Faculty of Engineering, Science & the Built Environment Lab sheets: 2012/13 Department of Engineering and Design Computer Networks http://blackboard.lsbu.ac.uk Lab Sheets Computer Networks Lab 1: Introduction to Windows XP Prerequisites: None Languages: None Time: 2 hour Requirements: A PC running Windows XP and login rights Summary: This worksheet introduces the Windows NT 4.0 file system and interface. It will show how the file system is navigated, how file permissions and file sharing is achieved, plus it will describe some of the file handling facilities that XP supports. Learning Objectives: Basic skills and confidence in approaching Windows XP as a user. Running commands and accessing data files. Commercial relevance: Windows-XP&7 ares now the desk-top standard for most commercial organizations. The only alternative is Unix, which is generally only found in technical environments. What you do: It is wise to know that XP normally offers several ways of achieving the same end. This can be very confusing for novices, so be warned. When watching somebody dealing with XP, they may be using an alter native approach. The [F1] function button evokes a context sensitive help dialogue, so you can highlight a word using the LMB(left mouse button) and then hit [F1] to obtain some assistance. This scheme is now adhered to by most Windows applications. The Help dialogue box displays an alphabetic list as well as a key word search window. The screen is made up of several different regions. At the bottom is the task bar - this contains the Start menu, plus a button for each activity, where an activity could be a window, application, folder. The main blue/green area is the desktop, and the icons on the right are desktop resources. Finally there are a number of open windows and applications. All parts of the XP interface react in similar ways to key presses and many of the settings described here can be achieved through other interfaces such as the Control Panel. The task bar give you access to the start menu, where you can execute applications and utilities, plus it has a button for each active resource. It can be customised by either going to the command [Start] -> Settings -> Taskbar (in XP, if display different, you can right click the taskbar and select properties to set the start menu to classic Start Menu) or by going to a free, i.e. non-button section of task bar and pressing the right hand button and selection the Properties menu. These menus will allow you to select the style of the task bar; does it stay in place or only appear when selected? Does it remain on top of other open windows? It is also possible to customise the Start Menu. Using this command you can remove unwanted commands and include ones that you use a lot, or even place them onto a higher level within the Start Menu. The desktop can be customised by either pressing the right mouse button in a free area of desktop or by selecting display from the Control Panel. This will allow you to customise the look of the desktop - colour, background texture, plus change the resolution settings and install a screen saver. From the ight mouse click menu it is also possible to create desktop short cuts to popular applications. Just select the short cut menu and browse or type in the application that you wish to run. Desktop short cuts can also be created by going to the application that you want a short cut to, pressing the right mouse button and selecting short cut. Then drag the short cut icon to the desktop. The same affect can be created by placing a short cut into the folder C:\Documents and Settings\username\Desktop. 2 Lab Sheets Computer Networks The XP Help Dialogue Box Where menus and sub menus are accessed the following notation will be used: [Start] -> Programs -> Accessories -> Telnet This means that the user is to go to the [Start] button on the bottom menu bar, select the Start menu using the LMB, then the Programs sub menu, then the Accessories sub menu and finally to get the Telnet command. When directories, or folders, and sub directories are accessed the following notation will be used: C:\Program Files\Windows\ Accessories\write.exe Running Commands and Accessing Data The least useful way of launching an application program is find the directory where it is stored and then double click on the icon. This may involve using the search facility to locate the executable within the directory hierarchy. [Start] -> Search Although you should always try the location C:\Program Files for a start! The default format of the "find" information/dialogue box is not very helpful because the central "In Folder" column is too narrow. You can widen it by dragging the right margin of the In Folder title box towards the right using the LMB. 3 Lab Sheets Computer Networks Using the Find Utility Sometimes you may find that commands are already represented by icons on your desk top, later in the worksheet, you will find how to set up such a short-cut facility. With most commands it is possible to run them directly either by selecting [Start] -> Run, getting the dialogue box below in to which you can type the command name: Star ting an Application using [Start] -> Run It is also always possible to run tasks by pressing the [CNTRL][ALT][DEL] (control-alternate-delete) keys, thus getting the logout dialogue box, selecting the task manager and choosing new task, getting the dialogue box below. From there you can either type in the command or browse. The task manager can be very useful if your system "loses" its menus and can also be used for terminating run away processes. 4 Lab Sheets Computer Networks Launching an Application using the Task Manager Finally it is quite often possible to run programs or access data by running the MSDOS command prompt, also referred to as "C >". Select: [Start] -> Programs -> Accessories -> Command Prompt With the DOS prompt you may use the "type" command to list the contents of a text file. Using the DOS Prompt to Run Programs To get rid of a task that has got out of control, when it no longer responds to a LMB click on the top-right-hand [X] button, you will again need the task manager. 5 Lab Sheets Computer Networks Using the Task Manager to kill off a task The Local Network and Server The group of PCs in 3p11 are networked to a server called, rather cryptically, csm-3p11-ser ver. If you LMB click on the Neighbourhood icon you will be able to open up the directory on the server and see the file system. Perhaps a better display format is offered by the Explorer. This can be started by clicking RMB on the [START] button and selecting Explore. The window will look like: Exploring the Local Network The left hand panel shows the hierarchical relationship within the directory structure, while the right hand displays the contents of the current subdirectory. Notice that we opened up Network Neighbourhood, then Csm3p11-server, then crts, which revealed the homes for each year and a project directory, too. 6 Lab Sheets Computer Networks Finding commands and data For those people who are more used to the UNIX environment, XP can be confusing. The organising principles, if they can be so called, of XP seem to be quite different from those of UNIX. As the predecessor, NT was a hybrid development, coming original from the mini-computer world of Digital but was completed under the auspices of Microsoft, it can sometimes seem to be a bit confused. Most binaries can either live in the C:\Program Files sub-directory or C:\Winnt\System32 directory. It is worth noting that the choice of C:\ and Winnt are both installation specific, as XP can be installed on another drive, D: for example, and the root directory, %System Root% in XP parlance, does not have to be Winnt! Creating and deleting folders (directories) is best done with the Explorer or My Computer window where the following procedure will start a new subdirectory with the name New Folder. This can immediately be edited into the desired title. File -> New -> Folder To delete a directory, including its contents, it is simply required to click on the directory icon with the LMB and hit the [DEL] key. A caution dialogue box will then ask if you are really, really sure etc. Most major applications will have their binaries and data files in C:\Program Files in a series of subdirectories. Fortunately most of these commands can be accessed through desk top short cuts or through [Start]->Programs. Other programs, such as system administration commands, utilities, live in the C:\Winnt\system32 directory. Sometimes it is possible to find utilities and application, sometimes also called accessories, that seem functionally equivalent, WordPad and Notepad, for example. However you will find that the utility, Notepad in this instance, will be less fussy than the application in certain operations, when editing system files for example. Data is likewise spread around the system. Most user data is stored in C:\Document and Setting\Username, where Username is the user’s name! This sub-directory contains a number of directories, that contain user data and user set up and customisation information. We will look at this directory in a little detail later on. The C:\Docoments and Setting User Directory Try these How many compressed zip files are there on your system? 7 Lab Sheets Computer Networks Make a director y in C:\Temp then use wordpad to write a small file and save it into your new directory. List the file to the screen. What options are offered to the viewer? Delete the directory. If you make a mistake and delete the wrong file is there anything to do? Use the DOS window and try the "ping" utility to probe another host: ping lsbu.ac.uk Explore Windows XP Getting around XP is fairly easy, you can either use the standard windows interface, or you can use the Explorer interface, which can be either accessed from the File menu, File->Explore, or by a right mouse button click on any folder or disc icon. Calling Explorer from a Disc Icon It is also possible to get around the system by calling up the msdos command prompt and using the standard cd and dir commands! The advantage of using Explorer is that it maintains in the right hand pane a diagram of where you are in the hierarchy, whereas just browsing windows it is difficult to tell which window is associated with which, or anything about their ordering. The current path can be displayed in the title bar by selecting: View -> Options -> View -> Display Full Path Pressing [ALT] tab allows you to step through all active, ie opened, items and shows you their hierarchy. Finally it is possible to close all parent windows of a sub window by a SHIFT CLICK on the top right hand button [X] of the sub window. Try These 8 Lab Sheets Computer Networks Find, using the system help, [Star t] -> Help, all of the various program and windows short cut keys. Find and setting Properties UNIX is multi-tasking and multi-user. Although XP is also multi-tasking and multiple user, workstation XP does not allow several users to be logged on at the same time in the way Unix does. In order to support different users, XP has a sophisticated set of mechanism for controlling users and resources. Each user has a login id and is given their own C:\Documents and Settings\User directory area. The system administrator defines the properties of each user when the accounts are created. It is difficult to find out exactly the status of your own permissions, however if you have the XP Resource Kit installed you can use the whoami command. It is possible to find out what other users are on the system by running the user manager, [Star t]->Programs->Administrive Tools (Common)-> User Manager, whoever without Administrative level per missions, you should not be able to do much more than simply look. In order to best understand permissions it is worth doing some experimenting. To find out the permissions on a object, where object can be file, disc and so on, you simply RMB click on an object, bringing up a context sensitive menu. Finding File Access Permissions on XP Then select the properties choice, this will result in a file properties menu, from which you select the security tag. Clicking on the Permissions button should then show you what setting are available for this object, although if you are not the owner of the object or the administrator, you may get a warning telling you that you are not allowed to change the settings. XP per missions on folders are as follows: 9 Lab Sheets Computer Networks File actions are fairly similar, except the for the read, write and execute permissions: XP has a grouping of common permissions for files and folders: To discover per missions is a simple click on the permissions tab, and the settings are changed through a scrollable list box. Try These Change the settings on some files and folders to convince yourself that you understand how they work. Do you need to set the access permissions on every directory in the pathlist? Use the Help facility to read more about access permission control in XP. Is there any difference between the FAT-32 and the NTFS file systems? Can you get access to files on your neighbour’s workstation? Try the Network Neighbourhood icon, and select the workstation id. Can you run an application stored on the server on your workstation? 10 Lab Sheets Computer Networks Lab2: Introduction to Unix and Networks Prerequisites: None Languages: None Time: 2 hour Schedule: Requirements: Linux on a network Summary: This is a short introduction to computing facilities based on Linux PCs with networking connection. Learning Objectives: To practise the connect / login and logout procedures & remote access to the network To gain some familiarity and confidence with simple Unix commands To contrast the File Manager and command line approach to file handling. To understand how to transfer files around the network To use an editor such as vi or nano. Be confident in using basic Internet facilities. Commercial Relevance: Until recently, any major database server or large host connected to the Internet would have run Unix, probably Sun/Solaris or HP/UX. Microsoft Windows has now begun to capture some of this sector. Another recent change is the emergence of Linux as a force within the commercial marketplace, especially for "backroom" systems. The role of an operating system, such as Unix or Windows-XP, is to assist the user and protect the hardware. Operating systems are large, complex programs, or groups of programs, designed to help application programs employ the resources of the computer more securely and efficiently. With multi-user systems, and even singleuser multi-tasking systems, the allocation, arbitration and control of shared resources is a primary function. When the computer is shared between a number of users, the problem of data security becomes paramount. More and more, the operating system provides convenient access to a network and the Inter net beyond. Unix remains an important commercial example, and has also attracted more enthusiasts with the introduction of the freely distributed Linux version. 1. Logging on This worksheet requires you to work with Linux, so you may have to reboot the PC. Check to see if your PC needs to be turned on, or just rebooted if it is currently running Windows. Log on with your username of root and password with rootuser. Note that Unix/Linux respects the upper/lower case distinction, so be careful entering the allocated password. Although quite often you need to change your password to make your account safe, you are not allowed to change the password in this workshop as it is teaching lab and all the computers will be used for many classes. However you can try to test the change of the password of your own university account. Everyone has a university Linux account which you can access remotely. Just use ssh command in your machine you can log in it and test change password experiments following this instruction: rob@kenny> passwd Please enter your old password: Please enter your new password: Please enter your password again: Your password has now been changed. rob@kenny> When you login (or start a new shell), the Unix operating system will try to execute setup instructions held in a number of standard script files. Typically these instructions will initialize some environment variables, such as PS1, PATH and TERM. Look into the following files, note they are hidden from ls by the leading ".". You must use ls -al or select [View] -> [Show Hidden Files] for the file browser. 11 Lab Sheets Computer Networks There are 3 files you really need to understand when customizing the bash shell: /etc/profile, ~/.bash_profile, and ~/.bashrc. Inspect /etc/profile (more /etc/profile which holds global initialization commands for every user. Each user can have an personalised ~/.bash_profile which is executed only at login. It is NOT executed for each shell, only the login shell. However, ~/.bashrc is executed for each new shell except the login shell. It is recommened that you put all your special shell customizations into your .bashrc file, and set .bash_profile to call .bashrc with the command: source ~/.bashrc. The most important set-up action is to initialise the PATH variable. This tells the Unix shell where to find executable programs. If it is not set up, no programs can be found, or run. Quite tragic. Now look at its value for your session: # printenv PATH /usr/local/bin:/usr/bin:/bin:/usr/bin/X11:/usr/games:$HOME/bin # To add another directory, such as your current one (indicated by the .), to the PATH, you could use the following: Note the use of { } to define clearly what the variable name is. Otherwise the $ prefix could extend in scope to the end of the line. Alter natively, you could add export PATH=${PATH}:. to your .bash initialization file. As an experiment, try clearing PATH, and see what results. But before you do it, make sure you know how to reset it: When you are registered on a Unix system as a user, you are allocated a UID (user identity number). Also you can join groups of other users. Use the commands whoami and id to find out who you are. Once logged in, you may be able to switch user identity using su, but at UWE this is a privileged command, limited to administrators only. 2. The Unix Filesystem There is a general pattern which all Unix file system hierarchies keep to, although it does var y a bit when moving between HP/UX, Solaris, and all the Linuxes. When logged in, list the root directory of your desktop machine: The directory patter n is best expressed in a tree diagram, each of the nodes also elaborate the hierarchy further, until the files themselves are reached. Here is the top level director y tree: 12 Lab Sheets Computer Networks Take a look in each of the top level subdirector ies and decide what kind of files, used for what purpose, are stored there: cd /bin; ls –al 3. The network The FESBE faculty has a main network, and its structure is not open to us. By taking look of the Microsoft Networks through My Network Places of windows explorer, it can be found that most the computer s join the university’s LSBU domain and there still some research institute have their own domain. The computers in this lab is in the Workgroup domain. The main University network is really too complex to bother with, but from the users’ point of view it all acts like a gigantic central switch, routing packets between all the subnets. The distribution and routing of data packets along local area networks (LAN) and out across the Internet is based on the TCP/IP protocols. These protocols specify data packet for mats, command codes, responses and conventions. They were originally devised as part of the US Department of Defense (DOD) computer communications research program and were intended to allow easy exchange of data within the US Research and Military community. They became the premier standard mainly because they worked well and were readily available through the Unix operating system. The various network IP numbers are inserted onto the first diagram next to the hosts and LAN segments (subnets) to which they apply. The quad-dotted IP numbers are like telephone numbers, they allow you to refer to subnets and individual connected devices, such as PCs, printers, routers. Each device is allocated a globally unique 32 bit address number, which is normally written in quadruple dotted notation. For my workstation, called olveston, the IP number is written as 136.148.4.7. This is actually: 10001000100101000000010000000111 in binary, summar ized in hex for mat as: 88940407 . You can see the advantage to having friendly names such as milly and kenny allocated to each computer! In T719 the host numbers are allocated to the PCs in this way: 136.148.98.01, 136.148.98.02, 164.148.98.03, and so on. Note that the left hand "136.148" is the University domain address on the internet. The "98" is the subnet address for the Telecomm Lab LAN, and the right hand, least significant numbers such as "02" refer uniquely to individual computers. As already explained, hosts are normally referred to by name, such as kenny or milly. The official name and IP number can be used interchangeably in most circumstances Find out the name and IP number of your current workstation by using hostname -i or ifconfig, (on XP use pconfig). You can try testing for other hosts on the net by using ping. Ping also tells you how long it takes for a packet to reach its destination. rob@kenny> ping milly PING milly.cems.uwe.ac.uk (164.11.11.13): 56 octets data 13 Lab Sheets Computer Networks 64 octets from 164.11.11.13: icmp_seq=0 ttl=253 time=0.6 ms 64 octets from 164.11.11.13: icmp_seq=1 ttl=253 time=0.5 ms 64 octets from 164.11.11.13: icmp_seq=2 ttl=253 time=0.5 ms 64 octets from 164.11.11.13: icmp_seq=3 ttl=253 time=0.5 ms 64 octets from 164.11.11.13: icmp_seq=4 ttl=253 time=0.6 ms 64 octets from 164.11.11.13: icmp_seq=5 ttl=253 time=0.5 ms ˆC --- milly.cems.uwe.ac.uk ping statistics --7 packets transmitted, 6 packets received, 0% packet loss round-trip min/avg/max = 0.5/0.5/0.6 ms rob@kenny> 4. Logging out Use [CNTRL/ALT/DEL] and select logout for normal exit. Don’t turn off the power because then it takes longer for the next student to log on. Don’t forget to logout! 5. Unix basic commands All self-respecting computers have a program called the Operating System to organize the facilities, protect the hardware from ignorant/malicious programs and generally help the user to have a good time. Unix is one of the most stable Operating Systems currently available. Sun’s Solar is, HP/UX and Linux are three well known versions of Unix. Most of the fastest workstations have been designed to run Unix because of its facility to deal with multi-processor hardware. Windows has not yet demonstrated long-term success in this niche, it is also some-what cramped by the 32-bit Pentium, whereas the newer 64-bit CPUs (Alpha, ARM, HP/PA, Itanium) are already running Unix. Unix is a tool kit. There are hundreds of commands and tools to help the knowledgeable programmer. Many of the original, cryptic command line tools have now been repackaged for the X-windows and so are conveniently GUI-based. To stop a Unix process (a running program) try using [CNTRL C]. This usually works, else you must identify its process number, using the ps command, and use this with kill. So, boot up a PC into Linux, start the X windowing system if necessary from the command line by typing: startx, then use the RMB to select shells->xterm from the main window panel. This allows you to start up command windows and type in commands to Unix. Try these example commands: 14 Lab Sheets Computer Networks 7. Remote access Students may be able to login to the Unix hosts or wor kstations from anywhere, through broadband or through dial up modems. Remote sessions via the Internet are routed, for security reasons, through a firewall host. To use this facility for inward remote login, you will have to register with the Help Desk and obtain an ssh password. Try login to your university Linux account by using the secure shell (ssh) command: root> ssh yourusername@mypages.lsbu.ac.uk Try using sftp to connect and upload files to your Linux account. The utility nslookup can be useful when you are trying to find domain names or IP numbers. Check out the manual page for nslookup, and try: nslookup yahoo.co.uk. It can be useful when trying to set up a session from home to know some IP numbers for example. yahoo.co.uk 217.12.3.11 blueyonder.co.uk 62.30.31.86 google.co.uk 66.249.93.104 15 Lab Sheets Computer Networks Lab 4: Linux Process Management & Scheduling (1) Prerequisites: Workshop 2 Languages: None Time: 1.5 hours Schedule: Requirements: Linux on a network Summary: Part I of understanding how the process is managed and scheduled by an Operating System. OBJECTIVES 1. 2. 3. Process status Process Creation Process Management Little More Knowledge about Linux/Unix In Linux, you could know more about the hardware platform that you are using with the uname command. Type uname –a and you will see all information about the machine that you are using. Try this out on Unix as well. You can know the name of your machine by hostname. Connecting these together with whoami and pwd, you can change the command prompt easily. For example, to make the prompt Mickey@linux06: you could type set prompt=”Mickey@`hostname`: ” To make the prompt /home/student3/d/08765432d (08765432d)you could type set prompt=”`pwd` (`whoami`)- ” To make the prompt Linux@linux06 (30): where 30 is current command number, type set prompt=”`uname`@`hostname` (\!):” Process status Unix processes operate either in application or kernel mode. Unix processes in kernel mode execute system calls synchronously run in separate address space use copy of calling arguments as input copy return value into process address space Unix kernel keeps process information in fixed size process table. Unix processes are in one of 5 states State Status Description nascent created but without resources runnable R running or in a run queue sleeping S awaiting an event stopped T stopped by a signal or by parent process zombie Z deceased but termination not notified to parent Long in your PC using the Linux OS. The username is root and the password is rootuser. Run the command 16 Lab Sheets Computer Networks ps in the linux and check the processes’ status. Only few processes displayed, try use ssh connect to your university Linux account to run this command and it will display more processes running at that machine. Following is the example display of the results. Write down your own observations to your logbook. linux% ps -x PID TTY STAT TIME COMMAND 19716 tty1 S 0:00 -csh 21184 tty2 R 0:00 ps -x 21209 tty3 T 0:01 sleep 200 21346 tty4 Z 0:01 <lockd defunct> Process Creation Linux/Unix processes have a life cycle of phases creation transformation suspension termination fork() system call duplicates parent as child version of exec() system call changes code wait() system call delays process on receiving signal suicide by exit() system call /* lab 4 A */ #include <sys/types.h> #include <sys/wait.h> #include <unistd.h> int main(int argc, char *argv[]) { int status; if ( fork() == 0 ) // current process forks execv("/bin/ls", argv); // child process code is changed wait(&status); // parent waits for child to die exit(status); // parent terminates } Child process has different process ID and fresh resource allowance. fork() returns 0 in child and child's process ID in parent. Parent waits for child to exit and returns its exit status. Child uses exec() version to load and run "/bin/ls" code. 17 Lab Sheets Computer Networks Using nano to create a file called creation.c in your university Linux account. Compile and run the program after the following steps: cc –o creation creation.c chmod 755 creation ./creation You should also run your program in the following way: ./creation –a ./creation -al Process Management In Unix or Linux, one or more processes will be created when executing programs using the shell. The set of processes could be viewed by means of the ps command. For example, you could type command ps –elf to see a list of processes. Each process is identified by a process id. Most processes should be in “S” state (suspended/Sleeping). The process executing ps is itself in “R” state (running). The invocation of a program is called a job or a task in Unix/Linux. A job normally creates one process, but could also create multiple processes to complete the mission. For example, the commonly used pipe or “|” operator in shell generates multiple processes. For example, type ls –l | more and you can use ps to check that there are two processes created, one for ls -l and the other for more. The ls and more commands are executed together for a job. In this case, you have to use another shell (e.g. use another ssh client) to check because you could not type the ps command when the ls and more commands are still being executed. We could try a sequence of commands for a job like ps; pwd; cal 2009. Processes belonging to the same job form a process group. You could use multiple ssh clients when you are using the computers in the laboratory. If you are connecting from home, you may have only one terminal or only one connection to Unix/Linux. Then could we do multiple jobs together? Luckily, the answer is yes, and it works with C-shell and Bourne-again shell. At any moment, there is only one process group derived from one job that is connected to the keyboard for input, but there could be multiple jobs not connected to the keyboard running. We say that these multiple jobs are being run in background. They could still produce outputs to the screen, and all the outputs from all the jobs will be intermixed together. To put a job to background, use the “&” operator. Programming with Processes (Optional) In Unix, the way to create a process is to use the fork() system call. It will create a child process as an exact copy of the parent, including the value of the program counter. However, once fork is executed, the two copies of parent and child will be separated and the variables are not shared. Note that the action of copying only occurs on demand but logically, we could assume that it occurs when fork is completed. To get the id of a process, we could use the system call getpid(). Since the two copies of parent and child are separated after fork, how could a child know who is the parent? A child can get the id of the parent by getppid(). Try to observe the variable values produced by parent and child processes and draw a picture to illustrate the changes in values in Lab3B.c. Note that there is no guarantee that the parent after fork is executed before the child or after. The actual execution order depends on the CPU scheduling mechanism. Try to vary the sleep parameters and observe the outputs. /* lab 4 B */ #include <stdio.h> #include <stdlib.h> int main() { int pid, myid, parentid, cid; int val; val = 1; myid = getpid(); printf("My id is %d, value is %d\n",myid,val); pid = fork(); if (pid < 0) { /* error occurred */ printf("Fork Failed\n"); exit(1); } else if (pid == 0) { /* child process */ myid = getpid(); parentid = getppid(); 18 Lab Sheets Computer Networks printf("Child: My id is %d, my parent pid is %d\n",myid,parentid); printf("Child: Pid is %d, value is %d\n",pid,val); val = 12; printf("Child: My id is %d, value is %d\n",myid,val); sleep(4); printf("Child: My id is %d, value is %d\n",myid,val); val = 13; printf("Child: My id is %d, value is %d\n",myid,val); sleep(4); printf("Child: My id is %d, value is %d\n",myid,val); printf("Child: Child %d completed\n",myid); exit(0); } else { /* parent process */ printf("Parent: My child id is %d\n",pid); printf("Parent: Pid is %d, value is %d\n",pid,val); val = 2; printf("Parent: My id is %d, value is %d\n",myid,val); sleep(4); printf("Parent: My id is %d, value is %d\n",myid,val); val = 3; printf("Parent: My id is %d, value is %d\n",myid,val); sleep(4); printf("Parent: My id is %d, value is %d\n",myid,val); cid = wait(NULL); printf("Parent: Child %d collected\n",cid); exit(0); } } 19 Lab Sheets Computer Networks Lab 5: Linux Process Management & Scheduling (2) Prerequisites: Workshop 2,4 Languages: None Time: 1.5 hours Schedule: Requirements: Linux on a network Summary: Part I of understanding how the process is managed and scheduled by an Operating System. Objectives 4. 5. 6. 7. 8. Process Transformation Process signals Using of signals Unix/Linux Process Scheduling Scheduling Priorities Process Transformation In Unix/Linux there are 6 versions of exec() call execl() executable path arguments list environment inherited execlp() filename list inherited execle() path list envp[] execv() path argv[] inherited execvp() filename argv[] inherited execve() path argv[] envp[] Letter codes have following meanings l v list of arguments argv[] p e filename envp[] Simple interpreter to run shell commands uses execl() #include <iostream.h> #include <string.h> #include <sys/types.h> #include <sys/wait.h> #include <unistd.h> extern char **environ; int shell(const char *cmd) { int pid, status; if ( (pid = fork()) == 0 ) execle("/bin/sh", "sh", "-c", cmd, (char *)0, environ); while ( wait(&status) != pid ) ; // wait until child exits return(status); 20 Lab Sheets Computer Networks } int main() { char line[512]; while ( strcmp(line, "exit") != 0 ) { cout << "host% "; cout.flush(); cin.getline(line, 512); // get command from user shell(line); // run command } } Process Signals Unix interprocess signals inform processes of occurrence of asynchronous events are software equivalent of hardware interrupts may be sent by any process or by kernel ps reveals PID to send signals to: linux% ps -x PID TTY STAT 538 tty1 R TIME 0:03 COMMAND a.out kill command sends signal (in this case a SIGKILL) linux% kill -KILL 538 Brief names of recognised signals are listed as follows: linux% kill -l HUP INT QUIT ILL TRAP ABRT BUS FPE KILL USR1 SEGV USR2 PIPE ALRM TERM STKFLT CHLD CONT STOP TSTP TTIN TTOU URG XCPU XFSZ VTALRM PROF WINCH POLL PWR SYS RTMIN RTMIN+1 RTMIN+2 RTMIN+3 RTMAX-3 RTMAX-2 RTMAX-1 RTMAX POSIX.1 standard signals are HUP INT QUIT ILL ABRT FPE KILL SEGV PIPE ALRM TERM STOP TSTP CONT CHLD TTIN TTOU USR1 USR2 Actions to handle signals are either user defined or default. Default actions may be one of ignore signal terminate process (and core dump) stop process 21 Lab Sheets Computer Networks Three signals KILL STOP CONT cannot be ignored. Use of Signals Signals may also be posted by two system calls System Call kill(pid, signal) killpg(pgrp, signal) Action send signal to pid send signal to process group pgrp User ID of posting process must match recipient's or be super-user. Signals are posted to processes by kernel upon detection of hardware event such as an illegal instruction software event such as stop request from terminal Processes can set user defined actions upon receipt of signal using Function signal() sigvec() Description C/C++ library call - simple access to sigvec() system call signal() is more portable to non-BSD flavours of Unix. Actions include take default action ignore signal catch signal with a handler Typical handlers either perform housekeeping prior to resumption tidy up prior to process abortion Unix/Linux Process Scheduling Unix schedules using multilevel feedback queues Runnable processes are assigned to run queues on their priority. Processes are scheduled on time sliced basis as follows run queues are scanned from top to bottom first process on non-empty queue is run processes on a queue are run round robin with equal time slices blocking processes are removed from run queue 22 Lab Sheets Computer Networks processes using up their time slice are scheduled at end of queue Time slice size involves trade offs. Time Slice shorter longer Characteristic better interactive response better system throughput Scheduling Priorities Scheduling priorities are dynamically adjusted to reflect requirements for resources recent CPU usage and processes shuffled between queues accordingly. Users express requirements for processes via nice factors that improve process priority the lower they are lie between -20 (high) and 20 (low) (default 0) user may only set between 0 and 20 unless superuser fast.cpp is a C++ program that runs flat out int main() { for(;;) {}; } 23 Lab Sheets Computer Networks Its priority can be lowered by adding 10 using nice linux% nice -10 fast & Scheduling priorities can be set by setpriority() system call. #include <sys/resource.h> int main() { if ( setpriority(PRIO_PROCESS, 0, 15) == 0 ) for(;;) {}; } This executable runs with nice rating of 15 indicated by N flag. linux% ps -x PID TTY STAT 22642 pts/0 RN ... TIME CMD 1:61 a.out 24 Lab Sheets Computer Networks Lab 6& 7: Memory Performance Prerequisites: Elementary C programming Languages: None Time: 3.0 hours Requirements: access to Dev Studio on a PC Summary: This worksheet is a basic introduction to PC maintenance skills. It will be used as the lab sheets for both Workshop 6 and 8. Learning Objectives: Understanding the PC memory hierarchy (disk, DRAM main memory, SRAM cache, CPU registers) gives programmers a major benefit. Code and data can be structured to fit with the hardware. Commercial Relevance: Data processing remains an important activity for a large proportion of computer systems. The performance of such systems can be seriously degraded if the data structure is not adjusted to the available memory configuration. Part I What You Do: The throughput of data processing systems can be adversely affected if data is not readily available. A program can be held up, blocked, until the necessary item of data or the next instruction is read into the CPU. The Pentium first tries to fetch instructions and read data from the fast on-chip LI cache. If this fails it looks elsewhere, in the worst case scenario the item has to be retrieved from disk, seriously delaying the program. There are several hardware units to help in the task of transferring data to and from cache (SRAM) and virtual memory (disk). The MMU controllers attempt to minimize the access delays incurred by the need to move data (and instructions) in from disk. Blocks of data and instructions migrate up and down the memory hierarchy as required by the executing programs. 25 Lab Sheets Computer Networks Given the limited memory space available, it is not always possible to load all the data and instructions for a running program. In Unix and XP, the swap or page file holds the "overflow" from main memory. From the preceding diagram you can see the difference in performance between reading data from disk and reading data from CPU register. By using a mix of different memory technologies, the CPU can get the speed benefit of the fastest memory devices without paying the full price. Providing 64 million CPU registers is not a feasible plan. A simple strategy which programmers adopted effectively before virtual memory operating systems became standard on most computers, was to read as much of the input data into a memory array as possible before starting to process it. This avoided the delays incurred if each item is read from disk when it is about to be processed. However, with virtual memory operating systems, the data array might not be held in main memory DRAM, but swapped out onto disk, invalidating the advantage of pre-reading. C Compilers and CPU Data Registers The C language provides some instructions for the programmer to tell the compiler which variables to store in CPU registers (register) and which to hold in main memory (volatile). The reserved word "register" is termed a "Storage Class Specifier", but because compilers have to take into account the limited number of CPU registers available at any time during the execution of a program, the instruction may be overridden. "Volatile" is termed a "Type Qualifier" and it is used to inform the compiler that all read accesses to the specified variable should be directly implemented. This guards against the compiler optimization phase cancelling a read operation under the assumption that because there has been no write access since the last read, another memory read is superfluous. Such an assumption ignores the possibility of an input port being located at the memory location in question. In this case it would appear that a variable (input port) changes without an intervening write operation. For our purposes, "volatile" simply locks the variable in main memory and blocks compiler optimization. It should also stop caching operations on that memory region: caching port register data is not a useful exercise! Use the following program to compare the effects of using "register" and "volatile" to condition the int storage declaration. Compile and run it three times. The first with no substantive changes (except to eliminate errors!). The second run requires you to insert register before int i; and int j;. This should speed up the program because it advises the compiler to maintain i and j in CPU registers throughout. Finally, the third run requires the two register instructions to each be replaced by volatile. This deliberately forces the CPU to reread the variables i and j from memory on each access, slowing down the run. To obtain a more accurate comparison between the 3 versions, you may increase the length of time by increasing max. 26 Lab Sheets Computer Networks Memory Segmentation Memory management on the Pentium is complex. The following diagram may not help, but it is intended to show you the way that logical, segmented addresses are positioned within a single, flat linear space. This is necessary because compilers output code with addresses set to commence from 000000. This might be seen as the compiler expecting each program to be the only one running on the target machine. Clearly all programs cannot be loaded at 000000 for execution. Also the compiler sets data references as if a separate memory, also starting at 000000, is to be used. Such a distinction drawn between code, data and stack areas is referred to as a segmented memory model. The Pentium is provided with segment base registers (CSEG, SSEG, DSEG) to hold offset addresses for the start point of each of these segments. Thus, the logical, segment address is added to the relevant segment base address to generate a full 32 bit linear address. You can think of the segments as being arranged one after the other in a larger, linear memory. On the 8086, the CSEG, DSEG, SSEG address registers were simply used to hold the base address of each segment and so offset them within the linear address space. In fact, on the 8086, because these base registers were still only 16 bits wide, the value was left shifted by 4 bits to make a 20 bit pointer to which was added the 16 bit segment address. The resulting 20 bit address then accessed a 1 Mbyte physical memory. The Pentium uses the CSEG, DSEG, SSEG registers in a different way. Their 16 bit value indexes into a table and selects a "segment descriptor record" which holds a 32 bit segment base address, access control status flags, and a 20 bit upper limit address. Using this new facility it is possible to implement much more rigorous security controls on code running in memory. To speed up the address formation process, each segment base pointer register has an associated "invisible" cache register to hold the currently selected segment descriptor information. In this way the segment base pointer can be added to the logical segment address to for m a full 32 bit linear address with little time delay penalty. Although the introduction of segmented memory was initiated by the limited width of the IP register restricting the size of addressable memory, a more important function nowadays is the 27 Lab Sheets Computer Networks ability of segment limit registers to protect against illegal access. Any address issued by a program is not only added to the segment base pointer, but also compared to the limit register. In this way "out of bounds" accessing can be trapped. The Pentium segment descriptors also contain a 2 bit priority number which can be used to implement a process hierarchy, with 4 levels of access privilege. Interestingly, it appears that XP does not use the segmentation facilities, but sets all the base pointer addresses to 0000, superimposing all code/data segments. This has the advantage of allocating a full 4 Gbyte space to each process, but invalidates the security mechanism which has to be provided by the Virtual Memory paging system instead. 28 Lab Sheets Computer Networks Part II Memory Paging A 32 bit address can access 4 Gbytes of physical memory, much too large for most PCs currently available. In order to service this potential addressing space, a paging system was included in the Pentium to allow only the active parts of programs and their data to be resident in physical memory at any time. To achieve this, the code, data and stack segments are split into 1 million, 4 kByte pages, each of which can be loaded into a 4 kByte "frame" in DRAM so that it can participate in the fetch-execute activity. This scheme means that we can look at the 32 bit address as split into a 20 bit "page number" with a 12 bit page address. In effect, the Virtual Memory Management Unit swaps the page number for a frame number and checks to see if the indicated frame is located in DRAM or on disk in the swapfile, and whether it is available for access by the current process. To speed up subsequent memory accesses, which will probably be to the same page, the Pentium Memory Management Unit maintains a Translation Look-aside Buffer (TLB) to cache the page/frame pairs. This obviates the need to look-up the page tables in main memory unless a TLB miss occurs. You can look at the swapping rate on XP using Start -> Control Panel -> Administrative Tools -> Performance ->Add (Icon with plus sign) ->Add Counters ->Paging File. This will display a graph of the page/swap file usage. For testing the impact of virtual memory management page swapping the following program is suggested. However, when you compile the code you may need to extend the maximum stack length, or an error will be forthcoming. The default stack size of 1 Mbyte is not sufficiently big to hold an array of 1M integers (4 Mbytes!). Dev Studio allows you to change the maximum stack limit by using the 29 Lab Sheets Computer Networks Project ->Properties->Configure Properties->C/C++->Command Line ->Additional Option Input /F[ ]number. Or by setting the reserve size to e. x. 800000 using Project >Properties->Configure Properties->Linker->System->Stack Reserve Size option. Memory Usage To inspect memory usage on your computer open up Task Manager and look at the status bar. On the right you will see Mem Usage. This gives the total amount of physical and virtual memory in use as a fraction of the total available. Then select the Performance tab. At the bottom are tables for Physical and System memory, as well as the Commit Charge table. Also, an interesting graph of your current Memory Usage is shown. Remember that "Memory Usage" on the status bar refers to both Physical and Virtual memory combined, while on the Processes tab, it refers to the process’ working set reserved in physical memory only. Virtual memory space is held as a file called C:\Pagefile.sys on disk. You can look at it using Explorer. It is generally set at more than twice the size of the physical DRAM memory. Disk Caching The XP File Manager actually caches file records in a memory buffer in the hope that subsequent file accesses will benefit from rapid access to this "RAM disk" facility. Quite a large amount of the main DRAM memory is reserved for this activity, but there is no easy way for the user to control this aspect of memory allocation. There is only a crude option: Server 30 Lab Sheets Computer Networks (large file cache) or Workstation (small file cache) available through use of the registry. Fire up REGEDT32 from the Start->Run button. Then select: HKey_Local_Machine\System\CurrentControlSet\Control\Session Manager\Memory Management Set LargeSystemCache = 1 or 0, depending on whether you are testing the performance with large or small file cache. Use Edit->Add Key to insert the change and exit from the registry. You will need to reboot the system before gaining the benefit of the alteration. Consider These 1. How do Unix and XP cope with programs that are larger than main memory? Is the page/swap file essential, even when you have a massive amount of DRAM installed? 2. What mechanisms does the Pentium offer to protect Operating system code from rogue user code? What mechanisms does the Pentium offer to protect one user from another? 3. All processes have code segments which can potentially contain 4 Gbytes. On XP, the addressing of each program starts at 00000000. This means that for XP the code segments for all processes overlap their addressing, thus invalidating the Base-Limit segment register protection scheme offered by the Pentium. How then does the Pentium paging scheme manage to impose inter-process protection? (Hint: what happens when a memory reference is made through a page table entry which is not required by the process?) 4. It seems that the Pentium has to carry out a double address translation using look-up tables held in memory (logical->linear, linear->paged). How can this be done without introducing unacceptably long delays? 5. Describe the various address for mats used by the Pentium during a memory access. 6. Where could XP place the shared code offered by DLLs? 7. If a PC had 4 Gbytes of DRAM installed, would there be any point to the segmentation mechanisms offered by the memory management unit? 31 Lab Sheets Computer Networks Workshop 8: Network Devices and Services Prerequisites: None Languages: None Time: 1.5 hours Requirements: access to Internet Summary: This worksheet is a basic introduction to the basic network devices. Learning Objectives: Understanding the devices used in the computer networks. Investigate the network devices and their roles in the computer networks. What You Do: The following three figures are the extracts from CCNA training materials. Most of the network devices are included in these figures. By using search engine, find the answers of the following questions: Figure 1 Cisco Enterprise Architectures 32 Lab Sheets Computer Networks Figure 2 Logical diagram of Enterprise Campus Figure 3 Physical Topology of a Small Medium Enterprise Network 1. What is Web server and what services provided by the web server? What are the protocols used by Web server? 2. What is Mail server and what services provided by the mail server? What are the protocols used by Mail server? 3. What is file server and what services provided by the file server? What are the protocols used by mail server? 33 Lab Sheets Computer Networks 4. What is DHCP server and what is DNS server? Tell the roles of these two servers. In which device can you usually find the DHCP server installed? Why the DNS server is needed? 5. What are IPS, firewall and IDS? Tell the roles of these devices (services). 6. What is router? and its roles. Why the router is called layer 3 devices? 7. What is switch? What is hub? Which layers they belong to? What are the differences between these two devices? 8. Tell the characteristics of the Ethernet technologies. What is the maximum distance for an Ethernet connection? 9. What are the benefits of using serious connection to connect to ISP? What kinds of devices you should use to connect to ISP? 10. What is VPN? What are benefits to use VPN? 34 Lab Sheets Computer Networks Lab 9: Cisco IOS Command Line Interface (CLI) (Sheet for Week 10 & 11) The aim of this lab session is to understand how to configure a Cisco router and to learn the Cisco’s Internetworking Operating System (IOS) commands. Equipments: A PC with Cisco Packet Tracer installed. Logbook. Objectives Set up a new Cisco 1841 Integrated Services Router (ISR). Connect a computer to the router console interface. Configure HyperTerminal so that the computer can communicate with the router and observe the router start-up sequence. Display router configuration information using the show running-config and show startup-config commands and restart the router using the reload command. Display router system, Cisco IOS software and configuration register information using the show version command. Exploration of the IOS Command Line Interface (CLI) Exercise Part 1: Using Packet Tracer to create a logical connection diagram for this workshop. The bottom left-hand corner of the Packet Tracer screen displays eight icons that represent device categories or groups, such as Routers, Switches, or End Devices. Moving the cursor over the device categories will show the name of the category in the box. To select a device, first select the device category. Once the device category is selected, the options within that category appear in the box next to the category listings. Select the device option that is required. (a) Select End Devices from the options in the bottom left-hand corner. Drag and drop one generic PC onto the design area. Click on the PC, from the window, select the Config tab and rename them to PC0 (if it is not). (b) Select routers from the options in the bottom left-hand corner. Add one generic router onto the design area. Rename it to testRouter. (c) Select Connections from the bottom left-hand corner. Choose a Console cable type to connect PC0 (RS232) and testRouter (Console port) The creating testing system should like the following figure 1. 35 Lab Sheets Computer Networks Part 2: Configure HyperTerminal so that the computer can communicate with the router and Router’s Boot up process Although by clicking on the testRouter Router in the Packet tracer environment, you can monitor how the Cisco IOS works. In the practical work, the first step to boot up and set up a router is through the PC which connects to the router by console cable. (a) Click on the PC0, a window like the following figure 2 will pop up. Click on the Desktop tab, several simulation software are is available. Click terminal icon, a simulation HyperTerminal will be running for you to remotely configure a network device like router. You must first configure the terminal emulation parameters as follows: • 9600 baud • 8 data bits • no parity • 1 stop bit • no flow control and no parity By clicking on OK you will be able to move to the HyperTerminal window displayed in Figure 3 36 Lab Sheets Computer Networks Figure 2 Simulation software available for Packet Tracer End Devices Figure 3 Router Start up Message (b) Observe the startup messages as they appear in the terminal emulation program window. While these messages are appearing, do not press any keys on the keyboard. Pressing a key interrupts the router startup process. Some examples of startup messages displayed are the amount of main memory installed 37 Lab Sheets Computer Networks and the image type of the Cisco IOS software that the router is using. Can you find these example startup messages in the following figure? (c) The figure shows that there is 114 MB of memory installed on this router, and the Cisco IOS image type is C1841-ADVSECURITYK9-M. Startup messages are generated by the operating system of the router. The messages vary depending on the software installed on the router. These messages scroll by quickly and take a few minutes to stop. When the router is finished starting up, the following system messages appear in the terminal emulation window: --- System Configuration Dialog --Would you like to enter the initial configuration dialog? [yes/no]: no Would you like to terminate autoinstall? [yes]: Press RETURN to get started! (d) After pressing Return (Enter) to get started, several system messages regarding the interface and line status appear. If the router is in its default configuration, the user mode prompt Router> is displayed. Note: It may be necessary to press Enter after the interface status messages are displayed. Part 3: Displaying Router Information using show Commands Step 1: Display the router running configuration. From the router user prompt, enter privileged mode using the enable command, and then issue the show running-config command to see the current router configuration in RAM. If the router is in default configuration, the output is similar to that shown below. The default host name is Router, and none of the interfaces have IP addresses. This 1841 router has two built-in Fast Ethernet interfaces (0/0 and 0/1). In the default configuration, all interfaces are shutdown. In addition, there are no passwords set. Router>enable Router#show running-config Building configuration... Current configuration : 357 bytes ! version 12.4 no service password-encryption ! hostname Router ! ! ! ! ! 38 Lab Sheets Computer Networks ip ssh version 1 ! ! interface FastEthernet0/0 no ip address duplex auto speed auto shutdown ! From the router privileged mode prompt, issue the configure terminal command to enter configuration mode. Change the router name using the hostname command, and then end configuration mode with the end command. Router#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Router(config)#hostname testRouter testRouter(config)#end testRouter# %SYS-5-CONFIG_I: Configured from console by console testRouter# c. What is the router prompt now? __________________ d. From the router privileged mode prompt, issue the show running-config command again. How does the output differ from the first time you issued this command? _______________________________________________________ Step 2: Display the router startup configuration. From the router privileged mode prompt, issue the show startup-config command to see the startup file stored in NVRAM. Is the output from this command the same as that from the show running-config command issued in Step 1d? ____________________________________________________________________________ Router#show startup-config Step 3: Save the running-config to the startup-config. When the router is booted up, the startup-config file is loaded into router RAM and becomes the running-config file. Changes made to the running-config take effect immediately, but do not affect the startup-config. To make running-config changes permanent, they must be copied to the startup-config using the copy running-config startup-config command. From the router privileged mode prompt, issue the copy running-config startup-config command to make the changes permanent. When prompted for the destination filename, press Enter to accept the default name of startup-config. testRouter#copy running-config startup-config Destination filename [startup-config]? Building configuration... [OK] testRouter# 39 Lab Sheets Computer Networks From the router privileged mode prompt, issue the show startup-config command again. Is the output from this command the same as that from the show running-config command issued in Step 1d? ____________________________________________________________________________ To restart the router, from the router privileged mode prompt, issue the reload command. This performs a software restart and loads the startup-config file from NVRAM. What is the router prompt now? ______________________________ Step 4: Display the router system information using the show version command. The show version command displays useful information about the router internal components, including the amount of RAM, Cisco IOS software version, the number and type of interfaces installed, and the configuration register, which controls how the router boots up. By default, the config register is set to hexadecimal 2102 (0x2102), which causes the router to load the operating system (Cisco IOS) from flash memory. The information displayed by the show version command is displayed as part of router bootup. Your output may vary, depending on the router model, Cisco IOS software version, and internal components installed. From the router privileged mode prompt, issue the show version command and answer the following questions: 1. What is the Cisco IOS software version number? _____________ 2. How long has the router been up (uptime)? _____________ 3. What is the name of the system image file? _________________________________ 4. How many and what types of interfaces does this router have? _______________________ ___________________________________________________________________________ 5. How many bytes of NVRAM does the router have? ______________ 6. How many bytes of flash (RAM) memory does the router have? ______________ 7. What is the configuration register setting? ______________ Part 4: Router Connection and Exploration of the IOS Command Line Interface (CLI) (a) As you have known from the previous operations, access to the IOS command line interface is generally referred to as an EXEC session. As a security feature, Cisco IOS separates EXEC session into two different access levels – user EXEC level which will have a right arrow (>) in the prompt and privileged EXEC level which has a sharp key (#) in the prompt. Privileged EXEC level allows a person to access all router commands and can be password protected. You can use “enable” and “disable” commands to switch between these two levels. (b) Switch between the two levels and use “?” to show all the commands in these two levels. Copies these commands to your logbook and compare what are missing in the user EXEC level. Figure 4 shows the IOS CLI hierarchy. 40 Lab Sheets Computer Networks Figure 4 - IOS CLI hierarchy CLI Editor Features (c) Cisco IOS CAI offers two types of context sensitive help word help and command syntax help. Word help can be used to obtain a list of commands that begin with a particular character sequence. To use word help, type in the characters in question followed immediately by the question mark(?), the router will display list of commands that start with the characters that were entered. Try to run the command “ co?” to see what happens (d) Command syntax help can be used to obtain a list of command, keyword, or argument options that available based on the syntax the user has already entered. Try run the command “configure ?” to see what will happen ( attention: there is a space between the command and ? mark). Router Configuration 41 Lab Sheets Computer Networks (e) Entering Configurations Make sure you are on the privileged level to implement the following operations. Follow the commands of the left column step by step to set up your router. Here the “Router” is the hostname you give to the router. You can change to the name you like by using the hostname command in the configuration status. Router> enable - switches to privileged EXEC level Router# configure terminal - switches to global configuration level Router(config)# enable secret cisco - configures router with an enable secret (global) Router(config)# ip route 0.0.0.0 0.0.0.0 20.2.2.3 - configures a static IP route (global) Router(config)# interface FastEthernet0/0 - switches to configure the ethernet0 interface Router(config-if)# ip address 10.10.x.1 255.255.0255.0 - configures an IP address on ethernet0 (interface) Router(config-if)# no shutdown - activates ethernet0 (interface) Router(config-if)# exit - exits back to global configuration level Router(config)# interface VLan1 - switches to configure the serial0 interface Router(config-if)# ip address 10.10.10.1 255.255.255.0 - configures an IP address on serial0 (interface) Router(config-if)# no shutdown - activates serial0 (interface) Router(config-if)# description Cisco DHCP Router(config-if)# ip dhcp pool cisco Router((dhcp-config)# network 10.10.10.0 255.255.255.0 - DHCP setup Router(dhcp-config)#dns-server 192.168.1.10 Router(config-if)# default-router 10.10.10.1 Router(dhcp-config)#exit Router(config-if)# exit - exits back to global configuration level 42 Lab Sheets Computer Networks Router(config)# router rip - switches to configure RIP routing engine Router(config-router)# network 10.0.0.0 - adds network 10.0.0.0 to RIP engine (routing engine) Router(config-router)# network 20.0.0.0 - adds network 20.0.0.0 to RIP engine (routing engine) Router(config-router)# exit - exits back to global configuration level Router(config)# exit - exits out of configuration level Route(config)# line console 0 Router(config)# password [password] Router(config)# login Activates Console access Route(config)# line vty 0 4 Set up the network connection to the router Router(config)# password [password] Setup the password for telnet access Router(config)# login Activates the telnet connection Router# copy running-config startup-config Router# disable - disables privileged EXEC level Router> - indicates user is back to user EXEC level (f) Removing Commands / Resetting Default Values IOS provides an easy way to remove commands from a configuration. To remove a command from the configuration, simply navigate to the proper location and type "no" followed by the command to be removed. The following example displays how to remove an IP address from the ethernet0 interface.( leave to the last steps to implement these examples) Router> enable - switches to privileged EXEC level Router# configure terminal - switches to global configuration level 43 Lab Sheets Computer Networks Router(config)# interface ethernet0 - switches to configure the ethernet0 interface Router(config-if)# no ip address - removes IP address Router(config-if)# exit - exits back to global configuration level Router(config)# exit - exits out of configuration level Router# disable - disables privileged EXEC level Router> - prompt indicates user is back to user EXEC level Router Management (g) IOS supports many different types of show commands. To display the running-configuration, type the following command in privileged EXEC mode: Router#show running-config To display the startup-configuration that is stored in NVRAM, type the following command in privileged EXEC mode: Router#show startup-config Writing down the output of these two configuration informations. (h) To display the version, type the following command in privileged EXEC mode: Router# show version (i) To view information about a particular interface, use the show interface command. The show interface command provides the following list of important information: Interface State (e.g. UP, DOWN, LOOPED) Protocol addresses Bandwidth Reliability and Load Encapsulation type Packet Rates 44 Lab Sheets Computer Networks Error Rates Signaling Status (i.e. DCD,DSR,DTR,RTS,CTS) (j) For example, to check the interface you connect to the router, type the following command in privileged EXEC mode: Router# show interface FastEthernet2 45 Lab Sheets Computer Networks Lab 10 Configuring Basic Router Settings with the Cisco IOS CLI Objectives • Configure the device host name for a router. • Configure console, privileged EXEC mode, and vty passwords. • Configure Ethernet and serial interfaces, including description. • Configure a message of the day (MOTD) banner. • Configure the routers to not perform domain lookup of host names. • Configure synchronous console logging. • Verify connectivity between hosts and routers. Background / Preparation In this lab, you need to use packet tracer to build a multi-router network and configure the routers to communicate using the most common Cisco IOS configuration commands. Set up a network similar to the one in the topology diagram. Any router that meets the interface requirements displayed in that diagram—such as 800, 1600, 1700, 1800, 2500, or 2600 routers, or a combination of these—can be used. See the Router Interface Summary table at the end of the lab to determine which interface identifiers to use based on the equipment in the lab. Depending on the model of the router, output may vary from what is shown in this lab. Step 1: Configure host computer IP settings. a. Make sure that the host computers are connected according to the topology diagram. b. Configure the hosts with static IP addresses using the following settings. H1 attached to the S1 switch: 46 Lab Sheets Computer Networks IP address: 172.16.0.2 Subnet mask: 255.255.0.0 Default gateway: 172.16.0.1 H2 attached to R2 directly: IP address: 172.18.0.2 Subnet mask: 255.255.0.0 Default gateway: 172.18.0.1 Step 2: Log in to each router and configure the basic settings. Note: Perform each step for both routers. a. Configure a host name for each of the two routers. Router>enable Router#configure terminal Router(config)#hostname R1 Note: Use R2 for the name of the second router. b. Configure a console password and enable login for each of the two routers. Examples are provided for R1. Repeat these commands on R2. R1(config)#line console 0 R1(config-line)#password cisco R1(config-line)#login R1(config-line)#exit R1(config)# c. Configure the password on the vty lines for each of the two routers. R1(config)#line vty 0 4 R1(config-line)#password cisco R1(config-line)#login R1(config-line)#exit R1(config)# d. Configure the enable and enable secret passwords for each of the two routers. R1(config)#enable password cisco R1(config)#enable secret class R1(config)#exit Note: Remember that the enable secret password is encrypted when viewing the configuration. Also do not type enable secret password class. If you do, the secret password will be password, not class. The enable secret password takes precedence over the enable password. When an enable secret password is configured, the enable password is no longer accepted. It will be necessary to enter the enable secret password to enter privileged EXEC mode. Some network administrators may choose to configure only the enable secret password. e. Configure a message-of-the-day (MOTD) banner using the banner motd command. When a user connects to the router, the MOTD banner appears before the login prompt. In this example, the number sign (#) is used to start and end the message. The # is converted to ^C when the running-config is displayed. R1(config)#banner motd #Unauthorized Use Prohibited# f. Configure the router to not attempt to resolve host names using a DNS server. If this is not configured, the router assumes that any mistyped command is a host name and attempts to resolve it by looking for a DNS server. On some routers, it can take considerable time before the prompt returns. R1(config)#no ip domain lookup g. Configure the router so that console messages do not interfere with command input. This is helpful when exiting configuration mode, because it returns you to the command prompt and prevents having messages from breaking into the command line. R1(config)#line console 0 R1(config-line)#logging synchronous 47 Lab Sheets Computer Networks Step 3: View the router running configuration. a. From the privileged EXEC prompt, issue the show running-config command. This command can be abbreviated as sh run. R1#show running-config *** Some output omitted *** Building configuration... Current configuration : 605 bytes ! hostname R1 ! enable secret 5 $1$eJB4$SH2vZ.aiT7/tczUJP2zwT1 enable password cisco ! no ip domain lookup ! interface FastEthernet0/0 no ip address shutdown duplex auto speed auto ! interface Serial0/0/0 no ip address shutdown ! interface Serial0/0/1 no ip address shutdown ! banner motd ^CUnauthorized Use Prohibited^C ! line con 0 password cisco logging synchronous login line aux 0 line vty 0 4 password cisco login ! end b. Is there an encrypted password? _____________ c. Are there any other passwords? _____________ d. Are any of the other passwords encrypted? _____________ Step 4: Configure the serial interface on R1. In global configuration mode, configure serial interface 0/0/0 on R1. See the Router Interface Summary table at the end of the lab for the proper designation of the serial interface on the router that you are using. Because the R1 serial 0/0/0 interface is acting as the DCE for the WAN link, it is necessary to configure the clock rate. When configuring an interface, always use the no shutdown command to enable it. R1(config)#interface serial 0/0/0 48 Lab Sheets Computer Networks R1(config-if)#description WAN link to R2 R1(config-if)#ip address 172.17.0.1 255.255.0.0 R1(config-if)#clock rate 64000 R1(config-if)#no shutdown R1(config-if)#exit R1(config-if)#exit Note: Enter the clock rate only on the router serial interface to which the DCE interface end of the cable is attached. The cable type (DTE or DCE) is printed on the outside of each end of the null serial cable. When in doubt, enter the clock rate command on both router serial interfaces. The command is ignored on the router to which the DTE end is attached. The no shutdown command turns on the interface. The shutdown command turns the interface off. Step 5: Display information about the serial interface on R1. a. Enter the show interfaces command on R1. R1#show interfaces serial 0/0/0 Serial0/0/0 is down, line protocol is down Hardware is PowerQUICC Serial Description: WAN link to R2 Internet address is 172.17.0.1/16 MTU 1500 bytes, BW 128 Kbit, DLY 20000 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation HDLC, loopback not set Keepalive set (10 sec) Last input never, output never, output hang never Last clearing of "show interface" counters 00:01:55 Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: fifo Output queue :0/40 (size/max) 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 0 packets input, 0 bytes, 0 no buffer Received 0 broadcasts, 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort 6 packets output, 906 bytes, 0 underruns 0 output errors, 0 collisions, 3 interface resets 0 output buffer failures, 0 output buffers swapped out 0 carrier transitions DCD=down DSR=down DTR=up RTS=up CTS=down b. What did you discover by issuing the show interfaces command? Serial 0/0/0 status is _________ Line protocol is ___________ Internet address _____________________ Encapsulation _______________ To which OSI layer is the encapsulation referring? ________________ c. If the serial interface was configured, why did the show interfaces serial 0/0/0 indicate that the interface is down? ______________________________________________________________________________ Step 6: Configure the serial interface on R2. In global configuration mode, configure serial 0/0/0 on router R2. See the Router Interface Summary table at the end of the lab for the proper designation of the serial interface on the router that you are using. R2(config)#interface serial 0/0/0 R2(config-if)#description WAN link to R1 R2(config-if)#ip address 172.17.0.2 255.255.0.0 R2(config-if)#no shutdown 49 Lab Sheets Computer Networks R2(config-if)##exit R2(config)#exit Step 7: Display information about the serial interface on R2. a. Enter the show interfaces command on R2. R2#show interfaces serial 0/0/0 Serial0/0/0 is up, line protocol is up Hardware is PowerQUICC Serial Description: WAN link to R1 Internet address is 172.17.0.2/16 MTU 1500 bytes, BW 128 Kbit, DLY 20000 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation HDLC, loopback not set Keepalive set (10 sec) Last input 00:00:08, output 00:00:08, output hang never Last clearing of "show interface" counters 00:04:54 Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: fifo Output queue :0/40 (size/max) 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 3 packets input, 72 bytes, 0 no buffer Received 3 broadcasts, 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort 6 packets output, 933 bytes, 0 underruns 0 output errors, 0 collisions, 2 interface resets 0 output buffer failures, 0 output buffers swapped out 0 carrier transitions DCD=up DSR=up DTR=up RTS=up CTS=up b. What did you discover by issuing the show interfaces command? Serial 0/0/0 status is _________ Line protocol is ___________ Internet address _____________________ Encapsulation _______________ To which OSI layer is the encapsulation referring? ________________ c. Why did the show interfaces serial 0/0/0 indicate that the interface is up? ______________________________________________________________________________ Step 8: Verify that the serial connection is functioning. a. Use the ping command to test connectivity to the serial interface of the other router. From R1, ping the R2 router serial interface. R1#ping 172.17.0.2 Does the ping work? _______ b. From R2, ping the R1 router serial interface. R2#ping 172.17.0.1 Does the ping work? _______ c. If the answer is no for either question, troubleshoot the router configurations to find the error. Then ping the interfaces again until the answer to both questions is yes. Step 9: Configure the Fast Ethernet interface on R1. In global configuration mode, configure the Fast Ethernet 0/0 interface on router R1. See the Router Interface Summary table at the end of the lab for the proper designation of the Ethernet interface on the router that you are using. R1(config)#interface FastEthernet 0/0 50 Lab Sheets Computer Networks R1(config-if)#description R1 LAN Default Gateway R1(config-if)#ip address 172.16.0.1 255.255.0.0 R1(config-if)#no shutdown R1(config-iexit f)#R1(config)#exit Note: Ethernet interfaces do not have a DTE or DCE distinction; therefore, it is not necessary to enter the clock rate command. Step 10: Display information about the Fast Ethernet interface on R1. a. Enter the show interfaces command on R1. R1#show interfaces FastEthernet 0/0 FastEthernet0/0 is up, line protocol is up Hardware is AmdFE, address is 000c.3076.8460 (bia 000c.3076.8460) Description: R1 LAN Default Gateway Internet address is 172.16.0.1/16 MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation ARPA, loopback not set Keepalive set (10 sec) Auto-duplex, Auto Speed, 100BaseTX/FX ARP type: ARPA, ARP Timeout 04:00:00 Last input never, output 00:00:18, output hang never Last clearing of "show interface" counters never Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: fifo Output queue :0/40 (size/max) 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 0 packets input, 0 bytes Received 0 broadcasts, 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored 0 watchdog 0 input packets with dribble condition detected 52 packets output, 5737 bytes, 0 underruns 0 output errors, 0 collisions, 1 interface resets 0 babbles, 0 late collision, 0 deferred 52 lost carrier, 0 no carrier 0 output buffer failures, 0 output buffers swapped out b. What did you discover by issuing the show interfaces command? Fast Ethernet 0/0 status is _________ Line protocol is ___________ Internet address _____________________ Encapsulation _______________ To which OSI layer is the encapsulation referring? ________________ c. Why did the show interfaces FastEthernet 0/0 command show that the interface is up? ______________________________________________________________________________ Step 11: Configure the Fast Ethernet interface on R2. In global configuration mode, configure the Fast Ethernet 0/0 interface on R2. Refer to the Router Interface Summary table at the end of the lab for the proper designation of the Ethernet interface on the router that you are using. R2(config)#interface FastEthernet 0/0 R2(config-if)#description R2 LAN Default Gateway R2(config-if)#ip address 172.18.0.1 255.255.0.0 R2(config-if)#no shutdown R2(config-if)#exit R2(config)#exit 51 Lab Sheets Computer Networks Step 12: Display information about the Fast Ethernet interface on R2. a. Enter the show interfaces command on R2. R2#show interfaces FastEthernet 0/0 FastEthernet0/0 is up, line protocol is up Hardware is AmdFE, address is 000c.3076.8460 (bia 000c.3076.8460) Description: R2 LAN Default Gateway Internet address is 172.16.0.1/16 MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation ARPA, loopback not set Keepalive set (10 sec) Auto-duplex, Auto Speed, 100BaseTX/FX ARP type: ARPA, ARP Timeout 04:00:00 Last input never, output 00:00:05, output hang never Last clearing of "show interface" counters never Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: fifo Output queue :0/40 (size/max) 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 0 packets input, 0 bytes Received 0 broadcasts, 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored 0 watchdog 0 input packets with dribble condition detected 14 packets output, 1620 bytes, 0 underruns 0 output errors, 0 collisions, 1 interface resets 0 babbles, 0 late collision, 0 deferred 14 lost carrier, 0 no carrier 0 output buffer failures, 0 output buffers swapped out b. What did you discover by issuing the show interfaces command? Fast Ethernet 0/0 status is _________ Line protocol is ___________ Internet address _____________________ Encapsulation _______________ To which OSI layer is the encapsulation referring? ________________ c. Why did the show interfaces FastEthernet 0/0 command show that the interface is up? ______________________________________________________________________________ Step 13: Save the configuration on both routers. Save the running configuration to the startup configuration from the privileged EXEC prompt. R1#copy running-config startup-config R2#copy running-config startup-config Note: Save the running configuration for the next time that the router is restarted. The router can be restarted either by a software reload command or a power cycle. The running configuration is lost if it is not saved. The router uses the startup configuration when the router is started. Step 14: Check both router configurations. Issue the show running-config command in privileged EXEC mode on both routers, and verify all the configuration commands you have entered so far. Note that this command can be abbreviated as sh run. R1#show running-config R2#sh run Step 15: Verify that the Fast Ethernet connection to each router is functioning. 52 Lab Sheets Computer Networks a. On host H1, open a Command Prompt window. b. Use the ping command to test connectivity to the Fast Ethernet interface of each router from its associated host computer. From H1, ping the R1 router Fast Ethernet interface. C:\>ping 172.16.0.1 Was the ping successful? _____ From host H2, ping the R2 router Fast Ethernet interface. C:\>ping 172.18.0.1 Was the ping successful? ____ c. If the answer is no for either question, troubleshoot the router configurations to find the error. Then ping the interfaces again until the answer to both questions is yes. 53 Lab Sheets Computer Networks Lab 11 Configuring and Verifying RIP Objectives • Implement RIP routing and verify that network routes are being exchanged dynamically. Background / Preparation RIP is one of the most commonly used and widely supported routing protocols in the networking industry. Knowledge of RIP and how to configure it using the Cisco IOS CLI is essential to success as a network technician. In this lab, you build a multi-router network and use RIP to automatically propagate routes, so hosts on remote networks can communicate. Set up a network similar to the one in the diagram above. You can use any router or combination of routers that meets the interface requirements in the diagram, such as 800, 1600, 1700, 1800, 2500, or 2600 routers. Refer to the chart at the end of the lab to correctly identify the interface identifiers to be used based on the equipment in the lab. Depending on the model of router, your output may vary from the output shown in this lab. The lab steps are intended to be executed on each router, unless you are specifically instructed otherwise. From hosts H1 and H2, start a HyperTerminal session with each router. Note: Make sure that the routers and the switches have been erased and have no startup configurations. Instructions for erasing are provided in the Lab Manual, located on Academy Connection in the Tools section. Check with the instructor if you are unsure of how to do this. Required Resources The following resources are required in this workshop if you use Packet Tracer to set up the system : • Two routers, each with an Ethernet and serial interface. • Two Windows XP computers • Two straight-through Category 5 Ethernet cables (H1 to switch and switch to R1) • Crossover Category 5 Ethernet cable (H2 to router R2) • Null serial cable 54 Lab Sheets Computer Networks • Console cables (from H1 and H2 to routers R1 and R2) • Access to the H1 and H2 command prompt • Access to the H1 and H2 network TCP/IP configuration Step 1: Build the network and configure the routers. a. Build a network as shown in the topology diagram b. In global configuration mode, configure the host names and interfaces according to the chart. Note: See Lab 10 if you have difficulty with the basic router configuration. That lab provides instructions for using the Cisco IOS CLI. Step 2: Configure the hosts. a. Configure host H1 attached to R1 with an IP address, subnet mask, and default gateway that is compatible with the IP address of the R1 Fast Ethernet interface (172.16.0.1/24). Host H1 IP configuration: IP address: 172.16.0.2 Subnet mask: 255.255.255.0 Default gateway: 172.16.0.1 b. Configure host H2 attached to R2 with an IP address, subnet mask, and default gateway that is compatible with the IP address of the R2 Fast Ethernet interface (172.18.0.1/24). Host H2 IP configuration: IP address: 172.18.0.2 Subnet mask: 255.255.255.0 Default gateway: 172.18.0.1 Step 3: Check the R1 routing table. a. View the IP routing table for R1 using the show ip route command. R1>show ip route <output omitted> Gateway of last resort is not set 172.16.0.0/24 is subnetted, 1 subnets C 172.16.0.0 is directly connected, FastEthernet0/0 172.17.0.0/27 is subnetted, 1 subnets C 172.17.0.0 is directly connected, Serial0/0/0 b. What is the significance of the “C” to the left of the 172.16.0.0 and 172.17.0.0 network entries in the routing table? __________________________________________________________________________ c. Is there a route in the R1 routing table to the R2 Ethernet network 172.18.0.0? ______ Why? ________________________________________________________________________ ______ Step 4: Test end-to-end connectivity. a. From R1, ping the R2 router Fast Ethernet interface. R1#ping 172.18.0.1 Are the pings successful? ____ b. From host H1, ping host H2 (from network 172.16.0.2 to network 172.18.0.2). C:\>ping 172.18.0.2 Are the pings successful? _____ 55 Lab Sheets Computer Networks c. Why are the pings not successful? ___________________________________________________ _______________________________________________________________________________ Step 5: Configure the routing protocol of the routers. There are two versions of RIP: version 1 and version 2. It is important to specify RIP version 2 (RIPv2) in this configuration, because RIPv2 is the most current version. Some routers default to RIPv2, but it is best to not assume that is the case. a. In global configuration mode, enter the following on R1. R1(config)#router rip R1(config-router)#version 2 R1(config-router)#network 172.16.0.0 R1(config-router)#network 172.17.0.0 R1(config-router)#exit R1(config)#exit b. Save the R1 router configuration. R1#copy running-config startup-config c. In global configuration mode, enter the following on R2. R2(config)#router rip R2(config-router)#version 2 R2(config-router)#network 172.17.0.0 R2(config-router)#network 172.18.0.0 R2(config-router)#exit R2(config)#exit d. Save the R2 router configuration. R2#copy running-config startup-config Step 6: View the routing tables for each router. a. In enable or privileged EXEC mode, examine the routing table entries using the show ip route command on router R1. R1#show ip route Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is not set 172.16.0.0/24 is subnetted, 1 subnets C 172.16.0.0 is directly connected, FastEthernet0/0 172.17.0.0/27 is subnetted, 1 subnets C 172.17.0.0 is directly connected, Serial0/0/0 R 172.18.0.0/16 [120/1] via 172.17.0.2, 00:00:02, Serial0/0/0 b. Which networks are shown in the R1 routing table? __________________________________________________________________________ __________________________________________________________________________ c. What is the significance of the “R” to the left of the 172.18.0.0 network entry in the routing table? __________________________________________________________________________ 56 Lab Sheets Computer Networks d. What does “via 172.17.0.2” mean for this network route? __________________________________________________________________________ e. What does “Serial0/0/0” mean for this network route? __________________________________________________________________________ f. Examine the routing table entries on router R2. R2#show ip route Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is not set R 172.16.0.0/16 [120/1] via 172.17.0.1, 00:00:05, Serial0/0/0 172.17.0.0/27 is subnetted, 1 subnets C 172.17.0.0 is directly connected, Serial0/0/0 172.18.0.0/24 is subnetted, 1 subnets C 172.18.0.0 is directly connected, FastEthernet0/0 g. Which networks are shown in the R2 routing table? __________________________________________________________________________ __________________________________________________________________________ Step 7: Test end-to-end connectivity. a. From R1, ping the R2 router Fast Ethernet interface. R1#ping 172.18.0.1 Are the pings successful? ____ b. From the host H1 command prompt, ping H2 (from network 172.16.0.2 to network 172.18.0.2). C:\>ping 172.18.0.2 c. Are the pings successful? ____ If the answer is no for either question, troubleshoot the router configurations to find the error. Then do the pings again until the answer to both questions is yes. Be sure to check physical cabling for problems and bad connections, and make sure that you are using the correct cable types. d. Why are the pings successful this time? _______________________________________________ Step 8: Use debug to observe RIP communications Using the debug ip rip command, you can see real-time communication and updates passing between routers that are running RIP. Note: Running debug commands puts a significant load on the CPU of the router. Do not use debug commands on a production network, if possible. a. On router R1, enter the debug ip rip command from privileged EXEC mode. Examine the exchange of routes between the two routers. The output should look similar to that shown here. R1#debug ip rip RIP protocol debugging is on 57 Lab Sheets Computer Networks R1# 00:51:28: RIP: sending v2 update to 224.0.0.9 via Serial0/0/0 (172.17.0.1) 00:51:28: RIP: build update entries 00:51:28: 172.16.0.0/16 via 0.0.0.0, metric 1, tag 0 00:51:49: RIP: received v2 update from 172.17.0.2 on Serial0/0/0 00:51:49: 172.18.0.0/16 via 0.0.0.0 in 1 hops 00:51:57: RIP: sending v2 update to 224.0.0.9 via FastEthernet0/0 (172.16.0.1) 00:51:57: RIP: build update entries 00:51:57: 172.17.0.0/16 via 0.0.0.0, metric 1, tag 0 00:51:57: 172.18.0.0/16 via 0.0.0.0, metric 2, tag 0 b. Enter the command undebug all to stop all debugging activity. R1#undebug all All possible debugging has been turned off R1# c. What interface does router R1 send and receive updates through? ________________ d. Why does the route to 172.17.0.0 have a metric of 1, and the route to 172.18.0.0 have a metric of 2? ______________________________________________________________________________ e. Log off by typing exit and turn off the router. Step 9: Reflection a. What would happen to the routing table on router R1 if the Ethernet network on router R2 went down? ________________________________________________________________________________ b. What would happen if router R1 was configured to run RIPv1, and R2 was configured to run RIPv2? ________________________________________________________________________________ . 58 Lab Sheets Computer Networks Lab 12 Configuring DHCP using Cisco IOS Commands Objectives • Configure a customer router for DHCP using the Cisco IOS CLI. • Configure a DHCP client. • Verify DHCP functionality. Configure basic router settings using the Cisco IOS CLI. Background / Preparation In this lab, you set up a customer router to act as a DHCP server for internal client computers. DHCP assigns an address, subnet mask, and default gateway to hosts dynamically from a defined pool of addresses. Set up a network similar to the one shown in the topology diagram. Any router that meets the interface requirements displayed in that diagram – such as 800, 1600, 1700, 1800, 2500, and 2600 routers, or a combination – may be used. Refer to the Router Interface Summary table at the end of the lab to determine which interface identifiers to be used based on the equipment in the lab. Depending on the router model, output may vary somewhat from that shown in this lab. Required Resources The following resources are required: • Cisco 1841 ISR router (or comparable) with SDM version 2.4 or above installed to act as the customer router 59 Lab Sheets Computer Networks • Cisco 1841 router (or other router) to act as the ISP router • Cisco 2960 switch (or other switch/hub) to connect hosts H1, H2, and the customer router • Windows XP computer (host H1) • Windows XP computer (host H2) • Straight-through Category 5 Ethernet cables • Null serial cable (R1 to R2) • Console cables (H1 to R1 and H2 to R2) • Access to the host H1 and H2 command prompt • Access to the host H1 and H2 network TCP/IP configuration From hosts H1 and H2, start a HyperTerminal session with each router. Task 1: Configure Basic Router Settings Step 1: Build the network and configure host computer IP settings. Make sure that the host computers are connected according to the topology diagram. Configure host H1 with the following static IP information. IP address: 192.168.1.101 Subnet mask: 255.255.255.0 Default gateway: 192.168.1.1 Configure host H2 as a DHCP client. On hosts H1 and H2, open a command prompt. Issue the ipconfig /all command. Record the MAC addresses for H1 and H2. Host H1 MAC address _________________________ Host H2 MAC address _________________________ Step 2: Configure the customer router basic settings with the Cisco IOS CLI. Configure the host name, passwords, interfaces, and HTTP service in preparation for the use of SDM. Also configure a default route to the ISP. Router>enable Router#config t Router(config)#hostname Customer Customer(config)#enable secret class Customer(config)#username admin privilege 15 secret cisco123 Customer(config)#no ip domain-lookup Customer(config)#line con 0 Customer(config-line)#password cisco Customer(config-line)#logging synchronous Customer(config-line)#login Customer(config-line)#line vty 0 4 Customer(config-line)#password cisco Customer(config-line)#login Customer(config-line)#exit Customer(config)#interface FastEthernet0/0 Customer(config-if)#description LAN Default Gateway Customer(config-if)#ip address 192.168.1.1 255.255.255.0 Customer(config-if)#no shutdown Customer(config-if)#interface Serial0/0/1 Customer(config-if)#ip address 209.165.200.225 255.255.255.224 Customer(config-if)#description WAN link to ISP Customer(config-if)#no shutdown Customer(config-if)#exit Customer(config)#ip http server Customer(config)#ip http authentication local Customer(config)#ip route 0.0.0.0 0.0.0.0 209.165.200.226 Step 3: Configure ISP router basic settings with the Cisco IOS CLI. Configure the host name, passwords, and interfaces. 60 Lab Sheets Computer Networks Router>enable Router#configure terminal Router#(config) hostname ISP ISP(config)#enable secret class ISP(config)#line console 0 ISP(config-line)#password cisco ISP(config-line)#login ISP(config)#line vty 0 4 ISP(config-line)#password cisco ISP(config-line)#login ISP(config-line)#exit ISP(config)#exit ISP(config)#interface serial 0/0/0 ISP(config-if)#description WAN link to Customer ISP(config-if)#ip address 209.165.200.226 255.255.255.224 ISP(config-if)#clock rate 64000 ISP(config-if)#no shutdown ISP(config-if)#exit ISP(config)#ip http server ISP(config)#exit Step 4: Save the router configurations. From privileged EXEC mode, save the running configuration to the startup configuration. Customer#copy running-config startup-config ISP#copy running-config startup-config Task 2: Configure and Verify DHCP Using the CLI Step 1: Check the host DHCP client H2 IP configuration. Open a command prompt window on H2 and issue the ipconfig /release and ipconfig /renew commands. Because there is no DHCP server currently configured, it may take a while to timeout. At the command prompt, now issue the ipconfig command. What is the IP address and subnet mask for H2? ____________________________________________________________________________ Step 2: Configure the DHCP server excluded addresses on the Customer router. To prevent certain addresses from being assigned they must be excluded from the pool. This includes the IP address of the router Fast Ethernet 0/0 interface (the default gateway). In this lab, also exclude addresses from 192.168.1.101 through 192.168.1.254 to reserve them for other purposes, such as servers and printers, which need to have a fixed IP address. To exclude addresses, issue the ip dhcp excluded-address command. Customer(config)#ip dhcp excluded-address 192.168.1.1 Customer(config)#ip dhcp excluded-address 192.168.1.101 192.168.1.254 Why do you want to exclude addresses before the DHCP pool is even created? ______________________________________________________________________________ ______________________________________________________________________________ Step 3: Configure the DHCP pool. On the Customer router, configure a DHCP pool for the internal clients. Customer(config)#ip dhcp pool INTERNAL Customer(dhcp-config)#network 192.168.1.0 255.255.255.0 Customer(dhcp-config)#domain-name abc-widgets.inc Customer(dhcp-config)#default-router 192.168.1.1 Customer(dhcp-config)#dns-server 192.168.1.200 Step 4: Test the DHCP pool for H2. On H2, open a command prompt and issue the ipconfig /release and ipconfig /renew commands. On H2, issue the ipconfig /all command. What IP address is issued to H2? __________________________ What is the subnet mask of H2? __________________________. 61 Lab Sheets Computer Networks What is the default gateway of H2? __________________________ What is the connection-specific DNS suffix (domain name) of host H2? ________________________ What is the DHCP server IP address? __________________________ What is the DNS server IP address? __________________________ What is the MAC address of H2? ____________________________ From H2, ping the default gateway (the router Ethernet interface). Does the ping succeed? _______ Troubleshoot as necessary, and do not proceed until the ping is successful. Step 5: Test the DHCP pool for H1. On H1, change the IP configuration from static to dynamic to make H1 a DHCP client like host H2. Open a command prompt on H1 and issue the ipconfig /release and ipconfig /renew commands. Because there is no DHCP server currently configured, it may take a while to timeout. At the command prompt, now issue the ipconfig command. What IP address is issued to H1? __________________________ Step 6: Display the DHCP binding on the Customer router. To see the IP address and host hardware (MAC) address combination assigned by the DHCP server, issue the show ip dhcp binding command on the Customer router. Customer#show ip dhcp binding IP address Client-ID/ Lease expiration Type Hardware address 192.168.1.2 0100.0bdb.04a5.cd Feb 22 2008 11:19 AM Automatic 192.168.1.3 0100.07e9.63ce.53 Feb 22 2008 11:27 AM Automatic Do the hardware addresses displayed match those recorded for hosts H1 and H2 in Task 1, Step 1? ______ On the Customer router, display the characteristics of the DHCP pool using the show ip dhcp pool command. Customer#show ip dhcp pool Pool INTERNAL : Utilization mark (high/low) : 100 / 0 Subnet size (first/next) : 0 / 0 Total addresses : 254 Leased addresses : 2 Pending event : none 1 subnet is currently in the pool : Current index IP address range Leased addresses 192.168.1.4 192.168.1.1 - 192.168.1.254 2 How many addresses have been leased? ______ Step 8: Reflection a. What are some advantages and disadvantages of using DHCP? ______________________________________________________________________________ ______________________________________________________________________________ 62 Lab Sheets Computer Networks Lab 13 Basic Switch Configuration Objectives • Configure initial switch global settings. • Configure host PCs and attach them to the switch. • Configure a router and attach it to the switch. • Configure a switch management VLAN IP address. • Verify network connectivity. • Configure basic port security. • Configure port duplex and speed settings. Background In this lab, you connect multiple hosts and a router to the switch and test connectivity. You will configure port security, speed, and duplex settings for a switch port. This lab focuses on the basic configuration of the Cisco 2960 switch using Cisco IOS commands. To use an IP-based management product or Telnet with a Cisco switch, you must configure a management IP address. You will configure VLAN 1 to provide IP access to management functions. The information in this lab applies to other switches, however, command syntax may vary. Required Resources The following resources are required: • Cisco 2960 switch or other comparable switch 63 Lab Sheets Computer Networks • Router with Ethernet interface to connect to switch • Three Windows-based PCs, one with a terminal emulation program • RJ-45-to-DB-9 connector console cable • Three straight-through Ethernet cables • Access to the PC command prompt • Access to a PC network TCP/IP configuration Step 1: Connect the hosts to the switch and configure them. a. Connect host H1 to Fast Ethernet S1 switch port Fa0/11, and connect H2 to port Fa0/18. Configure the hosts to use the same IP subnet for the address and mask as on the switch, as shown in the topology diagram and table above. b. Do not connect host H3 to the switch yet. Step 2: Connect the router to the switch and configure the router. Note: If necessary, Lab 10 for instructions on setting the host name, passwords, and interface addresses. Connect the router to switch port Fa0/5. Configure the router with the host name CustomerRouter. Configure the console access and password, vty access and password, and enable secret password. Configure the router Fa0/1 interface as shown in the topology table. Step 3: Configure the switch. a. Configure the switch with the host name CustomerSwitch. Switch>enable Switch#config terminal Switch(config)#hostname CustomerSwitch b. Set the privilege exec mode password to cisco. CustomerSwitch(config)#enable password cisco c. Set the privilege exec mode secret password to cisco123. CustomerSwitch(config)#enable secret cisco123 d. Set the console password to cisco123. CustomerSwitch(config)#line console 0 CustomerSwitch(config-line)#password cisco123 e. Configure the console line to require a password at login. CustomerSwitch(config-line)#login f. Set the vty password to cisco123. CustomerSwitch(config-line)#line vty 0 15 CustomerSwitch(config-line)#password cisco123 g. Configure the vty to require a password at login. 64 Lab Sheets Computer Networks CustomerSwitch(config-line)#login CustomerSwitch(config-line)#end Step 4: Configure the management interface on VLAN 1. Enter global configuration mode. Remember to use the new password. CustomerSwitch>enable CustomerSwitch#configure terminal b. Enter the interface configuration mode for VLAN 1: CustomerSwitch(config)#interface vlan 1 c. Set the IP address, subnet mask, and default gateway for the management interface. The IP address must be valid for the local network where the switch is installed. CustomerSwitch(config-if)#ip address 192.168.1.5 255.255.255.0 CustomerSwitch(config-if)#no shutdown CustomerSwitch(config-if)#exit CustomerSwitch(config)#ip default-gateway 192.168.1.1 CustomerSwitch(config)#end Step 5: Verify the configuration of the switch. Verify that the IP address of the management interface on the switch VLAN 1 and the IP address of host H1 are on the same local network. Use the show running-configuration command to check the IP address configuration of the switch. CustomerSwitch#show running-configuration Building configuration... Current configuration : 1283 bytes ! version 12.2 no service pad hostname CustomerSwitch ! enable secret 5 $1$XUe/$ch4WQ/SpcFCDd2iqd9bda/ enable password cisco ! interface FastEthernet0/1 ! ! interface FastEthernet0/24 ! interface Vlan1 ip address 192.168.1.5 255.255.255.0 no ip route-cache ! ip default-gateway 192.168.1.1 ip http server ! line con 0 password cisco123 login line vty 0 4 password cisco123 login line vty 5 15 password cisco123 login ! end b. Save the configuration. CustomerSwitch#copy running-config startup-config Step 6: Verify connectivity using ping and Telnet. To verify that the switch and router are correctly configured, ping the router Fa0/1 interface (default gateway) IP address from the switch CLI. 65 Lab Sheets Computer Networks Are the pings successful? ________ To verify that the hosts and switch are correctly configured, ping the switch IP address from host H1. d. Are the pings successful? _________ e. If the ping is not successful, verify the connections and configurations again. Check to ensure that all cables are correct and that connections are seated. Check the host, switch, and router configurations. f. Open a command prompt on host H1, and telnet the IP address assigned to switch management VLAN 1. g. Enter the vty password configured in Step 3. What is the result? __________________________ At the switch prompt, issue the show version command. CustomerSwitch>show version Cisco IOS Software, C2960 Software (C2960-LANBASE-M), Version 12.2(0.0.16)FX, CISCO DEVELOPMENT TEST VERSION Copyright (c) 1986-2005 by Cisco Systems, Inc. Compiled Tue 17-May-05 01:43 by yenanh ROM: Bootstrap program is C2960 boot loader BOOTLDR: C2960 Boot Loader (C2960-HBOOT-M), Version 12.2 [lqian-flo_pilsner 100] Switch uptime is 3 days, 20 hours, 8 minutes System returned to ROM by power-on System image file is "flash:c2960-lanbase-mz.122-0.0.16.FX.bin" cisco WS-C2960-24TC-L (PowerPC405) processor with 61440K/4088K bytes of memory. Processor board ID FHH0916001J Last reset from power-on Target IOS Version 12.2(25)FX 1 Virtual Ethernet interface 24 FastEthernet interfaces 2 Gigabit Ethernet interfaces The password-recovery mechanism is enabled. 64K bytes of flash-simulated non-volatile configuration memory. Base ethernet MAC Address : 00:0B:FC:FF:E8:80 Motherboard assembly number : 73-9832-02 Motherboard serial number : FHH0916001J Motherboard revision number : 01 System serial number : FHH0916001J Hardware Board Revision Number : 0x01 Switch Ports Model SW Version SW Image ------ ----- ----- ---------- ---------* 1 26 WS-C2960-24TC-L 12.2(0.0.16)FX C2960-LANBASE-M Configuration register is 0xF h. What is the Cisco IOS version of this switch? ___________________ i. Type quit at the switch command prompt to terminate the Telnet session. Step 7: Determine which MAC addresses that the switch has learned. From the Windows command prompt, get the Layer 2 addresses of the PC network interface card for each host by using the ipconfig /all command. Host H1: _______________________________________________ Host H2: _______________________________________________ Host H3: _______________________________________________ Determine which MAC addresses the switch has learned by using the show mac-addresstable command at the privileged exec mode prompt. CustomerSwitch#show mac-address-table Mac Address Table ------------------------------------------Vlan Mac Address Type Ports ---- ----------- -------- ----- 66 Lab Sheets Computer Networks All 000b.be7f.ed40 STATIC CPU All 0100.0ccc.cccc STATIC CPU All 0100.0ccc.cccd STATIC CPU All 0100.0cdd.dddd STATIC CPU 1 000b.db04.a5cd DYNAMIC Fa0/5 1 000c.3076.8380 DYNAMIC Fa0/11 1 000d.1496.36ad DYNAMIC Fa0/18 Total Mac Addresses for this criterion: 7 c. How many dynamic addresses are there? ____________________________ d. Do the MAC addresses match the host MAC addresses? _______________ e. Review the options that the mac-address-table command has by using the ? help feature. CustomerSwitch(config)#mac-address-table ? address address keyword aging-time aging-time keyword count count keyword dynamic dynamic entry type interface interface keyword multicast multicast info for selected wildcard notification MAC notification parameters and history table static static entry type vlan VLAN keyword | Output modifiers <cr> f. Set up a static MAC address on the Fast Ethernet interface 0/18. Use the address that was recorded for H2 in Step 7. The MAC address XXXX.YYYY.ZZZZ is used in the example statement only. CustomerSwitch(config)#mac-address-table static XXXX.YYYY.ZZZZ interface fastethernet 0/18 vlan 1 g. Verify the MAC address table entries. CustomerSwitch#show mac-address-table Mac Address Table ------------------------------------------Vlan Mac Address Type Ports ---- ----------- -------- ----All 000b.be7f.ed40 STATIC CPU All 0100.0ccc.cccc STATIC CPU All 0100.0ccc.cccd STATIC CPU All 0100.0cdd.dddd STATIC CPU 1 000b.db04.a5cd DYNAMIC Fa0/5 1 000c.3076.8380 DYNAMIC Fa0/11 1 000d.1496.36ad STATIC Fa0/18 h. How many total MAC addresses are there now? ________________________ i. What type are they? ____________________________________________ Step 8: Configure basic port security. a. Determine the options for setting port security on Fast Ethernet interface 0/18. CustomerSwitch#configure terminal CustomerSwitch(config)#interface fastEthernet 0/18 CustomerSwitch(config-if)#switchport port-security ? aging Port-security aging commands mac-address Secure mac address maximum Max secure addrs violation Security Violation Mode b. Remove the static mac address from FastEthernet interface 0/18. Use the address that was recorded for H2 in Step 7. The MAC address XXXX.YYYY.ZZZZ is used in the example statement only. CustomerSwitch(config-if)#no mac-address-table static XXXX.YYYY.ZZZZ interface fastethernet 0/18 vlan 1 67 Lab Sheets Computer Networks c. To allow the switch port FastEthernet 0/18 to accept only one device, configure port security. CustomerSwitch(config-if)#switchport mode access CustomerSwitch(config-if)#switchport port-security CustomerSwitch(config-if)#switchport port-security mac-address sticky CustomerSwitch(config-if)#end c. Check the port security settings. CustomerSwitch#show port-security Secure Port MaxSecureAddr CurrentAddr SecurityViolation Security Action (Count) (Count) (Count) --------------------------------------------------------------------------Fa0/18 1 0 0 Shutdown --------------------------------------------------------------------------- d. What is the security action for port Fa0/18 if a security violation occurs? _______________ e. What is the maximum secure address count? ____________ f. Display the running configuration. Note: Some output is omitted in the following display. CustomerSwitch#show running-config Building configuration... Current configuration : 1452 bytes version 12.2 hostname CustomerSwitch ! interface FastEthernet0/1 ! interface FastEthernet0/2 ! interface FastEthernet0/3 ! interface FastEthernet0/18 switchport mode access switchport port-security switchport port-security mac-address sticky ! interface FastEthernet0/5 ! mac-address-table static 000b.db04.a5cd vlan 1 interface FastEthernet0/18 ! end g. Are there statements that directly reflect the security implementation in the listing of the running configuration? ____________________________________________________________ Step 9: Connect a different PC to the secure switch port. a. Disconnect host H2 from Fast Ethernet 0/18, and connect host H3 to the port. H3 has not yet been attached to the switch. From H3, ping the switch address 192.168.1.5 to generate some traffic. b. Record any observations at the PC and the switch terminal session. ______________________________________________________________________________ ______________________________________________________________________________ 01:11:12: %PM-4-ERR_DISABLE: psecure-violation error detected on Fa0/18, putting Fa0/18 in err-disable state 01:11:12: %PORT_SECURITY-2-PSECURE_VIOLATION: Security violation occurred, cause d by MAC address 000c.3076.8380 on port FastEthernet0/18. 01:11:13: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/18, chang ed state to down 01:11:14: %LINK-3-UPDOWN: Interface FastEthernet0/18, changed state to down c. View the configuration information for just Fast Ethernet port 0/18. CustomerSwitch#show interface fastethernet 0/18 68 Lab Sheets Computer Networks d. What is the state of this interface? Fast Ethernet 0/18 is ________________ and the line protocol is _____________ Step 10: Reactivate the port. a. Clear the sticky address entry for port Fa0/18 using the clear port-security command. S1#clear port-security sticky interface fa0/18 access b. To return the interface from error disable to administratively up, enter the shutdown command followed by the no shutdown command. S1(config)#interface fa0/18 S1(config-if)#shutdown S1(config-if)#no shutdown c. Enter the original host or change the MAC address to its original value. Ping from the command prompt. You can ping multiple times or use the ping 192.168.1.5 –n 100 command, which sets the number of ping packets to 100, instead of 4. Step 11: Set speed and duplex options for the ports. a. Switch port settings default to auto-duplex and auto-speed. If a computer with a 100 Mbps NIC is attached to the port, it automatically goes into full-duplex 100 Mbps mode. If a hub is attached to the switch port, it normally goes into half-duplex 10 Mbps mode. b. Issue the show interfaces command to see the setting for ports Fa0/5, Fa0/11, and Fa0/18. This command generates a large amount of output. Press the spacebar until you can see all the information for these ports. What are the duplex and speed settings for these ports? Port Fa0/5 ________________________________ Port Fa0/11 ________________________________ Port Fa0/18 ________________________________ c. It is sometimes necessary to set the speed and duplex of a port to ensure that it operates in a particular mode. You can set the speed and duplex with the duplex and speed commands while in interface configuration mode. To force Fast Ethernet port 5 to operate at half duplex and 10 Mbps, issue the following commands: CustomerSwitch>enable CustomerSwitch#Config Terminal CustomerSwitch(config-if)#interface fastEthernet 0/10 CustomerSwitch(config-if)#speed 10 CustomerSwitch(config-if)#duplex half CustomerSwitch(config-if)#end CustomerSwitch# d. Issue the show interfaces command again. What is the duplex and speed setting for Fa0/5 now? ________________________________ Step 12: Exit the switch. Type exit to leave the switch and return to the welcome screen. Switch#exit b. When the steps are completed, turn off all the devices. Remove and store the cables and adapter. Step 13: Reflection. Which password needs to be entered to switch from user mode to privilege exec mode on the Cisco switch, and why? ____________________________________________________________________________ ____________________________________________________________________________ 69 Lab Sheets Computer Networks b. Which symbol is used to show a successful ping in the Cisco IOS software? ____________________________________________________________________________ b. What is the benefit of using port security? ___________________________________________ _____________________________________________________________________________ d. What other port-related security steps could be taken to further improve switch security? _____________________________________________________________________________ _____________________________________________________________________________ 70 Lab Sheets Computer Networks Lab 14 Configuring, Verifying, and Troubleshooting VLANs Objectives • • • • Observe default switch VLAN configuration and operation. Configure static VLANs on a switch. Verify VLAN configuration and operation. Modify an existing VLAN configuration. Background / Preparation This lab focuses on the basic VLAN configuration of the Cisco 2960 switch (or similar) using Cisco IOS commands. The information in this lab applies to other switches; however, command syntax may vary. Depending upon the switch model, the interface designations may differ. For example, modular switches have multiple slots; therefore, the Fast Ethernet ports may be FastEthernet 0/1 or FastEthernet 1/1, depending on the slot and port. The router used can be any router. The following resources are required: • One Cisco 2960 switch or equivalent switch • One Cisco 1841 router or equivalent 71 Lab Sheets Computer Networks • Two Windows-based PCs with a terminal emulation program • At least one RJ-45-to-DB-9 connector console cable to configure the switch and the router • Three straight-through Ethernet cables to connect from the PCs to Switch 1 Step 1: Connect the equipment a. Connect the router Fa0/0 interface with a straight-through cable to Switch 1 Fa0/8 interface. b. Connect the Host 1a Ethernet interface with a straight-through cable to Switch 1 Fa0/2 interface. c. Connect the Host 1b Ethernet interface with a straight-through cable to Switch 1 Fa0/3 interface. d. Connect a PC with a console cable to perform configurations on the router and switch. e. Configure IP addresses on the hosts as shown in the chart. Step 2: Perform basic configuration on the router a. Connect a PC to the console port of the router to perform configurations using a terminal emulation program. b. Configure Router 1 with a hostname, console, Telnet, and privileged passwords according to the table. c. Configure the Fa0/0 interface IP address and mask according to the table. Step 3: Configure Switch 1 a. Configure S1 hostname and passwords. b. Configure Switch 1 with a hostname and console, Telnet, and privileged passwords according to the addressing table. c. Configure S1 with an IP address and default gateway. S1(config)#interface vlan1 S1(config-if)#ip address 172.16.1.2 255.255.255.0 S1(config-if)#no shutdown S1(config-if)#exit S1(config)#ip default-gateway 172.16.1.1 S1(config)#end Step 4: Verify connectivity and default VLAN configuration a. Verify LAN connectivity by pinging from the router to the switch and the hosts. Also verify that you can ping from host to host. b. Verify default VLAN configuration with the show vlan command on S1. S1#show vlan Are all switch ports assigned to VLAN 1? __________ Step 5: Configure VLANs on S1 a. Create and name two additional VLANs on S1. S1(config)#vlan 20 S1(config-vlan)#name fred S1(config-vlan)#exit S1(config)#vlan 30 S1(config-vlan)#name wilma S1(config-vlan)#exit b. Verify the creation of the new VLANs with the show vlan command. S1#show vlan c. Do the new VLANs appear in the output? ___________ What interfaces belong to the new VLANs? __________ Assign interfaces to VLANs. Assign S1 port Fa0/2 to VLAN 20 and ports Fa0/3 – Fa0/8 to VLAN 30. S1(config)#interface fastethernet 0/2 S1(config-if)#switchport mode access S1(config-if)#switchport access vlan 20 S1(config-if)#exit S1(config)#interface range fastethernet 0/3 - 8 S1(config-if-range)#switchport mode access S1(config-if-range)#switchport access vlan 30 S1(config-if-range)#end S1#show running-config Observe that the switchport access command was applied to ports Fa0/2 – Fa0/8. 72 Lab Sheets Computer Networks d. Verify the port assignments of the new VLANs with the show vlan command. S1#show vlan Which interfaces now belong to VLAN 1? ____________________ Which interfaces belong to VLAN 20? _______________________ Which interfaces belong to VLAN 30? _______________________ e. Other commands can be used to show different amounts of information or specific pieces of information. Enter the following commands on S1 and observe the output: S1#show vlan brief Is all of the basic VLAN membership information shown? __________ S1#show vlan id 30 What information is shown? ____________________ S1#show vlan name fred What information is shown? ____________________ Step 6: Verify VLAN segmentation In the previous step, the ports connected to R1 and Host 1b were placed in one VLAN and Host 1a was placed in another. Even though these hosts are connected to one switch, it appears as if there are two separate switches. Connectivity tests will prove this. a. Ping from Host 1b to R1. Were the pings successful? __________ b. Ping from Host 1b to Host 1a. Were the pings successful? __________ c. Ping from Host 1a to R1. Were the pings successful? __________ Why were some pings successful and others not? _________________________________________________________________________ How could Host 1b communicate with Host 1a in different VLAN? _______________________________________________________ Step 7: Change and delete VLAN configurations a. Reassign S1 port Fa0/3 to VLAN 20. S1(config)#interface Fa0/3 S1(config-if)#switchport access vlan 20 S1(config)#end S1#show vlan Does the output reflect the VLAN membership change? __________ b. Remove VLAN 30. Which two commands would be used to delete all VLAN configuration and return to the default configuration? _________________________________________________________________________ Step 8: Reflection a. Why would VLANs be configured in a network? ________________________________________________________________________________ ________________________________________________________________________________ ________________________________________________________________________________ ________________________________________________________________________________ b. What must be set up to communicate between VLANS? ________________________________________________________________ c. With no configuration, what VLAN are all ports a member of? ___________________________________________________________ 73 Lab Sheets Computer Networks Lab 15 Configure Inter VLAN Routing Objectives • • • • • Configure two switches, one as a VTP server and the other as a VTP client. Configure three VLANs on the VTP server switch and propagate this information to the VTP client. Configure VLAN configuration on Router A. Configure inter-VLAN routing using a router-on-a-stick configuration. Verify connectivity between the VLANs. Background / Preparation This lab focuses on the basic configuration of the Cisco 1841 or comparable router using Cisco IOS commands. The information in this lab applies to other routers; however, command syntax may vary. Depending upon the router model, the interfaces may differ. For example, on some routers Serial 0 may be Serial 0/0 or S0/0/0 and Ethernet 0 may be FastEthernet 0/0. The Cisco Catalyst 2960 switch comes preconfigured and only needs to be assigned basic security information before being connected to a network. The following resources are required: • Two Cisco 2960 switches or other comparable switches 74 Lab Sheets • • • • • Computer Networks One router with Fast Ethernet interface to connect to switch One Windows-based PC with a terminal emulation program One RJ-45-to-DB-9 connector console cable to configure the router and switches One straight-through Ethernet cable to connect from the router to Switch 1 One crossover Ethernet cable to connect Switch 1 to Switch 2 Step 1: Connect the equipment a. Connect the router Fa0/0 interface with a straight-through cable to Switch 1 Fa0/2 interface. b. Connect Switch 1 Fa0/1 port to the Fa0/1 port on Switch 2 using a crossover cable. c. Connect a PC with a console cable to perform configurations on the router and switches. Step 2: Perform basic configurations on the router a. Connect a PC to the console port of the router to perform configurations using a terminal emulation program. b. Configure Router A with a hostname and console, Telnet, and privileged passwords according to the table diagram. Step 3: Configure VLAN trunking on the router Configure Router A Fa0/0 interface to trunk for VLAN 1, VLAN 10, and VLAN 20 with 802.1Q encapsulation. RouterA(config)#interface fa0/0 RouterA(config-if)#no shutdown RouterA(config-if)#interface fa0/0.1 RouterA(config-subif)#encapsulation dot1Q 1 RouterA(config-subif)#ip address 172.16.1.1 255.255.255.0 RouterA(config-subif)#exit RouterA(config)#interface fa0/0.10 RouterA(config-subif)#encapsulation dot1Q 10 RouterA(config-subif)#ip address 172.16.10.1 255.255.255.0 RouterA(config-sexit ubif)# RouterA(config)#interface fa0/0.20 RouterA(config-subif)#encapsulation dot1Q 20 RouterA(config-subif)#ip address 172.16.20.1 255.255.255.0 RouterA(config-subif)#end Step 4: .Configure Switch 1 a. Configure Switch 1 with a hostname and console, Telnet, and privileged passwords according to the table diagram. b. Configure Switch 1 with the VLAN 1 IP address of 172.16.1.2/24. c. On Switch 1, create VLAN 10, named Faculty, and VLAN 20, named Students. Switch1(config)#vlan 10 Switch1(config-vlan)#name Faculty Switch1(config-vexit lan)#Switch1(config)#vlan 20 Switch1(config-vlan)#name Students Switch1(config-vlan)#exit Switch1(config)# d. Configure Switch 1 with the default gateway address of 172.16.1.1. e. Configure Switch 1 with the interfaces Fa0/5 and Fa0/6 on VLAN 10. Switch1(config)#interface fa0/5 Switch1(config-if)#switchport mode access Switch1(config-if)#switchport access vlan 10 Switch1(config-if)#exit Switch1(config)#interface fa 0/6 Switch1(config-if)#switchport mode access Switch1(config-if)#switchport access vlan 10 Switch1(config-if)#exit f. Configure Switch 1 with the interfaces Fa0/7 and Fa0/8 on VLAN 20. Switch1(config)#interface fa0/7 Switch1(config-if)#switchport mode access Switch1(config-if)#switchport access vlan 20 Switch1(config-if)#exit Switch1(config)#interface fa0/8 Switch1(config-if)#switchport mode access 75 Lab Sheets Computer Networks Switch1(config-if)#switchport access vlan 20 Switch1(config-if)#end g. Configure all other interfaces on Switch 1 in VLAN 1. By default, there is only a single VLAN for all ports. You cannot rename or delete VLAN 1. Therefore, no further configuration is necessary. To prove this, issue the command show vlan brief. Are all other switch ports in VLAN 1? _______ Which switch ports are in VLAN 10? ___________________ Which switch ports are in VLAN 20? ___________________ h. Issue the command show vlan. What difference is noticed between the two commands show vlan brief and show vlan? __________________________________________________________________________ __________________________________________________________________________ Step 5: Configure VLAN trunking on Switch 1 a. Configure trunking between Switch 1 and Switch 2 with 802.1 encapsulation using port Fa0/1 on both switches. Switch1(config)#int fa0/1 Switch1(config-if)#switchport mode trunk Switch1(config-if)#exit b. Configure trunking between Switch 1 and Router A with 802.1 encapsulation using port Fa0/2 on Switch 1. Switch1(config)#int fa0/2 Switch1(config-if)#switchport mode trunk Switch1(config-if)#end Switch1# c. From Switch 1, issue the command show interfaces trunk. Which interfaces on Switch 1 are in trunk mode? __________________________________ Which VLANs are allowed and active in the management domain? ____________________ Step 6: Configure VTP on Switch 1 a. Configure Switch 1 as part of VTP domain Group 1. Switch1(config)#vtp domain Group1 Changing VTP domain name from NULL to Group1 b. Configure Switch 1 as the VTP server and Switch 2 as the VTP client. Switch1(config)#vtp mode server Device mode already VTP SERVER. Switch1(config)#end Step 7: Configure Switch 2 a. Configure Switch 2 with a hostname and console, Telnet, and privileged passwords according to the table diagram. b. Configure Switch 2 with the VLAN 1 IP address of 172.16.1.3/24. c. Configure Switch 2 with the default gateway address of 172.16.1.1. d. Configure Switch 2 with the interfaces Fa0/5 and Fa0/6 on VLAN 10. Switch2(config)#interface fa0/5 Switch2(config-if)#switchport mode access Switch2(config-if)#switchport access vlan 10 Switch2(config-if)#exit Switch2(config)#interface fa 0/6 Switch2(config-if)#switchport mode access Switch2(config-if)#switchport access vlan 10 76 Lab Sheets Computer Networks Switch2(config-if)#exit e. Configure Switch 2 with the interfaces Fa0/7 and Fa0/8 on VLAN 20. Switch2(config)#interface fa0/7 Switch2(config-if)#switchport mode access Switch2(config-if)#switchport access vlan 20 Switch2(config-iexit f)# Switch2(config)#interface fa0/8 Switch2(config-if)#switchport mode access Switch2(config-if)#witchport access vlan 20 sSwitch2(config-if)#exit Step 8: Configure VLAN trunking on Switch 2 Switch2(config)#int fa0/1 Switch2(config-if)#switchport mode trunk Switch2(config-if)#exit Step 9: Configure VTP on Switch 2 Switch2(config)#vtp mode client From Switch 2, verify that all VLANs have been propagated across the domain by issuing the command show vtp status. What is the VTP version used on Switch 2? _____________________ What is the maximum VLANs supported locally? _________________ What VTP operating mode is used on Switch 2? __________________ What is the VTP domain name? ______________________________ How did Switch 2 learn the domain name and VLAN information? __________________________________________________________________________ Step 10: Verify connectivity The router and switches should be able to ping the interfaces of the other devices. a. From each device, issue a ping to all interfaces. Are the router pings successful? ________ b. From Switch 1, ping to all other devices. Are Switch 1 pings successful? __________ c. From Switch 2, ping to all other devices. Are Switch 2 pings successful? __________ If the ping is not successful, verify the connections and configurations again. Check to ensure that all cables are correct and that connections are seated. Check the router and switch configurations. Step 11: Reflection a. Why would VLANs be configured in a network? _______________________________________________________________________________ _______________________________________________________________________________ _______________________________________________________________________________ _______________________________________________________________________________ b. Why would a VLAN benefit from trunking? _______________________________________________________________________________ _______________________________________________________________________________ c. Why should VTP be used? _______________________________________________________________________________ _______________________________________________________________________________ d. Which device provides connectivity between different VLANs? _______________________________________________________________________________ e. What are some benefits of VLANs? 77 Lab Sheets Computer Networks _______________________________________________________________________________ _______________________________________________________________________________ _______________________________________________________________________________ 78 Lab Sheets Computer Networks Lab 16 Configuring and Verifying PAP and CHAP Authentication Objectives • Configure PPP authentication using PAP and CHAP. • Verify connectivity using show and debug commands. Background / Preparation Cable a network similar to the one shown in the topology diagram. Any router that has a single serial interface may be used for this lab. For example, router series 800, 1600, 1700, 1800, 2500, 2600, 2800, or any combination are acceptable. The information in this lab applies to other routers; however, command syntax may vary. Depending on the router model, the interfaces may be identified differently. For example, on some routers, Serial0 may be Serial0/0 or Serial0/0/0 and Ethernet0 may be FastEthernet0/0. The information in this lab applies to routers that use the Serial0/0/0 notation. If the router in use differs, use the correct notation for the serial interface. The following resources are required: • Two routers both with a serial connection • Two Windows-based PCs, each with a terminal emulation program • At least one RJ-45-to-DB-9 connector console cable to configure the routers • One 2-part (DTE/DCE) serial cable NOTE: Make sure that the routers and the switches have been erased and have no start-up configurations. Step 1: Connect the equipment Connect Router 1 and Router 2 with a serial cable connecting both Serial 0/0/0 interfaces as shown in the topology diagram. Step 2: Perform basic configuration on Router 1 Connect a PC to the console port of the router to perform configurations using a terminal emulation program. On Router 1, configure the hostname, IP addresses, and passwords as provided in the addressing table. Save the configuration. Step 3: Perform basic configuration on Router 2 On Router 2, configure the hostname, IP addresses, and passwords as provided in the addressing table. Save the configuration. 79 Lab Sheets Computer Networks Step 4: Configure PPP encapsulation on both R1 and R2 Change the encapsulation type to PPP by entering encapsulation ppp at the interface Serial 0/0 configuration mode prompt on both routers. R1(config-if)#encapsulation ppp R2(config-if)#encapsulation ppp Step 5: Verify PPP encapsulation on R1 and R2 Enter the command show interfaces serial 0/0/0 to verify the PPP encapsulation on R1 and R2. R1#show interfaces serial 0/0/0 R2#show interfaces serial 0/0/0 Is R1 using PPP encapsulation? __________ Is R2 using PPP encapsulation? __________ Step 6: Verify that the serial connection is functioning Ping from R1 to R2 to verify that there is connectivity between the two routers. R1#ping 192.168.15.2 R2#ping 192.168.15.1 Can the serial interface on the R2 router be pinged from R1? __________ Can the serial interface on the R1 router be pinged from R2? __________ If the answer is no for either question, troubleshoot the router configurations to find the error. Repeat the pings until they are successful. Step 7: Configure PPP authentication on R1 with PAP Configure the username and password on the R1 router. The username must be identical to the hostname of the other router. Both the password and usernames are case-sensitive. On the router, define the username and password to expect from the remote router. On Cisco routers, the secret password must be the same for both routers. R1(config)#username R2 password cisco R1(config)#interface serial 0/0/0 R1(config-if)#ppp authentication pap In Cisco IOS releases 11.1 or later, PAP must be enabled on the interface because it is disabled by default. From the Serial 0/0/0 interface configuration mode prompt, enable PAP on the interface. R1(config-if)#ppp pap sent-username R1 password cisco Step 8: Verify that the serial connection is functioning Verify that the serial connection is functioning by pinging the serial interface of R2. Was it successful? __________ Why or why not? _______________________________________________________________ Step 9: Configure PPP authentication on R2 with PAP Configure the username and password on the R2 router. The username and password must be identical to the hostname and password of the other router. Both the password and user names are case-sensitive. On the router, define the username and password to expect from the remote router.On Cisco routers, the secret password must be the same for both routers. R2(config)#username R1 password cisco R2(config)#interface serial 0/0/0 R2(config-if)#ppp authentication pap In Cisco IOS releases 11.1 or later, PAP must be enabled on the interface because it is disabled by default. From the Serial 0/0/0 interface configuration mode prompt, enable PAP on the interface. R2(config-if)#ppp pap sent-username R2 password cisco Step 10: Turn on PPP debugging To display the authentication exchange process as it occurs, issue the command debug ppp authentication at the privileged EXEC mode prompt. R1#debug ppp authentication NOTE: Debugging output is assigned high priority in the CPU process and can render a system unusable. When working on a live network, use debug only during periods of low network traffic. 80 Lab Sheets Computer Networks What did the debug function report when the PPP authentication was applied? _____________________________________________________________________ ______________________________________________________________________ ______________________________________________________________________ ______________________________________________________________________ ______________________________________________________________________ Which line reveals the outgoing authentication acknowledgment? ______________________________________________________________________ Which line reveals the incoming authentication request? ______________________________________________________________________ Remove the debug command from R1. R1#undebug all Step 11: Verify that the serial connection is functioning Verify that the serial connection is functioning by pinging the serial interface of R1. Was it successful? __________ Why or why not? _______________________________________________________________ Step 12: Remove PAP from R1 and R2 Remove PAP from R1 and R2 by issuing the command no in front of the commands used to configure PAP. R1(config)#interface serial 0/0/0 R1(config-if)#no ppp authentication pap R1(config-if)#no ppp pap sent-username R1 password cisco R1(config-if)#exit R1(config)#no username R2 password cisco R2(config)#interface serial 0/0/0 R2(config-if)#no ppp authentication pap R2(config-if)#no ppp pap sent-username R2 password cisco R2(config-if)#exit R2(config)#no username R1 password cisco Step 13: Configure PPP authentication on R1 with CHAP If both CHAP and PAP are enabled, the first authentication method specified is requested during the link negotiation phase. If the peer suggests using the second method or simply refuses the first method, the second method is tried. Save the configuration on R1 and R2 and reload both routers. R1#copy running-config startup-config R1#reload R2#copy running-config startup-config R2#reload Configure the username and password on the R1 router. The username must be identical to the hostname of the other router. Both the password and usernames are case-sensitive. Define the username and password to expect from the remote router. On Cisco routers, the secret password must be the same for both routers. R1(config)#username R2 password cisco R1(config)#interface serial 0/0/0 R1(config-if)#ppp authentication chap Step 14: Configure PPP authentication on R2 with CHAP Configure the username and password on the R2 router. The passwords must be the same on both routers. The username must be identical to the hostname on the other router. Both the password and user names are case-sensitive. Define the username and password to expect from the remote router. R2(config)#username R1 password cisco R2(config)#interface serial 0/0/0 R2(config-if)#ppp authentication chap To display the authentication exchange process as it occurs, issue the command debug ppp authentication at the privileged EXEC mode prompt. R1#debug ppp authentication What did the debug function report when CHAP was applied on R2? __________________________________________________________________________ __________________________________________________________________________ 81 Lab Sheets Computer Networks __________________________________________________________________________ __________________________________________________________________________ __________________________________________________________________________ Which authentication method is being used? _____________ What line specifies the incoming authentication request? __________________________________________________________________________ Which line identifies the outgoing authentication acknowledgment? __________________________________________________________________________ Remove the debug command from R1. R1#undebug all Step 15: Verify that the serial connection is functioning Verify that the serial connection is functioning by pinging the serial interface of R1. Was it successful? __________ Why or why not? __________________________________________________________________________ ___________________________________________________________________ Step 16: Verify the serial line encapsulation on R1 Enter the command show interfaces serial 0/0 to view the details of the interface. R1#show interfaces serial 0/0/0 What is the status of Serial 0/0/0? __________ Line Protocol is __________ Encapsulation is __________ Is the LCP open? __________ How many NCPs have been established? __________ Step 17: Verify the serial line encapsulation on R2 Enter the command show interfaces serial 0/0/0 to view the details of the interface. R2#show interfaces serial 0/0/0 What is the status of Serial 0/0/0 __________ Line Protocol is __________ Encapsulation is __________ Is the LCP open? __________ How many NCPs have been established? __________ Step 18: Reflection a. What is an advantage of using CHAP over PAP? ___________________________________________________________________ ____________________________________________________________________ ____________________________________________________________________ ____________________________________________________________________ b. Which PPP protocol is used for establishing a point-to-point link? _________________________ c. Which PPP protocol is used for configuring the various Network Layer protocols? _________________________ 82