Interconnexion Réseaux – Networking

LAB ONE– Introduction

Scope of Lab 1:
In this lab session you will get familiar with the emulation environment, GNS3, and setting up
virtual machines using VPCS. You have the option to download all the appropriate software on
your computer (PCs, Macs) to work on during the labs.

Lab Report:
At the end of each week (i.e., Sunday evening) you will email me your electronic lab reports at
arsenia.chorti@ensea.fr with your name and Lab session number in the subject. During the lab
session keep notes on a lab logbook.

Lab 1 - Page 1
PART1. GNS3 Installation & Settings
In this first part of the lab, you will learn how to install and configure GNS3, the network
emulator software.

Exercise 1(A). Installation and Initiation

System Requirements
• Windows 7 or higher with an Internet connection
• Mac OS X 10.9.4 or above with an Internet connection

1. Download GNS3: https://www.gns3.com/software1

Tip : Some useful youtube videos for GNS3 beginners are those of David Bombal

2. Install the downloaded GNS3 software. Note:

• For Windows, when prompted for “Choose Components”, please uncheck
“SolarWinds Response Time Viewer” as shown highlighted in Figure 1.1 below.

Figure 1.1

3. Finish the installation process. Download the "GNS3 Getting Started Guide" for future
reference. This lab walks you through a simplified installation process.

4. Open the GNS3 simulator. You will see the following Setup Wizard screen (Figure 1.2)

Click on choices as shown in red rectangles.

1
Login required to download. Create your own personal account.

Lab 1 - Page 2
 Figure 1.2

5. Note:
• For Windows, if you see this error message at GNS3 initiation (Figure 1.3):

Figure 1.3 Path variables correction

• Modify the path for the gns3_gui.ini and gns3_server.ini files in

C:\Users\$(username)\AppData\Roaming\GNS3. Make sure you have write
permission to the entire path specified in those .ini files.

6. Quit GNS3.

Lab 1 - Page 3
Exercise 1(B). Importing a Cisco Router IOS image into GNS3
1. First you will need to download the Cisco IOS image “c3640-jk9s-mz.124-16.bin’’ from
the ENSEA ftp ftp://ftp-etis.ensea.fr/Enseignement/Network/c3640-jk9s-
mz.124-16.bin. Do not open the file but save it in a convenient folder, e.g., on your
desktop.

2. Open GNS3.

3. Go to:
• Windows: Edit -> Preferences
• Mac: GNS3 -> Preferences

4. In the left-hand pane, click on the arrow next to “Dynamips”, then click on the sub-menu
“IOS routers” and click “New” as shown in Figure 1.4.

Figure 1.4 Creating router template

5. Then click on "Browse" to select the Cisco IOS image on your computer “c3640-jk9s-
mz.124-16.bin’’. Click “Next”.

6. Edit “Name” as c3640, select the "Platform" as c3600 and "Chassis" as 3640 as shown
in Figure 1.5 below.

Lab 1 - Page 4
 Figure 1.5 Cisco router selection

7. Click "Next" and check to see if memory size is set to 128MB, if not, set it to that size.
Please note that the memory size setting is strict, i.e., not optional. Setting memory to
more than 128MB can cause a problem when you are running large network
configurations with several routers.

Tip: To check the memory size required for any cisco router click on Check for minimum and
maximum RAM requirements on the Memory dialog box of the IOS installation.This will take you
to the Cisco Feature Navigator. Click on Image and enter the name of the image you are looking
for and enter. The recommended RAM size will appear.

Figure 1.5: Cisco feature navigator

8. Click "Next" to get to screen for "Network adapter" selection as shown in Figure 1.6
below. Choose NM-1FE-TX from the dropdown menu for slot 0 through slot 3.

Lab 1 - Page 5
 Figure 1.6 Cisco router’s WIC module setup

9. Click “Next”. Find the Idle PC value by clicking on Idle-PC finder. Choose an Idle-PC
value with an asterisk (if available). Click “Finish.”

10. After finishing the setup, you should see the following screen as shown in Figure 1.7
below. Click "Apply", then click "OK".

Figure 1.7 Cisco router preferences

11. In the GNS3 console window that appears (shown below in Figure 1.8), click on the
“folder icon” in upper left hand corner or choose “New blank project” from “File” menu2.

2
For Mac users, the “create new project window” appears automatically.

Lab 1 - Page 6
 Figure 1.8 GNS3 startup screen

12. Click on "Browse All Devices" icon, (5th icon on the left-hand side shown in red
rectangle)), to browse all possible network devices. Select c3640 and drag it to the
empty space (project pane) to the right of the devices window as shown in Figure 1.9.

Figure 1.9 How to add a router to the GNS3 "Project" pane

13. Right-click on R1 and choose "Start".

Lab 1 - Page 7
 14. Right click on R1 again and select “Auto Idle-PC”. The system will choose the best
value. It is recommended that you do this every time you add a router to a project. It is
also recommended that you do this when starting a saved project too.

15. Check CPU load of your system3. If > 50%, repeat step 14 for each router and recheck.
If it does not drop, quit GNS3. Restart GNS3 and repeat steps 11 - 15 if creating a new
project, or repeat steps 13-15 on a saved project after starting each router.

16. Right-click on R1 and choose "Console". Console window will open. You maybe
prompted in console window to press "Return" key to get the prompt line.

17. You have finished the first step in running GNS3. Stop all running devices by clicking the
“Stop All Nodes” button (red square button on upper tool bar). Quit GNS3.

3
Check with Task Manager for Windows, or Activity Monitor for MacOS the cpu % value being
used by process “dynamips”.

Lab 1 - Page 8
PART 2. Setting up a Virtual PC (VPCS) for Use in
GNS3 Projects
VPCS is a lightweight application that can simulate up to nine computers from a single
command line interface. From the command line you can ping and traceroute to GNS3 devices,
and even send streams of UDP and TCP packets.

1. Create a new project called “Yourname_Lab1_test_VPC”. Insert two new VPCS and a
Hub as shown below. Click on the sixth button vertically to add a new link. Connect port
Ethernet0 of PC1 to Ethernet0 of Hub1 and Ethernet0 of PC2 to Ethenet1 of Hub1.

Figure 1.10: First VPCs topology

2. Click on the Start button to switch on the devices.

3. Open the VPCS consoles by clicking on the fifth button horizontally

Type ? in the console of PC1 to see the command list available in VPCS.

Lab 1 - Page 9
 Exercise 2(A). Assigning IP addresses to VPCS
Use the command ip address/subnetmask default_gateway (at this point we will
not assign a default gateway, leave this option blank) to assign the IP addresses
10.0.1.1/24 to PC1 and 10.0.1.2/24 to PC2, e.g.,

PC1> ip 10.0.1.1/24

Figure 1.11: Setting IP addresses

Note that standard Linux commands like ifconfig are not available with VPCS. If you
have not already done so, read the list of available commands here

Lab Questions
▪ Why did we use the hub in between the two VPCs? Could we have connected them
directly?
▪ What is the difference between a hub and an Ethernet switch?

Exercise 2(B). Using the command Ping

One of the most basic, but also most effective tools to debug IP networks is the ping
command. The ping command tests whether another host or router on the Internet is
reachable. The ping command sends an ICMP Echo Request datagram to an interface
and expects an ICMP Echo Replay datagram in return. A few ping usage scenarios are
listed below.

Lab 1 - Page 10
 COMMON USES OF THE PING COMMAND
ping IPaddress
Issues a ping command for the host with the given IP address. The
system will issue one ICMP Echo Request packet with a size of 56 bytes
every second. The command is stopped by pressing Ctrl-C.
ping IPaddress –c <num>
The command stops after sending a number, num, of ICMP Echo Requests.
ping IPaddress –s <num>
The number of data bytes in the ICMP Echo Request is set to num bytes.

ISSUING PING COMMANDS

When using ping on the VPCs, it is recommended to always send at least two ICMP Echo
Request packets. It has been observed that the first ICMP Echo Request may often be
dropped due to the ARP protocol.

Lab 1 - Page 11
PART 3. Single Segment
In this part, you will use Wireshark, a software package used to monitor link activity. You will
also learn about ARP and more extensive commands on how to configure the VPCs. All the lab
exercises use the network configuration shown in Figure 2.1.

Exercise 3(A). Creating a single segment and assigning IP

addresses to VPCS

1. Create a new project called “Yourname_Lab1_single_segment”. Connect four VPCSs

(PC1 - PC4) to a single Ethernet segment via a single hub as shown in Figure 1.12.
Configure the IP addresses for the PCs as shown in Table 1.

Figure 1.12 - Network Configuration for Lab 1-Part 3.

VMs IP Addresses of Ethernet Interface eth0

PC1 10.0.1.11 / 24

PC2 10.0.1.12 / 24

PC3 10.0.1.13 / 24

PC4 10.0.1.14 / 24

Table 1 - IP Addresses for Figure 1.12

Lab 1 - Page 12
PART 4. Capturing Traffic with WIRESHARK
During the GNS3 installation process, you will automatically have installed Wireshark. It comes
automatically with the GNS3 installation. However, if you don’t have Wireshark installed, you can
always download it. For the Mac, you have to download and install Wireshark, it does not come
packaged with the MAC OS version of GNS34.

In this part of the lab, you experiment with filter expressions within the Wireshark application.
The filtering capabilities and options of Wireshark are described under the help tab in
Wireshark.

Exercise 1. Display filters and traffic capture with Wireshark

• Configure the network topology as shown in Figure 1.12 above and configure the VPCS’ IP
addresses with the values shown in Table 1 using the ip command introduced in PART 2.

• Right click on the link that connects PC1 and the Ethernet Hub and select “Start capture”.
NOTE: Please choose the HUB side of the link for capturing, not the PC side. Choose
option Wireshark. It will initiate Wireshark and capture traffic on the link.

• Please make sure that the Packet Capture settings are set to Wireshark Live Traffic
Capture from the "Packet capture preferences" tab as shown below in Figure 2.3.

Figure 1.13 Packet capture Preferences

4
For Macs you may also be required to run X11. Wireshark may not work on a Mac without the
X11 environment (Depends on MacOS version you are running. Download XQuartz from here.

Lab 1 - Page 13
 • For Mac users the packet capture entries should be set as shown in Figure 1.4:

Figure 1.14 Mac OS Wireshark Settings

• Setting a display filter: From the command “Display Filters…” under the “Analyze” menu,
you can set a display filter so that only the traffic that matches the filter is displayed. Set a
filter so that all packets that contain (in header, not data field) the IP address of PC2
(10.0.1.12) are displayed. Press “Enter/Return” after typing the filter.

Lab 1 - Page 14
 Figure 1.15 Display Filters command

• You can also set a display filter by typing the desired display filter in the “Filter” box, which is
found in the Wireshark main window as shown in Figure 1.16. Click the Clear button next to
the filter box to clear any existing filter.

Figure 1.16 Filter box for setting display filters

• In the terminal window of PC1, issue a ping command to PC2:

PC1% ping 10.0.1.12 –c 2

• Stop the capture process.

• Saving captured traffic. You can save the capture as ‘.pcap’ file by going to File -> Save.
You can use this file for analysis at a later point by opening it in the WIreshark application.
You can also save the results of Wireshark to a text file, using the “Packet details” option in
“Print”. One saved as a text file, you eliminate the option of viewing it in the Wireshark
environment. The drawback of that is that you will not be able to use any filters or other
features of Wireshark to analyze the traffic.

Lab 1 - Page 15
PART 5. Address Resolution Protocol (ARP)
This part of the lab explores the operation of the Address Resolution Protocol (ARP) that
resolves a MAC address for a given IP address. The lab exercises use the Linux command arp,
for displaying and manipulating the contents of the ARP cache. The ARP cache is a table that
holds entries of the form <IP address, MAC address>. In VPCS the arp command is very
limited and does not have the same options as in Linux machines, as shown below.

arp Shortcut for: show arp. Show arp table

TIME-OUTS IN THE ARP CACHE

The entries in an ARP cache have a limited lifetime. Entries are deleted unless they
are refreshed. The typical lifetime of an ARP entry is 2 minutes, but much longer
lifetimes (up to 20 minutes) have been observed.

REFRESHING THE ARP CACHE

In Linux you will observe that a host occasionally sends out ARP requests to
interfaces that are already in the ARP cache.

Example: Suppose that a host with IP address 10.0.1.22 has an ARP cache entry:

Then, this host occasionally sends a unicast ARP Request to MAC

08:00:27:53:63:1a of the form:

to verify that the IP address 10.0.1.11 is still present/live before deleting the entry
from the ARP cache when the timer times out. A response will refresh the timer.

Exercise 5(A). A simple experiment with ARP

1. On PC1, view the ARP cache with arp.

2. Start Wireshark on PC1-Hub1 link.

3. Issue a ping command from PC1 to PC2:

PC1% ping 10.0.1.12 –c 2

Observe the ARP packets in the Wireshark window. Explore the MAC addresses in the
Ethernet headers of the captured packets.
Direct your attention to the following fields:
▪ The destination MAC address of the ARP Request packets.
▪ The Type Field in the Ethernet headers of ARP packets and ICMP messages.

4. View the ARP cache again with the command arp. Note that ARP cache entries can get
refreshed/deleted fairly quickly (<2 minutes).

Lab 1 - Page 16
 PC1% arp

5. Save the results of Wireshark. You will use your Wireshark output to answer the questions
below.

Lab Questions
▪ What is the destination MAC address of an ARP Request packet?
▪ What are the different Type Field values in the Ethernet headers that you observed?
▪ Use the captured data to analyze the process by which ARP acquires the MAC address
for IP address 10.0.1.12.

Exercise 5(B). Matching IP addresses and MAC addresses

Identify the MAC addresses of all the interfaces connected to the network, and enter them in
Table 2. You can obtain the MAC addresses from the ARP cache of a PC by issuing a ping
command from that host to every other host on the network.

VMs IP Address of eth0 MAC address of eth0

PC1 10.0.1.11 / 24

PC2 10.0.1.12 / 24

PC3 10.0.1.13 / 24

PC4 10.0.1.14 / 24

Table 2. IP and MAC addresses

Exercise 5(C). ARP requests for a non-existing address

Observe what happens when an ARP Request is issued for an IP address that does not exist.

1. Start Wireshark on PC1-Hub1 link with a capture filter set to capture packets that contain the
IP address of PC1.

2. Issue a ping command from PC1 to 10.0.1.22. (Note that this address does not exist in this
network configuration.)

PC1% ping 10.0.1.22 –c 10

3. Save the captured output.

Lab 1 - Page 17
Lab Questions
• Using the saved output, describe the time interval between each ARP Request packet
issued by PC1. Observe the method used by ARP to determine the time between
retransmissions of an unsuccessful ARP Request.
• In your opinion, why are ARP Request packets not transmitted (i.e., not encapsulated) as IP
packets? (Tip: In your answer consider for the layer the ARP protocol sits on.)

Lab 1 - Page 18
PART 6. Changing NETMASKS
In this part, you will observe the effects of different netmasks on the VPCs. In the table below,
two hosts (PC2 and PC4) have been assigned different network prefixes. (Note that /24
corresponds to network mask 255.255.255.0. and /28 to network mask 255.255.255.240.)

Exercise 6. Setting different IP address masks

1. Setup the interfaces of the PCs as follows:

VMS IP Address of eth0 Network Mask

PC1 10.0.1.100 / 24 255.255.255.0

PC2 10.0.1.101 / 28 255.255.255.240

PC3 10.0.1.120 / 24 255.255.255.0

PC4 10.0.1.121 / 28 255.255.255.240

Table 2.4 IP addresses for Part 7

2. Run Wireshark on PC1-Hub1 link and capture the packets for the following scenarios

a. From PC1 ping PC3: PC1% ping 10.0.1.120 –c 1

b. From PC1 ping PC2: PC1% ping 10.0.1.101 –c 1

c. From PC1 ping PC4: PC1% ping 10.0.1.121 –c 1

d. From PC4 ping PC1: PC4% ping 10.0.1.100 –c 1

e. From PC2 ping PC4: PC2% ping 10.0.1.121 –c 1
f. From PC2 ping PC3:
PC2% ping 10.0.1.120 –c 1

3. Save the Wireshark output to a text file (using the “Packet Summary” option from “Print”),
and save the output of the ping commands. Note that not all of the above scenarios are
successful. Save all the output including any error messages.

4. When you are done with the exercise, reset the interfaces to their original values as given in
Table 2.1.

Lab Questions
• Use your output data and ping results to explain what happened in each of the ping
commands.
• Which ping operations were successful and which were unsuccessful? Why?

Lab 1 - Page 19