Network lab 15

# Network lab 15 ## Sergey Makarov #### Task 1, 2, 3: Deploy switches, PCs and configure them ![](https://i.imgur.com/i9CTxCW.png) Here it is, with all IP's. #### Task 4: Explore switching table ![first](https://i.imgur.com/ogTz4bk.png) ![second](https://i.imgur.com/vTxWZym.png) ![third](https://i.imgur.com/dbi92SS.png) #### Task 5: Run ICMP request and explore switching table I don't know why in previous task switching tables are not empty. Maybe it is due to STP and DTP packets, that are broadcasted by switches and therefore the table is filled. Anyway, after ICMP message I've got another picture (screen with previous table to check I haven't clear it). Quite strange behaviour, I didn't expect this table to be cleared even though records are dynamic. ![](https://i.imgur.com/vjfpGZI.png) #### Task 6: Run simulation mode, clear a switching table and send ICMP requests. How does switch fill up the switching table? In fact, if PC does not know mac of another one, it first send broadcast ARP, and thus switching tables are filled after resolution of mac adress due to big amount of ARPs. But if PC knows mac, and switching tables are empty, they simply multicast this message, put address of sender to a table and then, when receiver answer, put his address to table too. This multicast will be dropped by each PC except the receiver. #### Task 7: Find ARP packets and explore their structure. What are they needed for? As I told, they are needed in order to resolve mac address of host in LAN. Ethernet is a standard for LAN, but this protocol uses mac addres, and sender usually know only IP, and thus on link layer of sender ARP is used to send packet through Ethernet knowing only the IP. * Request: Has both hardware and protocol addresses (mac and ip respectively) of sender and receiver. THA of receiver is usually to be discovered, so if opcode is "request" this field is ignored. There are also flags HTYPE, PTYPE, HLEN and PLEN, which correspond to hardware type (usually Ethernet), protocol type (IP), Hardware and protocol length (length of address in bytes) * Response: Looks quite similar, but has reversed addresses (receiver sends it), another opcode and both SHA and TPA are valid. #### Task 8: Show ARP table of PC ![](https://i.imgur.com/LMoNMLD.png) Here it is, nothing special, just relation between HA and PA. #### Task 9: Send a packet from one PC to another in Green zone. Is it possible that User from Yellow zone will be able to catch the packet and read it? If yes, How? Is it possible to avoid this situation? If yes, How? In fact, yes, there can be a way to do it. Consider situation PC in Green zone has hardware address of another one. Then he will send ethernet packet with receiver's HA, but in case switch does not have it's address in switching table, it will simply multicast it, and then in normal situation it should be dropped by yellow PCs, but it may be the case yellow will catch it. To prevent this, VLAN, is used, and using DTP some interfaces will not be used in multicast from this address.