Lab Manual

Lab Name: Computer Network

Lab Code: BCS 653
Branch: CSE/AI/DS
Course: B.Tech
Lab Incharge: Dr. Vinay Kumar Yadav

LlAB
 Table of Contents

 Institute Vision & Mission statement

 Vision, Mission & PEOs of the Department

 POs & PSOs,

 Evaluation Scheme

 List of Experiment

LlAB
Institute Vision & Mission
Vision:

Mangalmay Institute of Engineering & Technology – Greater Noida, is committed to be the

front -runner in the field of Engineering Education and to nurture students to attain the highest
degree of professional competence in their respective fields.

Mission: The mission of the Engineering Programme of the Institute is to nurture students’
leadership traits in the field of their domains,
1. To educate students from various dimensions & facete of engineering
knowledge to compete with the professional world,
2. To look forward to foreseeing the future needs of the engineering technology
and prepare students to take the challenges of respective domains in the
most be fitting manner.
3. To develop a robust natural knowledge in the field of engineering and
Technical education.
4. To Create a transformative system capable of accurately predicting market
trends by using engineering and technology.

LlAB
Department of Computer Science

Vision: Department of Computer Science and Engineering aspires to become a center of

excellence for quality technical education by keeping pace with new technologies to create
competent undergraduate professionals.

Mission:
1. To develop professionals with analytical and technical competency for
productive career in industry, academia and as entrepreneurs.
2. To build theoretical and applied skills of faculty and student in computer
science and engineering through need based training, research and
development on industrially and socially relevant issues.
3. Continuously improve and provide state-of-the-art laboratories to keep up with
the new developments in the area of computer science and engineering.
4. Create nurturing environment through competitive events, industry
interactions, global collaborations and creating concern for lifelong learning.

LlAB
LlAB
LlAB
University Evaluation Scheme

SEMESTER-VI
End
Sl. Subject Periods Evaluation Scheme
Subject Semester Total Credit
No.
Codes L T P CT TA Total PS TE PE

1 BCS601 Software Engineering 3 1 0 20 10 30 70 100 4

2 BCS602 Compiler Design 3 1 0 20 10 30 70 100 4

3 BCS603 Computer Networks 3 1 0 20 10 30 70 100 4

Deptt-
4 Departmental Elective-III 3 0 0 20 10 30 70 100 3
Elective-III

5 OpenElective-I 3 0 0 20 10 30 70 100 3

6 BCS651 Software Engineering Lab 0 0 2 50 50 100 1

7 BCS652 Compiler Design Lab 0 0 2 50 50 100 1

8 BCS653 Computer Networks Lab 0 0 2 50 50 100 1

Constitution of India/
9 BNC601/ Essence of Indian 2 0 0 20 10 30 70
BNC602 Traditional Knowledge

Total 17 3 6 800 21

MinorDegree/Honors
DegreeMT-1/HT-1

LlAB
University Syllabus:
1. Implementation of Stop and Wait Protocol and Sliding Window Protocol.
2. Study of Socket Programming and Client–Server model
3. Write a code simulating ARP/RARP protocols.
4. Write a code simulating PING and TRACEROUTE commands
5. Create a socket for HTTP for web page upload and download.
6. Write a program to implement RPC(Remote Procedure Call)
7. Implementation of Subnetting.
8. Applications using TCP Sockets like
a. Echo client and echo server b. Chat c. File Transfer
9. Applications using TCP and UDP Sockets like d. DNS e. SNMP f. File Transfer
10. Study of Network simulator (NS). and Simulation of Congestion Control Algorithms using NS
11. Perform a case study about the different routing algorithms to select the network path
with its optimum and economical during data transfer. i. Link State routing ii. Flooding
iii. Distance vector
12. To learn handling and configuration of networking hardware like RJ-45connector,CAT-
6 cable, crimping tool, etc.
13. Configuration of router,hub,switch etc.(using real devices or simulators)
14. Running and using services/commands like ping, trace route, ns look up, arp, telnet, ftp, etc.
15. Network packet analysis using tools like Wire shark, tcp dump, etc.
16. Network simulation using tools like Cisco Packet Tracer, Net Sim, OMNeT++, NS2, NS3, etc.
Socket programming using UDP and TCP (e.g., simple DNS, data & time client/server, echo client/
server, iterative & concurrent servers)

Note: The Instructor may add/delete/modify/tune experiments, wherever he/she feels in a justified
manner

LlAB
 Experiment-1

Aim: Study of different types of Network cables and practically implement the cross-wired cable
and straight through cable using clamping tool.

Apparatus (Components): RJ-45 connector, Climping Tool, Twisted pair Cable

Procedure: To do these practical following steps should be done:

1. Start by stripping off about 2 inches of the plastic jacket off the end of the cable. Be very careful
at this point, as to not nick or cut into the wires, which are inside. Doing so could alter the
characteristics of your cable, or even worse render is useless. Check the wires, one more time for
nicks or cuts. If there are any, just whack the whole end off, and start over.

2. Spread the wires apart, but be sure to hold onto the base of the jacket with your other hand.
You do not want the wires to become untwisted down inside the jacket. Category 5 cable must
only have 1/2 of an inch of 'untwisted' wire at the end; otherwise it will be 'out of spec'. At this
point, you obviously have ALOT more than 1/2 of an inch of un-twisted wire.

3. You have 2 end jacks, which must be installed on your cable. If you are using a pre-made cable,
with one of the ends whacked off, you only have one end to install - the crossed over end. Below
are two diagrams, which show how you need to arrange the cables for each type of cable end.
Decide at this point which end you are making and examine the associated picture below.

Diagram shows you how to prepare straight through wired connection

Diagram shows you how to prepare Cross wired connection
 Experiment-2

Aim: Switch configuration using packet tracer.

Topology Diagram

Objectives
 Perform an initial configuration of a Cisco Catalyst 2960 switch.

Background / Preparation
In this activity, you will configure these settings on the customer Cisco Catalyst 2960 switch:
 Host name

 Console password

 vty password

 Privileged EXEC mode password

 Privileged EXEC mode secret

 IP address on VLAN1 interface

 Default gateway
Note: Not all commands are graded by Packet Tracer.

Step 1: Configure the switch host name.

a. From the Customer PC, use a console cable and terminal emulation software to connect to the
console of the customer Cisco Catalyst 2960 switch.
b. Set the host name on the switch to CustomerSwitch using these commands.

Switch>enable
Switch#configure terminal
 Switch(config)#hostname CustomerSwitch

Step 2: Configure the privileged mode password and secret.

a. From global configuration mode, configure the password as cisco.

CustomerSwitch(config)#enable password cisco

b. From global configuration mode, configure the secret as cisco123.

CustomerSwitch(config)#enable secret cisco123

Step 3: Configure the console password.

a. From global configuration mode, switch to configuration mode to configure the console
line. CustomerSwitch(config)#line console 0

b. From line configuration mode, set the password to cisco and require the password to be entered
at login.

CustomerSwitch(config-line)#password cisco
CustomerSwitch(config-line)#login
CustomerSwitch(config-line)#exit

Step 4: Configure the vty password.

a. From global configuration mode, switch to the configuration mode for the vty lines 0 through 15.

CustomerSwitch(config)#line vty 0 15

b. From line configuration mode, set the password to cisco and require the password to be entered
at login.

CustomerSwitch(config-line)#password cisco
CustomerSwitch(config-line)#login
CustomerSwitch(config-line)#exit

Step 5: Configure an IP address on interface VLAN1.

From global configuration mode, switch to interface configuration mode for VLAN1, and assign the IP
address 192.168.1.5 with the subnet mask of 255.255.255.0.

CustomerSwitch(config)#interface vlan 1
CustomerSwitch(config-if)#ip address 192.168.1.5 255.255.255.0
CustomerSwitch(config-if)#no shutdown
CustomerSwitch(config-if)#exit

Step 6: Configure the default gateway.

a. From global configuration mode, assign the default gateway to 192.168.1.1.

CustomerSwitch(config)#ip default-gateway 192.168.1.1

 b. Click the Check Results button at the bottom of this instruction window to check your work.

Step 7: Verify the configuration.

The Customer Switch should now be able to ping the ISP Server at 209.165.201.10. The first one or two
pings may fail while ARP converges.

CustomerSwitch(config)#end
CustomerSwitch#ping 209.165.201.10

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 209.165.201.10, timeout is 2 seconds:
..!!!
Success rate is 60 percent (3/5), round-trip min/avg/max = 181/189/197 ms

CustomerSwitch#

Reflection
a. What is the significance of assigning the IP address to the VLAN1 interface instead of any of the
Fast Ethernet interfaces?

b. What command is necessary to enforce password authentication on the console and vty lines?

c. How many gigabit ports are available on the Cisco Catalyst 2960 switch that you used in the
activity?
 Experiment-3

Aim: Interpreting Ping and Traceroute Output

Topology Diagram

Objectives
 Distinguish the difference between successful and unsuccessful ping attempts.

 Distinguish the difference between successful and unsuccessful traceroute attempts.

Background / Preparation
In this activity, you will test end-to-end connectivity using ping and traceroute. At the end of this activity, you will
be able to distinguish the difference between successful and unsuccessful ping and traceroute attempts.
Note: Before beginning this activity, make sure that the network is converged. To converge the network
quickly, switch between Simulation mode and Realtime mode until all the link lights turn green.

Step 1: Test connectivity using ping from a host computer and a router.
Click N-Host, click the Desktop tab, and then click Command Prompt. From the Command Prompt window, ping
the Cisco server at www.cisco.com.
Packet Tracer PC Command Line 1.0
PC>ping www.cisco.com

Pinging 64.100.1.185 with 32 bytes of data:

Request timed out.

 Reply from 64.100.1.185: bytes=32 time=185ms TTL=123
Reply from 64.100.1.185: bytes=32 time=281ms TTL=123
Reply from 64.100.1.185: bytes=32 time=287ms TTL=123

Ping statistics for 64.100.1.185:

Packets: Sent = 4, Received = 3, Lost = 1 (25% loss),
Approximate round trip times in milli-seconds:
Minimum = 185ms, Maximum = 287ms, Average = 251ms

PC>

From the output, you can see that N-Host was able to obtain an IP address for the Cisco server. The IP address was
obtained using (DNS). Also notice that the first ping failed. This failure is most likely due to lack of ARP
convergence between the source and destination. If you repeat the ping, you will notice that all pings succeed.
From the Command Prompt window on N-Host, ping E-Host at 192.168.4.10. The pings fail. If you do not want to
wait for all four unsuccessful ping attempts, press Ctrl+C to abort the command, as shown below.
PC>ping 192.168.4.10

Pinging 192.168.4.10 with 32 bytes of data:

Request timed out.

Request timed out.

Ping statistics for 192.168.4.10:

Packets: Sent = 3, Received = 0, Lost = 3 (100% loss),

Control-C
^C
PC>

Click the N-Branch router, and then click the CLI tab. Press Enter to get the router prompt. From the router prompt,
ping the Cisco server at www.cisco.com.
N-Branch>ping www.cisco.com
Translating "www.cisco.com"...domain server (64.100.1.242)
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 64.100.1.185, timeout is 2 seconds:
.!!!!
Success rate is 80 percent (4/5), round-trip min/avg/max = 210/211/213 ms

N-Branch>

As you can see, the ping output on a router is different from a PC host. Notice that the N-Branch router resolved the
domain name to the same IP address that N-Host used to send its pings. Also notice that the first ping fails, which is
indicated by a period (.), and that the next four pings succeed, as shown with an exclamation point (!).
From the CLI tab on N-Branch, ping E-Host at 192.168.4.10. Again, the pings fail. To not wait for all the
failures, press Ctrl+C.
N-Branch>ping 192.168.4.10

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 192.168.4.10, timeout is 2 seconds:
...
Success rate is 0 percent (0/4)

N-Branch>
Step 2: Test connectivity using traceroute from a host computer and a router.
a. Click N-Host, click the Desktop tab, and then click Command Prompt. From the Command
Prompt window, trace the route to the Cisco server at www.cisco.com.

PC>tracert www.cisco.com

Tracing route to 64.100.1.185 over a maximum of 30 hops:

1 92 ms 77 ms 86 ms 192.168.1.1
2 91 ms 164 ms 84 ms 64.100.1.101
3 135 ms 168 ms 151 ms 64.100.1.6
4 185 ms 261 ms 161 ms 64.100.1.34
5 257 ms 280 ms 224 ms 64.100.1.62
6 310 ms 375 ms 298 ms 64.100.1.185

Trace complete.

PC>

The above output shows that you can successfully trace a route all the way to the Cisco server at 64.100.1.185.
Each hop in the path is a router responding three times to trace messages from N-Host. The trace continues until the
destination for the trace (64.100.1.185) responds three times.
From the Command Prompt window on N-Host, trace a route to E-Host at 192.168.4.10. The trace fails, but notice
that the tracert command traces up to 30 hops. If you do not want to wait for all 30 attempts to time out, press
Ctrl+C.

PC>tracert 192.168.4.10

Tracing route to 192.168.4.10 over a maximum of 30 hops:

1103 ms 45 ms 91 ms 192.168.1.1
256 ms 110 ms 125 ms 64.100.1.101
3174 ms 195 ms 134 ms 64.100.1.6
4246 ms 183 ms 179 ms 64.100.1.34
5217 ms 285 ms 226 ms 64.100.1.62
6246 ms 276 ms 245 ms 64.100.1.154
7 * * * Request timed out.
8 * * * Request timed out.
9 * * * Request timed out.
10
Control-C
^C
PC>

The tracert command can be helpful in finding the potential source of a problem. The last device to
respond was 64.100.1.154, so you would start troubleshooting by determining which device is
configured with the IP address 64.100.1.154. The source of the problem might not be that device,
but the trace has given you a starting point, whereas a ping simply tells you that the destination is
either reachable or unreachable.
Click the N-Branch router, and then click the CLI tab. Press Enter to get the router prompt. From the router prompt,
trace the route to the Cisco server at www.cisco.com.
 N-Branch>traceroute www.cisco.com
Translating "www.cisco.com"...domain server (64.100.1.242)
Type escape sequence to abort.
Tracing the route to 64.100.1.185

1 64.100.1.101 60 msec 32 msec 59 msec

2 64.100.1.6 98 msec 65 msec 65 msec
3 64.100.1.34 138 msec 147 msec 147 msec
4 64.100.1.62 189 msec 148 msec 145 msec
5 64.100.1.185 219 msec 229 msec 293 msec
N-Branch>

As you can see, traceroute output on a router is very similar to the output on a PC host. The
only difference is that on a PC host, the IP address is listed after the three millisecond outputs.
From the CLI tab on N-Branch, trace the route to E-Host at 192.168.4.10. The trace fails at the same IP address as
it failed when tracing from N-Host. Again, you can use Ctrl+C to abort the command.

N-Branch>traceroute 192.168.4.10
Type escape sequence to abort.
Tracing the route to 192.168.4.10

1 64.100.1.101 41 msec 19 msec 32 msec

2 64.100.1.6 33 msec 92 msec 117 msec
3 64.100.1.34 98 msec 102 msec 102 msec
4 64.100.1.62 166 msec 172 msec 156 msec
5 64.100.1.154 157 msec 223 msec 240 msec
6 * * *
7 * * *
8 * * *
9
N-Branch>

Step 3: Practice the ping and trace route commands.

Throughout this course, you will often use ping and traceroute to test connectivity and troubleshoot problems.
To practice these commands, ping and trace from W-Host and S-Host to any other destination in the network.
You can also ping and trace from N-Branch to other locations.
 Experiment-4

Objective: Use Wireshark to View Network Traffic.

Topology

Objectives
Part 1: Capture and Analyze Local ICMP Data in Wireshark
Part 2: Capture and Analyze Remote ICMP Data in Wireshark

Background / Scenario
Wireshark is a software protocol analyzer, or "packet sniffer" application, used for network troubleshooting, analysis,
software and protocol development, and education. As data streams travel back and forth over the network, the sniffer
"captures" each protocol data unit (PDU) and can decode and analyze its content according to the appropriate RFC or other
specifications.
Wireshark is a useful tool for anyone working with networks and can be used with most labs in the CCNA courses for data
analysis and troubleshooting. In this lab, you will use Wireshark to capture ICMP data packet IP addresses and Ethernet
frame MAC addresses.

Required Resources
 1 PC (Windows with internet access)
 Additional PCs on a local-area network (LAN) will be used to reply to ping requests.

Instructions

Part 1: Capture and Analyze Local ICMP Data in Wireshark

In Part 1 of this lab, you will ping another PC on the LAN and capture ICMP requests and replies in Wireshark. You will
also look inside the frames captured for specific information. This analysis should help to clarify how packet headers are
used to transport data to their destination.
[Title]

Step 1: Retrieve your PC interface addresses.

For this lab, you will need to retrieve your PC IP address and its network interface card (NIC) physical address, also called
the MAC address.
Open a Windows command prompt.

a. In a command prompt window, enter ipconfig /all, to the IP address of your PC interface, its description, and its
MAC (physical) address.
C:\Users\Student> ipconfig /all

Windows IP Configuration

Host Name . . . . . . . . . . . . : DESKTOP-NB48BTC

Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Ethernet:

Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Intel(R) 82577LM Gigabit Network Connection
Physical Address. . . . . . . . . :00-26-B9-DD-00-91
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::d809:d939:110f:1b7f%20(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.147(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
<output omitted>
b. Ask a team member or team members for their PC IP address and provide your PC IP address to them. Do not
provide them with your MAC address at this time.
Close a Windows Command Prompt.

Step 2: Start Wireshark and begin capturing data.

a. Navigate to Wireshark. Double-click the desired interface to start the packet capture. Make sure the desired interface
has traffic.
b. Information will start scrolling down the top section in Wireshark. The data lines will appear in different colors based
on protocol.
This information can scroll by very quickly depending on what communication is taking place between your PC and
the LAN. We can apply a filter to make it easier to view and work with the data that is being captured by Wireshark.
For this lab, we are only interested in displaying ICMP (ping) PDUs. Type icmp in the Filter box at the top of
Wireshark and press Enter, or click the Apply button (arrow sign) to view only ICMP (ping) PDUs.
c. This filter causes all data in the top window to disappear, but you are still capturing the traffic on the interface.
Navigate to a command prompt window and ping the IP address that you received from your team member.
C:\> ping 192.168.1.114

Pinging 192.168.1.114 with 32 bytes of data:

Reply from 192.168.1.114: bytes=32 time<1ms TTL=128

-
[Title]

Reply from 192.168.1.114: bytes=32 time<1ms TTL=128

Reply from 192.168.1.114: bytes=32 time<1ms TTL=128
Reply from 192.168.1.114: bytes=32 time<1ms TTL=128

Ping statistics for 192.168.1.114:

Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
Notice that you start seeing data appear in the top window of Wireshark again.

Note: If the PC of your team member does not reply to your pings, this may be because the PC firewall of the team
member is blocking these requests. Please see Error! Reference source not found. for information on how to allow
ICMP traffic through the firewall using Windows.
d. Stop capturing data by clicking the Stop Capture icon.

Step 3: Examine the captured data.

In Step 3, examine the data that was generated by the ping requests of your team member PC. Wireshark data is displayed
in three sections: 1) The top section displays the list of PDU frames captured with a summary of the IP packet information
listed; 2) the middle section lists PDU information for the frame selected in the top part of the screen and separates a
captured PDU frame by its protocol layers; and 3) the bottom section displays the raw data of each layer. The raw data is
displayed in both hexadecimal and decimal form.

-
[Title]

a. Click the first ICMP request PDU frames in the top section of Wireshark. Notice that the Source column has your PC
IP address, and the Destination column contains the IP address of the teammate PC that you pinged.
b. With this PDU frame still selected in the top section, navigate to the middle section. Click the plus sign to the left of
the Ethernet II row to view the destination and source MAC addresses.
Questions:

Does the source MAC address match your PC interface?

Type your answers here.
Yes
Does the destination MAC address in Wireshark match your team member MAC address?
Type your answers here.
Yes
How is the MAC address of the pinged PC obtained by your PC?
Type your answers here.
The MAC address is obtained through an ARP request.
Note: In the preceding example of a captured ICMP request, ICMP data is encapsulated inside an IPv4 packet PDU
(IPv4 header) which is then encapsulated in an Ethernet II frame PDU (Ethernet II header) for transmission on the
LAN.

Part 2: Capture and Analyze Remote ICMP Data in Wireshark

In Part 2, you will ping remote hosts (hosts not on the LAN) and examine the generated data from those pings. You will
then determine what is different about this data from the data examined in Part 1.

Step 1: Start capturing data on the interface.

a. Start the data capture again.
b. A window prompts you to save the previously captured data before starting another capture. It is not necessary to save
this data. Click Continue without Saving.
c. With the capture active, ping the following three website URLs from a Windows command prompt:
Open a Windows command prompt

1) www.yahoo.com
2) www.cisco.com
3) www.google.com
Note: When you ping the URLs listed, notice that the Domain Name Server (DNS) translates the URL to an IP address.
Note the IP address received for each URL.
d. You can stop capturing data by clicking the Stop Capture icon.

Step 2: Examining and analyzing the data from the remote hosts.
Review the captured data in Wireshark and examine the IP and MAC addresses of the three locations that you pinged. List
the destination IP and MAC addresses for all three locations in the space provided.
Questions:

IP address for www.yahoo.com:

Type your answers here.
MAC address for www.yahoo.com:
Type your answers here.

-
[Title]

IP address for www.cisco.com:

Type your answers here.
MAC address for www.cisco.com:
Type your answers here.
IP address for www.google.com:
Type your answers here.
MAC address for www.google.com:
Type your answers here.
P addresses: 98.137.246.7, 96.7.79.147, 172.217.14.100 (these IP addresses may vary)
AC address: This will be the same for all three locations. It is the physical address of the default-gateway LAN
interface of the router.
What is significant about this information?
Type your answers here.
The MAC addresses for all three locations are the same.
How does this information differ from the local ping information you received in Part 1?
Type your answers here.
A ping to a local host returns the MAC address of the PC NIC. A ping to a remote host returns the MAC
address of the default gateway LAN interface.
Close the Windows command prompt

Reflection Question
Why does Wireshark show the actual MAC address of the local hosts, but not the actual MAC address for the remote
hosts?
MAC addresses for remote hosts are not known on the local network, so the MAC address of the default-gateway
is used. After the packet reaches the default-gateway router, the Layer 2 information is stripped from the packet
and a new Layer 2 header is attached with the destination MAC address of the next hop router.

Part 1: Create a new inbound rule allowing ICMP traffic through the firewall.
a. Navigate to the Control Panel and click the System and Security option in the Category view.
b. In the System and Security window, click Windows Defender Firewall or Windows Firewall.
c. In the left pane of the Windows Defender Firewall or Windows Firewall window, click advanced settings.
d. On the Advanced Security window, click the Inbound Rules option on the left sidebar and then click New Rule…
on the right sidebar.
e. This launches the New Inbound Rule wizard. On the Rule Type screen, click the Custom radio button and click
next.
f. In the left pane, click the Protocol and Ports option and using the Protocol Type drop-down menu, select ICMPv4,
and then click next.
g. Verify that Any IP address for both the local and remote IP addresses are selected. Click Next to continue.
h. Select allow the connection. Click Next to continue.
i. By default, this rule applies to all the profiles. Click Next to continue.

-
[Title]

j. Name the rule with Allow ICMP Requests. Click Finish to continue. This new rule should allow your team members
to receive ping replies from your PC.

Part 2: Disabling or deleting the new ICMP rule.

After the lab is complete, you may want to disable or even delete the new rule you created in Step 1. Using the Disable
Rule option allows you to enable the rule again at a later date. Deleting the rule permanently deletes it from the list of
inbound rules.
a. On the Advanced Security window, click Inbound Rules in the left pane and then locate the rule you created
previously.
b. Right-click the ICMP rule and select Disable Rule if so desired. You may also select Delete if you want to
permanently delete it. If you choose this option, you must re-create the rule again to allow ICMP replies.

Objective: View Wired and Wireless NIC Information

Objectives
Part 1: Identify and Work with PC NICs
Part 2: Identify and Use the System Tray Network Icons

Background / Scenario
This lab requires you to determine the availability and status of the network interface cards (NICs) on the PC that you use.
Windows provides a number of ways to view and work with your NICs.
In this lab, you will access the NIC information of your PC and change the status of these cards.

Required Resources
 1 PC (Windows with two NICs, wired and wireless, and a wireless connection)
Note: At the start of this lab, the wired Ethernet NIC in the PC was cabled to one of the integrated switch ports on a
wireless router and the Local Area Connection (wired) was enabled. The wireless NIC was disabled initially. If the wired
and wireless NICs are both enabled the PC will receive two different IP addresses and the wireless NIC will take
precedence.

Instructions

Part 3: Identify and Work with PC NICs.

In Part 1, you will identify the NIC types in the PC that you are using. You will explore different ways to extract information
about these NICs and how to activate and deactivate them.
Note: This lab was performed using a PC running on the Windows 10 operating system. You should be able to perform
the lab with one of the other Windows operating systems listed; however, menu selections and screens may vary.

Step 1: Use the Network and Sharing Center.

a. Navigate to the Control Panel. Click View network status and tasks under Network and Internet heading in the
Category View.
b. In the left pane, click the Change adapter settings link.
c. In the Network Connections window, the results provide a list of NICs available on this PC. Look for your Wi-Fi
adapters.

-
[Title]

Note: Virtual Private Network (VPN) adapters and other types of network connections may also be displayed in this
window.

Step 2: Work with your wireless NIC.

a. Locate the wireless network connection. If it is disabled, right-click and select Enable to activate your wireless NIC.
b. If the wireless network connection is not currently connected, right-click and select Connect/Disconnect to connect
to an SSID that you are authorized to connect to.
c. Right-click a wireless network connection, and then click Status.
d. The wireless network connection Status window displays where you can view information about your wireless
connection.
Questions:

What is the Service Set Identifier (SSID) for the wireless router of your connection?
Type your answers here.
Answers will vary.
What is the speed of your wireless connection?
Type your answers here.
Answers will vary.
e. Click Details to display the Network Connection Details window.
Questions:

What is the MAC address of your wireless NIC?

Type your answers here.
Answers will vary.
Do you have multiple IPv4 DNS Servers listed? If so, why would multiple DNS Servers be listed?
Type your answers here.
Answers will vary on the number of DNS Servers. Multiple DNS Servers are listed in case the first DNS server
becomes unresponsive. Reasons may include the server is down for maintenance or is experiencing a problem.
If the first DNS server does not respond, then the second DNS Server is used, and so on.
f. Open a Windows Command Prompt and type ipconfig /all.
Open a Windows Command Prompt.

Notice that the information displayed here is the same information that was displayed in the Network Connection
Details window in Step e.
g. Close the command window and the Network Connection Details window. This should return you back to the Wi-Fi
Status window. Click Wireless Properties.
Close a Windows Command Prompt.

h. In the Wireless Network Properties window, click the Security tab.

i. The type of security the connected wireless router has implemented displays. Click the Show characters check box
to display the actual Network security key, instead of the hidden characters, and then click OK.
j. Close the Wireless Network Properties and the Wi-Fi Status windows. Select and right-click the Wi-Fi option >
Connect/Disconnect. A pop-up window should appear at the bottom right corner of your desktop that displays your
current connection, along with a list of SSIDs that are in range of the wireless NIC of your PC. If a scrollbar appears
on the right side of this window, you can use it to display additional SSIDs.
k. To join one of the other wireless network SSIDs listed, click the SSID that you want to join, and then click Connect.
l. If you have selected a secure SSID, you are prompted to enter the Security key for the SSID. Type the security key
for that SSID and click OK. You can click the Hide characters check box to prevent people from seeing what you
type in the Security key field.

-
[Title]

Step 3: Work with your wired NIC.

a. On the Network Connections window, select and right-click Ethernet option to display the drop-down list. If the NIC
is disabled, enable it, and then click the Status option.
Note: You must have an Ethernet cable attaching your PC NIC to a switch or similar device to see the status. Many
wireless routers have a small 4-port Ethernet switch built-in. You can connect to one of the ports using a straight-
through Ethernet patch cable.
b. In the Status window, the results display information about your wired connection to the LAN.
c. Click Details… to view the address information for your LAN connection.
d. Open a command window prompt and type ipconfig /all. Find your Ethernet adapter information and compare this
with the information displayed in the Network Connection Details window.
Open a Windows Command Prompt.

C:\Users\ITE> ipconfig /all

Windows IP Configuration

Host Name . . . . . . . . . . . . : DESKTOP-VITJF61

Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Ethernet:

Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Intel(R) Ethernet Connection (4) I219-LM
Physical Address. . . . . . . . . : 08-00-27-80-91-DB
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::d829:6d18:e229:a705%5(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.10(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Wednesday, September 4, 2019 1:19:07 PM
Lease Expires . . . . . . . . . . : Thursday, September 5, 2019 1:19:08 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 50855975
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-24-21-BA-64-08-00-27-80-91-DB
DNS Servers . . . . . . . . . . . : 68.105.28.16
68.105.29.16
NetBIOS over Tcpip. . . . . . . . : Enabled
Close a Windows Command Prompt.

e. Close all windows on your desktop.

Part 4: Identify and Use the System Tray Network Icons

In Part 2, you will use the network icons in your system tray to determine and control the NICs on your PC.

-
[Title]

Step 1: Use the network icon.

a. Click the system tray. Click the network icon to view the pop-up window that displays the SSIDs that are in-range of
your wireless NIC.
b. Click Network & Internet.
c. In the Settings windows, click Change adapter options under the Change your network settings heading.
d. In the Network Connections window, right-click Wi-Fi and select Disable.
e. Examine your system tray. Click the Network icon again. With the Wi-Fi disabled, wireless networks are no longer
in range and not available for wireless connections.
f. You can also disable the Ethernet network by disabling the Ethernet adapters.

Step 2: Identify the Network Problem icon.

a. In the Network Connections window, disable all the Wi-Fi and Ethernet adapters.
b. The system tray now displays the Network Disabled icon, which indicates that network connectivity has been
disabled.
c. You can click this icon to return to the Network and Internet settings.
d. In the Network and Internet settings window, you can click Troubleshoot to use the PC to resolve the network issue
for you.
e. If troubleshooting did not enable one of your NICs, then you should do this manually to restore the network
connectivity of your PC.
Note: If a network adapter is enabled and the NIC is unable to establish network connectivity, then the Network
Problem icon appears in the system tray.
If this icon appears, you can troubleshoot this issue just like you did in Step 2c.

Reflection Question
Why would you activate more than one NIC on a PC?
Type your answers here.
Answers may vary. Multiple NICs can be used if more than one path is needed for the PC. One example of this
would be if the PC is being used as a Proxy Server.

Objective: Use Wireshark to Examine Ethernet Frames

Topology

-
[Title]

Objectives
Part 1: Examine the Header Fields in an Ethernet II Frame
Part 2: Use Wireshark to Capture and Analyze Ethernet Frames

Background / Scenario
When upper layer protocols communicate with each other, data flows down the Open Systems Interconnection (OSI) layers
and is encapsulated into a Layer 2 frame. The frame composition is dependent on the media access type. For example, if
the upper layer protocols are TCP and IP and the media access is Ethernet, then the Layer 2 frame encapsulation will be
Ethernet II. This is typical for a LAN environment.
When learning about Layer 2 concepts, it is helpful to analyze frame header information. In the first part of this lab, you
will review the fields contained in an Ethernet II frame. In Part 2, you will use Wireshark to capture and analyze Ethernet
II frame header fields for local and remote traffic.

Required Resources
 1 PC (Windows with internet access and with Wireshark installed)

Instructions

Part 5: Examine the Header Fields in an Ethernet II Frame

In Part 1, you will examine the header fields and content in an Ethernet II frame. A Wireshark capture will be used to
examine the contents in those fields.

Step 1: Review the Ethernet II header field descriptions and lengths.

Destination Source Frame

Preamble Address Address Type Data FCS

8 Bytes 6 Bytes 6 Bytes 2 Bytes 46 – 1500 Bytes 4 Bytes

Step 2: Examine the network configuration of the PC.

In this example, this PC host IP address is 192.168.1.147 and the default gateway has an IP address of 192.168.1.1.
C:\> ipconfig /all

Ethernet adapter Ethernet:

Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Intel(R) 82579LM Gigabit Network Connection
Physical Address. . . . . . . . . : F0-1F-AF-50-FD-C8
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::58c5:45f2:7e5e:29c2%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.147(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Friday, September 6, 2019 11:08:36 AM
Lease Expires . . . . . . . . . . : Saturday, September 7, 2019 11:08:36 AM
Default Gateway . . . . . . . . . : 192.168.1.1

-
[Title]

DHCP Server . . . . . . . . . . . : 192.168.1.1

<output omitted>

Step 3: Examine Ethernet frames in a Wireshark capture.

The screenshots of the Wireshark capture below shows the packets generated by a ping being issued from a PC host to its
default gateway. A filter has been applied to Wireshark to view the ARP and ICMP protocols only. ARP stands for address
resolution protocol. ARP is a communication protocol that is used for determining the MAC address that is associated with
the IP address. The session begins with an ARP query and reply for the MAC address of the gateway router, followed by
four ping requests and replies.
This screenshot highlights the frame details for an ARP request.

-
[Title]

This screenshot highlights the frame details for an ARP reply.

Step 4: Examine the Ethernet II header contents of an ARP request.

The following table takes the first frame in the Wireshark capture and displays the data in the Ethernet II header fields.

Field Value Description

Preamble Not shown in capture This field contains synchronizing bits, processed by the NIC
hardware.
Destination Address Broadcast (ff:ff:ff:ff:ff:ff)
Layer 2 addresses for the frame. Each address is 48 bits long, or
6 octets, expressed as 12 hexadecimal digits, 0-9,A-F.
A common format is 12:34:56:78:9A:BC.
The first six hex numbers indicate the manufacturer of the
Source Address Netgear_99:c5:72
network interface card (NIC), the last six hex numbers are the
(30:46:9a:99:c5:72)
serial number of the NIC.
The destination address may be a broadcast, which contains all
ones, or a unicast. The source address is always unicast.
Frame Type 0x0806 For Ethernet II frames, this field contains a hexadecimal value
that is used to indicate the type of upper-layer protocol in the
data field. There are numerous upper-layer protocols supported
by Ethernet II. Two common frame types are these:
Value Description
0x0800 IPv4 Protocol
0x0806 Address Resolution Protocol (ARP)
Data ARP Contains the encapsulated upper-level protocol. The data field is
between 46 – 1,500 bytes.

-
[Title]

Field Value Description

FCS Not shown in capture Frame Check Sequence, used by the NIC to identify errors during
transmission. The value is computed by the sending device,
encompassing frame addresses, type, and data field. It is verified
by the receiver.

What is significant about the contents of the destination address field?

Type your answers here.
All hosts on the LAN will receive this broadcast frame. The host with the IP address of 192.168.1.1 (default gateway)
will send a unicast reply to the source (PC host). This reply contains the MAC address of the NIC of the default
gateway.
Why does the PC send out a broadcast ARP prior to sending the first ping request?
Type your answers here.
The PC cannot send a ping request to a host until it determines the destination MAC address, so that it can build
the frame header for that ping request. The ARP broadcast is used to request the MAC address of the host with the
IP address contained in the ARP.
What is the MAC address of the source in the first frame?
Type your answers here.
It varies; in this case, it is f0:1f:af:50:fd:c8.
What is the Vendor ID (OUI) of the Source NIC in the ARP reply?
Type your answers here.
It varies, in this case, it is Netgear.
What portion of the MAC address is the OUI?
Type your answers here.
The first 3 octets of the MAC address indicate the OUI.
What is the NIC serial number of the source?
Type your answers here.
It may vary, it is 99:c5:72 in this case.

Part 6: Use Wireshark to Capture and Analyze Ethernet Frames

In Part 2, you will use Wireshark to capture local and remote Ethernet frames. You will then examine the information that
is contained in the frame header fields.

Step 1: Determine the IP address of the default gateway on your PC.

Open a Windows command prompt.

Open a command prompt window and issue the ipconfig command.

What is the IP address of the PC default gateway?
Type your answers here.
Answers will vary.
Close a Windows command prompt.

Step 2: Start capturing traffic on your PC NIC.

a. Open Wireshark to start data capture.

-
[Title]

b. Observe the traffic that appears in the packet list window.

Step 3: Filter Wireshark to display only ICMP traffic.

You can use the filter in Wireshark to block visibility of unwanted traffic. The filter does not block the capture of unwanted
data; it only filters what you want to display on the screen. For now, only ICMP traffic is to be displayed.
In the Wireshark Filter box, type icmp. The box should turn green if you typed the filter correctly. If the box is green,
click Apply (the right arrow) to apply the filter.

Step 4: From the command prompt window, ping the default gateway of your PC.
Open a Windows command prompt.

From the command window, ping the default gateway using the IP address that you recorded in Step 1.
Close Windows command prompt.

Step 5: Stop capturing traffic on the NIC.

Click the Stop Capturing Packets icon to stop capturing traffic.

Step 6: Examine the first Echo (ping) request in Wireshark.

The Wireshark main window is divided into three sections: the packet list pane (top), the Packet Details pane (middle),
and the Packet Bytes pane (bottom). If you selected the correct interface for packet capturing previously, Wireshark should
display the ICMP information in the packet list pane of Wireshark.
a. In the packet list pane (top section), click the first frame listed. You should see Echo (ping) request under the Info
heading. The line should now be highlighted.
b. Examine the first line in the packet details pane (middle section). This line displays the length of the frame.
c. The second line in the packet details pane shows that it is an Ethernet II frame. The source and destination MAC
addresses are also displayed.
Questions:

What is the MAC address of the PC NIC?

Type your answers here.
Your answers will vary.
What is the default gateway’s MAC address?
Type your answers here.
Your answers will vary.
d. You can click the greater than (>) sign at the beginning of the second line to obtain more information about the
Ethernet II frame.
Question:

What type of frame is displayed?

Type your answers here.
0x0800 or an IPv4 frame type.
e. The last two lines displayed in the middle section provide information about the data field of the frame. Notice that
the data contains the source and destination IPv4 address information.
Questions:

What is the source IP address?

Type your answers here.
Your answers will vary.
What is the destination IP address?
Type your answers here.

-
[Title]

Your answers will vary.

f. You can click any line in the middle section to highlight that part of the frame (hex and ASCII) in the Packet Bytes
pane (bottom section). Click the Internet Control Message Protocol line in the middle section and examine what is
highlighted in the Packet Bytes pane.
Question:

What do the last two highlighted octets spell?

Type your answers here.
hi
g. Click the next frame in the top section and examine an Echo reply frame. Notice that the source and destination MAC
addresses have reversed, because this frame was sent from the default gateway router as a reply to the first ping.
Question:

What device and MAC address is displayed as the destination address?

Type your answers here.
Your answers will vary.

Step 7: Capture packets for a remote host.

a. Click the Start Capture icon to start a new Wireshark capture. You will receive a popup window asking if you would
like to save the previous captured packets to a file before starting a new capture. Click Continue without Saving.
Open a Windows command prompt.

b. In a command prompt window, ping www.cisco.com.

Close a Windows command prompt.

c. Stop capturing packets.

d. Examine the new data in the packet list pane of Wireshark.
Questions:

In the first echo (ping) request frame, what are the source and destination MAC addresses?
Source:
Type your answers here.
This should be the MAC address of the PC.
Destination:
Type your answers here.
This should be the MAC address of the Default Gateway.
What are the source and destination IP addresses contained in the data field of the frame?
Source:
Type your answers here.
This is still the IP address of the PC.
Destination:
Type your answers here.
This is the address of the server at www.cisco.com.
Compare these addresses to the addresses you received in Step 6. The only address that changed is the destination IP
address. Why has the destination IP address changed, while the destination MAC address remained the same?
Type your answers here.
Layer 2 frames never leave the LAN. When a ping is issued to a remote host, the source will use the default
gateway MAC address for the frame destination. The default gateway receives the packet, strips the Layer 2

-
[Title]

frame information from the packet and then creates a new frame header with the MAC address of the next
hop. This process continues from router to router until the packet reaches its destination IP address.

Reflection Question
Wireshark does not display the preamble field of a frame header. What does the preamble contain?
Type your answers here.
The preamble field contains seven octets of alternating 1010 sequences, and one octet that signals the beginning of
the frame, 10101011.

-
 Experirment-5
Aim: Configure Initial Router Settings

Topology Diagram

Use this syntax checker to practice configuring the initial settings on a router.

 Configure the device name.

 Secure the privileged EXEC mode.
 Secure and enable remote SSH and Telnet access.
 Secure all plaintext passwords.
 Provide legal notification.

The following tasks should be completed when configuring initial settings on a router.

1. Configure the device name.

Router(config)# hostname hostname

2. Secure privileged EXEC mode.

Router(config)# enable secret password

3. Secure user EXEC mode.

Router(config)# line console 0

Router(config-line)# password password
Router(config-line)# login

4. Secure remote Telnet / SSH access.

Router(config-line)# line vty 0 4

Router(config-line)# password password
Router(config-line)# login
Router(config-line)# transport input {ssh | telnet}

5. Secure all passwords in the config file.

Router(config-line)# exit
Router(config)# service password-encryption

6. Provide legal notification.

Router(config)# banner motd delimiter message delimiter

7. Save the configuration.

Router(config)# end
Router# copy running-config startup-config

Configure Router Interfaces

At this point, your routers have their basic configurations. The next step is to configure their
interfaces. This is because routers are not reachable by end devices until the interfaces are
configured. There are many different types of interfaces available on Cisco routers. For
example, the Cisco ISR 4321 router is equipped with two Gigabit Ethernet interfaces:

 GigabitEthernet 0/0/0 (G0/0/0)

 GigabitEthernet 0/0/1 (G0/0/1)

The task to configure a router interface is very similar to a management SVI on a switch.
Specifically, it includes issuing the following commands:

Router(config)# interface type-and-number

Router(config-if)# description description-text
Router(config-if)# ip address ipv4-address subnet-mask
Router(config-if)# ipv6 address ipv6-address/prefix-length
Router(config-if)# no shutdown

the description command would be helpful to enter the third-party connection and contact
information. no shutdown command activates the interface and is similar to powering on the
interface.

R1> enable

 R1# configure terminal

Enter configuration commands, one per line.

End with CNTL/Z.

R1(config)# interface gigabitEthernet 0/0/0

R1(config-if)# description Link to LAN

R1(config-if)# ip address 192.168.10.1 255.255.255.0

R1(config-if)# ipv6 address 2001:db8:acad:10::1/64

R1(config-if)# no shutdown

R1(config-if)# exit

R1(config)#

*Aug 1 01:43:53.435: %LINK-3-UPDOWN: Interface GigabitEthernet0/0/0, changed

state to down

*Aug 1 01:43:56.447: %LINK-3-UPDOWN: Interface GigabitEthernet0/0/0, changed

state to up

*Aug 1 01:43:57.447: %LINEPROTO-5-UPDOWN: Line protocol on Interface

GigabitEthernet0/0/0, changed state to up

R1(config)#

R1(config)#

R1(config)# interface gigabitEthernet 0/0/1

R1(config-if)# description Link to R2

 R1(config-if)# ip address 209.165.200.225 255.255.255.252

R1(config-if)# ipv6 address 2001:db8:feed:224::1/64

R1(config-if)# no shutdown

R1(config-if)# exit

R1(config)#

*Aug 1 01:46:29.170: %LINK-3-UPDOWN: Interface GigabitEthernet0/0/1, changed

state to down

*Aug 1 01:46:32.171: %LINK-3-UPDOWN: Interface GigabitEthernet0/0/1, changed

state to up

*Aug 1 01:46:33.171: %LINEPROTO-5-UPDOWN: Line protocol on Interface

GigabitEthernet0/0/1, changed state to up

R1(config)#

Note: Notice the informational messages informing us that G0/0/0 and G0/0/1 are enabled.

Verify Interface Configuration

There are several commands that can be used to verify interface configuration. The most
useful of these is the show ip interface brief and show ipv6 interface brief commands, as
shown in the example.

R1# show ip interface brief

Interface IP-Address OK? Method Status Protocol

GigabitEthernet0/0/0 192.168.10.1 YES manual up up

 GigabitEthernet0/0/1 209.165.200.225 YES manual up up

Vlan1 unassigned YES unset administratively down down

R1# show ipv6 interface brief

GigabitEthernet0/0/0 [up/up]

FE80::201:C9FF:FE89:4501

2001:DB8:ACAD:10::1

GigabitEthernet0/0/1 [up/up]

FE80::201:C9FF:FE89:4502

2001:DB8:FEED:224::1

Vlan1 [administratively down/down]

unassigned

R1#

Configuration Verification Commands

The table summarizes the more popular show commands used to verify interface
configuration.

Table caption

Commands Description

The output displays all interfaces, their IP addresses, and their

show ip interface
brief current status. The configured and connected interfaces should
show ipv6 display a Status of “up” and Protocol of “up”. Anything else would
interface brief indicate a problem with either the configuration or the cabling.

show ip route Displays the contents of the IP routing tables stored in RAM.
show ipv6 route
 Table caption

Commands Description

Displays statistics for all interfaces on the device. However, this

show interfaces command will only display the IPv4 addressing information.

show ip interfaces Displays the IPv4 statistics for all interfaces on a router.

show ipv6 Displays the IPv6 statistics for all interfaces on a router.
interface

R1# show ip interface brief Interface IP-Address OK? Method Status Protocol
GigabitEthernet0/0/0 192.168.10.1 YES manual up up GigabitEthernet0/0/1 209.165.200.225
YES manual up up Vlan1 unassigned YES unset administratively down down R1#
 Experirment-6
Aim: Subnet an IPv4 Network: Variable Length Subnetting

Topology Diagram

Addressing Tablesubnet 1 S1 192.168.0.0

Device Interface IP Address Subnet Mask Default Gateway

CustomerRouter G0/0 192.168.0.1 255.255.255.192 N/A

G0/1 192.168.0.65

S0/1/0 209.165.201.2 255.255.255.252

LAN-A Switch VLAN1 192.168.0.2 255.255.255.192 192.168.0.1

LAN-B Switch VLAN1 192.168.0.66 255.255.255.192 192.168.0.65

PC-A NIC 192.168.0.62 255.255.255.192 192.168.0.1

PC-B NIC 192.168.0.126 255.255.255.192 192.168.0.65

ISPRouter G0/0 209.165.200.225 255.255.255.224 N/A

S0/1/0 209.165.201.1 255.255.255.252
ISPSwitch VLAN1 209.165.200.226 255.255.255.224 209.165.200.225
ISP Workstation NIC 209.165.200.235 255.255.255.224 209.165.200.225
ISP Server NIC 209.165.200.240 255.255.255.224 209.165.200.225
Objectives

Part 1: Design an IPv4 Network Subnetting Scheme Part 2: Configure the Devices

Part 3: Test and Troubleshoot the Network

Background / Scenario

In this activity, you will subnet the Customer network into multiple subnets. The subnet scheme should be
based on the number of host computers required in each subnet, as well as other network considerations, like
future network host expansion.
After you have created a subnetting scheme and completed the table by filling in the missing host and
interface IP addresses, you will configure the host PCs, switches and router interfaces.
After the network devices and host PCs have been configured, you will use the ping command to test for
network connectivity.

Instructions

Part 1: Subnet the Assigned Network

Step 1: Create a subnetting scheme that meets the required number of subnets and required
number of host addresses.
In this scenario, you are a network technician assigned to install a new network for a customer. You must
create multiple subnets out of the 192.168.0.0/24 network address space to meet the following requirements:
a. The first subnet is the LAN-A network. You need a minimum of 50 host IPaddresses.
b. The second subnet is the LAN-B network. You need a minimum of 40 host IPaddresses.
c. You also need at least two additional unused subnets for future networkexpansion.
Note: Variable length subnet masks will not be used. All of the device subnet masks should be the same
length.
d. Answer the following questions to help create a subnetting scheme that meets the statednetwork
requirements:

How many host addresses are needed in the largest required subnet?50

What is the minimum number of subnets required?4

The network that you are tasked to subnet is 192.168.0.0/24. What is the /24 subnet mask in binary?

e. The subnet mask is made up of two portions, the network portion, and the host portion. Thisis
represented in the binary by the ones and the zeros in the subnetmask.

In the network mask, what do the ones represent?Network ID

In the network mask, what do the zeros represent?Host Id

f. To subnet a network, bits from the host portion of the original network mask are changed into subnet bits.
The number of subnet bits defines the number ofsubnets.

Given each of the possible subnet masks depicted in the following binary format, how many subnets and
how many hosts are created in each example?
Hint: Remember that the number of host bits (to the power of 2) defines the number of hosts per subnet
(minus 2), and the number of subnet bits (to the power of two) defines the number of subnets. The subnet
bits (shown in bold) are the bits that have been borrowed beyond the original network mask of /24. The
/24 is the prefix notation and corresponds to a dotted decimal mask of 255.255.255.0.
1) (/25) 11111111.11111111.11111111.10000000
Dotted decimal subnet mask equivalent:

Number of subnets? Number of hosts?2/

2) (/26) 11111111.11111111.11111111.11000000

Dotted decimal subnet mask equivalent:

Number of subnets? Number of hosts?

3) (/27) 11111111.11111111.11111111.11100000
Dotted decimal subnet mask equivalent:

Number of subnets? Number of hosts?

4) (/28) 11111111.11111111.11111111.11110000
Dotted decimal subnet mask equivalent:

Number of subnets? Number of hosts?

5) (/29) 11111111.11111111.11111111.11111000
Dotted decimal subnet mask equivalent:

Number of subnets? Number of hosts?

6) (/30) 11111111.11111111.11111111.11111100
Dotted decimal subnet mask equivalent:

Number of subnets? Number of hosts?

Considering your answers above, which subnet masks meet the required number of minimum host
 addresses?/26

Considering your answers above, which subnet masks meets the minimum number of
subnets required?

Considering your answers above, which subnet mask meets both the required minimum
number of hosts and the minimum number of subnets required?

When you have determined which subnet mask meets all of the stated network
requirements, deriveeach of the subnets. List the subnets from first to last in the table.
Remember that the first subnet is 192.168.0.0 with the chosen subnetmask.

Subnet Address Prefix Subnet Mask

192.168.0.0/192.168.0.63/64 /26
First usable address: 192.168.0.1 192.168.0.65 192.168.0.129 192.168.0.193
Last usable address: 192.168.0.62 192.168.0.126 192.168.0.190 192.168.0.254

Subnet Address Prefix Subnet Mask

192.168.0.64/192.168.0.127/64
192.168.0.128/192.168.0.191/64
192.168.0.192/192.168.0.255/64

Step 2: Fill in the missing IP addresses in the Addressing Table 192.168.0.0---192.168.0.63

Assign IP addresses based on the following criteria: Use the ISP Network settings as an example.256-
a. Assign the first subnet toLAN-A.
1) Use the first host address for the CustomerRouter interface connected to LAN-Aswitch.
2) Use the second host address for the LAN-A switch. Make sure to assign a default gatewayaddress
for theswitch.
3) Use the last host address for PC-A. Make sure to assign a default gateway address for thePC.
b. Assign the second subnet toLAN-B.
1) Use the first host address for the CustomerRouter interface connected to LAN-Bswitch.
2) Use the second host address for the LAN-B switch. Make sure to assign a default gatewayaddress
for theswitch.
3) Use the last host address for PC-B. Make sure to assign a default gateway address for thePC.
Part 2: Configure the Devices
Configure basic settings on the PCs, switches, and router. Refer to the Addressing Table for device names
and address information.

Step 1: Configure CustomerRouter.

a. Set the enable secret password on CustomerRouter to Class123
b. Set the console login password toCisco123.
c. Configure CustomerRouter as the hostname for therouter.
d. Configure the G0/0 and G0/1 interfaces with IP addresses and subnet masks, and then enablethem.
e. Save the running configuration to the startup configurationfile.
Step 2: Configure the two customer LAN switches.
Configure the IP addresses on interface VLAN 1 on the two customer LAN switches. Make sure to configure
the correct default gateway on each switch.

Step 3: Configure the PC interfaces.

Configure the IP address, subnet mask, and default gateway settings on PC-A and PC-B.
Part 3: Test and Troubleshoot the Network
In Part 3, you will use the ping command to test network connectivity.
a. Determine if PC-A can communicate with its default gateway. Do you get areply?

b. Determine if PC-B can communicate with its default gateway. Do you get areply?
c. Determine if PC-A can communicate with PC-B. Do you get areply?
 Experirment-7&8
Aim: 7 VLAN Creation
Aim: 8 TRUNK Creation

Module Title: Inter-VLAN Routing

Module Objective: Troubleshoot inter-VLAN routing on Layer 3 devices

What is Inter-VLAN Routing?

VLANs are used to segment switched Layer 2 networks for a variety of

reasons. Regardless of the reason, hosts in one VLAN cannot communicate
with hosts in another VLAN unless there is a router or a Layer 3 switch to
provide routing services.

Inter-VLAN routing is the process of forwarding network traffic from one

VLAN to another VLAN.

There are three inter-VLAN routing options:

• Legacy Inter-VLAN routing - This is a legacy solution. It does not

scale well.
• Router-on-a-Stick - This is an acceptable solution for a small to
medium-sized network.
• Layer 3 switch using switched virtual interfaces (SVIs) - This is the
most scalable solution for medium to large organizations.

Legacy Inter-VLAN Routing

• The first inter-VLAN routing solution relied on using a router with multiple
Ethernet interfaces. Each router interface was connected to a switch port in
different VLANs. The router interfaces served as the default gateways to
the local hosts on the VLAN subnet.
• Legacy inter-VLAN routing using physical interfaces works, but it has a
significant limitation. It is not reasonably scalable because routers have a
limited number of physical interfaces. Requiring one physical router
 interface per VLAN quickly exhausts the physical interface capacity of a
router.

Note: This method of inter-VLAN routing is no longer implemented in

switched networks and is included for explanation purposes only.

VLAN Configuration

VLAN Ranges on Catalyst Switches

Catalyst switches 2960 and 3650 support over 4000 VLANs.

VLAN Ranges on Catalyst Switches

VLAN Creation Commands

VLAN details are stored in the vlan.dat file. You create VLANs in the global configuration
mode.
:-
VLAN Creation Example

• If the Student PC is going to be in VLAN 20, we will create the VLAN first and then
name it.
• If you do not name it, the Cisco IOS will give it a default name of vlan and the four
digit number of the VLAN. E.g. vlan0020 for VLAN 20.

VLAN Port Assignment Commands

Once the VLAN is created, we can then assign it to the correct interfaces.

VLAN Port Assignment Example

We can assign the VLAN to the port interface.

• Once the device is assigned the VLAN, then the end device will need the IP address
information for that VLAN
• Here, Student PC receives 172.17.20.22

Data and Voice VLANs

Data and Voice VLAN Example

• We will want to create and name both Voice and Data VLANs.
• In addition to assigning the data VLAN, we will also assign the Voice VLAN and turn
on QoS for the voice traffic to the interface.
• The newer catalyst switch will automatically create the VLAN, if it does not already
exist, when it is assigned to an interface.
Note: QoS is beyond the scope of this course. Here we do show the use of the
mlsqos trust [cos | device cisco-phone | dscp | ip-precedence] command.
Verify VLAN Information

Use the show vlan command. The complete syntax is:

show vlan [brief | id vlan-id | name vlan-name | summary]

Verify VLAN Information

 Change VLAN Port Membership

There are a number of ways to change VLAN membership:

• re-enter switchport access vlanvlan-id command
• use the no switchport access vlan to place interface back in VLAN 1
Use the show vlan brief or the show interface fa0/18 switchport commands to verify
the correct VLAN association.

Delete VLANs

Delete VLANs with the no vlanvlan-idcommand.

Caution: Before deleting a VLAN, reassign all member ports to a different VLAN.
• Delete all VLANs with the delete flash:vlan.dat or delete vlan.dat commands.
• Reload the switch when deleting all VLANs.
Note: To restore to factory default – unplug all data cables, erase the startup-
configuration and delete the vlan.dat file, then reload the device.
Trunk Configuration Commands
Configure and verify VLAN trunks. Trunks are layer 2 and carry traffic for all VLANs.

Trunk Configuration Commands

Configure and verify VLAN trunks. Trunks are layer 2 and carry traffic for all VLANs.

Trunk Configuration Example

The subnets associated with each VLAN are:

VLAN 10 - Faculty/Staff - 172.17.10.0/24
VLAN 20 - Students - 172.17.20.0/24
VLAN 30 - Guests - 172.17.30.0/24
VLAN 99 - Native - 172.17.99.0/24

F0/1 port on S1 is configured as a trunk port.

Note: This assumes a 2960 switch using 802.1q tagging. Layer 3 switches require the
encapsulation to be configured before the trunk mode.
 Verify Trunk Configuration

Set the trunk mode and native vlan.

Notice sh int fa0/1 switchport command:
• Is set to trunk administratively
• Is set as trunk operationally (functioning)
• Encapsulation is dot1q
• Native VLAN set to VLAN 99
• All VLANs created on the switch will pass traffic on this trunk
 Reset the Trunk to the Default State

• Reset the default trunk settings with the no command.

• All VLANs allowed to pass traffic
• Native VLAN = VLAN 1
Verify the default settings with a sh int fa0/1 switchport command
Reset the Trunk to the Default State (Cont.)

Reset the trunk to an access mode with the switchport mode access command:
• Is set to an access interface administratively
• Is set as an access interface operationally (functioning)

Introduction to DTP

Dynamic Trucking Protocol (DTP) is a proprietary Cisco protocol.

DTP characteristics are as follows:
• On by default on Catalyst 2960 and 2950 switches
• Dynamic-auto is default on the 2960 and 2950 switches
• May be turned off with the nonegotiate command
• May be turned back on by setting the interface to dynamic-auto
• Setting a switch to a static trunk or static access will avoid negotiation issues
with the switchport mode trunk or the switchport mode access commands.

Negotiated Interface Modes

The switchport mode command has additional options.

 Use the switchport nonegotiate interface configuration command to stop DTP
negotiation.

Results of a DTP Configuration

DTP configuration options are as follows:

Verify DTP Mode

The default DTP configuration is dependent on the Cisco IOS version and platform.
• Use the show dtp interface command to determine the current DTP mode.
• Best practice recommends that the interfaces be set to access or trunk and to turnoff
DTP
 Experirment-9

Aim:10Router-on-a-Stick Inter-VLAN Routing

Router-on-a-Stick Scenario:-
• In the figure, the R1 GigabitEthernet 0/0/1 interface is connected to the S1
FastEthernet 0/5 port. The S1 FastEthernet 0/1 port is connected to the S2 FastEthernet
0/1 port. These are trunk links that are required to forward traffic within and between
VLANs.
• To route between VLANs, the R1 GigabitEthernet 0/0/1 interface is logically divided
into three subinterfaces, as shown in the table. The table also shows the three VLANs
that will be configured on the switches.
 • Assume that R1, S1, and S2 have initial basic configurations. Currently, PC1 and PC2
cannot ping each other because they are on separate networks. Only S1 and S2
can ping each other, but they but are unreachable by PC1 or PC2 because they are also
on different networks.
• To enable devices to ping each other, the switches must be configured with VLANs
and trunking, and the router must be configured for inter-VLAN routing.

S1 VLAN and Trunking Configuration

Complete the following steps to configure S1 with VLANs and trunking:
Step 1. Create and name the VLANs.
Step 2. Create the management interface.
Step 3. Configure access ports.
Step 4. Configure trunking ports.

S2 VLAN and Trunking Configuration

The configuration for S2 is similar to S1.

R1 Sub-interface Configuration: -

The router-on-a-stick method requires you to create a subinterface for each

VLAN to be routed. A subinterface is created using the interface interface_id
subinterface_id global configuration mode command. The subinterface syntax
is the physical interface followed by a period and a subinterface number.
Although not required, it is customary to match the subinterface number with
the VLAN number.

Each subinterface is then configured with the following two commands:

• encapsulation dot1q vlan_id [native] - This command configures the

subinterface to respond to 802.1Q encapsulated traffic from the
specified vlan-id. The native keyword option is only appended to set
the native VLAN to something other than VLAN 1.
• ip address ip-address subnet-mask - This command configures the
IPv4 address of the subinterface. This address typically serves as the
default gateway for the identified VLAN.

Repeat the process for each VLAN to be routed. Each router subinterface
must be assigned an IP address on a unique subnet for routing to occur.
When all subinterfaces have been created, enable the physical interface
using the no shutdown interface configuration command. If the physical
interface is disabled, all subinterfaces are disabled.

R1 Subinterface Configuration (Cont.)

In the configuration, the R1 G0/0/1 subinterfaces are configured for VLANs
10, 20, and 99.
Verify Connectivity Between PC1 and PC2
The router-on-a-stick configuration is complete after the switch trunk and
the router subinterfaces have been configured. The configuration can be
verified from the hosts, router, and switch.

From a host, verify connectivity to a host in another VLAN using

the ping command. It is a good idea to first verify the current host IP
configuration using the ipconfig Windows host command.

Next, use ping to verify connectivity with PC2 and S1, as shown in the
figure. The ping output successfully confirms inter-VLAN routing is
operating.
 Verify Connectivity Between PC1 and PC2 ( Cont…)

Router-on-a-Stick Inter-VLAN Routing Verification: -

In addition to using ping between devices, the following show commands

can be used to verify and troubleshoot the router-on-a-stick configuration.

• show ip route
• show ip interface brief
• show interfaces
• show interfaces trunk