Lab 4.2.3 Analyzing Network Traffic
Task 1: Design Network Access to FTP and Email Services
Step 1: FTP network considerations
File transfer traffic can put high-volume traffic onto the network. This traffic can have a greater effect on throughput than interactive end-to-end connections. Although file transfers are throughput-intensive, they typically have low response-time requirements.
As part of the initial characterization of the network, it is important to identify the level of FTP traffic that will be generated. From this information, the network designers can decide on throughput and redundancy requirements.
a. List possible file transfer applications that would generate traffic on the FilmCompany network.
Document sharing
Video production file transfer
b. List these applications by priority based on response time.
Video production file transfer
Document sharing
c. List these applications by priority based on bandwidth requirements.
Video production file transfer
Document sharing
Step 2: Email network considerations
Although customers expect immediate access to their emails, they usually do not expect emails to have
network priority over files that they are sharing or updating. Emails are expected to be delivered reliably and
accurately. Generally, emails are not throughput-intensive, except when there are enterprise-wide mail-outs
or there is a denial of service attack.
List some email policies that could control the volume of email data and the bandwidth used.
Limit email attachment size
Limit the number of recipients of bulk email messages
Ensure that external email spam is filtered before being reaching the LAN
Step 3: Configure and connect the host PCs
NOTE: If the PCs used in this lab are also connected to your Academy LAN or to the Internet, ensure that you
record the cable connections and TCP/IP settings so that these can be restored at the conclusion of the lab.
a. Set the IP addresses for PC1 and PC2 as shown in the configuration table.
b. Establish a terminal session to router R1 from one of the PCs, and configure the interfaces and
hostname as shown in the configuration table.
Task 2: Configure NBAR to Examine Network Traffic
Step 1: Enable NBAR Protocol Discovery
NBAR can determine which protocols and applications are currently running on a network. NBAR includes the Protocol Discovery feature, which identifies the application protocols operating on an interface so that appropriate QoS policies can be developed and applied. To enable Protocol Discovery to monitor selected protocols on a router interface, issue the following commands from the global configuration mode:
FC-CPE-1(config)#interface fastethernet 0/0
FC-CPE-1(config-if)#ip nbar protocol-discovery
Step 2: Confirm that Protocol Discovery is configured
From the privileged EXEC mode, issue the show running-config command and confirm that the following output appears under interface FastEthernet 0/0:
interface FastEthernet0/0
ip address 10.0.0.1 255.255.255.0
ip nbar protocol-discovery
If protocol-discovery is not confirmed, reissue the configuration commands for interface FastEthernet 0/0.
Task 3: Generate and Identify Network Traffic
Step 1: Generate FTP traffic
The Mozilla Thunderbird email client program will be downloaded from Discovery Server as an example of FTP.
a. On PC1, launch a web browser and enter the URL ftp://server.discovery.ccna,
Alternatively, from the command line, enter ftp server.discovery.ccna. If DNS is not
configured the IP address 172.17.1.1 must be used instead of the domain name.
b. Locate the file thunderbird_setup.exe in the pub directory, download the file, and save it on PC1.
Repeat this step for PC2.
Step 2: Generate Email traffic
If the Thunderbird email client has been installed and email accounts set up on both PC1 and PC2, proceed to Step 2d. Otherwise, install and set up the email client on PC1 and PC2 as described in Steps 2a through 2c.
a. Install the Thunderbird email client on PC1 and PC2 by double-clicking the downloaded
thunderbird_setup.exe file and accepting the default settings.
b. When the installation has completed, launch the program.
c. Configure email account settings as shown in this table.
Field
Value
Account Name
The account name is based on the pod and host
computer. There are a total of 20 accounts
configured on Discovery Server, labeled
user[1..20].The password for each account is
cheetah[1..20].
Your Name
Use the same name as above.
E-mail address
username@server.discovery.ccna
Type of incoming server you are using
POP
Incoming Server (SMTP)
172.17.1.1
Outgoing Server (SMTP)
172.17.1.1
1) On the Tools menu, click Account Settings.
2) Complete the required Thunderbird Account Settings.
3) In the left pane of the Account Settings screen, click Server Settings and complete the necessary details.
4) In the left pane, click Outgoing Server (SMTP) and complete the proper configuration for the Outgoing Server (SMTP).
d. Send and receive two emails between accounts on each PC.
Step 3: Display the NBAR results
With Protocol Discovery enabled, any protocol traffic supported by NBAR, as well as the statistics associated with that protocol, can be discovered.
a. To display the traffic identified by NBAR, issue the show ip nbar protocol-discovery
command from the privileged EXEC mode.
FC-CPE-1#show ip nbar protocol-discovery
The output will have the following headings:
FastEthernet0/0
Input Output
----- ------
Protocol Packet Count Packet Count
Byte Count Byte Count
5min Bit Rate (bps) 5min Bit Rate (bps)
5min Max Bit Rate (bps) 5min Max Bit Rate (bps)
--------------------- ------------------------ ------------------------
Sample Output:
FC-CPE-1#show ip nbar protocol-discovery
FastEthernet0/0
Input Output
----- ------
Protocol Packet Count Packet Count
Byte Count Byte Count
5min Bit Rate (bps) 5min Bit Rate (bps)
5min Max Bit Rate (bps) 5min Max Bit Rate (bps)
------------------------ ------------------------ ------------------------
ftp 4317 10757
279012 14127498
0 62000
15000 363000
dhcp 134 0
82812 0
1000 0
1000 0
pop3 70 59
4356 7487
0 0
0 1000
smtp 65 67
6298 5142
0 0
0 0
http 3 2
580 1222
0 0
0 0
dns 10 10
816 816
0 0
0 0
netbios 4 0
978 0
0 0
0 0
<>
xwindows 0 0
0 0
0 0
0 0
unknown 2 3
122 170
0 0
0 0
Total 4605 10898
374974 14142335
1000 62000
16000 364000
FC-CPE-1#
b. List each protocol identified and the Input and Output information.
Output varies; sample for FTP:
ftp 18 16
1295 1288
0 0
0 0
c. Although the data traffic in this lab may not be sufficient to generate values for the 5min Bit rate (bps) and 5min Max Bit Rate (bps) fields, consider and discuss how these values would be applied to designing an FTP and email network.
Can help determine average and peak network bandwidth requirements.
Step 4: Use NBAR to monitor other data traffic
NBAR can identify and monitor a range of network application traffic protocols.
From the privileged EXEC mode of the router, issue the command show ip nbar port-map and note the
output displayed.
FC-CPE-1#show ip nbar port-map
List some protocols that you consider should be monitored and policies applied to.
Sample Output
port-map bgp udp 179
port-map bgp tcp 179
port-map bittorrent tcp 6881 6882 6883 6884 6885 6886
6887 6888 6889
port-map citrix udp 1604
port-map citrix tcp 1494
port-map cuseeme udp 7648 7649 24032
port-map cuseeme tcp 7648 7649
port-map dhcp udp 67 68
port-map directconnect tcp 411 412 413
port-map dns udp 53
port-map dns tcp 53
port-map edonkey tcp 4662
port-map exchange tcp 135
port-map fasttrack tcp 1214
port-map finger tcp 79
port-map ftp tcp 21
port-map gnutella udp 6346 6347 6348
port-map gnutella tcp 6346 6347 6348 6349 6355 5634
port-map gopher udp 70
port-map gopher tcp 70
port-map h323 udp 1300 1718 1719 1720 11720
port-map h323 tcp 1300 1718 1719 1720 11000 - 11999
port-map http tcp 80
port-map imap udp 143 220
port-map imap tcp 143 220
port-map irc udp 194
port-map irc tcp 194
port-map kerberos udp 88 749
port-map kerberos tcp 88 749
port-map l2tp udp 1701
port-map ldap udp 389
port-map ldap tcp 389
port-map mgcp udp 2427 2727
port-map mgcp tcp 2427 2428 2727
port-map netbios udp 137 138
port-map netbios tcp 137 139
port-map netshow tcp 1755
port-map nfs udp 2049
port-map nfs tcp 2049
port-map nntp udp 119
port-map nntp tcp 119
port-map notes udp 1352
port-map notes tcp 1352
port-map novadigm udp 3460 3461 3462 3463 3464 3465
port-map novadigm tcp 3460 3461 3462 3463 3464 3465
port-map ntp udp 123
port-map ntp tcp 123
port-map pcanywhere udp 22 5632
Designing and Supporting Computer Networks
port-map pcanywhere tcp 65301 5631
port-map pop3 udp 110
port-map pop3 tcp 110
port-map pptp tcp 1723
port-map printer udp 515
port-map printer tcp 515
port-map rcmd tcp 512 513 514
port-map rip udp 520
port-map rsvp udp 1698 1699
port-map rtsp tcp 554
port-map secure-ftp tcp 990
port-map secure-http tcp 443
port-map secure-imap udp 585 993
port-map secure-imap tcp 585 993
port-map secure-irc udp 994
port-map secure-irc tcp 994
port-map secure-ldap udp 636
port-map secure-ldap tcp 636
port-map secure-nntp udp 563
port-map secure-nntp tcp 563
port-map secure-pop3 udp 995
port-map secure-pop3 tcp 995
port-map secure-telnet tcp 992
port-map sip udp 5060
port-map sip tcp 5060
port-map skinny tcp 2000 2001 2002
port-map smtp tcp 25
port-map snmp udp 161 162
port-map snmp tcp 161 162
port-map socks tcp 1080
port-map sqlnet tcp 1521
port-map sqlserver tcp 1433
port-map ssh tcp 22
port-map streamwork udp 1558
port-map sunrpc udp 111
port-map sunrpc tcp 111
port-map syslog udp 514
port-map telnet tcp 23
port-map tftp udp 69
port-map vdolive tcp 7000
port-map winmx tcp 6699
port-map xwindows tcp 6000 6001 6002 6003
Step 5: Clean up
Erase the configurations and reload the routers and switches. Disconnect and store the cabling. For PC hosts that are normally connected to other networks (such as the school LAN or to the Internet), reconnect the appropriate cabling and restore the TCP/IP settings.
Challenge
This lab considered only the volume of FTP and email data traffic and its impact
on network design. Reliable access to servers is also important. In the space below, sketch a revised topology for this lab that would provide redundancy for these services.
TOPOLOGY DIAGRAM FOR INSTRUCTOR VERSION ONLY
Final Configurations
Router 1
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname FC-CPE-1
!
boot-start-marker
boot-end-marker
!
enable password cisco
!
no aaa new-model
ip cef
!
!
!
interface FastEthernet0/0
ip address 10.0.0.1 255.255.255.0
ip nbar protocol-discovery
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 172.17.0.1 255.255.0.0
duplex auto
speed auto
!
interface Serial0/1/0
no ip address
shutdown
no fair-queue
clock rate 2000000
!
interface Serial0/1/1
no ip address
shutdown
clock rate 2000000
!
!
ip http server
no ip http secure-server
!
!
!
control-plane
!
!
!
line con 0
password cisco
login
line aux 0
line vty 0 4
password cisco
login
!
scheduler allocate 20000 1000
end
0 komentar:
Posting Komentar