CompNtwk : Lab 4.2.3 Analyzing Network Traffic

Task 1: Design Network Access to FTP and Email Services

Step 1: FTP network considerations

File transfer traffic can put high-volume traffic onto the network. This traffic can have a greater effect on

throughput than interactive end-to-end connections. Although file transfers are throughput-intensive, they

typically have low response-time requirements. As part of the initial characterization of the network, it is important to identify the level of FTP traffic that will be generated. From this information, the network designers can decide on throughput and redundancy requirements.

a. List possible file transfer applications that would generate traffic on the FilmCompany network.

Document sharing

Video production file transfer

b. List these applications by priority based on response time.

1. Video production file transfer

2. Document sharing

c. List these applications by priority based on bandwidth requirements.

1. Video production file transfer

2. Document sharing

Step 2: Email network considerations

Although customers expect immediate access to their emails, they usually do not expect emails to have

network priority over files that they are sharing or updating. Emails are expected to be delivered reliably and accurately. Generally, emails are not throughput-intensive, except when there are enterprise-wide mail-outs or there is a denial of service attack.

List some email policies that could control the volume of email data and the bandwidth used.

Membatasi ukuran lampiran email

Membatasi nomor penerima pesan email

Memastikan spam terfilter sebelum menjangkau LAN

Step 3: Configure and connect the host PCs

a. Set the IP addresses for PC1 and PC2 as shown in the configuration table.

b. Establish a terminal session to router R1 from one of the PCs, and configure the interfaces and

hostname as shown in the configuration table.

Task 2: Configure NBAR to Examine Network Traffic

Step 1: Enable NBAR Protocol Discovery

NBAR can determine which protocols and applications are currently running on a network. NBAR includes the

Protocol Discovery feature, which identifies the application protocols operating on an interface so that

appropriate QoS policies can be developed and applied. To enable Protocol Discovery to monitor selected

protocols on a router interface, issue the following commands from the global configuration mode:

FC-CPE-1(config)#interface fastethernet 0/0

FC-CPE-1(config-if)#ip nbar protocol-discovery

Step 2: Confirm that Protocol Discovery is configured

From the privileged EXEC mode, issue the show running-config command and confirm that the following

output appears under interface FastEthernet 0/0:

interface FastEthernet0/0

ip address 10.0.0.1 255.255.255.0

ip nbar protocol-discovery

If protocol-discovery is not confirmed, reissue the configuration commands for interface FastEthernet

0/0.

Task 3: Generate and Identify Network Traffic

Step 1: Generate FTP traffic

The Mozilla Thunderbird email client program will be downloaded from Discovery Server as an example of FTP.

a. On PC1, launch a web browser and enter the URL ftp://server.discovery.ccna,

Alternatively, from the command line, enter ftp server.discovery.ccna. If DNS is not

configured the IP address 172.17.1.1 must be used instead of the domain name.

b. Locate the file thunderbird_setup.exe in the pub directory, download the file, and save it on PC1.

Repeat this step for PC2.

Step 2: Generate Email traffic

If the Thunderbird email client has been installed and email accounts set up on both PC1 and PC2, proceed

to Step 2d. Otherwise, install and set up the email client on PC1 and PC2 as described in Steps 2a through 2c.

a. Install the Thunderbird email client on PC1 and PC2 by double-clicking the downloaded

thunderbird_setup.exe file and accepting the default settings.

b. When the installation has completed, launch the program.

c. Configure email account settings as shown in this table.

1) On the Tools menu, click Account Settings

Complete the required Thunderbird Account Settings.

In the left pane of the Account Settings screen, click Server Settings and complete the

necessary details.

4) In the left pane, click Outgoing Server (SMTP) and complete the proper configuration for the

Outgoing Server (SMTP).

d. Send and receive two emails between accounts on each PC.

Step 3: Display the NBAR results

With Protocol Discovery enabled, any protocol traffic supported by NBAR, as well as the statistics associated

with that protocol, can be discovered.

a. To display the traffic identified by NBAR, issue the show ip nbar protocol-discovery

command from the privileged EXEC mode.

FC-CPE-1#show ip nbar protocol-discovery

b. List each protocol identified and the Input and Output information.

Output:

ftp 18 16

1295 1288

0 0

0 0

c. Although the data traffic in this lab may not be sufficient to generate values for the 5min Bit rate

(bps) and 5min Max Bit Rate (bps) fields, consider and discuss how these values would be applied

to designing an FTP and email network.

Dapat membantu menentukan rata-rata dan puncak kebutuhan bandwidth jaringan.

Step 4: Use NBAR to monitor other data traffic

NBAR can identify and monitor a range of network application traffic protocols.

From the privileged EXEC mode of the router, issue the command show ip nbar port-mapand note the output displayed.

FC-CPE-1#show ip nbar port-map

List some protocols that you consider should be monitored and policies applied to.

Output

port-map bgp udp 179

port-map bgp tcp 179

port-map bittorrent tcp 6881 6882 6883 6884 6885 6886

6887 6888 6889

port-map citrix udp 1604

port-map citrix tcp 1494

port-map cuseeme udp 7648 7649 24032

port-map cuseeme tcp 7648 7649

port-map dhcp udp 67 68

port-map directconnect tcp 411 412 413

port-map dns udp 53

port-map dns tcp 53

port-map edonkey tcp 4662

port-map exchange tcp 135

port-map fasttrack tcp 1214

port-map finger tcp 79

port-map ftp tcp 21

port-map gnutella udp 6346 6347 6348

port-map gnutella tcp 6346 6347 6348 6349 6355 5634

port-map gopher udp 70

port-map gopher tcp 70

port-map h323 udp 1300 1718 1719 1720 11720

port-map h323 tcp 1300 1718 1719 1720 11000 – 11999

port-map http tcp 80

port-map imap udp 143 220

port-map imap tcp 143 220

port-map irc udp 194

port-map irc tcp 194

port-map kerberos udp 88 749

port-map kerberos tcp 88 749

port-map l2tp udp 1701

port-map ldap udp 389

port-map ldap tcp 389

port-map mgcp udp 2427 2727

port-map mgcp tcp 2427 2428 2727

port-map netbios udp 137 138

port-map netbios tcp 137 139

port-map netshow tcp 1755

port-map nfs udp 2049

port-map nfs tcp 2049

port-map nntp udp 119

port-map nntp tcp 119

port-map notes udp 1352

port-map notes tcp 1352

port-map novadigm udp 3460 3461 3462 3463 3464 3465

port-map novadigm tcp 3460 3461 3462 3463 3464 3465

port-map ntp udp 123

port-map ntp tcp 123

port-map pcanywhere udp 22 5632

port-map pcanywhere tcp 65301 5631

port-map pop3 udp 110

port-map pop3 tcp 110

port-map pptp tcp 1723

port-map printer udp 515

port-map printer tcp 515

port-map rcmd tcp 512 513 514

port-map rip udp 520

port-map rsvp udp 1698 1699

port-map rtsp tcp 554

port-map secure-ftp tcp 990

port-map secure-http tcp 443

port-map secure-imap udp 585 993

port-map secure-imap tcp 585 993

port-map secure-irc udp 994

port-map secure-irc tcp 994

port-map secure-ldap udp 636

port-map secure-ldap tcp 636

port-map secure-nntp udp 563

port-map secure-nntp tcp 563

port-map secure-pop3 udp 995

port-map secure-pop3 tcp 995

port-map secure-telnet tcp 992

port-map sip udp 5060

port-map sip tcp 5060

port-map skinny tcp 2000 2001 2002

port-map smtp tcp 25

port-map snmp udp 161 162

port-map snmp tcp 161 162

port-map socks tcp 1080

port-map sqlnet tcp 1521

port-map sqlserver tcp 1433

port-map ssh tcp 22

port-map streamwork udp 1558

port-map sunrpc udp 111

port-map sunrpc tcp 111

port-map syslog udp 514

port-map telnet tcp 23

port-map tftp udp 69

port-map vdolive tcp 7000

port-map winmx tcp 6699

port-map xwindows tcp 6000 6001 6002 6003

Step 5: Clean up

Erase the configurations and reload the routers and switches. Disconnect and store the cabling. For PC hosts that are normally connected to other networks (such as the school LAN or to the Internet), reconnect the appropriate cabling and restore the TCP/IP settings

Challenge

This lab considered only the volume of FTP and email data traffic and its impact on network design. Reliable

access to servers is also important. In the space below, sketch a revised topology for this lab that would

provide redundancy for these services.

 

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: