INTERNATIONAL UNIVERSITY School of Computer Science and Engineering LAB 3: Static routing Course: System and Network Administration

Date: Student ID..............................................

Duration: 180 minutes

Lecturer: Pham Van Hau

Student name

Introduction
There are two ways to route packets on a network. Either routes are written by the network administrator (static routing), or routes are defined dynamically thanks to useful routing protocols (dynamic routing). This TP aims at giving you an overview of static routing. While static routing may be applied in small networks, this becomes impractical in larger ones. For the illustration purpose, we use the Linux machine as a router. In order to turn a Linux machine into a router, two major things must be at least defined: - its routing table - its forwarding capacity from one interface to another. In Linux, this parameter can be changed as follows: o IP forwarding activated: $echo 1 > /proc/sys/net/ipv4/ip_forward (or the alias fwstart) o IP forwarding deactivated: $echo 0 > /proc/sys/net/ipv4/ip_forward (or the alias fwstop) Some useful commands you may need: route, netstat, traceroute, ifconfig, ping. Some

examples of the linux commands that you will use. To view the routing table: netstat rn, or just route Use route to modify the routing table o To remove a route: route del -net 192.168.2.0 netmask 255.255.255.0 gw 192.168.2.1 o To add a route: route add -net 192.168.2.0 netmask 255.255.255.0 gw 192.168.2.1

Configuration
The network architecture is given at the end of this document. In this lab, we use three different Linux distribution :). a) Nodes (web1, web2, web3): download dsl 4.4.10.iso We use DSL (Damn Small Linux) www.damnsmalllinux.org/ distribution for the three machines, called web1, web2, and web3. DSL is a light weight linux distribution. Steps to configure the machine. Install hardware: while the machine is off, connect your ethernet card to Vmnet 3. start the machine Open a terminal and become root: sudo su root

Network configuration: Modify /etc/network/interface by adding the following information at the end of the file.
iface eth0 inet static address x.x.x.x netmask x.x.x.x gateway x.x.x.x

Update configuration: Do ifup eth0 to update your network information.

b) Monitor (Ubuntu) We need a machine to monitor all the traffic. In order to do so, you need to install the Wireshark program. Steps to configure the machine. Connect your Ubuntu machine to the Internet and install wireshare: apt-get install ......wireshark..... After installing wireshark, turn off the Ubuntu machine and add the two more network interface cards to the machines and connect them to the network as dicpicted in Fig.1 (ask me if you don't know how to do it :) ) turn on the virtual machine. Become root: sudo su root Network configuration: modify file /etc/network/interfaces by adding the following text at the end of the file. ######## Interface One ######## auto eth0 iface eth0 inet static address X.X.X.X netmask 255.255.255.0 broadcast X.X.X.255 network X.X.X.X ######## Interface two ######## auto eth1 iface eth1 inet static address X.X.X.X netmask 255.255.255.0 broadcast X.X.X.255 network X.X.X.X ######## Interface three ######## auto eth2 iface eth2 inet static address X.X.X.X netmask 255.255.255.0 broadcast X.X.X.255 network X.X.X.X You need to turn on the three instances of wireshare to observe the traffic. That will help you to answer the questions c) RouterA, RouterB (Slitaz Linux) (download slizta-3.0.iso)

Slitaz Linux (http://www.slitaz.org/en/) is another Linux distribution. We use it to make router in this lab. Steps to configure the router. Add one more network interface card and connect them as dicpicted in Fig.1 become root: Open a terminal and do su - (password is root) Edit /etc/network.conf to configure the IP addresses You will see in this file the configure information for the first interface. This include network interface, mode to obtain the IP address (dynamic/static), etc.You need to enter the similar items for your second network interface (eth1). For the both interfaces, you need to change all the default values to ones described in your current document. To update the IP address, type /etc/init.d/network.sh restart.

Verification
Test to ensure that RouterA can ping machine web1, web2, RouterB can ping web2 and web3. Monitor can ping web1, web2, web3

Tasks
Task 1: From web1, ping web 2, is it working? Observe the packets exchanged on two interfaces eth0 and eth1 of the monitor by using wireshark and explain what happen. Task 2: Login to routerA. Think of the necessary conditions to make a Linux host act as a router (see introduction). Are they satisfied? If necessary, modify the router configuration to satisfy these conditions and allow routing of packets between web1 and web2. Describe and justify what you did. Observe the packets exchanged on two interfaces eth0 and eth1 of the monitor by using wireshark and explain what happen. Task 3: From web1, ping web3, is it working ? Observe the packets exchanged on three interfaces eth0, eth1, and eth2 of the monitor by using wireshark and explain what happen. Task 4:Login to routerA and routerB. As you did in question 2, perform all the necessary modifications to allow routing of packets between web1 and web3. Describe and justify what you did. Task 5: Ping again web3 from web1. Is it now working? If your answer is NO, reconsider what you did in question 4. Task 6: Add the following host route in routerA routing table: IP 10.0.0.5 routed towards interface eth0. Now, ping this host from web1. What is the path followed by the ICMP packet? Justify the routing mechanism.

What kind of ICMP packets do you observe? Explain their meaning and try to explain the reason for which they were generated.

Task 7: Ping web3 from web2, trace the path of the IMCP packet, explain Task 8: Do the following changes: On web3: routing table: route add host 192.168.1.2 gw 192.168.3.50 On your workstation: fw-start Describe the workstation routing table. Ping web3 from web1. Look at the Wireshark output and trace the path followed by the ICMP packets. Justify the routing mechanism.
Network1: Network: 192.168.1.0/24 Gateway: 192.168.1.1

Web1: IP: 192.168.1.2

VMNet3

Network 2: Network: 192.168.2.0/24 Gateway: 192.168.2.1

Eth0:192.168.1.1 RouterA Eth1: 192.168.2.1

Eth0:192.168.1.5 0 Eth1: 192.168.2.50 Eth2: 192.168.3.50

Web2: IP: 192.168.2.2

VMNet5

Eth0:192.168.2.10 RouterB Eth1: 192.168.3.10

Web3: IP: 192.168.3.2

VMNet4 Network 3: Network: 192.168.2.0/24 Gateway: 192.168.3.10

Fig.1