Chapter 4 : Lab 4.5.1 Identifying Traffic Flows

Step 1: Cable and configure the current network

a. Referring to the topology diagram, connect the console (or rollover) cable to the console port on the

router and the other cable end to the host computer with a DB-9 or DB-25 adapter to the COM 1 port.

Ensure that power has been applied to both the host computer and router.

b. Establish a HyperTerminal or other terminal emulation program to the router.

c. From the command prompt on Host1, ping between Host1 and Discovery Server to confirm network

connectivity. Troubleshoot and establish connectivity if the pings fail.

Step 2: Configure NetFlow on the interfaces

From the global configuration mode, issue the following commands to configure NetFlow:

FC-CPE-1(config)#interface fastethernet 0/0

FC-CPE-1(config-if)#ip flow egress

FC-CPE-1(config-if)#ip flow ingress

FC-CPE-1(config-if)#interface fastethernet 0/1

FC-CPE-1(config-if)#ip flow ingress

FC-CPE-1(config-if)#ip flow egress

Step 3: Verify the NetFlow configuration

a. From the privileged EXEC mode, issue the show ip flow interface command.

FC-CPE-1#show ip flow interface

FastEthernet0/0

ip flow ingress

ip flow egress

FastEthernet0/1

ip flow ingress

ip flow egress

Confirm that the output shown above is displayed. Troubleshoot your configuration if this output is not

displayed.

b. From the privileged EXEC mode, issue the following command to ensure that flow cache statistics are

reset:

FC-CPE-1#clear ip flow stats

Step 4: Create network data traffic

A range of network application data flows is to be generated and captured. Generate as many of the data

flows shown below as is possible in your lab. Your instructor will advise you of the particular applications that are available to be used in this lab.

a. Ping the Discovery Server from Host1 to generate a data flow.

From the command line of Host1, issue the command ping 172.17.1.1 -n 200

b. Telnet to the Discovery Server from Host1.

If Discovery Server is being used, issue the command telnet server.discovery.ccna from the

command prompt of Host1.

If Discovery Server is not being used, DNS is not configured , or if a terminal program such as

HyperTerminal or TeraTerm is being used, telnet from Host1 to 172.17.1.1.

c. On Host1, launch a web browser and enter the URL http://server.discovery.ccna

If Discovery Server is not being used or DNS is not configured, then use http://172.17.1.1 to access

the web services configured on that server.

d. Use FTP to download a file.

On Host1, launch a web browser and enter the URL ftp://server.discovery.ccna, or issue

ftp server.discovery.ccna from the command line. If DNS is not configured use the IP

address 172.17.1.1 instead of the domain name.

Download a file from the server.

e. If email accounts have been configured using the POP3 and SMTP services on Discovery Server,

send an email using one of these accounts.

Step 5: View the data flows

At the conclusion of the data flow, view the details by issuing the show ip cache flow command from privileged EXEC mode.

FC-CPE-1#show ip cache flow

Output similar to this will be displayed.

IP packet size distribution (3969 total packets):

1-32 64 96 128 160 192 224 256 288 320 352 384 416 448 480

.000 .351 .395 .004 .011 .001 .005 .009 .001 .002 .005 .001 .000 .000 .000

512 544 576 1024 1536 2048 2560 3072 3584 4096 4608

.000 .000 .013 .000 .195 .000 .000 .000 .000 .000 .000

IP Flow Switching Cache, 278544 bytes

2 active, 4094 inactive, 1368 added

22316 ager polls, 0 flow alloc failures

Active flows timeout in 30 minutes

Inactive flows timeout in 15 seconds

IP Sub Flow Cache, 17416 bytes

0 active, 1024 inactive, 0 added, 0 added to flow

0 alloc failures, 0 force free

1 chunk, 0 chunks added

last clearing of statistics 02:50:15

Protocol Total Flows Packets Bytes Packets Active(Sec) Idle(Sec)

——– Flows /Sec /Flow /Pkt /Sec /Flow /Flow

TCP-Telnet 9 0.0 13 47 0.0 5.2 10.8

TCP-FTP 28 0.0 7 62 0.0 0.8 10.4

TCP-WWW 64 0.0 7 138 0.0 0.3 2.1

TCP-other 16 0.0 75 840 0.1 0.0 4.1

UDP-DNS 878 0.0 1 72 0.0 0.0 15.4

UDP-other 347 0.0 3 88 0.1 4.5 15.5

ICMP 26 0.0 1 70 0.0 0.8 15.4

Total: 1368 0.1 2 318 0.3 1.2 14.6

< output omitted >

From your output, list the name of each protocol with the number of flows. Answers vary. Examples shown.

Telnet 9 flows

FTP 28 flows

WWW 64 flows

DNS 878 flows

ICMP 26 flows

TCP other 16 flows

UDP other 347 flows

What was the total number of packets generated? 3969 packets

Which protocol generated the most packets? TCP other (75 x 16 = 1200)

Which protocol produced the most bytes per flow? TCP other (75 x 840 = 63000)

Which protocol’s flows were on the network the longest time? Telnet 5.2 sec

Which protocol used the longest amount of network time? UDP other (4.5 x 347 = 1561.5 sec)

Step 6: Clean up

Erase the configurations and reload the routers and switches. Disconnect and store the cabling. For PC hosts that are normally connected to other networks (such as the school LAN or to the Internet), reconnect the appropriate cabling and restore the TCP/IP settings.

Step 7: Reflection

Create a projected applications document listing the applications planned to use the network.

Application Type Application Protocol Prioritas Comments
Email MS Outlook SMTP Menengah Semua pengguna
Voice Call Manager/SIP VRTP Tinggi Semua pengguna
Web Apache Server HTTP Rendah Semua pengguna
Database SQL Server TCP Menengah Restricted user

 



Tinggalkan Balasan

Isikan data di bawah atau klik salah satu ikon untuk log in:

Logo WordPress.com

You are commenting using your WordPress.com account. Logout / Ubah )

Gambar Twitter

You are commenting using your Twitter account. Logout / Ubah )

Foto Facebook

You are commenting using your Facebook account. Logout / Ubah )

Foto Google+

You are commenting using your Google+ account. Logout / Ubah )

Connecting to %s