Lab 4.5.4 Diagramming External Traffic Flows
Step 1: Cable and configure the current network
a. Cable the topology given in the diagram. Ensure that power has been applied to both the host
computer and router.
b. Establish a HyperTerminal or other terminal emulation program to the routers and configure the
hostname and interfaces shown in the table.
c. Set a clock rate on the DCE interface of the serial link between R2 and R3. Routing will have to be
configured on the three routers to establish data communications.
d. From PC1 ping both PC2 and Discovery Server to confirm network connectivity. Troubleshoot and
establish connectivity if the pings fail.
Step 2: Configure NetFlow on router FC-CPE-1 interfaces
From the global configuration mode, issue the following commands to configure NetFlow on the router FCCPE-1.
FC-CPE-1(config)#interface fastethernet 0/0
FC-CPE-1(config-if)#ip flow egress
FC-CPE-1(config-if)#ip flow ingress
FC-CPE-1(config-if)#interface fastethernet 0/1
FC-CPE-1(config-if)#ip flow ingress
FC-CPE-1(config-if)#ip flow egress
FC-CPE-1(config-if)#end
Step 3: Verify the NetFlow configuration
a. From the privileged EXEC mode on router FC-CPE-1, issue the show ip flow interface
command.
FC-CPE-1#show ip flow interface
FastEthernet0/0
ip flow ingress
ip flow egress
FastEthernet0/1
ip flow ingress
ip flow egress
Confirm that the output shown above is displayed. Troubleshoot your configuration if this output is not
displayed.
b. From the privileged EXEC mode, issue the following command to ensure that flow cache statistics are
reset:
FC-CPE-1#clear ip flow stats
Step 4: Configure NetFlow on router FC-CPE-2 interfaces
From the global configuration mode, issue the following commands to configure NetFlow on the router FCCPE-2:
FC-CPE-2(config)#interface fastethernet 0/0
FC-CPE-2(config-if)#ip flow egress
FC-CPE-2(config-if)#ip flow ingress
FC-CPE-2(config-if)#interface fastethernet 0/1
FC-CPE-2(config-if)#ip flow ingress
FC-CPE-2(config-if)#ip flow egress
FC-CPE-2(config-if)#interface serial 0/1/0
FC-CPE-2(config-if)#ip flow ingress
FC-CPE-2(config-if)#ip flow egress
FC-CPE-2(config-if)#end
Step 5: Verify the NetFlow configuration
a. From the privileged EXEC mode on router FC-CPE-2, issue the show ip flow interface
command.
FC-CPE-2#show ip flow interface
FastEthernet0/0
ip flow ingress
ip flow egress
FastEthernet0/1
ip flow ingress
ip flow egress
Serial0/1/0
ip flow ingress
ip flow egress
Confirm that the output shown above is displayed. Troubleshoot your configuration if this output is not
displayed.
b. From the privileged EXEC mode, issue the following command to ensure that flow cache statistics are
reset:
FC-CPE-2#clear ip flow stats
Step 6: Configure NetFlow on router ISP interfaces
From the global configuration mode, issue the following commands to configure NetFlow on the router ISP:
ISP(config)#interface fastethernet 0/1
ISP(config-if)#ip flow ingress
ISP(config-if)#ip flow egress
ISP(config-if)#interface serial 0/1/0
ISP(config-if)#ip flow ingress
ISP(config-if)#ip flow egress
ISP(config-if)#end
Step 7: Verify the NetFlow configuration
a. From the privileged EXEC mode on router ISP, issue the show ip flow interface command.
ISP#show ip flow interface
FastEthernet0/1
ip flow ingress
ip flow egress
Serial0/1/0
ip flow ingress
ip flow egress
Confirm that the output shown above is displayed. Troubleshoot your configuration if this output is not
displayed.
b. From the privileged EXEC mode, issue the following command to ensure that flow cache statistics are reset:
ISP#clear ip flow stats
Step 8: Create network data traffic
A range of Internet application data flows between PC2 (the Internet) and the FilmCompany network is to be generated and captured. Generate as many of the data flows shown below as it is possible in your lab. Your instructor will advise you of the particular applications that are available and to be used in this lab.
a. On PC2, launch a web browser and enter the URL http://server.discovery.ccna
If Discovery Server is not being used, or DNS is not configured, then use http://172.17.1.1 to
access the web services configured on that server.
b. Use FTP to download a file.
On PC2, launch a web browser and enter the URL ftp://server.discovery.ccna, or issue ftp
server.discovery.ccna from the command line. If DNS is not configured use the IP address
172.17.1.1 instead of the domain name. (example: http://172.17.1.1 )
Download a file from the server.
c. If email accounts have been configured using the POP3 and SMTP services on Discovery Server,
send two emails from PC2 using these accounts.
Step 9: View the data flows
a. At the conclusion of the data flow, view the details by issuing the show ip cache verbose flow
command from privileged EXEC mode on each router.
FC-CPE-1#show ip cache verbose flow
FC-CPE-2#show ip cache verbose flow
ISP#show ip cache verbose flow
b. Examine the output and record the different data flows for each router.
c. Discuss and compare the data flows for each router. Particularly consider how these flows differ from
Lab 4.5.3 and the implications this has in understanding which network devices and resources are
used for particular flows.
Step 10: Clean up
Erase the configurations and reload the routers and switches. Disconnect and store the cabling. For PC hosts that are normally connected to other networks (such as the school LAN or to the Internet), reconnect the appropriate cabling and restore the TCP/IP settings.
Challenge
This lab simulates the flow of traffic to and from FilmCompany network and the Internet. These data flows for a production network would be much more extensive and recorded over a greater period of time, perhaps a full working week. On the FilmCompany initial current network topology shown on the next page, highlight the network Internet link. Using the data flows recorded in this lab as a starting point, use different colors to mark on the diagram the different possible data flows between the hosts and devices on the FilmCompany network to and from the Internet.
Tidak ada komentar:
Posting Komentar