LAB MANUAL

COMPUTER
NETWORK SYSTEMS


Department of Information and Computer Science
College of Computer Science and Engineering
King Fahd University of Petroleum and Minerals
2005
TABLE OF CONTENTS

LAB1 ..................................................................................................................................... 1
Getting start.......................................................................................................................... 1
1. Objectives:.............................................................................................................. 1
1.2 General Lab Description: .................................................................................... 1
1.2.1 Structure of the lab............................................................................................... 1
1.2.2 Network Cable ............................................................................................... 3
1.3 Introduction to network device: ........................................................................ 4
1.3.1 3Com Switch 3300......................................................................................... 4
1.3.2 Cisco 2600 routers......................................................................................... 5
1.3.3 Cable connection for network devices ...................................................... 6
13.3.4 Straight through cable............................................................................ 6
13.3.5 Cross-over cable...................................................................................... 7
13.3.6 Roll over cable......................................................................................... 7
13.4 Introduction to IP addressing:............................................................................ 8
13.4.4 Rules of IPv4 addressing....................................................................... 8
13.5 Software Packages:.............................................................................................. 11
13.6 References: ........................................................................................................... 11
LAB 2 .................................................................................................................................. 12
LAN SETUP and monitoring ........................................................................................ 12
2. Objectives............................................................................................................. 12
2.1. Setting up a simple network.............................................................................. 12
2.1.1. Check Local Area Network Connections ........................................ 13
2.1.2. Plug in and connect the equipment................................................... 13
2.1.3. Network Adapters and Protocols...................................................... 13
2.1.4. Check the TCP/IP Protocol Settings ............................................... 14
2.1.5. Check the TCP/IP Settings with the IPCONFIG Utility............ 15
2.1.6. Check the network connection with the Ping Utility..................... 16
2.2. Learn various network related commands..................................................... 16
2.2.1. PING Command.................................................................................. 16
2.2.2 TRACERT Command................................................................................ 18
2.2.3 PATHPING Command............................................................................. 19
2.2.4 Enhanced Ping ............................................................................................. 19
2.2.5 NETSTAT Command................................................................................ 20
2.2.6 NetStat Live .................................................................................................. 21
2.2.7 AT Command .............................................................................................. 22
2.2.8 NET Command........................................................................................... 23


2.2.9 ROUTE Command..................................................................................... 24
2.2.10 ARP Command..................................................................................... 26
2.2.11 IPCONFIG Command....................................................................... 27
2.2.12 NETSH Command.............................................................................. 28
2.3 Reference.............................................................................................................. 30
LAB 3 .................................................................................................................................. 31
Remote Access System and vpn..................................................................................... 31
3. Objectives............................................................................................................. 31
3.1 Installing and configuring RAS server ............................................................ 31
3.1.1 Installing RAS Server .................................................................................. 31
3.1.2 Configuring a direct serial connection..................................................... 34
3.1.3 Installing and Configuring RAS client ..................................................... 35
3.1.4 Dialup to the server..................................................................................... 36
3.1.5 Testing the RAS Installation...................................................................... 37
3.2 Virtual Private Networks............................................................................ 40
3.3 Experimental Setup..................................................................................... 40
3.3.1 Configuring VPN Server............................................................................ 41
3.3.2 Configuring VPN Client............................................................................. 44
3.4 Firewalls and VPN.............................................................................................. 49
3.4.1 Create a New Project .................................................................................. 49
3.4.2 Create and Configure the Network.......................................................... 49
3.4.3 Configure the Nodes................................................................................... 50
3.4.4 Choose the Statistics.................................................................................... 51
3.5 The Firewall Scenario......................................................................................... 52
3.6 The Firewall VPN Scenario.............................................................................. 53
3.6.1 Configuring the VPN.................................................................................. 54
3.6.2 Run the Simulation...................................................................................... 55
3.6.3 View Results.................................................................................................. 56
3.7 References ............................................................................................................ 59
LAB4 ................................................................................................................................... 60
Dynamic host configuration protocol DHCP ......................................................... 60
and........................................................................................................................................ 60
network measurement ...................................................................................................... 60
4. Objectives............................................................................................................. 60
4.1 Dynamic Host Configuration Protocol .......................................................... 60
4.1.1 Configure your computer........................................................................... 60
4.1.2 Configure Windows 2003 as a DHCP Client......................................... 61
4.1.3 Configure Windows 2003 as a DHCP Server ........................................ 61
4.1.4 Capture DHCP traffic................................................................................. 64
4.2 Network Measurement ...................................................................................... 67
4.2.1 Getting ready for measurement ................................................................ 67
4.2.2 Creating a Real-Time Performance Monitor chart................................ 68
ii

4.2.3 Install the Network Monitor ..................................................................... 68
4.2.4 Configure the chart...................................................................................... 68
4.2.5 Generation of data and its representation on the chart........................ 69
4.2.6 Summarizing performance data in a Performance Monitor report.... 69
4.2.7 Generating Alerts......................................................................................... 70
4.2.8 Topology Diagrams..................................................................................... 72
4.2.9 Cascade shared hubs ................................................................................... 74
4.2.10 Segmented LAN.......................................................................................... 74
4.2.11 High-density Fast Ethernet Switched workgroup................................. 74
4.2.12 Data-entry tables .......................................................................................... 74
3.8 Analysis ................................................................................................................. 77
3.9 References ............................................................................................................ 78
LAB5 ................................................................................................................................... 79
domain name system........................................................................................................ 79
5. Objectives:.............................................................................................. 79
5.1 Domain Name System....................................................................................... 79
5.1.1 Background Information............................................................................ 79
5.1.2 Configure Windows 2003 to use DNS.................................................... 79
5.1.3 Execute some DNS queries using nslookup.......................................... 81
5.1.4 Capturing DNS traffic using Ethereal ..................................................... 85
5.2 Setting up for the DNS Client and DNS Server........................................... 87
5.2.1 Install and Configure a DNS Server Using the Wizard........................ 87
5.3 Configuring the DNS Server through Management Console.................... 90
5.3.1 Adding a Host Address Record................................................................ 91
5.3.2 Location of DNS data in Windows 2003................................................ 93
5.3.3 Testing the DNS Server configuration.................................................... 94
5.4 Configuring the DNS Server to forward to other DNS Servers ............... 94
5.5 Removing the service ......................................................................................... 95
5.6 References: ........................................................................................................... 95
LAB 6 .................................................................................................................................. 96
HTTP and WEb................................................................................................................ 96
6. Objectives............................................................................................................. 96
6.1 Background Information:.................................................................................. 96
6.2 Install and Examine TCP/IP services ............................................................ 97
6.3 Install Internet Information Services and the FTP Service ........................ 98
6.3.1 Configure the FTP Service......................................................................... 99
6.3.2 Using FTP...................................................................................................100
6.5 Capturing HTTP traffic using Ethereal: .......................................................106
6.5.1 Examining HTTP Requests and Replies...............................................106
6.5.2 Practice HTML tables, Styles and colors...............................................108
6.5.3 Practice Active Server Pages ( ASP )......................................................110
6.5.4 Web Caching...............................................................................................113
iii

6.5.5 Enable Content Expiration in IIS 5.0....................................................113
6.5.6 Prevent Caching using an ASP Script ....................................................113
6.5.7 Remove all the services you have installed ...........................................114
PART II ............................................................................................................................115
Remote desktop web connection.................................................................................115
Objectives: ........................................................................................................................115
6.6 Remote Desktop Web Connection...............................................................115
6.6.1 To connect to another computer using Remote Desktop Web
Connection................................................................................................................118
6.6.2 To work like using remote keyboard and remote mouse...................119
LAB 7 ................................................................................................................................120
Socket programming.......................................................................................................120
7. Objectives...........................................................................................................120
7.1. Background Information.................................................................................120
7.1.1. Socket-Definition................................................................................120
7.1.2. TCP/IP and UDP/IP communications ........................................120
7.1.3. Datagram communication ................................................................120
7.1.4. Stream communication......................................................................120
7.1.5. Sockets using UDP connection.......................................................121
7.1.6. Sockets using TCP connection ........................................................123
7.1.7 Creating an input stream..........................................................................124
7.1.8 Creating an output stream........................................................................124
7.1.9 Closing sockets...........................................................................................125
7.2. Examples: ...........................................................................................................125
7.2.1 Handshaking of the client and the server..............................................125
7.2.2 Echo Client and Server Programs ..........................................................125
7.2.3 Server handling more than one client ....................................................125
7.2.4 A simple Web server .................................................................................126
7.3 Exercises.............................................................................................................126
7.4 Writing an SMTP and POP3 Client Program.............................................126
7.4.1 Setting up the POP3 Server .....................................................................127
7.4.2 SMTP Procedure........................................................................................130
7.4.3 Reading the email using POP3 service ..................................................131
LAB8 .................................................................................................................................133
Simulation using IT GURU..........................................................................................133
6. Objectives:..........................................................................................................133
1.1 Overview: ...........................................................................................................133
1. Build the Simulation Model .....................................................................133
2. Configure the Simulation .........................................................................136
3. Duplicate the Scenario..............................................................................137
4. Run the Simulation....................................................................................138
5. Inspect and Analyze Results ....................................................................138
iv

2.2 Exercises: ............................................................................................................142
PART -II...........................................................................................................................143
Switched LANs................................................................................................................143
Objective:..........................................................................................................................143
3.3 Overview: ...........................................................................................................143
8.4 Procedure: ..........................................................................................................144
8.4.1 Create a New Project ................................................................................144
8.4.2 Create the Network...................................................................................144
8.4.3 Configure the Network Nodes ...............................................................145
8.4.4 Choose Statistics ........................................................................................146
8.4.5 Configure the Simulation .........................................................................147
8.4.6 Duplicate the Scenario..............................................................................147
8.4.7 Run the Simulation....................................................................................148
8.4.8 View the Results.........................................................................................149
8.5 Questions............................................................................................................152
LAB9 .................................................................................................................................153
Protocol Analyzer and Network Design.....................................................................153
9. Objective.............................................................................................................153
1.1 General Lab setup.............................................................................................153
1. Capturing ARP traffic...............................................................................154
2. Viewing the ARP cache............................................................................154
3. Capturing and analyzing ARP frames using Ethereal .........................154
PART II ............................................................................................................................158
9.2 Overview............................................................................................................158
9.3 Procedure ...........................................................................................................158
9.3.1 Create a New Project ................................................................................158
9.3.2 Create and Configure the Network........................................................159
9.3.3 Configure All Departments .....................................................................161
9.3.4 Configure the Servers................................................................................ 162
9.3.5 Connect the Subnets ................................................................................. 163
9.3.6 Configure the Simulation ......................................................................... 164
9.3.7 Questions .................................................................................................... 167
LAB10 ...............................................................................................................................168
switching experiments ....................................................................................................168
10. Objectives...........................................................................................................168
10.1 Connecting to the switch.................................................................................168
10.2 Grouping of PCs into VLANs.......................................................................168
10.2 Enable security option of a switch port........................................................169
10.3 Create looping and break it using spanning tree.........................................170
10.5 Testing other settings .......................................................................................171
10.5.1 Auto-negotiation setup......................................................................171
10.5.2 Resilient Links .....................................................................................172
v

10.5.3 Changing the switching modes ........................................................ 172
10.5.4 Broadcast Storm Control .................................................................. 173
10.5.5 VLT tagging......................................................................................... 173
10.6 Questions............................................................................................................173
10.7 References ..........................................................................................................174
LABS 11 and 12...............................................................................................................175
routing experiments........................................................................................................175
13. Objectives:..........................................................................................................175
11.1 Review of IP address........................................................................................175
11.2 Configure the Lab as a set of networks connected by routers.................175
11.2.1 Configure Windows 2003 machine as router ................................176
11.2.2 Checking for connectivity.................................................................177
11.3 A Quick Guide to CISCO 2600 Routers .....................................................178
11.3.1 Connecting to Router ........................................................................178
11.3.2 Router Modes - Unprivileged and privileged modes ...................179
11.3.3 Global configuration (config)...........................................................180
11.3.4 Configuring interfaces........................................................................180
11.3.5 Routing .................................................................................................181
11.3.6 Saving your configuration.................................................................182
11.3.7 Viewing Configuration ......................................................................183
11.3.8 Exercise ................................................................................................184
11.4 Configure Router in your Segment................................................................184
11.4.1 Lab setup..............................................................................................184
11.4.2 Configure the router...........................................................................185
11.5 Capturing RIP traffic........................................................................................187
11.6 Using Static Routes...........................................................................................189
11.7 Adding a static default route...........................................................................189
11.8 Dynamic Routing with OSPF within an area ..............................................190
11.9 Access List..........................................................................................................191
11.10 References ...................................................................................................193
LAB13 ...............................................................................................................................194
PART I..............................................................................................................................194
icmp and tcp packet analysis .........................................................................................194
13. Objectives [Lab 13A]: ......................................................................................194
13.1. General Lab setup.............................................................................................194
13.2. Capturing ICMP traffic....................................................................................195
13.2.1. Capture ICMP packets generated and received during TraceRoute
198
13.2.2. Capturing ICMP Destination Unreachable message ...................202
13.2.3. Generate IP fragmented packet .......................................................203
13.2.4. Viewing ICMP statistics ....................................................................204
13.3. Capturing TCP traffic.......................................................................................204
vi

vii
13.3.1. What goes on during a Web surfing session?................................204
13.3.2. Structure and Encapsulation of a TCP segment...........................207
13.3.3. Analyzing the Phases of a TCP connection ..................................208
13.4. References ..........................................................................................................210
LAB13 ...............................................................................................................................211
TCP Simulation ...............................................................................................................211
Objectives [Lab 13B]: ....................................................................................................211
13.5 Overview............................................................................................................211
13.6 Create a New Project........................................................................................212
13.7 Create and Configure the Network...............................................................212
13.7.1 Initialize the Network........................................................................212
13.7.2 Configure the Applications...............................................................213
13.7.3 Configure the Profiles........................................................................214
13.7.4 Configure the West Subnet...............................................................215
13.7.5 Configure the East Subnet................................................................216
13.7.6 Connect the Subnets to the IP Cloud.............................................217
13.8 Choose the Statistics.........................................................................................217
13.9 Configure the Simulation.................................................................................218
13.10 Duplicate the Scenario..............................................................................219
13.11 Run the Simulation....................................................................................219
13.12 View the Results.........................................................................................220
13.13 Questions ....................................................................................................222
LAB 14..............................................................................................................................224
ASSIGHNMENT...........................................................................................................224

Page


L AB 1
GETTING START
1. Objectives:
Lab structure orientation.
Introduction to IP addressing.
Listing various software packages that ought to be used in this course.
1.2 General Lab Description:
1.2.1 Structure of the lab
Our lab is made up of five networks [LAN A, B, C, D, & E]. Each network is made up of
the following:
Rack consists of Cisco 2600 Router, 3Com 3300 [Superstack 3] Switch and 3Com hub.
4 PCs: Each having two operating systems [Windows 2003, Fedora Linux] and two
network cards per PC.
1. All the five networks are interconnected and can be used using the patch panel.
2. We use private IP addresses [IPs that are used when we are not connected to the Internet]
in our lab. All our IPs belong to Class C addresses. There are 5 Classes of IP addresses [A,
B, C, D, and E].
3. Subnet mask is used to get the Network address from an IP address. This is done by doing
binary AND operation between the IP address and the subnet mask.
4. The subnet mask we use in our lab is the default mask of Class B [255.255.0.0]. We use this
option so that we get same network address for all PCs in our lab and so, they all belong to
the same network. When we use routers, we change the subnet mask to 255.255.255.0 so
that each LAN belongs to different network.
5. A Linux Server is accessible at 192.168.230.252 and a Windows server is accessible at
192.168.230.250. These are connected to the Instructor Patch Panel.
6. Internet access is handled using Internet Sharing option at Instructor PC.


46 U
LAN A
2 U
Patch
Panel
2 U Switch
4 U Router
2 U Hub
ICS-NWLA1 ICS-NWLA2 ICS-NWLA3 ICS-NWLA4
SAMPLE LAN STRUCTURE IN ICS-NETWORK LAB
WE HAVE 5 LANS IN OUR LAB [LAN A, B, C, D & E]
RACK

Figure 1.1: LAN setup in the Lab.
1 22 21 20 19 18 17 16 15 14 13 12 11 10 9 8 7 6 5 4 3 2 24 23
ICS-NWLA1 ICS-NWLA2 ICS-NWLA3 ICS-NWLA4
1 22 21 20 19 18 17 16 15 14 13 12 11 10 9 8 7 6 5 4 3 2 24 23
ICS-NWLB1 ICS-NWLB2 ICS-NWLB3 ICS-NWLB4
1 22 21 20 19 18 17 16 15 14 13 12 11 10 9 8 7 6 5 4 3 2 24 23
ICS-NWLC1 ICS-NWLC2 ICS-NWLC3 ICS-NWLC4
1 22 21 20 19 18 17 16 15 14 13 12 11 10 9 8 7 6 5 4 3 2 24 23
ICS-NWLD1 ICS-NWLD2 ICS-NWLD3 ICS-NWLD4
1 22 21 20 19 18 17 16 15 14 13 12 11 10 9 8 7 6 5 4 3 2 24 23
ICS-NWLE1 ICS-NWLE2 ICS-NWLE3 ICS-NWLE4
1
2
2
2
1
2
0
1
9
1
8
1
7
1
6
1
5
1
4
1
3
1
2
1
1
1
0
9
8
7
6
5
4
3
2
2
4
2
3
PATCH PANEL LAN A
PATCH PANEL LAN B
PATCH PANEL LAN C
PATCH PANEL LAN D
PATCH PANEL LAN E
P
A
T
C
H

P
A
N
E
L

I
N
S
T
R
U
C
T
O
R

L
A
N
OVERALL LAYOUT OF ICS NETWORK LAB

Figure 1.2: Overall layout of ICS Network Lab



1.2.2 Network Cable
There are many types of network cables used in the real-world applications. Some of
them are given below:
1. Unshielded twisted pair: As the name indicates, the wires are twisted with one another
and there is no shield.

Figure 1.3: Unshielded twisted pair cable.
2. Shielded twisted pair: Shield with twisted pair.



Figure 1.4: Shielded twisted pair cable.






















3. Coaxial cable: Similar to our cable TV cables.


Figure 1.5: Coaxial Cable.

1.3 Introduction to network device:
1.3.1 3Com Switch 3300
The SuperStack 3 Switch 3300 connects existing 10Mbps devices, connects high-
performance workgroup with a 100Mbps backbone or server connection, and connects power
users to dedicated 100Mbps ports all in one switch. In addition, as part of the 3Com
SuperStack 3 range of products, we can combine it with any SuperStack 3 system as your
network grows.
The switch has the following hardware features:
1) There are 24 Fast Ethernet auto-negotiating 10Base-T/100Base-TX ports.
2) Matrix port for connecting units in the Switch 1100/3300 family to form a
stack.
3) Connect two units back-to-back using a single Matrix Cable
4) Connected up to four units using Matrix Cables linked to a Matrix Module.
5) Slot for an Expansion Module
6) SuperStack 3 architecture
7) Connects to Redundant Power System/Uninterruptible Power System
8) 19-inch rack or stand-alone mounting.



The front view of 3Com switch along with various LED information is provided
below:
10BASE-T / 100BASE-TX Ports
Port Status LEDs
Packet: Yellow Packets are being transmitted/
received on the port
Packet: Off No packets are being transmitted/
received on the port
Status: Green Enabled, link OK
Status: Flashing Green Disabled, link OK
Status: Off No link
Power/Self Test LED
Green: Powered up
Green flashing: Either downloading or initializing
Yellow: Failed its POST
Off: Without Power
Unit LEDs
Green: Position of the
switch in the stack
Off: Stand-alone
Expansion Module Port Status LEDs
Packet: Yellow Packet is on expansion
module port(s)
Off: No packet
Status: Yellow Valid expansion module is
installed
Yellow flashing: Unrecognized expansion
module installed
Off: No expansion module

Figure 1.6: Front view of 3COM switch.
1.3.2 Cisco 2600 routers
The routers used in our lab are Cisco 2600. The front view of router has LEDs, that
indicates the following:
1. Power: Indicates the router's operating status. Comes on when power is supplied to
the router and the router is operational.
2. RPS [Redundant Power System]: OffNo RPS is attached; OnRPS is attached
and operational; BlinkingRPS is attached, but has a failure.
3. Activity: OffIn the Cisco IOS software, but no network activity; Blink (500 ms
ON, 500 ms OFF)In ROMMON, no errors; Blink (500 ms ON, 500 ms OFF, 2
seconds between codes)In ROMMON, error detected; Blink (less than 500
ms)In the Cisco IOS software, the blink rate reflects the level of activity.

The back view of our router: The router has serial and fast Ethernet ports. These ports
are mostly used for data transfer. It has console and auxiliary ports, which are used for
management purposes.



1.3.3 Cable connection for network devices
Students will be given a demonstration on various network devices like: Network
Interface Cards [NIC], BNC-Connectors, RJ45, etc. Students will be provided a tutorial about
various connectivity issues.
13.3.4 Straight through cable
Here, the connections are same on both the ends the cable. This type of cable is used
when we connect dissimilar devices [switch and router, router and hub, switch and PC, etc].
The colours of the wires and their respective pin numbers are mentioned below:
Green [Pin 1] Green [Pin 1]
White Green [Pin 2] White Green [Pin 2]
White Orange [Pin 3] White Orange [Pin 3]
Blue [Pin 4] Blue [Pin 4]
White Blue [Pin 5] White Blue [Pin 5]
Orange [Pin 6] Orange [Pin 6]
White Brown [Pin 7] White Brown [Pin 7]
Brown [Pin 8] Brown [Pin 8]







13.3.5 Cross-over cable
Here, the connections are different with a specific pattern. This type of cable is used
when we connect similar devices [router and router, switch and switch, PC and PC, etc] and
with some exceptions [switch and hub, Router and PC]. The colours of the wires and their
respective pin n*umbers are mentioned below:
Green [Pin 1] White Orange [Pin 1]
White Green [Pin 2] Orange [Pin 2]
White Orange [Pin 3] Green [Pin 3]
Blue [Pin 4] White Brown [Pin 4]
White Blue [Pin 5] Brown [Pin 5]
Orange [Pin 6] White Green [Pin 6]
White Brown [Pin 7] Blue [Pin 7]
Brown [Pin 8] White Blue [Pin 8]





13.3.6 Roll over cable
Here, the connections are made in reverse order. This type of cable is used to connect the
router/switch to the PC via console port for management purposes.














13.4 Introduction to IP addressing:
Each Network Interface Card (NIC or Network card) present in a PC is assigned one
Network address called as IP address [or Network address]. This IP address is assigned by the
administrator of the network. No two PCs can have the same IP address.
There is a burned-in address on the NIC called as Physical Address [or MAC address or
Hardware address]. The MAC address of a network card indicates the vendor of that card and a
unique serial number.

13.4.4 Rules of IPv4 addressing
1. Format of IP address
IPv4 is made up of four parts, in the pattern as w.x.y.z. Each part has 8 binary bits and
the values in decimal can range from 0 to 255.
2. IP address classes
IP addresses are divided into different classes. These classes determine the maximum number of
hosts per network ID. Only three classes are actually used for network connectivity. The following
table lists all of the address class.

IP address class
Value of the leftmost byte
Class A 1-126 [0 and 127 are not allowed]
Class B 128-191
Class C 192-223

3. Grouping of IP addresses into different classes.
a. Class A, B, C, D, E
b. Class A: first bit in w is 0 and others can be anything
i. 0.0.0.0 to 127.255.255.255
ii. First bits are used for network part and the remaining for host part.
c. Class B: First bit in w is 1 and second bit is 0.


i. 128.0.0.0 to 191.255.255.255
ii. First 16 bits for network part and remaining host part
d. Class C: first bit in w is 1, second bit in w is 1 and third bit is 0
i. 192.0.0.0 to 223.255.255.255
ii. First 24 bits for network part and last 8 bits for host part.
e. Class D: first, second, third bits in w are 1 and fourth bit is 0; used for multicast.
i. 224.0.0.0 to 247.255.255.255
f. Class E: future use or experimental purposes.
4. Default Subnet mask
it is used to identify the network part from the host part. Put binary one for the parts
that represent network part and zero for the part that represent host part.
a. Class A: 255.0.0.0
b. Class B: 255.255.0.0
c. Class C: 255.255.255.0
d. We cant have mix of 1s and 0s in subnet mask. Only consecutive 1s is followed
by consecutive 0s
5. Invalid IP address.
a. If the network part is all 0s, the address belongs to class A. But this is an invalid
ip address because for an ip address all the network or host part should not be
all 1s or all 0s.
i. 0.0.0.0 is not valid. Routers use it internally.
b. If the network part is all 1s, this address belongs to class E. But due to presence
of all 1s, it is not valid. This represent broadcast to all networks.
i. 255.255.255.255 is not valid.
c. If the host part is all 0s, this represents network address. This is not a valid ip
address.
d. If the host part is all 1s, this represents broadcast address. This is not a valid ip
address.
e. We cant use the ip address represented within private address range as part of
public ip address.
i. Class A: 10.0.0.0 to 10.255.255.255


ii. Class B: 172.16.0.0 to 172.31.255.255
iii. Class C: 192.168.0.0 to 192.168.255.255
f. 127.0.0.0 network address is used for loop-back testing. This will help you to
check the network card of your own PC [localhost].
g. The validity of the IP address is also based on the subnet mask used provided.
6. Default subnet masks for standard IP address classes
The following table lists the default subnet masks for each available class of TCP/IP
networks.
Address Class Bits for Subnet Mask Subnet Mask
Class A 11111111 00000000 00000000 00000000 255.0.0.0
Class B 11111111 11111111 00000000 00000000 255.255.0.0
Class C 11111111 11111111 11111111 00000000 255.255.255.0


Exercises:

In this exercise, you will determine the correct class for a given IP address.

Q 1 Write the address class next to each IP address.

Address Class
131.107.2.89
3.3.57.0
200.200.5.2
191.107.2.10
127.0.0.1

Q 2 Which address class (es) will allow you to have more than 1000 hosts per network?
Q 3 Which address (es) will allow only 254 hosts per network?

Part B: Identify invalid IP address: Circle the portion of the IP address that would be invalid
if it were assigned to a host, and then explain why it is invalid.

a. 131.107.256.80
b. 222.222.255.222
c. 231.200.1.1
d. 126.1.0.0


e. 0.127.4.100
f. 190.7.2.0
g. 127.1.1.1
h. 198.121.254.255
i. 255.255.255.255
13.5 Software Packages:
Throughout the whole semester, we would use the following packages:
1. Administration and Monitoring tools
2. Enhanced Ping [TJPing]
3. Ethereal
4. Network Simulator
5. OPNET IT GURU
13.6 References:
Cisco 2600 Router
http://www.cisco.com/warp/public/cc/pd/rt/2600/index.shtml

3Com Switch 3300
http://support.3com.com/infodeli/tools/switches/s_stack2/1698-5/manual.a01/chap1.htm

Microsoft Visio
http://www.microsoft.com/uk/office/visio/prodinfo/default.mspx

TJPing
http://www.dns.net/dnsrd/mark/wintools.html

Ethereal
http://www.ethereal.com/

Sniffem
http://www.sniff-em.co.uk/

NS Simulator
http://www.isi.edu/nsnam/ns/

WinGate
http://www.wingate.com



L AB 2
LAN SETUP AND MONITORING
2. Objectives
Learn to create a simple LAN with two PCs using an Ethernet hub and two
straight-through cables to connect the workstations
Learn to configure and verify the network connectivity.
Learn about various network related commands
2.1. Setting up a simple network
In this experiment, we will learn how to connect two PCs to create a simple Peer-to-
Peer network. The instructions for this lab focus on the Windows 2003 operating system. You
will share a folder on one workstation and connect to that folder from the other workstation.
This lab is divided into two exercises as follows:
Exercise: The two PCs will be connected with a hub between them [Refer Figure 1]. Using a
hub allows for more than just two workstations to be connected depending on the number of
ports on the hub. Hubs can have from 4 to 32 ports.

Figure 1. Network Connection via Hub


Tools / Preparation: The workstations should have Network Interface Cards (NIC)
installed with the proper drivers. The following resources will be required:
1. Two Pentium-based workstations with a NIC in each (NIC drivers should be available)
2. An Ethernet hub (4 or 8 port) and two CAT5 straight-wired cables.
2.1.1. Check Local Area Network Connections
Task: Verify the cables.
Explanation: You should check the cables to verify that you have good layer 1 physical
connections.
Exercise: Check each of the two CAT 5 cables from each workstation to the hub.
Verify that the pins are wired straight through by holding the two RJ-45 connectors for each
cable side by side with the clip down and inspect them. All pins should have the same color
wire on the same pin at both ends of the cable. (Pin 1 should match pin 1 and pin 8 should
match pin 8 etc.)
2.1.2. Plug in and connect the equipment
Task: Check the workstations and hub for exercise.
Exercise: Check to make sure that the NICs are installed correctly in each
workstation. Plug in the workstations and turn them on. Plug the straight through cable from
workstation 1 into port 1 of the hub and the cable from workstation 2 into port 2 of the hub.
After the workstations have booted, check the green link light on the back of each NIC and
the green lights on ports 1 and 2 of the hub to verify that the are communicating. This also
verifies a good physical connection between the Hub and the NICs in the workstations (OSI
Layers 1 and 2). If the link light is not on it usually indicates a bad cable connection, an
incorrectly wired cable or the NIC or hub may not be functioning correctly.
2.1.3. Network Adapters and Protocols
Task: Check the Network Adapter (NIC): Use the Control PanelSystemDevice
Manager utility to verify that the Network Adapter (NIC) is functioning properly for both


workstations. Double click on Network Adapters and then right click the NIC adapter in use.
Click Properties to see if the device is working properly.
Explanation: If there is a problem with the NIC or driver, the icon will show a
yellow circle with an exclamation mark in it with (possible resource conflict) or a red X
indicating a serious problem (device could cause Windows to lock up).
2.1.4. Check the TCP/IP Protocol Settings
Task: Use the Control Panel/Network Connections (or Properties in Context Menu of
My Network Places) to display Network Connections Window. Then use Properties in Context
Menu of Local Area Connection to display Local Area Connection Properties Window. Select
the TCP/IP protocol from the Configuration Tab and click on properties. Check the IP
Address and Subnet mask for both workstations on the IP Address Tab.


Figure 2.1 Network Connections Window




Figure 2.4. TCP/IP Properties Window
Explanation: The IP addresses can be set to anything as long as they are compatible and on
the same network. Record the existing settings before making any changes in case they need
to be set back (for instance, they may be DHCP clients now). For this lab, use the Class C IP
network address of 192.168.230.0 and set workstation 1 to static IP address 192.168.230.1
and set workstation 2 to 192.168.230.2. Set the default subnet mask on each workstation to
255.255.0.0. For the purpose of this lab, you can leave the Gateway and DNS Server entries
blank.
Note: The lab has been configured into 5 class C IP networks with addresses:
192.168.230.0, 192.168.231.0, 192.168.232.0, 192.168.233.0, 192.168.234.0
2.1.5. Check the TCP/IP Settings with the IPCONFIG Utility
Task: Use the ipconfig.exe command to see your TCP/IP settings on one screen. Click
on StartCommand Prompt.
Explanation: Enter ipconfig /all command to see all TCP/IP related settings for your
workstation.


1. Fill in the blanks below using the results of the IPCONFIG command from each
workstation:
Workstation 1 Name: Workstation 2 Name:
IP Address: IP Address:
Subnet Mask: Subnet Mask:
MAC (Hardware) Address: MAC (Hardware) Address:

2.1.6. Check the network connection with the Ping Utility
Task: Use the Ping Command to check for basic TCP/IP connectivity. Click on
StartCommand Prompt. Enter the Ping command followed by the IP address of the other
workstation (Example - ping 192.168.230.1 or 192.168.230.2).
Explanation: This will verify that you have a good OSI Layers 1 through 3
connections.
2.2. Learn various network related commands
To know and learn about various network related commands [ping, tracert, netstat, at,
net, route, arp] and few definitions cum settings.

2.2.1. PING Command
Ping is a basic Internet program that lets you verify that a particular IP address exists
and can accept requests. The verb ping means the act of using the ping utility or command. Ping
is used diagnostically to ensure that a host computer you are trying to reach is actually
operating.

Various options available in the ping command:
-t repetitively send packets.
-n number of echo to be sent


-l sending buffer size [Max: 65500 bytes]
-f Dont fragment; If this option is provided, then the packet should not be fragmented
and should be sent as it is.
-r count record route for count hops [3rd layer device]
-j loose source route [Optionally it can follow different route].
-k strict source route [MUST follow the route specified by us].

Note: For loopback address, you can ping it and get returns even when you are offline (not
connected to any network). If you don't get any valid replies, then there's a problem with the
computer's Network settings.
Example:
In order to send a packet to a host [192.168.230.1] with size of 60000 bytes each. We wish
to send the packets repetitively.
ping -t -l 60000 192.168.230.1
In order to send a packet with a size of 1000 bytes and dont permit fragmenting.
ping -f -l 2000 192.168.230.1
In order to send a packet with a size of 1000 bytes and permit fragmenting.
ping -l 2000 192.168.230.1
In order to use loose route to a destination.
ping j 10.221.0.64 10.140.1.201
In order to use strict route to a destination.
ping k 10.221.0.64 10.140.1.201
This will generate destination host unreachable message because this is not the first
device that the ping will meet.
ping k 172.16.0.253 10.140.1.201
This will work fine because this is the first device that the ping will meet.
Exercises:
1. Mention the difference between fragmenting and non-fragmenting packets.
2. Test the reach ability towards a PC [192.168.230.4] with fragmenting option enabled and
limit the number of echos to 5.


2.2.2 TRACERT Command
If someone would like to know how he goes from his house to his office he could just
tell the list of the crossroads where he passes. The same way we can ask the data sent over from
your computer to the web server which way does it go, through which devices? We ask it by
using the utility called traceroute. In most computers today you can use this tool from the
command line: In UNIX machines it is called traceroute, in MS Windows machines it is called
tracert.

Various options available in the tracert command:
-d Dont resolve addresses to hostnames.
-h maximum_hops Maximum number of hops to search for target
-j host_list Loose source router along host list.
-w time-out wait timeout milliseconds for each reply.

Example:
To check the options available in tracert,
tracert
To check the trace from your PC to a server
tracert 196.1.64.1
If you dont want the names of the PC or devices on the way,
tracert d 196.1.64.1
To check the loose route trace from your PC to a server
tracert j 10.221.0.64 10.140.1.201

Exercises:
Find the route from your PC to ITC [itc.kfupm.edu.sa OR 10.140.3.171].
Find the route from your PC to a CCSE server [vlsi.ccse.kfupm.edu.sa OR 196.1.64.70]
Using the answers of the above, determine what is the first device your packet reaches
to move from our network lab.



2.2.3 PATHPING Command
This command is used as IP trace utility and so it is similar to the tracert command. It
has some extra features compared to tracert command.

PATHPING [-n] [-h max_hops] [-g host-list] [-p period] [-q num_queries] [-w timeout] [-t] [-
R] [-r] target_name

-n Don't resolve addresses to hostnames
-h max_hops Max number of hops to search
-g host-list Loose source route along host-list
-p period Wait between pings (milliseconds)
-q num_queries Number of queries per hop
-w timeout Wait timeout for each reply (milliseconds)
-T Test each hop with Layer-2 priority tags
-R Test if each hop is RSVP aware
Exercises: Do as in tracert command but provide options for setting the local source.

2.2.4 Enhanced Ping
TJPing is an excellent, widely acclaimed ping/lookup/traceroute utility for
Win95/98/Me/NT/2000/XP. It's fully configurable, multithreaded, and is very fast. All
configuration options, hosts, and interface settings are remembered from session to session.
Users can log all results to the file of their choice. A screen shot of the TJPing software is
shown below:






Exercise:
Repeat the exercises provided to you in Ping and Tracert commands [Under sections
2.1 and 2.2] and store the result in a file for further reference.

2.2.5 NETSTAT Command
This command is used to get information about the open connections on your system
(ports, protocols being used, etc.), incoming and outgoing data and also the ports of remote
systems to which you are connected.
Various options available in the netstat command:
-a Displays all connections and listening ports.
-e Displays Ethernet statistics. This may be combined with the -s option.
-n Displays addresses and port numbers in numerical form.
-p proto Shows connections for the protocol specified by proto; proto may be TCP or
UDP. If used with the -s option to display per-protocol statistics, proto may be TCP, UDP, or
IP.
-r Displays the routing table.


-s Displays per-protocol statistics. By default, statistics are shown for TCP, UDP and IP;
the -p option may be used to specify a subset of the default.

Note: always use -a so as to see UDP packets also.

Example:
To display all connections and listening ports
netstat a
To find out the statistics on your Ethernet card
netstat e
To get to know the routing table.
netstat -r
Exercise:
Open a browser connection to http server [www.kfupm.edu.sa] and write down the
outcome of the command 'netstat -an'.

2.2.6 NetStat Live
Have you ever wondered just how fast your network connection is? Not just how fast
the modem is connected at, but how much data you can actually get? Does your internet
connection sometimes seem slower than normal? NetStat Live is a small, easy to use TCP/IP
protocol monitor which can be used to see your exact throughput on both incoming and
outgoing data - whether you're using a modem, cable modem, DSL, or even local network! NSL
doesn't just stop there, it lets you see how quickly your data goes from your computer to
another computer on the internet; it even will tell you how many other computers your data
must go through to get there! NSL also graphs your CPU usage of your system!





Exercise:
Generate traffic to server [192.168.230.1] using ping command [with various packet size
options] and see how much of your outgoing interface is being used.

2.2.7 AT Command
This command is used to initiate any activity at a specific time. There are many options
in at command but we will concentrate on very few which we would use for network related
purposes.
Various options available in the at command:
/i interactive, which opens any window to show the pinging[optional]
/c indicates command.
AT [\\computername] [ [id] [/DELETE] | /DELETE [/YES]]
/every:date[,...] Runs the command on each specified day(s) of the week or month.
If date is omitted, the current day of the month is assumed.


/next:date[,...] Runs the specified command on the next occurrence of the day (for
example, next Thursday). If date is omitted, the current day of the month is assumed.
"command" Is the Windows NT command, or batch program to be run.

The at command does not automatically load cmd, the command interpreter, before running
commands. Unless you are running an executable (.EXE) file, you must explicitly load
CMD.EXE at the beginning of the command; for example, cmd /c dir > c:\test.out.

Example:
If we want to generate a ping at 13:15
at 13:15 /i cmd /c ping 192.168.232.2 -n 20
With interactive option, we dont need to give cmd for general DOS
commands.
at 13:15 /i ping 192.168.232.2 n 20
If we want to generate a ping on a specific PC
at \\ics-nwle2 13:15 /i cmd /c ping 192.168.234.245 -n 20
If we want to generate ping with specific options.
at 11:03am cmd /c ping 192.168.230.1 -t -l 3000
at 5:15pm cmd /c ping 192.168.231.1 -t -l 15000
Exercise:
A network administrator wishes to check whether the sever [192.168.230.1] present in
his vicinity is reachable, at the start of the day [8:00am]. Accomplish this task using at
command.
2.2.8 NET Command
This command is used at the command prompt to display and control various network
related activities. We would refer to only to a small set of the options available.
Various options available in the net command:
net name name of the PC
net share details about shared resources
net start to start a service.


net stop to stop a service.
net use used to map a drive to the network path.
Example:
To create a share called "shared" for the "c:\ics432" directory
net share shared=c:\ics432
The computer would map the Z: drive to the network path //192.168.230.1/ics432
where c:\ics432 is already shared using the sharename shared.
net use z: \\192.168.230.1\shared
To delete the mapped drive
net use z: /DELETE
To remove the sharing option
net share shared /DELETE
To send a text message to the computer with a host name of "ics-nwla1". If you receive
an error, Start Control Panel Administrative Tools Services. Make Messenger
service automatic. Click the Start Service button.
net send ics-nwla1 "ICS-NWLA1: A test message"
To know the computer names that your computer can be sent messages TO
net name
To know about more options in net share command.[Similar applies to other options
also]
net share /?
Exercise:
Provide the command to create a share called "ics-network" for the "c:\ics432"
directory
2.2.9 ROUTE Command
This command manipulates network routing tables.
ROUTE [-f] [command [destination] [MASK netmask] [gateway]]
Various options available in the ROUTE command:


-f Clears the routing tables of all gateway entries. If this is used in conjunction with one of
the commands, the tables are cleared prior to running the command.
Command Specifies one of four commands
PRINT Prints a route
ADD Adds a route
DELETE Deletes a route
CHANGE Modifies an existing route

Destination Specifies the host to send command.
MASK If the MASK keyword is present, the next parameter is interpreted as the netmask
parameter.
Netmask If provided, specifies a sub-net mask value to be associated with this route entry.
If not specified, if defaults to 255.255.255.255.
Gateway Specifies gateway.
All symbolic names used for destination or gateway is looked up in the network and
host name database files NETWORKS and HOSTS, respectively. If the command is print or
delete, wildcards may be used for the destination and gateway, or the gateway argument may be
omitted.
Example:
To display the routing table.
route PRINT
To add a route a destination
route add <destination> mask <subnetmask> <gateway> metric <number>
IF <number>
destination is the destination network or ip address [200.20.20.0].
subnetmask is the subnet mask to be used [255.255.255.0].
gateway is the next hop through which the packet goes [192.168.230.254].
number after metric indicates the metric value [3].
number after IF indicates interface number [0x2].
route add 200.20.20.0 mask 255.255.255.0 192.168.230.254 metric 3 if 0x2


Exercise:
Create a route entry in the routing table for a network 210.20.23.0 with the gateway
192.168.230.254 metric of 5.
2.2.10 ARP Command
The address resolution protocol (ARP) is a protocol used by the Internet Protocol (IP),
specifically IPv4, to map IP network addresses to the hardware addresses used by a data link
protocol. The protocol operates below the network layer as a part of the interface between the
OSI network and OSI link layer.
ARP -s inet_addr eth_addr [if_addr]
ARP -d inet_addr [if_addr]
ARP -a [inet_addr] [-N if_addr]

Various options available in the ARP command:
-a Displays current ARP entries by interrogating the current protocol data. If inet_addr is
specified, the IP and Physical addresses for only the specified computer are displayed. If more
than one network interface uses ARP, entries for each ARP table are displayed.
-d Deletes the host specified by inet_addr.
-s Adds the host and associates the Internet address inet_addr with the Physical address
eth_addr. The Physical address is given as 6 hexadecimal bytes separated by hyphens. The entry
is permanent.
eth_addr Specifies a physical address.
if_addr If present, this specifies the Internet address of the interface whose address
translation table should be modified. If not present, the first applicable interface will be
used.
Example:
To display the entries in ARP cache
arp -a
To delete an ARP entry in the cache
arp d 192.168.230.1



Exercise:
Remove all the entries in the ARP cache and then generate a PING command to a
specific PC [192.168.230.1]. Then, display all the entries in the ARP cache.

2.2.11 IPCONFIG Command
This command is used to get IP configurations present in your PC.
IPCONFIG /all Display full configuration information.
IPCONFIG /release [adapter] Release the IP address for the specified
adapter.
IPCONFIG /renew [adapter] Renew the IP address for the specified
adapter.
IPCONFIG /flushdns Purge the DNS Resolver cache. ##
IPCONFIG /registerdns Refresh all DHCP leases and re-register DNS names.
##
IPCONFIG /displaydns Display the contents of the DNS Resolver Cache. ##
IPCONFIG /showclassid adapter Display all the DHCP class IDs allowed for adapter.
##
IPCONFIG /setclassid adapter [classid] Modify the dhcp class id. ##
## works on Windows XP & 2K

Examples:
> ipconfig ... Show information.
> ipconfig /all ... Show detailed information
> ipconfig /renew ... renew all adapters
> ipconfig /renew EL* ... renew any connection that has its
name starting with EL
> ipconfig /release *Con* ... release all matching connections,
eg. "Local Area Connection 1" or
"Local Area Connection 2"



> ipconfig /setclassid "Local Area Connection" TEST
... set the DHCP class ID for the
named adapter to = TEST

Exercise: Get to know about the TCP/IP configuration on your PC using ipconfig /all.

2.2.12 NETSH Command
Configure interfaces, routing protocols, filters, routes, RRAS.

NETSH [-r router name] [-a AliasFile] [-c Context] [Command | -f ScriptFile]
context may be any of: DHCP, ip, ipx, netbeui, ras, routing, autodhcp, dnsproxy, igmp, mib,
nat, ospf, relay, rip, wins.

Under Windows XP the available contexts are: AAAA, DHCP, DIAG, IP, RAS, ROUTING,
WINS
To display a list of commands that can be used in a context, type the context name followed
by a space and a ? at the netsh> command prompt.
e.g.
netsh> routing ?

command may be any of:

/exec script_file_name Load the script file and execute commands from it.
/offline Set the current mode to offline. Changes made in this mode are
saved, but require a "commit" or "online" command to be set in
the router.
/online Set the current mode to online. Changes in this mode are
immediately reflected in the router.
/commit Commit any changes made in the offline mode to the router.
/popd Pop a context from the stack.


/pushd Push current context onto the stack.
/set mode [mode =] online | offline Set the current mode to online or offline.
/abort Discard changes made in offline mode.
/add helper DLL-name Install the helper .dll file in netsh.exe.
/delete helper .dll file name Remove the helper .dll file from Netsh.exe.
/show alias list all defined aliases.
/show helper list all top-level helpers.
/show mode show the current mode.
/alias List all aliases.
/alias [alias_name] Display the string value of the alias.
/alias [alias_name] [string1] [string2 ...] Set alias_name to the specified strings.
/unalias alias_name Delete an alias.
/dump - file name Dump or append configuration to a text file.
/bye Exit NETSH
/exit Exit NETSH
/quit Exit NETSH
/h Display help
/help Display help
/? Display help

Examples:
Enter the netsh command.
netsh
Dump all the network information as a script to the screen. Can also be sent to a file
by doing netsh dump > file.txt . This script can then be executed using the exec
command.
netsh dump
Set the "Local Area Connection" to DHCP.
set address name="Local Area Connection" source=dhcp
Set the local address to Static.


set address local static 10.0.0.9 255.0.0.0 10.0.0.1 1
View network ip configuration. Below is an example of what may be seen.
netsh interface ip show config

Exercises:
Provide the command to know the files that are needed for routing operation.
Get the information about the various interfaces present in your PC.

2.3 Reference
NetStat Live Software
http://www.analogx.com/contents/download/network/nsl.htm

NET Command
http://www.computerhope.com/nethlp.htm#04
ROUTE Command
http://www.computerhope.com/routehlp.htm












L AB 3
REMOTE ACCESS SYSTEM AND VPN
3. Objectives
Learn about Remote Access System
Configure RAS server and clients using Windows 2003
Learn about Virtual Private Networks
Configure VPN server and clients using Windows 2003
Configure a network which includes VPN with RAS

3.1 Installing and configuring RAS server
3.1.1 Installing RAS Server
1. Click StartAdministrative Tools Routing and Remote Access
2. Right-click on Server Status and select Add Server
3. Select This Computer and Click OK.



4. Select the name of the computer you are working on, which will appear under the Server
Status. Right-click and select Configure and enable Routing and Remote access
5. Routing and Remote access server setup wizard will appear. Click Next.
6. Configuration window will appear. Select Remote Access [Dialup or VPN]. Click
Next.
7. Select Dialup. Click Next.


8. Select any network card in Network Selection. Click Next. IP address assignment
window will appear.
9. Select From a specified range of addresses. Click Next.
10. Address range assignment window will appear. Click New.


11. Provide the address range as instructed by the instructor. Make sure this IP range doesnt
have the already assigned IP addresses of our lab like 192.168.243.1 to 192.168.243.10.


12. Click OK. Click Next.
13. Managing multiple remote access servers window will appear. Click No, use routing
and remote access to authenticate connection requests.
14. Click Next. Click Finish.

15. Click OK.





3.1.2 Configuring a direct serial connection
Open Control Panel.
Double-click Phone and Modem Options, click the Modems tab, and then click New.


In the Install New Modem wizard, select the Don't detect my modem; I will select it
from a list check box, and then click Next.
In Manufacturer, click Standard Modem Types.


In Models, click Communications cable between two computers, and then click Next.




Follow the remaining instructions in the Install New Modem wizard.
3.1.3 Installing and Configuring RAS client
1. Click StartControl PanelNetwork ConnectionsNew Connection Wizard.
2. Click Next.
3. Network Connection Type window appears.
4. Click on Set up an advanced connection. Click Next.
5. Advanced connection options window will appear. Select Connect directly to another
computer. Click Next.


6. Select Guest [which indicates client]. Click Next.
7. Connection Name window appears. Type the server computer name in the computer
name text box. Click Next.




8. Select a device window appears. Select Communication cable between two
computers [COM1]. Click Next.
9. Connection availability window appears. Select Anyones Use. Click Next.


10. Click Finish.
3.1.4 Dialup to the server
1. The server and the client should be connected through COM1 port. This connection is
made using roll-over cable with DB9-to-RJ45 convertor.
2. Click StartControl PanelNetwork Connections.
3. An option appears in the name of the dialup server. Click this option.
4. Connect window appears. Enter the username and password for the server PC.



5. Click Connect.
6. Now that you are connected to the server.
3.1.5 Testing the RAS Installation
1. After the client is connected to the server, the following entry appears in the server.





2. Type the ipconfig /all command on both the RAS server and the RAS client to find
out:

At the Server:



1. From where does the PPP adapter get its own IP address?
2. Why is it that the subnet mask of the PPP is 255.255.255.255?

At the Client:

IP address is assigned by the RAS server to the RAS client.




Why the subnet mask is 255.255.255.255?
Why is that the default gateway and the IP address be the same?

3. Ping from any network computer to the RAS client using:
Its static IP address.
The IP address assigned to it by the RAS server.
Its host name.
4. What responses do you obtain in each case?
5. From a RAS client, use the Internet Explorer to view the default Web page on a Web
server in the network
6. What do you notice concerning the downloading speed between the networked Web
server and the RAS client?
7. From any computer on the network, use Internet Explorer to access the Web site of a
RAS client.
8. What RAS client address did you use? And what do you notice concerning the
downloading speed between the RAS client and the networked client?


Hint: http://static_IP_address
http://hostname
http://RAS_client_IP_address
9. If two or more RAS clients are available during this lab experiment; use Internet
Explorer on one of the RAS clients to access the Web server on another RAS client.
10. What do you notice concerning the downloading speed between the two RAS clients?
3.2 Virtual Private Networks
A VPN utilizes public telecommunications networks to conduct private data
communications. Most VPN implementations use the Internet as the public infrastructure and
a variety of specialized protocols to support private communications through the Internet.
VPN follows a client and server approach. VPN clients authenticate users, encrypt data, and
otherwise manage sessions with VPN servers utilizing a technique called tunneling.
VPN clients and VPN servers are typically used in these three scenarios:
1. Remote access client connections: to support remote access to an intranet,
2. LAN-to-LAN internetworking: to support connections between multiple intranets
within the same organization, and
3. Controlled access within an intranet: to join networks between two organizations,
forming an extranet.

The main benefit of a VPN is the lower cost needed to support this technology
compared to alternatives like traditional leased lines or remote access servers. VPN servers can
also connect directly to other VPN servers. A VPN server-to-server connection extends the
intranet or extranet to span multiple networks.
3.3 Experimental Setup
In this experiment, we are going to setup a network using three PCs. One PC (PC1) is
a RAS client, which dials to the RAS server (PC2). PC1 and PC2 are connected only using
COM1. PC3 is a VPN server that is connected to PC2 using the connection the switch. The
remote node (RAS client) wanting to log into the VPN site, calls into a local RAS server
connected to the public network. The VPN client establishes a connection to the VPN server
maintained at the other site. Once the connection has been established, the remote client can


communicate with the VPN site network just as securely over the public network as if it
resided on the internal LAN itself.


Note: For setting up RAS client and server, see the first part of the lab.

3.3.1 Configuring VPN Server
In Windows 2003, this can be setup from the RRAS (Routing and Remote Access
Server) Administrative Tool.
1. Click StartAdministrative Tools Routing and Remote Access
2. Right-click on Server Status and select Add Server
3. Select This Computer and Click OK.



4. Select the name of the computer you are working on, which will appear under the
Server Status. Right-click and select Configure and enable Routing and Remote
access
5. Routing and Remote access server setup wizard will appear. Click Next.
6. Configuration window will appear. Select Remote Access [VPN]. Click Next.
7. Select Dialup. Click Next.


8. Select any network card in Network Selection. Click Next. IP address assignment
window will appear.
9. Select From a specified range of addresses. Click Next.
10. Address range assignment window will appear. Click New.




11. Provide the address range as instructed by the instructor. Make sure this IP range
doesnt have the already assigned IP addresses of our lab like 192.168.243.1 to
192.168.243.10.
12. Click OK. Click Next.
13. Managing multiple remote access servers window will appear. Click No, use routing
and remote access to authenticate connection requests.
14. Click Next. Click Finish.

15. Click OK.







16. The output of the ipconfig command should appear like the following.


17. Is it necessary to have more than one network card for VPN server? Justify.
18. If VPN server has two network cards, is it necessary that they both should belong to
different networks? Justify.

3.3.2 Configuring VPN Client
1. Right click the My Network Places icon and select Properties. This will bring you to the
Network Connections window that displays a list of your current network connections.


2. Double click the New Connection Wizard icon. You are faced with three options -
choose the second one, "Connect to the network at my workplace" and click Next.
Now choose the second option, "Virtual Private Network connection" and click Next.



3. Enter the name of the company or server you will be connecting to. Click Next.
4. Enter the host name or IP address of the VPN server. Hint: Entering the IP address is
recommended.




5. "Connection Availability" windows appear. "Anyone's use" will permit anyone who logs
onto the system to use the connection, whereas "My use only" will limit it's use to you
only. Choose My use only.





6. Click Next and Finish.Your new connection will be visible in the Network Connections
window.
7. Right click the new connection and select properties to open the properties window.
Here, you can configure, amongst others, the network settings and general options.
8. Select the Networking tab and in the "Type of VPN" drop down list, choose PPTP
VPN [Optional].
9. In the Options tab, you are able to configure dialing and redialing options on this page.




10. If you are using the same logon at your company network as you are for the VPN
server, then select the "Include Windows logon domain" check box.
11. Go to the security tab and verify that the screen looks like the one below.
12. If you select the General tab you can change the IP or Host Name of the VPN server
and select whether or not you want another connection to be established first before
initiating the VPN connection. For our experiment, we need to enable Dial another
connection first option with the dial-up connection we have setup towards the RAS
server [Refer RAS experiment].





13. Press OK to close the window and return to the network connections window. If you
double click your VPN connection the logon window will appear.



14. Enter your username and password and click Connect. After the authentication process
is complete, you will be logged on to the VPN Server and two computers will appear at
the bottom right hand corner of your screen (default).


15. The output of the ipconfig command should appear like the following.


Why do we have two PPP adapters here?
Write about the route taken by the packet to go from the VPN client to the VPN
server.
3.4 Firewalls and VPN
In this lab you will set up a network where servers are accessed over the Internet by
customers who have different privileges. You will study how firewalls and VPNs can provide
security to the information in the servers while maintaining access for customers with the
appropriate privilege.
3.4.1 Create a New Project
3 Start OPNET IT Guru Academic Edition Choose New from the File menu.
4 Select Project and click OK Name the project <your initials>_VPN, and the
scenario NoFirewall Click OK.
5 Click Quit on the Startup Wizard.
6 To remove the world background map, select the View menu Background Set
Border Map Select NONE from the drop-down menu Click OK.
3.4.2 Create and Configure the Network
Initialize the Network
6. Open the Object Palette dialog box by clicking . Make sure that the internet_toolbox
item is selected from the pull-down menu on the object palette.


7. Add the following objects, from the palette, to the project workspace (see figure below for
placement): Application Config, Profile Config, an ip32_cloud, one ppp_server, three
ethernet4_slip8_gtwy routers, and two ppp_wkstn hosts.
a. To add an object from a palette, click its icon in the object palette Move your
mouse to the workspace and click where you want to place the object Rightclick
to indicate you are done creating objects of this type.
b. Note: The ppp_server and ppp_wkstn support one underlying SLIP (Serial Line
Internet rotocol) connection at a selectable data rate. PPP DS1 connects two nodes
running IP. Its data rate is 1.544 Mbps.


8. Rename the objects you added and connect them using PPP_DS1 links, as shown below:
9. Save your project.
3.4.3 Configure the Nodes
Right-click on the Applications node Edit Attributes Assign Default to the
Application Definitions attribute Click OK.
Note: Several example application configurations are available under the Default
setting. For example, "Web Browsing (Heavy HTTP1.1)" indicates a Web browsing
application performing heavy browsing using HTTP 1.1 protocol.
Right-click on the Profiles node Edit Attributes Assign Sample Profiles to the
Profile Configuration attribute Click OK.


Right-click on the Server node Edit Attributes Assign All to the Application:
Supported Services attribute Click OK.
Right-click on the Sales A node Select Similar Nodes (make sure that both Sales
A and Sales B are selected).
Right-click on the Sales A node Edit Attributes Check the Apply Changes to
Selected Objects check-box.
Expand the Application: Supported Profiles attribute Set rows to 1 Expand
the row 0 hierarchy Profile Name = Sales Person (this is one of the sample
profiles we configured in the Profiles node).
Click OK.
Save your project.

3.4.4 Choose the Statistics
Right-click anywhere in the project workspace and select Choose Individual Statistics
from the pop-up menu.
In the Choose Results dialog, check the following statistics:
Global Statistics DB Query Response Time (sec).
Global Statistics HTTP Page Response Time (seconds).
Note: DQ Query Response Time is measured from the time when the database query
application sends a request to the server to the time it receives a response packet.
HTTP Page Response Time specifies the time required to retrieve the entire page
with all the contained inline objects.
Click OK.
Right-click on the Sales A node and select Choose Individual Statistics from the pop-up
menu.
In the Choose Results dialog, check the following statistics:
Client DB Traffic Received (bytes/sec).
Client Http Traffic Received (bytes/sec).
Click OK.


Right-click on the Sales B node and select Choose Individual Statistics from the pop-up
menu.
In the Choose Results dialog, check the following statistics:
Client DB Traffic Received (bytes/sec).
Client Http Traffic Received (bytes/sec).
Click OK and then save your project.

3.5 The Firewall Scenario
In the network we just created, the Sales Person profile allows both sales sites to
access applications such as Database Access, Email, and Web Browsing from the server (check
the Profile Configuration of the Profiles node). Assume that we need to protect the database
in the server from external access, including the sales people. One way to do that is to replace
Router C with a firewall as follows:
Select Duplicate Scenario from the Scenarios menu and name it Firewall Click OK.
In the new scenario, right-click on Router C Edit Attributes.
Assign ethernet2_slip8_firewall to the model attribute.
Expand the hierarchy of the Proxy Server Information attribute Expand the row 1,
which is for the Database application, hierarchy Assign No to the Proxy Server
Deployed attribute as shown:
Note: Proxy Server Information is a table defining the configuration of the proxy servers
on the firewall. Each row indicates whether a proxy server exists for a certain application
and the amount of additional delay that will be introduced to each forwarded packet of that
application by the proxy server.



5. Click OK and then save your project.

Our Firewall configuration does not allow database-related traffic to pass through the firewall
(it filters such packets out). This way, the databases in the server are protected from external
access. Your Firewall scenario should look like the following figure.


3.6 The Firewall VPN Scenario
In the Firewall scenario, we protected the databases in the server from any external
access using a firewall router. Assume that we want to allow the people in the Sales A site to
have access to the databases in the server. Since the firewall filters all database-related traffic
regardless of the source of the traffic, we need to consider the VPN solution. A virtual tunnel


can be used by Sales A to send database requests to the server. The firewall will not filter the
traffic created by Sales A because the IP packets in the tunnel will be encapsulated inside an IP
datagram.
While you are in the Firewall scenario, select Duplicate Scenario from the Scenarios
menu and give it the name Firewall_VPN Click OK.
Remove the link between Router C and the Server.
Open the Object Palette dialog box by clicking . Make sure that the opened palette is the
one called internet_toolbox.
Add to the project workspace one ethernet4_slip8_gtwy and one IP VPN Config
(see the figure below for placement).
From the Object Palette, use two PPP_DS1 links to connect the new router to
Router C (the firewall) and to the Server, as shown below.
Close the Object Palette dialog box.
Rename the IP VPN Config object to VPN.
Rename the new router to Router D as shown:



3.6.1 Configuring the VPN
Right-click on the VPN node Edit Attributes.
Expand the VPN Configuration hierarchy Set rows to 1 Expand row 0 hierarchy
Edit the value of Tunnel Source Name and write down Router A Edit the value of
Tunnel Destination Name and write down Router D.


Expand the Remote Client List hierarchy Set rows to 1 Expand row 0 hierarchy
Edit the value of Client Node Name and write down Sales A.
Click OK and then save your project.


3.6.2 Run the Simulation
To run the simulation for the three scenarios simultaneously:
Go to the Scenarios menu Select Manage Scenarios.
Change the values under the Results column to <collect> (or <recollect>) for the three
scenarios. Keep the default value of the Sim Duration (1 hour). Compare to the following
figure.

Click OK to run the three simulations. Depending on the speed of your processor, this may
take several minutes to complete.
After the three simulation runs complete, one for each scenario, click Close Save your
project.


3.6.3 View Results
To view and analyze the results:
Select Compare Results from the Results menu.
Expand the Sales A hierarchy Expand the Client DB hierarchy Select the Traffic
Received statistic.
Change the drop-down menu in the middle-lower part of the Compare Results dialog box
from As Is to time_average as shown.

Press Show and the resulting graph should resemble the following one:

Create a graph similar to the previous one, but for Sales B:



Create two graphs similar to the previous ones to depict the Traffic Received by the Client
Http for Sales A and Sales B.





Note: Results may vary slightly due to different node placement.

Questions
From the obtained graphs, explain the effect of the firewall, as well as the configured VPN, on
the database traffic requested by Sales A and Sales B.
Compare the graphs that show the received HTTP traffic with those that show the received
database traffic.
Generate and analyze the graph(s) that show the effect of the firewall, as well as the configured
VPN, on the response time (delay) of the HTTP pages and database queries.
In the Firewall_VPN scenario we configured the VPN node so that no traffic from Sales A is
blocked by the firewall. Create a duplicate of the Firewall_VPN scenario and name the new
scenario Q4_DB_Web. In the Q4_DB_Web scenario we want to configure the network so
that:
The databases in the server can be accessed only by the people in the Sales A site.
The web sites in the server can be accessed only by the people in the Sales B site.



3.7 References
Errors with modem
http://www.modemhelp.net/dunerror/error_777.shtml
VPN
http://www.microsoft.com/windowsserver2003/technologies/networking/vpn/default.mspx
http://www.windowsnetworking.com/articles_tutorials/Client_Based_VPN_via_PPTP.html
GRE & PPTP
http://www.networksorcery.com/enp/protocol/gre.htm





















L AB 4
DYNAMIC HOST CONFIGURATION PROTOCOL DHCP
AND
NETWORK MEASUREMENT
4. Objectives
Configure Windows 2003 as a DHCP Server
Capture and analyze DHCP traffic generated
Learn about different modes of network connections using hubs
and switches
Analyze the network based on different parameters
4.1 Dynamic Host Configuration Protocol
DHCP is a client/server protocol that automatically provides an IP host with its IP
address and other related configuration information such as the subnet mask and default
gateway. RFCs 2131 and 2132 define DHCP as an Internet Engineering Task Force (IETF)
standard based on the Boot Protocol (BOOTP), with which it shares many implementation
details. DHCP allows hosts to obtain all necessary TCP/IP configuration information from a
DHCP server.
4.1.1 Configure your computer
For this lab we will make all the lab computers as hosts on their respective network.
Thus at every computer modify the network configurations as follows:
1. Setup the first computer in every network as a DHCP server and have the other
computers in the group point to it as DHCP clients. Thus computer 192.168.230.1
which will be configured as DHCP server has static IP but all the clients get IP address


from the server.
2. Make sure that the Instructor PC is not acting as a connectivity between our lab
network and the CCSE network. This is to make sure that our DHCP server does not
provide IP address to the PC present in the CCSE network.

4.1.2 Configure Windows 2003 as a DHCP Client
StartControl PanelNetwork Connections. Right-click and select Open. Select
anyone of the local area connections and click. Click Properties. Local Area connection
properties window appears. Select Internet Protocol (TCP/IP) and click Properties.
Internet Protocol (TCP/IP) Properties window appears. Select the radio button obtain an
IP address automatically.

4.1.3 Configure Windows 2003 as a DHCP Server
StartControl PanelAdd/Remove Programs. Click on Add/Remove Windows
Components.
Select Networking Services and check it. Then click Details button. Select DHCP and
Simple TCP/IP Services. Click Ok. Click Next. Click Finish.
StartAdministrative ToolsDHCP. DHCP Manager appears. Click on the computer
and right-click and select New Scope. New Scope Wizard appears. Enter the name of the


scope and its description. Enter the starting and ending IP address of the scope as instructed
by the instructor.


Click Next. If needed, add exclusion range and click Add. Click Next. On the lease
duration, click Next unless specified by the instructor.



Select Yes for DHCP configure options and Click Next. If needed specify the router [default
gateway] address and click Add. Click Next.

Click Next [for DNS server]. Click Next [for WINS server]. Select Yes for activating the
scope. Click Next. Completing the new scope wizard appears. Click Finish. DHCP window
appears.





4.1.4 Capture DHCP traffic
We will use Ethereal software to capture DHCP traffic. In order to install this software,
we need to install WinPCap software first. Then, we should install the Ethereal software. After
installation, follow these steps.
1. Run the Ethereal software. From the Capture Menu click Start. In the window that
pops up choose the appropriate network interface and Click Ok.
2. Generate DHCP traffic by using the commands ipconfig /release and ipconfig
/renew at the DHCP client. Stop the DHCP capture.




What is the transport layer protocol DHCP uses?
What is the use of port numbers 68 and 67?
Why is that the Source IP address of the DHCP Discover all 0s?
Why is that the Destination IP address of the DHCP Discover all 1s?
What is the relationship between BOOTP protocol and DHCP?
What is the use of physical address in DHCP?
Why is the Destination IP address of DHCP Offer all 1s?



Is DHCP Request a broadcast? If yes, what is the difference between DHCP Request
and DHCP Discover?
How is the server identifier filled in the Bootstrap protocol?
Does the client assign the IP address it got using DHCP Offer?


Is the DHCP ACK a broadcast? Justify.



What does DHCP Release do?
Is DCHP Release Broadcast or Unicast? Justify.
4.2 Network Measurement
4.2.1 Getting ready for measurement
In this experiment, you are going to collect data about network parameters such as:
Bytes sent/second
Bytes received/second
Bytes Total/second
Current Bandwidth
Packets sent Unicast/second
Packets sent non-unicast/second
Packets sent/second
Packets/second
These data will be recorded for different topologies to be discussed below [Section 5]:

Reference Name
A Cascaded shared hubs
B Segmented LAN


C High-Density Fast Ethernet switched workgroup
4.2.2 Creating a Real-Time Performance Monitor chart
Create a chart in Performance Monitor to display performance data real-time.
Note: For Windows 2003, you can find Network Monitor and Performance Monitor at:
Start Programs Administrative Tools Network Monitor
Start Programs Administrative Tools Performance

4.2.3 Install the Network Monitor
5 Click Start, click Control Panel.
6 Double-click Add/Remove Programs.
7 Click Add/Remove Windows Components.
8 Click Management and Monitoring Tools, and then click Details.
9 Select the Network Monitor Tools check box, and then click OK.
10 Click Next.

Note: In Windows 2003, Microsoft Network Segment is no longer available with Performance
Monitor. So, we cant use the %Network Utilization option available under Network Segment
in Windows 2003. To view %Network Utilization, we have to use Network Monitor [Select
the network interface and start capture]. As the value keeps on changing, we just view that value
there.

4.2.4 Configure the chart
Click the Start button, point to Administrative Tools, and then click Performance.
To see the Graph or Histogram or Report, you can click on the respective button available at
the graphical part of the screen.
Select on Graph. To add entries to the chart, right-click on the graphical area and select Add
Counters.
In the Performance Object box, select Network Interface.
Notice that Processor is the default object. In the Counter list, to know about an
entry, select that entry and click on Explain.


Then select the Bytes Sent/second, Bytes Received/second, Bytes Total/sec,
Current Bandwidth, Packets/second, Packets Sent/second, Packets sent
unicast/second and Packets sent non-unicast/second. We can select them at the same
time using Control key.
We have to select all the above entries for both the network cards. We can select both
the network cards in the Instances list using Control key.
Click Close.
A graph appears, displaying the real-time activities for the processor.

4.2.5 Generation of data and its representation on the chart
Starting with topology A [Refer Section 5], for each topology [A to C], we need to
generate some traffic. The implementation of this part depends on the available resources for
network traffic generation in the lab. You can just use ping or view something from the server
to generate some traffic.
Example of generating traffic: Use ping command and generate continuous [repetitive]
traffic to the server [192.168.230.1] with the packet size of 65000.
ping t l 65000 192.168.230.1

4.2.6 Summarizing performance data in a Performance Monitor report
Use reports to view data in a non-graphical format. To create a report showing the
network parameters values for the entire graph period

1. To see the Report, you can click on the report button available at the graphical part of the
screen.
2. A report with the chosen counters is displayed, showing the averages. This report shows the
values for both the network cards.
Note: You might get zero value for one network card and some values for another network
card. This will happen if one of the cards is used for data transfer.
3. Write down the Average and Maximum values of each counter in the Counter list for the
entire graph period in the tables provided in Section 6.



4.2.7 Generating Alerts
In this exercise, you will generate alerts from the collected data. To generate
performance logs and alerts:
1. On the left pane of the Performance Window, click on Performance Logs and
Alerts.
2. Select Alert. To add an alert, right-click on it.
3. You can add an alert from a file or add a new one directly.
4. To add an alert directly, click New Alert Settings
5. Enter the name for the alert in the Name text box.
6. Click on Add to add counters.
7. Select the respective Performance Object, Counter and the instance.
8. In the Performance Object list, select Network Interface and
9. In the Counter box, select Bytes Total/sec along with one interface card at the
Instances list.

10. Click Add
11. Click Close if you have selected as many alert entries you need.



12. If you have wrongly selected an entry, you can delete it by selecting the alter entry and
click Remove.
13. Select the alert entry in Counters list, Select Over at Alert when the value is. Enter
100000 as the Limit.
14. Under Action tab, you can set the alert message to be logged on a file or display a
message or run a specific program.
Select the Log an entry in the application event log option and you can view the
log using: Administrative Tools Event Viewer.
Select the Send a network message to option and provide the name of the machine
to which you want to see the alert pop-up [on your network]. Make the messenger
service is running.
15. Under Schedule tab, you can select the time period over which you want to check for
these alerts.




16. Click OK.
17. A similar approach can be followed to add Counter or Trace logs.

4.2.8 Topology Diagrams
The topologies we set in this lab are the following:

ACT ACT 10M100M 1 2 3 4
13 14 15 16
5 6 7 8
17 18 19 20
9 10 11 12
21 22 23 24
UPLINK
1 2 3 4 5 6 7 8 9 101112
131415161718192021222324 COL COL
PWR
SWITCH
19 20 21 22 23 24 13 14 15 16 17 18 7 8 9 10 11 12 1 2 3 4 5 6
43 44 45 46 47 48 37 38 39 40 41 42 31 32 33 34 35 36 25 26 27 28 29 30
ACT ACT
10M100M 1 2 3 4
13 14 15 16
5 6 7 8
17 18 19 20
9 10 11 12
21 22 23 24
UPLINK
1 2 3 4 5 6 7 8 9 101112
131415161718192021222324 COL COL
PWR
SWITCH
ACT ACT 10M100M 1 2 3 4
13 14 15 16
5 6 7 8
17 18 19 20
9 10 11 12
21 22 23 24
UPLINK
1 2 3 4 5 6 7 8 9 101112
131415161718192021222324 COL COL
PWR
SWITCH
ACT ACT
10M100M 1 2 3 4
13 14 15 16
5 6 7 8
17 18 19 20
9 10 11 12
21 22 23 24
UPLINK
1 2 3 4 5 6 7 8 9 101112
131415161718192021222324 COL COL
PWR
SWITCH
CASCADED SHARED HUBS
Server Server Client
Client Client Client
Client
Client
Hub
Hub Hub
Hub
Patch Panel





A C T A C T 10M 100M 1 2 3 4
13 14 15 16
5 6 7 8
17 18 19 20
9 10 11 12
21 22 23 24
UP L INK
1 2 3 4 5 6 7 8 9 10 1112
13141516171819202122 2324 C OL C O L
P WR
S WI TC H
19 20 21 22 23 24 13 14 15 16 17 18 7 8 9 10 11 12 1 2 3 4 5 6
43 44 45 46 47 48 37 38 39 40 41 42 31 32 33 34 35 36 25 26 27 28 29 30
A C T A C T 10M 100M 1 2 3 4
13 14 15 16
5 6 7 8
17 18 19 20
9 10 11 12
21 22 23 24
UP L IN K
1 2 3 4 5 6 7 8 9 10 1112
13141516171819202122 2324 C O L C O L
P WR
S WI TC H
A C T A C T 10M 100M 1 2 3 4
13 14 15 16
5 6 7 8
17 18 19 20
9 10 11 12
21 22 23 24
UP L I NK
1 2 3 4 5 6 7 8 9 10 1112
13141516171819202122 2324 C O L C O L
P WR
S WI TC H
A C T A C T 10M 100M 1 2 3 4
13 14 15 16
5 6 7 8
17 18 19 20
9 10 11 12
21 22 23 24
UP L I NK
1 2 3 4 5 6 7 8 9 10 1112
13141516171819202122 2324 C O L C O L
P WR
S WI TC H
S E G M E N T E D L A N
S erver
S erver
C lient
C lient
C lient C lient C lient
C lient
Hub
Hub
Hub
Hub
P atch P anel
S witch
S witch




19 20 21 22 23 24 13 14 15 16 17 18 7 8 9 10 11 12 1 2 3 4 5 6
43 44 45 46 47 48 37 38 39 40 41 42 31 32 33 34 35 36 25 26 27 28 29 30
High-Density FastEthernet Switched Workgroup
Server
Client
Client
Client
Patch Panel
Switch
COL-
ACT-
STA-
1 2 34 5 6 7 8 9101112
HS1 HS2 OK1 OK2 PS
CONSOLE
COL-
ACT-
STA-
1 2 34 5 6 7 8 9101112
HS1 HS2 OK1 OK2 PS
CONSOLE
Switch
Server
Client
Client
Client
Switch
COL-
ACT-
STA-
1 2 34 5 6 7 8 9101112
HS1 HS2 OK1 OK2 PS
CONSOLE
COL-
ACT-
STA-
1 2 34 5 6 7 8 9101112
HS1 HS2 OK1 OK2 PS
CONSOLE
Switch




4.2.9 Cascade shared hubs
PCs are connected to each other via hubs. Hubs can be connected directly or via patch
panel.
4.2.10 Segmented LAN
Clients are connected to the hub and the server is connected to the switch. Hubs are
connected to the switch.

4.2.11 High-density Fast Ethernet Switched workgroup
PCs are connected to each other via switches. Switches can be connected directly or via
patch panel.
4.2.12 Data-entry tables
The description about various network parameters is given below:
Bytes Received/sec is the rate at which bytes are received on the interface, including framing
characters.
Bytes Sent/sec is the rate at which bytes are sent on the interface, including framing
characters.
Bytes Total/sec is the rate at which bytes are sent and received on the interface, including
framing characters.
Current Bandwidth is an estimate of the interface's current bandwidth in bits per second
(BPS). For interfaces that do not vary in bandwidth or for those where no accurate estimation
can be made, this value is the nominal bandwidth.
Packets Sent Unicast/sec is the rate at which packets are requested to be transmitted to
subnet-unicast addresses by higher-level protocols. The rate includes the packets that were
discarded or not sent.
Packets Sent Non-Unicast/sec is the rate at which packets are requested to be transmitted to
non-unicast (i.e., subnet broadcast or subnet multicast) addresses by higher-level protocols. The
rate includes the packets that were discarded or not sent.
Packets Sent/sec is the rate at which packets are sent on the network interface.
Packets/sec is the rate at which packets are sent and received on the network interface.




Network parameters (Average) A B C
Bytes received/second
Bytes sent/second
Bytes Total/second
Current Bandwidth
Packets sent unicast/second
Packets sent non-unicast/second
Packets sent/second
Packets/second




Topology A
Network parameters Average Minimum Maximum
Bytes received/second


Bytes sent/second


Bytes Total/second


Current Bandwidth


Packets sent unicast/second


Packets sent non-unicast/second


Packets sent/second


Packets/second







Topology B
Network parameters Average Minimum Maximum
Bytes received/second
Bytes sent/second
Bytes Total/second
Current Bandwidth
Packets sent unicast/second
Packets sent non-unicast/second
Packets sent/second
Packets/second


Topology C

Network parameters Average Minimum Maximum
Bytes received/second
Bytes sent/second
Bytes Total/second
Current Bandwidth
Packets sent unicast/second
Packets sent non-unicast/second
Packets sent/second
Packets/second

Notes:
1. Both the switches [3Com superstack 3 switch 3300] and hubs [3Com superstack II
Hub 100 TX] in our lab supports both 10Mbps and 100Mbps.


2. The number of bytes received/second and number of bytes sent/second on the clients
will be the same because ping command generates both ICMP echo request [Bytes
sent/second] and ICMP echo reply [Bytes received/second] that carries the same data
size. The same applies to the server also because it receives the echo request [Bytes
received/second] from the client and sends echo reply [Bytes sent/second] to the client.
3. The hubs we have 3Com SuperStack II Hub 100 TX (3C250C) handles unicasts
similarly to that of switches. So, you dont find the entries at the server and the client as
the same.
3.8 Analysis
You may think that just comparing the Current Bandwidth with the Bytes/Sec proves
that the network is at full capacity. On closer inspection of the Scale, you can realize what is the
difference in scale between the Current Bandwidth and Bytes/Sec. There is one more factor;
the Current Bandwidth is in bits while the Bytes/Sec is in bytes. 1 bytes = 8 bits. When you
compute all these factors, the actual network utilization can be found. For example, if the
Bytes/Sec average is 103112.
Bytes /Sec = 103,112 bytes x 8
Bytes /Sec = 894,896 bits/Sec.
Current bandwidth = 100Mbps = 100 * 10
6
bps = 100,000,000 bits/Sec
Network Utilization = 894896/100000000 = 0.82%
One of the amazing features of an Ethernet network is that only one machine can
transmit at a time. Once the network reaches 30% capacity, pure chance means that two
machines try and end a packet at the same instant. The result is more and more collisions start
happening, this leads to re-transmissions and a slow down of network traffic.


Networks bottlenecks occur at surprisingly low levels of utilization. 40% would
normally be considered a bottleneck. The reason for getting a very low utilization value was that
there are fewer machines on network and the traffic generated by each machine is very
minimal. The more machines the greater the risk of collisions from two machines wanting to
transmit at once.
3.9 References
DHCP FAQ
http://www.dhcp-handbook.com/dhcp_faq.html
Performance Monitor
http://www.windowsnetworking.com/articles_tutorials/Windows_2003_Performance_Monito
r.html
Performance Monitor Getting Started
http://www.computerperformance.co.uk/HealthCheck/GettingStarted.htm


L AB 5
DOMAIN NAME SYSTEM
5. Objectives:
Learn the structure of the Domain Name System and the role played by Name Servers.
Configure Windows 2003 to use DNS server with various options.
Use nslookup and DIG programs to issues DNS queries and analyze the results.
Use Ethereal software to capture DNS requests and replies.
5.1 Domain Name System
5.1.1 Background Information
In the context of DNS, A Name Server is the application that is acting as the server for
the DNS protocol. A Name Server performs two primary tasks:

a) Maintains among other things the host-name to IP address mappings for the hosts in its
zone. The information is stored in a form resembling a database table (hence, the name DNS
database) with each record, known as a Resource Record (RR) consisting of five fields:
(domain name, class, type, value, ttl).

b) Responds to DNS queries. Recall that a query is basically a partial resource record (i.e. having
the domain name, class and type). The name server job is to return the corresponding matching
resource records. The name server will normally lookup his local database or its cache and if
there is no match and the domain in question happens to be external then the name server will
forward the query to some other name server and awaits some reply. The received reply is
returned to the requester and also added to local cache.

5.1.2 Configure Windows 2003 to use DNS
1. For Instructor: To make the PCs access the local Intranet, we need to setup the Instructor
PC to enable Internet sharing via the 172.16.0.0 Network card. If the instructor PC runs


Windows 2000, we need to select the appropriate network card and enable Sharing
{TCP/IP Properties menuSharing tab}. With enabled shared access, select the local
connection as the network card with 192.168.230.0 network address. Make sure that both
the network cards are enabled. If the instructor PC runs Windows 2003, then use routing
and remote access wizard.
2. Set the subnet mask as 255.255.0.0 & gateway address as 192.168.230.251 [IP address of the
instructors PC]
3. Use StartControl PanelNetwork Connections. Right Click and click Open. Click
Local Area ConnectionProperties. Select Internet Protocol(TCP/IP) and click
Properties. TCP/IP Window appears and set DNS Server to 172.16.0.1.
Optionally you can configure some suffixes [under TCP/IP Properties Advanced.
Select DNS tab] that will be appended to partial domain names (i.e. ones not ending with
"."). It is suggested that you add the following suffixes:
ccse.kfupm.edu.sa
kfupm.edu.sa
pc.ccse.kfupm.edu.sa



4. With the above setup the network of our lab will appear as below:



19 20 21 22 23 24 13 14 15 16 17 18 7 8 9 10 11 12 1 2 3 4 5 6
43 44 45 46 47 48 37 38 39 40 41 42 31 32 33 34 35 36 25 26 27 28 29 30
19 20 21 22 23 24 13 14 15 16 17 18 7 8 9 10 11 12 1 2 3 4 5 6
43 44 45 46 47 48 37 38 39 40 41 42 31 32 33 34 35 36 25 26 27 28 29 30
19 20 21 22 23 24 13 14 15 16 17 18 7 8 9 10 11 12 1 2 3 4 5 6
43 44 45 46 47 48 37 38 39 40 41 42 31 32 33 34 35 36 25 26 27 28 29 30
192.168.230.1 &
192.168.230.5
SM: 255.255.0.0
GW: 192.168.230.251
ICS-NWLA1 ICS-NWLB1
192.168.231.1 &
192.168.231.5
SM: 255.255.0.0
GW: 192.168.230.251
INSTRUCTOR PC
192.168.230.251
SM: 255.255..0
172.16.20.2
SM: 255.255.0.0
Inter LAN
Inter LAN
Switch Switch
Hub
CCSE
Network


5.1.3 Execute some DNS queries using nslookup
The nslookup (abbreviation for name server lookup) program is one of the standard TCP/IP
utilities for testing DNS server configuration. Thus nslookup is simply a DNS client. In
Windows 2003, it can be executed from the command prompt by typing: nslookup <enter> as
shown below. Type nslookup at the command prompt.



As can be seen from the above figure, nslookup tries to contact the already configured DNS
server and then wait for additional commands. Type-in some host name and hit <enter>.
Nslookup returns some answer(s).





Note: nslookup assumes that the data given is a domain name and defaults to resource record
type=A and class=IN. Also note that the server identifies itself again at the start of every reply.

Issue the command help and notice the outcome.



Issue MX query [Mail Exchanger] using Set Option command as: set querytype=mx. Type some
e-mail domain.





You should find out the IP addresses for root servers. Find the IP addresses by issuing the set
command set querytype=ns and then the domain name.




Exercise:
Find out the authoritative servers for the sa domain?




Get a detailed answer using set debug



The above interaction shows that if the given domain name does not end with "."
[www.kfupm.edu.sa Without a . At the end] then nslookup tries appending the pre-
configured suffixes one at a time. Clearly, a waste of computer time!. So, the same command as
the previous step but with a . at the end.



Type exit to close the nslookup window.


5.1.4 Capturing DNS traffic using Ethereal
In this experiment you will capture the requests and replies that are generated during
nslookup session. Ethereal software is able to highlight the data that is exchanged between the
client and server during a TCP or UDP session. This is a handy feature that can be used to
trace all the message requests and their corresponding replies and is a good way to learn how
the application protocol works.

Follow the following steps:
1. To Start the EtheReal Network Monitoring Tool, Goto Start Programs EtheReal -
EtheReal. Then you will fine the following window (Left).


2. Goto Capture menu and click on Start menu item (Shown in above figure (right)). Then you
will find the following window (left).

After entering the relevant details, click ok in the window then the capturing window will
appear as shown above in (right).


3. From the command prompt executes nslookup and type: www.ccse.kfupm.edu.sa and hit
<enter>.
4. In Ethreal window hit Stop button.





5.2 Setting up for the DNS Client and DNS Server
Server and one as PC Client].
For the
l and Configure a DNS Server Using the Wizard
on Add/Remove Windows
king Services and check it. Then click Details button. Check Domain
Exercise:
How does Ethereal know that these packets are related?
Compare the queries and answers of DNS and know about the various types of DNS
entries.
From the above figures, fill the format of the DNS given below.
20 byte
IP Header
Ethernet Destination Address


This experiment can be done in pairs [One PC as DNS
DNS client, put the IP address of the DNS server as the Primary DNS Server [Under
TCP/IP Properties]. For the DNS server, assign its own IP address as the Primary DNS
Server.
5.2.1 Instal
Follow the following steps to install and configure DNS Server.
StartControl PanelAdd/Remove Programs. Click
Components
Select Networ
Ethernet Source Address
IP Source Address
EtherType
IP Destination Address
Protocol*
14 byte Ethernet
Frame Header
0800 indicate he frame
contains IP packet
2 bytes: s that t
6 bytes
6 bytes
* indicates that the packet
contains UDP message
4 bytes
4 bytes
4 bytes
Source Port
Length
DNS Request
UDP
Header+Data
Ver HL*
Frame Checksum


Name System and Simple TCP/IP services. Click OK.


Windows Component Wizard appears. Click Next. It will for Windows 2003 CD-
asked

ROM. Enter the directory C:\software\i386 [or select via Browse button] under Copy
files from. Completing the windows component wizard appears. Click Finish.
To configure the DNS server, StartAdministrative ToolsDNS. If you are
whether to start the DNS on your local computer, click Ok. If you are asked whether to
add the service, click Yes.


OTE: N If the message appears as Cannot connect to the DNS, delete the DNS server you
ne, right-click forward lookup zone and click new
have added. Go to StartAdministrative ToolsServices. Click DNS Server and click All
Tasks Start. In the DNS manager, Click ActionConnect to DNS server. If you still face
a problem, check your IP address.
To create a forward lookup zo


zone. Click Next. Select Primary Zone and then click Next.


New Zone Wizard appears. Enter the name as nwlab.ics.kfupm.edu.sa


Click Next. Zone file is shown. Click Next.

The window about Dynamic update appears. Select the Do not allow dynamic
updates radio button. Click Next.

Completing the new zone wizard appears. Click Finish.




To create a reverse lookup zone, right-click reverse lookup zone and click new zone.

Click Next. Select Primary Zone and then click Next. Click Next. Click Next. Click
Finish.


5.3 Configuring the DNS Server through Management Console
hine. From the
Contex
The left pane should show an icon corresponding to the local mac
t Menu you can choose to create Foreword Lookup or Reverse Lookup zone. Then
from the Context Menu for the zone allow you to add the appropriate type of resource records.
The Foreword Lookup zone can contain ordinary types such as SOA, A, MX, NS, HostInfo,
...etc., while the Reverse Lookup Zone contains only type PTR records.




The rightmost pane shows the various Resource Records. Double-click to view or modify the
corresponding record. The window below is obtained by double-clicking which for the SOA
record.


5.3.1 Adding a Host Address Record
Select a foreword lookup zone and from context menu select New Host (A). This
brings the following screen. Type the Name and IP address and Click Add Host to add a
host. The Create PTR record option will succeed if you have a corresponding Reverse Lookup
zone for this Foreword Lookup zone. If so then go the Reverse Lookup one and select
Refresh from the Context Menu.




Note: Make sure that you add a host entry for the local DNS server with both the network
interface card IP addresses.



In DNS Management Tool, select the Forward Lookup Zone and click on your domain
name. On the right pane, double-click the Name Server entry [under Type] and make sure
that you have the fully qualified name [which includes the name of the host along with the
domain name]. If the fully qualified name does not exist, click Edit. Choose Browse and select
the machine name on which you are running the DNS server. Repeat the procedure for
Reverse Lookup Zone.




5.3.2 Location of DNS data in Windows 2003
As shown below, the data for a zone is kept as a text file in Windows \ System32
\dns.
Note: To ensure that the file is up-to-date choose Update Server Data File from the Context
Menu for the zone.





5.3.3 Testing the DNS Server configuration
As shown below, following the nslookup prompt we till nslookup to use the locally
running name server by typing: server 127.0.0.1 <enter>.To test Reverse Lookup use the
command set type=ptr then type some IP address.


Note: Both at the DNS server and clients, under TCP/IP properties, click Advanced. Select the
DNS tab and check the append these DNS suffixes and add your domain name
[nwlab.ics.kfupm.edu.sa] to it. Also enter the IP address of the DNS server as the Preferred
DNS server in the TCP/IP properties. The DNS client should have its Primary DNS server
pointing to the IP address of the DNS server you have setup.

5.4 Configuring the DNS Server to forward to other DNS Servers
In the management console [StartAdministrative ToolsDNS], point to the icon
associated with the DNS server and right-click and select properties to bring up the Window
shown below. Enter the IP address of some DNS Server that this DNS server will foreword to
(e.g. the DNS server used by CCSE 172.16.0.1). Then click the Add button.




Exercise:
Use nslookup and have it use your DNS server to lookup the IP address of some host
in CCSE [ics-saleem].

5.5 Removing the service
Follow the steps mentioned below:
1. Put back the original IP address and the subnet masks.
2. StartAdministrative ToolsServices.
3. Stop the DNS Server.
4. StartControl PanelAdd or remove programsAdd/Remove Windows
Components.
5. Remove DNS under Networking Services.
5.6 References:
ICMP
http://www.freesoft.org/CIE/Topics/81.htm
TCP
http://www.freesoft.org/CIE/Topics/83.htm


L AB 6
PART - I
HTTP AND WEB
6. Objectives
Learn the concepts of client/server applications
Setup a Web server and publish a Web site
Learn the format of HTTP requests and replies
Use Telnet to execute HTTP commands directly against a Web Server
Learn the architecture of the Web and distinguish between Web browser and server
Master the concept of a URL and distinguish between an absolute and relative URL
Learn the basics of HTML & ASP
Learn about Web Caching. This lab is designed to demonstrate the implementation of
switched local area networks. The simulation in this lab will help you examine the
performance of different implementations of LANs connected by switches and hubs.
6.1 Background Information:
Networking protocols are normally developed in layers, with each layer responsible for
a different facet of the communications. A protocol suite, such as TCP/IP, is the combination
of different protocols at various layers. TCP/IP is normally considered to be a 5-layer stack as
shown in Figure 1.
Application Telnet, FTP, Web, e-mail, etc.
Transport TCP, UDP
Network IP, ICMP, IGMP
Data Link +Physical Device driver and interface card
Figure 1. The five layers of the TCP/IP protocol suite.


6.2 Install and Examine TCP/IP services
To install some of the TCP/IP services in Windows 2003 use StartControl
PanelAdd or Remove ProgramsAdd/Remove Windows Components. This displays
the dialogs shown in the following Figure. Select Networking Services and click on Details.
Many services are found under Networking Services. Make sure that Simple TCP/IP
Services is selected. If not selected, select it and give OK. If ask for CD, click OK and then
provide the location as C:\software\i386.

To verify, stop and resume any of these service use StartAdministrative
ToolsServices, which displays the Services Window shown below.

Finally, one can use Telnet client to interact with any of these services. If Telnet is not
enabled, you can enable it using: StartAdministrative ToolsServicesTelnet; Right-


click and select Properties. Select Stratup typeAutomatic. You might need to click on
Start button or else, right-click and then select start.

For example, to access chargen (which listens on TCP port 19), type the following at the
Start Command Prompt: telnet 127.0.0.1 19
Note: Sometimes, you need to use the IP address of your PC.
Write down the command to access the Daytime service [Port number 13]. What is
the output?
6.3 Install Internet Information Services and the FTP Service
Because FTP depends on Microsoft Internet Information Services (IIS), IIS and the
FTP Service must be installed on the computer. To install IIS and the FTP Service, follow these
steps.
NOTE: In Windows Server 2003, the FTP Service is not installed by default when you install
IIS. If you already installed IIS on the computer, you must use the Add or Remove Programs
tool in Control Panel to install the FTP Service.
1. Click Start, point to Control Panel, and then click Add or Remove Programs.
2. Click Add/Remove Windows Components.


3. In the Components list, click Application Server, click Internet Information
Services (IIS) (but do not select or clear the check box), and then click Details.
4. Click to select the following check boxes (if they are not already selected):
Common Files
File Transfer Protocol (FTP) Service
Internet Information Services Manager
World Web Wide Service

5. Click to select the check boxes next to any other IIS-related service or subcomponent
that you want to install, and then click OK.
6. Click Next.
7. When you are prompted, insert the Windows Server 2003 CD-ROM into the
computer's CD-ROM drive or provide a path to the location of the files
[C:\software\i386], and then click OK.
8. Click Finish.
IIS and the FTP service are now installed. You must configure the FTP Service before you can
use it.
6.3.1 Configure the FTP Service
To configure the FTP Service to allow only anonymous connections, follow these steps:


1. Start StartAdministrative ToolsInternet Information Services Manager.
2. Expand Server_name, where Server_name is the name of the server.
3. Expand FTP Sites
4. Right-click Default FTP Site, and then right-click and select Properties.
5. Click the Security Accounts tab.
6. Click to select the Allow Anonymous Connections check box (if it is not already
selected), and then click to select the Allow only anonymous connections check box.
When you click to select the Allow only anonymous connections check box, you
configure the FTP Service to allow only anonymous connections. Users cannot log on
by using user names and passwords.
7. Click the Home Directory tab. The default home directory is c:\inetpup\ftproot.
You may change it if you wish.
8. Click to select the Read and Log visits check boxes (if they are not already selected),
and then click to clear the Write check box (if it is not already cleared).
9. Click OK.
10. Quit Internet Information Services Manager.
The FTP server is now configured to accept incoming FTP requests. Copy or move the files
that you want to make available to the FTP publishing folder for access.
6.3.2 Using FTP
Before you try to interact with your local FTP server, make sure the FTP publishing
service is running and that you have create some FTP site (i.e. published some folder through
the FTP server). One-way to do this latter step is to use the StartAdministrative
ToolsInternet Information Services Manger as shown in the Window below.



Any FTP client program can access the folder made available by FTP server. These
include character-based client such as the FTP command or GUI-based client such as CuteFTP
and IE 6.0. Using IE 6.0, you use the word ftp in place of http to access an FTP server as
shown below.


The following is a sample interaction with an FTP server using the FTP command.

C:\>ftp 127.0.0.1 [Note: Sometimes you need to use the IP address]
Connected to 192.168.230.1.
220 Microsoft FTP service
User (192.168.230.1:(none)): anonymous
Anonymous access allowed, send identity (e-mail name) as password.
Password: a@b.c
230 anonymous user logged in.
ftp> cat


Invalid command.
ftp> dir
200 PORT command successful.
150 Opening ASCII mode data connection for /bin/ls.
02-25-04 02:00PM <DIR> images
226 Transfer complete.
ftp: 258 bytes received in 0.06Seconds 4.10Kbytes/sec.
ftp> help
Commands may be abbreviated. Commands are: delete literal prompt send debug ls put
status append dir mdelete pwd trace ascii disconnect mdir quit type bell get mget
quote user binary glob mkdir recv verbose bye hash mls remotehelp cd help mput
rename close lcd open rmdir
ftp> cd images
250 CWD command successful.
ftp> dir

ftp> get index.html index.html
200 PORT command successful.
150 ASCII data connection for index.html (196.1.65.148,1209) (211 bytes).
226 ASCII Transfer complete.
ftp: 219 bytes received in 0.01Seconds 14.60Kbytes/sec.
ftp>
..
ftp> get RemoteFile LocalFile
..
ftp> put Localfile RemoteFile
ftp> quit
221 Goodbye







Capture the FTP packets using Ethereal and answer the following queries:
What is the transport layer protocol does FTP uses?
What is the port number that is used for control and data transfer in FTP?
How is the interaction between the FTP client and the FTP server when you issue the
ls command?
How is the interaction between the FTP client and the FTP server when you issue the
get command?
Is there any difference between the above two? Justify your answer.
There are many ftp user-level commands [like mget, get, ls, ]. What is their actual
equivalent in FTP? Notice that using packet capture.


7.1. Publishing a Web site:
1. To create a site on the IIS web server, Create a new directory called mysite and then right
click on this directory in the Windows Explorer and select Sharing and Security. Select
Web Sharing form the dialog and the dialog will appear as shown.

2. In the above dialog select Share this folder. You can use the suggested alias (this is the
part that will follow the host name in the URL used to access the site by the browser see
the subsequent figure. Directory browsing will work if you enable directory browsing and
there is no default document (i.e. default.htm).



3. To access the above site, launch the Browser and use any of these URLs
http://ServerName/mysite or http://ServerIPAddress/mysite
The above URLs will work from any station.
Also you can use the following URLs to access the local web server
http://127.0.0.1/mysite or http://localhost/mysite


If you are not able to access the folder, you can put an HTML file named index.htm in that
FTP folder and try to access that website. Sometimes, you need to enter the
administrator along with its password to access the website. Also sometimes, you
might need to use your IP address instead of 127.0.0.1.




Note: You need to select the directory you enabled for directory listing from
StartAdministrative ToolsInternet Information Services ManagerDefault Web Site.
Then Right-click the directory and click Properties. Select Directory
SecurityAuthentication and Access Control. Click Edit button. Then enable
Anonymous Access.




To have more control over the IIS configuration use StartAdministrative ToolsInternet
Information Services Manager.

6.5 Capturing HTTP traffic using Ethereal:
Have Ethereal software run on Station A (web client) and try to capture the HTTP
traffic data during a web session between stations A (web browser) and station B (web server).
Open the web page from the client using web browser.

As the above figure shows there are three TCP packet exchanges (three-way hand
shake used to open a TCP connection) preceding the TCP packet containing the actual GET
request. Note that HTTP data immediately follows the TCP header and is readable in the
ASCII interpretation of the hex dump (right-bottom view)
6.5.1 Examining HTTP Requests and Replies
In this task we will be using Telnet client to interact with some HTTP server. It is
suggested that we use a graphical Telnet which is available for you in the software folder on the


c-drive of your machine. Once Telnet opens a TCP connection it may not echo what you are
typing. Thus it is suggested to you turn Local Echo on from TerminalPreferences menu
option as shown below. Increase the Buffer Size to 1000. Also you can log the interaction to a
text file TerminalStart Logging.

Next, choose Connect menu option and specify an IP address of the host running
HTTP server and port 80 as shown below and then click the Connect button.



The figure below shows a sample HTTP 1.1 GET request and the server's reply.
Note: End headers with two <enter> clicks to indicate that there is no body in the request.



Exercise:
1. Web share a folder (alias test) and enable directory browsing.
2. Access it using the browser using the URL: http://127.0.0.1/test
3. Use Telnet to connect to the local http server and type: GET /
HTTP/1.0<enter><enter>.
4. Compare the html you get from browser-view source with the body part of the HTTP
reply.
6.5.2 Practice HTML tables, Styles and colors
An HTML table (<table> ... </table>) is a collection of rows. Each row (<tr> ...
</tr>) is a collection of cells a cell is enclosed in <td> ... </td>.
Note that a table cell can contain arbitrary html including img and table tags. Therefore,
HTML tables have become a key element for proper layout of a web page. In general, it best
to approach the layout of a page by having it as a table covering the entire width and height
of the pages area as:
<body>
<table width="100%" height="100%">
...
</table>
<body>
Thus the following specifies a 2-row 3-column table.


<table cellspacing="0" width="200" border="1">
<tr><td>cell 11</td><td>cell 12</td></tr>
<tr><td>cell 11</td><td>cell 12</td></tr>
</table>

This should render as:

cell 11 cell 12 cell 13
cell 21 cell 22 cell 23
Why cell borders are doubled?
When the above table is rendered in the browser you will see that a double border
surrounds each cell. This is because when use the border="1" attribute within the table tag then
each cell will be surrounded by a one pixel border.
There are two solutions to this problem.
Solution 1: Use cellspacing="1" to reveal the table's background color.
<style> td { background-color:white; } </style>
<table cellspacing="1" width="200" style="background-color:gray;" border="0">
<tr><td>cell 11</td><td>cell 12</td></tr>
<tr><td>cell 11</td><td>cell 12</td></tr>
</table>
Solution 2 (better): Use border-collapse:collapse style specification to join adjacent borders.
<table cellspacing="0" width="200" border="1"
style="border-color:gray;border-collapse:collapse;" >
<tr><td>cell 11</td><td>cell 12</td></tr>
<tr><td>cell 11</td><td>cell 12</td></tr>
</table>
Exercise:


Utilize tables, styles and color techniques you have learned so far to produce the following page.
Follow the hints given by the instructor.

6.5.3 Practice Active Server Pages ( ASP )
ASP is a program that runs inside IIS. An ASP file is just the same as an HTML file.
An ASP file can contain text, HTML, XML, and scripts. Scripts in an ASP file are executed
on the server. An ASP file has the file extension ".asp"
When a browser request an asp file, IIS passes the request to the ASP Engine which
executes the ASP file and the response is sent back to the browser as plain HTML.
Benefits of ASP
1. Dynamically edit, change or add any content of a Web page
2. Respond to user queries or data submitted from HTML forms


3. Access any data or databases and return the results to a browser
4. Customize a Web page to make it more useful for individual users
5. The advantages of using ASP instead of CGI and Perl, are those of simplicity and speed
6. Provides security since your ASP code can not be viewed from the browser
7. Since ASP files are returned as plain HTML, they can be viewed in any browser
8. Clever ASP programming can minimize the network traffic
How to execute the ASP file
1. If IIS has been already installed on you pc an Inetpub folder will be created on your hard
drive
2. Open the Inetpub folder, and find a folder named wwwroot
3. Create a new folder, like "MyWeb", under wwwroot.
4. Use a text editor to write the examples given below, save the file as ".asp" in the
"MyWeb" folder
5. Make sure your Web server is running - The installation program has added a new icon
on your task bar (this is the IIS symbol). Click on the icon and press the Start button in
the window that appears.
6. Open your browser and type in "http://localhost/MyWeb/xyz.asp", to view your first
ASP page
7. If your ASP page is not displayed go to IIS Manager. In the left-pane select Web
service extension and then on the right-pane select Active Server Pages and click the
allow button.
Examples:
Example1
<html>
<body>
<% response.write("Hello World!") %>
</body>
</html>


Example 2
<html>
<body>
<%
Dim famname(6),i
famname(1) = Abdallah"
famname(2) = Ibrahim"
famname(3) = Saeed"
famname(4) = Tharig"
famname(5) = Ismail"
famname(6) = Mohamed"
For i = 1 to 6
response.write(famname(i) & "<br />")
Next
%>
</body>
</html>

Exercise:
Write an asp program to bring the following output.



6.5.4 Web Caching
Consider a http request that just occurred -- you sent a request for a file, the server
then went and hunted for the file, and if it found it, it fetched a copy for you. Now this would
seem to be the only way for such an operation to work, but in fact it's pretty inefficient.
Imagine that at any one time there might be thousands of users all requesting the same page.
Without a cache, the ISP's server has to keep going back to the same address and getting the
document for each individual request. However, if a Web cache is used, the routine is altered
slightly.

6.5.5 Enable Content Expiration in IIS 5.0
When content expiration is enabled, the Web browser compares the current date to the
expiration date to determine whether to display a cached page or request an updated page from
the server.
To set the expiration of Web site content in IIS 5.0, follow these steps:
1. In the Internet Information Services snap-in, select the Web site, virtual directory,
directory, or file for which you want to set content expiration.
2. Right-click the Web site, virtual directory, directory, or file and select Properties.
3. On the HTTP Headers property sheet, select Enable Content Expiration.
4. Select Expire Immediately, Expire after, or Expire on and enter the appropriate
expiration information in the corresponding box.
NOTE: Typically, time-sensitive information is limited to individual files, directories, or Web
sites; however, you can also set content expiration for all Web sites on a computer through the
configuration of WWW Master Properties
6.5.6 Prevent Caching using an ASP Script
You can also prevent individual pages from being cached by adding a script to ASP files. To do
this, follow these steps:
<%
Response.Expires = 0
Response.Expiresabsolute = Now() - 1


Response.AddHeader "pragma","no-cache"
Response.AddHeader "cache-control","private"
Response.CacheControl = "no-cache"
%>

6.5.7 Remove all the services you have installed
1. Start Control Panel Add or Remove Programs Add/Remove Windows
Components
2. Deselect those services you have selected before and click Next/Ok until Finish.
3. For Telnet, you can go to StartControl PanelServices and disable it [by right-
click].
The page should be displayed, even though you have no current connection to the Internet.











P A R T I I
REMOTE DESKTOP WEB CONNECTION
Objectives:
Learn to setup remote desktop connection between a client and a server, via web.
6.6 Remote Desktop Web Connection
To install Remote Desktop Web Connection follow these steps:
1. Open Add or Remove Programs in Control Panel.
2. Click Add/Remove Windows Components.
3. Click Application Server, and then click Details.
4. Select Internet Information Services, and then click Details.
5. In the Subcomponents of Internet Information Services list, select World Wide
Web Service, and then click Details.
6. In the Subcomponents of World Wide Web Service list, click the Remote Desktop
Web Connection check box. Click OK. Click OK again, and then click OK a third
time.
7. In the Windows Components wizard, click Next.
8. Click Start Administrative Tools Internet Information Services Manager.
9. Expand the folder hierarchy until you reach the local computer name\Web
Sites\Default Web Site\tsweb folder.
10. Right-click the tsweb folder and then click Properties.
11. Click the Directory Security tab on the Properties dialog box.
12. In Anonymous access and authentication control, click Edit.
13. Check the Anonymous access check box on the Authentication Methods dialog box,
and then click OK twice.
14. Click Start Control Panel System.






15. Click on Remote tab. Select the option for Allow users to connect remotely to this
computer under Remote Desktop section. Click Ok.



16. Also, make sure RDP-TCP connection is present in Connections option under Start
Administrative Tools Terminal Services Configuration.
17. To check whether someone has connected, you can go to Start Administrative
Tools Terminal Services Manager.

Note:
1. To limit the number of connections, you can check via Start Administrative Tools
Terminal Services Configuration Connections. Select Network Adapter tab.
You can restrict the number of connections and also the network adapter through
which remote connections can be made.

2. To permit or deny remote access for specific users, Start Control Panel System
Remote Select Remote Users.



6.6.1 To connect to another computer using Remote Desktop Web Connection
1. Ensure that Remote Desktop Web Connection is installed and running on the Web
server.
2. Ensure that your client computer has an active network connection is functioning.
3. On your client computer, start Microsoft Internet Explorer.
4. In the Address box, type the Uniform Resource Locator (URL) for the home directory
of the Web server hosting Remote Desktop Web Connection.
5. The URL is "http://" followed by the IP address of your server, followed by the path
of the directory containing the Remote Desktop Web Connection files (default =
/Tsweb/). (Note the forward slash marks.) For example, if your Web server is
"192.168.230.250", in the Address box you type: http://192.168.230.250/tsweb/, and
then press ENTER. The Remote Desktop Web Connection page appears on the
screen.
6. In Server, type the IP of the remote computer to which you want to connect.

7. Optionally, specify the screen size and logon information for your connection.
8. Click Connect.
9. After you supply your username and password the Windows Server 2003 desktop
appears and you can begin to work.



6.6.2 To work like using remote keyboard and remote mouse
1. Install the VNC server at the Server.
2. Activate the options using StartProgramsVNCShow User Settings.

3. From the client use, vncviewer and access this machine.
4. Note that you will be actually working on the servers display.














7.1.4. Stream communication
The stream communication protocol is known as TCP (transfer control protocol).
Unlike UDP, TCP is a connection-oriented protocol. In order to do communication over the
L AB 7
SOCKET PROGRAMMING
7. Objectives
To learn the basics of Socket programming
To learn the difference between TCP sockets and UDP datagrams
To build a daytime C/S
To build a SMTP mail user agent using JAVA
To build a simple web server using JAVA

7.1. Background Information
7.1.1. Socket-Definition
A socket is one endpoint of a two-way communication link between two programs
running on the network. A socket is bound to a port number so that the TCP layer can identify
the application that data is destined to be sent.

7.1.2. TCP/IP and UDP/IP communications
There are two communication protocols that one can use for socket programming:
datagram communication and stream communication.

7.1.3. Datagram communication
The datagram communication protocol, known as UDP (user datagram protocol), is a
connectionless protocol, meaning that each time you send datagrams, you also need to send the
local socket descriptor and the receiving socket's address. As you can tell, additional data must
be sent each time a communication is made.


irst be established between the pair of sockets. While one of
the soc
ht help you decide which protocol you should use.
st be established before
commu

received
urs fewer overheads. It is often used in implementing client/server
applicat
lient, then you would open a
socket like this:

et
atagramSocket socket=new DatagramSocket();
TCP protocol, a connection must f
kets listens for a connection request (server), the other asks for a connection (client).
Once two sockets have been connected, they can be used to transmit data in both (or either one
of the) directions.
The selection of protocol [UDP or TCP] depends on the client/server application you
are writing. The following discussion shows the differences between the UDP and TCP
protocols; this mig
In UDP, as you have read above, every time you send a datagram, you have to send the
local descriptor and the socket address of the receiving socket along with it. Since TCP is a
connection-oriented protocol, on the other hand, a connection mu
nications between the pair of sockets start. So there is a connection setup time in TCP.
In UDP, there is a size limit of 64 kilobytes on datagrams you can send to a specified
location, while in TCP there is no limit. Once a connection is established, the pair of sockets
behaves like streams: All available data are read immediately in the same order in which they are
. UDP is an unreliable protocol and so there is no guarantee that the datagrams you
have sent will be received in the same order by the receiving socket. On the other hand, TCP is
a reliable protocol; it is guaranteed that the packets you send will be received in the order in
which they were sent.
In short, TCP is useful for implementing network services such as remote login (rlogin,
telnet) and file transfer (FTP) which require data of indefinite length to be transferred. UDP is
less complex and inc
ions in distributed systems built over local area networks.

7.1.5. Sockets using UDP connection
Creating a datagram socket: If you are programming a c
//Creating a sock
D


yte[] sendbuf = new byte[256];
56];
chine
InetAddress address = InetAddress.getByName("196.1.65.205");
String message="Hello Datagram server";
getBytes();
atagramPacket packet = new DatagramPacket(sendbuf, sendbuf.length, address,
the packet
socket.send(packet);
e
acket(receivebuf, receivebuf.length);
cket);

//create a buffer of size 256
b
byte[] receivebuf = new byte[2

//create an inet address of the server ma


//create the message

sendbuf=message.

//construct the packet
D
4445);

//send

// get respons
packet = new DatagramP
socket.receive(pa
If you are programming a server, then you would open a socket like this:
DatagramSocket socket= new DatagramSocket(4445);
w byte[256];
atagramPacket(receivebuf, receivebuf.length);
et);
//Create a socket
byte[] sendbuf = ne
byte[] receivebuf = new byte[256];
// receive request
DatagramPacket packet = new D
socket.receive(pack


ed);
t machine
InetAddress address = packet.getAddress();
int port = packet.getPort();
ess;
;
(sendbuf, sendbuf.length, address, port);
socket.send(packet);
String received = new String(packet.getData());
System.out.println(receiv

// get the address of the clien


// get the port of the client machine

dString = "Hello User from "+addr
sendbuf = dString.getBytes()
// construct the packet
packet = new DatagramPacket

//send the message


7.1.6. Sockets using TCP connection
pening a socket:
ing a client, then you would open a socket like this:
try {
ocket("Machine name", PortNumber);
(IOException e) {
O
If you are programm
Socket MyClient;
MyClient = new S
}catch
System.out.println(e);
}
Where Machine name is the machine you are trying to open a connection to, and
PortNumber is the port (a number) on which the server you are trying to connect to is running.
When selecting a port number, you should note that port numbers between 0 and 1,023 are
reserved for standard protocols, such as SMTP, FTP, and HTTP. When selecting a port
number for your server, select one that is greater than 1023.


ServerSocket MyService;
MyServerice = new ServerSocket(PortNumber);
(IOException e) {
If you are programming a server, then this is how you open a socket:
try {
}
catch
System.out.println(e);
}
When implementing a server you also need to create a socket object from the ServerSocket in
o listen for and accept connections from clients.
serviceSocket = MyService.accept();

em.out.println(e);}
order t
Socket clientSocket = null;
try {
}catch (IOException e) {
Syst

7.1.7 Creating an input stream
e, you can use the BufferedReader class to create an input stream to
ceive response from the server:
ed er(new
InputStr
putStream to receive input from the client:

On the client sid
re
Buffer Reader in = new BufferedRead
eamReader(socket.getInputStream()));
On the server side, you can use DataIn

BufferedReader in = new BufferedReader(new
InputStreamReader(socket.getInputStream()));

7.1.8 Creating an output stream
On the client side, you can create an output stream to send information to the server
socket using the class PrintWriter.


rintWriter out = new PrintWriter(socket.getOutputStream(), true);
s rintStream to send information to the client.
PrintWri
P
On the erver side, you can use the class P
ter out = new PrintWriter(socket.getOutputStream(), true);

7.1.9 Closing sockets
You should always close the output and input stream before you close the socket.
e client side:
try {
in.clos
socket.close();
(IOException e) {
System.out.println(e);
On the server side:
try {
socket.close();
(IOException e) {
System
On th
e(); in.close();
out.close();

}
catch

}
out.close();

serverSocket.close();
}
catch
.out.println(e);
}
7.2.
7.2
Examples:
.1 Handshaking of the client and the server
Download the following files.
HelloClient.java
va
elloClient.java and follow the prompt.
7.2.2 rams
files EchoClient.java and EchoServer1.java and study the
implem cket, execute and see the output.
7.2.3
a and EchoServerThread.java and study the
implem
HelloServer.ja
Execute HelloServer.java first, then execute H
Echo Client and Server Prog
Download the
entation of the so
Server handling more than one client
Download the files EchoServer.jav
entations of the socket. Now try to understand the difference in implementation of


:
sockets in these programs and those of Example 2.
7.2.4 A simple Web server
Download the Web server program in java given to you which serve web pages to the
browser and study the implementation using sockets.
7.3 Exercises
Daytime C/S program: Write a server program which sends the time of day
information to the client.
Note T nd time in the server, you can use
im
orianCalendar();
Date t=c.getTime();
7.4 lient Program
mail system is shown in the following figure. The email from the
urce is taken to the remote email server using SMTP. From the remote client, you need to use
a pull protocol like POP3 or IMAP and get the email from the respective email server.
o get the date a
port java.util.*;
Calendar c=new Greg

Writing an SMTP and POP3 C
The working of e
so



7.4.1 Setting up the
1. Go to Administrative To
POP3 Server
ols and select Add or Remove Windows Components.


2. Tick the E-Mail Services option and press details. Press OK and Next to start the
close all open windows. installation. Once this is complete,


3. ave installed the POP3 Service, you are ready to setup and configure mailboxes. After you h
Open the main window by pressing Start > Programs > Administrative Tools > POP3
Service.



4. nce that is done, the first thing you have to do is create a domain. Do this by right O
clicking the server name in the main window, select new > domain. Type the name of
your desired domain and click OK.

5. Further to this, you are now able to create a mailbox by right clicking the domain,
pressing New > Mailbox. Type the mailbox name and the password in the appropriate
boxes and press OK.




ld pop up notifying you that the
t show this message again" if you do not wish to hav
dd a mailbox.
6. A confirmation box shou mailbox was successfully added.
Select the "Do no e this box appear
everytime you a

ted is shown in the main windo
te" of the mailbox is "Unlocked" an
select "Lock", you will disable it.

7. The new mailbox you crea w. As you can see in the
following window, the "Sta d therefore available for use.
If you right click the mailbox and





7.4.2 SMTP Procedure
In order to work with SMTP server, you need to follow the following procedure:
1. Initially, you need to connect to the server via port number 25.
a. This can be done using telnet servername 25. Where servername is the IP address
of your SMTP server.
2. Issue the HELO command as
HELO domainname
3. We have to indicate from whom the email originates
MAIL FROM: <emailid@domainname>
Remember to use your email address along with the domain name.
Also, note that there is no blank space between the colon and the word FROM.
4. We have to indicate to whom the email designates
RCPT TO: <emailid@domainname>
Remember to use your email address along with the domain name.
Also, note that there is no blank space between the colon and the word TO.
5. In order to include the text data you wish to send to the recipient, DATA command as
DATA
6. Following the DATA command, you type your email text from the next line.
7. End your email contents by issuing
<CRLF>.<CRLF>
In programs, you can replace CRLF by \r\n
8. Quit the connection using the command
QUIT



This SMTP example shows mail sent by Ahmed at host mailer.ccse.kfupm.edu.sa, to Ibrahim
and Abdallah at host again in mailer.ccse.kfupm.edu.sa.
S: MAIL FROM:<ahmed@ccse.kfupm.edu.sa>
R: 250 OK
S: RCPT TO:< ibrahim@ccse.kfupm.edu.sa >
R: 250 OK
S: RCPT TO:< abdallah@ccse.kfupm.edu.sa >
R: 250 OK
S: DATA
R: 354 Start mail input; end with <CRLF>.<CRLF>
S: Blah blah blah...
S: ...etc. etc. etc.
S: <CRLF>.<CRLF>
R: 250 OK
S: QUIT
An SMTP server always listens to the port 25.
Exercise: Write the SMTP client program that can send emails from one account to another.
In order to write the SMTP client, you just need to connect to port number 25 using TCP
sockets. Then, you should issue all the commands specified above in order and receive the
reply. You can check whether your commands where successful or not by checking the
response you received from the server.
Note: You can check the receipt of your email using Start Programs Administrative
Tools POP3 Service. You can notice that the number of messages indicates the number of
emails received. To read these emails, you can use POP3.
7.4.3 Reading the email using POP3 service
1. You can read your email using telnet [POP3 runs on port number 110] as below:
telnet servername 110


USER username@domain
PASS password
LIST
RETR list-number
QUIT


2. Write a simple POP3 client that can read the emails in your mailbox and display them to
you. POP3 client program is also done similar to that of the SMTP client by connecting to
port number 110 and then issuing the POP3 commands in order.
telnet servername 110
USER username@domain
PASS password
STAT
LIST list-number
RETR list-number
QUIT
NOTE: For each command there is a reply from POP3 server. For the RETR command,
you need to read in a loop until you receive NULL because the email content might be
more than one line. The list-number given is the email sequence numbering as it appears in
the POP3 server.


L AB 8
PART - I
SIMULATION USING IT GURU
8. Objectives
To know how to determine the throughput of a shared Ethernet network under various
loads, using Simulation.
8.1. Overview:
In a shared Ethernet network, end systems are typically connected together using a
hub. The hub retransmits any incoming frames on all outgoing lines creating a single broadcast
domain for all the devices. Within this domain, the Carrier Sense Multiple Access with Collision
Detection (CSMA/CD) MAC protocol is used to determine which node may transmit at any
given time and to resolve collisions if two or more nodes transmit at the same time.
8.1.1. Build the Simulation Model
1. Since Start up OPNET IT Guru Academic Edition.
2. Select the File tab => New...
3. Choose Project and click on OK.
4. Change the Project Name to Shared_Ethernet.
5. Change the Scenario Name to Low_Load, and click on OK.
6. In the Initial Topology window, select Create Empty Scenario and click on Next.
7. In the Choose Network Scale window, select Office and click on Next.
8. In the Specify Size window, leave the parameters unchanged and click on Next.
9. In the Select Technologies window, scroll down and include the ethernet and links
model families, and click on Next.
10. In the Review window, click on OK.




First, we will build a LAN in which the workstations are connected together with an
Ethernet hub. An easy way to create a network with a large number of nodes in OPNET is to
use the Rapid Configuration tool.

1. Select the Topology tab => Rapid Configuration.
2. Set the Configuration to Star and click on OK.
3. Set the Center Node Model to ethernet16_hub. Set the Periphery Node Model to
ethernet_station. Set the Link Model to 10BaseT. Set the Number to 12, and click
on OK to create the LAN.



4. Right click on the hub (the device at the center of the star) and choose View Node
Description. This device can support up to 16 Ethernet links at 10, 100, or 1000 Mbps.
Note that the processing time within the device is considered to be zero, and that the
hub retransmits incoming frames on all outgoing lines. Click on the close window icon
to close the window.
5. Right click on the hub and select Set Name. Set the Name to Hub. Click on OK to
close the window.


6. Right click on one of the Ethernet station and choose View Node Description. This
device generates and receives Ethernet frames at configurable rates. Note that collision
detection and resolution is handled by the hub. Click on the close window icon to close
the window.
7. Now we need to set up the traffic patterns for the Ethernet stations. Right click on any
of the stations and choose Select Similar Nodes. Now, right click on one of the
stations and choose Edit Attributes. Put a check in the checkbox next to Apply
Changes to Selected Objects. Expand the Traffic Generation Parameters and
Packet Generation Arguments attributes. Set the ON State Time to
constant(1000), and the OFF State Time to constant(0). This will ensure that the
stations are always sending. Set the Interarrival Time (seconds) to
exponential(0.004) and the Packet Size (bytes) to constant (100). Click on OK to
apply the changes and close the window. Each station will now generate traffic at an
average rate of one 100 byte packet every 4 milliseconds. You can calculate the average
traffic that each node will generate from the interarrival time and the packet size.

For instance: 100 bytes/packet * 8 bits/byte * 1 packet/0.004 sec = 200 Kbps



We are now done building the LAN model





8.1.2. Configure the Simulation
1. Select the Simulation tab => Choose Individual Statistics
2. Expand the Global Statistics item, and the Ethernet item, and select the Delay (sec)
statistic.
3. Expand the Traffic Sink item and select the Traffic Received (bits/sec) statistic.
4. Expand the Traffic Source item and select the Traffic Sent (bits/sec) statistic.
5. Expand the Node Statistics item, and the Ethernet item, and select the Collision Count,
Load (bits/sec), Traffic Forwarded (bits/sec), Traffic Received (bits/sec), and
Utilization statistics. Click on OK to close window.
6. Select Simulation => Configure Discrete Event Simulation
7. Under the Common tab, modify the Duration to 20, and the unit to second(s). Click on
OK to close the window.




8.1.3. Duplicate the Scenario
Now, we will build another scenario in which each Ethernet station generates much
more traffic. This will allow us to compare the performance of the LAN under different
conditions. Choose Scenarios => Duplicate Scenario, and name the new scenario
High_Load. Click on OK to create the scenario.



Right click on any of the stations and choose Select Similar Nodes. Now, right click
on one of the stations and choose Edit Attributes. Put a check in the checkbox next to Apply


Changes to Selected Objects. Expand the Traffic Generation Parameters and Packet
Generation Arguments attributes. Set the Interarrival Time (seconds) to
exponential(0.001). Click on OK to apply the changes and close the window. Note that a
shorter interarrival time means that packets will be generated more frequently.
8.1.4. Run the Simulation
1. Select the Scenarios tab => Manage Scenarios
2. Edit the Results field in both rows and set the values to <collect> or <recollect>.
3. Click on OK to run both scenarios (one after the other). When the simulation has completed,
click on Close to close the window.


8.1.5 Inspect and Analyze Results
1. Select the Scenarios tab => Switch to Scenario and choose the Low_Load scenario. Select
the Results tab => View Results
2. Select and expand the Global Statistics item, and the Traffic Source item, and select the
Traffic Sent (bits/sec) statistic. Also expand the Traffic Sink item and select the Traffic
Received (bits/sec) statistic.
3. View all statistics in this lab exercise using As Is mode. For this level of load, the received bit
rate is approximately equal to the sent bit rate.
4. Click on the Traffic Sent (bits/sec) and Traffic Received (bits/sec) statistics again to disable
the preview. Note that you may always click on Show for a more detailed graph than the
preview provides. Click on Close to close the View Results window.




Now we will examine the same statistics for the High_Load scenario. Repeat the
previous steps including switching to the High_Load scenario, viewing results, and selecting
statistics to view. In this case, you can see that much more traffic was sent than was received.
The hub has become overloaded and cannot deliver all the traffic that it receives. Click on
Close to close the View Results window.





Now we will compare results generated by the two scenarios. Select the Results tab =>
Compare Results Select and expand the Object Statistics item, the Office Network item,
the node_0 item, and the Ethernet item. Select the Load (bits/sec) statistic and view in As Is
mode. Click on Show for a more detailed graph. This statistic shows how much traffic was
generated by this device. The measured values should approximately match the calculations we
made earlier using the configuration parameters. Again, for the Low_Load scenario, 100
bytes/packet * 8 bits/byte * 1 packet/0.004 sec = 200 Kbps load per station. You may do a
similar calculation for the High_Load scenario. Click on the close window icon and choose to
Delete the panel to close the window. Click on the Load (bits/sec) statistic again to disable
the preview.


Discrepancies between the send and receive rate can be accounted for by inspecting the
Collision Count statistic. Expand the Hub item, and the Ethernet item. Select the Collision
Count statistic. Click on Show for a more detailed graph. Some of the packets that were sent
collided and required retransmissions, reducing the throughput. This is true of both scenarios,
but the High_Load scenario experienced far more collisions. Click on the close window icon
and Delete the panel. Click on the statistic again to disable the preview.





The hubs utilization can be viewed by selecting the Utilization statistic. Click on Show
for a more detailed graph. The utilization essentially describes what percentage of the networks
capacity is being used. Since 10BaseT links were used to connect the hub to the Ethernet
stations, the capacity is 10 Mbps. You can see that the High_Load scenario traffic utilized a
great deal more of the hubs capacity than the Low_Load scenario traffic. Click on the close
window icon and Delete the panel. Click on the Utilization statistic again to disable the
preview.





Lastly, expand the Global Statistics item, and the Ethernet item, and select the Delay
(sec) statistic. Click on Show for a more detailed graph. This statistic shows the delay
experienced by all packets which have been successfully delivered. You can see that the delay is
fairly consistent in the Low-Load scenario, but that the high level of traffic causes growing
delays in the High_Load scenario. Click on the close window icon and Delete the panel. Click
on Close to close the Compare Results window.



Save your model and close all windows.
8.2 Exercises:
1. Create several duplicate scenarios and modify the interarrival times for all the
Ethernet stations to 0.0008, 0.002, 0.003, 0.005, and 0.006 respectively. Rerun the
simulation, and record the Traffic Received (bits/sec) statistic for each scenario. Find
the interarrival time for which the maximum throughput is achieved. Calculate the
offered load that corresponds to this interarrival time. Why does the throughput stop
increasing even when the load is increased further?
2. Modify the interarrival time and rerun the simulation to determine how large the
interarrival time must be in order for the number of collisions per second to become
negligible (less than 10 per second). What is the per-node load that corresponds to the
interarrival time you found?


PART -II
SWITCHED LANs
8.3 Objective
This lab is designed to demonstrate the implementation of switched local area
networks. The simulation in this lab will help you examine the performance of different
implementations of local area networks connected by switches and hubs.
8.4 Overview:
There is a limit to how many hosts can be attached to a single network and to the size
of a geographic area that a single network can serve. Computer networks use switches to enable
the communication between one host and another, even when no direct connection exists
between those hosts. A switch is a device with several inputs and outputs leading to and from
the hosts that the switch interconnects. The core job of a switch is to take packets that arrive on
an input and forward (or switch) them to the right output so that they will reach their
appropriate destination.
A key problem that a switch must deal with is the finite bandwidth of its outputs. If
packets destined for a certain output arrive at a switch and their arrival rate exceeds the capacity
of that output, then we have a problem of contention. In this case, the switch will queue, or
buffer, packets until the connection subsides. If it lasts too long, however, the switch will run
out of buffer space and be forced to discard packets. When packets are discarded too
frequently, the switch is said to be congested.
In this lab you will set up switched LANs using two different switching devices: hubs and
switches. A hub forwards the packet that arrives on any of its inputs on all the outputs
regardless of the destination of the packet. On the other hand, a switch forwards incoming
packets to one or more outputs depending on the destination(s) of the packets. You will study
how the throughput and collision of packets in a switched network are affected by the
configuration of the network and the types of switching devices that are used.


8.5 Procedure:
8.5.1 Create a New Project
1. Start the OPNET IT Guru Academic Edition Choose New from the File menu.
2. Select Project and click OK Name the project <your initials>_SwitchedLAN, and
the scenario OnlyHub Click OK.
3. In the Startup Wizard: Initial Topology dialog box, make sure that Create Empty
Scenario is selected Click Next Choose Office from the Network Scale list Click
Next three times Click OK.
4. Close the Object Palette dialog box.
8.5.2 Create the Network
To create our switched LAN:
1. Select Topology Rapid Configuration. From the drop-down menu choose Star
and click OK.
2. Click the Select Models button in the Rapid Configuration dialog box. From the Model
List drop-down menu choose ethernet and click OK.
3. In the Rapid Configuration dialog box, set the following six values: Center Node
Model = ethernet16_hub, Periphery Node Model = ethernet_station, Link
Model = 10BaseT, Number = 16, Y = 50, and Radius = 42 Click OK.
Note: The prefix ethernet16_ indicates that the device supports up to 16 Ethernet
connections. The 10BaseT link represents an Ethernet connection operating at 10 Mbps.

4. Right-click on node_16, which is the hub Edit Attributes Change the name
attribute to Hub1 and click OK.


5. Now that you have created that network, it should look like the following one.
6. Make sure to save your project.


8.5.3 Configure the Network Nodes
Here you will configure the traffic generated by the stations:
1. Right-click on any of the 16 stations (node_0 to node_15) Select Similar Nodes.
Now all stations in the network are selected.
2. Right-click on any of the 16 stations Edit Attributes.
a. Check the Apply Changes to Selected Objects check box. This is important
to avoid reconfiguring each node individually.
3. Expand the hierarchies of the Traffic Generation Parameters attribute and the
Packet Generation Arguments attribute Set the following four values: ON State
time (seconds) = exponential(100.0), OFF State time (seconds) = exponential(0.0),
Interarrival time (seconds) = exponential(0.02) and Packet Size (bytes) =
constant(1500).



4. Click OK to close the attribute editing window(s). Save your project.

8.5.4 Choose Statistics
To choose the statistics to be collected during the simulation:
1. Right-click anywhere in the project workspace and select Choose Individual Statistics
from the pop-up menu.
2. In the Choose Results dialog box, choose the following four statistics:
a. Global Statistics Ethernet Delay(sec)
b. Global Statistics Traffic Sink Traffic Received (packets/sec)
c. Global Statistics Traffic Source Traffic Sent (packets/sec)
d. Node Statistics Ethernet Collision Count.
Note: The Ethernet Delay represents the end to end delay of all packets received by all the
stations. Traffic Received (in packets/sec) by the traffic sinks across all nodes. Traffic
Sent (in packets/sec) by the traffic sources across all nodes. Collision Count is the total
number of collisions encountered by the hub during packet transmissions.



3. Click OK.

8.5.5 Configure the Simulation
Here we need to configure the duration of the simulation:
1. Click on the Configure/Run Simulation button :
2. Set the duration to be 2.0 minutes.
3. Click OK.

8.5.6 Duplicate the Scenario
The network we just created utilizes only one hub to connect the 16 stations. We need
to create another network that utilizes a switch and see how this will affect the performance of
the network. To do that we will create a duplicate of the current network:
1. Select Duplicate Scenario from the Scenarios menu and give it the name
HubAndSwitch Click OK.
2. Open the Object Palette by clicking on . Make sure that Ethernet is selected in the
pull-down menu on the object palette.
3. We need to place a hub [ethernet16_hub] and a switch [ethernet16_switch] in the
new scenario.


4. To add the Hub, click its icon in the object palette Move your mouse to the
workspace Click to drop the hub at a location you select. Right-click to indicate you
are done deploying hub objects.
5. Similarly, add the Switch.
6. Close the Object Palette.
7. Right-click on the new hub Edit Attributes Change the name attribute to Hub2
and click OK.
8. Right-click on the switch Edit Attributes Change the name attribute to Switch
and click OK.
9. Reconfigure the network of the HubAndSwitch scenario so that it looks like the
following one.
Hints:
a. To remove a link, select it and choose Cut from the Edit menu (or simply hit
the Delete key). You can select multiple links and delete all of them at once.
b. To add a new link, use the 10BaseT link available in the Object Palette.

10. Save your project.

8.5.7 Run the Simulation
To run the simulation for both scenarios simultaneously:
1. Select Manage Scenarios from the Scenarios menu.


2. Change the values under the Results column to <collect> (or <recollect>) for both
scenarios. Compare to the following figure.

3. Click OK to run the two simulations. Depending on the speed of your processor, this
may take several minutes to complete.
4. After the two simulation runs complete, one for each scenario, click Close.
5. Save your project.

8.5.8 View the Results
To view and analyse the results:
1. Select Compare Results from the Results menu.
2. Change the drop-down menu in the lower-right part of the Compare Results dialog box
from As Is to time_average, as shown.

Note: time_average is the average value over time of the values generated during the
collection window. This average is performed assuming a sample-and-hold behaviour
of the data set (i.e., each value is weighted by the amount of time separating it from the
following update and the sum of all the weighted values is divided by the width of the
collection window). For example, suppose you have a 1-second bucket in which 10


values have been generated. The first 7 values were generated between 0 and 0.3
seconds, the 8
th
value at 0.4 seconds, the 9
th
value at 0.6 seconds, and the 10
th
at 0.99
seconds. Because the last 3 values have higher durations, they are weighted more
heavily in calculating the time average.
3. Select the Traffic Sent (packets/sec) statistic and click Show. The resulting graph
should resemble the one below. As you can see, the traffic sent in both scenarios in
almost identical.

4. Select the Traffic Received (packets/sec) statistic and click Show. The resulting
graph should resemble the one below. As you see, the traffic received with the second
scenario, HubAndSwitch, is higher than that of the OnlyHub scenario.



5. Select the Delay (sec) statistic and click Show. The resulting graph should resemble
the one below. (Note: Result may vary slightly due to different node placement.)

6. Select the Collision Count statistic for Hub1 and click Show.
7. On the resulting graph right-click anywhere on the graph area Choose Add Statistic
Expand the hierarchies as show below Select the Collision Count statistic for
Hub2 Change As Is to time_average Click Add.

8. The resulting graph should resemble the one below.



9. Save your project.
8.6 Questions
1. Explain why adding a switch makes the network perform better in terms of throughput
and delay.
2. We analyzed the collision counts of the hubs. Can you analyze the collision count of the
Switch? Explain your answer.
3. Create two new scenarios. The first one is the same as the OnlyHub scenario but
replace the hub with a switch. The second new scenario is the same as the
HubAndSwitch scenario but replace both hubs and switches, remove the old switch
and connect the two switches you just added together with a 10BaseT link. Compare
the performance of the four scenarios in terms of delay, throughput, and collision
count. Analyze the results. Note: To replace a hub with a switch, right-click on the hub
and assign ethernet16_switch to its model attribute.









L AB 9
PART I
PROTOCOL ANALYZER and NETWORK DESIGN
9. Objective
Comprehend the role played by ARP protocol
Analyze the ARP request that is issued in two cases: target host is on the local
network vs. a remote network
View and modify ARP cache
Use Ethereal software to capture ARP packets using a proper user-defined packet
filter. This lab is designed to demonstrate the implementation of switched local area
networks. The simulation in this lab will help you examine the performance of
different implementations of local area networks connected by switches and hubs.
9.1 General Lab setup
Set the gateway address as 192.168.230.251 and DNS Server to 172.16.0.1.

19 20 21 22 23 24 13 14 15 16 17 18 7 8 9 10 11 12 1 2 3 4 5 6
43 44 45 46 47 48 37 38 39 40 41 42 31 32 33 34 35 36 25 26 27 28 29 30
19 20 21 22 23 24 13 14 15 16 17 18 7 8 9 10 11 12 1 2 3 4 5 6
43 44 45 46 47 48 37 38 39 40 41 42 31 32 33 34 35 36 25 26 27 28 29 30
19 20 21 22 23 24 13 14 15 16 17 18 7 8 9 10 11 12 1 2 3 4 5 6
43 44 45 46 47 48 37 38 39 40 41 42 31 32 33 34 35 36 25 26 27 28 29 30
192.168.230.1 &
192.168.230.5
SM: 255.255.0.0
GW: 192.168.230.251
ICS-NWLA1 ICS-NWLB1
192.168.231.1 &
192.168.231.5
SM: 255.255.0.0
GW: 192.168.230.251
INSTRUCTOR PC
192.168.230.251
SM: 255.255..0
172.16.20.2
SM: 255.255.0.0
Inter LAN
Inter LAN
Switch Switch
Hub
CCSE
Network



9.1.1. Capturing ARP traffic
On an Ethernet LAN, an ARP message (i.e. a request or a reply) is directly encapsulated
in an Ethernet frame with EtherType value set to (0x0806).
9.1.2. Viewing the ARP cache
Generate traffic, using the ping command. Ping to any PC within your network and
analyze the captured packets. You can view the ARP cache from Command Prompt {DOS
prompt} by using the command arp a.
At the command prompt, type the command: arp a. Do you see an entry for the machine you
just pinged? How long does this entry remain in the cache?

Exercise: Do you ever see an entry in the ARP cache for a machine outside of your network?
Why?

9.1.3. Capturing and analyzing ARP frames using Ethereal
1. To Start the EtheReal Network Monitoring Tool, Goto Start Programs
EtheReal - EtheReal. Then you will fine the following window (Left).


2. Goto Capture menu and click on Start menu item (Shown in above figure (right)).
Then you will find the following window (left).




After entering the relevant details, click ok in the window then the capturing window
will appear as shown above in (right).

3. Frame Details: To see the Frame details, click on stop on the above (right) window
and you will get the following window, which shows the details of all the frames
captured. If you double click on one (frame) line, the details related to that frame can be
seen as shown below.




4. Filters: To set the filter for displaying, in the capture menu, after clicking sta t, in the
following window, give the protocol you want to display in the place of Filter, and then
click OK Now you will get only the Frame details for ARP protocol alone since you
have set the filter to show only ARP frames.
r




Example:
Capture the outgoing and incoming packets of ARP only. To set the filter according to this
scenario, we should do the above procedure to get only ARP packets.
The following figure shows some of the ARP Broadcast frames.




Exercise:
Fill in the values marked with * below for an Ethernet frame containing an ARP Request.

The 48-bit destination address in Ethernet frame is made of all Fs. Why?

The 48-bit Target MAC address in ARP packet is all 0s. Why?

Look at the 16-bit type field along with this website
http://192.168.230.250/ics432/ethernet-numbers.htm and write about its
importance.

Find your machines Ethernet addresses and compare them with Ethernet Source
Address present in the packet. Indicate through which card, the packet has traveled.






14 byte Ethernet
Frame Header
Ethernet Destination Address *
Ethernet Source Address
EtherType*
6 bytes
6 bytes
2 bytes: 0806 indicates that the frame
contains ARP message

ARP Message* (Specify the
format)
4 bytes Frame Checksum


PART II
Objective:
The objective of this lab is to demonstrate the basics of designing a network, taking into
consideration the users, services, and locations of the hosts.
9.2 Overview
Optimizing the design of a network is a major issue. Simulations are usually used to
analyze the conceptual design of the network. The initial conceptual design is usually refined
several times until a final decision is made to implement the design. The objective is to have a
design that maximizes the network performance, taking into consideration the cost constraints
and the required services to be offered to different types of users. After the network has been
implemented, network optimization should be performed periodically throughout the lifetime
of the network to ensure maximum performance of the network and to monitor the utilization
of the network resources.
In this lab you will design a network for a company that has four departments:
Research, Engineering, E-Commerce, and Sales. You will utilize a LAN model that allows you
to simulate multiple clients and servers in one simulation object. This model dramatically
reduces both the amount of configuration work you need to perform and the amount of
memory needed to execute the simulation. You will be able to define a profile that specifies the
pattern of applications employed by the users of each department in the company. By the end
of this lab, you will be able to study how different design decisions can affect the performance
of the network.
9.3 Procedure
9.3.1 Create a New Project
1. Start OPNET IT Guru Academic Edition Choose New from the File menu.
2. Select Project and click OK Name the project <your initials>_NetDesign, and the
scenario SimpleNetwork Click OK.
3. In the Startup Wizard: Initial Topology dialog box, make sure that Create Empty Scenario is
selected Click Next Choose Campus from the Network Scale list Click Next


Choose Miles from the Size drop-down menu and assign 1 for both X Span and Y Span
Click Next twice Click OK.
9.3.2 Create and Configure the Network
Initialize the Network:
1. The Object Palette dialog box should be now on the top of your project space. If it is not
there, open it by clicking . Make sure that the internet_toolbox is selected from the
pull-down menu on the object palette.
2. Add to the project workspace the following objects from the palette: Application Config,
Profile Config, and a subnet.
a. To add an object from a palette, click its icon in the object palette Move your
mouse to the workspace Left-click to place the object. Right-click when finished.
The workspace should contain the following three objects:
Note: Application Config is used to specify applications that will be used to configure
users profiles.
Profile Config describes the activity patterns of a user or group of users in terms of the
applications used over a period of time. You must define the applications using the
Application Config object before using this object.

3. Close the Object Palette dialog box and save your project.

Configure the Services:
1. Right-click on the Application Config node Edit Attributes Change the name
attribute to Applications Change the Application Definitions attribute to Default
Click OK.
2. Right-click on the Profile Config node Edit Attributes Change the name attribute
to Profiles Change the Profile Configuration attribute to Sample Profiles Click
OK.


Note: Sample Profiles provides patterns of applications employed by users such as
engineers, researchers, salespeople, and multimedia users.

Configure a Subnet:
1. Right-click on the subnet node Edit Attributes Change the name attribute to
Engineering and click OK.
2. Double-click on the Engineering node. You get an empty workspace, indicating that the
subnet contains no objects.
3. Open the object palette and make sure it is still set to internet_toolbox.
4. Add the following items to the subnet workspace: 10BaseT LAN, ethernet16_Switch, and
a 10BaseT link to connect the LAN with the Switch Close the palette.
5. Right-click on the 10BaseT LAN node Edit Attributes Change the name attribute
to LAN Observe that the Number of Workstations attribute has a value of 10. Click
in the Value column for the Application: Supported Profiles attribute, and select Edit.
You should get a table in which you should do the following:
a. Set the number of rows to 1.
b. Set the Profile Name to Engineer. Note: Engineer is one of the sample profiles
provided within the Profile Config object.
c. Click OK twice.
The object we just created is equivalent to a 10-workstation star topology LAN. The
traffic generated from the users of this LAN resembles that generated by engineers.
6. Rename the ethernet16 Switch to Switch.
7. The subnet should look like the shown one.

8. Save your project.


9.3.3 Configure All Departments
1. Now you have completed the configuration of the Engineering department subnet. To go
back to the main project space, click the Go to the higher level button.
The subnets of the other departments in the company should be similar to the engineering
one except for the supported profiles.
2. Make three copies of the Engineering subnet we just created: Click on the Engineering
node From the Edit menu, select Copy From the Edit menu, select Paste three
times, placing the subnet in the workspace after each, to create the new subnets.
3. Rename (right-click on the subnet and select Set Name) and arrange the subnets as shown
below [Research, Sales, E-Commerce]:

4. Double-click the Research node Edit the attributes of its LAN Edit the value of the
Application: Supported Profiles attribute Change the value of the Profile Name from
Engineer to Researcher Click OK twice Go to the higher level by clicking the
button.
5. Repeat step 4 with the Sales node and assign to its Profile Name the profile Sales Person.
6. Repeat step 4 with the E-Commerce node and assign to its Profile Name the profile E-
commerce Customer.
7. Save your project.


9.3.4 Configure the Servers
Now we need to implement a subnet that contains the servers. The servers have to
support the applications defined in the profiles we deployed. You can double-check those
applications by editing the attributes of our Profile node. Inspect each row under the
Applications hierarchy, which in turn, is under the Profile Configuration hierarchy. You will
see that we need servers that support the following applications: Web browsing, Email, Telnet,
File Transfer, Database, and File Print.
1. Open the Object Palette and add a new subnet Rename the new subnet to
Servers Double-click the Servers node to enter its workspace.
2. From the Object Palette, add three ethernet_servers, one ethernet16_switch, and three
10BaseT links to connect the servers with the switch.
3. Close the Object Palette.
4. Rename the servers [Web Server, File Server, Database Server] and the switch [Server
Switch] as follows:

5. Right-click on each one of the above servers and Edit the value of the Application:
Supported Services attribute.
a. For the Web Server add four rows to support the following services: Web Browsing
(Light HTTP1.1), Web Browsing (Heavy HTTP1.1), Email (Light), and
Telnet Session (Light).


b. For the File Server add two rows to support the following services: File Transfer
(Light) and File Print (Light).
c. For the Database Server add one row to support the following service: Database
Access (Light).
6. Go back to the project space by clicking the Go to the higher level button.
7. Save your project.

9.3.5 Connect the Subnets
Now all subnets are ready to be connected together.
1. Open the Object Palette and add four 100BaseT links to connect the subnets of the
departments to the Servers subnet.
As you create each link, make sure that it is configured to connect the switches in both
subnets to each other. Do this by choosing them from the drop-down menus as follows:

2. Close the Object Palette.
3. Now your network should resemble the following one:

4. Save your project.



Choose the Statistics: To test the performance of our network we will collect one of the
many available statistics as follows:
1. Right-click anywhere in the project workspace and select Choose Individual Statistics
from the pop-up menu.
2. In the Choose Results dialog box, choose the following statistic [Global Statistics HTTP
Page Response Time (seconds)]:

Note: Page Response Time is the required time to retrieve the entire page.
3. Click OK.

9.3.6 Configure the Simulation
Here we need to configure the duration of the simulation:
1. Click on the Configure/Run Simulation button.
2. Set the duration to be 30.0 minutes.
3. Press OK.

Duplicate the Scenario: In the network we just created we assumed that there is no
background traffic already in the links. In real networks, the links usually have some existing


background traffic. We will create a duplicate of the SimpleNetwork scenario but with
background utilization in the 100BaseT links.
1. Select Duplicate Scenario from the Scenarios menu and give it the name BusyNetwork
Click OK.
2. Select all the 100BaseT links simultaneously (click on all of them while holding the Shift
key) Right-click on anyone of them Edit Attributes Check the Apply Changes
to Selected Objects check box.
3. Expand the hierarchy of the Background Utilization attribute Expand the row 0
hierarchy Assign 99 to the background utilization (%) as shown below.

Note: Link utilization is the percentage of the used link bandwidth.
4. Click OK.
5. Save your project.

Run the Simulation: To run the simulation for both scenarios simultaneously:
1. Go to the Scenarios menu Select Manage Scenarios.
2. Change the values under the Results column to <collect> (or <recollect>) for both
scenarios. Compare to the following figure.



3. Click OK to run the two simulations. Depending on the speed of your processor, this may
take several seconds to complete.
4. After the two simulation runs complete (one for each scenario), click Close.
5. Save your project.
View the Results: To view and analyze the results, follow the steps given below.
1. Select Compare Results from the Results menu.
2. Change the drop-down menu in the lower-right part of the Compare Results dialog box from
As Is to time_average as shown.

3. Select the Page Response Time (seconds) statistic and click Show. The resulting graph
should resemble the one below. (Note: Results may vary slightly due to different node
placement.)




9.3.7 Questions
1. Analyze the result we obtained regarding the HTTP page response time. Collect
four other statistics, of your choice, and rerun the simulation of the Simple and the
Busy network scenarios. Get the graphs that compare the collected statistics.
Comment on these results.
2. In the BusyNetwork scenario, study the utilization% of the CPUs in the servers
(Right-click on each server and select Choose Individual Statistics CPU
Utilization).
3. Create a new scenario as a duplicate of the BusyNetwork scenario. Name the new
scenario Q3_OneServer. Replace the three servers with only one server that
supports all required services. Study the utilization% of that servers CPU.
Compare this utilization with the three CPU utilizations you obtained in the
previous question.
4. Create a new scenario as a duplicate of the BusyNetwork scenario. Name the new
scenario Q4_FasterNetwork. In the Q4_FasterNetwork scenario, replace all
100BaseT links in the network with 10Gbps Ethernet links and replace all
10BaseT links with 100BaseT links. Study how increasing the bandwidth of the
links affects the performance of the network in the new scenario (e.g., compare the
HTTP page response time in the new scenario with that of the BusyNetwork).


L AB 1 0
SWITCHING EXPERIMENTS
10. Objectives
Learn how to configure switches.
Learn how to implement and manage VLANs.
Learn about the usage of spanning tree protocol in switches.
10.1 Connecting to the switch
1. In order to configure our switch, we need to use Hyperterminal. Make sure that the
Hyperterminal software is installed. If not, you can install the software from
C:\ics432\software\htpe63.exe.
2. Connect the COM1 port of the PC to the Console port of the switch with the following
settings:
a. As the console port of the 3Com switch is also DB9 [like COM1], we need to use
two DB9-to-RJ45 adaptors.
b. Bits per second: 2400
3. Do the following configurations via Hyperterminal.
10.2 Grouping of PCs into VLANs
The aim of this experiment is to show how to form and make their members connect
to each other.
1. Use the switch available in your LAN. Create two VLANs; namely, VLAN 100 and
VLAN 101.
2. Create VLANs.
Using browser: Configuration VLAN
Using telnet/console: bridge vlan create
You will be asked about the VLAN number, local number and the VLAN name.
Local VLAN number is the number that is applicable only within a single switch.


3. Remove all the 8 ports [1 to 8] that are used by these PCs from VLAN 1.
Using telnet/console: bridge vlan removeport 1 all
4. Add port numbers 1, 2, 5 & 6 to VLAN 100 without tagging.
Using telnet/console: bridge vlan addport 100 1 none
5. Add port numbers 3, 4, 7 & 8 to VLAN 101 without tagging.
Using telnet/console: bridge vlan addport 101 3 none
6. Test their connectivity by pinging among these PCs.
What is the result of ping, if we ping among those PCs in same VLAN?
What is the result of ping, if we ping among those PCs in different VLAN?
7. If we wish to have one port to support more than one VLAN, tagging is needed.
Using browser: Enable 802.1Q VLAN learning at Port Menu
Using telnet/console: bridge vlan addport 1 3 802.1Q
o Where 1 is the VLAN number and 3 is the port number
10.2 Enable security option of a switch port
1. Switch learns the MAC address of the packet that follows through it and maps that
MAC address with the respective port number. This mapping is stored in the switching
database. This information is used for delivery of packets to respective PC.
2. We can fix a switch port to a respective MAC address so that people can connect any
PC with this port. Fix a switch port to the MAC address that is connected to it.
a. First, you need to know the MAC address of the network card that connected
to this port using ipconfig /all. As we have two cards per PC, you might need
to disable one card and note the MAC address.
Using browser: Port Menu Security Enabled
Using telnet/console: bridge port address add
b. After setting the above, try to swap the ports [of one PC] on the switch and
check if it works. Remember, each PC has two networks and so they are
connected to two ports of the switch. Swapping them will make the port to
learn a different MAC address.


3. We can make the switch learn a MAC address and maintain it for a specific period of
time known as ageing concept.
a. Using browser: Configuration Advanced Stack Setup Ageing time (secs)
b. Using telnet/console: bridge agingtime
10.3 Create looping and break it using spanning tree
Connecting switches in the form of a loop creates rounding of packets. This will be
handled using Spanning tree protocol.
1. Connect two switches together using crossover cable. Make sure that you are able to
ping from one PC, which is connected to one switch to another PC, which is connected
to other switch.
2. Before creating the loops, generate traffic to other LANs by using ping.
a. ping t l 65500 192.168.230.1
3. Make sure all the networks are in same VLAN. Connect the switches in a loop using
two crossover wires. Remember, one wire already exists.
4. Before enable spanning tree, now note the change in the timing values in the ping
operation that you have started earlier.
5. To enable spanning tree
a. Using browser: Configuration Advanced Stack setup Spanning Tree
b. Using telnet/console: bridge stpstate enable
6. Check the ping operation now to notice that it has come back to normal state.
7. One port of the switch can handle 100Mbps. If we need more than 100Mbps for the
connectivity between the switches then we should connect more than one link between
the switches. We are forced to disable spanning tree and treat the links as one single link
with high capacity [using trunking].
a. To disable spanning tree
Using telnet/console: bridge stpstate disable
b. To create port trunk
i. Using browser: Configuration Port Trunk Move ports to the
needed port trunk
8. Check the ping operation now to notice the change.


10.5 Testing other settings
10.5.1 Auto-negotiation setup
Auto-negotiation is a method by which two connected devices can talk to each other
and negotiate about speed and mode of operation. These setups can be done on a specific port
by selecting the respective port on the switch picture that appears in the browser.
Connect two switches with a crossover wire.
a. Enable auto-negotiation at the ports that connect these switches. Note down
what is the speed and mode of the connectivity at both ends.
Switch 1: ________________________________
Switch 2: ________________________________

b. Enable auto-negotiation at one port. Fix the other end to 10Mbps and Full-
duplex mode. Note down what is the speed and mode of the connectivity at
both ends.
Switch 1: ________________________________
Switch 2: ________________________________

c. Set to different speed and mode at both these ports. Note down what is the
speed and mode of the connectivity at both ends.
Switch 1: ________________________________
Switch 2: ________________________________

d. What is the link between Auto-negotiation, Speed/Duplex, FD Flow Control
and HD Flow control?
i. If we set the duplex as HD in Switch I and FD in Switch II, the
switches can still run as they are provided the HD Flow control option
is enabled in Switch II.
Switch 1: ________________________________
Switch 2: ________________________________



ii. We cannot enable flow control when auto-negotiation is enabled. Also,
it is recommended that the flow control should be made as same for
both the switches that are connected via the specific port.
Connect a PC via Hub to the switch and note the following:
a. This specific port that connects the switch to hub becomes as HD, even if auto-
negotiation is enabled.
b. The switch-database contains many addresses learnt for the port of the switch
that is connected to the hub. To check this, we might need to ping from the
PCs that are connected to the switch via the hub.
10.5.2 Resilient Links

Resilient links are used to have backup links when the main link between two switches
goes off. This connectivity can be of two types:
a. Symmetric: Here, both the links [main and standby] are considered to be the same. If
main link goes off, the standby link comes up. If the standby link goes off, the main
link comes up. But, while the standby link is working if the main links comes up, it
will not be enabled. It has to act as standby at that time.
b. Switchback: If main link goes off, the standby link comes up. If the standby link goes
off, the main link comes up. But, while the standby link is working if the main links
comes up, the standby link will be put to standby and the main link will start to work.
Dont connect the two cables that you want to work as resilient.
Make one link as main link and the other as standby link.
Using browser: ConfigurationResilient Links Add {for main and standby
link}
We can swap the active and inactive links, click resilient link swap.

10.5.3 Changing the switching modes
Switches can operate in many modes. WE can change the modes to fast-forward or
store and forward, etc.
Set to switching operation to fast-forward or others and see its impact.


Using browser: Configuration Advanced Stack setup Select the forwarding
mode Apply.
10.5.4 Broadcast Storm Control
Broadcast Storm Control is enabled, the stack automatically creates an alarm for
each port to monitor the level of broadcast traffic on that port. If the broadcast
traffic level rises to 2976 frames per second, the broadcast traffic on the port is
blocked until the broadcast traffic level drops to 1488 frames per second.
Enable broadcast storm control using browser: Configuration Advanced Stack
setup Enable the Broadcast Storm Control

10.5.5 VLT tagging
VLT tagging is an additional option provided by 3Com switch similar to standard
802.1Q tagging. By specifying that the ports at both ends of a link use VLT tagging, you can
create a VLT tagged link that carries traffic for all of the VLANs defined on your Switch.
VLT tagging works only with 3Com switches.
We can not use VLT tagging when:
o When 802.1Q tagging is used.
o It is the main or standby port of a resilient link, and the other port does not
use VLT tagging.
o It belongs to a port trunk.
You cannot disable VLT tagging if the port is part of a resilient link pair.
In browser, under unit menu [which is the picture of the switch on the browser],
you have to select the necessary port and then enable VLT tagging.
10.6 Questions
What happens if a port is tagged with two VLANs [using 802.1Q] and that port is
connected to the hub?
a. This will not work because 802.1Q tagging can be set only on ports whose other
end also understands this tagging. Hub doesnt understand this tagging.



Can we add a port to two VLANs without tagging?
a. Two VLANs cannot be differentiated without tagging. So, to add two VLANs to a
port, we surely need tagging.
b. If we add two VLANs without tagging to a port, then the old VLAN will be
overwritten with the new VLAN.
10.7 References
3Com Switch 3300 User Guide
http://support.3com.com/infodeli/tools/switches/ss3/3300/3c16980a/index.htm

3Com Switch 3300 Management Guide
http://support.3com.com/infodeli/tools/switches/ss3/management/ug/index.htm
















L AB S 1 1 a n d 1 2
ROUTING EXPERIMENTS
13. Objectives:
10 Configure and test Windows 2003 as a router.
11 Learn how to configure CISCO 2600 Router.
12 Divide the lab network into different networks.
13 Examine and comprehend the routing table maintained by a router.
14 Modify routing table by adding dynamic routes.
15 Use Ethereal software to capture RIP packets and analyze them.
16 Use Ping and TraceRoute to test connectivity through a router.
11.1 Review of IP address
Every interface on an IP network must have a unique IP address. Every IP packet
traveling through an IP network contains a source IP address and a destination IP address.
These addresses are 32-bit numbers. An IP address actually consists of two parts: one
part identifies the network and referred to as Network ID (or simply NetID) and another part
identifies the host and referred to as HostID. How do we know the length of each part? This
information is specified through a subnet mask, which is a 32-bit value with the bits
corresponding to the NetID set to 1's and the bits corresponding to the HostID set to 0's. For
example, a subnet mask value of 255.0.0.0 specifies that the NetID is 8 bits and the HostID is
24 bits.
These 32-bit addresses are normally written as four decimal numbers, one for each byte
of the address. This is called dotted-decimal notation.
11.2 Configure the Lab as a set of networks connected by routers
Since the lab contains 5 networks, convert the first computer on each network to act as
a router between it and the next network in accordance with the figure below.



192.168.231.1 &
192.168.231.8
SM: 255.255.255.0
GW: 192.168.231.10
Switch B
192.168.230.1
SM: 255.255.255.0
ROUTER CLIENTS
192.168.230.2 &
192.168.230.8
SM: 255.255.255.0
GW: 192.168.230.1
CLIENTS
192.168.231.10
SM: 255.255.255.0
Switch A


11.2.1 Configure Windows 2003 machine as router
Configure Windows 2003 machine as router using the following:
1. StartAdministrative ToolsRouting and Remote access
2. Select Local Computer and right-click it.

3. Select Configure and Enable routing and remote access. Routing and remote
access wizard appears.
4. Click Next. Configuration Window appears. Select Custom ConfigurationNext.
Custom configuration window appears.



5. Tick LAN RoutingNext. Click Finish.

6. Click Yes to start the service.


11.2.2 Checking for connectivity
To ensure that the router is working properly, all you need is to ping a machine outside of your
network. But first to ensure that the router on your network is up, try to ping the IP addresses
associated with the router interfaces, then if that is successful, ping a machine on the remote
network
Use the commands from a computer on Network A:
1. To test the router interface which is connected to the source host.
ping 192.168.230.1
2. To test the router interface which is connected to another network.


ping 192.168.231.5
3. To ping to a computer in another network.
ping 192.168.231.2

11.3 A Quick Guide to CISCO 2600 Routers
11.3.1 Connecting to Router
There are two ways to connect to the Cisco router for the purposes of configuration
and maintenance. First, initially you will probably configure your router from a terminal.
Second, if the router is already configured and at least one port is configured with an IP
address, and it has a physical connection to the network, you might be able to telnet to the
router and configure it across the network.
If the router is not already configured, then you will have to use the first method and directly
connect to it with a terminal and a serial cable [Roll-over cable].
Plug a serial cable into a serial (COM) port on the PC and the other end into the
console port on the Cisco router.
Using a PC running Microsoft Windows, you can use HyperTerminal program found in
AccessoriesCommunications to access the router's console. If Hyperterminal is not
present, install it from the Software directory [htpe63.exe].
Start HyperTerminal, tell it which COM port to use and click OK. Set the speed of
the connection to 9600 baud and click OK. You may need to hit the Enter key to see
the prompt from the router.
Notes:
1. You need to configure the IP address for an FastEthernet interface using
Hyperterminal.
2. Connect the configured FastEthernet port to the switch so as to make sure you PC is
connected to this FastEthernet port.
3. Telnet to the IP address of the port and practice the basic commands of router.




11.3.2 Router Modes - Unprivileged and privileged modes
When you first connect to the router and provide the password (if necessary), you
enter EXEC mode, the first mode in which you can issue commands from the command-
line. From here you can use such unprivileged commands as ping, telnet, and rlogin. You
can also use some of the show commands to obtain information about the system. In
unprivileged mode you use commands like, show version to display the version of the IOS
the router is running. Type show ? to display all the show commands available in the mode
you are presently in.
Router>show ?

You must enter privileged mode to configure the router. You do this by using the
command enable. Privileged mode will usually be password protected unless the router is
unconfigured. You have the option of not password protecting privileged mode, but it is
HIGHLY recommended that you do. Issue the command enable and provide the password,
you will enter privileged mode. To help the user keep track of what mode they are in, the
command-line prompt changes each time you enter a different mode. When you switch from
unprivileged mode to privileged mode, the prompt changes from:
Router>
to
Router#
Cisco describes two modes, unprivileged and privileged, and then a hierarchy of
commands used in privileged mode. There to be many sub-modes of privileged mode, that is
called parent mode.
The command show ? will display all the show commands available in the current
mode. Do the following commands:
Router#show interfaces
Router#show ip protocols
Router#show ip route
Router#show ip arp


As you configure the router, you will enter various sub-modes to set options and then
return to the parent mode to display the results of your commands. You also return to the
parent mode to enter other sub-modes. To return to the parent mode, you hit ctrl-z. This
puts any commands you have just issued into effect, and returns you to parent mode.

11.3.3 Global configuration (config)
To configure any feature of the router, you must enter configuration mode. This is
the first sub-mode of the parent mode. In the parent mode, issue the command config
terminal.
Router#config terminal
Router(config)#

To change the name of the router, issue the hostname command.
Router(config)#hostname r1
r1(config)#

As demonstrated above, when you set the name of the host with the hostname
command, the prompt immediately changes by replacing Router with r1.

11.3.4 Configuring interfaces
To display the configuration of the interface you use the command:
r1#show interface fastethernet 0/0
r1#show interface serial 1/0

Here is an example of configuring a fastethernet port with an IP address:
r1#config
r1(config)#interface fastethernet 1/0
r1(config-if)#ip address 172.1.1.1 255.255.0.0
r1(config-if)#no shutdown
r1(config-if)#ctrl-Z
r1#



Note the no shutdown command. An interface may be correctly configured and physically
connected, yet be administratively down. In this state it will not function.
To reverse or delete the results of any command is to simply put no in front of it. For
instance, if we wanted to unassign the IP address we had assigned to interface fastethernet
1/0:
r1(config)#interface fastethernet 1/0
r1(config-if)#no ip address 172.1.1.1 255.255.0.0
r1(config-if)ctrl-Z
r1#show interface serial 1/0

11.3.5 Routing
IP routing is automatically enabled on Cisco routers. If it has been previously disabled
on your router, you turn it back on in config mode with the command ip routing.
r1(config)#ip routing
r1(config)#ctrl-Z
There are two main ways a router knows where to send packets. The administrator
can assign static routes, or the router can learn routes by employing a dynamic routing
protocol.
These days static routes are generally used in very simple networks or in particular
cases that necessitate their use. To create a static route, the administrator tells the router
operating system that any network traffic destined for a specified network layer address
should be forwarded to a similarly specified network layer address. In the Cisco IOS this is
done with the ip route command.
r1#config
r1(config)#ip route 172.16.0.0 255.255.255.0 192.168.2.1
r1(config)#ctrl-Z
r1#show ip route
Two things are to be said about this example. First, the packet destination address must
include the subnet mask for that destination network. Second, the address it is to be forwarded


is the specified address of the next router along the path to the destination. This is the most
common way of setting up a static route.
Dynamic routing protocols, running on connected routers, enable those routers to
share routing information. This enables routers to learn the routes available to them. The
advantage of this method is that routers are able to adjust to changes in network topologies. If a
route is physically removed, or a neighbor router goes down, the routing protocol searches for a
new route. Routing protocols can even dynamically choose between possible routes based on
variables such as network congestion or network reliability.
Configure the Routing Information Protocol (RIP) on Cisco routers. From the
command-line, we must explicitly tell the router which protocol to use, and what networks the
protocol will route for.
r1#config
r1(config)#router rip
r1(config-router)#network 192.168.230.0
r1(config-router)#network 192.168.231.0
r1(config-router)#ctrl-Z
r1#show ip protocols
Now when you issue the show ip protocols command, you should see an entry
describing RIP configuration.
11.3.6 Saving your configuration
If you turned the router off right now, and turned it on again, you would have to start
configuration over again. Your running configuration is not saved to any permanent storage
media. You can see this configuration with the command show running
r1#show running
If you do want to save your successful running configuration, issue the command copy
running startup
r1#copy running startup


Your configuration is now saved to non-volatile RAM (NVRAM). Then, issue the
command show startup
r1#show startup
Now any time you need to return your router to that configuration, issue the command
copy startup running
r1#copy startup running

11.3.7 Viewing Configuration
Issue the following command and write down their outputs:
1. Get the routing table
sh ip route
If you get ICMP redirect cache is empty, then that means the ip routing is not
enabled.
2. Check whether no ip routing exists.
sh run
If yes, then we need to enable ip routing. Issue the command ip routing at the
(config)#.
3. Check the running configuration
sh run
4. Get the details about the router and write it down.
sh ver
What version of the IOS is running?
What is the name of the Cisco IOS image file loaded?
What kind of router (platform type) is this?
What is the revision level of the image?
How much NVRAM (startup config) memory is there?
How much RAM is there?
show flash Used to verify the contents of the Flash memory.
If the flash file name is c2500-js-l.112-18.bin.
c2500 is the platform


j indicates that the file is an enterprise image.
s indicates the file contains extended capabilities.
l indicates that the file can be moved from flash memory if needed and is not
compressed.
11.2-18 is the revision number.
.bin indicates that the Cisco IOS is a binary executable file.
What is the name and length of the Cisco IOS image stored in flash?
What attributes can you identify from codes in the Cisco IOS filename?
Note: 27648K/5120K memory means 27M of processor memory and 5M of I/O memory. In
total, 32M of DRAM is present.
11.3.8 Exercise
Implement the following network diagram. Make sure that the gateways of the PCs are
properly set as the IP address of the network interface of the router that it is connected to.
192.168.230.240
255.255.255.0
192.168.231.240
255.255.255.0
192.168.230.1
255.255.255.0
192.168.231.2
255.255.255.0
192.168.231.1
255.255.255.0
192.168.230.2
255.255.255.0
192.168.230.230
255.255.255.0
192.168.231.230
255.255.255.0


11.4 Configure Router in your Segment
11.4.1 Lab setup
Setup the lab network according to the figure given below.




192.168.230.240
255.255.255.0
192.168.231.240
255.255.255.0
192.168.230.1
255.255.255.0
192.168.231.2
255.255.255.0
192.168.231.1
255.255.255.0
192.168.230.2
255.255.255.0
192.168.230.230
255.255.255.0
192.168.231.230
255.255.255.0
192.168.232.240
255.255.255.0
192.168.233.240
255.255.255.0
192.168.232.1
255.255.255.0
192.168.233.2
255.255.255.0
192.168.233.1
255.255.255.0
192.168.232.2
255.255.255.0
192.168.232.230
255.255.255.0
192.168.233.230
255.255.255.0
192.168.235.240
255.255.255.0
192.168.235.241
255.255.255.0

Step 1: You should configure the TCP/IP setting in each host appropriately with respective
subnet mask and gateway addresses. The gateway address is the interface address of the router
that is connected to the specific network. For example, the first host on LAN Segment B should
use the following setting:

IP Address: 192.168.231.1
Subnet Mask: 255.255.255.0
Gateway: 192.168.231.240
11.4.2 Configure the router
You need to configure the router for few things:
1. To connect to the router, you need to assign an IP address for each interface of
the router. When we get a new router, we use console cable to assign an IP
address and then connect via telnet.
2. We need to assign an IP address for both the fast Ethernet interface cards. We
should be at the privileged mode. An example is given below:
#config t
(config)# interface FastEthernet 0/0 configure Ethernet interface 0/0
(config-if)#ip address 192.168.230.240 255.255.255.0 IP address and the
subnet mask.


(config-if)#no shut (or no shutdown) ensure that interface is not
administratively down
(config-if)#ctrl-z (or exit) execute all of the above and return to parent
3. Now the connection between networks connected via a single router should
work. We can ping among 192.168.230.0 & 192.168.231.0 network and between
192.168.232.0 & 192.168.233.0 networks.
4. All the hosts can connect to the router using telnet. You can telnet to the
respective gateway address. The routing table at this time can be viewed using
show ip route
5. Now we need to assign an IP address for the Serial interface. We should be at
the privileged mode.
#config t
(config)# interface Serial 1/0 configure Serial interface 1/0
(config-if)#ip address 192.168.230.240 255.255.255.0
(config-if)#no shutdown (or no shut)
(config-if)#bandwidth 64
(config-if)#clock rate 64000 will work only with DCE connections
(config-if)#ctrl-z (or exit) execute all of the above and return to parent
Note: To identify whether a connection is DCE or DTE, we can use the
command show controllers
6. From the hosts, the users should be able to ping to IP address of the serial
interface present in the router connected to their network.
7. All the necessary IP address setups are done. We need to enable routing
protocols to have the necessary routing among the networks connected to
different routers. To setup the RIP protocol, we do as below:
# config t
(config)# router rip
(config-router)# network 192.168.230.0
Note: We need to add the network entries for the serial connection that
connects different routers. We need to add entry for all the directly connected


networks [both fastethernet and serial].
8. All the necessary connections are done and all the hosts should be able to ping
other hosts present in different networks. Show ip route command will show
that routes are learnt using RIP protocol.
9. We can refer to various configuration settings on the router using:
#show ip protocols
#show ip route shows routing table
#show running-conf or show run
#show interfaces
10. We can view the actual RIP packets using the command:
#debug ip rip displays RIP routing updates as they are sent or received
If we are not able to see the RIP information at our telnet prompt, issue the
command,
#terminal monitor

To stop viewing the RIP routing information,
#undebug all stop display debug information

Exercise
Using the appropriate command to dump the IP routing table in your segment and
write it below.
11.5 Capturing RIP traffic
RIP data is encapsulated in UDP messages which source port and destination port are
both set to 520. We will use the same procedure we have learnt in previous labs to capture
RIP traffic using Ethereal. The captured images for both RIP request and response are given
below.







From above the captures, answer the following queries:
Which protocol does RIP use? Does it have any specific port number?

In RIP request, there is no request specified. Why?

The version of RIP is specified as RIPv1. Is there any other version of RIP? If so,
what is their difference?

Why is it that the RIP messages [request and response] are sent as IP broadcast?

What is the use of Metric in RIP request and response messages?

In the last snap-shot provided there is different metric for different IP addresses
given. Why?


Exercise: Fill the RIP format using the packets captures given.


11.6 Using Static Routes
Static routes can serve as an alternative to using RIP. For example, we could disable
RIP on router A and add static routes for networks B, C, D and E as follows:
(config)#no router rip disable RIP
(config)#ip route 192.168.230.0 255.255.255.0 192.168.235.240
(config)#ip route 192.168.231.0 255.255.255.0 192.168.235.240
(config)#ip route 192.168.232.0 255.255.255.0 192.168.235.241
(config)#ip route 192.168.233.0 255.255.255.0 192.168.235.241
11.7 Adding a static default route
To have Router A use the Instructor's router as the default route (used when there is no
match with ordinary entries in the routing table), use the following command (a default route is
entered with IP address 0.0.0.0 and a subnet mask 0.0.0.0),
Source Port*
20 byte
IP Header
Ethernet Destination Address
Ethernet Source Address
IP Source Address
EtherType
IP Destination Address*
Protocol*
14 byte Ethernet
Frame Header
2 bytes: 0800 indicates that the frame
contains IP packet
6 bytes
6 bytes
1 byte: ___* indicates that the
packet contains UDP message
Ver * HL*
4 bytes
4 bytes
4 bytes
Length
RIP data
Frame Checksum
UDP
Header+Data


(config)#ip route 0.0.0.0 0.0.0.0 192.168.230.251
Question: Is the presence of the Instructor's router necessary to route traffic between the
segments A and C? Justify your answer.
Exercise: Testing Router Connectivity
A good test to ensure that the router in your segment is working properly is to ping a
host outside of your network. Another useful test is to use TraceRoute (sometimes
abbreviated as TraceRT) command to print the IP addresses of routers along the path
to a target host.
From your host, traceroute to the first host on a segment that is next to your segment.
For example, if you happen to be on Segment C then issue the command: tracert
192.168.230.97. Write down the results below.
11.8 Dynamic Routing with OSPF within an area
Use OSPF routing protocol as the dynamic routing protocol. Make the whole network
into one single area. The administrative distance of OSPF is 110.
1. Log into your routers and go into privileged mode by typing en or enable.
2. From the configuration mode on Router A, type router ospf ?.
3. Notice that it asks for a process number. Type 100 and press Enter.
4. To configure neighbors in OSPF [Configure all routers in area 0]
RouterA(config-router)# network 192.168.230.1 0.0.0.0 area 0
OR
RouterA(config-router)# network 192.168.230.0 0.0.0.255 area 0
OR
RouterA(config-router)# network 192.168.230.0 0.0.255.255 area 0
Note: Here, we dont provide the subnet mask. Instead a wild-card is provided. Wild-
card means, if we wish to consider a bit, we provide 0 and to ignore a bit, we provide 1.


For example, in the first command given [192.168.230.1 0.0.0.0], we want to match the
IP exactly. In 192.168.230.0 0.0.0.255, we wish to match the first three parts of the IP
address and the last part is not configured.
5. Press Ctrl+Z to get out of configuration mode.
6. Do similarly for other routers
7. Verify that OSPF is running by typing the following command at each router:
show ip route
show ip ospf neighbor
Note: Process number is a number local to the router. It is possible to have more than one
process running on a router, although this is an unusual and expensive configuration in terms of
router resources. The process number does not have to be the same on every router in the area
or the autonomous system. In the interest of sanity, however, many administrators make it the
same number.
11.9 Access List
Access list is used to deny or permit control for packets that pass via the router. Access
lists are executed sequentially based on the order of rules provided. Once an access list is added,
there exists an implicit deny at the end of the list. Any packet that is not matched with the rules
in the list is denied entry by the implicit deny. There are two types of access lists, namely:
1. Standard Access list: The control of the packet is based on the source address only. The
list number ranges from 0 to 99. This list is applied near the destination of the packet.
2. Extended Access list: The control of the packet is based on source address, destination
address, source port, destination port, protocol, etc. The list number ranges from 100 to
199. This list is applied near to the source of the packet. Takes more time to process
than the standard list but it is more powerful.

Specify the access rules at the global configuration level.
(config)# access-list access-list-number {permit | deny} source-address [wildcard mask]

Add the specified access list to an interface.
(config-if)# ip access-group access-list-number {in | out}


Note: Out means the packet is coming out of the specific interface and in means the packet is
entering the interface.

Examples:
a. To block a non-192.168.0.0. network
(config)# access-list 1 permit 192.168.0.0 0.0.255.255 Last part is wild-card
(config)# interface fastethernet 0/0
(config-if)# ip access-group 1 out
Note: Use in to act on directly connected networks. This is because we need to
take action without taking any routing decision. Wildcard is used, which is opposite
to subnet mask.
b. Access list blocking traffic from a single host
(config)# access-list 1 deny 192.168.230.1 0.0.0.0
(config)# access-list 1 permit 0.0.0.0 255.255.255.255
(config)# interface fastethernet 0/0
(config-if)# ip access-group 1 out
c. Access list blocking traffic from a single subnet
(config)# access-list 1 deny 192.168.230.0 0.0.0.255
(config)# access-list 1 permit any
(config)# interface fastethernet 0/0
(config-if)# ip access-group 1 out
d. To permit vty access to a specific network
(config)# access-list 2 permit 192.168.230.0 0.0.0.255
(config)# line vty 0 4
(config-line)# access-class 2 in
e. Extended access list blocking Telnet traffic from a specified subnet
(config)# access-list 101 deny tcp 192.168.230.0 0.0.0.255 192.168.231.0
0.0.0.255 eq 23
(config)# access-list 101 permit ip any any
(config)# interface fastethernet 0/0


(config-if)# ip access-group 101 out
Note: with ip access-group 101 in, we can block telnet to the router even from the
directly connected networks. Another way to do this is:
line vty 0 4
login
no password
Note: This requires a password. Because a password has not been established,
however, it is impossible to correctly input a password. The result is no access.
no line vty 0 4
OR
(config)# access-list 12 permit 192.168.230.0 0.0.0.255
(config)# line vty 0 4
(config-if)# access-class 12 in
f. show access-lists displays the contents of all access lists.
g. show ip access-lists displays the IP access lists.
11.10 References
Cisco 2600 router: Technical reference
http://www.cisco.com/en/US/products/hw/routers/ps259/prod_technical_documentation.h
tml

RIP
http://www.cisco.com/univercd/cc/td/doc/cisintwk/ito_doc/rip.pdf

OSPF
http://www.cisco.com/univercd/cc/td/doc/cisintwk/ito_doc/ospf.pdf










L AB 1 3
PART I
ICMP AND TCP PACKET ANALYSIS
13. Objectives [Lab 13A]:
17 Examine the ICMP message structure and encapsulation.
18 Expose the role played by ICMP in Ping and TraceRoute utilities.
19 Show ICMP statistics using netstat command.
20 Examine the TCP Segment structure and encapsulation.
21 Examine the three phases of a TCP connection.
22 Capture and analyze the TCP traffic generated during a Web session.
13.1. General Lab setup
Set the gateway address as 192.168.230.251. Set DNS Server to 172.16.0.1.

19 20 21 22 23 24 13 14 15 16 17 18 7 8 9 10 11 12 1 2 3 4 5 6
43 44 45 46 47 48 37 38 39 40 41 42 31 32 33 34 35 36 25 26 27 28 29 30
19 20 21 22 23 24 13 14 15 16 17 18 7 8 9 10 11 12 1 2 3 4 5 6
43 44 45 46 47 48 37 38 39 40 41 42 31 32 33 34 35 36 25 26 27 28 29 30
19 20 21 22 23 24 13 14 15 16 17 18 7 8 9 10 11 12 1 2 3 4 5 6
43 44 45 46 47 48 37 38 39 40 41 42 31 32 33 34 35 36 25 26 27 28 29 30
192.168.230.1 &
192.168.230.5
SM: 255.255.0.0
GW: 192.168.230.251
ICS-NWLA1 ICS-NWLB1
192.168.231.1 &
192.168.231.5
SM: 255.255.0.0
GW: 192.168.230.251
INSTRUCTOR PC
192.168.230.251
SM: 255.255..0
172.16.20.2
SM: 255.255.0.0
Inter LAN
Inter LAN
Switch Switch
Hub
CCSE
Network



13.2. Capturing ICMP traffic
An ICMP message (i.e. a request or a reply) is directly encapsulated in an IP packet with
protocol field in the IP header set to 1. On an Ethernet LAN, the IP packet itself is
encapsulated in an Ethernet frame with EtherType value set to (0x0800). Thus the simplest way
to capture ICMP traffic is to use a filter on the Protocol field in the IP header. Use Ethereal to
Capture ICMP packets that are generated when you ping your neighbor's IP address.
1. Follow the steps as discussed in 2.2 and specify icmp instead of arp as the protocol to
filter.
2. Observe the details of the ICMP frames after doing ping.

Details of ICMP request frame during ping:





Details of ICMP Reply frame:


Exercise: Based on the above capture state how Ping works. Also fill in the values marked
with * below for an Ethernet frame containing an ICMP Echo Request. State the role of the
ICMP fields: type, code, checksum, identification, seqno, data.




What is the relation between source and destination Ethernet address in the ICMP
request and reply?
What is the use of Dont fragment and More fragment fields?
How do you differentiate between the ICMP request and reply packet using the
ICMP header information?
What is the use of Identifier field in the ICMP request and reply messages?
What is the use of sequence number along with Identifier field in ICMP request and
reply messages?
Does the Header checksum in ICMP request and reply messages are consistent?
Explain.

20 byte
IP Header
Ethernet Destination Address
Ethernet Source Address
IP Source Address
EtherType
IP Destination Address
Protocol*
14 byte Ethernet
Frame Header
2 bytes: 0800 indicates that the frame
contains IP packet
6 bytes
6 bytes
1 byte: ___** indicates that the
packet contains ICMP message
Ver * HL*
4 bytes
4 bytes
type code
checksum
4 bytes
SeqNo Identification
4 bytes ICMP
Header+Data
Data (variable length)
Frame Checksum


13.2.1. Capture ICMP packets generated and received during TraceRoute
TraceRoute (sometimes abbreviated as TraceRT) is one of the basic IP diagnostic tools.
It is used to discover the routers that an IP packet would traverse to reach a given target host
(i.e. IP address). TraceRoute first sends one or more ICMP Echo Request packets with
TTL=1. Any packet with TTL=1 will be discarded by the first router along the path to
destination but the router will send an ICMP Time Exceeded message (type/code= ____ /
_____) to the source host. TraceRoute receives this ICMP message and notes the IP source
address as the address of the first router.
Then TraceRoute sends one or more ICMP Echo Request packets with TTL value=2.
Any such packet crosses the first router where its TTL value is decremented by 1. At the
second router, the packet is dropped and an ICMP Time Exceeded message is sent back to the
source host. The IP source address of this message is that of the second router. The process
continues until TraceRoute actually gets an ICMP Echo Reply from the target host or the TTL
value exceeds some preset maximum.
To verify all of this, follow theses steps.
1. From your computer, traceroute to KFUPM (or CCSE) Web Server by issuing the
command:
tracert www.kfupm.edu.sa. You should get results similar to the one shown below.


2. Use Ethereal with the filter set as in the previous task and capture the resulting traffic.
As first step, the domain name www.kfupm.edu.sa should be resolved to its IP
address and so a DNS query is generated.





In the DNS query, what is the destination IP address? Justify.


Is there a fixed source port in the DNS query? Explain.




What is the reason for the destination port being selected as 53? Justify.


The flags in the DNS indicate whether the packet is query or response. Discuss the
relationship between the flag values in query and response.


Immediately after the DNS response, ICMP packets are generated. Initially, ICMP
packets are generated with TTL as 1.


The response for the ICMP query does not come from the actual destination. Why?


What does Time-to-live exceeded mean?




The Time-to-live is increased to 2 because the source received Time-exceeded
message.
What is the relationship between the source and destination IP address of the ICMP
request messages with TTL=1 and TTL=2? Justify.


The Time-to-live exceeded message arrive from a different IP compared to the
pervious Time-to-live exceeded message. Why?


Why is it that the TTL value of the Time-to-live exceeded message is 1? Explain.




Following the above mentioned procedure, the TTL gets incremented and finally, the
request reaches the actual destination. The destination then replies to the source.
How can traceroute calculate the minimum, maximum and average response time?

Exercise: Traceroute to some host on the Internet, say www.ibm.com. Explain the result.

13.2.2. Capturing ICMP Destination Unreachable message
This ICMP message uses a Type field value of 3 and is generated under various
conditions (cases) indicated by the value used for the Code field. Here we will consider two cases
only.
Case 1: Host Unreachable
Recall that when an IP packet finally reaches a router attached to the destination network, the
router would then encapsulate the received packet in a frame addressed to the destination
host. Thus the router will issue an ARP Request for the MAC address corresponding to the
destination IP address, and if no ARP Reply is received, the router will discard the packet and
send an ICMP Destination Unreachable/Host Unreachable message back to the source host.
To capture such message, use filter as set previously and run the command:
ping <ipaddress of a dead host on a remote network>
Case 2: Port Unreachable
The destination host generates this message when there is no process listening on the
specified TCP (or UDP) destination port.
To capture such message, use filter as set previously and run the command:
traceroute <ipaddress of your neighbor> -p 1000 - assume no process listens on port 1000.
Note: This command works only with Unix platform.



13.2.3. Generate IP fragmented packet
To see the IP fragmentation process in action, one can use the Ping command with the
option for the size of Ping data set large enough to causes the IP packet size to exceed the
underlying data link layer Maximum Transmission Unit (MTU) - For Ethernet, MTU is 1500
bytes. Subtracting 20 bytes for IP header and 8 bytes for ICMP header maximum ICMP
data of 1472 byes. Thus setting a Ping length option of 1473 will lead to a fragmented packet.
Exercise: Setup a filter to capture IP/ICMP and run the command:
ping n 1 l 1473 <ipaddress>.

If all goes well, you should get a screen like the one shown below. Note that the size of
the first IP packet is set to 1500 (i.e. subtracting the length of IP header (20) fragment size is
1480). Can you guess the value of the fragment offset in the IP packet containing the second
fragment?



13.2.4. Viewing ICMP statistics
As shown in the snapshot below, one can use the netstat command. At the command
prompt type the command: netstat s.

Note: It is good to know that the command netsat e gives statistics about the local Ethernet's
interface. A value of zero for received erroneous frames would indicate a network free of bad (or
lose) wiring and malfunctioning network interface cards.
Exercise: Capture ICMP packets using Ethereal.
13.3. Capturing TCP traffic
13.3.1. What goes on during a Web surfing session?
HTTP is an example of an Application Layer protocol that is encapsulated in TCP.
Thus one way to capture TCP Segments is use the browser to fetch some URL and at the same


time capture the frames that go out or come to the network interface associated with the local
station. Therefore, we will use a filter that restricts the MAC source or destination address to
match that of local station. Follow these steps.
Have Ethereal set to Capture Mode and browse to some site such as
http://www.ccse.kfupm.edu.sa. If all goes well then you should get a capture similar to the one
shown below.





Based on the above capture write down the steps (tasks) that the browser goes through.
Step (Task) Application/Transport
Protocols used
# of application-
data packets
exchanged
ARP Request for
1.Open a TCP
connection
TCP Syn-SynAck-Ack
2. Send an HTTP
GET Request
HTTP/TCP
3. Get Reply HTTP/TCP
4. Repeat Steps 3, 4
a number of times
HTTP/TCP
5. Close the TCP
Connection
TCP Fin and Ack
Note that before a TCP connection is opened the IP address of the host in URL is
needed. Thus a DNS query needs to be issued**. The DNS query will be encapsulated in a
frame destined to the IP address of DNS server but what would be the MAC address? Will
we send an ARP request asking for MAC address of DNS server?
**If you don't see DNS Query and Reply this in your capture, can you explain why?



13.3.2. Structure and Encapsulation of a TCP segment
By considering one of the frames that contains a TCP segment verifies that the
encapsulation and the structure of a TCP segment is in accordance with the diagram shown
below.

What is the relationship between sequence number and acknowledgement number?
How can we use the HEADER LENGTH field of the IP datagram to locate the
beginning of the TCP segment?
Compute and display the size of the payload carried in the segment. Note: you must
use the TOTAL LENGTH field in the IP datagram to compute the segment size.
What is the indication of the source and destination port number in the TCP packets?

20 byte
IP Header
Ethernet Destination Address
Ethernet Source Address
IP Source Address
EtherType
IP Destination Address
Protocol*
14 byte Ethernet
Frame Header
6 bytes
2 bytes: 0800 indicates that the frame
contains IP packet
6 bytes
Ver * HL*
1 byte: 6* indicates that the packet
contains TCP message
4 bytes
4 bytes
4 bytes source port dest. port
4 bytes
TCP Header
4 bytes
AckNo
SeqNo
offset-re-uaprsf win size
checksum urg ptr
options + padding
Frame Checksum
TCP data
4 bytes




Use the above capture, indicate the following:
o What do you understand by Sequence number and Next sequence number?
o Format of HTTP messages.
o Impact of HTTP messages on the TCP flags.

13.3.3. Analyzing the Phases of a TCP connection
A TCP connection goes through three phases in sequence:
Open Connection phase using Three-Way handshake
Data Exchange phase
Close Connection phase



The Connection Opening Phase uses the three-way handshake.






The Data Exchange Phase uses the sliding window technique including the provision for
SeqNo and AckNo to allow the proper ordering of the data. The flow control is managed using
the Window Size field.
Note that for an outgoing segment we set the AckNo using the formula,
AckNo = (SeqNo + Data Size) of the last correctly received segment
Note: For the Initial SYN Segments we assume a data size of 1 byte.
Exercise: Verify the above formula by tracking a received segment (say, the one containing
the first GET request) and the segment that is sent following it.
Client
Server
Ack, SeqNo=201
AckNo=501
Syn, Ack, SeqNo=500
AckNo=201
Syn, SeqNo=200
SeqNo (Hex) AckNo (Hex) Data Size (in bytes)
Received Segment
Sent Segment
The Close Connection Phase uses a pair of Fin-Ack segments (i.e. two Fins and two
Acks). When one side has no more data then he should send a Fin segment and when


acknowledged he must not send any more data but can continue sending Ack segments for
the data it receives. After a while the other side, can do the same.
13.4. References
ICMP
http://www.freesoft.org/CIE/Topics/81.htm

TCP
http://www.freesoft.org/CIE/Topics/83.htm



L AB 1 3
PART II
TCP SIMULATION
Objectives [Lab 13B]:
23 Demonstrate the congestion control algorithms implemented by the Transmission Control
Protocol (TCP).
24 Provides a number of scenarios to simulate congestion control algorithms.
25 Compare the performance of the algorithms through the analysis of the simulation results.
13.5 Overview
The Internets TCP guarantees the reliable, in-order delivery of a stream of bytes. It
includes a flow-control mechanism for the byte streams that allows the receiver to limit how
much data the sender can transmit at a given time. In addition, TCP implements a highly tuned
congestion-control mechanism. The idea of this mechanism is to throttle how fast TCP sends
data to keep the sender from overloading the network.
The idea of TCP congestion control is for each source to determine how much capacity
is available in the network, so that it knows how many packets it can safely have in transit. It
maintains a state variable for each connection, called the congestion window, which is used by the
source to limit how much data it is allowed to have in transit at a given time. TCP uses a
mechanism, called additive increase/multiplicative decrease, that decreases the congestion window
when the level of congestion goes up and increases the congestion window when the level of
congestion goes down. TCP interprets timeouts as a sign of congestion. Each time a timeout
occurs, the source sets the congestion window to half of its previous value. This halving
corresponds to the multiplicative decrease part of the mechanism. The congestion window is not
allowed to fall below the size of a single packet (the TCP maximum segment size, or MSS).
Every time the source successfully sends a congestion windows worth of packets, it adds the


equivalent of one packet to the congestion window; this is the additive increase part of the
mechanism.
TCP uses a mechanism called slow start to increase the congestion window rapidly
from a cold start in TCP connections. It increases the congestion window exponentially, rather
than linearly. Finally, TCP utilizes a mechanism called fast retransmit and fast recovery. Fast
retransmit is a heuristic that sometimes triggers the retransmission of a dropped packet sooner
than the regular timeout mechanism.
In this lab you will set up a network that utilizes TCP as its end-to-end transmission
protocol and analyze the size of the congestion window with different mechanisms.
13.6 Create a New Project
1. Start OPNET IT Guru Academic Edition Choose New from the File menu.
2. Select Project and click OK Name the project <your initials>_TCP, and the
scenario No_Drop Click OK.
3. In the Startup Wizard: Initial Topology dialog box, make sure that Create Empty
Scenario is selected Click Next Select Choose From Maps from the Network
Scale list Click Next Choose mideast from the Map List Click Next twice
Click OK.
13.7 Create and Configure the Network
13.7.1 Initialize the Network
1. The Object Palette dialog box should now be on the top of your project space. If it is not
there, open it by clicking . Make sure that the internet_toolbox item is selected from
the pull-down menu on the object palette.
2. Add to the project workspace the following objects from the palette: Application Config,
Profile Config, an ip32_Cloud, and two subnets.
To add an object from a palette, click its icon in the object palette Move your
mouse to the workspace Click to drop the object in the desired location
Right-click to finish creating objects of that type.


Note: The ip32_cloud node model represents an IP cloud supporting up to 32 serial
line interfaces at a selectable data rate through which IP traffic can be modeled. IP
packets arriving on any cloud interface are routed to the appropriate output interface
based on their destination IP address. The RIP or OSPF protocol may be used to
automatically and dynamically create the cloud's routing tables and select routes in an
adaptive manner. This cloud requires a fixed amount of time to route each packet, as
determined by the Packet Latency attribute of the node.
3. Close the palette.
4. Rename the objects [Applications, Profiles, West, East, KSA Internet] you added as shown
and then save your project:

13.7.2 Configure the Applications
1. Right-click on the Applications node Edit Attributes Expand the Application
Definitions attribute and set rows to 1 Expand the new row Name the row
FTP_Application.
Expand the Description hierarchy Edit the FTP row as shown (you will need
to set the Special Value to Not Used while editing the shown attributes):
Inter-Request Time specifications: Distribution Name = constant, Mean Outcome
= 3600
File Size (bytes): Distribution Name = constant, Mean Outcome = 10000000.



2. Click OK twice and then save your project.

13.7.3 Configure the Profiles
1. Right-click on the Profiles node Edit Attributes Expand the Profile Configuration
attribute and set rows to 1.
a. Name and set the attributes of row 0 as shown Click OK.
1. Profiles configuration rows = 1.
2. row 0 Profile Name = FTP_Profile
3. Applications rows = 1.
4. Applications row 0 Name = FTP_Application
5. Applications row 0 Start Time Offset = constant(5)
6. Applications row 0 Repeatability = Once at Start Time
7. Applications Start Time Offset = constant(100)




13.7.4 Configure the West Subnet
1. Double-click on the West subnet node. You get an empty workspace, indicating that the
subnet contains no objects.
2. Open the object palette and make sure that the internet_toolbox item is selected from
the pull-down menu.
3. Add the following items to the subnet workspace: one ethernet_server, one
ethernet4_slip8_gtwy router, and connect them with a bidirectional 100_BaseT link
Close the palette Rename the objects [Server_West, Router_West] as shown.
Note: The ethernet4_slip8_gtwy node model represents an IP-based gateway supporting
four Ethernet hub interfaces and eight serial line interfaces.



4. Right-click on the Server_West node Edit Attributes:
a. Edit Application: Supported Services Set rows to 1 Set Name to
FTP_Application Click OK.
b. Edit the value of the Server Address attribute and write down Server_West.
c. Expand the TCP Parameters hierarchy Set both Fast Retransmit and Fast
Recovery to Disabled.
5. Click OK and then save your project.
Now, you have completed the configuration of the West subnet. To go back to the top level of
the project, click the Go to next higher level button.

13.7.5 Configure the East Subnet
1. Double-click on the East subnet node. You get an empty workspace, indicating that the
subnet contains no objects.
2. Open the object palette and make sure that the internet_toolbox item is selected from
the pull-down menu.
3. Add the following items to the subnet workspace: one ethernet_wkstn, one
ethernet4_slip8_gtwy router, and connect them with a bidirectional 100_BaseT link
Close the palette Rename the objects [Router_East, Client_East] as shown.

4. Right-click on the Client_East node Edit Attributes:
a. Expand the Application: Supported Profiles hierarchy Set rows to 1
Expand the row 0 hierarchy Set Profile Name to FTP_Profile.
b. Assign Client_ East to the Client Address attributes.
c. Edit the Application: Destination Preferences attribute as follows:
Set rows to 1 Set Symbolic Name to FTP Server Edit Actual Name
Set rows to 1 In the new row, assign Server_West to the Name column.
5. Click OK three times and then save your project.


6. You have now completed the configuration of the East subnet. To go back to the project
space, click the Go to next higher level button.

13.7.6 Connect the Subnets to the IP Cloud
1. Open the object palette .
2. Using two PPP_DS3 bidirectional links connect the East subnet to the IP Cloud and the
West subnet to the IP Cloud.
3. A pop-up dialog box will appear asking you what to connect the subnet to the IP Cloud
with. Make sure to select the routers.
4. Close the palette.

13.8 Choose the Statistics
1. Right-click on Server_West in the West subnet and select Choose Individual
Statistics from the pop-up menu.
2. In the Choose Results dialog box, choose the following statistic:
TCP Connection Congestion Window Size (bytes) and Sent Segment
Sequence Number.
3. Right-click on the Congestion Window Size (bytes) statistic Choose Change
Collection Mode In the dialog box check Advanced From the drop-down
menu, assign all values to Capture mode as shown Click OK.



4. Right-click on the Sent Segment Sequence Number statistic Choose Change
Collection Mode In the dialog box check Advanced From the drop-down
menu, assign all values to Capture mode.
OPNET provides the following capture modes:
All values collects every data point from a statistic.
Sample collects the data according to a userspecified time interval or sample count.
For example, if the time interval is 10, data is sampled and recorded every 10th second.
If the sample count is 10, every 10th data point is recorded. All other data points are
discarded.
Bucket collects all of the points over the time interval or sample count into a data
bucket and generates a result from each bucket. This is the default mode.
5. Click OK twice and then save your project.
6. Click the Go to next higher level button.

13.9 Configure the Simulation
Here we need to configure the duration of the simulation:
1. Click on and the Configure Simulation window should appear.
2. Set the duration to be 10.0 minutes.
3. Click OK and then save your project.


13.10 Duplicate the Scenario
In the network we just created we assumed a perfect network with no discarded
packets. Also, we disabled the fast retransmit and fast recovery techniques in TCP. To analyze
the effects of discarded packets and those congestion-control techniques, we will create two
additional scenarios.
1. Select Duplicate Scenario from the Scenarios menu and give it the name
Drop_NoFast Click OK.
2. In the new scenario, right-click on the IP Cloud Edit Attributes Assign 0.05%
to the Packet Discard Ratio attribute.
3. Click OK and then save your project.
4. While you are still in the Drop_NoFast scenario, select Duplicate Scenario from the
Scenarios menu and give it the name Drop_Fast.
5. In the Drop_Fast scenario, right-click on Server_ West, which is inside the West
subnet Edit Attributes Expand the TCP Parameters hierarchy Enable the
Fast Retransmit attribute Assign Reno to the Fast Recovery attribute.
Note: With fast retransmit, TCP performs a retransmission of what appears to be the
missing segment, without waiting for a retransmission timer to expire. After fast
retransmit sends what appears to be the missing segment, congestion avoidance but not
slow start is performed. This is the fast recovery algorithm. The fast retransmit and fast
recovery algorithms are usually implemented together (RFC 2001).
6. Click OK and then save your project.
13.11 Run the Simulation
To run the simulation for the three scenarios simultaneously:
1. Go to the Scenarios menu Select Manage Scenarios.
2. Change the values under the Results column to <collect> (or <recollect>) for the
three scenarios. Compare to the following figure.



3. Click OK to run the three simulations. Depending on the speed of your processor, this
may take several minutes to complete.
4. After the three simulation runs complete, one for each scenario, click Close Save
your project.
13.12 View the Results
To view and analyze the results:
1. Switch to the Drop_NoFast scenario (the second one) and choose View Results from
the Results menu.
2. Fully expand the Object Statistics hierarchy and select the following two results:
Congestion Window Size (bytes) and Sent Segment Sequence Number.
Note: To switch to a scenario, choose Switch to Scenario from the Scenarios menu or
just press Ctrl+<scenario number>.

3. Click Show. The resulting graphs should resemble the ones below.



4. To zoom in on the details in the graph, click and drag your mouse to draw a rectangle, as
shown above.
5. The graph should be redrawn to resemble the following one:

6. Notice the Segment Sequence Number is almost flat with every drop in the congestion
window.
7. Close the View Results dialog box and select Compare Results from the Result menu.
8. Fully expand the Object Statistics hierarchy as shown and select the following result:
Sent Segment Sequence Number.



9. Click Show. After zooming in, the resulting graph should resemble the one below.

13.13 Questions
1. Why does the Segment Sequence Number remain unchanged (indicated by a
horizontal line in the graphs) with every drop in the congestion window?
2. Analyze the graph that compares the Segment Sequence numbers of the three
scenarios. Why does the Drop_NoFast scenario have the slowest growth in sequence
numbers?
3. In the Drop_NoFast scenario, obtain the overlaid graph that compares Sent Segment
Sequence Number with Received Segment ACK Number for Server_West.
Explain the graph.


Hint: Make sure to assign all values to the Capture mode of the Received Segment
ACK Number statistic.
4. Create another scenario as a duplicate of the Drop_Fast scenario. Name the new
scenario Q4_Drop_Fast_Buffer. In the new scenario, edit the attributes of the
Client_East node and assign 65535 to its Receiver Buffer (bytes) attribute (one of
the TCP Parameters). Generate a graph that shows how the Congestion Window
Size (bytes) of Server_West gets affected by the increase in the receiver buffer
(compare the congestion window size graph from the Drop_Fast scenario with the
corresponding graph from the Q4_Drop_Fast_Buffer scenario.)
























L AB 1 4
ASSIGHNMENT
It will be given to the students at the end of each term and it varies from term to term.