Step 1: Cable and configure the current network
a. Cable the topology given in the diagram. Ensure that power has been applied to both the host
computer and router.
b. Establish a HyperTerminal or other terminal emulation program to the routers and configure the
hostname and interfaces shown in the table.
c. Set a clock rate on the DCE interface of the serial link between R2 and R3. Routing will have to be
configured on the three routers to establish data communications.
d. From PC1, ping and PC2 and Discovery Server to confirm network connectivity. Troubleshoot and
establish connectivity if the pings fail.
Step 2: Configure NetFlow on the router FC-CPE-1 interfaces
From the global configuration mode, issue the following commands to configure NetFlow on the router FCCPE-1.
FC-CPE-1(config)#interface fastethernet 0/0
FC-CPE-1(config-if)#ip flow egress
FC-CPE-1(config-if)#ip flow ingress
FC-CPE-1(config-if)#interface fastethernet 0/1
FC-CPE-1(config-if)#ip flow ingress
FC-CPE-1(config-if)#ip flow egress
Step 3: Verify the NetFlow configuration
a. From the privileged EXEC mode on router FC-CPE-1, issue the show ip flow interface
command.
FC-CPE-1#show ip flow interface
FastEthernet0/0
ip flow ingress
ip flow egress
FastEthernet0/1
ip flow ingress
ip flow egress
Confirm that the output shown above is displayed. Troubleshoot your configuration if this output is not
displayed.
b. From the privileged EXEC mode, issue the following command to ensure that flow cache statistics are
reset:
FC-CPE-1#clear ip flow stats
Step 4: Configure NetFlow on the router FC-CPE-2 interfaces
From the global configuration mode, issue the following commands to configure NetFlow on the router FCCPE-
2:
FC-CPE-2(config)#interface fastethernet 0/0
FC-CPE-2(config-if)#ip flow egress
FC-CPE-2(config-if)#ip flow ingress
FC-CPE-1(config-if)#interface fastethernet 0/1
FC-CPE-2(config-if)#ip flow ingress
FC-CPE-2(config-if)#ip flow egress
FC-CPE-1(config-if)#interface serial 0/1/0
FC-CPE-2(config-if)#ip flow ingress
FC-CPE-2(config-if)#ip flow egress
FC-CPE-2(config-if)#end
Step 5: Verify the NetFlow configuration
a. From the privileged EXEC mode on router FC-CPE-2, issue the show ip flow interface
command.
FC-CPE-2#show ip flow interface
FastEthernet0/0
ip flow ingress
ip flow egress
FastEthernet0/1
ip flow ingress
ip flow egress
Serial0/1/0
ip flow ingress
ip flow egress
Confirm that the output shown above is displayed. Troubleshoot your configuration if this output is not
displayed.
b. From the privileged EXEC mode, issue the following command to ensure that flow cache statistics are
reset:
FC-CPE-2#clear ip flow stats
Step 6: Configure NetFlow on the router ISP interfaces
From the global configuration mode, issue the following commands to configure NetFlow on the router ISP:
ISP(config)#interface fastethernet 0/1
ISP(config-if)#ip flow ingress
ISP(config-if)#ip flow egress
ISP(config-if)#interface serial 0/0/0
ISP(config-if)#ip flow ingress
ISP(config-if)#ip flow egress
ISP(config-if)#end
Step 7: Verify the NetFlow configuration
a. From the privileged EXEC mode on router ISP, issue the show ip flow interface command.
ISP#show ip flow interface
FastEthernet0/1
ip flow ingress
ip flow egress
Serial0/1/0
ip flow ingress
ip flow egress
Confirm that the output shown above is displayed. Troubleshoot your configuration if this output is not
displayed.
b. From the privileged EXEC mode, issue the following command to ensure that flow cache statistics are
reset:
ISP#clear ip flow stats
Step 8: Create network data traffic
A range of network application data flows between the remote site, the FilmCompany LAN, and the network server is to be generated and captured. Generate as many of the data flows shown below as is possible in your lab. Your instructor will advise you of the particular applications that are available to be used in this lab.
a. On both PCs launch a web browser and enter the URL http://server.discovery.ccna
If Discovery Server is not being used, or DNS is not configured, then use http://172.17.1.1 to
access the web services configured on that server..
b. Use FTP to download a file.
On both PCs, launch a web browser and enter the URL ftp://server.discovery.ccna, or issue
ftp server.discovery.ccna from the command line. If DNS is not configured use 172.17.1.1
instead of the domain name. Download a file from the server.
c. If email accounts have been configured using the POP3 and SMTP services on Discovery Server,
send two emails in each direction between the user on the LAN and the Remote User using these
accounts.
d. To simulate data traffic between the two PCs, ping between them. Attempt to establish a Telnet
session between the two PCs. If file sharing has been enabled, copy a file in both directions between
the two.
Step 9: View the data flows
a. At the conclusion of the data flow, view the details by issuing the show ip cache verbose flow
command from privileged EXEC mode on each router.
FC-CPE-1#show ip cache verbose flow
FC-CPE-2#show ip cache verbose flow
ISP#show ip cache verbose flow
Router 1 – Sample Output
FC-CPE-1#show ip cache verbose flow
IP packet size distribution (1050 total packets):
1-32 64 96 128 160 192 224 256 288 320 352 384 416 448 480
.000 .672 .278 .015 .000 .007 .000 .000 .000 .000 .000 .000 .001 .003 .000
512 544 576 1024 1536 2048 2560 3072 3584 4096 4608
.001 .000 .003 .011 .003 .000 .000 .000 .000 .000 .000
IP Flow Switching Cache, 278544 bytes
1 active, 4095 inactive, 150 added
2280 ager polls, 0 flow alloc failures
Active flows timeout in 30 minutes
Inactive flows timeout in 15 seconds
IP Sub Flow Cache, 21640 bytes
1 active, 1023 inactive, 27 added, 27 added to flow
0 alloc failures, 0 force free
1 chunk, 0 chunks added
last clearing of statistics 00:12:31
Protocol Total Flows Packets Bytes Packets Active(Sec) Idle(Sec)
——– Flows /Sec /Flow /Pkt /Sec /Flow /Flow
TCP-FTP 8 0.0 7 54 0.0 3.7 12.1
TCP-WWW 8 0.0 5 196 0.0 0.2 1.5
TCP-SMTP 16 0.0 15 72 0.3 15.8 1.7
TCP-other 32 0.0 11 77 0.5 2.2 1.5
UDP-DNS 49 0.0 5 67 0.3 6.1 15.6
UDP-other 38 0.0 1 83 0.0 0.0 15.4
Total: 151 0.2 6 77 1.4 4.3 10.2
SrcIf SrcIPaddress DstIf DstIPaddress Pr TOS Flgs Pkts
Port Msk AS Port Msk AS NextHop B/Pk Active
FC-CPE-1#
Router 2 – Sample Output
FC-CPE-2#show ip cache verbose flow
IP packet size distribution (982 total packets):
1-32 64 96 128 160 192 224 256 288 320 352 384 416 448 480
.000 .665 .164 .016 .000 .008 .000 .000 .000 .000 .000 .000 .002 .004 .000
512 544 576 1024 1536 2048 2560 3072 3584 4096 4608
.002 .000 .004 .128 .004 .000 .000 .000 .000 .000 .000
IP Flow Switching Cache, 278544 bytes
3 active, 4093 inactive, 145 added
2617 ager polls, 0 flow alloc failures
Active flows timeout in 30 minutes
Inactive flows timeout in 15 seconds
IP Sub Flow Cache, 21640 bytes
2 active, 1022 inactive, 50 added, 50 added to flow
0 alloc failures, 0 force free
1 chunk, 0 chunks added
last clearing of statistics 00:11:43
Protocol Total Flows Packets Bytes Packets Active(Sec) Idle(Sec)
——– Flows /Sec /Flow /Pkt /Sec /Flow /Flow
TCP-Telnet 6 0.0 3 45 0.0 3.6 10.7
TCP-FTP 8 0.0 7 54 0.0 3.7 11.8
TCP-WWW 8 0.0 5 196 0.0 0.2 1.7
TCP-SMTP 16 0.0 15 72 0.3 15.8 1.6
TCP-other 32 0.0 11 77 0.5 2.2 1.4
UDP-DNS 8 0.0 1 69 0.0 0.1 15.3
UDP-other 59 0.0 1 55 0.0 0.0 15.4
ICMP 9 0.0 4 60 0.0 4.3 15.4
Total: 146 0.2 5 76 1.2 2.8 9.7
SrcIf SrcIPaddress DstIf DstIPaddress Pr TOS Flgs Pkts
Port Msk AS Port Msk AS NextHop B/Pk Active
Fa0/1 0.0.0.0 Null 255.255.255.255 11 00 10 120
0044 /0 0 0043 /0 0 0.0.0.0 604 729.9
Se0/1/0 10.10.10.2 Null 224.0.0.9 11 C0 10 1
0208 /0 0 0208 /0 0 0.0.0.0 52 0.0
IPM: 0 0
FC-CPE-2#
Router 3 – Sample Output
ISP#show ip cache verbose flow
IP packet size distribution (502 total packets):
1-32 64 96 128 160 192 224 256 288 320 352 384 416 448 480
.000 .709 .225 .015 .000 .007 .000 .001 .000 .000 .000 .000 .000 .007 .000
512 544 576 1024 1536 2048 2560 3072 3584 4096 4608
.003 .000 .003 .015 .007 .000 .000 .000 .000 .000 .000
IP Flow Switching Cache, 278544 bytes
1 active, 4095 inactive, 90 added
1274 ager polls, 0 flow alloc failures
Active flows timeout in 30 minutes
Inactive flows timeout in 15 seconds
IP Sub Flow Cache, 21640 bytes
1 active, 1023 inactive, 25 added, 25 added to flow
0 alloc failures, 0 force free
1 chunk, 0 chunks added
last clearing of statistics 00:11:21
Protocol Total Flows Packets Bytes Packets Active(Sec) Idle(Sec)
——– Flows /Sec /Flow /Pkt /Sec /Flow /Flow
TCP-Telnet 6 0.0 3 45 0.0 3.6 10.7
TCP-WWW 8 0.0 5 196 0.0 0.2 1.5
TCP-SMTP 8 0.0 18 70 0.2 21.3 1.5
TCP-other 16 0.0 12 83 0.2 4.3 1.5
UDP-DNS 8 0.0 1 69 0.0 0.1 15.4
UDP-other 33 0.0 1 87 0.0 0.0 15.4
ICMP 10 0.0 4 60 0.0 5.4 15.5
Total: 89 0.1 5 85 0.7 3.6 10.1
SrcIf SrcIPaddress DstIf DstIPaddress Pr TOS Flgs Pkts
Port Msk AS Port Msk AS NextHop B/Pk Active
Se0/1/0 10.10.10.1 Null 224.0.0.9 11 C0 10 1
0208 /0 0 0208 /0 0 0.0.0.0 92 0.0
IPM: 0 0
ISP#
b. Examine the output and record the different data flows for each router.
c. Discuss and compare the data flows for each router. Particularly consider how recording these flows
can assist in understanding which network devices and resources are used for particular flows.
Step 10: Clean up
Erase the configurations and reload the routers and switches. Disconnect and store the cabling. For PC hosts that are normally connected to other networks (such as the school LAN or to the Internet), reconnect the appropriate cabling and restore the TCP/IP settings.
Challenge
This lab simulates the flow of traffic to and from FilmCompany remote sites. These data flows for a production network would be much more extensive and recorded over a greater period of time, perhaps a full working week. Additionally, remote access would most likely be established using VPNs (Virtual Private Networks) across the Internet or a WAN. On the FilmCompany initial current network topology shown on the next page, add two remote site hosts attached to the “far” side of the cloud icon. Draw a circle that encloses the remote access links to the FilmCompany network and server. In this case study initially, the FilmCompany remote sites access its network across the Internet.
One of the objects of this analysis is to establish the benefits of using a dedicated WAN link using Frame
Relay for the stadium-based remote sites to access the FilmCompany network.
Using the data flows recorded in this lab as a starting point, use different colors to mark on the diagram the different data flows between the remote hosts and devices on the FilmCompany network.
Tidak ada komentar:
Posting Komentar