CMIT 350 Name:___________________________ Review of LAN networking. Bold your answers. On the PC: Network interface adapter/"card" (NIC): Port LEDs: Number of them, what labeling, color(s), behavior: _________________________________________________________________ _________________________________________________________________ _________________________________________________________________ Patch cable label (what is printed on the cable): especially, what category of UTP cable _________________________________________ What and where does the other end of the patch cable plug into: ___________________ CMD command prompt: Start | Run | cmd Start | All Programs | Accesories | Command Prompt > ipconfig IP Address:___________________ Subnet Mask:___________________ Default Gateway:___________________ >ipconfig /all Ethernet adapter Local Area Connection Description___________________ Make and model Physical Address___________________ MAC/hardware/BIA Dhcp Enabled___________________ DHCP Server___________________ DNS Servers___________________ Lease Obtained___________________ Lease Expires___________________ >ipconfig /renew Renew IP configuration from DHCP server Lease Obtained___________________ Lease Expires___________________ 'ping' sends an ICMP Echo Request to, and gets ICMP Echo Response from, a computer/node/host. ping is the basic networking troubleshooting tool. You can use it to track down a problem by starting at the computer and moving progressively outward. ping the default gateway. What is the average round trip time:____________ 1. First question you need to know: Is TCP/IP networking working on the computer? > ping localhost 'localhost' is always a synonym for self. In the unlikely event that TCP/IP is not installed or running, ping will indicate. Where is the ping reply coming from:________________ (this is a special IP address called the "loopback" device of address that is always associated with the local host.) What are the time units:__________________ What is the amount of time each ping takes:_______________ > ping 127.0.0.1 Ping the loopback address. Any difference in the ping times:________ Anything sent to localhost or the loopback device never leaves the computer. Pinging the localhost works even if not connected to the network. Second question you need to ask yourself as you track down a networking or connectivity problem: 2. Can the computer communicate with another computer on the LAN with TCP/IP? Ping your neighbor's computer by its IP address (ask your neighbor what his/her IP address is): ___________________ Roughly how many times faster is pinging the localhost than pinging your neighbor:___________ If you can't ping hosts in the network the problem might be: --bad cable somewhere (your patch cable or horizontal cabling or your neighbor's patch cable or horizontal cabling or a patch cable in the wiring closet), --cable is unplugged somewhere (check the NIC's Link LED), --you don't have correct IP address, --firewall is blocking pings --switch port misconfigured (e.g. wrong VLAN or MAC-based port security), ping uses IP address as destination, even for a destination in the LAN. You can't ping by MAC address, not even for a MAC in the LAN. Ping the default gateway by its IP address. How does pinging the default gateway compare with pinging your neighbor, timewise:_______________ IP addresses starting with 192.168. are special unregistered addresses for private internal networks not directly accessible from the Internet. These computers are "hidden" from the Internet by the router/default gateway which does a translation to and from the 192.168 address to an Internet-accessible "registered" IP address (this process is called NAT: network address translation). Notice that all the IP addresses in our network start with 192.168.0. because that is the network portion of the IP address, the last octet being the host portion. Ping your instructor's computer wireless by its IP address 192.168.0.x (where x is TBD). How does pinging it compare with pinging your neighbor or the default gateway, timewise:_______________ It's on the same network but the wireless segment will typcially be slower than the wired part. Third question in the progressive movement outward from localhost, to LAN, to internetwork. 3. Can the computer communicate with another computer on a different network (LAN) in the same organization? Unfortunately we don't have another LAN here. Finally, do we have connectivity to the Internet: 4. Can the computer communicate with some computer on the Internet? ping 66.218.71.80 This is an IP address that has been assigned to some organization. What is the Average time:____________________________ Run: ping -? to see the list of possible switches/options for ping and find the one that will translate an IP address into its hostname (what is the switch:____) and rerun the above command to find the hostname of the host at that IP address and ping it by its name:______________________________ What's a long time to ping? ping can ping by IP address or by DNS hostname. ping www.cenpac.net.nr nr is the country code for Nauru, an island nation out in the Pacific, What is the Average time:____________________________ It's using a satellite link, which are slow. ping chels.anadyr.ru What is the Average time:____________________________ All communication outside a LAN goes through the default gateway (a router). Those pings first went from your computer to the default gateway in a frame with your computer's MAC as the source and the default gateway's MAC as the destination. That was their first step, or "hop". From the default gateway the pings were sent into the internetwork, possibly making many hops (each hop is a router) before arriving at the IP destination. The replies came back to the default gateway from the internetwork and then were put in a frame with its MAC as the source and your MAC as the destination (the default gateway might have first had to do an ARP broadcast to find out your MAC). Communication within a LAN is by Ethernet (data-link layer) frame, which has source and destination MAC address fields. ARP is used to find the MAC address of a given IP address. > arp -a to see the ARP cache What IP to MAC address mappings does it have now, if any: __________________________ __________________________ ping 192.168.0.197. What has been added to the ARP cache: __________________________ Your computer ARP broadcast an ARP request ("whoever is 192.168.0.197 tell me your MAC address") into the LAN which was answered by that computer informing you of its MAC address and then your computer could send the pings to it. ping www.yahoo.com and then ping www.google.com Run arp -a to see the ARP cache now. Are any of those distant computers in the ARP cache?:_____ MAC addresses are only for communicating within ONE LAN! All communication to computers in other networks goes through the default gateway. Your computer is oblivious about those other networks, it only knows to send packets destined to them to the default gateway. > tracert www.yahoo.com The tracert command shows the times to go to each router along the path from your computer to the destination. The big gap around hops 9 or 10 is the traversal under the Pacific on a fiber optic cable, which by itself takes approximately ______________ ms. tracert www.nypl.org (New York Public Library) "Request timed out" indicates blocking of the tracert packets and you might as well stop the tracert command by Ctrl-C. The path goes from your computer to default gateway, to several routers at KDD (our ISP) in Naha (seems like and probably) these are the hops that are 30 ms away, then to mainland Japan and more routers (50-60 ms), then jumps the puddle to West coast and more routers, then jumps to East coast or maybe goes indirectly,... Notice that some routers have names instead of only IP addresses. The names can give a clue of where the router is or the network provider (the Internet's backbones), any examples: ____________________________________________________ Tracert works by taking advantage of the TTL (Time To Live) field in IP packets. The original sender of the packet includes a TTL value in each packet it generates. Each router along the path the packet takes decrements the TTL value. If a packet's TTL reaches zero the router is supposed to discard the packet and send an ICMP "Time Exceeded" packet back to the sender. This is to prevent endlessly travelling or circulating packets in the internet. The source is being informed that its packet was terminated, an example of ICMP's IP error-reporting purpose. Tracert sends IP packets with increasingly larger TTL values starting with one then incrementing so that each next hop router will be reached, the TTL will expire there, that router will send back the TTL Exceeded packet and so tracert can determine the router's IP and the amount of time to reach it. TCP Ports Close your web browser. > netstat There probably won't be any connections. If there are paste them here: _____________________________________________ Open a web browser, go to the class web site. Do netstat again, what connection(s) have been made: (Firefox makes some connections to itself on the same host, ignore those, only look at foreign addresses that are not localhost) _______________________________________________ _______________________________________________ _______________________________________________ To what well-known port (by name) on the server has a connection been Established:_______ What ephemeral port on your system is the other end of this Established connection:_______ netstat by default shows DNS names and port names instead of IP addresses and port numbers. The -n option shows the numerics. Do the same with netstat -n What well-known port (by number) on the server is being used:_______ netstat -a -p tcp shows connections and TCP "listeners", i.e. servers that are waiting for connection requests from clients. What are the names and well-known port numbers (-n) of these listeners: _______________________________________________ _______________________________________________ _______________________________________________ (these are for Windows networking )