1
Executive Summary
The set of computer connects together to form a computer network, which can be helpful in sharing sharing resources. The internet is the largest network present in the world. The main purpose of this report is to create a small network with three computers (one client machine and two servers) and two routers and check for the activeness of various services. The network is created using the Cisco packet tracer. This project is divided into two tasks. The first task here is to create a small network with all devices configured. The IP forwarding request is applied next in order to create routes between the routers and sub networks. Then a ping and tracert commands are used to check whether all devices in the network are up and connected. The second task here is to configure various services on the servers. The server 1 will be configured with the DHCP service, whereas DNS and Web Server. The activeness of these services will is checked on the client machine. The router 2 is configured for the firewall and the verified again on the client machine. This report will highlight all the details related to the project with snapshots of the entire procedure along with the successful activation of the service.
2
Configure routing (IP packet forwarding) on the routers ....................................... 12
3
4
The task here is to create a small computer network (Ferozan, 2003) and configure various services and check for its successful activeness. For this purpose the network simulator given by
Cisco that is Packet Tracer (Cisco, 2000) is used here. The simulator is fully equipped with all required networking devices and procedures which are required in order to create and simulate the network as equal to the real networks .
In order to create this network. The required devices include three computer out of which one is the client machine and rest two are servers and two routers. In order to fulfil the vision of this project following are to be performed
Task 1: Setting Up a Network
1.
Configure all the devices in this network
2.
Configure IP packet forwarding
3.
ICMP ‘Ping’ request from a client machine to itself, its router, remote router and both remote servers.
4.
Highlight use of ‘tracert’ command from client to both remote servers.
Task 2: Configuring services on servers
1.
Configuring the DHCP service on one of the servers and assigning dynamic IP to the client machine
2.
Configuring Web Server on another server and check for its functioning on the client machine
3.
Configuring DNS server on the same server and check for its working on the client machine.
4.
Configuring firewall on the one the router and check for its working again on the client machine.
In order to complete these tasks, help from the manual of Packet tracer was taken.
This section will highlight all the tasks along with their expected results
3.1
Part 1 - Setting up a Network
The network uses two servers, one client and two routers and hence arranged as shown in the figure 1. The client machine is named as Computer 1, routers are named as Router 1 and Router
2, and servers are named as server 1 and server 2. The LAN structure is as follows
5
Figure 1: Initial Network
1.
From Computer 1 to router 1 , the network address is 192.168.1.0
2.
From Router 1 to router 2 , the network address is 192.168.2.0
3.
From Router 2 to Server 1 , the network address is 192.168.3.0
4.
From Router 2 to Server 2 , the network address is 192.168.4.0
Currently the network is down and that is why all lights are red in color. The network need to be configured before its full functioning
3.1.1
Configure the PC, Server and Router interfaces with appropriate network addressing:
This section will highlight the configuration of each device on this network.
3.1.1.1
Configuration of Router 1
The Router 1 will have two faces, one towards the client machine and the other towards router 2.
The address translation will be performed using NAT. The IP address for these faces are set. The
IP address towards client that is fast Ethernet 0/0 will be 192.168.1.1(the gateway address also) and towards router 2 with serial port 2/0 will be 192.162.2.1.
The command for fastEthernet 0/0 as follows
Router>en
6
Router#config t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#int f0/0
Router(config-if)#ip add 192.168.1.1 255.255.255.0
Router(config-if)#no shut
//interface fastethernet0/0
// assigning address
//switching on the port
LINK-5-CHANGED: Interface FastEthernet0/0, changed state to up
Router(config-if)#exit
The command for serial 2/0 as follows
Router(config)#int s2/0 //opening serial 2/0
Router(config-if)#ip add 192.168.2.1 255.255.255.0
Router(config-if)#no shut
//assigning IP
%LINK-5-CHANGED: Interface Serial2/0, changed state to down
Router(config-if)#exit
The snapshot is shown in figure 2
Figure 2: Router 1 Configuration
3.1.1.2
Configuration of Router 2
The Router 2 will have three faces, one towards the server 1, second towards server 2 and third towards router 1. Here also, the address translation will be performed using NAT (Ferozan,
2003). The IP address for these faces are set. The IP address towards server 1 that is fast Ethernet
7
0/0 will be 192.168.3.1(the gateway address also), towards server 2 that is fast Ethernet 1/0 will be 192.168.4.1(the gateway address also) and towards router 1 with serial port 2/0 will be
192.162.2.2.
The command for fastEthernet 0/0 as follows
Router>en
Router#config t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#int f0/0
Router(config-if)#ip add 192.168.3.1 255.255.255.0
Router(config-if)#no shut
%LINK-5-CHANGED: Interface FastEthernet0/0, changed state to up
Router(config-if)#exit
The command for fastEthernet 1/0 as follows
Router(config)#int f1/0
Router(config-if)#ip add 192.168.4.1 255.255.255.0
Router(config-if)#no shut
%LINK-5-CHANGED: Interface FastEthernet1/0, changed state to up
Router(config-if)#exit
The command for serial 2/0 as follows
Router(config)#int s2/0
Router(config-if)#ip add 192.168.2.2 255.255.255.0
Router(config-if)#no shut
%LINK-5-CHANGED: Interface Serial2/0, changed state to up
8
Router(config-if)#exit
The snap below shows the configuration
Figure 3: Router 2 Configuration
3.1.1.3
Computer 1 Configuration
The Computer 1 is configured from the GUI using IP configuration setting available on the desktop. The computer 1 is assigned with IP 192.168.1.2 as shown in the figure below
9
Figure 4: Computer 1 Configuration
3.1.1.4
Server 1 Configuration
Figure 5: Server 1 Configuration
The Server 1 is configured from the GUI using IP configuration setting. The server 1 is assigned with IP 192.168.3.2 as shown in the figure 5
10
3.1.1.5
Server 2 Configuration
The Server 2 is configured from the GUI using IP configuration setting. The server 1 is assigned with IP 192.168.4.2 as shown in the figure 6
Figure 6: Server 2 Configuration
3.1.1.6
The Final network
The figure 7 shows that the entire network is connected because after configuration all lights are turned into green.
11
Figure 7: Final Network
3.1.2
Configure routing (IP packet forwarding) on the routers
This section will highlight packet forwarding
3.1.2.1
IP packet forwarding at Router 1
The packet from the computer 1 will only be forwarded to the server 1 and server 2 only if the packet forwarding is activated on router 1. The router 1 must define the path for both network
192.168.3.0 and 192.168.4.0 via router 2 with IP 192.168.2.2. The configuration as follows
Router(config)#ip route 192.168.3.0 255.255.255.0 192.168.2.2
Router(config)#ip route 192.168.4.0 255.255.255.0 192.168.2.2
The configuration at router 1 is shown in figure 8.
//for network 192.168.3.0
//for network 192.168.3.0
12
Figure 8: Router 1 packet forwarding command
3.1.2.2
IP packet forwarding at Router 2
Figure 9: Router 2 packet forwarding command
13
The packet from the server 1 and server 2 will only be forwarded to the computer 1 only if the packet forwarding is activated on router 2. The router 2 must define the path for network
192.168.1.0 via router 1 with IP 192.168.2.1. The configuration as follows
Router(config)#ip route 192.168.1.0 255.255.255.0 192.168.2.1
The configuration at router 2 is shown in figure 9.
//for network 192.168.1.0
3.1.3
On the client ping the client's own network interface, then the local router interface, then the remote router interface, then the server 1 and server 2
3.1.3.1
Ping from computer 1 to its own network interface
The figure 10 below shows output of ping request computer 1 to its own network interface which shows successful connection. The command is
C:\> ping 192.168.1.2
Figure 10: Ping from computer 1 to its own interface
3.1.3.2
Ping from computer 1 to local router interface
The figure 11 below shows output of ping request computer 1 to local router interface which shows successful connection. The command is
C:\> ping 192.168.1.1
14
Figure 11: Ping from computer 1 to local router interface
3.1.3.3
Ping from computer 1 to remote router interface
The figure 12 below shows output of ping request computer 1 to Router2 which shows successful connection. The command is
C:\> ping 192.168.2.2
Figure 12: Ping from computer 1 to Router 2
15
3.1.3.4
Ping from computer 1 to Server 2
The figure 13 below shows output of ping request computer 1 to Server2 which shows successful connection. The command is C:\> ping 192.168.4.2
Figure 13: Ping from computer 1 to server 2
3.1.3.5
Ping from computer 1 to Server 1
The figure 13 below shows output of ping request computer 1 to Server1 which shows successful connection. The command is C:\> ping 192.168.3.2
Figure 13: Ping from computer 1 to server 2
16
3.1.4
Use the traceroute command from the client to the server. Include results of the traceroute in your submission
The tracert command is highlighted below.
3.1.4.1
Tracert from computer 1 to server 1
The figure 14 below shows output of tracert request computer 1 to Server 1 which shows successful connection. The command is
C:\> tracert 192.168.3.2
Figure 14: Tracert from computer 1 to server 1
3.1.4.2
Tracert from computer 1 to server 2
The figure 14 below shows output of tracert request computer 1 to Server 2 which shows successful connection. The command is
C:\> tracert 192.168.4.2
17
Figure 15: Tracert from computer 1 to server 2
This task is about configuring DHCP, Web Server, DNS and Firewall services
3.2.1
DHCP: Configure DHCP on the server and show that the client PC has successfully received an IP Address and other network parameters (default router, netmask,
DNS) using DHCP:
DHCP provides dynamic IP to the client machine inside and outside its network (Microsoft,
2008). The DHCP server will be configured on the server 1. The setting for the same are follows:
3.2.1.1
Configure DHCP server on Server 1
On the Server 1, in the services tab, go to the DHCP service tab. Now, the service will be switched on. The DHCP server defines the pool of IP address from which the IP addresses are assigned to the client machines. Here also, a pool of IP address is defined and named Pool1.
Since, the computer 1 is on the network 192.168.1.0, the pool must contain details related to the same network. The default gateway for this network is 192.168.1.1 and the starting address from the pool are defined as 192.168.1.5. Hence the new pool was added to the already existing server pool. The DNS server is not configured yet so, the field is kept as 0.0.0.0. The figure 16 shows the configuration of DHCP server on the server 1.
18
Figure 16: DHCP configuration on Server 1
3.2.1.2
Configuration on Router 1
If the DHCP request comes from computer 1 to the router 1 from its network, the router must know where to find the configure DHCP server, in order to give a dynamic IP to the machine in its network. Hence it is necessary to configure router 1 to know where exactly it needs to forward the request. The configuration details are as follows
Router>en
Router#config t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#int f0/0
Router(config-if)#ip helper-address 192.168.3.2
Router(config-if)#no shut
//identifying DHCP server 192.168.3.2
Router(config-if)#int s2/0
Router(config-if)#ip helper-address 192.168.3.2
Router(config-if)#no shut
Router(config-if)#exit
The figure 17 shows the DHCP configuration on router 1
19
Figure 17: DHCP configuration on Router 1
3.2.1.3
Dynamic IP has retrieves in the computer 1
After the DHCP service is configured on the server and router, the client machine gets a dynamic
IP of 192.168.1.5 on the computer, which was starting address of this network address pool shown in the figure 18.
Figure 18: Dynamic IP on the computer 1
20
3.2.2
DNS: Configure a DNS Server on the server device and demonstrate that forward and reverse DNS are working from the client PC; test DNS Server by browsing www.YOUR NAME.csu.edu.au from client PC, DNS must resolve this URL to IP address of WEB Server
The DNS gives domain name to specific IP address (Searchnetworking, 2006). This section will configure the DNS server and the result will be displaced on the client machine. The configuration as highlighted
3.2.2.1
Configure DNS on Server 2
The DNS service is set to on state in the service tab of Server 2. The record is entered in the list.
The domain name along with its Web Server IP forms a record. This entry is now entered in the
DNS table as shown in the figure 19.
Figure 19: DNS record is entered in the DNS table at server 2
3.2.2.2
Change in DNS Server setting at DHCP server on Server 1
As, the DHCP service is already configured at computer 1, but the DNS server address was not provided, so there is need to change this DNS server IP in DHCP pool as well
21
Figure 20: DNS setting in DHCP pool at server 1
3.2.2.3
At Client machine
Figure 21: IP configuration change at client machine
The IP configuration will change at computer 1 and new DNS server address will also be applied along with the dynamic IP as shown in the figure 21.
22
The web page is retrieved from domain name entered in the DNS server at server 2 as shown in figure 22 and similarly reverse lookup is also true in the figure 23.
Figure 22: The web page is retrieved by the domain name
Figure 23: The web page is retrieved by the IP address
23
3.2.3
WEB Server: Configure a WEB server on dedicated machine, with URL as www.YOUR NAME.csu.edu.au
The web server can be activated by switching the HTTP service on. The configuration of a Web server or HTTP is shown in this section. The service will be configured on server 2.
3.2.3.1
Configuration on Server 2 for Web server
In the services of server 2, go to HTTP service and switch it on. The html file an be imported or currently available html pages can also be used. The figure 24 shows the HTTP service tab of server 2.
Figure 24: HTTP service on Server 2
The figure 25 shows currently available html file, which can be edited.
24
3.2.3.2
Result on computer 1
Figure 25: HTML file index.html
Figure 26: The result of configured web server on the client machine
25
The figure 26 shows that html page from the web server is configured on server 2 on the computer 1 as the DNS service is already active on the server 2.
3.2.4
Firewall: Configure traffic filtering on the router to block network traffic between client PC and WEB Servers, and then unblock traffic between them.
The firewall service (SearchSecurity, 2001) to stop http traffic from the server 2 to the client machine, is shown in this section. Once this is achieved the traffic is unblocked
3.2.4.1
Block the traffic between computer 1 and Server 2
3.2.4.1.1
Configuration on Router 2
The extended access list is created in order to deny tcp service to the network 192.168.1.0 which coming from the host 192.168.4.2 from the port 80 that is http port on the server 2. Now, the computer 1 will not receive any http traffic coming from the Server 2. But other services from the server 2 is still active on the computer 1. The configuration is shown below
Router>en
Router#config t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#access-list 125 deny tcp 192.168.1.0 0.0.0.255 host 192.168.4.2 eq 80
//tcp traffic denied from server 2 to the computer 1
Router(config)#access-list 125 permit ip any any // other services are still active
Router(config)#int s2/0
Router(config-if)#ip access-group 125 in
Router(config-if)#no shut
The Router 2 configuration is shown in the figure 27
Figure 27: Firewall configuration on router 2
26
3.2.4.1.2
Output at computer 1
Due to denial of HTTP service from router 2, the request is not successful. The client cannot reach to the server 2. The figure 28 shows the result of request timeout. But ICMP ping request is active from server 2 to the computer 1 as shown in the figure 29.
Figure 28: Output at computer 1
Figure 29: Ping request is active from server 2 on computer 1
27
3.2.4.2
Unblock the traffic between computer 1 and server 2
3.2.4.2.1
At router 2
In order to remove the firewall setting the access – list is only removed. The configuration is
//remove access list Router(config)#no access-list 125
The configuration on router 2 is shown in the figure 30
Figure 30: Unblock setting at router 2
3.2.4.2.2
Output at computer 1
The output in figure 31 shows that the firewall setting is removed from the server 2 to computer
1.
28
Figure 31: The setting removed at computer 1
29
Cisco. (2000). Cisco Packet TracerC . Retrieved May 11, 2017, from http://www.cisco.com/web/learning/netacad/course_catalog/PacketTracer.html
Ferozan, B. (2003). Data Communications and Networking.
McGraw Hill.
Microsoft. (2008). What Is DHCP?
Retrieved May 11, 2017, from https://technet.microsoft.com/enus/library/dd145320(v=ws.10).aspx
Searchnetworking. (2006). domain name system (DNS) . Retrieved May 11, 2017, from http://searchnetworking.techtarget.com/definition/domain-name-system
SearchSecurity. (2001). Firewall . Retrieved May 11, 2017, from http://searchsecurity.techtarget.com/definition/firewall
30