Lab 4.5.1 Identifying Traffic Flows
Step 1: Cable and configure the current network
NOTE: If the PC used in this lab is also connected to your Academy LAN or to the Internet, ensure that you record the cable connections and TCP/IP settings so that these can be restored at the conclusion of the lab.
a. Referring to the topology diagram, connect the console (or rollover) cable to the console port on the router and the other cable end to the host computer with a DB-9 or DB-25 adapter to the COM 1 port. Ensure that power has been applied to both the host computer and router.
b. Establish a HyperTerminal or other terminal emulation program to the router.
c. From the command prompt on Host1, ping between Host1 and Discovery Server to confirm network connectivity. Troubleshoot and establish connectivity if the pings fail.
Step 2: Configure NetFlow on the interfaces
From the global configuration mode, issue the following commands to configure NetFlow:
FC-CPE-1(config)#interface fastethernet 0/0
FC-CPE-1(config-if)#ip flow egress
FC-CPE-1(config-if)#ip flow ingress
FC-CPE-1(config-if)#interface fastethernet 0/1
FC-CPE-1(config-if)#ip flow ingress
FC-CPE-1(config-if)#ip flow egress
Step 3: Verify the NetFlow configuration
a. From the privileged EXEC mode, issue the show ip flow interface command.
FC-CPE-1#show ip flow interface
FastEthernet0/0
ip flow ingress
ip flow egress
FastEthernet0/1
ip flow ingress
ip flow egress
Confirm that the output shown above is displayed. Troubleshoot your configuration if this output is not displayed.
b. From the privileged EXEC mode, issue the following command to ensure that flow cache statistics are
reset:
FC-CPE-1#clear ip flow stats
Step 4: Create network data traffic
a. Ping the Discovery Server from Host1 to generate a data flow.
From the command line of Host1, issue the command ping 172.17.1.1 -n 200
b. Telnet to the Discovery Server from Host1.
If Discovery Server is being used, issue the command telnet server.discovery.ccna from the
command prompt of Host1. If Discovery Server is not being used, DNS is not configured , or if a terminal program such as HyperTerminal or TeraTerm is being used, telnet from Host1 to 172.17.1.1.
c. On Host1, launch a web browser and enter the URL http://server.discovery.ccna
If Discovery Server is not being used or DNS is not configured, then use http://172.17.1.1 to access the web services configured on that server.
Instructor Note:
If it is not possible to set up a dedicated web server on the host at address 172.17.1.1, the freeware server TinyWeb, available at http://www.ritlabs.com/en/products/tinyweb/, is extremely easy to set up and use.
d. Use FTP to download a file.
On Host1, launch a web browser and enter the URL ftp://server.discovery.ccna, or issue
ftp server.discovery.ccna from the command line. If DNS is not configured use the IP address 172.17.1.1 instead of the domain name. Download a file from the server.
NOTE: If the email client program is not installed on Host1, download that program file for use in the next step.
e. If email accounts have been configured using the POP3 and SMTP services on Discovery Server, send an email using one of these accounts.
Step 5: View the data flows
At the conclusion of the data flow, view the details by issuing the show ip cache flow command from privileged EXEC mode.
FC-CPE-1#show ip cache flow
Output similar to this will be displayed.
IP packet size distribution (3969 total packets):
1-32 64 96 128 160 192 224 256 288 320 352 384 416 448 480
.000 .351 .395 .004 .011 .001 .005 .009 .001 .002 .005 .001 .000 .000 .000
512 544 576 1024 1536 2048 2560 3072 3584 4096 4608
.000 .000 .013 .000 .195 .000 .000 .000 .000 .000 .000
IP Flow Switching Cache, 278544 bytes
2 active, 4094 inactive, 1368 added
22316 ager polls, 0 flow alloc failures
Active flows timeout in 30 minutes
Inactive flows timeout in 15 seconds
IP Sub Flow Cache, 17416 bytes
0 active, 1024 inactive, 0 added, 0 added to flow
0 alloc failures, 0 force free
1 chunk, 0 chunks added
last clearing of statistics 02:50:15
Protocol Total Flows Packets Bytes Packets Active(Sec) Idle(Sec)
-------- Flows /Sec /Flow /Pkt /Sec /Flow /Flow
TCP-Telnet 9 0.0 13 47 0.0 5.2 10.8
TCP-FTP 28 0.0 7 62 0.0 0.8 10.4
TCP-WWW 64 0.0 7 138 0.0 0.3 2.1
TCP-other 16 0.0 75 840 0.1 0.0 4.1
UDP-DNS 878 0.0 1 72 0.0 0.0 15.4
UDP-other 347 0.0 3 88 0.1 4.5 15.5
ICMP 26 0.0 1 70 0.0 0.8 15.4
Total: 1368 0.1 2 318 0.3 1.2 14.6
< output omitted >
From your output, list the name of each protocol with the number of flows. Answers vary. Examples shown.
Telnet 9 flows
FTP 28 flows
WWW 64 flows
DNS 878 flows
ICMP 26 flows
TCP other 16 flows
UDP other 347 flows
What was the total number of packets generated?answers vary; 3969 packets
Which protocol generated the most packets? TCP other (75 x 16 = 1200)
Which protocol produced the most bytes per flow?TCP other (75 x 840 = 63000)
Which protocol's flows were on the network the longest time? Telnet 5.2 sec
Which protocol used the longest amount of network time? UDP other (4.5 x 347 = 1561.5 sec)
Step 6: Clean up
Erase the configurations and reload the routers and switches. Disconnect and store the cabling. For PC hosts that are normally connected to other networks (such as the school LAN or to the Internet), reconnect the appropriate cabling and restore the TCP/IP settings.
Step 7: Reflection
Create a projected applications document listing the applications planned to use the network.
Responses vary but may include:
Application Type | Application | Protocol | Priority | Comments |
Email | MS Outlook | SMTP | Medium | All users |
Voice | Call Manager/SIP | VRTP | High | All users |
Web | Apache | Server HTTP | Low | All users |
Database | SQL Server | TCP | Medium | Restricted users |
Final Configurations
Router 1
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname FC-CPE-1
!
boot-start-marker
boot-end-marker
!
enable password cisco
!
no aaa new-model
ip cef
!
!
!
interface FastEthernet0/0
ip address 10.0.0.1 255.255.255.0
ip flow ingress
ip flow egress
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 172.17.0.1 255.255.0.0
ip flow ingress
ip flow egress
duplex auto
speed auto
!
interface Serial0/1/0
no ip address
shutdown
no fair-queue
clock rate 2000000
!
interface Serial0/1/1
no ip address
shutdown
clock rate 2000000
!
ip http server
no ip http secure-server
!
!
!
control-plane
!
!
!
line con 0
password cisco
login
line aux 0
line vty 0 4
password cisco
login
!
Scheduler allocate 20000 1000
end
0 komentar:
Posting Komentar