................1207.1.4. Stream communication......................................................................1207.1.5. Sockets using UDP connection .......................................................1217.1.6. Sockets using TCP connection ........................................................1237.1.7 Creating an input stream ..........................................................................1247.1.8 Creating an output stream........................................................................1247.1.9 Closing sockets...........................................................................................125

7.2. Examples: ...........................................................................................................1257.2.1 Handshaking of the client and the server..............................................125

7.2.2 Echo Client and Server Programs ..........................................................1257.2.3 Server handling more than one client ....................................................1257.2.4 A simple Web server .................................................................................126

7.3 Exercises .............................................................................................................1267.4 Writing an SMTP and POP3 Client Program .............................................126

7.4.1 Setting up the POP3 Server.....................................................................1277.4.2 SMTP Procedure........................................................................................1307.4.3 Reading the email using POP3 service ..................................................131

LAB8 .................................................................................................................................133Simulation using IT GURU ..........................................................................................1336. Objectives:..........................................................................................................1331.1 Overview: ...........................................................................................................133

1. Build the Simulation Model .....................................................................1332. Configure the Simulation .........................................................................1363. Duplicate the Scenario..............................................................................1374. Run the Simulation....................................................................................1385. Inspect and Analyze Results ....................................................................138

iv


6/232

2.2 Exercises: ............................................................................................................142PART -II...........................................................................................................................143Switched LANs................................................................................................................143

Objective:..........................................................................................................................1433.3 Overview: ...........................................................................................................1438.4 Procedure: ..........................................................................................................144

8.4.1 Create a New Project ................................................................................1448.4.2 Create the Network...................................................................................1448.4.3 Configure the Network Nodes ...............................................................1458.4.4 Choose Statistics ........................................................................................1468.4.5 Configure the Simulation .........................................................................1478.4.6 Duplicate the Scenario..............................................................................1478.4.7 Run the Simulation....................................................................................1488.4.8 View the Results.........................................................................................149

8.5 Questions............................................................................................................152LAB9 .................................................................................................................................153Protocol Analyzer and Network Design.....................................................................1539. Objective.............................................................................................................1531.1 General Lab setup.............................................................................................153

1. Capturing ARP traffic...............................................................................1542. Viewing the ARP cache............................................................................1543. Capturing and analyzing ARP frames using Ethereal.........................154

PART II ............................................................................................................................1589.2 Overview ............................................................................................................1589.3 Procedure ...........................................................................................................158

9.3.1 Create a New Project ................................................................................1589.3.2 Create and Configure the Network........................................................1599.3.3 Configure All Departments .....................................................................1619.3.4 Configure the Servers................................................................................ 1629.3.5 Connect the Subnets ................................................................................. 1639.3.6 Configure the Simulation ......................................................................... 1649.3.7 Questions .................................................................................................... 167

LAB10...............................................................................................................................168switching experiments ....................................................................................................16810. Objectives...........................................................................................................16810.1 Connecting to the switch.................................................................................16810.2 Grouping of PCs into VLANs.......................................................................16810.2 Enable security option of a switch port........................................................16910.3 Create looping and break it using spanning tree.........................................17010.5 Testing other settings .......................................................................................171

10.5.1 Auto-negotiation setup......................................................................17110.5.2 Resilient Links .....................................................................................172

v


7/232

10.5.3 Changing the switching modes ........................................................17210.5.4 Broadcast Storm Control .................................................................. 17310.5.5 VLT tagging......................................................................................... 173

10.6 Questions............................................................................................................17310.7 References ..........................................................................................................174LABS 11 and 12...............................................................................................................175routing experiments........................................................................................................17513. Objectives:..........................................................................................................17511.1 Review of IP address........................................................................................17511.2 Configure the Lab as a set of networks connected by routers.................175

11.2.1 Configure Windows 2003 machine as router................................17611.2.2 Checking for connectivity .................................................................177

11.3 A Quick Guide to CISCO 2600 Routers .....................................................17811.3.1 Connecting to Router ........................................................................178

11.3.2 Router Modes - Unprivileged and privileged modes ...................17911.3.3 Global configuration (config)...........................................................18011.3.4 Configuring interfaces........................................................................18011.3.5 Routing .................................................................................................18111.3.6 Saving your configuration.................................................................18211.3.7 Viewing Configuration ......................................................................18311.3.8 Exercise ................................................................................................184

11.4 Configure Router in your Segment................................................................18411.4.1 Lab setup..............................................................................................18411.4.2 Configure the router...........................................................................185

11.5 Capturing RIP traffic........................................................................................187

11.6 Using Static Routes...........................................................................................18911.7 Adding a static default route ...........................................................................18911.8 Dynamic Routing with OSPF within an area ..............................................19011.9 Access List..........................................................................................................19111.10 References ...................................................................................................193LAB13...............................................................................................................................194PART I..............................................................................................................................194icmp and tcp packet analysis.........................................................................................19413. Objectives [Lab 13A]: ......................................................................................19413.1. General Lab setup.............................................................................................19413.2. Capturing ICMP traffic....................................................................................195

13.2.1. Capture ICMP packets generated and received during TraceRoute 19813.2.2. Capturing ICMP Destination Unreachable message ...................20213.2.3. Generate IP fragmented packet.......................................................20313.2.4. Viewing ICMP statistics ....................................................................204

13.3. Capturing TCP traffic.......................................................................................204

vi


8/232

vii

13.3.1. What goes on during a Web surfing session?................................20413.3.2. Structure and Encapsulation of a TCP segment...........................20713.3.3. Analyzing the Phases of a TCP connection ..................................208

13.4. References ..........................................................................................................210LAB13...............................................................................................................................211TCP Simulation ...............................................................................................................211Objectives [Lab 13B]:....................................................................................................21113.5 Overview ............................................................................................................21113.6 Create a New Project........................................................................................21213.7 Create and Configure the Network...............................................................212

13.7.1 Initialize the Network........................................................................21213.7.2 Configure the Applications...............................................................21313.7.3 Configure the Profiles........................................................................21413.7.4 Configure the West Subnet...............................................................215

13.7.5 Configure the East Subnet................................................................21613.7.6 Connect the Subnets to the IP Cloud.............................................217

13.8 Choose the Statistics.........................................................................................21713.9 Configure the Simulation.................................................................................21813.10 Duplicate the Scenario..............................................................................21913.11 Run the Simulation....................................................................................21913.12 View the Results.........................................................................................22013.13 Questions ....................................................................................................222LAB 14 ..............................................................................................................................224ASSIGHNMENT...........................................................................................................224

Page


9/232

L A B 1

GETTING START

1. Objectives:

Lab structure orientation.

Introduction to IP addressing.

Listing various software packages that ought to be used in this course.

1.2 General Lab Description:

1.2.1 Structure of the labOur lab is made up of five networks [LAN A, B, C, D, & E]. Each network is made up of

the following:

Rack consists of Cisco 2600 Router, 3Com 3300 [Superstack 3] Switch and 3Com hub.

4 PCs: Each having two operating systems [Windows 2003, Fedora Linux] and two

network cards per PC.

1. All the five networks are interconnected and can be used using the patch panel.

2. We use private IP addresses [IPs that are used when we are not connected to the Internet]

in our lab. All our IPs belong to Class C addresses. There are 5 Classes of IP addresses [A,

B, C, D, and E].

3. Subnet mask is used to get the Network address from an IP address. This is done by doing

binary AND operation between the IP address and the subnet mask.

4. The subnet mask we use in our lab is the default mask of Class B [255.255.0.0]. We use this

option so that we get same network address for all PCs in our lab and so, they all belong to

the same network. When we use routers, we change the subnet mask to 255.255.255.0 so

that each LAN belongs to different network.

5. A Linux Server is accessible at 192.168.230.252 and a Windows server is accessible at

192.168.230.250. These are connected to the Instructor Patch Panel.

6. Internet access is handled using Internet Sharingoption at Instructor PC.


10/232

46 U

LAN A

2 UPatch

Panel

2 U Switch

4 U Router

2 U Hub

ICS-NWLA1 ICS-NWLA2 ICS-NWLA3 ICS-NWLA4

SAMPLE LAN STRUCTURE IN ICS-NETWORK LAB

WE HAVE 5 LANS IN OUR LAB [LAN A, B, C, D & E]

RACK

Figure 1.1: LAN setup in the Lab.

1 2221201918171615141312111098765432 2423

I CS -N WL A1 I CS -N WL A2 I CS -N WL A3 ICS-NWLA4

1 2221201918171615141312111098765432 2423

IC S- NW LB 1 I CS -N W LB 2 I CS -N WL B3 ICS-NWLB4

1 2221201918171615141312111098765432 2423

I CS -N WL C1 I CS -N WL C2 IC S- NW LC 3 ICS-NWLC4

1 2221201918171615141312111098765432 2423

I CS -N W LD 1 I CS -N WL D2 I CS -N WL D3 ICS-NWLD4

1 2221201918171615141312111098765432 2423

I CS -N WL E1 I CS -N WL E2 I CS -N W LE 3 ICS-NWLE4

1

22

21

20

19

18

17

16

15

14

13

12

11

10

9

8

7

6

5

4

3

2

24

23

PATCH PANEL LAN A

PATCH PANEL LAN B

PATCH PANEL LAN C

PATCH PANEL LAN D

PATCH PANEL LAN E

PATCH

PANELINSTRUCTOR

LAN

OVERALL LAYOUT OF ICS NETWORK LAB

Figure 1.2: Overall layout of ICS Network Lab


11/232

1.2.2 Network Cable

There are many types of network cables used in the real-world applications. Some of

them are given below:

1.Unshielded twisted pair: As the name indicates, the wires are twisted with one another

and there is no shield.

Figure 1.3: Unshielded twisted pair cable.

2. Shielded twisted pair: Shield with twisted pair.

Figure 1.4: Shielded twisted pair cable.


12/232

3. Coaxial cable: Similar to our cable TV cables.

Figure 1.5: Coaxial Cable.

1.3 Introduction to network device:

1.3.1 3Com Switch 3300The SuperStack 3 Switch 3300 connects existing 10Mbps devices, connects high-

performance workgroup with a 100Mbps backbone or server connection, and connects power

users to dedicated 100Mbps ports all in one switch. In addition, as part of the 3Com

SuperStack 3 range of products, we can combine it with any SuperStack 3 system as your

network grows.

The switch has the following hardware features:

1) There are 24 Fast Ethernet auto-negotiating 10Base-T/100Base-TX ports.2) Matrix port for connecting units in the Switch 1100/3300 family to form a

stack.3) Connect two units back-to-back using a single Matrix Cable4) Connected up to four units using Matrix Cables linked to a Matrix Module.5) Slot for an Expansion Module6) SuperStack 3 architecture7) Connects to Redundant Power System/Uninterruptible Power System8) 19-inch rack or stand-alone mounting.


13/232

The front view of 3Com switch along with various LED information is provided

below:

10BASE-T / 100BASE-TX Ports

Port Status LEDs

Packet: Yellow Packets are being transmitted/received on the port

Packet: Off No packets are being transmitted/received on the port

Status: Green Enabled, link OKStatus: Flashing Green Disabled, link OK

Status: Off No link

Power/Self Test LED

Green: Powered up

Green flashing: Either downloading or initializing

Yellow: Failed its POST

Off: Without Power

Unit LEDs

Green: Position of the

switch in the stack

Off: Stand-alone

Expansion Module Port Status LEDs

Packet: Yellow Packet is on expansionmodule port(s)

Off: No packet

Status: Yellow Valid expansion module isinstalled

Yellow flashing: Unrecognized expansion

module installed

Off: No expansion module

Figure 1.6: Front view of 3COM switch.

1.3.2 Cisco 2600 routersThe routers used in our lab are Cisco 2600. The front view of router has LEDs, that

indicates the following:

1. Power: Indicates the router's operating status. Comes on when power is supplied tothe router and the router is operational.

2. RPS [Redundant Power System]: OffNo RPS is attached; OnRPS is attachedand operational; BlinkingRPS is attached, but has a failure.

3. Activity: OffIn the Cisco IOS software, but no network activity; Blink (500 msON, 500 ms OFF)In ROMMON, no errors; Blink (500 ms ON, 500 ms OFF, 2seconds between codes)In ROMMON, error detected; Blink (less than 500ms)In the Cisco IOS software, the blink rate reflects the level of activity.

The back view of our router: The router has serial and fast Ethernet ports. These ports

are mostly used for data transfer. It has console and auxiliary ports, which are used for

management purposes.


14/232

1.3.3 Cable connection for network devicesStudents will be given a demonstration on various network devices like: Network

Interface Cards [NIC], BNC-Connectors, RJ45, etc. Students will be provided a tutorial about

various connectivity issues.

13.3.4 Straight through cableHere, the connections are same on both the ends the cable. This type of cable is used

when we connect dissimilar devices [switch and router, router and hub, switch and PC, etc].

The colours of the wires and their respective pin numbers are mentioned below:

Green [Pin 1]Green [Pin 1]

White Green [Pin 2]White Green [Pin 2]White Orange [Pin 3]White Orange [Pin 3]

Blue [Pin 4]Blue [Pin 4]White Blue [Pin 5]White Blue [Pin 5]

Orange [Pin 6]Orange [Pin 6]White Brown [Pin 7]White Brown [Pin 7]

Brown [Pin 8]Brown [Pin 8]


15/232

13.3.5 Cross-over cable

Here, the connections are different with a specific pattern. This type of cable is used

when we connect similar devices [router and router, switch and switch, PC and PC, etc] and

with some exceptions [switch and hub, Router and PC]. The colours of the wires and their

respective pin n*umbers are mentioned below:

Green [Pin 1]White Orange [Pin 1]White Green [Pin 2]Orange [Pin 2]White Orange [Pin 3]Green [Pin 3]

Blue [Pin 4]White Brown [Pin 4]White Blue [Pin 5]Brown [Pin 5]Orange [Pin 6]White Green [Pin 6]White Brown [Pin 7]Blue [Pin 7]

Brown [Pin 8]White Blue [Pin 8]

13.3.6 Roll over cableHere, the connections are made in reverse order. This type of cable is used to connect the

router/switch to the PC via console port for management purposes.


16/232

13.4 Introduction to IP addressing:

Each Network Interface Card (NIC or Network card) present in a PC is assigned one

Network address called as IP address [or Network address]. This IP address is assigned by the

administrator of the network. No two PCs can have the same IP address.

There is a burned-in address on the NIC called as Physical Address [or MAC address or

Hardware address]. The MAC address of a network card indicates the vendor of that card and a

unique serial number.

13.4.4 Rules of IPv4 addressing1. Format of IP address

IPv4 is made up of four parts, in the pattern as w.x.y.z. Each part has 8 binary bits and

the values in decimal can range from 0 to 255.

2. IP address classes

IP addresses are divided into different classes. These classes determine the maximum number of

hosts per network ID. Only three classes are actually used for network connectivity. The following

table lists all of the address class.

IP address class Value of the leftmost byte

Class A 1-126 [0 and 127 are not allowed]

Class B 128-191

Class C 192-223

3. Grouping of IP addresses into different classes.

a. Class A, B, C, D, E

b. Class A: first bit in w is 0 and others can be anything

i. 0.0.0.0 to 127.255.255.255

ii. First bits are used for network part and the remaining for host part.

c. Class B: First bit in w is 1 and second bit is 0.


17/232

i. 128.0.0.0 to 191.255.255.255

ii. First 16 bits for network part and remaining host part

d. Class C: first bit in w is 1, second bit in w is 1 and third bit is 0

i. 192.0.0.0 to 223.255.255.255

ii. First 24 bits for network part and last 8 bits for host part.

e. Class D: first, second, third bits in w are 1 and fourth bit is 0; used for multicast.

i. 224.0.0.0 to 247.255.255.255

f. Class E: future use or experimental purposes.

4. Default Subnet mask

it is used to identify the network part from the host part. Put binary one for the parts

that represent network part and zero for the part that represent host part.

a. Class A: 255.0.0.0

b. Class B: 255.255.0.0

c. Class C: 255.255.255.0

d. We cant have mix of 1s and 0s in subnet mask. Only consecutive 1s is followed

by consecutive 0s

5. Invalid IP address.

a. If the network part is all 0s, the address belongs to class A. But this is an invalid

ip address because for an ip address all the network or host part should not be

all 1s or all 0s.

i. 0.0.0.0 is not valid. Routers use it internally.

b. If the network part is all 1s, this address belongs to class E. But due to presence

of all 1s, it is not valid. This represent broadcast to all networks.

i. 255.255.255.255 is not valid.

c. If the host part is all 0s, this represents network address. This is not a valid ip

address.

d. If the host part is all 1s, this represents broadcast address. This is not a valid ip

address.

e. We cant use the ip address represented within private address range as part of

public ip address.

i. Class A: 10.0.0.0 to 10.255.255.255


18/232

ii. Class B: 172.16.0.0 to 172.31.255.255

iii. Class C: 192.168.0.0 to 192.168.255.255

f. 127.0.0.0 network address is used for loop-back testing. This will help you to

check the network card of your own PC [localhost].

g. The validity of the IP address is also based on the subnet mask used provided.

6. Default subnet masks for standard IP address classes

The following table lists the default subnet masks for each available class of TCP/IP

networks.

Address Class Bits for Subnet Mask Subnet MaskClass A 11111111 00000000 00000000 00000000 255.0.0.0Class B 11111111 11111111 00000000 00000000 255.255.0.0Class C 11111111 11111111 11111111 00000000 255.255.255.0

Exercises:

In this exercise, you will determine the correct class for a given IP address.

Q 1Write the address class next to each IP address.Address Class

131.107.2.893.3.57.0200.200.5.2191.107.2.10127.0.0.1

Q 2Which address class (es) will allow you to have more than 1000 hosts per network?Q 3Which address (es) will allow only 254 hosts per network?Part B: Identify invalid IP address: Circle the portion of the IP address that would be invalid

if it were assigned to a host, and then explain why it is invalid.

a. 131.107.256.80

b. 222.222.255.222

c. 231.200.1.1

d. 126.1.0.0


19/232

e. 0.127.4.100

f. 190.7.2.0

g. 127.1.1.1

h. 198.121.254.255

i. 255.255.255.255

13.5 Software Packages:

Throughout the whole semester, we would use the following packages:

1. Administration and Monitoring tools

2. Enhanced Ping [TJPing]

3. Ethereal

4. Network Simulator

5. OPNET IT GURU

13.6 References:

Cisco 2600 Routerhttp://www.cisco.com/warp/public/cc/pd/rt/2600/index.shtml3Com Switch 3300http://support.3com.com/infodeli/tools/switches/s_stack2/1698-5/manual.a01/chap1.htm

Microsoft Visiohttp://www.microsoft.com/uk/office/visio/prodinfo/default.mspxTJPinghttp://www.dns.net/dnsrd/mark/wintools.htmlEtherealhttp://www.ethereal.com/Sniffem

http://www.sniff-em.co.uk/NS Simulatorhttp://www.isi.edu/nsnam/ns/WinGatehttp://www.wingate.com
http://www.cisco.com/warp/public/cc/pd/rt/2600/index.shtmlhttp://support.3com.com/infodeli/tools/switches/s_stack2/1698-5/manual.a01/chap1.htmhttp://www.microsoft.com/uk/office/visio/prodinfo/default.mspxhttp://www.dns.net/dnsrd/mark/wintools.htmlhttp://www.ethereal.com/http://www.sniff-em.co.uk/http://www.isi.edu/nsnam/ns/http://www.wingate.com/http://www.wingate.com/http://www.isi.edu/nsnam/ns/http://www.sniff-em.co.uk/http://www.ethereal.com/http://www.dns.net/dnsrd/mark/wintools.htmlhttp://www.microsoft.com/uk/office/visio/prodinfo/default.mspxhttp://support.3com.com/infodeli/tools/switches/s_stack2/1698-5/manual.a01/chap1.htmhttp://www.cisco.com/warp/public/cc/pd/rt/2600/index.shtml


20/232

L A B 2

LAN SETUP AND MONITORING

2. Objectives

Learn to create a simple LAN with two PCs using an Ethernet hub and two

straight-through cables to connect the workstations

Learn to configure and verify the network connectivity.

Learn about various network related commands

2.1. Setting up a simple network

In this experiment, we will learn how to connect two PCs to create a simple Peer-to-

Peer network. The instructions for this lab focus on the Windows 2003 operating system. You

will share a folder on one workstation and connect to that folder from the other workstation.

This lab is divided into two exercises as follows:

Exercise:The two PCs will be connected with a hub between them [Refer Figure 1]. Using a

hub allows for more than just two workstations to be connected depending on the number ofports on the hub. Hubs can have from 4 to 32 ports.

Figure 1. Network Connection via Hub


21/232

Tools / Preparation: The workstations should have Network Interface Cards (NIC)

installed with the proper drivers. The following resources will be required:

1. Two Pentium-based workstations with a NIC in each (NIC drivers should be available)2. An Ethernet hub (4 or 8 port) and two CAT5 straight-wired cables.

2.1.1. Check Local Area Network ConnectionsTask:Verify the cables.

Explanation:You should check the cables to verify that you have good layer 1 physical

connections.

Exercise: Check each of the two CAT 5 cables from each workstation to the hub.

Verify that the pins are wired straight through by holding the two RJ-45 connectors for each

cable side by side with the clip down and inspect them. All pins should have the same color

wire on the same pin at both ends of the cable. (Pin 1 should match pin 1 and pin 8 should

match pin 8 etc.)

2.1.2. Plug in and connect the equipmentTask:Check the workstations and hub for exercise.

Exercise: Check to make sure that the NICs are installed correctly in each

workstation. Plug in the workstations and turn them on. Plug the straight through cable from

workstation 1 into port 1 of the hub and the cable from workstation 2 into port 2 of the hub.

After the workstations have booted, check the green link light on the back of each NIC and

the green lights on ports 1 and 2 of the hub to verify that the are communicating. This also

verifies a good physical connection between the Hub and the NICs in the workstations (OSI

Layers 1 and 2). If the link light is not on it usually indicates a bad cable connection, an

incorrectly wired cable or the NIC or hub may not be functioning correctly.2.1.3. Network Adapters and Protocols

Task:Check the Network Adapter (NIC): Use the Control PanelSystemDevice

Manager utility to verify that the Network Adapter (NIC) is functioning properly for both


22/232

workstations. Double click on Network Adapters and then right click the NIC adapter in use.

Click Properties to see if the device is working properly.

Explanation: If there is a problem with the NIC or driver, the icon will show ayellow circle with an exclamation mark in it with (possible resource conflict) or a red X

indicating a serious problem (device could cause Windows to lock up).

2.1.4. Check the TCP/IP Protocol SettingsTask:Use the Control Panel/Network Connections (or Properties in Context Menu of

My Network Places) to display Network Connections Window. Then use Properties in Context

Menu of Local Area Connection to display Local Area Connection Properties Window. Select

the TCP/IP protocol from the Configuration Tab and click on properties. Check the IPAddress and Subnet mask for both workstations on the IP Address Tab.

Figure 2.1 Network Connections Window


23/232

Figure 2.4. TCP/IP Properties Window

Explanation:The IP addresses can be set to anything as long as they are compatible and on

the same network. Record the existing settings before making any changes in case they need

to be set back (for instance, they may be DHCP clients now). For this lab, use the Class C IP

network address of 192.168.230.0 and set workstation 1 to static IP address 192.168.230.1

and set workstation 2 to 192.168.230.2. Set the default subnet mask on each workstation to

255.255.0.0. For the purpose of this lab, you can leave the Gateway and DNS Server entries

blank.

Note: The lab has been configured into 5 class C IP networks with addresses:

192.168.230.0, 192.168.231.0, 192.168.232.0, 192.168.233.0, 192.168.234.0

2.1.5. Check the TCP/IP Settings with the IPCONFIG UtilityTask:Use the ipconfig.exe command to see your TCP/IP settings on one screen. Click

on StartCommand Prompt.

Explanation: Enter ipconfig /all command to see all TCP/IP related settings for your

workstation.


24/232

1. Fill in the blanks below using the results of the IPCONFIG command from each

workstation:

Workstation 1 Name: Workstation 2 Name:

IP Address: IP Address:

Subnet Mask: Subnet Mask:

MAC (Hardware) Address: MAC (Hardware) Address:

2.1.6. Check the network connection with the Ping UtilityTask: Use the Ping Command to check for basic TCP/IP connectivity. Click on

StartCommand Prompt. Enter the Ping command followed by the IP address of the other

workstation (Example -ping 192.168.230.1 or 192.168.230.2).

Explanation: This will verify that you have a good OSI Layers 1 through 3

connections.

2.2. Learn various network related commands

To know and learn about various network related commands [ping, tracert, netstat, at,

net, route, arp] and few definitions cum settings.

2.2.1. PING CommandPing is a basic Internet program that lets you verify that a particular IP address exists

and can accept requests. The verbpingmeans the act of using the ping utility or command. Ping

is used diagnostically to ensure that a host computer you are trying to reach is actually

operating.

Various options available in the ping command:

-trepetitively send packets.

-nnumber of echo to be sent


25/232

-lsending buffer size [Max: 65500 bytes]

-fDont fragment; If this option is provided, then the packet should not be fragmented

and should be sent as it is.

-r countrecord route for count hops [3rd layer device]

-jloose source route [Optionally it can follow different route].

-kstrict source route [MUST follow the route specified by us].

Note: For loopback address, you can ping it and get returns even when you are offline (not

connected to any network). If you don't get any valid replies, then there's a problem with the

computer's Network settings.

Example:

In order to send a packet to a host [192.168.230.1] with size of 60000 bytes each. We wish

to send the packets repetitively.

ping -t -l 60000 192.168.230.1

In order to send a packet with a size of 1000 bytes and dont permit fragmenting.

ping -f -l 2000 192.168.230.1

In order to send a packet with a size of 1000 bytes and permit fragmenting.

ping -l 2000 192.168.230.1

In order to use loose route to a destination.

ping j 10.221.0.64 10.140.1.201

In order to use strict route to a destination.

ping k 10.221.0.64 10.140.1.201

This will generate destination host unreachable message because this is not the first

device that the ping will meet.

ping k 172.16.0.253 10.140.1.201

This will work fine because this is the first device that the ping will meet.Exercises:

1. Mention the difference between fragmenting and non-fragmenting packets.

2. Test the reach ability towards a PC [192.168.230.4] with fragmenting option enabled and

limit the number of echos to 5.


26/232

2.2.2 TRACERT Command

If someone would like to know how he goes from his house to his office he could just

tell the list of the crossroads where he passes. The same way we can ask the data sent over from

your computer to the web server which way does it go, through which devices? We ask it by

using the utility called traceroute. In most computers today you can use this tool from the

command line: In UNIX machines it is called traceroute, in MS Windows machines it is called

tracert.

Various options available in the tracert command:

-dDont resolve addresses to hostnames.

-h maximum_hopsMaximum number of hops to search for target

-j host_listLoose source router along host list.

-w time-outwait timeout milliseconds for each reply.

Example:

To check the options available in tracert,

tracert

To check the trace from your PC to a server

tracert 196.1.64.1

If you dont want the names of the PC or devices on the way,

tracert d 196.1.64.1

To check the loose route trace from your PC to a server

tracert j 10.221.0.64 10.140.1.201

Exercises:

Find the route from your PC to ITC [itc.kfupm.edu.sa OR 10.140.3.171].

Find the route from your PC to a CCSE server [vlsi.ccse.kfupm.edu.sa OR 196.1.64.70]

Using the answers of the above, determine what is the first device your packet reaches

to move from our network lab.


27/232

2.2.3 PATHPING Command

This command is used as IP trace utility and so it is similar to the tracert command. It

has some extra features compared to tracert command.

PATHPING [-n] [-h max_hops] [-g host-list] [-p period] [-q num_queries] [-w timeout] [-t] [-

R] [-r] target_name

-n Don't resolve addresses to hostnames

-h max_hops Max number of hops to search

-g host-list Loose source route along host-list

-p period Wait between pings (milliseconds)

-q num_queries Number of queries per hop

-w timeout Wait timeout for each reply (milliseconds)

-T Test each hop with Layer-2 priority tags

-R Test if each hop is RSVP aware

Exercises:Do as in tracert command but provide options for setting the local source.

2.2.4 Enhanced PingTJPing is an excellent, widely acclaimed ping/lookup/traceroute utility for

Win95/98/Me/NT/2000/XP. It's fully configurable, multithreaded, and is very fast. All

configuration options, hosts, and interface settings are remembered from session to session.

Users can log all results to the file of their choice. A screen shot of the TJPing software is

shown below:


28/232

Exercise:

Repeat the exercises provided to you in Ping and Tracert commands [Under sections

2.1 and 2.2] and store the result in a file for further reference.

2.2.5 NETSTAT CommandThis command is used to get information about the open connections on your system

(ports, protocols being used, etc.), incoming and outgoing data and also the ports of remote

systems to which you are connected.

Various options available in the netstat command:

-a Displays all connections and listening ports.

-e Displays Ethernet statistics. This may be combined with the -s option.

-n Displays addresses and port numbers in numerical form.

-p proto Shows connections for the protocol specified by proto; proto may be TCP or

UDP. If used with the -s option to display per-protocol statistics, proto may be TCP, UDP, or

IP.

-r Displays the routing table.


29/232

-s Displays per-protocol statistics. By default, statistics are shown for TCP, UDP and IP;

the -p option may be used to specify a subset of the default.

Note: always use -a so as to see UDP packets also.

Example:

To display all connections and listening ports

netstat a

To find out the statistics on your Ethernet card

netstat e

To get to know the routing table.netstat -r

Exercise:

Open a browser connection to http server [www.kfupm.edu.sa] and write down the

outcome of the command 'netstat -an'.

2.2.6 NetStat LiveHave you ever wondered just how fast your network connection is? Not just how fast

the modem is connected at, but how much data you can actually get? Does your internet

connection sometimes seem slower than normal? NetStat Live is a small, easy to use TCP/IP

protocol monitor which can be used to see your exact throughput on both incoming and

outgoing data - whether you're using a modem, cable modem, DSL, or even local network! NSL

doesn't just stop there, it lets you see how quickly your data goes from your computer to

another computer on the internet; it even will tell you how many other computers your data

must go through to get there! NSL also graphs your CPU usage of your system!


30/232

Exercise:

Generate traffic to server [192.168.230.1] using ping command [with various packet size

options] and see how much of your outgoing interface is being used.

2.2.7 AT CommandThis command is used to initiate any activity at a specific time. There are many options

in at command but we will concentrate on very few which we would use for network related

purposes.

Various options available in the atcommand:

/iinteractive, which opens any window to show the pinging[optional]/cindicates command.

AT [\\computername] [ [id] [/DELETE] | /DELETE [/YES]]

/every:date[,...] Runs the command on each specified day(s) of the week or month.

If date is omitted, the current day of the month is assumed.


31/232

/next:date[,...] Runs the specified command on the next occurrence of the day (for

example, next Thursday). If date is omitted, the current day of the month is assumed.

"command" Is the Windows NT command, or batch program to be run.

The at command does not automatically load cmd, the command interpreter, before running

commands. Unless you are running an executable (.EXE) file, you must explicitly load

CMD.EXE at the beginning of the command; for example, cmd /c dir > c:\test.out.

Example:

If we want to generate a ping at 13:15

at 13:15 /i cmd /c ping 192.168.232.2 -n 20

With interactive option, we dont need to give cmd for general DOS

commands.

at 13:15 /i ping 192.168.232.2 n 20

If we want to generate a ping on a specific PC

at \\ics-nwle2 13:15 /i cmd /c ping 192.168.234.245 -n 20

If we want to generate ping with specific options.

at 11:03am cmd /c ping 192.168.230.1 -t -l 3000

at 5:15pm cmd /c ping 192.168.231.1 -t -l 15000

Exercise:

A network administrator wishes to check whether the sever [192.168.230.1] present in

his vicinity is reachable, at the start of the day [8:00am]. Accomplish this task using at

command.

2.2.8 NET CommandThis command is used at the command prompt to display and control various network

related activities. We would refer to only to a small set of the options available. Various options available in the net command:

net namename of the PC

net sharedetails about shared resources

net startto start a service.


32/232

net stopto stop a service.

net useused to map a drive to the network path.

Example:

To create a share called "shared" for the "c:\ics432" directory

net share shared=c:\ics432

The computer would map the Z: drive to the network path //192.168.230.1/ics432

where c:\ics432 is already shared using the sharename shared.

net use z: \\192.168.230.1\shared

To delete the mapped drive

net use z: /DELETE

To remove the sharing optionnet share shared /DELETE

To send a text message to the computer with a host name of "ics-nwla1". If you receive

an error, Start Control Panel Administrative Tools Services. Make Messenger

service automatic. Click the Start Service button.

net send ics-nwla1 "ICS-NWLA1: A test message"

To know the computer names that your computer can be sent messages TO

net name

To know about more options in net share command.[Similar applies to other options

also]

net share /?

Exercise:

Provide the command to create a share called "ics-network" for the "c:\ics432"

directory

2.2.9 ROUTE CommandThis command manipulates network routing tables.

ROUTE [-f] [command [destination] [MASK netmask] [gateway]]

Various options available in the ROUTE command:


33/232

-f Clears the routing tables of all gateway entries. If this is used in conjunction with one of

the commands, the tables are cleared prior to running the command.

Command Specifies one of four commands

PRINT Prints a route

ADD Adds a route

DELETE Deletes a route

CHANGE Modifies an existing route

Destination Specifies the host to send command.

MASK If the MASK keyword is present, the next parameter is interpreted as the netmask

parameter.

Netmask If provided, specifies a sub-net mask value to be associated with this route entry.

If not specified, if defaults to 255.255.255.255.

GatewaySpecifies gateway.

All symbolic names used for destination or gateway is looked up in the network and

host name database files NETWORKS and HOSTS, respectively. If the command is print or

delete, wildcards may be used for the destination and gateway, or the gateway argument may be

omitted.

Example:

To display the routing table.

route PRINT

To add a route a destination

route add mask metric

IF

destination is the destination network or ip address [200.20.20.0].

subnetmask is the subnet mask to be used [255.255.255.0].

gateway is the next hop through which the packet goes [192.168.230.254].

number after metric indicates the metric value [3].

number after IF indicates interface number [0x2].

route add 200.20.20.0 mask 255.255.255.0 192.168.230.254 metric 3 if 0x2


34/232

Exercise:

Create a route entry in the routing table for a network 210.20.23.0 with the gateway

192.168.230.254 metric of 5.

2.2.10 ARP CommandThe address resolution protocol (ARP) is a protocol used by the Internet Protocol (IP),

specifically IPv4, to map IP network addresses to the hardware addresses used by a data link

protocol. The protocol operates below the network layer as a part of the interface between the

OSI network and OSI link layer.

ARP -s inet_addr eth_addr [if_addr]

ARP -d inet_addr [if_addr]

ARP -a [inet_addr] [-N if_addr]

Various options available in the ARP command:

-a Displays current ARP entries by interrogating the current protocol data. If inet_addr is

specified, the IP and Physical addresses for only the specified computer are displayed. If more

than one network interface uses ARP, entries for each ARP table are displayed.

-dDeletes the host specified by inet_addr.

-s Adds the host and associates the Internet address inet_addr with the Physical addresseth_addr. The Physical address is given as 6 hexadecimal bytes separated by hyphens. The entry

is permanent.

eth_addrSpecifies a physical address.

if_addr If present, this specifies the Internet address of the interface whose address

translation table should be modified. If not present, the first applicable interface will be

used.

Example:

To display the entries in ARP cache

arp -a

To delete an ARP entry in the cache

arp d 192.168.230.1


35/232

Exercise:

Remove all the entries in the ARP cache and then generate a PING command to a

specific PC [192.168.230.1]. Then, display all the entries in the ARP cache.

2.2.11 IPCONFIG CommandThis command is used to get IP configurations present in your PC.

IPCONFIG /all Display full configuration information.

IPCONFIG /release [adapter] Release the IP address for the specified

adapter.

IPCONFIG /renew [adapter] Renew the IP address for the specified

adapter.

IPCONFIG /flushdns Purge the DNS Resolver cache. ##

IPCONFIG /registerdns Refresh all DHCP leases and re-register DNS names.

##

IPCONFIG /displaydns Display the contents of the DNS Resolver Cache. ##

IPCONFIG /showclassid adapter Display all the DHCP class IDs allowed for adapter.

##

IPCONFIG /setclassid adapter [classid] Modify the dhcp class id. ##

## works on Windows XP & 2K

Examples:

> ipconfig ... Show information.

> ipconfig /all ... Show detailed information

> ipconfig /renew ... renew all adapters

> ipconfig /renew EL* ... renew any connection that has its

name starting with EL

> ipconfig /release *Con* ... release all matching connections,

eg. "Local Area Connection 1" or

"Local Area Connection 2"


36/232

> ipconfig /setclassid "Local Area Connection" TEST

... set the DHCP class ID for the

named adapter to = TEST

Exercise:Get to know about the TCP/IP configuration on your PC using ipconfig /all.

2.2.12 NETSH CommandConfigure interfaces, routing protocols, filters, routes, RRAS.

NETSH [-r router name] [-aAliasFile] [-c Context] [Command| -f ScriptFile]

contextmay be any of: DHCP,ip, ipx, netbeui, ras, routing, autodhcp, dnsproxy, igmp, mib,

nat, ospf, relay, rip, wins.

Under Windows XP the available contexts are: AAAA, DHCP, DIAG, IP, RAS, ROUTING,

WINS

To display a list of commands that can be used in a context, type the context name followed

by a space and a ? at the netsh> command prompt.

e.g.

netsh> routing ?

commandmay be any of:

/exec script_file_name Load the script file and execute commands from it.

/offline Set the current mode to offline. Changes made in this mode are

saved, but require a "commit" or "online" command to be set in

the router.

/online Set the current mode to online. Changes in this mode are

immediately reflected in the router.

/commit Commit any changes made in the offline mode to the router.

/popd Pop a context from the stack.


37/232

/pushd Push current context onto the stack.

/set mode [mode =] online | offline Set the current mode to online or offline.

/abort Discard changes made in offline mode.

/add helper DLL-name Install the helper .dll file in netsh.exe.

/delete helper .dll file name Remove the helper .dll file from Netsh.exe.

/show alias list all defined aliases.

/show helper list all top-level helpers.

/show mode show the current mode.

/alias List all aliases.

/alias [alias_name] Display the string value of the alias.

/alias [alias_name] [string1] [string2 ...] Set alias_name to the specified strings.

/unalias alias_name Delete an alias.

/dump - file name Dump or append configuration to a text file.

/bye Exit NETSH

/exit Exit NETSH

/quit Exit NETSH

/h Display help

/help Display help

/? Display help

Examples:

Enter the netsh command.

netsh

Dump all the network information as a script to the screen. Can also be sent to a file

by doing netsh dump > file.txt . This script can then be executed using the exec

command.

netsh dump

Set the "Local Area Connection" to DHCP.

set address name="Local Area Connection" source=dhcp

Set the local address to Static.


38/232

set address local static 10.0.0.9 255.0.0.0 10.0.0.1 1

View network ip configuration. Below is an example of what may be seen.

netsh interface ip show config

Exercises:

Provide the command to know the files that are needed for routing operation.

Get the information about the various interfaces present in your PC.

2.3 Reference

NetStat Live Software

http://www.analogx.com/contents/download/network/nsl.htm

NET Command

http://www.computerhope.com/nethlp.htm#04

ROUTE Command

http://www.computerhope.com/routehlp.htm
http://www.analogx.com/contents/download/network/nsl.htmhttp://0.0.0.4/http://www.computerhope.com/routehlp.htmhttp://www.computerhope.com/routehlp.htmhttp://0.0.0.4/http://www.analogx.com/contents/download/network/nsl.htm


39/232

L A B 3

REMOTE ACCESS SYSTEM AND VPN

3. Objectives

Learn about Remote Access System

Configure RAS server and clients using Windows 2003

Learn about Virtual Private Networks

Configure VPN server and clients using Windows 2003

Configure a network which includes VPN with RAS

3.1 Installing and configuring RAS server

3.1.1 Installing RAS Server1. Click StartAdministrative Tools Routing and Remote Access2. Right-click on Server Statusand selectAdd Server

3. SelectThis Computerand Click OK.


40/232

4. Select the name of the computer you are working on, which will appear under the Server

Status. Right-click and select Configure and enable Routing and Remote access

5. Routing and Remote access server setup wizard will appear. Click Next.

6. Configuration window will appear. Select Remote Access [Dialup or VPN]. Click

Next.

7. Select Dialup. Click Next.

8. Select any network card in Network Selection. Click Next. IP address assignment

window will appear.

9. Select From a specified range of addresses. Click Next.

10.Address range assignment window will appear. Click New.

11.Provide the address range as instructed by the instructor. Make sure this IP range doesnt

have the already assigned IP addresses of our lab like 192.168.243.1 to 192.168.243.10.


41/232

12.Click OK. Click Next.

13.Managing multiple remote access servers window will appear. Click No, use routing

and remote access to authenticate connection requests.

14.Click Next. Click Finish.

15.Click OK.


42/232

3.1.2 Configuring a direct serial connection Open Control Panel.

Double-click Phone and Modem Options, click the Modems tab, and then click New.

In the Install New Modem wizard, select the Don't detect my modem; I will select it

from a list check box, and then click Next.

In Manufacturer, click Standard Modem Types.

In Models, click Communications cable between two computers, and then click Next.


43/232

Follow the remaining instructions in the Install New Modem wizard.

3.1.3 Installing and Configuring RAS client1. Click StartControl PanelNetwork ConnectionsNew Connection Wizard.2. Click Next.

3. Network Connection Type window appears.

4. Click on Set up an advanced connection. Click Next.

5. Advanced connection options window will appear. Select Connect directly to another

computer. Click Next.

6. Select Guest[which indicates client]. Click Next.

7. Connection Name window appears. Type the server computer name in the computer

name text box. Click Next.


44/232

8. Select a device window appears. Select Communication cable between two

computers [COM1]. Click Next.

9. Connection availability window appears. SelectAnyones Use. Click Next.

10. Click Finish.

3.1.4 Dialup to the server1. The server and the client should be connected through COM1 port. This connection is

made using roll-over cable with DB9-to-RJ45 convertor.

2. Click Start

Control Panel

Network Connections.3. An option appears in the name of the dialup server. Click this option.

4. Connect window appears. Enter the username and password for the server PC.


45/232

5. Click Connect.

6. Now that you are connected to the server.

3.1.5 Testing the RAS Installation1. After the client is connected to the server, the following entry appears in the server.


46/232

2. Type the ipconfig /allcommand on both the RAS server and the RAS client to find

out:

At the Server:

1. From where does the PPP adapter get its own IP address?

2. Why is it that the subnet mask of the PPP is 255.255.255.255?

At the Client:

IP address is assigned by the RAS server to the RAS client.


47/232

Why the subnet mask is 255.255.255.255?

Why is that the default gateway and the IP address be the same?

3. Ping from any network computer to the RAS client using:

Its static IP address.

The IP address assigned to it by the RAS server.

Its host name.

4. What responses do you obtain in each case?

5. From a RAS client, use the Internet Explorerto view the default Web page on a Web

server in the network

6. What do you notice concerning the downloading speed between the networked Web

server and the RAS client?

7. From any computer on the network, use Internet Explorerto access the Web site of a

RAS client.

8. What RAS client address did you use? And what do you notice concerning the

downloading speed between the RAS client and the networked client?


48/232

Hint: http://static_IP_address

http://hostname

http://RAS_client_IP_address

9. If two or more RAS clients are available during this lab experiment; use Internet

Exploreron one of the RAS clients to access the Web server on another RAS client.

10.What do you notice concerning the downloading speed between the two RAS clients?

3.2 Virtual Private Networks

A VPN utilizes public telecommunications networks to conduct private data

communications. Most VPN implementations use the Internet as the public infrastructure and

a variety of specialized protocols to support private communications through the Internet.

VPN follows a client and server approach. VPN clients authenticate users, encrypt data, andotherwise manage sessions with VPN servers utilizing a technique called tunneling.

VPN clientsandVPN serversare typically used in these three scenarios:

1. Remote access client connections: to support remote access to an intranet,

2. LAN-to-LAN internetworking: to support connections between multiple intranets

within the same organization, and

3. Controlled access within an intranet: to join networks between two organizations,

forming an extranet.

The main benefit of a VPN is the lower cost needed to support this technology

compared to alternatives like traditional leased lines or remote access servers. VPN servers can

also connect directly to other VPN servers. A VPN server-to-server connection extends the

intranet or extranet to span multiple networks.

3.3 Experimental Setup

In this experiment, we are going to setup a network using three PCs. One PC (PC1) is

a RAS client, which dials to the RAS server (PC2). PC1 and PC2 are connected only usingCOM1. PC3 is a VPN server that is connected to PC2 using the connection the switch. The

remote node (RAS client) wanting to log into the VPN site, calls into a local RAS server

connected to the public network. The VPN client establishes a connection to the VPN server

maintained at the other site. Once the connection has been established, the remote client can
http://static_ip_address/http://hostname/http://ras_client_ip_address/http://ras_client_ip_address/http://hostname/http://static_ip_address/


49/232

communicate with the VPN site network just as securely over the public network as if it

resided on the internal LAN itself.

Note: For setting up RAS client and server, see the first part of the lab.

3.3.1 Configuring VPN ServerIn Windows 2003, this can be setup from the RRAS (Routing and Remote Access

Server) Administrative Tool.

1. Click StartAdministrative Tools Routing and Remote Access2. Right-click on Server Statusand selectAdd Server

3. SelectThis Computerand Click OK.


50/232

4. Select the name of the computer you are working on, which will appear under the

Server Status. Right-click and select Configure and enable Routing and Remote

access

5. Routing and Remote access server setup wizard will appear. Click Next.

6. Configuration window will appear. Select Remote Access [VPN]. Click Next.

7. Select Dialup. Click Next.

8. Select any network card in Network Selection. Click Next. IP address assignmentwindow will appear.

9. Select From a specified range of addresses. Click Next.

10.Address range assignment window will appear. Click New.


51/232

11.Provide the address range as instructed by the instructor. Make sure this IP range

doesnt have the already assigned IP addresses of our lab like 192.168.243.1 to

192.168.243.10.

12.Click OK. Click Next.

13.Managing multiple remote access servers window will appear. Click No, use routing

and remote access to authenticate connection requests.

14.Click Next. Click Finish.

15.Click OK.


52/232

16.The output of the ipconfigcommand should appear like the following.

17.Is it necessary to have more than one network card for VPN server? Justify.

18.If VPN server has two network cards, is it necessary that they both should belong to

different networks? Justify.

3.3.2 Configuring VPN Client1. Right click the My Network Places icon and select Properties. This will bring you to the

Network Connections window that displays a list of your current network connections.


53/232

2. Double click the New Connection Wizard icon. You are faced with three options -

choose the second one, "Connect to the network at my workplace" and click Next.

Now choose the second option, "Virtual Private Network connection" and click Next.

3. Enter the name of the company or server you will be connecting to. Click Next.

4. Enter the host name or IP address of the VPN server. Hint: Entering the IP address is

recommended.


54/232

5. "Connection Availability" windows appear. "Anyone's use" will permit anyone who logs

onto the system to use the connection, whereas "My use only" will limit it's use to you

only. Choose My use only.


55/232

6. Click Next and Finish.Your new connection will be visible in the Network Connections

window.

7. Right click the new connection and select properties to open the properties window.

Here, you can configure, amongst others, the network settings and general options.

8. Select the Networking tab and in the "Type of VPN" drop down list, choose PPTP

VPN [Optional].

9. In the Options tab, you are able to configure dialing and redialing options on this page.

10.If you are using the same logon at your company network as you are for the VPN

server, then select the "Include Windows logon domain" check box.

11.Go to the security tab and verify that the screen looks like the one below.

12.If you select the General tab you can change the IP or Host Name of the VPN server

and select whether or not you want another connection to be established first before

initiating the VPN connection. For our experiment, we need to enable Dial another

connection first option with the dial-up connection we have setup towards the RAS

server [Refer RAS experiment].


56/232

13.Press OK to close the window and return to the network connections window. If you

double click your VPN connection the logon window will appear.

14.Enter your username and password and click Connect. After the authentication process

is complete, you will be logged on to the VPN Server and two computers will appear at

the bottom right hand corner of your screen (default).


57/232

15.The output of the ipconfigcommand should appear like the following.

Why do we have two PPP adapters here?

Write about the route taken by the packet to go from the VPN client to the VPN

server.

3.4 Firewalls and VPN

In this lab you will set up a network where servers are accessed over the Internet by

customers who have different privileges. You will study how firewalls and VPNs can provide

security to the information in the servers while maintaining access for customers with the

appropriate privilege.

3.4.1 Create a New Project3 Start OPNET IT Guru Academic Edition Choose New from the File menu.

4 Select Project and click OK Name the project _VPN, and the

scenario NoFirewall Click OK.

5 Click Quit on the Startup Wizard.

6 To remove the world background map, select theView menu Background Set

Border Map Select NONE from the drop-down menu Click OK.

3.4.2 Create and Configure the NetworkInitialize the Network

6. Open the Object Palette dialog box by clicking . Make sure that the internet_toolbox

item is selected from the pull-down menu on the object palette.


58/232

7. Add the following objects, from the palette, to the project workspace (see figure below for

placement): Application Config, Profile Config, an ip32_cloud, one ppp_server, three

ethernet4_slip8_gtwy routers, and twoppp_wkstn hosts.

a. To add an object from a palette, click its icon in the object palette Move your

mouse to the workspace and click where you want to place the object Rightclick

to indicate you are done creating objects of this type.

b. Note: The ppp_server and ppp_wkstn support one underlying SLIP (Serial Line

Internet rotocol) connection at a selectable data rate. PPP DS1 connects two nodes

running IP. Its data rate is 1.544 Mbps.

8. Rename the objects you added and connect them using PPP_DS1 links, as shown below:

9. Save your project.

3.4.3 Configure the Nodes Right-click on the Applications node Edit Attributes Assign Default to the

Application Definitions attributeClick OK.

Note: Several example application configurations are available under the Default

setting. For example, "Web Browsing (Heavy HTTP1.1)" indicates a Web browsing

application performing heavy browsing using HTTP 1.1 protocol.

Right-click on the Profiles node Edit Attributes Assign Sample Profiles to the

Profile Configuration attribute Click OK.


59/232

Right-click on the Server node Edit Attributes AssignAll to theApplication:

Supported Services attribute Click OK.

Right-click on the Sales A node Select Similar Nodes (make sure that both Sales

A and Sales B are selected).

Right-click on the Sales A node Edit Attributes Check theApply Changes to

Selected Objects check-box.

Expand the Application: Supported Profiles attribute Set rows to 1 Expand

the row 0 hierarchy Profile Name = Sales Person (this is one of the sample

profiles we configured in the Profiles node).

Click OK.

Save your project.

3.4.4 Choose the StatisticsRight-click anywhere in the project workspace and select Choose Individual Statistics

from the pop-up menu.

In the Choose Results dialog, check the following statistics:

Global StatisticsDB QueryResponse Time (sec).

Global StatisticsHTTPPage Response Time (seconds).

Note:DQ Query Response Time is measured from the time when the database query

application sends a request to the server to the time it receives a response packet.

HTTP Page Response Time specifies the time required to retrieve the entire page

with all the contained inline objects.

Click OK.

Right-click on the Sales A node and select Choose Individual Statistics from the pop-up

menu.

In the Choose Results dialog, check the following statistics:Client DBTraffic Received (bytes/sec).

Client HttpTraffic Received (bytes/sec).

Click OK.


60/232

Right-click on the Sales B node and select Choose Individual Statistics from the pop-up

menu.

In the Choose Results dialog, check the following statistics:

Client DBTraffic Received (bytes/sec).

Client HttpTraffic Received (bytes/sec).

Click OK and then save your project.

3.5 The Firewall Scenario

In the network we just created, the Sales Person profile allows both sales sites to

access applications such as Database Access, Email, and Web Browsing from the server (check

the Profile Configuration of the Profiles node). Assume that we need to protect the database

in the server from external access, including the sales people. One way to do that is to replace

Router C with a firewall as follows:

Select Duplicate Scenario from the Scenarios menu and name it Firewall Click OK.

In the new scenario, right-click on Router C Edit Attributes.

Assign ethernet2_slip8_firewall to the model attribute.

Expand the hierarchy of the Proxy Server Information attribute Expand the row 1,

which is for the Database application, hierarchy Assign

Lab Manual for Computer Networking

Documents

Transcript of Lab Manual for Computer Networking