Experiment 3 Network layer experiment
- Fill in the following table with the result of executing the command:
Execution result in step 2 in
2.6.1 Execution result in step 4 in 2.6.1 PCA
PCB
The execution result in step 3 in 2.6.2 (192.168.1.10 00-0c-29-580a0-03)
-
Analyze the packets intercepted in step 3.6.1, and fill in the blank “Protocol” field: there are 2 ARP packets and 8 ICMP packets. In all messages, the "Opcode" field of the ARP protocol tree in the ARP message has two values 1, 2, and what value do the two values represent?
Answer: 1: ICMP request request message; 2: ICMP reply response message -
Analyze the structure of the ARP message according to step 6 of 2.6.1: Select the first ARP request message and the first ARP reply message, and fill in the fields in the ARP request message and ARP reply message into the following table:
Field item ARP request data message ARP response data message
Link layer Destination item Ff: ff: ff: ff: ff: ff 00: 0c: 29: 58: a0: 03
Link layer Source item 00: 0c: 29: 58: a0: 03 00: 0c: 29: 5f: 7b: e7
network layer Sender MAC Address 00: 0c: 29: 58: a0: 03 00: 0c: 29: 5f: 7b: e7
network layer Sender IP Address 192.168. 1.22 192.168.1.21
Network layer Target MAC Address 00: 00: 00: 00: 00: 00 00: 0c: 29: 58: a0: 03
Network layer Target IP Address 192.168.1.21 192.168.1.22
4. (1) Compare ping1- What message is missing from the message information intercepted in the student ID? Briefly describe the role of ARP Cache.
Answer: Without ARP packets, ARP cache is used to store ARP protocol; ARP protocol is suitable for matching MAC address and hardware address of the device. Before communication, the host converts IP to MAC address through ARP and stores it in the ARP table for communication.
(2) Re-network according to Figure-4, and make sure the connection is correct. Modify the IP address of the computer and the default gateway of PC A to 192.168.1.10 and the default gateway of PC B to 192.168.2.10. Consider what will happen if you do not set the default gateway?
A: If you do not set the default gateway, you will not be able to access hosts on different network segments, but you can still access hosts on the same network segment.
5. Analyze the structure of the ARP message according to step 4 of 2.6.2: select the first ARP request message and the first ARP reply message, and compare the field information in the ARP request message and ARP reply message with the above . Compared with the ARP protocol parsing process in the same network segment, what are the similarities and differences?
Answer: The difference lies in the role of the gateway. In different VLANs, indirect delivery is required through the default gateway.
Field items are the same network segment but different network segment
Sender IP Address of the request packet 192.168.1.21 PCB IP 192.168.1.10 PCA default gateway
response packet link layer Source item 00: 0c: 29: 58: a0: 03 PCB MAC The MAC address of the default gateway S1 E1 / 0/1 of the address PCA The
response packet network layer Sender MAC Address 00: 0c: 29: 58: a0: 03 The MAC address of the PCB The MAC address of the default gateway S1 E1 / 0/1 of the PCA
Target IP Address 192.168.1.21 of the request packet PCB IP 192.168.1.10 Default gateway of PCA
6. According to 3.6.1 Step 2-Start Wireshark software on PC A and PC B to intercept the message, then PC A ping PC B, and analyze the intercepted ICMP message: There are 8 ICMP messages, which type ? What are the corresponding types and code fields? Please analyze which fields in the message guarantee the one-to-one correspondence between the echo request message and the echo reply message?
Answer: The source and destination fields ensure a one-to-one correspondence between request and response messages. Type 8 means request message, and type 0 means response message.
7. According to 3.6.1 step 3-start Wireshark software on PC A and PC B to intercept the message, run the pingtest program, set the address mask request message parameters, analyze the intercepted message and fill in the following table:
Address mask request message Address mask response message
ICMP field name field value ICMP field name field value
Type 17 Type 18
Code 0 Code 0
checksum 0xe3ff checksum 0xe3fe
Identifier (BE) 2560 Identifier (BE) 2560
Identifier (LE) 10 Identifier (LE) 10
Sequence Number (BE) 256 Sequence Number (BE) 256
Sequence Number (LE) 1 Sequence Number (LE) 1
Address Mask 0.0.0.0 Address Mask 255.255.255.0
8. According to step 3.6.1 step 4-on PC Start Wireshark software on A and PC B to intercept the message, run the pingtest program, set the timestamp request message parameters, analyze the intercepted message and fill in the following table:
Time stamp request message Time stamp response message
ICMP field name field value ICMP field name field value
Type 13 Type 14
Code 0 Code 0
checksum 0x7eff checksum 0xfe23
Identifier (BE) 2560 Identifier (BE) 2560
Identifier (LE) 10 Identifier (LE ) 10
Sequence Number (BE) 256 Sequence Number (BE) 256
Sequence Number (LE) 1 Sequence Number (LE) 1
Originate timestamp 0s after midnight UTC Originate timestamp 0s after midnight UTC
Receive timestamp 0s after midnight UTC Receive timestamp 6 hours, 54 minutes, 25.193 seconds after midnight UTC
Transmit timestamp 0s after midnight UTC Transmit timestamp 6 hours, 54 minutes, 25.193 seconds after midnight UTC
through the above experiments, carefully understand the role of ICMP query messages.
9. Answer according to step 1 in 3.6.2:
(1) Please compare the difference between these two situations?
Answer: For 10.1.3.20, the address is in the subnet of S1 E1 /
0/23 port, so S1 will send the packet to E1 / 0/23. For 10.1.4.20, the address is not in the routing table of S1, so S1 thinks that 10.1.4.10 is unreachable and will reply Destination unreachable.
(2) Which ICMP error message was intercepted? What is its type and code field value? The ICMP protocol part of this message is divided into several parts? what is the function?
A: ICMP error messages with unreachable endpoints are intercepted. The ICMP message now contains: Type, code, checksum fields. Type: 3 indicates that the end point is unreachable. Code 0 means the network is unreachable.
10. Answer according to step 2 in 3.6.2:
(1) Combining the content of the message, briefly describe the working process of tracert.
Tracert sends packets with different life cycles to the destination host. Each router passing from the source host to the destination host reduces the TTL value of the ICMP packet to -1. When the TTL is reduced to 0, the router sends a timeout error packet to the source host.
(2) Which ICMP error message was intercepted? What is its type and code field value?
Answer: Overtime retransmission message ICMP error message. Type: 11, code: 0.
11. According to step 1 in 4.6, which fields of the IP protocol packet are used to write the tracert command?
Answer: The TTL field of the life cycle of ICMP messages.
12. Answer according to step 2 in 4.6: Observe whether PC A and PC B can be pinged, and analyze the reason in combination with the intercepted message.
Answer: Unable to ping. Because after changing the address mask, the subnet mask value of the PCB and the PCA is the same as the subnet mask value of the PCA and the PCA, so that the PCA to PCB message will be delivered directly to the network.
13. Fill in the following table according to step 3 in 4.6:
Destination / Mask Protocol Pre Cost Nexthop Interface
10.1.2.0/24 Direct 0 0 10.1.2.1 Vlan 2
10.1.2.1/32 Direct 0 0 127.0.0.1 Inloop0
10.1.3.1/24 Direct 0 0 10.1.3.1 Vlan 3
10.1.3.1/ 32 Direct 0 0 127.0.0.1 InLoop0
127.0.0.0/8 Direct 0 0 127.0.0.1 InLoop0
127.0.0.1/32 Direct 0 0 127.0.0.1 InLoop0
14. (1) According to Experiment 2 Section 5.5 (PPP protocol experiment) Figure 18 Configure the router, and the two routers ping each other to see if they can be pinged. According to the debug display information on R1, draw the state transition diagram (event-driven, state transition) of the IPCP protocol during the negotiation process.
Answer: You can ping it.
(2) Change the IP address of interface S0 / 0 of router R2 to 10.0.0.1/24. Can the two routers ping? And explain why? Pay attention to the characteristics of the IPCP protocol. (Hint: Check the debug information of the IPCP protocol negotiation process)
Answer: You can ping it. The IPCP protocol is responsible for establishing, enabling, and terminating the IP module, and assigns users some parameters necessary for Internet access. After the address is modified, IPCP renegotiation reaches the open state again, making the link connected.
15. According to step 5 in 5.6: (optional)
(1) Among the intercepted messages, there are 3 ARP messages, 10 ICMP: Echo messages, 5 ICMP: Echo Reply messages, and 15 IP messages .
(2) According to the analysis of the execution process of the ping command, the packets that belong to the same data packet information are intercepted. For example, the following packets can be seen from the information column. The same data segment.
Fill in the table below with the message fragmentation information of the first ICMP Request.
字段名称 分片序号1 分片序号2 分片序号3 分片序号4
"Identification" field value 0x0013 (19) 0x0013 (19) 0x0013 (19) 0x0013 (19)
"Flag" field value 0x01 0x01 0x01 0x00
"Frame offset" field value 0 80 160 240
Amount of data transferred 100 100 100 88
Analysis table Content, according to the IP header field settings, experience the fragmentation process.
(3) The data part of ping is 300 bytes, and the Ethernet port MTU of the router is set to 100 bytes. Why is the echo request packet divided into 4 pieces instead of 3 pieces? What is the length of the data part and the message is exactly divided into 3 pieces?
Answer: 240; Because the header of each packet occupies 20 bytes and the header of the three datagrams occupies 60 bytes, (300-60) = 240.
16. Comprehensive experiment (analysis of the results of the
inter-VLAN routing experiment ) According to the intercepted messages between the cross-switch inter-VLAN routing experiment (PCC ping PCD), the forwarding process of the entire network layer and data link layer is analyzed.
The convention is as follows: MAC address pair in the data frame: (destination MAC address, source MAC address)
IP address pair in the datagram: (destination IP address, source IP address)
figure 1
figure 2
image 3
Figure 4
STEP 1
What is the first message type sent by PCC? why?
ARP: Because the MAC address of the destination host must be obtained before it can be connected.
The pair of VLAN id, MAC and IP address included in the data frame of the message is: VLAN id = 2
MAC: (ff.ff.ff.ff.ff.ff, MAC_PCC)
IP: (192.168.2.1, 192.168.2.11 )
STEP 2
After S2 receives the data frame, the operation of its MAC address table is:
Insert the MAC address of the PCC
S2 inserts a tag with VLAN id = 2 according to the VLAN to which the port receiving the data frame belongs, and forwards the data frame to all VLAN 2 ports except the receiving port.
STEP 3
After S1 receives the data frame, the operation of its MAC address table is:
Insert the MAC address of S2
S1 delivers the ARP message to the network layer, and the operation of S1 to its arp table is:
Insert the IP of PCA And MAC address
S1 sent data frame containing ARP Reply message: (MAC_PCC, MAC_ VLAN 2)
(192.168.2.11, 192.168.2.1); VLAN id = 2
STEP 4
After S2 receives the data frame, the operation of its MAC address table is:
Insert the MAC address of S1
After the data frame received by S2, according to the VLAN tag and ARP table, decide to forward the data to port E0 / 1 Frame;
S2 is a trunk type port according to port E0 / 13, remove the VLAN tag, and forward the frame from port E0 / 1.
Figure 5
Figure 6
Picture 7
Picture 8
Figure 9
STEP 5
The PCC receives the ARP Reply message, updates its ARP cache, and displays the ARP cache command:
Arp -a
displays the content:
(192.168.2.11, C's MAC address)
The PCC sends an ICMP Echo Request In the data frame of the packet: VLAN id = 2
MAC: (MAC-S1, MAC-PCC)
IP: (192.168.2.11, 192.168.2.1)
STEP 6
S2 receives the data frame and adds a VLAN2 tag according to its receiving port ; According to the destination MAC, look up the MAC address table; forward the data frame from the E0 / 13 port to S1.
In the data frame forwarded by S2: VLAN id =
MAC: (MAC-S1, MAC-PCC)
IP: (192.168.2.1, 192.168.2.11)
STEP7
S1 receives the data frame forwarded by S2 and delivers it to the network layer, according to the purpose IP address, check the routing table, route the packet to int vlan 3, ready to be delivered to the PCD through the data link layer;
However, if the MAC address of the PCD is not found, the data frame containing the ARP Request message must be sent; VLAN id = 3
MAC: (ff.ff.ff.ff.ff.ff., MAC-S1)
IP: (broadcast, 192.168.2.11)
STEP 8
S2 receives the data frame forwarded by S1, and forwards the data frame to all ports belonging to VLAN 3 except the receiving port according to its VLAN id = 3;
S2 removes the VLAN tag according to the port type E0 / 13, which is a trunk type. Forward the frame from port E0 / 24.
STEP 9
The PCD receives the data frame forwarded by S2 and updates its ARP cache. The contents of the ARP cache are:
(192.168.3.1, MAC-PCD)
The PCD sends the data frame containing the ARP reply message; VLAN id = 3
MAC: (MAC-S1, MAC-PCD)
IP: (192.168.3.1, 192.168.3.11)
Picture 10
Picture 11
Picture 12
Figure 13
Figure 14
STEP 10
S2 receives the data frame and adds the VLAN 3 tag according to its receiving port; searches the MAC address table according to the destination MAC; forwards the data frame from the
E0 / 13 port to S1.
In the data frame forwarded by S2: VLAN id = 3
MAC: (MAC-S1, MAC-PCD)
IP: (192.168.3.1, 192.168.3.11)
STEP 11
S1 receives the data frame, submits it to the network layer, and updates it ARP table;
S1 replaces the VLAN tag of the data frame containing the ICMP Echo Request message from VLAN id = 2 to VLAN id = 3. In the encapsulated data frame: VLAN id = 3
MAC: (MAC-PCD, MAC-S1)
IP: (192.168.3.11, 192.168.3.1)
Look up the MAC address table and send it through port E0 / 13.
STEP 12
S2 receives the data frame forwarded by S1, and forwards the data frame to port E 0/24 according to its VLAN id and destination MAC address;
At the same time, S2 is a trunk type port according to port E0 / 13, and removes the VLAN tag. Forward the frame from port E0 / 24.
STEP 13
The PCD receives the data frame containing the ICMP Echo Request message and sends the data frame containing the ICMP Echo Reply message: VLAN id = 3
MAC: (MAC-S1, MAC-PCD)
IP: (192.168.3.1, 192.168 .3.11)
STEP 14
S2 receives the data frame and adds the VLAN 3 tag according to its receiving port; searches the MAC address table according to the destination MAC; and forwards the data frame from the
E0 / 13 port to S1.
In the data frame forwarded by S2: VLAN id = 3
MAC: (MAC-S1, MAC-PCD)
IP: (192.168.3.1, 192.168.3.11)
Figure 15
Figure 16
STEP 15
S1 receives the data frame forwarded by S2 and delivers it to the network layer. According to the destination IP address, it
looks up the routing table and routes the packet to int vlan2. It is ready to be delivered to the PCC through the data link layer; Address, replace VLAN tag, encapsulate and send data frame; VLAN id =
MAC: (MAC-PCC, MAC-S1)
IP: (192.168.2.11, 192.168.2.1)
STEP 16
S2 receives the data frame forwarded by S1, according to With its VLAN id and destination MAC address, it forwards the data frame to the E0 / 1 port;
At the same time, S2 is a trunk type port based on port E0 / 13, removes the VLAN tag, and forwards the frame from port E0 / 1.
In this way, the PCC receives the data frame containing the ICMP Echo Reply message forwarded by S2. The first round of ICMP query and response process ends.
-
The design experiment is shown in the
figure. A company wants to build a company network and leases a C-type address 202.108.100. * / 24 from the network service provider. The address of the router connected to the network service provider is shown in the figure. Please give the design plan. Meet the following requirements:
1) The more subnets the network divides, the better, but the number of hosts in each subnet is greater than 15; please write the number of subnets, and the mask, gateway, and host address range of each subnet.
2) All users can access the Internet, that is, all hosts must be able to ping the E0 / 0 port of the network service provider's router.
3) After dividing the subnets, static routes should be configured on the routers and Layer 3 switches. Please write the configured static route.
Note: As shown in the figure, two subnets are simulated (the first subnet and the last subnet). Because the number of switches is insufficient, the host of the last subnet is directly connected to the corresponding port of the Layer 3 switch. For the two hosts in each subnet, configure the first and last host addresses of the subnet respectively. -
Subnetting
Under the premise that the number of hosts in each subnet is greater than 15, you need to use 5 digits to specify the host number and 3 digits to specify the subnet number:
IP address subnet mask gateway host address range
202.108.100.0/27 255.255. 225.224 202.108.100.2 .1- .30
202.108.100.32/27 255.255.225.224 202.108.100.34 .33- .62
202.108.100.64/27 255.255.225.224 202.108.100.66 .65- .94
202.108.100.96/27 255.255.225.224 202.108 .100.98 .97- .126
202.108.100.128/27 255.255.225.224 202.108.100.130 .129- .158
202.108.100.160/27 255.255.225.224 202.108.100.162 .161- .190
202.108.100.192/27 255.255.225.224 202.108.100.194 .193- .222
202.108.100.224/27 255.255.225.224 202.108.100.226.225-.254 -
Wired networking: Connect as shown in the networking diagram above, and set the E1 / 0/13 port to trunk type.
-
Configure the IP, gateway and subnet mask of each host.
-
配置静态路由
[R1]ip route-static 202.108.100.225 255.255.255.224 211.100.217.193
[R1]ip route-static 202.108.100.254 255.255.255.224 211.100.217.193
[R1]ip route-static 202.108.100.1 255.255.255.224 211.100.217.193
[R1]ip route-static 202.108.100.30 255.255.255.224 211.100.217.193
[S1]ip route-static 0.0.0.0 0.0.0.0 211.100.217.192 -
Configure Vlan and ip address
[R1] interface GE 0/0
[R1-GE0 / 0] ip add 211.100.217.192 24
[S1] vlan 1
[S1] inter vlan 1
[S1-vlan-interface1] ip add 211.100.217.193 255.255.255.0
[S1] vlan 2
[S1] inter vlan 2
[S1-vlan-interface2] ip add 202.108.100.2 255.255.255.224
[S1] vlan 3
[S1] inter vlan 3
[S1-vlan-interface2] ip add 211.108.100.226 255.255.255.224
6. Run ping 211.100.217.192 to view the result.
