Lab: Setting up a Dual-homed Host

Form teams of 3 or 2.

For this lab, your team will need:

• 3 Linux boxes, called H, F, and O. F is the "forwarding machine", H is the "host", and O is "other". F should be between H and O.
• A switch or hub (doesn't matter).
• Two ethernet cables.

Record your answers to the questions below in a document. Probably the easiest place to do this is on F.

Step 1.

On F, plug in the green ether cable only and make sure you have an IP address on the 153.106.117.* network.

*** Q1. Record this address and what interface (eth0, eth1, etc.) it is on. ***

In a terminal window, run

netstat -r

to see the routing table on F. *** Q2. Record the results and explain what each line means. ***

At this point, you might want to borrow 2 or 3 sticky notes from your benevolent professor. Use 1 to record the IP address, interface name, and MAC address of the RUNNING interface on F. Aply the sticky note to the machine near the ethernet port that the information refers to.

On F, make sure you can reach the Internet.

Step 2.

Unplug H from all networks.

*** Q3. Run netstat -r on H. Record your results, along with an intepretation of what you see. ***

Get a hub or switch and plug in H and F to it (so that now F is connected on two ports).

On H, run

Start --> Preferences --> Network Connections.

• Choose "Wired Connection 1", and click "Edit".
• Look to see if the Device MAC Address is the correct one for the interface you plugged in to the switch/hub. If not, choose the other Wired Connection on the previous dialog box.
• Click on the IPv4 Settings tab. Change "Automatic DHCP" to "Manual".
• Click +Add, and put in 10.0.0.2      24     10.0.0.1
• Click Save.
• Type in the mradmin password.
• Click Close.

Run ifconfig to make sure the interface's IP address is set correctly.

Repeat this on machine F now, but ONLY for the interface that is connected to the switch/hub. Use IP address 10.0.0.1 for this interface.

(Now, F is on two networks: the 153.106.*.* network and the 10.0.0.* network.)

Run ifconfig in a terminal window and *** Q4. record in your document the interface names and IP addresses, bcast addresses, and Masks for the 2 interfaces of importance on F. ***

Make sure each machine can ping the other machine.

Run netstat -r on F and *** Q5. record what the routing table shows, and interpret the results. ***

Step 3.

Try to ping the 153.106 interface of F from H. *** Q6. Can you reach the 153.106 interface from H? Why? ***

Make sure machine O is connected to the 153.106 network only (green ethernet cable). Find the IP address of machine O on the 153.106 network.

*** Q7. Try to ping that IP address from F and from H. Record what you observe. ***

Stop the pings.

To explain what you observe, start up wireshark (under "sudo") on F twice. On the first instance, only capture packets on one interface. On the second instance, capture on the other interface. In each case, set the filter to only show icmp packets (ping uses ICMP).

Now, ping from F to O like you did above. You should see the packets in one wireshark window only. Now, ping from H to O. *** Q8. Record and interpret what you observe. ***

*** Q9. From all these observations, what can you deduce? ***

Step 4.

Just because a machine is on two networks, as F is, does not mean that it will pass packets (i.e., route packets) received on one interface to the other interface. To make a machine do this, you have to set up IP forwarding on the machine.

Search the Google and figure out how to enable IP forwarding on an Ubuntu box. I searched for "ubuntu enable IP forwarding". Then, make it so (using the sysctl command), on F.

*** Q10. Record what you did to turn on IP forwarding. ***

Now, start up the ping on H (or perhaps it is still running) to O like before. Do you see the packets in the wireshark windows on F?
*** Q11. Record what you observe now. Has something changed? ***

*** Q12. Are you getting ping responses back to H? If not, why not? ***

Step 5.

Start up wireshark on O and see what icmp messages are being received and sent. *** Q13. Record what you observe. ***

*** Q14. Look at the routing table on O. Does it say where to send packets destined to network 10.0.0.*? ***

On O, you need to set up a host-specific route so that if O receives a packet from H, it knows how to send a response back -- via F. To do this, type this on O:

route add -host 10.0.0.2 gw 153.106.117.203 (<-- replace 153.106.117.203 with F's IP address on the 153.106 network.)

Once you do this, you should see ping packets flow back and forth between H and O, through F, and you should see them on all 3 wiresharks that you have running.

*** Q15. Run netstat -r and record and interpret the results. ***

Note that while is routing packets between hosts H and O (which are on different networks), F is not a true router here: it is not advertising on both networks that it forwards packets between the two networks. That's why we had to set up O and H to forward packets to F in order to get the packets to flow back and forth between the two. But, in our current setup, O and H are able to send any traffic to each other.

Clean up your stuff and reboot all machines. Thanks.

Submit your lab report on moodle.

Go away and enjoy your weekend.