Lab Report - Cisco Router Configuration

W4140 Networking Laboratory
Lab Report 3
As advised, exercise 2 was done before exercise 1 to perform router configuration

first.
Exercise 1
Exercise 1(A)
The Ethernet interfaces of the Linux PCs and the Cisco router were connected as
showed in Figure 1.
Figure 1
Ping commands were issued from PC1 to PC2, Router1 and PC4.
- What is the output on PC1 when the ping commands are issued?
The output on PC1 was:
[netlab@PC1 ~]$ ping -c 5 10.0.1.21
PING 10.0.1.21 (10.0.1.21) 56(84) bytes of
64 bytes from 10.0.1.21: icmp_seq=1 ttl=64
data.
time=0.283
time=0.253
time=0.262
time=0.252
time=0.260
ms
ms
ms
ms
ms
--- 10.0.1.21 ping statistics --5 packets transmitted, 5 received, 0% packet loss, time 4000ms
rtt min/avg/max/mdev = 0.252/0.262/0.283/0.011 ms
[netlab@PC1 ~]$ ping -c 5 10.0.2.1
connect: Network is unreachable
[netlab@PC1 ~]$ ping -c 5 10.0.3.41
connect: Network is unreachable
- Which packets, if any, are captured by wireshark?

ICMPv6, ICMP and ARP packets where captured.
No.
Time
Source
Destination
Protocol
Length Info
1 0.000000000
fe80::ca1f:66ff:fecb:3474 ff02::2
ICMPv6
62
Router Solicitation
2 2.329206000
fe80::ca1f:66ff:fecb:2fa3 ff02::2
ICMPv6
62
Router Solicitation
3 3.328132000
10.0.1.11
10.0.1.21
ICMP
98
Echo (ping) request id=0x0e52, seq=1/256, ttl=64 (reply in 4)
4 3.328380000
10.0.1.21
10.0.1.11
ICMP
98
Echo (ping) reply
id=0x0e52, seq=1/256, ttl=64 (request in 3)
5 4.328248000
10.0.1.11
10.0.1.21
ICMP
98
6 4.328470000
10.0.1.21
10.0.1.11
ICMP
98
Echo (ping) reply
7 5.328179000
10.0.1.11
10.0.1.21
ICMP
98
8 5.328410000
10.0.1.21
10.0.1.11
ICMP
98
Echo (ping) reply
9 6.328198000
10.0.1.11
10.0.1.21
ICMP
98
10 6.328419000
10.0.1.21
10.0.1.11
ICMP
98
Echo (ping) reply
11 7.328215000
10.0.1.11
10.0.1.21
ICMP
98
12 7.328445000
10.0.1.21
10.0.1.11
ICMP
98
Echo (ping) reply
13 8.332229000
Dell_cb:34:74
Dell_cb:2f:a3
ARP
60
Who has 10.0.1.11? Tell 10.0.1.21
14 8.332256000
Dell_cb:2f:a3
Dell_cb:34:74
ARP
42
10.0.1.11 is at c8:1f:66:cb:2f:a3
15 10.000241000
fe80::ca1f:66ff:fecb:3474 ff02::2
ICMPv6
62
Router Solicitation
16 12.329192000
fe80::ca1f:66ff:fecb:2fa3 ff02::2
ICMPv6
62
Router Solicitation
- Do you observe any ARP or ICMP packets? If so, what do they indicate?
Yes, ARP and ICMP packets are indicating the ping command request from PC1,
trying to reach PC2 and its response.
- Which destinations are not reachable? Explain.
The only destination reachable was PC2, because it is in the same subnet of PC1.
The others are not reachable because, besides they are in different subnets, not all the
routing configurations were not set up until this point of the experiment.
Exercise 1(B)
In this exercise, PC2 was configured as an IP router, by enabling IP forwarding using
the following command:
PC2% echo 1 > /proc/sys/net/ipv4/ip_forward/
Exercise 1(C)
Include the saved output of the routing table. Explain the entries in the routing table
and discuss the values of the fields for each entry.
The fields of the routing table are:

-
Destination: target network prefix

Gateway: IP address of the machine on local network that will be the next hop to
access the target network
Genmask: subnet mask
Flags: U (router is Up), G (use Gateway)
Iface: interface from which packets can be sent.
The routing table for PC1 is showed below. It says that PC1 is included in the subnet
10.0.1.0 and can reach subnets 10.0.2.0 and 10.0.3.0 by the IP 10.0.1.21 that refers to
interface eth0 of PC2.
Kernel IP routing table
Destination
Gateway
Iface
10.0.1.0
0.0.0.0
10.0.2.0
10.0.1.21
10.0.3.0
10.0.1.21
Genmask
Flags
255.255.255.0
255.255.255.0
255.255.255.0
U
UG
UG
MSS Window
0 0
0 0
0 0
irtt
0 em1
0 em1
0 em1
For PC2, the table claims that subnets 10.0.1.0 and 10.0.2.0 can be reached directly
via interfaces eth0 and eth1. To reach 10.0.3.0, the next hop is 10.0.2.1.
Destination
Gateway
Iface
10.0.1.0
0.0.0.0
10.0.2.0
0.0.0.0
10.0.3.0
10.0.2.1
Genmask
Flags
255.255.255.0
255.255.255.0
255.255.255.0
U
U
UG
MSS Window
0 0
0 0
0 0
irtt
0 em1
0 em2
0 em2
By the table of PC3 it is possible to affirm that PC3 is directly connected to subnet
10.0.3.0 and can reach subnets 10.0.1.0 and 10.0.2.0 by the next hop 10.0.3.1.
Destination
Gateway
Iface
10.0.1.0
10.0.3.1
10.0.2.0
10.0.3.1
Exercise
2(A)
10.0.3.0
0.0.0.0
Genmask
Flags
255.255.255.0
255.255.255.0
255.255.255.0
UG
UG
U
MSS Window
0 0
0 0
0 0
irtt
0 em1
0 em1
0 em1
In this exercise, the router was accessed by the command:

PC1% picocom /dev/ttyS1
Exercise 2
Exercise 2(B)
After accessing the router, the Privileged EXEC mode was accessed. In this mode is
possible to view and change parameters of the router. Then, the global configuration
mode was activated.
Exercise 2(C)
Include the output from Step 3 in your lab report.
show interfaces
FastEthernet0/0 is up, line protocol is up
Hardware is AmdFE, address is 0011.92a1.ec40 (bia 0011.92a1.ec40)
Internet address is 10.0.2.1/24
MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive set (10 sec)
Half-duplex, 100Mb/s, 100BaseTX/FX
ARP type: ARPA, ARP Timeout 04:00:00
Last input never, output 00:00:01, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
0 packets input, 0 bytes
Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 watchdog
0 input packets with dribble condition detected
110 packets output, 11945 bytes, 0 underruns
0 output errors, 0 collisions, 1 interface resets
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier
0 output buffer failures, 0 output buffers swapped out
FastEthernet0/1 is up, line protocol is up
Hardware is AmdFE, address is 0011.92a1.ec41 (bia 0011.92a1.ec41)
Internet address is 10.0.3.1/24
MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive set (10 sec)
Half-duplex, 100Mb/s, 100BaseTX/FX
ARP type: ARPA, ARP Timeout 04:00:00
Last input never, output 00:00:05, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
0 packets input, 0 bytes
Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 watchdog
0 input packets with dribble condition detected
109 packets output, 11885 bytes, 0 underruns
0 output errors, 0 collisions, 1 interface resets
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier
0 output buffer failures, 0 output buffers swapped out
show running-config
Building configuration...
Current configuration : 729 bytes
!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Router1
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$y6XH$KBfZNJZgSMWdRtbSqCv9Z/
!
no network-clock-participate slot 1
no network-clock-participate wic 0
no aaa new-model
ip subnet-zero
ip cef
!
!
!
!
!
!
!
interface FastEthernet0/0
ip address 10.0.2.1 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 10.0.3.1 255.255.255.0
ip helper-address 10.0.1.21
duplex auto
speed auto
!
ip http server
ip classless
ip route 0.0.0.0 0.0.0.0 10.0.2.21
!
!
dialer-list 1 protocol ip permit
!
line con 0
line aux 0
line vty 0 4
password netlab
login
!
!
end
The first output show that the interfaces were configured correctly with ip addresses
10.0.2.1 and 10.0.3.1 with netmask 255.255.255.0. Besides, it shows parameters of the
interface used. The second output refers to configurations of the interface, such as IP
addresses, duplex, speed, password and login.
Exercise 2(D)
Include the saved output of the routing table from Steps 1 and 2. Explain the fields of
the routing table entries of the Cisco router. Explain how the routing table has changed
from Step 1 to Step 3
Gateway of last resort is 10.0.2.21 to network 0.0.0.0
C
C
S*
10.0.0.0/24 is subnetted, 2 subnets

10.0.2.0 is directly connected, FastEthernet0/0
0.0.0.0/0 [1/0] via 10.0.2.21
Gateway of last resort is 10.0.2.21 to network 0.0.0.0

C
C
S
S*

10.0.1.0 [1/0] via 10.0.2.22
0.0.0.0/0 [1/0] via 10.0.2.21
As can be seen in the first table presented, the router is directly connected to
subnets 10.0.2.0 and 10.0.3.0 through the interfaces FastEthernet0/0 and
FastEthernet0/1, respectively. In the second table, the router can reach subnet 10.0.1.0
via gateway 10.0.2.22.
Exercise 3 Finalizing and Exploring the Router Configuration

Exercise 3(A)
After the configuration procedures described in the last exercises, it was possible to
confirm that everything was working correctly by sending ping commands from each
computer to the others.
Exercise 3(B)
Use the wireshark output and the previously saved routing table to explain the
operation of traceroute.
traceroute to 10.0.3.41 (10.0.3.41), 30 hops max, 60 byte packets
1 10.0.1.21 (10.0.1.21) 0.330 ms 0.318 ms 0.309 ms
2 10.0.2.1 (10.0.2.1) 2.029 ms 2.355 ms 2.736 ms
3 10.0.3.41 (10.0.3.41) 1.052 ms 1.129 ms 1.127 ms
No.
Time
Source
Destination
Length Info
30 5.230997000
10.0.3.41
10.0.1.11
102
Destination unreachable (Port unreachable)
Protocol
ICMP
Frame 30: 102 bytes on wire (816 bits), 102 bytes captured (816 bits) on
interface 0
Ethernet II, Src: c8:1f:66:cb:34:74 (c8:1f:66:cb:34:74), Dst:
No.
Time
Source
Destination
Length Info
31 5.231888000
10.0.2.1
10.0.1.11
70
Time-to-live exceeded (Time to live exceeded in transit)
Protocol
ICMP
interface 0
Ethernet II, Src: c8:1f:66:cb:34:74 (c8:1f:66:cb:34:74), Dst:
c8:1f:66:cb:2f:a3 (c8:1f:66:cb:2f:a3)
Internet Protocol Version 4, Src: 10.0.2.1 (10.0.2.1), Dst: 10.0.1.11
(10.0.1.11)
Routing table of PC1:

Destination
Gateway
Iface
10.0.1.0
0.0.0.0
10.0.2.0
10.0.1.21
10.0.3.0
10.0.1.21
Genmask
Flags
255.255.255.0
255.255.255.0
255.255.255.0
U
UG
UG
Genmask
Flags
255.255.255.0
255.255.255.0
255.255.255.0
U
U
UG
Genmask
Flags
255.255.255.0
255.255.255.0
255.255.255.0
UG
UG
U
MSS Window
0 0
0 0
0 0
irtt
0 em1
0 em1
0 em1

Destination
Gateway
Iface
10.0.1.0
0.0.0.0
10.0.2.0
0.0.0.0
10.0.3.0
10.0.2.1
MSS Window
0 0
0 0
0 0
irtt
0 em1
0 em2
0 em2

Destination
Gateway
Iface
10.0.1.0
10.0.3.1
10.0.2.0
10.0.3.1
10.0.3.0
0.0.0.0
MSS Window
0 0
0 0
0 0
irtt
0 em1
0 em1
0 em1
Routing table of the router:

C
C
S
S*

10.0.1.0 [1/0] via 10.0.2.22
0.0.0.0/0 [1/0] via 10.0.2.21
It is possible to note that the command traceroute works by increasing the TTL field
in the packets. When it reaches zero, the packet is destroyed by the router and an
ICMP error message containing the IP address of the router is sent to the host (Time to
Live Exceeded). Hence, the command knows the IPs of the routers in the way of the
destination, until it reaches the final point, returning a port unreachable error.
Exercise 3(C)
Determine the source and destination addresses in the Ethernet and IP

headers for the Echo Request messages that were captured at PC1.
No.
Time
Length Info
11 6.439837000
Echo (ping) request
Source
Destination
10.0.1.11
10.0.3.41
id=0x0935, seq=5/1280, ttl=64 (reply in 12)
Protocol
ICMP
98
interface 0
Ethernet II, Src: c8:1f:66:cb:2f:a3 (c8:1f:66:cb:2f:a3), Dst: c8:1f:66:cb:34:74
(c8:1f:66:cb:34:74)
(10.0.3.41)
Internet Control Message Protocol
No.
Time
Length Info
12 6.440558000
Echo (ping) reply
Source
Destination
Protocol
10.0.3.41
10.0.1.11
ICMP
id=0x0935, seq=5/1280, ttl=62 (request in 11)
98
interface 0
Ethernet II, Src: c8:1f:66:cb:34:74 (c8:1f:66:cb:34:74), Dst: c8:1f:66:cb:2f:a3
(c8:1f:66:cb:2f:a3)
(10.0.1.11)
No.
Time
Source
Length Info
13 7.443160000
c8:1f:66:cb:34:74
Who has 10.0.1.11? Tell 10.0.1.21
Destination
Protocol
c8:1f:66:cb:2f:a3
ARP
60
interface 0
(c8:1f:66:cb:2f:a3)
Address Resolution Protocol (request)
No.
Time
Source
Length Info
14 7.443186000
c8:1f:66:cb:2f:a3
10.0.1.11 is at c8:1f:66:cb:2f:a3
Destination
Protocol
c8:1f:66:cb:34:74
ARP
42
interface 0
(c8:1f:66:cb:34:74)
A ping command is issued from PC1 to PC4. This is de data captured by PC1.
The source and destination IP addresses are 10.0.1.11 and 10.0.3.41, respectively.
The MAC addresses are c8:1f:66:cb:34:74 and c8:1f:66:cb:2f:a3.
Determine the source and destination addresses in the Ethernet and IP headers
for the Echo Request messages that were captured at PC4.
No.
Time
Length Info
10 5.633341000
Echo (ping) request
Source
Destination
10.0.1.11
10.0.3.41
id=0x0935, seq=5/1280, ttl=62 (reply in 11)
Protocol
ICMP
98
Frame 10: 98 bytes on wire (784 bits), 98 bytes captured (784 bits) on interface
0
Ethernet II, Src: 00:11:92:a1:ec:41 (00:11:92:a1:ec:41), Dst: c8:1f:66:ca:f7:b3
(c8:1f:66:ca:f7:b3)
(10.0.3.41)
No.
Time
Length Info
11 5.633389000
Echo (ping) reply
Source
Destination
Protocol
10.0.3.41
10.0.1.11
ICMP
id=0x0935, seq=5/1280, ttl=64 (request in 10)
98
0
Ethernet II, Src: c8:1f:66:ca:f7:b3 (c8:1f:66:ca:f7:b3), Dst: 00:11:92:a1:ec:41
(00:11:92:a1:ec:41)
(10.0.1.11)
No.
Time
Source
Length Info
13 6.636615000
c8:1f:66:ca:f7:b3
Who has 10.0.3.1? Tell 10.0.3.41
Destination
Protocol
00:11:92:a1:ec:41
ARP
42
0
Ethernet II, Src: c8:1f:66:ca:f7:b3 (c8:1f:66:ca:f7:b3), Dst: 00:11:92:a1:ec:41
(00:11:92:a1:ec:41)
No.
Time
Source
Length Info
14 6.637578000
00:11:92:a1:ec:41
10.0.3.1 is at 00:11:92:a1:ec:41
Destination
Protocol
c8:1f:66:ca:f7:b3
ARP
60
0
(c8:1f:66:ca:f7:b3)
Address Resolution Protocol (reply)
This is de data captured by PC4. The source and destination IP addresses are
10.0.1.11 and 10.0.3.41, respectively. The MAC addresses are c8:1f:66:ca:f7:b3 and
00:11:92:a1:ec:41.
Use your previous answers to explain how the source and destination Ethernet
and IP addresses are changed when a datagram is forwarded by a router.
Although when the packets are in transit the IP addresses do not change, the MAC
addresses change at every hop.
Exercise 3(D)
Use the saved output to indicate the number of matches for each of the preceding IP
addresses. Explain how PC1 resolves multiple matches in the routing table. Include
only relevant output data in your report to support your analysis of the data.
10.0.0.0/16 via 10.0.1.71 dev em1
10.0.1.0/24 dev em1 proto kernel
10.0.2.0/24 via 10.0.1.21 dev em1
10.0.2.0/24 via 10.0.1.11 dev em1
10.0.3.0/24 via 10.0.1.21 dev em1
10.0.3.0/24 via 10.0.1.11 dev em1
10.0.3.9 via 10.0.1.81 dev em1
scope link
src 10.0.1.11
scope link
scope link
Routes for 10.0.0.0 and 10.0.3.9 were added to the routing table of PC1. There are
3 matches to 10.0.3.9 in the table, 2 matches for 10.0.3.14 and one match for 10.0.4.1.
Issuing ping commands to 10.0.3.9, 10.0.3.14 and 10.0.4.1, it was possible to obtain
the following wireshark data:
No.
Time
Source
Length Info
3 6.341264000
c8:1f:66:cb:2f:a3
42
Who has 10.0.1.81? Tell 10.0.1.11
Destination
Protocol
ff:ff:ff:ff:ff:ff
ARP

interface 0
Ethernet II, Src: c8:1f:66:cb:2f:a3 (c8:1f:66:cb:2f:a3), Dst:
ff:ff:ff:ff:ff:ff (ff:ff:ff:ff:ff:ff)
No.
Time
Source
Length Info
9 18.462497000
c8:1f:66:cb:2f:a3
42
Who has 10.0.1.21? Tell 10.0.1.11
Destination
Protocol
c8:1f:66:cb:34:74
ARP

interface 0
c8:1f:66:cb:34:74 (c8:1f:66:cb:34:74)
No.
Time
Source
Length Info
14 28.366489000
c8:1f:66:cb:2f:a3
42
Who has 10.0.1.71? Tell 10.0.1.11
Destination
Protocol
ff:ff:ff:ff:ff:ff
ARP
interface 0
ff:ff:ff:ff:ff:ff (ff:ff:ff:ff:ff:ff)
Issuing a ping to 10.0.3.9, the gateway used was 10.0.1.81. For 10.0.3.14, the
gateway was 10.0.1.21 and for 10.0.4.1, 10.0.1.71. It can be concluded that when there
are multiple matches for an IP address in a routing table, the longest prefix is used.
Exercise 3(E)
In this exercise, a router was issued as default from PC1 to PC2 and them from PC2
to Router1. A ping command was issued to a non-existent IP address (10.0.10.110).
At PC1, there are only request ICMP messages:
No.
Time
Source
Destination
Length Info
4 12.742910000
10.0.1.11
10.0.10.110
98
Echo (ping) request id=0x0b3c, seq=1/256, ttl=64
Protocol
ICMP

interface 0
c8:1f:66:cb:34:74 (c8:1f:66:cb:34:74)
(10.0.10.110)
The same thing happens at PC2:

No.
Time
Source
Destination
Length Info
8 12.743224000
10.0.1.11
10.0.10.110
98
Echo (ping) request id=0x0b3c, seq=1/256, ttl=64
Protocol
ICMP

interface 0
Ethernet II, Src: Dell_cb:2f:a3 (c8:1f:66:cb:2f:a3), Dst: Dell_cb:34:74
(c8:1f:66:cb:34:74)
(10.0.10.110)
What is the output on PC1 when the ping command is issued?
Unreachable network.
Determine how far the ICMP Ethernet Request message travels?
It travels up to the Router 1. As the destination 10.0.10.110 does not exist, the
message cannot be delivered.
Which, if any, ICMP Echo Reply message returns to PC1?
No message was received.
Part 4. Proxy ARP

Exercise 4
Proxy ARP is a technique in which a router responds ARP requests with its own MAC
address when a request comes from a host on one of its subnets to a host in another of
its subnets. The router intercepts the packet and, then, assumes the responsibility of
forwarding it to the specified destination.
In order to observe how the proxy ARP works, we issued a ping from PC4 to PC1.
PC4% ping c 2 10.0.1.11
The network traffic was captured by Wireshark on PC1 (em1), PC2 (em2) and PC4
(em1). After the ping, the ARP table of PC4 was also saved. The outcomes are shown
in the following tables:
ARP table of PC4:
? (10.0.1.11) at 00:11:92:a1:ec:41 [ether] on em1
Network Traffic of PC1:

No.
Time
Source
Destination
Length Info
7 28.246558000
10.0.3.41
10.0.1.11
Echo (ping) request id=0x08db, seq=1/256, ttl=62 (reply in 8)
Protocol
ICMP
98
0
(c8:1f:66:cb:2f:a3)
(10.0.1.11)
No.
Time
Source
Destination
Length Info
8 28.246607000
10.0.1.11
10.0.3.41
Echo (ping) reply
id=0x08db, seq=1/256, ttl=64 (request in 7)
Protocol
ICMP
98
0
(c8:1f:66:cb:34:74)
(10.0.3.41)
No.
Time
Length Info
98
Source
Destination
Protocol
9 29.247611000
10.0.3.41
10.0.1.11
ICMP
0
No.
Time
Source
Destination
Protocol
Ethernet
II, Src: c8:1f:66:cb:34:74
(c8:1f:66:cb:34:74),
Dst: c8:1f:66:cb:2f:a3
Length Info
(c8:1f:66:cb:2f:a3)
10 29.247653000
10.0.1.11
10.0.3.41
ICMP10.0.1.11
98
Internet
Protocol Version
4, Src: 10.0.3.41
(10.0.3.41), Dst:
Echo (ping) reply
(10.0.1.11)
interface 0
(c8:1f:66:cb:34:74)
(10.0.3.41)

No.
Time
Source
Destination
Length Info
12 44.607874000
10.0.3.41
10.0.1.11
Protocol
ICMP
98
interface 0
Ethernet II, Src: 00:11:92:a1:ec:40 (00:11:92:a1:ec:40), Dst: c8:1f:66:cb:34:75
(c8:1f:66:cb:34:75)
(10.0.1.11)
No.
Time
Source
Destination
Length Info
13 44.608180000
10.0.1.11
10.0.3.41
Echo (ping) reply
Protocol
ICMP
98
interface 0
Ethernet II, Src: c8:1f:66:cb:34:75 (c8:1f:66:cb:34:75), Dst: 00:11:92:a1:ec:40
(00:11:92:a1:ec:40)
(10.0.3.41)
No.
Time
Source
Destination
Length Info
14 45.608928000
10.0.3.41
10.0.1.11
Protocol
ICMP
98
interface 0
Ethernet II, Src: 00:11:92:a1:ec:40 (00:11:92:a1:ec:40), Dst: c8:1f:66:cb:34:75
(c8:1f:66:cb:34:75)
(10.0.1.11)
No.
Time
Length Info
15 45.609290000
Source
10.0.1.11
Destination
10.0.3.41
Protocol
ICMP
98

No.
Time
Source
Length Info
3 4.554371000
c8:1f:66:ca:f7:b3
Who has 10.0.1.11? Tell 10.0.3.41
Destination
ff:ff:ff:ff:ff:ff
Protocol
ARP
42
0
Ethernet II, Src: c8:1f:66:ca:f7:b3 (c8:1f:66:ca:f7:b3), Dst: ff:ff:ff:ff:ff:ff
(ff:ff:ff:ff:ff:ff)
No.
Time
Source
Length Info
4 4.555258000
00:11:92:a1:ec:41
10.0.1.11 is at 00:11:92:a1:ec:41
Destination
c8:1f:66:ca:f7:b3
Protocol
ARP
60
0
(c8:1f:66:ca:f7:b3)
Address Resolution Protocol (reply)
No.
Time
Source
Destination
Protocol
Length Info
5 4.555276000
10.0.3.41
10.0.1.11
ICMP
98
interface 0
Ethernet
II,
Src:
c8:1f:66:ca:f7:b3
(c8:1f:66:ca:f7:b3),
Dst:
00:11:92:a1:ec:41 (00:11:92:a1:ec:41)
(10.0.1.11)
No.
Time
Source
Destination
Protocol
Length Info
6 4.556064000
10.0.1.11
10.0.3.41
ICMP
98
Echo (ping) reply
interface 0
Ethernet
II,
Src:
00:11:92:a1:ec:41
(00:11:92:a1:ec:41),
Dst:
c8:1f:66:ca:f7:b3 (c8:1f:66:ca:f7:b3)
(10.0.3.41)
No.
Time
Source
Destination
Protocol
Length Info
7 5.556285000
10.0.3.41
10.0.1.11
ICMP
98
interface 0
Ethernet
II,
Src:
c8:1f:66:ca:f7:b3
(c8:1f:66:ca:f7:b3),
Dst:
00:11:92:a1:ec:41 (00:11:92:a1:ec:41)
(10.0.1.11)
No.
Time
Source
Destination
Protocol
Length Info
8 5.557204000
10.0.1.11
10.0.3.41
ICMP
98
Echo (ping) reply
interface 0
Ethernet
II,
Src:
00:11:92:a1:ec:41
(00:11:92:a1:ec:41),
Dst:
c8:1f:66:ca:f7:b3 (c8:1f:66:ca:f7:b3)
(10.0.3.41)
Looking into the captured traffic on the hosts, it is possible to see that when PC4
broadcasts an ARP request asking who is at IP address 10.0.1.11, the Router 1
answers saying its own MAC address, which leads PC4 to believe that PC1
(10.0.1.11) has the routers MAC address. Hence, when issuing a ping to PC1, PC4
sends the ICMP request message for the router. The router, then, forwards the packets
to their destination.
Therefore, we can notice that this configuration allows that hosts in different networks
talk to each other. When the Proxy ARP is disabled in the Router 1, PC4 is not able to
issue a ping to PC1.
Part 5. ICMP Route Redirect

ICMP Route Redirect messages are sent by the routers to notify a host that there is a
better path to send a datagram and then reach the intended destination.
Is there a difference between the contents of the routing table and the routing
cache immediately after the ICMP Route Redirect message?
After the ICMP Route Redirect message, the routing table is not updated, while the
routing cache is.
When you viewed the cache a few minutes later, what did you observe?
An entry in the routing cache is deleted after a few minutes without use. Hence, it
became empty later.
Describe how the ICMP route redirect works using the output you saved.
Using wireshark we captured the network traffic in PC2 (interface em1).

No.
Time
Source
Destination
Length Info
27 49.931805000
10.0.2.10
10.0.3.10
98
Echo (ping) request id=0x0984, seq=1/256, ttl=64
Protocol
ICMP
interface 0
Ethernet
II,
Src:
c8:1f:66:cb:34:74
(c8:1f:66:cb:34:74),
Dst:
00:11:92:a1:ec:41 (00:11:92:a1:ec:41)
(10.0.3.10)
No.
Time
Length Info
28 49.932773000
70
Redirect
Source
Destination
Protocol
10.0.2.1
10.0.2.10
(Redirect for host)
ICMP
interface 0
Ethernet
II,
Src:
00:11:92:a1:ec:41
(00:11:92:a1:ec:41),
Dst:
c8:1f:66:cb:34:74 (c8:1f:66:cb:34:74)
(10.0.2.10)
No.
Time
Source
Destination
Length Info
29 49.932817000
10.0.2.10
10.0.3.10
98
Protocol
ICMP
interface 0
Ethernet
II,
Src:
00:11:92:a1:ec:41
(00:11:92:a1:ec:41),
Dst:
00:11:92:74:db:41 (00:11:92:74:db:41)
(10.0.3.10)
No.
Time
Source
Destination
Length Info
32 50.932984000
10.0.2.10
10.0.3.10
98
Protocol
ICMP
interface 0
Ethernet
II,
Src:
c8:1f:66:cb:34:74
(c8:1f:66:cb:34:74),
Dst:
00:11:92:74:db:41 (00:11:92:74:db:41)
(10.0.3.10)
Analyzing the outcome, we could see an ICMP Route Redirect message from Router1
to PC2, in the packet number 28. Then, the Router1 sends the ICMP Echo Request
that was previously sent to it to the Router2, which is the best route to reach PC3. We
can also see the other four ICMP Echo Request messages going from PC2 to Router,
after PC2 has updated its routing cache.
Explain how Router1, in the previous examples, knows that datagrams destined to
network 10.0.3.10 should be forwarded to 10.0.2.2?
Before issuing the ping, we added a new static routing entry on Router1. This entry
stated that the packets whose destination was any host inside the network 10.0.3.0
must have the host 10.0.2.2 as the next hop.
Part 6. Routing Loops
At this moment in the lab we configured the routing tables of the hosts and routers to
create a routing loop. The network traffic of PC4 was captured by wireshark and two
packets are showed in details below.
No.
Time
Source
Destination
Length Info
2 0.000588000
10.0.4.10
10.0.1.10
98
Echo (ping) request id=0x08a4, seq=1/256, ttl=61
Protocol
ICMP

interface 0
Interface id: 0
Encapsulation type: Ethernet (1)
Arrival Time: Sep 27, 2014 17:25:49.319687000 EDT
[Time shift for this packet: 0.000000000 seconds]
Epoch Time: 1411853149.319687000 seconds
[Time delta from previous captured frame: 0.000588000 seconds]
[Time delta from previous displayed frame: 0.000588000 seconds]
[Time since reference or first frame: 0.000588000 seconds]

Frame Number: 2
Frame Length: 98 bytes (784 bits)
Capture Length: 98 bytes (784 bits)
[Frame is marked: False]
[Frame is ignored: False]
[Protocols in frame: eth:ip:icmp:data]
[Coloring Rule Name: ICMP]
[Coloring Rule String: icmp || icmpv6]
Ethernet
II,
Src:
00:11:92:a1:f3:01
(00:11:92:a1:f3:01),
Dst:
00:0f:8f:b6:cd:80 (00:0f:8f:b6:cd:80)
Destination: 00:0f:8f:b6:cd:80 (00:0f:8f:b6:cd:80)
Source: 00:11:92:a1:f3:01 (00:11:92:a1:f3:01)
Type: IP (0x0800)
(10.0.1.10)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00: NotECT (Not ECN-Capable Transport))
Total Length: 84
Identification: 0x157c (5500)
Flags: 0x02 (Don't Fragment)
Fragment offset: 0
Time to live: 61
Protocol: ICMP (1)
Header checksum: 0x0f1a [validation disabled]
Source: 10.0.4.10 (10.0.4.10)
Destination: 10.0.1.10 (10.0.1.10)
[Source GeoIP: Unknown]
[Destination GeoIP: Unknown]
Type: 8 (Echo (ping) request)
Code: 0
Checksum: 0x432a [correct]
Identifier (BE): 2212 (0x08a4)
Identifier (LE): 41992 (0xa408)
Sequence number (BE): 1 (0x0001)
Sequence number (LE): 256 (0x0100)
Timestamp from icmp data: Sep 27, 2014 17:25:49.000000000 EDT
[Timestamp from icmp data (relative): 0.319687000 seconds]
Data (48 bytes)
0000
0010
0020
64 de 04 00 00 00 00 00 10 11 12 13 14 15 16 17
d...............
18 19 1a 1b 1c 1d 1e 1f 20 21 22 23 24 25 26 27
........ !"#$%&'
28 29 2a 2b 2c 2d 2e 2f 30 31 32 33 34 35 36 37
()*+,-./01234567
Data: 64de040000000000101112131415161718191a1b1c1d1e1f...
[Length: 48]
No.
Time
Source
Destination
Length Info
3 0.000934000
10.0.4.10
10.0.1.10
98
Echo (ping) request id=0x08a4, seq=1/256, ttl=58
Protocol
ICMP

interface 0
Interface id: 0
Encapsulation type: Ethernet (1)
Arrival Time: Sep 27, 2014 17:25:49.320033000 EDT
[Time shift for this packet: 0.000000000 seconds]

Epoch Time: 1411853149.320033000 seconds
[Time delta from previous captured frame: 0.000346000 seconds]
[Time delta from previous displayed frame: 0.000346000 seconds]
[Time since reference or first frame: 0.000934000 seconds]
Frame Number: 3
Frame Length: 98 bytes (784 bits)
Capture Length: 98 bytes (784 bits)
[Frame is marked: False]
[Frame is ignored: False]
[Protocols in frame: eth:ip:icmp:data]
[Coloring Rule Name: ICMP]
[Coloring Rule String: icmp || icmpv6]
Ethernet
II,
Src:
00:11:92:a1:f3:01
(00:11:92:a1:f3:01),
Dst:
00:0f:8f:b6:cd:80 (00:0f:8f:b6:cd:80)
Destination: 00:0f:8f:b6:cd:80 (00:0f:8f:b6:cd:80)
Source: 00:11:92:a1:f3:01 (00:11:92:a1:f3:01)
Type: IP (0x0800)
(10.0.1.10)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00: NotECT (Not ECN-Capable Transport))
Total Length: 84
Identification: 0x157c (5500)
Flags: 0x02 (Don't Fragment)
Fragment offset: 0
Time to live: 58
Protocol: ICMP (1)
Header checksum: 0x121a [validation disabled]
Source: 10.0.4.10 (10.0.4.10)
Destination: 10.0.1.10 (10.0.1.10)
[Source GeoIP: Unknown]
[Destination GeoIP: Unknown]
Type: 8 (Echo (ping) request)
Code: 0
Checksum: 0x432a [correct]
Identifier (BE): 2212 (0x08a4)
Identifier (LE): 41992 (0xa408)
Sequence number (BE): 1 (0x0001)
Sequence number (LE): 256 (0x0100)
Timestamp from icmp data: Sep 27, 2014 17:25:49.000000000 EDT
[Timestamp from icmp data (relative): 0.320033000 seconds]
Data (48 bytes)
0000
0010
0020
64 de 04 00 00 00 00 00 10 11 12 13 14 15 16 17
d...............
18 19 1a 1b 1c 1d 1e 1f 20 21 22 23 24 25 26 27
........ !"#$%&'
28 29 2a 2b 2c 2d 2e 2f 30 31 32 33 34 35 36 37
()*+,-./01234567
Data: 64de040000000000101112131415161718191a1b1c1d1e1f...
[Length: 48]
Are the two ICMP packets that you saved identical?

As can be seen above, the two saved packets are identical.
Why does the ICMP Echo Request packet not loop forever in the network?
The packets header has a field called Time-to-Live (TTL) which defines the number
of hops the packets can stay in the network before being discarded.
Part 7. Netmask and Routing
3c
Routing table PC1:
default via 10.0.1.1 dev em1
scope link
src 10.0.1.10
scope link
src 10.0.2.10
Routing table PC2:

10.0.3.0/24 via 10.0.2.1 dev em1
Routing table PC3:

scope link
src 10.0.2.137
3d.
Routing table PC1:
scope link
src 10.0.1.10
scope link
src 10.0.2.10
Routing table PC2:

10.0.3.0/24 via 10.0.2.1 dev em1
Routing table PC3:

10.0.2.136/29 dev em1 proto kernel scope link src 10.0.2.137
4c
4d.
scope link
src 10.0.2.137

Lab Report - Cisco Router Configuration

Încărcat de

Informații document

Titlu original

Drepturi de autor

Formate disponibile

Partajați acest document

Partajați sau inserați document

Opțiuni de partajare

Vi se pare util acest document?

Este necorespunzător acest conținut?

Drepturi de autor:

Formate disponibile

Lab Report - Cisco Router Configuration

Încărcat de

Drepturi de autor:

Formate disponibile

W4140 Networking Laboratory

As advised, exercise 2 was done before exercise 1 to perform router configuration

- Which packets, if any, are captured by wireshark?

The fields of the routing table are:

Destination: target network prefix

In this exercise, the router was accessed by the command:

Include the output from Step 3 in your lab report.

10.0.0.0/24 is subnetted, 2 subnets

Gateway of last resort is 10.0.2.21 to network 0.0.0.0

10.0.0.0/24 is subnetted, 3 subnets

Exercise 3 Finalizing and Exploring the Router Configuration

Routing table of PC1:

Routing table of PC2:

Routing table of PC4:

Routing table of the router:

10.0.0.0/24 is subnetted, 3 subnets

Determine the source and destination addresses in the Ethernet and IP

Frame 3: 42 bytes on wire (336 bits), 42 bytes captured (336 bits) on

Frame 9: 42 bytes on wire (336 bits), 42 bytes captured (336 bits) on

Frame 4: 98 bytes on wire (784 bits), 98 bytes captured (784 bits) on

The same thing happens at PC2:

Frame 8: 98 bytes on wire (784 bits), 98 bytes captured (784 bits) on

What is the output on PC1 when the ping command is issued?

Determine how far the ICMP Ethernet Request message travels?

Which, if any, ICMP Echo Reply message returns to PC1?

No message was received.

Part 4. Proxy ARP

Network Traffic of PC1:

Network Traffic of PC2:

Network Traffic of PC4:

Part 5. ICMP Route Redirect

Using wireshark we captured the network traffic in PC2 (interface em1).

Frame 2: 98 bytes on wire (784 bits), 98 bytes captured (784 bits) on

[Time since reference or first frame: 0.000588000 seconds]

Frame 3: 98 bytes on wire (784 bits), 98 bytes captured (784 bits) on

[Time shift for this packet: 0.000000000 seconds]

Are the two ICMP packets that you saved identical?

Routing table PC2:

Routing table PC3:

Routing table PC2:

Routing table PC3:

S-ar putea să vă placă și