Static Routing Labs
Static Routing Labs
Static Routing Labs
In this lab you will work with four different network topologies. The topology for Parts 1-4 is
shown in Figure 3.1. These parts address router configuration on Linux PCs and a Cisco
Router. The topology for Part 5 is shown in Figure 3.2. This topology is used to study the role of
ICMP route redirect message. For Part 6, we add one more router to the topology of Part 5 and
examine the effect of routing loops. The topology for Part 7 is shown in Figure 3.4. There, you
explore the relationship between network prefixes and IP forwarding.
For further lab works, you might work with two network interfaces from each PCs. To configure
the network two interfaces from GNS3 and Virtual Box, please follow the instructions.
Lab 3 Page 1
PART 1. Configuring a CISCO Router
The setup of the Cisco router is more involved. There are different ways to connect to a Cisco
router such as by the Serial or Ethernet ports or connections. The first step is to start the router
in GNS3, and then open the console window so that the configuration commands can be
entered. Once in the console you have to type IOS commands using the command line interface
of IOS. The network setup for this part is as shown in Figure 3.1 and Table 3.1.
1. Connect the Ethernet interfaces of the Linux PCs and the Cisco router as shown in Figure
3.1. Do not turn on the Linux PCs yet.
3. Right-click on Router1 and choose Console. Wait a few seconds until the router is
initialized. If everything is fine, you should see the prompt shown below. This is the User
EXEC mode. If the prompt does not appear, try to restart GNS3 and repeat the setup again.
Router1>
Router1> ?
5. To view and change system parameters of a Cisco router, you must enter the Privileged
EXEC mode by typing:
Router1> enable
Router1#
Router1#
disable
Lab 3 Page 2
NOTE
The Cisco routers in GNS3 sometimes start up in Privileged instead of the User
EXEC mode. There is no explanation as to why that happens.
7. To modify system wide configuration parameters, you must enter the global configuration
mode. This mode is entered by typing:
Tip:
Almost all terminal commands can be reduced to shorter commands.
Example: configure terminal can be reduced to conf t
8. To make changes to a network interface, enter the interface configuration mode, with the
command:
The name of the interface is provided as an argument. Here, the network interface that is
configured is FastEthernet0/0.
9. To return from the interface configuration to the global configuration mode, or from the
global configuration mode to the Privileged EXEC mode, use the exit command:
Router1(config-if)# exit
Router1(config)# exit
Router1#
The exit command takes you one step up in the command hierarchy. To directly return to
the Privileged EXEC mode from any configuration mode, use the end command:
Router1(config-if)# end
Router1#
10. To terminate the console session from the User EXEC mode, type logout or exit:
Lab 3 Page 3
Router1> logout
Router1 con0 is now available
Press RETURN to get started.
Router1> exit
Router1 con0 is now available
Press RETURN to get started.
2. Right-click on Router1 and choose Console. Wait some seconds until the initial console
window is set up. When the router is ready to receive commands, proceed to the next step.
ip routing no ip routing
Enables or disables IP forwarding. When it is disabled, it also deletes the content of the
routing table.
no shutdown shutdown
Lab 3 Page 4
Router1> enable
Router1# configure terminal
Router1(config)# no ip routing
Router1(config)# ip routing
Router1(config)# interface FastEthernet0/0
Router1(config-if)# ip address 10.0.2.1 255.255.255.0
Router1(config-if)# no shutdown
Router1(config-if)# interface FastEthernet0/1
Router1(config-if)# ip address 10.0.3.1 255.255.255.0
Router1(config-if)# no shutdown
Router1(config-if)# end
Tip:
"no ip routing" is used to guarantee that the routing cache is empty, not routing table.
4. When you are done, use the following command to check the changes you made to the
router configuration, and save the outputs:
The IOS command to configure static routing is ip route. The command can be used to show,
clear, add, or delete entries in the routing table. The commands are summarized in the list
below.
Lab 3 Page 5
IOS MODE: PREVILEGED EXEC
show ip route
clear ip route *
show ip cache
ip route-cache no ip route-cache
Adds or delets a static routing table entry to destination with netmask mask. Here, the
next-hop information is the name of a network interface (e.g. FastEthernet0/0).
We next show some examples for adding and deleting routing table entries in IOS. Note that
whenever an IP address is configured for a network interface on a router, routing table entries
for the directly connected network are added automatically.
Lab 3 Page 6
The command for adding a route for the network address 10.0.1.0/24 with 10.0.2.22 as the
next-hop address is
NOTE
This is very important because if you do not set up the IP routes between the routers,
the routers will never be able to ping each other from remote networks.
The command bellow is to add a host route to host IP address 10.0.2.65 with the next-hop set
to 10.0.1.21. In IOS, a host route is identified by a 32 bit prefix.
The command to add the IP address 10.0.4.4 as the default gateway is done with the
command
Finally to delete the any specific entry use the no ip route command. For example:
1. Display the content of the routing table with show ip route. Note the routing entries that
are already present. Save the output.
2. Add routing entries to Router1, so that the router forwards datagrams and operates correctly
for the configuration shown in Figure 3.1. Routing entries should exist for the following
networks.
a) 10.0.1.0/24
b) 10.0.2.0/24
c) 10.0.3.0/24
3. Display the routing table again with show ip route and save the output.
Lab Questions
Explain the fields of the routing table entries of the Cisco router.
PART 2. Configuring a LINUX PC as an IP Router
Lab 3 Page 7
Any Linux PC with at least two network interfaces can be set up as an IP router. Configuring a
Linux PC as an IP router involves two steps: (1) modifying the configuration of Linux, so that IP
forwarding is enabled, and (2) configuring the routing table. Figure 3.1 shows the network
topology. PC1 and PC4 are hosts, and PC2 will be set up as an IP router.
3. Issue a ping command from PC1 to PC2, Router1 and PC4, respectively.
Lab Questions
Use the saved data to answer the following questions:
What is the output on PC1 when the ping commands are issued?
Which packets, if any, are captured by Wireshark?
Do you observe any ARP or ICMP packets? If so, what do they indicate?
Why are some of the destinations not reachable? Which ones are they?
The command echo writes the given argument, here, the string 1, to the standard output. Using
the redirect operator (>) and a filename, the output of the command is written to a file. The
command has an immediate effect. However, changes are not permanent and are lost when the
system is rebooted.
Lab 3 Page 8
IP forwarding is disabled with the command
Modifying the IP forwarding state permanently requires changes to the configuration file
/etc/sysctl.conf. IP forwarding is enabled if the file contains a line net.ipv4.ip_forward
= 1, and IP forwarding is disabled when the line does not exist or the file contains the line
net.ipv4.ip_forward = 0. Changes to the configuration /etc/sysctl.conf take effect the
next time Linux is rebooted.
1. Check whether PC2 is enabled to forward IP packets with the following command:
3. Use the sysctl command from Step 1 again to check that PC2 has IP forwarding enabled.
Configuring static routes in Linux is done with the command route, which has numerous
options for viewing, adding, deleting, or modifying routing entries. The various uses of the route
command are summarized in the list below.
Lab 3 Page 9
route add net netaddress netmask mask gw gw_address
route add net netaddress netmask mask dev iface
Adds a routing table entry for the network prefix identified by IP address netaddress
and netmask mask. The next-hop is identified by IP address gw_address or by
interface iface.
route -e
Displays the current routing table with extended fields. The command is identical to
the netstat r command.
route -C
Displays the routing table cache.
Example: The command for adding a route for the network address 10.21.0.0/16
with next-hop address 10.11.1.4 is
In Linux, there is no simple way to delete all entries in the routing table. When the commands
are issued interactively in a Linux shell, the added entries are valid until Linux is rebooted. To
make static routes permanent, the routes need to be entered in the configuration file
/etc/sysconfig/static-routes, which is read each time Linux is started.
Lab 3 Page 10
Tip: The listed commands are helpful to get information on routing and to find
mistakes in the routing setup. The ping command tests whether IPaddr can be
reached or not, and the traceroute command displays the route to an IPaddr.
1. Configure the routing table entries of PC1 and PC4. You can either specify a default route or
you insert separate routing entries for each remote network. For this exercise, add a route
for each individual remote network. As a hint, here is the configuration information for PC4.
2. Configure the routing table entries of the IP router PC2. The correctness of the routing
entries will be tested soon.
3. Display the routing table of PC1, PC2, and PC4 with netstat rn and screenshot the
output.
Lab Questions
Explain the entries in the routing table and discuss the values of the fields for each entry.
Lab 3 Page 11
PART 3. Finalizing and Exploring the ROUTER
Configuration
If the configuration of PC2 and Router1 was done correctly, it is now possible to send IP
datagrams between any two machines in the network shown in Figure 3.1. In most real network
configurations, the network configuration requires additional changes before all hosts and
routers can send and receive IP datagrams. However, if the network is not configured properly,
you will need to debug and test your setup. The table below illustrates several common
problems that may arise. Since it is impossible to cover all scenarios, network debugging is a
crucial skill that you need to attain for your lab experiments to work well.
Traffic does not reach Network interface not Verify the interface
destinations on local subnet. configured correctly. configuration with show
protocols (in IOS) or
ifconfig (in Linux).
Incorrectly connected or loose
cables. Verify the connection of the
interfaces on GNS3.
Traffic reaches router, but is not IP forwarding is not enabled. Use show protocols to
forwarded to remote subnets. display forwarding status in IOS
and sysctl in Linux
ICMP request messages Routing tables are not correctly Run ping and traceroute
reaches destination, but ICMP configured for the reverse path. in both directions.
reply does not reach source.
A change in the routing table The ARP cache has old entries. Flush the ARP table. In Linux,
has no effect on the flow of delete entries with arp d
traffic. IPAddress. In IOS, use the
command clear arp.
Lab 3 Page 12
Exercise 3(A). Finalizing the network setup
1. Test the network configuration by issuing ping commands from each host and router to
every other host and router. If some ping commands do not work, you need to modify the
software configuration of routers and hosts. If all ping commands are successful, the
network configuration is correct, and you can proceed to the next step.
3. Execute a traceroute command from PC1 to PC4, and save the output.
4. Execute a trace command from Router1 to PC4, and save the output.
5. Stop Wireshark and save the captured traffic. Observe how traceroute commands gather
route information.
Lab Question
Using the Wireshark output and the previously saved routing tables, explain the operation of
traceroute command.
This exercise requires manipulations to the ARP cache. The arp command in Linux was
covered in Lab 2. The list shows corresponding IOS commands for Cisco routers.
Lab 3 Page 13
IOS MODE: PRIVILEGED EXEC
show ip arp
clear arp
4. Save the packet transmissions triggered by the ping command, including ARP Request,
ARP reply, ICMP Echo Request, ICMP Echo Reply on both PC1 and PC4.
Lab Questions
Determine the source and destination addresses in the Ethernet and IP headers, for the
ICMP Echo Request messages that were captured at PC1.
Determine the source and destination addresses in the Ethernet and IP headers, for the
ICMP Echo Request messages that were captured at PC4.
Use your answers above to explain how the source and destination Ethernet and IP
addresses are changed when a datagram is forwarded by a router.
Lab 3 Page 14
Exercise 3(C). Order of the routing table lookup
A router or host uses a routing table to determine the next hop of the path of an IP datagram.
Generally, routing table entries are sorted in the order of decreasing prefix length, and are read
from top to bottom. In this exercise, you determine how an IP router or Linux PC resolves
multiple matching entries in a routing table.
From Exercise 1(C), there should be a network route for the network prefix 10.0.3.0/24. If
there is no such route, then add the following entry:
2. Referring to the routing table, determine how many matches exist for the following IP
addresses:
a) 10.0.3.9
b) 10.0.3.14
c) 10.0.4.1
3. Start a Wireshark session on PC1, and issue the following ping commands from PC1:
Note that gateways with IP addresses 10.0.1.61, 10.0.1.71, and 10.0.1.81 do not
exist.
Lab Question
Use the saved output to indicate the number of matches for each of the IP addresses above.
Based upon what you have seen, explain how PC1 resolves multiple matches in the routing
table. Depending on how you set up PC1s routing table, you will get different responses (i.e., if
you used default route or explicit entries for 10.0.2.0 and 10.0.3.0).
Lab 3 Page 15
Exercise 3(D). Default routes
1. Delete the routing table entries added in Step 1 of Exercise 3(C) above using the "route del"
command. (Otherwise, the entries will interfere with the remaining exercises in this lab.)
a) On PC1, add a default route with interface eth0 of PC2 as the default gateway.
b) On PC2, add a default route with interface FastEthernet0/0 of Router1 as the default
gateway.
3. Start to capture traffic on PC1 and PC2 (on both eth0 and eth1) with Wireshark.
4. Issue a ping command from PC1 to a host on a network that does not exist.
Lab Questions
Use the saved output to answer the following questions.
Lab 3 Page 16
PART 4. PROXY ARP
Proxy Address Resolution Protocol (Proxy ARP) enables a host to send packets to remote
subnets without using its routing table. Proxy ARP is a configuration option when an IP router
responds to ARP Requests that arrive from one of its connected subnets for a host that is on
another of its connected subnets. Without Proxy ARP enabled, an ARP Request for a host on a
different network would be unsuccessful, since routers do not forward ARP packets to another
subnet.
In this part, you explore how Proxy ARP enables routers to forward an IP datagram even though
the sender of the datagram is not aware that the IP datagram should be forwarded to a router.
Continue with the network configuration from Figure 3.1, and with IP addresses as shown in
Table 3.1. The commands to enable and disable Proxy ARP in IOS are listed below.
ip proxy-arp no ip proxy-arp
Proxy ARP is enabled and disabled separately on each interface. In IOS, proxy ARP is
enabled by default.
2. Set the netmask of PC4 to 255.0.0.0, so that PC4 assumes it belongs to subnet
10.0.0.0/8, not 10.0.3.0/24.
3. Run Wireshark on PC4, PC2 (eth1), and PC1. Set a display or capture filter to ICMP and
ARP packets only.
Even though PC4 had no default routing entry in its table for Router1, it was still able to
connect to PC1, i.e., you should not observe a network unreachable response.
5. Save the ARP table of PC4 and the packets captured by Wireshark on the hosts.
Lab 3 Page 17
7. Now, disable Proxy ARP on both interfaces of Router1. Is it still feasible to issue a ping from
PC4 to PC1?
8. Reset the subnet mask of PC1 to its original value of 255.255.255.0. Re-enable Proxy
ARP on Router1.
Lab Question
Use the captured data to explain the outcome of the exercise.
Use the data to explain how Proxy ARP allowed PC4 to communicate with PC1.
Lab 3 Page 18
PART 5. ICMP ROUTE REDIRECT
ICMP route redirect messages are sent from a router to a host, when a datagram should have
been forwarded to a different router or interface. In Linux, an ICMP route redirect message
updates the routing cache, but not the routing table.
Both the routing cache and the routing table contain information for forwarding traffic. Before a
Linux system performs a routing table lookup, it first inspects the routing cache. If no matching
entry is round in the cache, Linux performs a lookup in the routing table. After each routing table
lookup, an entry is added to the routing cache. The routing cache does not aggregate table
entries, and there is a separate entry for each destination IP address. As a consequence, a
lookup in the routing cache does not require a longest prefix match. An entry in the routing
cache is deleted if it has not been used for some time, usually after 10 minutes. When an ICMP
Redirect message arrives, an entry is added to the routing cache, but no update is performed to
the routing table.
Recall the following commands to display the contents of the routing cache in Linux (Ubuntu):
In this part of the lab, you will use three Cisco routers. Figure 3.2 and Table 3.2 describe the
network configuration for the exercises below.
Lab 3 Page 19
Cisco Routers FastEthernet0/0 FastEthernet0/1
In the network shown in Figure 3.2, when PC2 sends datagrams with destination 10.0.3.10
(PC3) to 10.0.2.1 (Router1), as opposed to 10.0.2.2 (Router2), then Router1 sends an ICMP
route redirect message to PC2. The ICMP route redirect informs PC2 that it should send
datagrams with destination 10.0.3.10 to Router2 instead.
In this exercise, you will create the above scenario. You will trigger the transmission of an ICMP
Route Redirect message and subsequently observe a change to the routing cache.
1. Connect the Ethernet interfaces of the routers and the hosts to the hubs as shown in Figure
3.2.
2. Delete the routing table entries and ARP cache entries on all PCs and on Router1.
5. Build a new static routing entry on Router1 for network 10.0.3.0/24 to Router2
(FastEthernet0/1)
6. ICMP redirect messages can be used to attack a network. For this reason, hosts by default
ignore ICMP redirect messages. As a similar process to ip_forward in Exercise 2(B), on a
Linux system, the accept_redirects variable controls whether the host can accept or not a
redirect ICMP message.
Lab 3 Page 20
a) Use sysctl command to verify the current ICMP redirect status on PC2
c) Use the sysctl command again to ensure that the parameter change occurred.
7. Set up the routing table of PC2 in such a way that it provokes the transmission of an ICMP
route redirect message as discussed above. In other words, force it to send the packet to a
router other than the one you would expect to have it use to get to PC3.
8. Save the contents of the routing table and the routing cache on each of Router1, Router2,
and PC2.
10. Use Wireshark to capture the ICMP messages being sent, and issue a ping from PC2 to
PC3.
11. Save the network traffic and the contents of the routing table and the routing cache of PC2,
and Router1, Router2 after the ICMP redirect messages.
12. Wait a few minutes with no action and check the contents of the routing cache again. Save
the output.
Lab Questions
Is there a difference between the contents of the routing table and the routing cache
immediately after the ICMP route redirect message?
When you viewed the cache a few minutes later, what did you observe?
Describe how the ICMP route redirect works using the outputs you saved. Include only
relevant data from your saved output to support your explanations.
Explain how Router1, in the above example, knows that datagrams destined to network
10.0.3.10 should be forwarded to 10.0.2.2?
Lab 3 Page 21
PART 6. Routing LOOPS
A potential problem when setting routing tables manually is that routing loops may occur. In this
part of the lab, you will intentionally configure a loop in the network configuration and observe
what happens to network traffic in such a situation.
2. Set up all the PC routing tables to allow communication between all 4 PCs.
3. Configure the routing tables of Router2, Router3 and Router4, so that an ICMP Echo
Request message generated by a ping from PC4 to PC1 creates an infinite loop. Issue a
traceroute to verify that a loop exists:
5. Issue a ping from PC4 to PC1. You should observe the same ICMP Echo Request message
looping in Wireshark.
Lab 3 Page 22
6. Save the routing tables of Router2, Router3 and Router4. Count the number of times you
see the ICMP Echo Request message, as captured by Wireshark on PC4. Save at least two
of these ICMP Echo Request messages.
Lab Questions
Are the two packets that you saved identical? If not, what is different?
Why does the ICMP Echo Request packet not loop forever in the network?
Lab 3 Page 23
PART 7. NETWORK PREFIXES and ROUTING
In this exercise you study how the network prefixes (netmasks) play a role when hosts
determine if a datagram can be directly delivered or if it must be sent to a router.
This part uses the network setup shown in Figure 3.4. The network includes one router, four
hosts and two hubs. The IP addresses of all devices are given in Table 3.4. Here, each host has
only a default route. In other words, the routing table at a host only knows about the directly
connected networks and the default gateway.
Lab 3 Page 24
Exercise 7. Exploring the role of prefixes at hosts
In this exercise, you explore how hosts that are connected to the same local area network, but
that have different netmasks, communicate or fail to communicate.
1. Configure the hosts and the router to conform to the topology shown in Figure 3.4, using the
IP addresses as given in Table 3.4. Note that PC2, PC3, and PC4 have different netmasks.
2. Add Router1 as default gateway on all hosts. (PC1, PC2, PC3, and PC4.)
b) Start Wireshark on PC1 and on PC3, and set the capture filter to capture ICMP and ARP
packets only.
c) Issue a ping command from PC1 to PC3 for at least two sends (-c 2).
d) Save the output of the ping command at PC1 and the output of Wireshark on PC1 and
PC3.
e) Save the ARP tables, routing tables, and routing caches of each host. Please note that
these are the tables entries from Step 3 after the ping commands are issued.
b) Start Wireshark on PC3, and set the capture filter to capture ICMP and ARP packets
only.
c) Check the ARP table, routing table, and routing cache of each host. Save the output.
Please note that these are the table entries from Step 4 before the ping is issued.
d) Issue a ping command from PC3 to PC4 for at least three sends (-c 3)
e) Save the output of the ping command and the output of Wireshark on PC3.
f) Save the ARP table, routing table, and routing cache of PC3. Please note that these are
the table entries from Step 4 after the ping commands are issued.
5. Repeat Step 4, but this time issue a ping from PC3 to PC2. Note that once an entry is made
in the routing cache, you cannot repeat the previous experiment to obtain the same results.
You have to wait until the routing cache is reset or you can delete all the routing caches on
all devices.
Lab 3 Page 25
Lab Questions
Explain what you observed in steps 3, 4 and 5. Use the saved data to support your answers.
Provide explanations of the observations. Try to explain each observed phenomenon, e.g., if
you observe more ICMP Echo Requests than Echo Replies, try to explain the reason.
If PC3 had no default entry in its table, would you have seen the same results? Explain for
each of the pings above what would have been different.
Lab 3 Page 26