DEPARTAMENTO DE ELECTRÓNICA, TELECOMUNICAÇÕES E

INFORMÁTICA

LICENCIATURA EM ENG. DE ELETRÓNICA E COMPUTADORES

REDES DE TELECOMUNICAÇÕES
LAB GUIDE

CONNECTIVITY, ETHERNET, ARP, IPV4 ADDRESSING

AND SUBNETTING

Objectives
Verify the network configuration of a PC
Name translation to IP addresses and vice-versa
Connectivity tests
Discovery of the path between two network machines
Geo-location and discovery of the entity and responsible for the network machines
Physical Interfaces and Ethernet Addresses
IPv4 protocol (addressing, forwarding, fragmentation and reassembly)
IPv4 Address Resolution Protocol
ICMP (ping, arp and traceroute commands)
Familiarization with Wireshark protocol analyzer
Familiarization with equipment configuration
Ethernet technology (Switching)
Introduction to IP Routing
IP Sub-netting

Duration
 4 weeks
 1. Networking Basics
To accomplish the goals of this section, you will need to use a command (windows) or
terminal (linux) window as shown below.

1.1. Verify the network configuration of a PC

1. Open a command window and execute the command ipconfig and register: (i) how many
network interfaces (Linux: ip link; MAC: ifconfig) and (ii) the IP address and the default
gateway of each interface (Linux: ip addr e ip route; MAC: netstat -r).
2. Repeat the command ipconfig with the option /all and register: (i) the name of the
machine (Linux: cat /etc/hostname), (ii) the physical address of each interface (Linux: ip
addr) and (iii) the DNS servers IP addresses (Linux: cat /etc/resolv.conf).

1.2. Name translation to IP addresses and vice-versa

1. In a command window, using the command nslookup (same in Linux), determine the IP
addresses associated to each of the following names:

Name IP Address(es)
www.ua.pt
www.sapo.pt
www.publico.pt
www.google.com
www.google.pt
nslookup [{address_to_find}]

2. Using the command nslookup determine the name associated to the following IP
addresses:

IP Address Name
193.136.173.58
193.137.55.13

3. Open the browser and access to each of the following URLs:

Addresses Site
193.137.55.13
157.240.212.35

Redes de Telecomunicações, DETI/UA 2/13

 1.3. Connectivity tests
In a command window execute the command ping (same in Linux) to the following
addresses, and register the average round trip time. What can you conclude about the relation
between the round trip time and the geographical distance? Note: If pings do not work,
connect through the WiFi network in the lab.
Addresses Machine location Average round
trip time
www.ua.pt Aveiro, Portugal (0Km)
www.up.pt Porto, Portugal (~60Km)
www.adelaide.edu.au Austrália (~17100Km)
www.tanzaniatourism.go.tz Tanzânia (~3100Km)

1.4. Discovery of the path between two network machines

In a command window execute the command tracert (Linux: traceroute) to the following
addresses and register
• the number of network machines between the origin and destination,
• the address of the antepenultimate machine in the path.
Repeat using the option –d (-n in linux) of the tracert command
IP address of the
Number of
Addresses Machine location antepenultimate
machines
machine in the path
www.ua.pt Aveiro, Portugal (0Km)
www.up.pt Porto, Portugal (~60Km)
www.adelaide.edu.au Austrália (~17100Km)
jornalnopintcha.gw Guiné Bissau (~3100Km)

1.5. Discovery of the entity and responsible for the network machines
Using the service whois, through the web page https://who.is/ (or https://ping.eu/ns-whois/),
determine (if possible), for each of the trace routes in 4.1: the entity responsible by the
antepenultimate machine of each path and the location of that entity
IP address Responsible entity Location of the entity

1.6. Geo-location of IP addresses

Using the geo-location service, through the web page http://www.hostip.info, determine for
each of the trace routes in 5, the geographic location of the antepenultimate machine of each
path. Note: this service is not precise
Location
Addresses
Country City

Redes de Telecomunicações, DETI/UA 3/13

2. Initial Experiments

1. Build and configure the network above with the equipment in the lab (you can use your
own PC). Run the command ping –t (pings without stopping) for the router. (All
configurations’ examples are in the “Commands Guide”):
a) D-LINK Switch: # config ipif System ipaddress 192.1.1.21/24
b) Cisco:
Router> enable
Router# configure terminal // conf t
Router(config)# interface FastEthernet0/0 // Enter interface
configuration mode
Router(config-if)# ip address 192.168.1.1 255.255.255.0 // Assign
IPv4 address
Router(config-if)# no shutdown // Enable the interface
Router(config-if)# exit // ^Z
c) PC (windows):
On the search bar type and open “view network connections” (ver
ligações de rede)
Identify the Ethernet network adapter, right click it, open properties,
choose IPv4 and click on properties:

d) PC (linux): sudo ifconfig eth0 192.1.1.1 netmask 255.255.255.0

2. Run Wireshark in the PC and start a capture of all packets. Run the Statistics ➔
Endpoints tool and verify that the PC captures packets from/to another equipment.

3. Run the Statistics ➔ Conversations tool to visualise the communications among the
different pairs of hosts.

4. Terminate the capture and save it with .cap extension.

5. Analyse the saved capture. What do you conclude on the ICMP packet periodicity?
Observe how the Sequence Number field of ICMP packets is used for round-trip-time
(RTT) estimation done by the ping command.

Redes de Telecomunicações, DETI/UA 4/13

 6. Observe now in the saved capture the different encapsulation levels: the ICMP packets
are encapsulated on IP datagrams and the IP datagrams are encapsulated on Ethernet
frames. Register the following information:

➢ PC Ethernet address:
➢ Router Ethernet address:
➢ Hexadecimal code (Type field of Ethernet header) that identifies an IP datagram:
➢ Hexadecimal code (Protocol field of IP header) that identifies an ICMP packet:
➢ Hexadecimal code (Type field of ICMP header) that identifies the two ICMP packet types
(Echo Request and Echo Reply):

7. On a command window of your PC, first execute the command arp –d to delete all ARP
table entries of your PC. Then, run the ping command to the Router. Finally, run the
command arp –a to display the ARP table of your PC. Check that the IP address of the
Router has an associated Ethernet address.

arp command
arp -d inet_addr [if_addr]
arp -a [inet_addr] [-N if_addr]

-a Displays current ARP entries by interrogating the current protocol

data. If inet_addr is specified, the IP and Physical addresses
for only the specified computer are displayed. If more than one
network interface uses ARP, entries for each ARP table are
displayed.
inet_addr Specifies an internet address.
-d Deletes the host specified by inet_addr. inet_addr may
be wildcarded with * to delete all hosts.

8. Start a new capture with Wireshark. Repeat experiment 4 and, then, stop the capture.
Analysing the captured packets, explain how ARP protocol is used by the PC to discover
the Ethernet address of the Router before exchanging the ICMP packets. Register the
following information of the captured ARP packets:

ARP Request Ethernet header

Origin address:
Destination Address:
ARP packet
Origin MAC address:
Origin IP address:
Destination MAC address:
Destination IP address:

ARP Response Ethernet header

Origin address:
Destination Address:
ARP packet
Origin MAC address:
Origin IP address:
Destination MAC address:

Redes de Telecomunicações, DETI/UA 5/13

 Destination IP address:

9. On your PC, run the command ping to the Router. Then, estimate how long it takes the
Router entry to disappear from the ARP table (if you need, use the Windows Clock
applications). Remember from the theoretical classes the reasons for the fact that these
ARP table entries are not permanent.

2.1. Padding
In order to work properly, Ethernet requires a minimum size data field of 46 bytes. If the
protocol running on top of Ethernet delivers a chunk of less than 46 bytes, Ethernet adds
dummy bytes to guarantee its minimum size (this process is named padding). On a DOS
window of your PC, execute the command arp –d to delete all ARP table entries of your
PC. Start a new capture with Wireshark. Then, execute the command ping –l 5 to the
Router and stop the capture. Observe the padding process on the captured ARP and ICMP
packets.

NOTE: Wireshark does not show the padding bytes in packets generated on its host;
therefore, the padding process can be observed only in the packets received by the PC.

2.2. Fragmentation
IP protocol includes a fragmentation and reassembly mechanism in order to transmit IP
packets whose size is larger than the MTU (Maximum Transmission Unit) of the network
(Ethernet MTU = 1500 bytes).

Start a new capture with Wireshark. Execute on your PC the following commands to the
Router:
Windows:
ping Router -l 2000
ping Router -l 3100
Linux:
ping Router -s 2000
ping Router -s 3100
Repeat the ping commands from the Router do the PC using 2000 and 3100 bytes of data:
ping PC size 2028
ping PC size 3128

Analyse the captured packets and explain the fragmentation process. In particular, explain:
• why each packet is fragmented in either 2 or 3 fragments;
• the content of the IP header fields that enable the recovery of the complete packet
at the destination;
• the packet size of each fragment.

Redes de Telecomunicações, DETI/UA 6/13

3. Experiments with switches
3.1. Aging

1. Consider the same network as before. Test the connectivity between all equipment using
the ping command.

2. Execute again the ping command between PC and Router. Access the management
console of the Switch using the Web Browser. Analyse the MAC Address Table of the
Switch and register its contents (MAC address and Ethernet address are equivalent
terms). Observe that the Switch has learned on each port the MAC addresses of the
equipment connected to the same port.
➔ Confirm on the PC and on the Router that their MAC address are the ones learned by
the Switch.

3. Each entry of the MAC Address Table has a lifetime value that is set to zero whenever
the Switch receives an incoming packet on the same input port with the same origin MAC
address. During time, if an entry lifetime reaches the Aging Time value, the entry is
eliminated (the Aging Time value can be configured on the Switch).
➔ Using the Web Browser access, check the default Aging Time value of the Switch.

4. Using the Web Browser access, configure an Aging Time value of 10 seconds. Then, wait
for about 20 seconds and check if the PC MAC address entry has disappeared from the
MAC Address Table.
➔ Observe that, apparently, this entry does not disappear.

NOTE: The Router MAC address does not disappear from the MAC Address Table due to
the fact that routers send periodically (from 10 to 10 sec.) a LOOPBACK packet to check
for physical connectivity; these packets are continuously validating the Router MAC
address on the Switch.

5. Close the Web Browser and connect to the management console of the Switch through
its console (using the serial interface). Examine again the MAC Address Table. Check
that, in this experiment, the PC MAC address disappears from the table.
➔ Justify the different behaviour observed in these two experiments (4 and 5).

3.2. Flooding and Forwarding

Remember from the theoretical classes that, when a Switch receives a packet on an
incoming port, it searches for an entry with the packet destination MAC address on its MAC
Address Table. Then, the behaviour of the Switch is one of two possibilities:
• Flooding process: no such entry exists and the Switch sends the packet to all its
ports, except the incoming port.
• Forwarding process: the entry exists and the Switch sends the packet only for the
port specified on the MAC Address Table entry, if it is not the incoming port.

The aim of the 2 next experiments is to verify the Switch basic flooding and forwarding
processes.

Redes de Telecomunicações, DETI/UA 7/13

1. Add to your network a connection to a Server (your PC in the lab or of your colleague)
connected to the switch.
➔ Test the connectivity by executing a ping command from the Router to the Server.

2. With WireShark, start a capture with a display filter for ICMP packets. Execute once
again the ping command from the router to the Server.
➔ Register the captured packets.

Note that the ping command has generated the exchange of 5 ICMP Echo Request and 5
ICMP Echo Reply packets between the Router and the Server. Nevertheless, the capture
run on the PC has only one ICMP Echo Request packet.
➔ Explain these observations based on the Switch flooding and forwarding processes

Redes de Telecomunicações, DETI/UA 8/13

4. Experiments with routers
For the following exercise, you need to build the network shown below, using one switch
from the classroom and two PCs.

“PC 1” (Windows, Linux or MAC) needs to have at least Wireshark installed and should
have firewall disabled during the exercise. The network interface connected to the switch
must be configured as shown.

“PC 2“ must have GNS3 installed and, using GNS3 the following network must be created
(use the “cloud” from GNS to allow GNS to use the Ethernet adapter of your PC 2 to
connect to the external switch): (ALWAYS USE CISCO 7200 on GNS)

Once everything is configured and connected, your network should be two IP networks,
interconnected by a Router, with the class C IP addresses specified in the figure below.

1. Without configuring Default Gateway on the PC and VPC,

➔ Register and justify the routing table of the Router.

Note: If you run this experiment in GNS-3, your PC is a VPC and your switch is replaced
by another VPC. Please see the relevant Guide for GNS-3 installation and configuration.

Redes de Telecomunicações, DETI/UA 9/13

2. Start a capture with wireshark. Execute the ping command from the PC to the VPC.
Repeat the experiment but now executing the ping command from the VPC (through its
console in GNS3) to the PC..
➔ Register and justify both the ping command results and the captured packets.

3. Configure the appropriate Default Gateway at the VPC. Start a new capture with a display
filter for ICMP packets and execute the ping command from the VPC to the PC..
➔Register and justify both the ping command result and the captured packets.

4. Configure the appropriate Default Gateway at your PC. Start a new capture with a display
filter for ICMP packets and execute the ping command from the PC to the VPC..
➔ Register and justify the ping command result.
➔ Register also the following addresses of the ICMP Echo Request and Echo Reply
packets and identify to which equipment interfaces each one of them belong.

ICMP Echo Request

Ethernet packet header Source MAC Address:
Destination MAC Address:
IP packet header Source IP Address:
Destination IP Address:

ICMP Echo Reply

Ethernet packet header Source MAC Address:
Destination MAC Address:
IP packet header Source IP Address:
Destination IP Address:

5. Remember from the theoretical classes that Routers forward IP packets based on the IP
addresses of their IP headers (routers do not change the packet IP addresses).
Nevertheless, routers are clients of each Ethernet segment. Therefore, the MAC addresses
of the Ethernet header are specified with the MAC addresses of the communicating hosts
on each Ethernet segment.

Having in mind this behaviour, and without making any capture, predict what were the
following addresses of the ICMP packets exchanged between the Router and the VPC on
the previous experiment (if needed, check the addresses on the equipment):

ICMP Echo Request

Ethernet packet header Source MAC Address:
Destination MAC Address:
IP packet header Source IP Address:
Redes de Telecomunicações, DETI/UA 10/13
 Destination IP Address:

ICMP Echo Reply

Ethernet packet header Source MAC Address:
Destination MAC Address:
IP packet header Source IP Address:
Destination IP Address:

6. ➔ Register and justify the ARP tables of the Router.

7. Start a new capture with a display filter for ICMP and ARP packets and execute the ping
command from the VPC to the IP address 192.20.20.10 (an inexistent IP address of your
network).
➔ Register the captured packets and explain the obtained results.

8. Start a capture with wireshark. Execute the ping command from the VPC to the IP address
194.100.1.1.
➔ Register the captured packets.
➔ Justify the observed packets taking in mind that the Router has no entry for this IP
address.
➔ What do you conclude about the difference between the Switch forwarding process
(previous switching experiment) and the Router forwarding processes when the
destination address is not known?

9. Connect a real router to the first one, as shown in the next figure and reconfigure the
interface of the router in GNS3, according to the figure.

10. Register the routing table of R1 and compare it with the one of the experiment with only
1 router. Observe that the routing table is the same, which means that the Router must be
configured with something else (a routing protocol) to be able to reach the new IP
network.

11. Start a capture with wireshark. Execute the ping command from the PC to the IP address
192.30.30.150 (an inexistent address of an existing network).
➔ Register and justify the captured packets.
➔ Predict what has happened in this experiment in the other side of R1 (in the network
192.30.30.0) taking into consideration the results of experiment 8.
12. Start a capture with a display filter for ICMP packets. Execute the ping command from
the PC to the IP address 192.20.20.1 (an existing address of a network that is not known
yet by your Router).
➔ Register and justify the captured packets.
➔ Predict what has happened in this experiment in the other side of your Router (in the
network 192.30.30.0) taking into consideration the results of experiment 11.

Redes de Telecomunicações, DETI/UA 11/13

 13. Configure a static route in R1 and another in R2 to allow full connectivity on the entire
network.
➔ Register the routing table of the routers. Observe that, now, the routing protocol
enabled the routers to add information on their routing table concerning the new network.
➔ Execute the ping command from the PC to the IP address 192.20.20.11 to verify the
connectivity between your PC and the new network.

 Configuration of Static route in Cisco routers

In order to configure the static route, use the following commands (these IP addresses refer
to the Group no. x):

R1 (Define the path to network 192.20.20.0 through R2)

Router#configure terminal
Router(config)#ip route 192.20.20.0 255.255.255.0 192.30.30.200

R2 (Define the path to network 192.1.1.0 through R1)

Router#configure terminal
Router(config)#ip route 192.1.1.0 255.255.255.0 192.30.30.100

14. Start a capture with a display filter for ICMP packets. Then, run on your PC the following
ping commands:
ping –i 1 192.20.20.11
ping –i 2 192.20.20.11
ping –i 3 192.20.20.11

GNS-3:
ping 192.20.20.11 -T 1
ping 192.20.20.11 -T 2
ping 192.20.20.11 -T 3
➔ Based on the analysis of the captured packets for each case, explain the behaviour
of the routers with the different TTL (Time-To-Live) values sent by the PC.

15. At your PC, start a capture with a display filter for ICMP packets and execute the
command tracert –d 192.20.20.11 (GNS-3: trace 192.20.20.11). Based on the analysis of
the captured packets, explain how tracert command works. In particular:
(i) identify how the PC identifies each router in the path;
(ii) observe that the PC sends three ICMP Echo Request packets for each growing
value of TTL in order to obtain a better estimation of the round trip time;
(iii) determine how the PC stops the process.

16. ➔ Verify and justify the differences obtained when executing in your PC the command
tracert –d for the IP addresses 192.20.20.11 and 192.20.20.1.

Redes de Telecomunicações, DETI/UA 12/13

5. IP Sub-netting
1. Qual o endereço de broadcast das redes:
- 200.3.27.128/25
- 200.3.27.0 e 200.3.27.128 máscara 255.255.248.0?
2. Qual a primeira máquina das redes que têm uma máquina com o endereço:
- 175.0.92.191/23
- 175.0.92.190/26
- 175.0.92.18/28?
3. Qual a última máquina das redes:
- 175.0.32.0 máscara 255.255.248.0
- 175.0.0.0 máscara 255.255.224.0
- 175.0.16.0 máscara 255.255.248.0
4. Quais as redes da máquina:
- 175.0.22.79/25
- 175.0.117.215/23
- 175.0.117.215/27?
5. Quantas redes e com quantas máquinas se obtêm nas redes particionadas como:
- 175.0.4.0 máscara 255.255.255.252
- 175.0.114.0 255.255.255.240?
6. Consider that you have the following IPv4 class C addresses 200.123.189.0/24, and you
have to use it through different sub-networks:
- 55 PCs at the Networks1 Lab
- 48 PCs at the Networks2 Lab
- 45 servers at the Internal Datacenter
- 5 PCs in the Professors Lab
- 9 PCs in the Administration room.
Define an addressing scheme for the different sub-networks using the overall
available class C address.

Redes de Telecomunicações, DETI/UA 13/13