Build an internet
In this in-class lab exercise you will work with a group. There will be 3 other
groups. Each group will build a local network. Then the 4 networks will be
combined into a single internet. See the "Lab
exercise: build an internet" slides. They blueprint the plan. These
step-by-step instructions accompany them.
For building its localnet, your group will be issued a kit consisting of:
1 switch or hub, with power supply
1 laptop
2 USB NICs
4 cables
Your localnet will also incorporate 2 of the classroom's existing desktops. Do as indicated below.
Construct 1 localnet for your group
add one of the USB NICs to your laptop
determine its name
cable it into your hub/switch
re-cable the 2 closest classroom desktops into your hub/switch
choose an internal network (netaddr & netmask)
choose 3 of its host addresses and apply them to your 3 hosts
make sure your 3 hosts can ping each other
Construct 2 localnets between groups
identify the other 2 localnets that are lateral, not diagonal, to you
(for example, if you are the Northwest localnet, Southeast is diagonal to you so your
2 lateral localnets are Southwest and Northeast)
add the other USB NIC to your laptop
determine its name
cable your laptop's 2 free NICs directly (no hub/switch) to the laptops of your 2 lateral localnets
do not cable any 2 USB NICs together: from a USB NIC always cable into the lateral localnet's laptop's built-in NIC only
confer separately with the students from those 2 localnets
with each:
mutually choose an external network (netaddr & netmask)
choose 2 of its host addresses
apply them to your 2 laptops
make sure your 2 laptops can ping one another
Make route table settings, for lateral integration
On your laptop
add 2 network routes, one to each of the lateral localnets
(gatewayed through the lateral routers)
On your desktops
add default routes, on each, to your laptop
make sure your 2 desktops can ping both of your lateral networks' laptops
make sure your 2 desktops can ping all 4 desktops that belong to your lateral
networks
Make route table settings, for diagonal integration
confer with students from your diagonal localnet
determine what their local network is (netaddr & netmask)
On your laptop
add a network route to the diagonal localnet
On your desktops
do nothing
make sure your laptop can ping both your diagonal network's desktops
make sure your 2 desktops can ping both your diagonal network's desktops
Sniff traffic on outside of laptop before and after adding IP
masquerading (network address translation)
on your laptop run tcpdump on one external interface while executing a 1-time
ping from one of your desktops through that interface (i.e., to either the laptop or a desktop
in the other group)
note the source address of the ping request and destination address of the ping
reply (one and the same address)
repeat, on your laptop's other external interface
apply masquerading on both interfaces, using the command for it shown in the slides
now again, on your laptop run tcpdump on one external interface while
executing a 1-time ping from one of your desktops through that interface
note the source address of the ping request and destination address of the ping
reply (one and the same address)
repeat, on your laptop's other external interface
Block (firewall) traffic, on outside of laptop, from leaving
apply firewalling on one of your laptop's external interfaces, using the
command for it shown in the slides
run tcpdump on that firewalled interface while executing a 1-time ping from one
of your desktops through that interface
run tcpdump on the laptop's other unfirewalled external interface while
executing a 1-time ping from one of your desktops through that interface
undo the firewalling
run tcpdump on that formerly firewalled interface while executing a 1-time ping
from one of your desktops through that interface
When finished
shutdown laptops
disconnect equipment
recompose and return your kit
re-cable desktops to classroom network