NETWORK LAB MANUAL Exercise 1: Exercise 2:

NETWORK LAB MANUALExercise 1:To learn to use ethereal to capture and analyze packets.To do: Start ethereal on one or both interfaces that the machine has. Go to the capture menuand select the start option. Wait for some time and after enough packets have beencaptured, stop the capture.Output: Ethereal output will show three frames.➢ The first one will consist of one line messages for all packets captured stating thebasic protocol type of the packet.➢ The second frame will show the packet headers present in each packet – such asEthernet, IP, UDP etc. Each of these headers can be expanded and the values of thevarious fields in these headers should be observed.➢ The third frame consists of the hex dump of the packet. This can be related to theheaders in the second frameWhat to look for:➢ For each different protocol type seen in the ethereal output, identify what is thedemultiplexing field in the ethernet frame➢ Identify how ethereal is able to classify the output as belonging to a particularprotocolAnswer:1. Why do you see many ARP Requests but not many ARP replies in the output?Exercise 2:To learn how to configure IP addresses in Linux and understand rules of IP addressingTo do: Disconnect the machines from the general LAN. Using the switches provided,connect the machines into different switches – two or three per switch. Configure anyrandom IP address to each of the machines.How to: Use neat command in RedHat versions of Linux. Or, alternately, use the commandifconfig.Output: The IP address of the machine should be the configured value.How to verify: Use the command ifconfig. This gives the IP addresses assigned to each of theinterfaces of the machine. The other method is to ping to the address given. ping to a wrongaddress to see what happens.Check: Reachability of other machines – do this by using the ping command.1. whether you are able to reach the other machines connected to your switch.2. whether you are able to reach machines connected to other switches.

Answer:1. Why you are able to or not able to connect to the other machines in the lab.Exercise 3:To learn to create multiple independent LANs and test connectivity between them.To do: Connect machines as in Exercise­2. When configuring IP addresses, however,configure the addresses belonging to the same IP network address for the machines that areconnected to the same switch. Try with different subnet masks.Output: The machines should be reachable from one another.Answer:1. Why do you need to configure all addresses with the same IP network address?2. If you configure machines of the same switch as follows: 10.1.0.1/24, 10.1.1.1/16 and10.1.2.2, what is the reachability of these machines that are on the same switch?Explain what you observed.3. Are you able to reach all machines belonging to different switches from all machines?Why or why not?4. What do you need to reach all machines from all machines?Exercise 4:To observe the routing table entries on the routers.To do: In the LANs created as in Exercise­3, on each of the routers, check the routing tableentries. Create static routes to ensure reachability.How to: Routing table entries can be seen using any of the following commands – use theman pages of the commands to understand the output and also learn the various otheroptions that are available. Specifically, see what the option ­n stands for and what happensif you do not use it.netstat ­rn or route ­nOutput: The routing table entries are seen.What to look for: Observe the various fields being displayed by the above commands andunderstand what these fields are.Answer:1. What are the most important fields you observed in the output and what do they tellyou?2. What are the entries you saw, in common, to all the machines? Why are these entriesseen in all the machines?

Exercise 5:To add static route entries to the routing table in the routers.To do: Continuing Exercise­3, add static routes to the routers.How to: configuring static routes can be done through neat in RedHat Linux or using theroute command used above to see the routing table entries.Answer:1. Why do you need to add static routes to reach all machines from all machinesconnected to different LANs as in Exercise­2.2. What static route entries were needed on your router to help you reach all LANs?Exercise 6:To observe what are the packets transmitted as part of the ping command.To do: Capture traffic in ethereal and observe what are the packets sent as part of pingcommand.What to look for: Check that the packets are ICMP and that they are having the type andcode fields as specified for ICMP echo request and ICMP echo reply packets. Check theprotocol field in IP header and verify that it carries the value assigned to ICMP by IANA.Exercise 7:To observe IP fragmentation and reassembly.How to: Use the ping ­s command with size > 1500 bytes to observe fragmentationand reassembly. Do this from two different systems to the same system continuously.To do: Capture traffic in ethereal and observe the various fields in IP header that will tell youwhich are the first, middle and last fragments.Answer:1. Why should the size be > 1500?2. What are the fields you saw that allow you to distinguish which fragment belongs towhich packet of which machine?Exercise 8:To observe effects of configuring two IP addresses belonging to the same network on twodifferent interfaces.How to: Configure two different IP addresses belonging to the same network to two differentinterfaces of the router. Then, connect only one of them to the switch which represents theLAN for that IP network.

To do: Check reachability of the hosts on that LAN from the router and vice versa.Answer:1. Why or why you are not able to reach all machines on the LAN with only oneinterface connected to the LAN represented by that switch.Exercise 9:To understand the three­way handshake involved in TCP.How to: Do a ssh or sftp to another host on the same or different LAN.To do: Capture ethereal output as you do the above. Analyse the output to see what are thebit fields set in TCP frame as well as the values in other fields.Answer:1. What are the seq# and ack# in various packets of TCP segments seen? Explain whythey are so.Exercise 10:To understand the retransmissions in TCP.How to: After establishing a TCP connection, remove the network cable of one end from theswitch. Then, send data on the connection and check that retransmissions happen.To do: Use ssh to connect from H1 to H2. Disconnect H2 from the switch. Type a commandon H1's ssh connection to H2. Observe the ethereal output and see how manyretransmissions at what time difference were sent. Reconnect H2 to the network.Answer:1. What happens if H2 is connected before all retransmissions are complete?2. What about in the other case?Exercise 11:To understand the half­close connections in TCP.How to: Similar to Exercise­9. After disconnecting H2, however, close the connection in H1.To do: Observe the open connections using netstat command before and after the closeoperation. Use netstat ­atn to see all open TCP connections. As before, study the man pageto understand what these options are and what would happen if you remove the ­n option.Do this on both H1 and H2.Answer:1. What did you see in H1 and H2 as output of netstat? How do you explain thedifferences?

Exercise 12:To understand the RST bit in TCP.How to: As in Exercise­10, connect from H1 to H2, disconnect H2 and then reboot H2. All thistime, do not type anything in H1's ssh connection window. After H2 is rebooted, type acommand in H1's ssh terminal while capturing data in ethereal.To do: Look at the output of the ethereal and check what fields of TCP are set and what is theresponse to the commands typed in H1.Exercise 13:To understand how traceroute works.To do: Do a traceroute to various machines in the different LANs created from Exercise­3.Capture traffic in ethereal and analyze the output.What to look for: For each UDP packet sent out by the traceroute command, observe thevarious fields in the IP header. Observe the various ICMP messages seen.Answer:1. What are the different type of ICMP messages seen in traceroute? Why are these seen?Exercise 14:To understand ICMP redirect messages.How to: Create the network topology required to observe the ICMP redirect message. In thisexperiment, have two routers, R1 and R2, connected to the same LAN along with a host H1.In host H1, have the default router as R2. Then, ping a machine that is connected to R1'sother interface.To do: Capture traffic while pinging and see what messages are captured.Answer:1. Why do you see an ICMP redirect message for the ping from H1 to a host H2connected to R1's other interface?2. Why do you not see this for other hosts connected to R3 or R4?Exercise 15:To understand the various ICMP destination unreachable messages.Answer:1. When do you see ICMP destination unreachable – network unreachable message?2. When do you see ICMP destination unreachable – host unreachable message?3. When do you see ICMP destination unreachable – port unreachable message?