Instructions
1. Open the RFC editor web page (www.rfc-editor.org/rfc.html).
2. Using the search utility list the names and RFC numbers of the following standards:
3. Open RFC 2500 (Internet Official Protocol Standards).
4. Using the inform-ation in RFC 2500 note the RFC and standard numbers
(STDs) for the following Internet Standard protocols:
5. Open RFC 1700 (Assigned Numbers).
6. Using the information in RFC 1700 fill in the the assigned Internet protocol numbers for the following protocols:

7. Using the information in RFC 1700 fill in the well known port numbers for the following protocols:
8. Open RFC 1812, what RFCs does it make obsolete?
9. What is RFC 1878?

Preparation
The instructor must ensure that all cables are physically connected and that the
IP router (Cisco or Unixbased) is pre-configured as per the network diagram, prior to starting the exercise. In addition, the instructor should configure the following IP addresses on each PC or unixbox. Don’t forget to enable IP_FORWARD in the unixbox, echo 1 > /proc/sys/net/ipv4/ip_forward or check the radiobutton ip-forwarding on NT.
Part 1: Check and Test Existing IP Configuration
Instructions
1. Check the existing IP configuration (1) via the network icon in the control panel, and (2) using the command winipcfg at the DOS prompt (or ipconfig/ all for NT, netstat –rn for unix):

2. Ping loopback address 127.0.0.1. - does this work?
3. Ping PC's own address - does this work?
4. Ping other PCs (addresses as per list above) - does this work ?
5. Ping Router addresses (192.168.10.1 and 192.168.20.1) - do these work?
6. For any ping test that failed in the previous steps - explain why the failure occurred.

Part 2: Change IP Address but not Default Gateway and Test
Instructions
1. Using the network icon in the control panel, change the PC to its correct IP address and subnet mask as per the network diagram, but do not change the gateway address.
2. Ping local PC - does this work ?
3. Ping both remote PCs - does this work?
4. Ping Router addresses (192.168.10.1 and 192.168.20.1) - do these work?
5. For any ping test that failed in the previous steps - explain why the failure occurred.
Part 3: Change to Correct Default Gateway and Test
Instructions
1. Using the network icon in the control panel, change the PC to its correct IP address subnet mask and default gateway as per the network diagram.
2. Ping local PC - does this work ?
3. Ping both remote PCs - does this work?
4. Ping Router addresses (192.168.10.1 and 192.168.20.1) - do these work?
5. For any ping test that failed in the previous steps - explain why the failure occurred.

Part 4: Changing Subnet Masks
Preparation
The instructor must configure routers as follows prior to starting the exercise:
192.168.10.33 255.255.255.224
192.168.20.33 255.255.255.224
The students should also configure the following IP addresses on each PC:
Instructions
1. From the network icon in the control panel, change the PC to the IP configuration listed above. Note the IP configuration.
2. Ping local PC - does this work ?
3. Ping both remote PCs - does this work?
4. Ping Router addresses (192.168.10.33 and 192.168.20.33). Do these work?
5. For any ping test that failed in the previous steps, explain why the failure occurred.
6. Change the IP address on the PC to ensure that no ping tests fail. Note the new IP configuration.

Part 1 Assume that you have been assigned the 132.45.0.0/16 network block. You need to establish eight equal-sized subnets.
Questions
1. _________binary digits are required to define eight subnets.
2. Specify the extended-network-prefix that allows the creation of 8 subnets.
3. Express the subnets in binary format and dotted decimal notation:
#0 ___________________________________________________________
#1 ___________________________________________________________
#2 ___________________________________________________________
#3 ___________________________________________________________
#4 ___________________________________________________________
#5 ___________________________________________________________
#6 ___________________________________________________________
#7 ___________________________________________________________
4. List the range of host addresses that can be assigned to Subnet #3
(132.45.96.0/19).
___________________________________________________________
___________________________________________________________
___________________________________________________________
___________________________________________________________
___________________________________________________________
5. What is the broadcast address for Subnet #3 (132.45.96.0/19).

Part 2 Assume that you have been assigned the 200.35.1.0/24 network block.
Questions
1. Define an extended-network-prefix that allows the creation of 20 hosts on each subnet.
2. What is the maximum number of hosts that can be assigned to each subnet?
3. What is the maximum number of subnets that can be defined?
4. Specify the subnets of 200.35.1.0/24 in binary format and dotted decimal notation.
5. List range of host addresses that can be assigned to Subnet #6
(200.35.1.192/27).
6. What is the broadcast address for subnet 200.35.1.192/27?

Part 3 - CIDR
Exercise
Questions
1. List the individual /24 networks numbers defined by the CIDR block
200.56.168.0/21.
2. List the individual /24 networks numbers defined by the CIDR block
195.24/13.
3. Aggregate the following set of (4) IP /24 network addresses to the highest degree possible.
212.56.132.0/24
212.56.133.0/24
212.56.134.0/24
212.56.135.0/24
4. Aggregate the following set of (4) IP /24 network addresses to the highest degree(s) possible. Note, these cannot be aggregated into one single range.
212.56.146.0/24
212.56.147.0/24
212.56.148.0/24
212.56.149.0/24
5. Aggregate the following set of (64) IP /24 network addresses to the highest degree(s) possible. Note, these cannot be aggregated into one single range.
202.1.96.0/24
202.1.97.0/24
202.1.98.0/24
...
202.1.126.0/24
202.1.127.0/24
202.1.128.0/24
202.1.129.0/24
...
202.1.158.0/24
202.1.159.0/24

Background A company is allocated the IP addresses space 200.100.152.0/22.
Without further subnetting, this gives 1 network, with a maximum of 1,022 devices.
This is unsuitable for the company's requirements, which are as follows:

One "central" site with 200 hosts.

Four "large" remote sites, two with 50 hosts and two with 40 hosts each.

Four "small" remote sites, two with 25 hosts and two with 20 hosts each.
All eight remote sites are linked to the central site across WAN links, with separate routers at both ends.
Questions
1. Sketch a network diagram, showing the sixteen routers and nine LANs.
2. Calculate a network ID and subnet mask for every subnet, including the
WAN links.
3. Assign a valid IP address to every router interface (LAN and WAN).

Background The instructor must ensure that all cables are physically connected and that the IP router is pre-configured as per the network diagram, prior to starting the exercise.
Instructions
1. View the PC's ARP cache using arp -a command.
2. Ping the other PC on the same LAN and view the ARP cache.
3. Note the type of entry.
4. Note this entry times out after two minutes.
5. When the ARP cache is empty, do a continuous ping to the other PC on the same LAN (ping -t address).
6. Open a second DOS screen and confirm that the ARP entry does not clear.
7. End the continuous ping.
8. Ping the IP address of the Ethernet interface of the local router.
9. View the ARP cache and take a note of the hardware address of the router.
10. Put a permanent entry into the ARP cache for the router ( arp -s
192.168.x.1 hardware address). Note it may be necessary to ping the router first for this command to take effect.

11. What is the entry type?
12. Reboot the PC.
13. Check the ARP cache. Is it empty?
14. Ping the local PC. What IP and hardware addresses are in the ARP cache?
15. Ping the two remote PCs. What IP and hardware addresses are in the ARP cache and why?
16. Put in a wrong hardware address for the router in the ARP cache.
17. Check the ARP table.
18. Ping a remote PC. Does it work, why or why not ?
19. Ping the local PC. Does it work, why or why not?
20. Remove the wrong entry from the ARP cache (arp -d 192.168.x.x).
21. Ping remote PC. Does it work, why or why not?

Background The attached is a trace of ten ethernet frames generated by 2 different devices on a LAN segment:
Instructions
1. Fill in the information in the table below
2. What is contained inside all of the IP packets (protocol name and number)?
3. What command did the PC user type, to generate packets (3,5,7 and 9)?
4. Why did the PC generate frame 1 and under what circumstances would it not do this?

Frame 1
Frame 2

Frame 3

Frame 4

Frame 5

Frame 6

Frame 7

Frame 8

Frame 9

Frame 10

Questions
1. Fill in the gaps below (sequence numbers and acknowledgement numbers).
2. The server's window size is ____________ bytes.
the client and server later on. Fill in the gaps below (sequence numbers and acknowledgement numbers).
4. At the time marked X below, why can the client not send the next 1,000 byte segment?
5. What will happen when the timeout period expires on the client?

6. Assume the diagram below represents the same TCP connection between the client and server later on and that the timeout period has just expired.
Fill in the gaps below (sequence numbers and acknowledgement numbers).

The following pages contain a trace of Ethernet frames between a PC and a router.
Frame 1
Frame 1 is the first frame from the PC to the router.
Questions
1. What are the source and destination port numbers?
2. Why did the PC use these particular source and destination port numbers?
3. Why is the TCP data offset 24 bytes?
4. What is a more common size for the TCP data offset field?
5. What is the purpose of this TCP segment?
6. What is the window size in bytes?
7. What is the maximum segement size?
8. Why is there a sequence number but no acknowledgement number in this segment?
Frame 2
Frame 2 is from the router to the PC.
Questions
1. What is the purpose of this TCP segment?
2. What is the maximum segement size?
3. What is the window size?
4. How many maximum size segments can the PC send without receiving an acknowledgement?
Frame 3
Frame 3 is from the PC to the Router.
Questions
1. Why is the data offset 20 bytes?

2. What is the purpose of this TCP segment?
Frame 4 -Frame 12
Frame 4 to Frame 12 are part of a telnet session between the PC and the router.
1. Which frame numbers contain Telnet information?
2. Frame number 4 contains three Telnet commands from the router to the
PC.

IAC Will Suppress go-ahead

IAC Will Status

IAC Will Echo
IAC means Intepret As Command. "Will" is a negotiation request for a characteristic that the router wants to enable for it's side of the Telnet session.
The response from the PC is either "do" for accept or "don't" for reject.
In what frames does the PC reply to these three commands? Which requests are accepted?
3. In which frame number does the router request the login?
4. What are the first two letters of the login?
5. Why is the telnet data in frame 10 the same as the Telnet data in frame 9?
6. If frame 11 contains no Telnet information why was it sent? What is the difference in the TCP flags field between frame 11 and frame 12?
Frames 1 – 12

Questions
1. Fill in the acknowledgement and sequence numbers in the table above.
2. What is the difference between sequence number of frame 3 and the sequence number of frame 1 and why?
3. What is the difference between sequence number of frame 9 and the sequence number of frame 7 and why?
4. What is the difference between sequence number of frame 11 and the sequence number of frame 12 and why?
5. Assuming frame 13 is from the router to the PC to acknowledge receipt of frame 12, fill in the following information:
TCP: Source port = ___________________________
TCP: Destination port = ___________________________
TCP: Sequence number = ___________________________
TCP: Acknowledgment number = ___________________________

Frame 1

Frame 2

Frame 3

Frame 4

Frame 5

Frame 6

Frame 7

Frame 8

Frame 9

Frame 10

Frame 11

Frame 12

Instructions The attached is a trace of four Ethernet frames, which contain DHCP messages, generated by 2 different devices on a LAN segment:
Questions
1. Fill in the information in the table below:
2. What transport layer protocol is used to transport the DHCP message?
3. What are the source and destination ports of frame 1?
4. In frame 1 the client requests to use the specific IP address
192.168.30.100.
5. In frame 3 the client requests to use the specific IP address 192.168.10.52.
Why does the PC request these particular addresses and why are they different?
6. How long is the lease time on the IP address which the DHCP server offers?

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -- - - - Frame 1 - - - - - - - - - - - - - - - - - - - - - - -- - - - -- - - - - -- - - - - -
Frame Status Source Address Dest. Address Size Rel. Time Delta Time Abs. Time Summary
1 M [0.0.0.0] [255.255.255.255] 342 0:00:00.000 0.000.000 01/10/1999 11:20:34
DHCP: Request, Message type: DHCP Discover
DLC: ----- DLC Header -----
DLC:
DLC: Frame 1 arrived at 11:20:34.0253; frame size is 342 (0156 hex) bytes.
DLC: Destination = BROADCAST FFFFFFFFFFFF, Broadcast
DLC: Source = Station 00105A98A55B
DLC: Ethertype = 0800 (IP)
DLC:
IP: ----- IP Header -----
IP:
IP: Version = 4, header length = 20 bytes
IP: Type of service = 00
IP: 000. .... = routine
IP: ...0 .... = normal delay
IP: .... 0... = normal throughput
IP: .... .0.. = normal reliability
IP: Total length = 328 bytes
IP: Identification = 512
IP: Flags = 0X
IP: .0.. .... = may fragment
IP: ..0. .... = last fragment
IP: Fragment offset = 0 bytes
IP: Time to live = 32 seconds/hops
IP: Protocol = 17 (UDP)
IP: Header checksum = 97A6 (correct)
IP: Source address = [0.0.0.0]
IP: Destination address = [255.255.255.255]
IP: No options
IP:
UDP: ----- UDP Header -----
UDP:
UDP: Source port = 68 (Bootpc/DHCP)
UDP: Destination port = 67 (Bootps/DHCP)
UDP: Length = 308
UDP: Checksum = AB17 (correct)
UDP: [300 byte(s) of data]
UDP:
DHCP: ----- DHCP Header -----
DHCP:
DHCP: Boot record type = 1 (Request)
DHCP: Hardware address type = 1 (10Mb Ethernet)
DHCP: Hardware address length = 6 bytes
DHCP:
DHCP: Hops = 0
DHCP: Transaction id = B703B703
DHCP: Elapsed boot time = 1024 seconds
DHCP: Flags = 0000
DHCP: 0... .... .... .... = No broadcast
DHCP: Client self-assigned IP address = [0.0.0.0]
DHCP: Client IP address = [0.0.0.0]
DHCP: Next Server to use in bootstrap = [0.0.0.0]
DHCP: Relay Agent = [0.0.0.0]
DHCP: Client hardware address = 00105A98A55B
DHCP:
DHCP: Host name = ""
DHCP: Boot file name = ""
DHCP:
DHCP: Vendor Information tag = 63825363
DHCP: Message Type = 1 (DHCP Discover)
DHCP: Client identifier = 0100105A98A55B
DHCP: Request specific IP address = [192.168.30.100]
DHCP: HostName = "pc 78"
DHCP:

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Frame 2 - - - - - - - - - - - - - - - - - - - - - - - - - - - -- - - - - - - - - - - - - -
Frame Status Source Address Dest. Address Size Rel. Time Delta Time Abs. Time Summary
2 [192.168.10.1] [255.255.255.255] 310 0:00:00.001 0.001.167 01/10/1999 11:20:34
DHCP: Reply, Message type: DHCP Offer
DLC: ----- DLC Header -----
DLC:
DLC: Frame 2 arrived at 11:20:34.0265; frame size is 310 (0136 hex) bytes.
DLC: Destination = BROADCAST FFFFFFFFFFFF, Broadcast
DLC: Source = Station CamtecE0004B
DLC: Ethertype = 0800 (IP)
DLC:
IP: ----- IP Header -----
IP:
IP: Version = 4, header length = 20 bytes
IP: Type of service = 00
IP: 000. .... = routine
IP: ...0 .... = normal delay
IP: .... 0... = normal throughput
IP: .... .0.. = normal reliability
IP: Total length = 296 bytes
IP: Identification = 12
IP: Flags = 0X
IP: .0.. .... = may fragment
IP: ..0. .... = last fragment
IP: Fragment offset = 0 bytes
IP: Time to live = 29 seconds/hops
IP: Protocol = 17 (UDP)
IP: Header checksum = D210 (correct)
IP: Source address = [192.168.10.1]
IP: Destination address = [255.255.255.255]
IP: No options
IP:
UDP: ----- UDP Header -----
UDP:
UDP: Source port = 67 (Bootps/DHCP)
UDP: Destination port = 68 (Bootpc/DHCP)
UDP: Length = 276
UDP: Checksum = A1FA (correct)
UDP: [268 byte(s) of data]
UDP:
DHCP: ----- DHCP Header -----
DHCP:
DHCP: Boot record type = 2 (Reply)
DHCP: Hardware address type = 1 (10Mb Ethernet)
DHCP: Hardware address length = 6 bytes
DHCP:
DHCP: Hops = 0
DHCP: Transaction id = B703B703
DHCP: Elapsed boot time = 0 seconds
DHCP: Flags = 8000
DHCP: 1... .... .... .... = Broadcast IP datagrams
DHCP: Client self-assigned IP address = [0.0.0.0]
DHCP: Client IP address = [192.168.10.52]
DHCP: Next Server to use in bootstrap = [0.0.0.0]
DHCP: Relay Agent = [0.0.0.0]
DHCP: Client hardware address = 00105A98A55B
DHCP:
DHCP: Host name = ""
DHCP: Boot file name = ""
DHCP:
DHCP: Vendor Information tag = 63825363
DHCP: Message Type = 2 (DHCP Offer)
DHCP: Server IP address = [192.168.10.1]
DHCP: Request IP address lease time = 3600 (seconds)
DHCP: Address Renewel interval = 1800 (seconds)
DHCP: Address Rebinding interval = 3598 (seconds)
DHCP:

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Frame 3 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Frame Status Source Address Dest. Address Size Rel. Time Delta Time Abs. Time Summary
3 [0.0.0.0] [255.255.255.255] 342 0:00:00.001 0.000.359 01/10/1999 11:20:34
DHCP: Request, Message type: DHCP Request
DLC: ----- DLC Header -----
DLC:
DLC: Frame 3 arrived at 11:20:34.0268; frame size is 342 (0156 hex) bytes.
DLC: Destination = BROADCAST FFFFFFFFFFFF, Broadcast
DLC: Source = Station 00105A98A55B
DLC: Ethertype = 0800 (IP)
DLC:
IP: ----- IP Header -----
IP:
IP: Version = 4, header length = 20 bytes
IP: Type of service = 00
IP: 000. .... = routine
IP: ...0 .... = normal delay
IP: .... 0... = normal throughput
IP: .... .0.. = normal reliability
IP: Total length = 328 bytes
IP: Identification = 768
IP: Flags = 0X
IP: .0.. .... = may fragment
IP: ..0. .... = last fragment
IP: Fragment offset = 0 bytes
IP: Time to live = 32 seconds/hops
IP: Protocol = 17 (UDP)
IP: Header checksum = 96A6 (correct)
IP: Source address = [0.0.0.0]
IP: Destination address = [255.255.255.255]
IP: No options
IP:
UDP: ----- UDP Header -----
UDP:
UDP: Source port = 68 (Bootpc/DHCP)
UDP: Destination port = 67 (Bootps/DHCP)
UDP: Length = 308
UDP: Checksum = 27F7 (correct)
UDP: [300 byte(s) of data]
UDP:
DHCP: ----- DHCP Header -----
DHCP:
DHCP: Boot record type = 1 (Request)
DHCP: Hardware address type = 1 (10Mb Ethernet)
DHCP: Hardware address length = 6 bytes
DHCP:
DHCP: Hops = 0
DHCP: Transaction id = AC05AC05
DHCP: Elapsed boot time = 1024 seconds
DHCP: Flags = 0000
DHCP: 0... .... .... .... = No broadcast
DHCP: Client self-assigned IP address = [0.0.0.0]
DHCP: Client IP address = [0.0.0.0]
DHCP: Next Server to use in bootstrap = [0.0.0.0]
DHCP: Relay Agent = [0.0.0.0]
DHCP: Client hardware address = 00105A98A55B
DHCP:
DHCP: Host name = ""
DHCP: Boot file name = ""
DHCP:
DHCP: Vendor Information tag = 63825363
DHCP: Message Type = 3 (DHCP Request)
DHCP: Client identifier = 0100105A98A55B
DHCP: Request specific IP address = [192.168.10.52]
DHCP: Server IP address = [192.168.10.1]
DHCP: HostName = "pc 78"
DHCP: Parameter Request List: 7 entries
DHCP: 1 = Client’s subnet mask
DHCP: 3 = Routers on the client ’s subnet
DHCP: 15 = Domain name
DHCP: 6 = Domain name server
DHCP: 44 = NetBIOS over TCP/IP name server
DHCP: 46 = NetBIOS over TCP/IP node type
DHCP: 47 = NetBIOS over TCP/IP scope
DHCP: Vendor Specific options
DHCP:

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Frame 4 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Frame Status Source Address Dest. Address Size Rel. Time Delta Time Abs. Time Summary
4 [192.168.10.1] [255.255.255.255] 342 0:00:00.002 0.001.275 01/10/1999 11:20:34
DHCP: Reply, Message type: DHCP Ack
DLC: ----- DLC Header -----
DLC:
DLC: Frame 4 arrived at 11:20:34.0281; frame size is 342 (0156 hex) bytes.
DLC: Destination = BROADCAST FFFFFFFFFFFF, Broadcast
DLC: Source = Station CamtecE0004B
DLC: Ethertype = 0800 (IP)
DLC:
IP: ----- IP Header -----
IP:
IP: Version = 4, header length = 20 bytes
IP: Type of service = 00
IP: 000. .... = routine
IP: ...0 .... = normal delay
IP: .... 0... = normal throughput
IP: .... .0.. = normal reliability
IP: Total length = 328 bytes
IP: Identification = 13
IP: Flags = 0X
IP: .0.. .... = may fragment
IP: ..0. .... = last fragment
IP: Fragment offset = 0 bytes
IP: Time to live = 29 seconds/hops
IP: Protocol = 17 (UDP)
IP: Header checksum = D1EF (correct)
IP: Source address = [192.168.10.1]
IP: Destination address = [255.255.255.255]
IP: No options
IP:
UDP: ----- UDP Header -----
UDP:
UDP: Source port = 67 (Bootps/DHCP)
UDP: Destination port = 68 (Bootpc/DHCP)
UDP: Length = 308
UDP: Checksum = CB87 (correct)
UDP: [300 byte(s) of data]
UDP:
DHCP: ----- DHCP Header -----
DHCP:
DHCP: Boot record type = 2 (Reply)
DHCP: Hardware address type = 1 (10Mb Ethernet)
DHCP: Hardware address length = 6 bytes
DHCP:
DHCP: Hops = 0
DHCP: Transaction id = AC05AC05
DHCP: Elapsed boot time = 0 seconds
DHCP: Flags = 8000
DHCP: 1... .... .... .... = Broadcast IP datagrams
DHCP: Client self-assigned IP address = [0.0.0.0]
DHCP: Client IP address = [192.168.10.52]
DHCP: Next Server to use in bootstrap = [0.0.0.0]
DHCP: Relay Agent = [0.0.0.0]
DHCP: Client hardware address = 00105A98A55B
DHCP:
DHCP: Host name = ""
DHCP: Boot file name = ""
DHCP:
DHCP: Vendor Information tag = 63825363
DHCP: Message Type = 5 (DHCP Ack)
DHCP: Server IP address = [192.168.10.1]
DHCP: Request IP address lease time = 3600 (seconds)
DHCP: Address Renewel interval = 1800 (seconds)
DHCP: Address Rebinding interval = 3598 (seconds)
DHCP: Subnet mask = [255.255.255.0]
DHCP: Gateway address = [192.168.10.1]
DHCP: