RMIT University

School of Science, Engineering &

Technology

Lab Report 2
COSC2174 – Data Communication and
Net-Centric Computing

Learning Outcomes:
1. The art of experimentation
2. Experimental and analytical skills
3. Conceptual learning
4. Understanding the basis of Networking Engineering
5. Developing collaborative learning skills

Authors: Dr. Katrina Gomez Chavez

Dr. Akram Hourani
Dr. Ushik Shrestha Khwakhali
Ms. Anna Felipe
 RMIT Classification: Trusted

Table of Contents
Part 1: Introduce the Cisco Packet Tracer Simulator ............................................................... 3
1 Objectives....................................................................................................................... 3
2 Theory: Simulation Basic Concepts .................................................................................. 3
3 Methodology: Opening and exploring Cisco Packet Tracer............................................... 5
4 Exercises ......................................................................................................................... 8
4.1 Section 1: Create a simple topology .....................................................................................9
4.2 Section 2: Create simple topology with switch ................................................................... 12
4.3 Section 3: Create multilevel topologies .............................................................................. 13
5 Questions ..................................................................................................................... 13
6 References .................................................................................................................... 13
Lab 2 Part 2: Layer 2 Protocols and Devices .......................................................................... 14
1 Objectives..................................................................................................................... 14
2 Theory: Layer 2, Ethernet and ARP basic concepts ......................................................... 14
3 Methodology ................................................................................................................ 15
4 Exercise ........................................................................................................................ 15
4.1 Section1: Capturing and analysing Ethernet frames. ........................................................... 15
4.2 Section 2: Capturing and analysing Address Resolution Protocol ......................................... 18
4.3 Section 3: Basic configuration of a switch ........................................................................... 19
5 Questions ..................................................................................................................... 22
6 References .................................................................................................................... 22
Lab 2 Part 3: Layer 3 Protocol and Devices ........................................................................... 23
1 Objectives..................................................................................................................... 23
2 Theory: Layer 3 basic concepts ...................................................................................... 23
3 Methodology ................................................................................................................ 27
4 Exercise ........................................................................................................................ 27
4.1 Section 1: Capturing and analysing IP packets and datagrams. ............................................ 28
4.2 Section 2: A look at the capture trace ................................................................................ 28
4.3 Section 3: Basic analysis of routers (static route) ................................................................ 31
5 Questions ..................................................................................................................... 32
6 References .................................................................................................................... 32
 RMIT Classification: Trusted

Lab 2 Part 1: Introduce the Cisco Packet Tracer Simulator

1 Objectives
The objectives of part 1 is to:
• Understand the main principles of simulations
• Explore the Logical Workspace of the simulator
• Explore Cisco Packet Tracer operations
• Connect devices and create topologies

2 Theory: Simulation Basic Concepts

In communication and computer network research, network simulation is a technique whereby a software
program models the behavior of a network by calculating the interaction between the different network
entities (routers, switches, nodes, access points, links, etc.). Most simulators use discrete event simulation
- the modeling of systems in which state variables change at discrete points in time. The behavior of the
network and the various applications and services it supports can then be observed in a test lab. Various
attributes of the environment can also be modified in a controlled manner to assess how the
network/protocols would behave under different conditions.

• Network simulator: A network simulator is software that predicts the behavior of a computer network.
Since communication Networks have become too complex for traditional analytical methods to provide
an accurate understanding of system behavior, network simulators are used. In simulators, the computer
network is modeled with devices, links, applications, etc. and the performance is analyzed. Simulators
come with support for the most popular technologies and networks in use today such as Wireless LANs,
Mobile Ad hoc Networks, Wireless Sensor Networks, Vehicular Ad hoc Networks, Cognitive Radio
networks, LTE / LTE- Advanced Networks, Internet of things (IoT), etc.
• Simulations: Most of the commercial simulators are GUI driven, while some network simulators are
CLI driven. The network model/configuration describes the network (nodes, routers, switches, and
links) and the events (data transmissions, packet error, etc.). Output results would include network-
level metrics, link metrics, device metrics, etc. Further, drill down in terms of simulations trace files
would also be available. Trace files log every packet, and every event that occurred in the simulation
and are used for analysis. Most network simulators use discrete event simulation, in which a list of
pending "events" is stored, and those events are processed in order, with some events triggering future
events—such as the event of the arrival of a packet at one node triggering the event of the arrival of
that packet at a downstream node.

CISCO PACKET TRACER

Packet Tracer is a protocol simulator developed by Dennis Frezzo and his team at Cisco Systems. Cisco
Packet Tracer (CPT) is a powerful and dynamic tool that displays the various protocols used in networking,
in either Real Time or Simulation mode.

Cisco Packet Tracer Key Features:

• Packet Tracer Workspaces: Cisco Packet Tracer has two workspaces—logical and
physical. The logical workspace allows users to build logical network topologies by
placing, connecting, and clustering virtual network devices. The physical workspace
provides a graphical physical dimension of the logical network, giving a sense of scale and

3
 RMIT Classification: Trusted

placement in how network devices such as routers, switches, and hosts would look in a real
environment. The physical view also provides geographic representations of networks,
including multiple cities, buildings, and wiring closets.

• Packet Tracer Modes: Cisco Packet Tracer provides two operating modes to visualize the
behavior of a network—real-time mode and simulation mode. In real-time mode, the
network behaves as real devices do, with the immediate real-time response for all network
activities. The real-time mode gives students a viable alternative to real equipment and
allows them to gain configuration practice before working with real equipment. In
simulation mode, the user can see and control time intervals, the inner workings of data
transfer, and the propagation of data across a network. This helps students understand the
fundamental concepts behind network operations. A solid understanding of network
fundamentals can help accelerate learning about related concepts.
• Protocols: Cisco Packet Tracer supports the following protocols:

Layer Cisco Packet Tracer Support Protocols

Application FTP, SMTP, POP3, HTTP, TFTP, Telnet, SSH, DNS, DHCP, NTP, SNMP,
AAA, ISR VOIP, SCCP config and calls ISR command support, Call
Manager Express
Transport TCP and UDP, TCP Nagle Algorithm & IP Fragmentation, RTP
Network BGP, IPv4, ICMP, ARP, IPv6, ICMPv6, IPSec, RIPv1/v2/ng, Multi-Area
OSPF, EIGRP, Static Routing, Route Redistribution, Multilayer Switching,
L3 QoS, NAT, CBAL, Zone-based policy firewall and Intrusion Protection
System on the ISY, GRE VPN, IPSec VPN
Network Ethernet (802.3), 802.11, HDLC, Frame Relay, PPP, PPPoE, STP, RSTP,
Access/Interface VTP, DTP, CDP, 802.1q, PAgP, L2 QoS, SLARP, Simple WEP, WPA, EAP

• Modular Devices: Graphical representations visually simulate hardware and offer the
ability to insert interface cards into modular routers and switches, which then become part
of the simulation.
• Multiuser Functionality: Cisco Packet Tracer is a network-capable application, with a
multiuser peer-to-peer mode that allows collaborative construction of virtual networks over
a real network. The multiuser feature enables exciting collaborative and competitive
interactions, providing the option to progress from individual to social learning and features
opportunities for collaboration, competition, remote instructor-student interactions, social
networking, and gaming.
• Tutorials: Packet Tracer includes several basic step-by-step tutorials that familiarize users
with the product features and explain how to engage in simulations. Additional advanced
tutorials are available for download from Academy Connection.
• Help: A help feature is available to familiarize users with the Cisco Packet Tracer interface,
functions, and features. The help area includes important notes and tips and provides
annotated screenshots to aid understanding.

4
 RMIT Classification: Trusted
You are also encouraged to examine the tutorials and Help files built into Packet Tracer, which include an
extensive "My First PT Lab", tutorials, and information on the strengths and limitations of using Packet
Tracer to model networks.

3 Methodology: Opening and exploring Cisco Packet Tracer

In order to understand the network simulator, the methodology used will be by “seeing the simulator in
action” and by “playing around with the simulator's tools”. In this lab, you will be running various exercises
for understanding better the GUI of Cisco Packet Tracer so You will learn, by doing and playing with the
simulator.

Let’s start with the work:

• STEP 1: Download the Cisco Packet Tracer at this link https://www.netacad.com/courses/packet-
tracer/introduction-packet-tracer
• STEP 2: Click Sign-up. Use your RMIT account to sign-up and enroll in the course for free.
• STEP 3: Open the Cisco Packet tracer simulator by clicking on the following icon:

• STEP 4: Click Ok until a login page will appear.

• STEP 5: Click on the netacad.com login bar (see the red arrow in the below figure) so you can
visualize the Guest Login or Login to your user account.

• STEP 6: Click on the Guest Login or User Login and you will visualize the GUI of Cisco
Packet Tracer Simulator as shown below:
 RMIT Classification: Trusted

Take some time for getting familiar with the GUI and exploring the different options of the simulator as
indicated in the following figures:

6
 RMIT Classification: Trusted

Bar Name Description

1 Menu Bar This bar provided the File, Edit, Options, View, Tools,
Extension, and Help menus. You will find basic commands
such as Open, Save, Save as PKZ, Print, and Settings and
Preference in these menus. You will also be able to access the
Activity Wizard from the Extensions menu.
2 Common Tools Bar This bar provides access to these commonly used workspace
tools: Select, Move Layout, Place Note, Delete, Inspect,
Resize Shape, Add Simple PDU, and Add Complex PDU.
See “Workspace Basics for more information
3 Main Tool Bar This bar provides shortcut icons to the File and Edit menus
commands. This bar also provides buttons for Copy, Paste,
Undo, Redo, Zoom the Drawing Palette, and the Custom
Devices Dialog. On the right, you will also find the Network
Information button, which you can use to enter the description
for the current network (or any text you wish to include)
4 Logical/Physical Workspace You can toggle between the Physical Workspace and the
and Navigation Bar Logical Workspace with the tabs on this bar. In Logical
Workspace, this bar also allows you to go back to a previous
level in a cluster, create a New Cluster, Move Object, Set
Tiles Background, and Viewport. In Physical Workspace, this
bar allows you to navigate through physical locations, create a
New City, create a New Building, create a New Closet, Move
Objects, apply a Grid to the background, Set Background, and
go to the Working Closet.
5 Workspace This area is where you will create your network, watch
simulations, and view many kinds of information and
statistics
6 Realtime/Simulation Bar You can toggle between Realtime Mode and Simulation
Mode with the tabs on this bar. This bar also provides
buttons for Power Cycle Devices and Fast Forward
Time as well as the Play Control buttons and the Event
List toggle button in Simulation Mode. Also, it contains a
clock that displays the relative Time in Realtime Mode and
Simulation Mode.
7 Network Component Box This box is where you choose devices and connections to
put into the workspace. It contains the Device-Type
Selection Box and the Device-Specific Selection Box.
There's a searchable field that allows you to enter a device
name to look for that specific device quickly. The device
name shows when you mouse over the device icon in the
Device-Specific Box.
8 Device-Type Selection Box This box contains the type of devices and connections
available in Packet Tracer. The Device-Specific
Selection Box will change depending on which type of
device you choose.
9 Device Specific Selection Box This box is where you choose specifically which devices you
want to put in your network and which connections to make. In
this box, you’ll find devices that may have already been
obsolete. You have an option to hide legacy equipment in the
Preference window under Options.
10 User Created Packet Window This window manages the packets you put in the network
during simulation scenarios. See the “Simulations Mode”
section for more details
7
 RMIT Classification: Trusted
Now let us explore the Device-Type Selection Box and Device-Specific Selection Box by clicking
in the different devices as indicated below.

Figure 1. Routers selection Figure 2. Switches selection

Figure 3. Hub devices selection Figure 4. Wireless devices selection

Figure 5. Security devices selection Figure 6. Wan Emulation

Figure 7. End devices selection Figure 8. IoE components selection

Figure 9. Connection selection Figure 10. Multiuser

Now let us take 5 minutes break for watching and listening to a tutorial, for doing that click on help-
>tutorial. It will open a browser and a tutorial will be displayed.
http://tutorials.ptnetacad.net/tutorials80.htm

At this point, you are getting familiar with all the theory and practice of Cisco Packet Tracer and are
ready for performing some exercises detailed in the next section.

4 Exercises
The best way to learn about any new simulator is to try it out. So, let’s create a small and simple
topology.
 RMIT Classification: Trusted

4.1 Section 1: Create a simple topology

Step 1: Choosing Devices and Connections: We will begin building our network topology by selecting
devices and the media in which to connect them. Several types of devices and network connections can
be used. For this lab we will keep it simple by using:

• End Devices: for example, simple PC. (See Figure 7. End devices selection)
• Hubs: It is a very simple layer 2 devices (See Figure 3. Hub devices selection
• Connections: (See Figure 9. Connections selection)

Step 2: Building the network topology by adding hosts using single click on the End Devices.

• Single click on the Generic host

• Move the cursor into topology area. You will notice it turns into a plus “+” sign

• Single click in the topology area and it copies the device

9
 RMIT Classification: Trusted

• Add one more host

• At this you can familiarize with the device by clicking on the device a new GUI will be opened
(see below). Explore the GUI by opening Physical, Config, Desktop Attributes and
Software/Services.

Step 3: Building the topology by connecting the Hosts to Hubs.

• Adding a Hub, select a hub, by clicking once on Hubs and once on a Generic hub.

10
 RMIT Classification: Trusted

• Add the hub by moving the plus sign “+” below PC0 and PC1 and click once

• At this you can familiarize with the device by clicking on the device a new GUI will be opened
(see below). Explore the GUI by opening Physical, Config and Attributes.

• Connect PC0 to Hub0 by first choosing Connections and click once the Copper Straight-through
cable.

• Perform the following steps to connect PC0 to Hub0

o Click once on PC0
o Choose FastEthernet
o Drag the cursor to Hub0
o Click one on Hub0 and choose Port 0 (this step may not be needed)
o Notice the green link lights on both the PC0 Ethernet NIC and the Hub0 Port 0 showing
that the link is active.

11
 RMIT Classification: Trusted

• Repeat the steps above for PC1 connecting it to Port 1 on Hub0. (The actual hub port you choose
does not matter)

• Congratulation your first topology is now ready for configurations. Please note that
configurations will be learning in lab number 3.

4.2 Section 2: Create simple topology with switch

• Use the same procedure as before for recreating the following topology.

• How the physical interface of a switch looks like?

12
 RMIT Classification: Trusted

4.3 Section 3: Create multilevel topologies

• Use the same procedure as before for recreating the following topology.

• Note that for interconnecting Hubs and Switch a different connection need to be used.
• Packet Tracer has two file formats that can create and save: .pkt files (network simulations model
files) and .pka files (activity files for practice). When you create your own networks in Packet
Tracers or modify existing files you will often use the .pkt file format.
• Please take some time for PLAYING with the simulator explore different devices and topologies.

Congratulations! You have now completed the Part 1 of your

assignment.
5 Questions
The goal of this second lab report was primarily to introduce the Cisco packet Tracer simulator. The
following questions will demonstrate that you have been able to get Cisco packet Tracer simulator up and
running and have explored some of its capabilities. Answer the following questions:

• Learn how to customize the Cisco Packet Tracer options, for doing that click on help->tutorial. It
will open a browser and a tutorial will be displayed. Click on getting started and click the three
tutorials about options.
• Learn how to create a topology, for doing that click on help->tutorial. It will open a browser and
a tutorial will be displayed. Click on getting started a click the second tutorial about options.
• Provide and explain two options of Common Tools Bar.
• Provide and explain four Device-Type that can be used on the simulator.
• Provide your personal feedback about the simulator, it is friendly? It is useful?

6 References
[1] Cisco, Cisco Packet Tracer Data Sheet. Available at: http://www.cisco.com/c/dam/en_us/training-
events/netacad/course_catalog/docs/Cisco_PacketTracer_DS.pdf
[2] William Stallings. 1996. Data and Computer Communications (5th Ed.). Prentice-Hall, Inc., Upper
Saddle River, NJ, USA.
[3] Andrew Tanenbaum. 2002. Computer Networks (4th ed.). Prentice Hall Professional
Technical Reference.
13
 RMIT Classification: Trusted

Part 2: Layer 2 Protocols and Devices

1 Objectives
The objectives of the part 2 is to:
• Understand the main principles of layer 2 protocols and devices
• Explore the fields of Ethernet frames (Layer 2 data unit)
• Explore and understand the goal of ARP protocol
• Understand better the relationship of MAC and IP address

2 Theory: Layer 2, Ethernet and ARP basic concepts

Ethernet: The term Ethernet refers to the family of local-area network (LAN) products covered by the
IEEE 802.3 standard that defines what is commonly known as the CSMA/CD protocol. Four data rates are
currently defined for operation over optical-fiber and twisted-pair cables:
• 10 Mbps—10Base-T Ethernet
• 100 Mbps—Fast Ethernet
• 1,000 Mbps—Gigabit Ethernet
• 10,000 Mbps—10 Gigabit Ethernet

Ethernet is currently used for approximately 85% of the world's LAN-connected PCs and workstations.
Ethernet is the major LAN technology because of the following characteristics:
• Is easy to understand, implement, manage, and maintain
• Allows low-cost network implementations
• Provides extensive topological flexibility for network installation
• Guarantees successful interconnection and operation of standards-compliant products,
regardless of manufacturer
The most relevant Ethernet Layer 2 devices are:

• Ethernet hub is a device that connects Ethernet devices so that they can communicate with each
other. Any Ethernet frame that arrives on any port is automatically forwarded to every other port.
Any device on a hub can talk to any other device on a hub and, indeed, there is no way to prevent
this from happening. A hub provides no intelligent filtering or forwarding capabilities at all. An
Ethernet hub simply mimics the functions of an Ethernet wire. It is half-duplex only, so collisions
can occur.

• Ethernet switch is also a device that connects Ethernet devices so that they can communicate with
each other. An Ethernet switch can forward an Ethernet frame only to a certain port or ports that
need it. A switch can also provide full-duplex capabilities and therefore avoid collision. A switch
processes the Ethernet header information in the frame and determines what the destination MAC
address is. It will then make an intelligent forwarding decision and send the frame only to the port
that needs to receive that destination MAC address. Also, switches provide more intelligence to
buffer frames and prevent collisions on the backplane, enabling full-duplex conversations.

An Ethernet network uses two hardware addresses which identify the source and destination of
each frame sent by the Ethernet. The destination address (all 1's) may also identify a broadcast
packet (to be sent to all connected computers). The hardware address is also known as the Medium
Access Control (MAC) address, in reference to the standards which define Ethernet. Each computer
network interface card is allocated a globally unique 6-byte link address when the factory
manufactures the card (stored in a PROM). This is the normal link source address used by an
14
 RMIT Classification: Trusted

interface. A computer sends all packets which it creates with its own hardware source link address
and receives all packets which match the same hardware address in the destination field or one (or
more) pre-selected broadcast/multicast addresses.

Address Resolution Protocol (ARP): ARP is a protocol used by the Internet Protocol (IP) [RFC826],
specifically IPv4, to map IP network addresses to the hardware addresses used by a data link protocol. The
protocol operates below the network layer as a part of the interface between the OSI network and OSI link
layer. It is used when IPv4 is used over Ethernet.

The term address resolution refers to the process of finding an address of a computer in a network. The
address is "resolved" using a protocol in which a piece of information is sent by a client process executing
on the local computer to a server process executing on a remote computer. The information received by the
server allows the server to uniquely identify the network system for which the address was required and
therefore to provide the required address. The address resolution procedure is completed when the client
receives a response from the server containing the required address.

The Ethernet address is a link layer address and is dependent on the interface card which is used. IP operates
at the network layer and is not concerned with the link addresses of individual nodes which are to be used.
The address resolution protocol (ARP) is therefore used to translate between the two types of address. The
ARP client and server processes operate on all computers using IP over Ethernet. The processes are
normally implemented as part of the software driver that drives the network interface card.

There are four types of ARP messages that may be sent by the ARP protocol. These are identified by four
values in the "operation" field of an ARP message. The types of messages are:
• ARP request (target of this lab report)
• ARP reply (target of this lab report)
• RARP request
• RARP reply

The format of an ARP message is shown here:

3 Methodology
This lab is building based on the methodology of lab 1 and lab 2. The exercises will use:
• Wireshark for capturing packets and analyse layer 2
• Cisco Packet Tracer for simulating Layer 2 end-to-end communication.

4 Exercise
4.1 Section1: Capturing and analysing Ethernet frames.
Let us begin by capturing a set of Ethernet frames to study in order to do it, follow the following
steps:

15
 RMIT Classification: Trusted

• STEP 1: First, make sure your browser’s cache is empty. To do this under:
•
Mozilla Firefox V3, select Tools->Clear Recent History and check the box for Cache.
•
For Internet Explorer, select Tools->Internet Options->Delete Files.
•
For Chrome Menu and then down to Settings. Scroll down and click on “Show advanced
settings. Look under “Privacy” Click Clear Browsing Data and clear all data.

• STEP 2: Start up the Wireshark packet sniffer and start capturing packet from your LAN
interface.
• STEP 3: Enter the following URL into your browser http://gaia.cs.umass.edu/wireshark-
labs/HTTP-ethereal-lab-file3.html your browser should display the rather lengthy US Bill of
Rights.
• STEP 4: Stop Wireshark packet capture. First, find the packet numbers (the leftmost column in
the upper Wireshark window) of the HTTP GET message that was sent from your computer to
gaia.cs.umass.edu, as well as the beginning of the HTTP response message sent to your
computer by gaia.cs.umass.edu. You should see a screen that looks something like this (where
packets 4 in the screen shot below contains the HTTP GET message)

• STEP 5: Since this lab is about Ethernet and ARP, we’re not interested in IP or higher-layer
protocols. So, let’s change Wireshark’s “listing of captured packets” window so that it shows
information only about protocols below IP. To have Wireshark do this, select Analyse->Enabled
Protocols. Then uncheck the IP box and select OK. You should now see a Wireshark window that
looks like:
 RMIT Classification: Trusted

• STEP 6: In order to answer the following questions, you will need to look into the packet details and
packet contents windows (the middle and lower display windows in Wireshark), refer to lab number 1
material for more information. Select the Ethernet frame containing the HTTP GET message. (HTTP
GET message is carried inside of a TCP segment, which is carried inside of an IP datagram, which is
carried inside of an Ethernet frame, which is our focus). Expand the Ethernet II information in the
packet details window. Note that the contents of the Ethernet frame (header as well as payload) are
displayed in the packet contents window. Take some time for getting familiar with the Ethernet Frame
that you are analysing.

• STEP 7: Answer the following questions, based on the contents of the Ethernet frame containing
the HTTP GET message. Whenever possible, when answering a question, you should hand in a
printout or screenshot of the packet(s) within the trace that you used to answer the question asked.
Remark the printout or screenshot to explain your answer. To print a packet, use File->Print,
choose Selected packet only, choose Packet summary line, and select the minimum amount of
packet detail that you need to answer the question or simply remark the screenshot.

17
 RMIT Classification: Trusted

1. What is the 48-bit Ethernet address of your computer?

2. How Wireshark knows the brand of your PC?
3. What is the 48-bit destination address in the Ethernet frame?
4. How Wireshark know the brand of the remote device?
5. Give the hexadecimal value for the two-byte Frame type field? What upper layer protocol
does this correspond to?

• STEP 8: Next, answer the following questions, based on the contents of the Ethernet frame
containing the first byte of the HTTP response message.

1. What is the value of the Ethernet source address?

2. What is the destination address in the Ethernet frame? Is this the Ethernet address of your
computer?
3. Give the hexadecimal value for the two-byte Frame type field. What upper layer protocol
does this correspond to?

4.2 Section 2: Capturing and analysing Address Resolution Protocol

In this section, we will observe the ARP protocol in action. Please check the theory section before doing
this exercise. Recall that the ARP protocol typically maintains a cache of IP-to-Ethernet address translation
pairs on your computer. The ARP command (in both MSDOS and Linux/Unix) is used to view and
manipulate the contents of this cache. Since the ARP command and the ARP protocol have the same name,
it is understandably easy to confuse them. But keep in mind that they are different:

• The ARP command is used to view and manipulate the ARP cache contents.
• The ARP protocol defines the format and meaning of the messages sent and received, and defines
the actions taken on message transmission and receipt.

• STEP 1: Let us take a look at the contents of the ARP cache on your computer:

o MS-DOS. The ARP command is in c:\windows\system32, so type either “ARP” or

“c:\windows\system32\ARP” in the MS-DOS command line (without quotation marks).
o The Windows ARP command with no arguments will display the contents of the ARP
cache on your computer. Run the ARP command.
o Write down the contents of your computer’s ARP cache, which is the commend line?
What is the meaning of each column value?

• STEP 2: In order to observe your computer sending and receiving ARP messages, we will need
to clear the ARP cache, since otherwise your computer is likely to find a needed IP-Ethernet
address translation pair in its cache and consequently not need to send out an ARP message.
o What is the command line?

• STEP 3: Observing ARP in action, do the following:

o Clear your ARP cache, as described above.
o Next, make sure your browser’s cache is empty.
o Start up the Wireshark packet sniffer
o Enter the following URL into your browser http://gaia.cs.umass.edu/wireshark-
labs/HTTP-wireshark-lab-file3.html Your browser should again display the rather
lengthy US Bill of Rights.

18
 RMIT Classification: Trusted

o Stop Wireshark packet capture. Again, we are not interested in IP or higher-layer

protocols, so change Wireshark’s “listing of captured packets” window so that it shows
information only about protocols below IP.
o You should now see a Wireshark window that looks like:

• Step 4: In the example above, the first two frames in the trace contain ARP messages. Answer the
following questions.

 What are the hexadecimal values for the source and destination addresses in the Ethernet
frame containing the ARP request message?
 Give the hexadecimal value for the two-byte Ethernet Frame type field. What upper layer
protocol does this correspond to?
a. What is the question of the ARP?
b. Does the ARP message contain the IP and MAC address of the sender?
c. Does the ARP message contain the IP and MAC address of the target?
d. What is the target IP address? TIP, ipconfig command will help you to find out.
e. What is the value of the opcode field within the ARP-payload part of the
Ethernet frame?
 Now find the ARP reply that was sent in response to the ARP request.
a. What is the answer of the ARP?
b. Does the ARP message contain the IP and MAC address of the sender?
c. Does the ARP message contain the IP and MAC address of the target?
d. What is the target IP address? TIP, ipconfig command will help you to find out.
e. What is the value of the opcode field within the ARP-payload part of the
Ethernet frame?
 Check again the ARP table and provide the output.

4.3 Section 3: Basic configuration of a switch

• STEP 1: Open Cisco Packet Tracer following the steps detailed on lab 2 guidelines. Now let us
take 5 minutes for reading the types of switches that Cisco Packet Tracer support, for doing that
click on help ->tutorial ->Device & Modules ->Switches.
• STEP 2: Create the following topology, make sure that all is correct (green triangles ensure that)
19
 RMIT Classification: Trusted

• STEP 3: Click the link provided Using the Command-Line Interface of Cisco, take some time for
getting familiar with the command mode.

• STEP 4: Let us explore the command line interface of the switch, by clicking on switch and
going to CLI as show below:

o Explore the show command “show?”

o Explore the interface of the switch, which is the command line? What has it displayed?
o Check the ARP table, what is inside?
o Check the mac address table, what is inside?
o Take some time for exploring other commands and get familiar with CISCO CLI.

20
 RMIT Classification: Trusted

• STEP 5: Let us configure a simple network, go to PC1, and configure the Ethernet IP address as
follow (see the figure):

• STEP 6: Open a command prompt in any-pc:

o Check the ARP table (arp -a), what is inside?

o Ping one of the other PCs

o Check the ARP table (arp -a), what is insider?

• STEP 7: Let us explore the command line interface of the switch again:

21
 RMIT Classification: Trusted

o Check the arp table, what is inside?

o Check the mac address table, what is inside?
• STEP 8: Ping all the PC:
o Check the MAC address table, what is inside?
o What is the role of a Switch? What is the role of MAC address table?

Congratulations! You have now completed the Part 2 of your

assignment.
5 Questions
The goal of these 3 labs was primarily to introduce the Layer 2 protocols and devices. The following
questions will demonstrate that you have been able to do that. Answer the following questions:
1. What is the default amount of time that an entry remains in your ARP cache before being removed.
You can determine this empirically (by monitoring the cache contents) or by looking this up in your
operation system documentation. Indicate how/where you determined this value.
2. Why is ARP table required? At which layer of the communication MAC address is requested? It
is possible to access internet without MAC address?
3. Repeat the Section 3 of exercises using a HUB this time. Based on your observations are Hubs
and Switches equal?

6 References
[1] Cisco, Cisco Packet Tracer Data Sheet. Available at: http://www.cisco.com/c/dam/en_us/training-
events/netacad/course_catalog/docs/Cisco_PacketTracer_DS.pdf
[2] Supplement to Computer Networking: A Top-Down Approach, 7th ed., J.F. Kurose and K.W.
Ross, 2005-2016, All Rights Reserved
[3] William Stallings. 1996. Data and Computer Communications (5th Ed.). Prentice-Hall, Inc., Upper
Saddle River, NJ, USA.
[4] Andrew Tanenbaum. 2002. Computer Networks (4th ed.). Prentice Hall Professional
Technical Reference.

22
 RMIT Classification: Trusted

Lab 2 Part 3: Layer 3 Protocol and Devices

1 Objectives
The objective of the lab 2 part 3 is to:
• Understand the main principles of layer 3 protocols and devices
• Explore the fields of IP packets or datagrams (Layer 3 data unit)
• Explore and understand the goal of ICMP protocol.
• Understand better fragmentation.

2 Theory: Layer 3 basic concepts

Network Layer (Layer 3): The third-lowest layer of the OSI Reference Model is the network layer. If the
data link layer is the one that basically defines the boundaries of what is considered a network, the network
layer is the one that defines how internetworks (interconnected networks) function. The network layer is
the lowest one in the OSI model that is concerned with actually getting data from one computer to another
even if it is on a remote network; in contrast, the data link layer only deals with devices that are local to
each other.

Network Layer Functions: Some of the specific jobs normally performed by the network layer include:

23
 RMIT Classification: Trusted

• Logical Addressing: Every device that communicates over a network has associated with it a
logical address, sometimes called a layer three address. For example, on the Internet, the Internet
Protocol (IP) is the network layer protocol, and every machine has an IP address. Note that
addressing is done at the data link layer as well, but those addresses refer to local physical
devices. In contrast, logical addresses are independent of particular hardware and must be unique
across an entire internetwork.

24
 RMIT Classification: Trusted

• Routing: Moving data across a series of interconnected networks is probably the defining function
of the network layer. It is the job of the devices and software routines that function at the network
layer to handle incoming packets from various sources, determine their final destination, and then
figure out where they need to be sent to get them where they are supposed to go.

• Datagram Encapsulation: The network layer normally encapsulates messages received from higher
layers by placing them into datagrams (also called packets) with a network layer header.

• Fragmentation and Reassembly: The network layer must send messages down to the data link layer
for transmission. Some data link layer technologies have limits on the length of any message that can
be sent. If the packet that the network layer wants to send is too large, the network layer must split the
packet up, send each piece to the data link layer, and then have pieces reassembled once they arrive at
the network layer on the destination machine. A good example is how this is done by the Internet
Protocol.

25
 RMIT Classification: Trusted

• Error Handling and Diagnostics: Special protocols are used at the network layer to allow devices
that are logically connected, or that are trying to route traffic, to exchange information about the
status of hosts on the network or the devices themselves.

Router (Layer 3): The most relevant Layer 3 device is Router; it is a device that forwards data packets
along networks. A router is connected to at least two networks, commonly two LANs or WANs or a LAN
and its ISP's network. Routers are located at gateways, the places where two or more networks connect.
Routers use headers and forwarding tables to determine the best path for forwarding the packets, and they
use protocols such as ICMP to communicate with each other and configure the best route between any two
hosts.

26
 RMIT Classification: Trusted

The Internet Control Message Protocol (ICMP): It is a supporting protocol in the Internet protocol suite.
It is used by network devices, including routers, to send error messages and operational information
indicating, for example, that a requested service is not available or that a host or router could not be reached.
The related ping utility is implemented using the ICMP "Echo request" and "Echo reply" messages.
• The ping command is a Command Prompt command used to test the ability of the source
computer to reach a specified destination computer. The ping command is usually used as
a simple way verify that a computer can communicate over the network with another
computer or network device.
• The ping command operates by sending Internet Control Message Protocol (ICMP) Echo Request
messages to the destination computer and waiting for a response. How many of those responses are
returned, and how long it takes for them to return, are the two major pieces of information that the ping
command provides.

3 Methodology
This lab is building based on the methodology of lab 1 and 2. The exercises will use:
• Wireshark for capturing packets and analyse layer 3
• Cisco Packet Tracer for simulating Layer 3 end-to-end communication.

4 Exercise
In this lab, we will investigate the IP protocol, focusing on the IP datagram or packet. We will do so by
analysing a trace of IP datagrams sent and received by an execution of the ping command. We will
investigate the various field in the IP datagram, and study IP fragmentation.

27
 RMIT Classification: Trusted

4.1 Section 1: Capturing and analysing IP packets and datagrams.

• STEP 1: Start-up Wireshark. Since this lab IP, we are interested in IP or higher-layer protocols. So
let us change make sure that IP is activated. To have Wireshark do this, select Analyze->Enabled
Protocols. Then check the IPv4 box and select OK.
• STEP 2: Open a windows command prompt and type ping (press enter). Take some time for
getting familiar with the different options of ping command line.
• STEP 3: In windows command prompt execute: ping www.google.com –n 20
• STEP 4: In Wireshark and begin packet capture (Capture->Start) and then press OK on the
Wireshark Packet Capture Options screen (we will not need to select any options here).
• STEP 5: Stop Wireshark tracing. You should visualize something similar to the following figure:

4.2 Section 2: A look at the capture trace

In your trace, you should be able to see the series of ICMP Echo Request sent by your computer and
the ICMP Echo Reply messages returned to your computer by the intermediate routers.
• STEP 1: Select the one ICMP Echo Request message sent by your computer, and expand the
Internet Protocol part of the packet in the packet details window as follow:

28
 RMIT Classification: Trusted

Take some time to map the field with IP datagram and answer the following questions:

29
 RMIT Classification: Trusted

1. What is the IP address of your computer? What is the source and destination address?
2. Within the IP packet header, what is the value in the upper layer protocol field?
3. How many bytes are in the IP header? How many bytes are in the payload of the IP
datagram? Explain how you determined the number of payload bytes.
4. Has this IP datagram been fragmented? Explain how you determined whether or not the
datagram has been fragmented.
5. What is the value in the Identification field and the TTL field?

• STEP 2: Next (with the packets still sorted by source address) find the series of ICMP Echo
Reply sent to your computer and answer the following questions:
1. What is the IP address of your computer? What is the source and destination address?
2. Within the IP packet header, what is the value in the upper layer protocol field?
3. How many bytes are in the IP header? How many bytes are in the payload of the IP
datagram?
4. Has this IP datagram been fragmented?
5. What is the value in the Identification field and the TTL field?
6. Do these values remain unchanged for all of the ICMP Echo Reply sent to your computer by
the nearest (first hop) router? Why?

3.3 Section 3: Fragmentation

• STEP 1: Download and open the ip-ethereal-trace-1 using Wireshark provided. Sort the packet
listing according to time again by clicking on the Time column, select the packet 92-93 and answer
the following questions:

30
 RMIT Classification: Trusted

1. Analyze the first fragment of the fragmented IP datagram (92):

•
What information in the IP header indicates that the datagram been fragmented?
•
What information in the IP header indicates whether this is the first fragment versus a
latter fragment?
•
How long is this IP datagram?

2. Analyze the second fragment of the fragmented IP datagram (93):

•
What information in the IP header indicates that this is not the first datagram fragment?
•
Are the more fragments? How can you tell?
•
What fields change in the IP header between the first and second fragment?

4.3 Section 3: Basic analysis of routers (static route)

This exercise is a working progress; part 1 will be completed this week.
• STEP 1: Open Cisco Packet Tracer following the steps detailed on lab 2 guidelines. Now let us
take 5 minutes for reading the types of switches that Cisco Packet Tracer support, for doing that
click on help->tutorial>Devices & Modules> Routers.
• STEP 2: Open the provided file on blackboard: lab_4_router.pkt using Cisco packet tracer. When
opening the file, it will look like the following topology and answer the following questions:

1. What is the IP address of the PC0 and PC1? You can check it open a command prompt
and typing ipconfig.
2. From PC0 ping PC1, the ping is working?
3. In PC0 using the command line tracert x.x.x.x [PC1 IP address], check what is the path for
reaching PC1.

4. Open a CLI of Router1 and execute the following command:

Continue with configuration dialog? [yes/no]: n
Router>enable
Router>show ip route
Router> show arp
Router> show running-config
•
What the ip route display? It is the routing table?

31
 RMIT Classification: Trusted

•
What the arp display?
•
What the running-config display?

5. Repeat this with all the routers.

Congratulations! You have now completed the Part 3 of your

assignment.

5 Questions
The goal of lab 4 was primarily to introduce the Layer 3 protocols and devices. The following questions
will demonstrate that you have been able to do that. Answer the following questions:
• What is the role of TTL field? Why it is important?
• Explain the 3 main characteristics of layer 3 that you learn on this lab?
• Explain the main role of routers in the network.

6 References
[1] Cisco, Cisco Packet Tracer Data Sheet. Available at: http://www.cisco.com/c/dam/en_us/training-
events/netacad/course_catalog/docs/Cisco_PacketTracer_DS.pdf
[2] Supplement to Computer Networking: A Top-Down Approach, 7th ed., J.F. Kurose and K.W.
Ross, 2005-2016, All Rights Reserved
[3] William Stallings. 1996. Data and Computer Communications (5th Ed.). Prentice-Hall, Inc., Upper
Saddle River, NJ, USA.

32