IP Exercises
Chapter 1
IP
Exercises
Exercise 1 -1
The Intranet shown in the gure is based on IP to interconnect dierent Ethernet networks.
Internet
147.83.39.1/30
147.83.1.0/28
ServerFarm
Network
W
H1
147.83.39.2/30
eth2
147.83.1.1/28
eth0
R1
147.83.1.6/28
eth0
eth1
eth0
147.83.1.13/28 DB
SW1
eth1
H2
Intranet
Backbone
Network
eth1
R2
eth0
Intranet
eth0
R3
eth0
...
MarketingNetwork
#hosts=100
... H3
EngineeringNetwork
#hosts=50
The Intranet belongs to a company that has two servers: a WEB server (
DB).
eth0
W)
These servers are placed in a network called Server Farm Network, which is constructed with an
H1).
In addition, the company has two other networks: one for the Marketing
H2
and
H3)
interconnected with a network called Intranet Backbone Network. In this case, the network is constructed
with a full-duplex switch of 100 Mbps (
SW1).
The range 147.83.1.0/24 is available for addressing the entire Intranet. The
connects the Intranet to the Internet is congured with 147.83.39.2/30.
eth2
interface of
R1 that
100 employees and Engineering department has 50 employees. Each employee has a host with an Ethernet
3
network interface card (Ethernet NIC). For assigning the IP subnets, you must select always the largest
subnets possible.
1. Can you use FLSM? Why?
Do the subnetting for the Intranet with the appropriate technique and
explain how do you select a network address for each network. Write down also the broadcast address
for each network and the free addressing space that you do not need to use.
For populating the routing tables you must consider that the default routes route trac to the Internet,
that the number of entries must be as small as possible with routes of the minimal number of hops, that you
can use longest match and that the entries of the routing table have the following elds:
Destination
GW
IF
X.X.X.X/mask
Y.Y.Y.Y
ethZ
2. Choose IP addresses for each router's interface. To do so, use the lowest IP address in each subnet for
the interfaces of routers. For your conguration, describe the routing tables of
DB.
HT T P = 6 HT T P requests/second.
The HTTP request size can be considered negligible, while the HTTP
response (that includes the HTML document) occupies 30 maximum Ethernet frames. In addition,
to run a request/response protocol with the
DB
W needs
this protocol uses 10 maximum Ethernet frames and the response uses 25 maximum Ethernet frames.
3. According to the previous data, calculate the rate of correct frames per second (S ) that
H1 must
0.2
0.3
0.4
0.5
0.6
U (Utilization)
0.7
0.8
0.9
4. Using the previous calculation and taking into account that the IP header has 20 bytes, that the MTU
(Maximum Transmission Unit) for Ethernet is 1500 bytes and that the Ethernet header has 26 Bytes,
H1 and use this value to nd out the total link utilization U in H1.
Note. Consider that the ARP trac is negligible compared to other trac.
compute S for
5. Now, suppose that the DB server has a security weakness that allows a hacker to increase the mask
in one bit, i.e. to a /29. If a hacker performs this attack, describe in detail what would happen to the
IP packets traveling from
DB to W.
H1.
7. Give some possible way of protecting your WEB service against this attack by changing the place of
some element of the Intranet or by changing some conguration?
Note. You can assume that all the network interface cards (NICs) are able to negotiate
the link speed to 10 Mbps or 100 Mbps.
Exercise 1 -2
Internet
147.83.74.1
147.83.74.2
eth1
147.83.0.0/24
router1
eth2
172.16.39.17
SW
172.16.39.18
eth2
SW
147.83.1.0/24
...
router2
147.83.14.0/24
eth1
172.16.39.1
172.16.39.5
eth1
SW
172.16.39.2
eth1
routerA
eth2
147.83.15.102
16Addresses
NetA
routerD
eth2
128Addresses
NetD
172.16.39.4
eth1
eth2
172.16.39.3
eth1
eth2
routerB
routerC
64Addresses
NetC
32Addresses
NetB
Intranet
routes route trac to the Internet, that the number of entries must be as small as possible with routes of
the minimal number of hops, that you can use longest match and that the entries of the routing table have
the following elds:
5
Destination
GW
IF
X.X.X.X/mask
Y.Y.Y.Y
ethZ
2.
eth2
of the
eth1
on
router1 is 147.83.74.2/24.
router1 is 147.83.74.1.
ment. If the administrator is in a host with IP address 147.83.15.103, do we need to do NAT (Network
Address Translation) in some router? If so, which one and why? Finally, if the administrator wants
to establish a connection with
Internet
eth1
eth2
32
addresses
eth2
64
C
addresses
routerA
eth1
routerB
eth1
147.83.0.0/24
router1
eth2
eth1
eth2
router2
172.16.1.0/29
eth2 router3
eth1
eth2
routerC
eth1
eth1
routerD
eth2
128
D addresses
172.16.1.32/27
16
addresses
172.16.1.8/29
147.83.1.0/24
...
...
147.83.31.0/24
Intranet
147.83.65.0/24, make an address assignment for the networks A, B, C and D that you observe
in the gure. For this assignment, you should consider the following:
eth2
The
You must leave unallocated the address space that you do not need.
of
The IP addresses assigned to the network interfaces of the routers are the following:
routerA
routerB
routerC
routerD
eth1
eth1
eth1
eth1
router1
router2
router2
router3
172.16.1.10
172.16.1.11
172.16.1.12
172.16.1.4
eth2
eth1
eth2
eth2
172.16.1.1
172.16.1.9
172.16.1.2
172.16.1.3
For populating the routing tables you must consider that the default routes route trac to the Internet,
that the number of entries must be as small as possible with routes of the minimal number of hops,
that you can use longest match and that the entries of the routing table have the following elds:
Destination
GW
IF
X.X.X.X/mask
Y.Y.Y.Y
ethZ
You must only congure the routes necessary to enable the trac between Intranet hosts
and between Intranet hosts and hosts in the Internet.
2. Under the previous assumptions, describe the routing tables of
Exercise 1 -4
Internet
eth0
eth2
routerF
NetA
16Addresses
SW3
NetB
32Addresses
eth1
192.168.0.131
eth2
routerA
routerB eth2
eth2
routerC
eth1
192.168.0.132
SW1
192.168.0.130
eth2
eth1
eth1
192.168.0.129
routerD
eth2
Intranet
192.168.0.0/19
routerE
192.168.0.0/25
router1
192.168.1.0/24
routerX
192.168.X.0/24
eth2
SW2
...
...
192.168.31.0/24
eth2 router31
X=1,2,3,..,31
The networks of the Intranet must be addressed using the range 192.168.0.0/19. As you can observe the
eth1
routerC
routerD
routerE
routerF
1. Considering
ALL
eth1
eth1
eth1
eth1
192.168.0.132
192.168.0.129
192.168.0.130
192.168.0.131
the networks present in the Intranet, you must assign the network addresses for
the networks A, B and you must also assign the IP addresses and Masks to the
eth2
2.
Destination
GW
IF
X.X.X.X/mask
Y.Y.Y.Y
ethZ
3. Consider that all networks with clouds in the gure are completely lled of hosts. In this case, if
we want to allow to send and receive trac from the Internet to all the hosts (only hosts but not
routers) in the Intranet, in which router would you implement NAT? why? Explain how many public
addresses are required for NAT if we use stateless NAT (which assigns one public address to each
private address).
Exercise 1 -5
virt2
eth1
192.168.0.32
01:01
eth1
192.168.0.144
03:01
1
3
Switch
Ethernet
virt3
eth1
192.168.0.96
02:01
2
4
eth1
192.168.0.224
04:01
virt4
As you can observe, we have four machines connected with an Ethernet swith of 4 ports. You can also
observe the MAC addresses and IP addresses assigned to each interface.
virt1
virt1
virt2
virt2
virt3
virt4
#
#
#
#
#
#
i f c o n f i g eth1 192.168.0.32/25
route add net 192.168.0.128/25 gw 192.168.0.96
i f c o n f i g eth1 192.168.0.96/24
echo 1 > /proc/sys/net/ipv4/conf/ a l l /forwarding
i f c o n f i g eth1 192.168.0.144/24
i f c o n f i g eth1 192.168.0.224/25
virt1
# ping c 1 192.168.0.144
ping
command:
In your explanation, detail the packets and frames that will be sent and what will happen in each
device (MAC tables of the switch, ARP caches, routing tables etc.)
2. Like in the previous question, explain in detail what would happen after executing the following
command:
8
ping
virt1
# ping c 1 192.168.0.224
Exercise 1 -6
Intranet
147.83.1.0/24
147.83.0.0/24
...
SW0
...
...
SW1
eth0
eth128
10.0.0.2/24
147.83.127.0/24
...
eth1
RA
SWA
eth128
10.0.0.3/24
eth0
eth127
Internet
eth0
10.0.0.1/24
RB
eth1
SW128
...
147.83.128.0/24
SW127
128 networks
SWB
R1
eth127
R2
...
128 networks
SW255
SW129
...
...
147.83.255.0/24
147.83.129.0/24
for each Ethernet network to which they are connected. These routers also use always the lowest IP address
in each 147.83.X.0/24 network to which they are connected. The hosts have only one Ethernet Card called
eth0.
1. Calculate how many hosts that use IP addresses of type 147.83.X.0/24 can be connected to the routers
2. Assuming that the routing tables are correctly populated in the routers of the Intranet and that all
the caches are empty (ARP caches and MAC tables of switches), explain in detail what would happen
if we send a
ping from 147.83.129.7 (B) to 147.83.1.9 (A). In your explanation, detail the packets and
frames that will be sent and the state of the MAC tables of the switches and the ARP caches.
For the next question consider that the routers do not generate trac.
Ethernet using full-duplex 100 Mbps switches. All the hosts send the same trac to the Internet. There
cannot be congestion (accumulation of packets) at any router and we want to use a 100% the link
R1-R2.
We consider only unicast IP trac to the Internet (not consider ARPs). Consider that the Ethernet frames
have 26 bytes of layer 2 overhead, that IP packets have 20 bytes of layer 3 overhead and that the payload
of the frames is used completely (remember that the MTU of Ethernet is 1500 bytes).
We utilize the IP
3. According to the previous considerations, calculate the maximum goodput that can be generated by
each host.
For the next question consider that the processing delay at the routers can be expressed as:
Tp = n Tentry + 0.1ms
Where
have routing tables such that all the networks and the Internet are accessible and such that these tables use
the minimum number of routes and hops. We keep using the assumption that there cannot be congestion
(accumulation of packets) in any router and that we want to use a 100% the link
9
R1-R2.
4. Calculate
Tentry
at the routers
RA and RB.
obtain the most ecient conguration possible? Can we increase the number of hosts with addresses
147.83.X.0/24?
Following the above conguration and considering that:
We keep using the assumption that there cannot be congestion in any router.
Tentry
for
R1.
echo-request
ping
the routers. All the IP packets of the ICMP message are sent with ag
destination in order. In the
DF = 0.
R1-R2 link, the MTU is reduced from 1500 bytes to 820 bytes.
7. Calculate the Fragment Oset (FO) of the second and third fragments that will arrive to the destination
node.
10
Chapter 1: Solutions
Solution Exercise 1 -1
1. With FLSM we cannot do it. Marketing needs 7 bits for the hostID (/25). With a xed /25 we can
only implement the addressing for two networks but we need addressing 4 networks. We have to do it with
VLSM.
25
26
27
28
29
30
31
32
Net
SF
Free
In decimal:
Network Name
Network Address
SF
147.83.1.0/28
Broadcast Address
147.83.1.15
147.83.1.128/25
147.83.1.255
147.83.1.64/26
147.83.1.127
147.83.1.32/27
147.83.1.63
Free
147.83.1.16/28
147.83.1.31
2. IP assignment:
R1: eth0:
R2: eth0:
R3: eht0:
147.83.39.2/24.
147.83.1.129/25;
Routing Table of
Routing Table of
Routing Table of
R1:
Destination
GW
IF
147.83.1.0/28
0.0.0.0
eth0
147.83.1.32/27
0.0.0.0
eth1
147.83.39.0/30
0.0.0.0
eth2
147.83.1.128/25
147.83.1.34
eth1
147.83.1.64/26
147.83.1.35
eth1
0.0.0.0/0
147.83.39.1
eth2
R2:
Destination
GW
IF
147.83.1.128/25
0.0.0.0
eth0
147.83.1.32/27
0.0.0.0
eth1
147.83.1.64/26
147.83.1.35
eth1
0.0.0.0/0
147.83.1.33
eth1
Destination
GW
IF
147.83.1.64/26
0.0.0.0
eth0
147.83.1.32/27
0.0.0.0
eth1
147.83.1.128/25
147.83.1.34
eth1
0.0.0.0/0
147.83.1.33
eth1
R3:
11
Routing Table of
DB:
Destination
GW
IF
147.83.1.0/28
0.0.0.0
eth0
0.0.0.0/0
147.83.1.1
eth0
H1 is 30 (HTTP response) + 10
U = 0.6
(60%)
DB, the trac from DB to W is not direct anymore. DB sends this trac via R1.
In this case, the number of frames per request that need to be transmitted in
H1
is 30 (HTTP
H1 is using the 100% of shared channel without being able to transmit the number of frames
cards can negotiate the speeds 10/100. Another solution is to change the IP address of
the /29 network of
DB. E.g.
W to an address in
147.83.1.5.
Solution Exercise 1 -2
1. We must design subnetting for nets A, B, C and D using 147.83.15.0/24 (256 addresses).
28-bit mask.
27-bit mask.
Net C requires 64 addresses 26-bit mask.
Net D requires 128 addresses 25-bit mask.
An important fact to realize is that eth2 of routerA must use the address 147.83.15.102 or more precisely
Net A requires 16 addresses
Net B requires 32 addresses
147.83.15.102/28. Notice that the network address for network A can be calculated making a logic and
(&) between the address and the mask:
147.83.15.0
147.83.15.128
NetC
64addresses
147.83.15.0/26
147.83.15.63
147.83.15.64
147.83.15.95
147.83.15.96
147.83.15.111
NetD
128addresses
147.83.15.128/25
NetB
32addresses
147.83.15.64/27
NetA
16addresses
147.83.15.96/28
16addresses
147.83.15.255
2. Routing table of
routerA:
Destination
Routing table of
GW
147.83.15.96/28
0.0.0.0
eth2
172.16.39.0/28
0.0.0.0
eth1
147.83.15.0/26
172.16.39.4
eth1
147.83.15.64/27
172.16.39.3
eth1
147.83.15.128/25
172.16.39.5
eth1
0.0.0.0/0
172.16.39.1
eth1
routerC:
Destination
GW
0.0.0.0
172.16.39.0/28
0.0.0.0
eth1
172.16.39.2
eth1
eth2
147.83.15.64/27
172.16.39.3
eth1
147.83.15.128/25
172.16.39.5
eth1
0.0.0.0/0
172.16.39.1
eth1
router2:
Destination
Routing table of
IF
147.83.15.0/26
147.83.15.96/28
3. Routing table of
IF
GW
IF
172.16.39.16/28
0.0.0.0
eth2
172.16.39.0/28
0.0.0.0
eth1
147.83.15.0/26
172.16.39.4
eth1
147.83.15.64/27
172.16.39.3
eth1
147.83.15.96/28
172.16.39.2
eth1
147.83.15.128/25
172.16.39.5
eth1
147.83.0.0/20
172.16.39.19
eth2
0.0.0.0/0
172.16.39.17
eth2
router1:
Destination
GW
147.83.74.0/24
172.16.39.16/28
IF
0.0.0.0
eth1
0.0.0.0
eth2
147.83.15.0/24
172.16.39.18
eth2
147.83.0.0/20
172.16.39.19
eth2
147.83.74.1
eth1
0.0.0.0/0
13
router2 from 147.83.15.103 we will not need NAT. This is because packets
router2) will travel only inside our Intranet, which is
managed by us. In this Intranet we can use a mix of private and public addresses provided that we properly
route each range.
However, if the administrator tries to access
scenario.
router2
In this latter case, our packets need to travel through the public network.
Remember that we
cannot use private addresses in IP packets that cross Internet and thus, we need to do NAT. The right place
to do NAT is the
router1,
eth1
router2).
of the
As an example, we could do a
Solution Exercise 1 -3
1. Address assignment:
147.83.65.28 (network A) = 10010011.01010011.01000001. 00011100
2. Routing table of
network address
mask
broadcast address
Subnet A
147.83.65.16
/28
147.83.65.31
Subnet B
147.83.65.32
/27
147.83.65.63
Subnet C
147.83.65.64
/26
147.83.65.127
Subnet D
147.83.65.128
/25
147.83.65.255
routerA:
Destination
GW
172.16.1.8/29
eth1
147.83.65.16/28
0.0.0.0
eth2
147.83.65.32/27
172.16.1.11
eth1
147.83.65.64/26
172.16.1.12
eth1
172.16.1.9
eth1
0.0.0.0/0
Routing table of
routerD:
Destination
GW
172.16.1.0/29
0.0.0.0
147.83.65.128/25
Routing table of
IF
0.0.0.0
IF
eth1
0.0.0.0
eth2
147.83.65.0/24
172.16.1.2
eth1
147.83.0.0/19
172.16.1.3
eth1
0.0.0.0/0
172.16.1.1
eth1
router2:
Destination
GW
172.16.1.0/29
0.0.0.0
172.16.1.8/29
IF
eth2
0.0.0.0
eth1
147.83.65.16/28
172.16.1.10
eth1
147.83.65.32/27
172.16.1.11
eth1
147.83.65.64/26
172.16.1.12
eth1
147.83.65.128/25
172.16.1.4
eth2
147.83.0.0/19
172.16.1.3
eth2
0.0.0.0/0
172.16.1.1
eth2
Solution Exercise 1 -4
1. Address assignment. The networks that have been already allocated in the Intranet are:
14
19
20
21
22
23
24
25
26
27
28
29
30
31
32
Net
1.0/24 (256@)
X.0/24 (256@)
31.0/24 (256@)
0.0/25 (128@)
In the network of
19
20
21
22
23
24
25
26
27
28
29
30
31
32
Net
of
The network
3 bits for the
HostID. Therefore:
19
20
21
22
23
24
25
If we assign
26
27
28
30
31
32
Net
/28 (Net A -16@)
19
20
21
22
23
24
25
26
27
28
29
30
31
32
Net
0
1
0
0
1
0
routerD is:
Destination
GW
192.168.0.0/25
192.168.0.128/29
3.
29
We should do NAT in
IF
0.0.0.0
eth2
0.0.0.0
eth1
192.168.0.0/19
192.168.0.130
eth1
192.168.0.128/26
192.168.0.132
eth1
0.0.0.0/0
192.168.0.131
eth1
routerF
because this router is the one that interconnects the Intranet to the
Internet. In other words, all the IP packets that want go to the Internet
Regarding
the number of public IP addresses, we have 31 networks with 253 hosts. Net A has 13 hosts, Net B has 29
hosts and 192.168.0.0/25 has 125 hosts. Thus, this number is:
Solution Exercise 1 -5
1. For the rst
ping:
15
No.
1
2
3
4
5
6
7
8
9
Time
0.000000
0.000117
0.000188
0.013092
0.013163
0.013228
0.025434
0.025505
0.025563
Source
fe:fd:00:00:01:01
fe:fd:00:00:02:01
192.168.0.32
fe:fd:00:00:02:01
fe:fd:00:00:03:01
192.168.0.32
fe:fd:00:00:03:01
fe:fd:00:00:01:01
192.168.0.144
Destination
Broadcast
fe:fd:00:00:01:01
192.168.0.144
Broadcast
fe:fd:00:00:02:01
192.168.0.144
Broadcast
fe:fd:00:00:03:01
192.168.0.32
Protocol
ARP
ARP
ICMP
ARP
ARP
ICMP
ARP
ARP
ICMP
Length
42
42
98
42
42
98
42
42
98
Info
Who has 192.168.0.96? Tell 192.168.0.32
192.168.0.96 is at fe:fd:00:00:02:01
Echo (ping) request id=0x8f04, seq=1/256, ttl=64
Who has 192.168.0.144? Tell 192.168.0.96
192.168.0.144 is at fe:fd:00:00:03:01
Echo (ping) request id=0x8f04, seq=1/256, ttl=63
Who has 192.168.0.32? Tell 192.168.0.144
192.168.0.32 is at fe:fd:00:00:01:01
Echo (ping) reply
id=0x8f04, seq=1/256, ttl=64
virt1:~# arp -n
Address
192.168.0.144
192.168.0.96
HWtype
ether
ether
HWaddress
FE:FD:00:00:03:01
FE:FD:00:00:02:01
Flags Mask
C
C
Iface
eth1
eth1
virt2:~# arp -n
Address
192.168.0.144
HWtype
ether
HWaddress
FE:FD:00:00:03:01
Flags Mask
C
Iface
eth1
virt3:~# arp -n
Address
192.168.0.32
HWtype
ether
HWaddress
FE:FD:00:00:01:01
Flags Mask
C
Iface
eth1
virt1:~# route -n
Kernel IP routing table
Destination
Gateway
192.168.0.0
0.0.0.0
192.168.0.128
192.168.0.96
Genmask
Flags Metric Ref
255.255.255.128 U
0
0
255.255.255.128 UG
0
0
Use Iface
0 eth1
0 eth1
virt2:~# route -n
Kernel IP routing table
Destination
Gateway
192.168.0.0
0.0.0.0
Genmask
255.255.255.0
Use Iface
0 eth1
virt3:~# route -n
Kernel IP routing table
Destination
Gateway
192.168.0.0
0.0.0.0
Genmask
255.255.255.0
Use Iface
0 eth1
The
echo-request
The
echo-replay
goes from
goes from
The caches are also populated according to these routing paths. For example,
was transmitted.
After this
ping,
echo-replay
Port
MAC
01:01
02:01
03:01
ping:
16
Time
0.000000
0.000109
0.000172
0.020316
0.021275
0.021345
Source
fe:fd:00:00:01:01
fe:fd:00:00:02:01
192.168.0.32
fe:fd:00:00:02:01
fe:fd:00:00:04:01
192.168.0.32
virt4:~# route -n
Kernel IP routing table
Destination
Gateway
192.168.0.128
0.0.0.0
virt4:~# arp -n
Address
192.168.0.96
In this case, the
Destination
Broadcast
fe:fd:00:00:01:01
192.168.0.224
Broadcast
fe:fd:00:00:02:01
192.168.0.224
Protocol
ARP
ARP
ICMP
ARP
ARP
ICMP
Genmask
Flags Metric Ref
255.255.255.128 U
0
0
HWtype
ether
HWaddress
FE:FD:00:00:02:01
echo-request
arrives to
Flags Mask
C
virt4
Length
42
42
98
42
42
98
Info
Who has 192.168.0.96? Tell 192.168.0.32
192.168.0.96 is at fe:fd:00:00:02:01
Echo (ping) request id=0xa404, seq=1/256, ttl=64
Who has 192.168.0.224? Tell 192.168.0.96
192.168.0.224 is at fe:fd:00:00:04:01
Echo (ping) request id=0xa404, seq=1/256, ttl=63
Use Iface
0 eth1
Iface
eth1
Solution Exercise 1 -6
1.
hosts.
2. For a
ping
from 147.83.129.7 (
for the MAC address of 147.83.129.1. This frame is transmitted broadcast by the switch (through all
the ports of the switch).
- ARP response with Eth-SRC=MAC-
ted unicast by the switch (goes only between the two ports involved).
table and
ing for the MAC address of 10.0.0.2. This frame is transmitted broadcast by the switch.
RA.eth128
RB.eth128.
and Eth-DST=MAC-
This frame is
RB
decrements the TTL, recalculates the IP header checksum and sends the IP packet (with IP-
and
for the MAC address of 147.83.1.9. This frame is transmitted broadcast by the switch.
RA
decrements the TTL, recalculates the IP header checksum and sends IP packet (with IP-
echo-replay
the reverse path. However, in this case, we do not need to run the ARP protocol again and since the
switches have also learned the MACs involved, we avoid further broadcast of any type.
3.
100 Mbps
64768
= 1544 bps
Goodput->
1480
= 1544 bps 1526
= 1497.4 bps
4. Let's consider
15268 bits
50 Mbps
= 0.24416 ms = Tp
n = 131
Networks (147.83.0.0/24 to 147.83.127.0/24) + 1 (10.0.0.0/24) + 1 (147.83.128.0/17) + 1 (default to
5. We have to change the IP masks to /16 because we now are in a single L2 network. Now, we can have
additional hosts.
R1 we need n = 3 entries (147.83.0.0/16, an entry for the network with R2 and the default route
to Internet).
R1 receives IP packets at 100 Mbps and must forward them also at 100 Mbps.
Then,
15268 bits
100 Mbps
= Tp = 0.12208 ms
Tentry = 7.36 s
7.
F O2 = 600/8 = 75
and
F O3 = 800/8 = 100.
18