Networks Configuration

Here, I show how to configure networks by building the required networks and simulate packet interchange as required by the given tasks below.

1. Subnetworks, Switches, Hubs.
1.1 Create three subnetworks: several PCs connected to a switch, the switch is connected to one of the router's ports (subnet 1); several PCs connected to a hub, the hub is connected to one of another router's ports (subnet 2); routers from subnet 1 and 2 connected through other available ports (subnet 3). Choose the connection interface for subnet 3 yourself.


Built a network according to the giving instructions; below shows
the network scheme, the green dot on the connections shows that
the devices are connected to the network:
Figure 1
1.2 Configure the three subnetworks statically such, that:
1.2.1 subnet 1 does not allow the connection of more than 5 end devices (e.g., PCs),
1.2.2 subnet 2 can have at most (choose a number from the following: 64, 128, 512, 1024, 2048) possible addresses,
1.2.3 subnets 1, 2 and 3 all have different network addresses.
➢ NB! For this task you can assume both classful and classless network addressing architectures. In either case, the calculation and specification of IP addresses and subnet masks should be explained.
For Subnet 1 in task 1.2.1
According to the question that the subnet 1 should be networked as not to allow the connection of more than 5 end devices. In figure 1 the subnet 1 is already connected with two desktop computers, now these devices are four in numbers and therefore subnet 1 is only possible to accept 2 more connection of device and nothing more. I have used as the subnet mask since I need 6 host IPs together with a mask of 8 IPs. Also, I had assigned as the default gateway IP address, whereas the Network ID and the broadcast ID range from to
For Subnet 2 in task 1.2.2

In this subnet, I chose 64 addresses and my calculation was based on subtracting 64 from 256 which gives 192. Therefore I had considered the subnet mask address for this as The possible IP address that will be usable in this case range from to meanwhile the will represent the Network address and broadcast address will be

For question 1.2.3

From figure 1, I have assigned a different network address to each subnet.

For subnet 3

This represents the default gateway which I have assigned the next latest IP address number after the network address of each subnet. E.g. the router connected to the subnet 1 had been assigned an IP with whereas the one connected to subnet 2 had been assigned also I connected the two router with and IP address respectively. In this case, I have used the network with 2 hosts and have the mask address

1.3 Answer the following questions:
  • What happens if a sixth PC is connected to subnet 1? What does not allow the connection to be established?
The network is configured to accept 6 devices. One device is a router and other 5 devices are PCs.The reason is that there is no free IP-address for the 6th PC in this subnet. Any other valid IP-address will be outside the subnet, so direct communication with this subnet won't be possible.
  • How many addresses of subnet 2 can be used as actual host addresses (depending on your chosen number)?

In my case the number of host addresses that can be used is 62; I arrived at this value by subtracting the network and broadcast addresses from the actual 64. In this case 64-2 = 62 the actual host addresses.

  • Is it possible to limit the number of connections of subnet 3 to only the one between the two routers?
Since there are only two IP addresses for hosts in this case, it is possible and in my case, the subnet I used here is

  • What are the address ranges of subnets 1, 2 and 3? This means, what is the lowest and highest possible address for any of the subnets?
The address ranges of subnet 1 are from lowest the network ID to the highest representing the broadcast address.

The address ranges of subnet 2 are from lowest represents the network ID to the highest that represents the Broadcast address.

The address ranges of subnet 3 are from lowest that represents the network address to highest that represents the broadcast address.
1.4  Send a PDU from a PC in subnet 1 to a PC in subnet 2. Analyze the PDU headers at each intermediate network node (in Simulation mode) and explain the following:
Subnet 1 Subnet 3 Subnet 2
Figure 2
• By what means does each node know where to send the PDU next? Using what type of address, of which device (if any)
Internet protocol address is used in this case to allow the communication process of PDU.

The possibility of sending is from the second level of OSI which is the Data Link level.  I sent PDU from Desktop PC1 to Laptop0 and since the Laptop0 is not in the same network with Desktop PC1, therefore, the message passes from Desktop PC1 through the switch and from this to the default gateway which in this case is the router 0. The router 0, in this case, locate its route connection to subnet 2 through another router, in this case, the router 1.

Router 1, therefore, gets PDU with necessary IP and passes it to the hub. And since the hub are connected with devices, it, therefore, sends PDU data to each host located within the subnet 2. In addition to the functionality of the hub, data transmission occurs at the physical layer of the OSI model.

• At what layer of the OSI model are these operations performed on each node?
In hub data exchange between connected hosts occurs mostly at first level of the OSI which is the physical layer.

Inter-data across subnets occurs at the 3rd level of the OSI model which is the Network layer.

Data transmit within the same network happens at the 2nd  layer of the OSI model which is the data link layer.        
How is the PDU transferred from one subnetwork to the other? Specifically, what happens on the router?
PDU transferred was possible from one subnet to another subnet(s) through sending of data across default gateway; the default gateway makes use of router which based on the configuration checks to which destination the data should be sent to. The process of sending the data is according to the logical connection of the network in figure 1. 

For example sending data from PC1 transmit from the devices through the switch to the router 0, and passes it to router1 which receives the PDU with the host IP  and transfers it to the hub which then transfers the PDU further to each host in subnet 2.

The routers here serve as default gateways that check for destination routes, i.e. to which destination data should be sent to and passes on according to the route validation.

1.5. In Simulation mode create a scenario, which results in a packet collision either in subnet 1 or subnet 2. Explain the following:
Figure 3: Collision view

• What causes the collision?
The reason for the collision here was because hub has a collision domain, which then permits the sending of data from one host to several hosts in a network at the same time. Therefore multiple data sending at the same time leads to a collision.

How can this type of collision be avoided? Can it be done by reconfiguring the devices or the use of different hardware is required?


In other to avoid this type of collision switch should be considered instead of hub, the reason is that switch doesn’t send data to every host in the network instead it sends a broadcast message.

Explain the differences between a switch and a hub. Is it wise to connect a large number of devices to a switch or to a hub? In what situation is a switch advantageous and when is a hub?


Switch doesn’t send data to everyone in a network at the same time but hub does.
When a frame arrives at the switch the switch examines the destination mac address of the frame and forward the frame out of it port and connected to the device that has the mac address. This is different from how hub behaves by sending all frames to everyone in the network

Switch operates in the data link layer, which means that it operates at layer 2 of the OSI model, meanwhile, Hub operates in the Physical layer.

Switch is an intelligent device and is more secure while hub is a non-intelligent device.

Hub can be advantageous when considering cheaper devices to use in a network but less secure than switch.

2.      DHCP, DNS, NAT, Firewall
Figure 4
2.1 Create a network corresponding to the left side of the diagram (confined in the box). Several PCs and a server are connected to one of the router’s ports through a switch. Configure the server to provide DHCP service to this subnetwork – after server configuring all the nodes in the subnetwork must obtain dynamic IP addresses from the DHCP server. Demonstrate how the addresses are assigned.

Below I created a network figure 4.1 shows which correspond to the left side of figure 4 as instructed:
Figure 4.1: DHCP server configuration
The configuration of the DHCP server figure 5,  follows:
Figure 5 DHCP Server Configuration

According to task 2.1, it must be shown how the nodes within this subnet get their IP, after the configuration of the DHCP Server, The two diagram below name figure6 and figure 7 show how the two  PC’s connected to this network dynamically received their IP right after the configuration of the DHCP server. 

It should be noted that, during the configuration of the server, I had assigned IP address for the DHCP server to be since the default gateway address was assigned to be right in the Router1, therefore the starting point of IP addresses that could be shared within the network starts from, and  this first  possible IP was assigned to PC1 and was dynamically allocated to PC0.
Figure 6: PC0 Dynamic IP address obtained from DHCP Server
Figure 7:  PC1 Dynamic IP address obtained from DHCP Server

2.2 Remove the DHCP server from the subnetwork and configure DHCP on the router. Demonstrate how the IP addresses are assigned by DHCP on the router.
• In what situation is a separate DHCP server typically used and when it is better to just configure the LAN DHCP on a router?

As the name specified, here I have to configure the router so that the PC’s connected to it can dynamically receive IP address, in this case, the DHCP Server must be cut off from the network.

I started by enabling the Router, which immediately after that I started the configuration of the router, from config I route it down to DHCP-config since I need the router, in this case, to be able to assign an IP address to the nodes connected directly to it.

 I defined the network address and the sub-mask address of this network right after that I specified that the default network address for the router is, which must only serve as the router IP address within that network, I also used the command “Ip DHCP excluded-address” and the address we have to exclude in this case is the default IP address that  must not be reused within pool Homework2.2 as an assigned  IP address to other nodes, this of course will not allow conflict to occur within the network because the default IP is excluded.

Below shows the commands used for this demonstration:

Router#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#ip dhcp pool Homework2.2
Router(dhcp-config)#ip dhcp excluded-address
%SYS-5-CONFIG_I: Configured from console by console

Building configuration...

After the configuration, dynamic IP addresses have been supplied to both PC0 and PC1 as shown in the below images (figure 8 and figure 9).
Figure 8: PC0 Dynamic IP assigned from router

Figure 9: PC1 dynamic IP assigned from the router
2.3  Create the remaining part of the network: two servers are connected to another router through a switch. Configure the parameters of this subnetwork statically. The router is connected to the router from Task 2.1. through a serial interface. Thus you must obtain three subnetworks, similar to Task 1 (without host number restrictions).
Figure 10: Network without host restriction

2.4 On one of the servers create a simple HTTP webpage (be creative;). This server will be the HTTP server. Demonstrate that the webpage can be opened by a PC from the left subnet. Now, configure the other server to be the DNS server, i.e., it must convert the numeric identifier of the webpage (IP address) to a text-based identifier (webpage name). For the webpage identifier, choose, where yourname is your name. Demonstrate that the webpage is opened from a PC’s browser by its domain text name.

I created a simple HTTP webpage through the HTTP server right under the tab named “services”  I have chosen HTTP and edit the index.html for customization purpose.
                                          Figure 11: HTTP configuration and index.html
Figure 12 below, shown the configuration of the DNS Server  which actually converts the numeric identifier of the webpage IP address to a text-based identifier (
 Figure 12: Assignment of text-based name to in DNS Server

What actually happened in Figure 12, was that I opened the DNS Server, which has an IP There I navigated to “services” and next to the DNS, where I was able to assign the text-based identifier in “name” field and I use the “address” textbox to input the address of the website and click add button to add the details. Therefore, it is possible for PC from the left subnet to access this webpage by using the DNS address to look it up.

The question further emphasized that it must be shown how PC from the left subnet can open the webpage with it domain text name; to do this I have used the browser from PC1. I navigated to the web browser with these commands: PC1 à DESKTOP à WEB BROWSER, figure 13.
Figure 13:  Demonstrate opening webpage from PC 1

2.5  Static NAT. Configure NAT on the right router, so that the local address of the HTTP server is hidden from the outside networks. Specify a public address, by which a connection to the HTTP server can be established from the outside. Demonstrate that the PCs from the left subnet cannot connect to the webpage using the server’s local address, and can connect only by the server’s public address.

Below, I show the code that I used for the Static NAT configuration on the right router. With that, I was able to hide the IP address of the HTTP server from to This means that whenever is accessed from the webpage a request timeout will be the reply(figure 13), but using the public IP address it will display result from the webpage(figure 14).
Static NAT configuration
Figure 13: Local address of HTTP Server is not accessible with its normal IP address
Figure 14: Public address accessing HTTP Server 

2.6  NAT Overload, or PAT. Configure NAT on the left router, so that the local addresses of all the PCs in the subnetwork are hidden from the outside networks. Demonstrate that the local IP addresses are hidden from the devices outside this subnetwork – the PDUs incoming to and outgoing from the left router’s WAN port does not contain any local addresses of the left subnet, only its public address. 
• Name the advantages of using NAT.

The advantage of NAT is that it helps to hide the real IP address from the public. It helps to assign a cover-up IP address that can be seen publicly.

• What is the difference between Static NAT and NAT Overload? In what situations is one or another applied?

Static NAT (Network address translation) will assign internet protocol address to a local IP address of local area network. Meanwhile, NAT Overload consists of the mixture of both static and dynamic NAT. It allows given one specific IP address for every local address in local area network. We can apply NAT to small network whereas we can apply NAT Overload to bigger networks.
Figure 15: Hide IP address

2.7   Create firewall rules for PC1 in the left subnetwork (from Task 2.1) such, that PC1 would not be able to access the webpage on the HTTP server. At the same time, PC1 should be able to ping the HTTP server. Demonstrate the result. Create firewall rules for PC2 in the same subnetwork such, that it would block DNS data. At the same time, PC2 should be able to ping the HTTP server. Demonstrate, that PC2 cannot access the webpage by using its text domain name.

Here, shown that PC1 would not be able to access the webpage on the HTTP server, what  I did was that I deny access to the IP’s corresponding to the HTTP servers in the PC1 firewall configuration.
Figure 16: Firewall configuration on PC1 blocking HTTP data

Ping from PC1 to HTTP Server after firewall configuration is done successfully.
  Figure 17: Ping from PC1 to HTTP server

Here, I have created firewall rules for PC2, such that, it would block DNS data from subnet 3. This will allow the Hostname Unresolved(Figure 20) whenever accessing the domain name of the HTTP webpage. Whereas we can still get to this webpage using the IP address ( of the webpage(Figure 19).
 Figure 18: Firewall configuration on PC2 blocking DNS data
Figure 19: Webpage accessible with IP address

 Figure 20: PC2 cannot access the webpage by using a domain name

What are the Remote IP and Remote Wildcard Mask settings in the firewall settings? What was your logic in choosing the appropriate values for these settings?
   Figure 21: showing Wildcard in Table
The remote IP address is, As we can see from the above figure 21, Wildcard reduces the number of calculations in each of the columns in the table. It is used to either deny or give access to some certain IP address. And in this case, the used represents in the netmask.

• Would PC2 still be able to access the webpage by using its numerical identifier (IP address) and why?

Yes, and the reason is that PC2 can access the IP address of the HTTP server directly even though the DNS data has been blocked by a firewall in the PC2 firewall configuration.

No comments:

Post a Comment

Note: only a member of this blog may post a comment.

New Post

New style string formatting in Python

In this section, you will learn the usage of the new style formatting. Learn more here . Python 3 introduced a new way to do string formatti...