In this lab we will be doing 4 things.
1. Configure NTP server on ws0 and ntp clients on all 4 routers 2. Configure syslog server on ws0 and syslog clients on all 4 routers 3. Configure DHCP server on ws0 and bring up ws1, ws2 and ws3 as dhcp clients. Configure dhcp relay services on R3 and R1. 4. Configure DNS service for zone gXX.scs and reverse zone XX.10.in-addr.arpa on ws0, with root.scs as a backup secondary server. Use DNS to name all the interfaces and workstations. 5. Configure DNS clients for all workstations and routers and use ws0 and 10.91.0.254 as DNS servers
ws0 is the only host that is connected to the outside world, so we will have it connect to two stratum 2 ntp servers. We can then have all of our routers synchronize their clocks to ws0. On ws0 the ntp daemon lives in /usr/sbin/ntpd. The detailed manual pages are ntpd, this is the daemon that runs to keep time synchronized. ntpq, this is a tool to query a ntp process about its status.
On ws0 you will start up ntpd with two "outside" stratum 2 servers. These are ntps2-1.cs.fiu.edu (131.94.134.130) and ntps2-2.cs.fiu.edu (131.94.134.129). You will want to create a configuration file (one example location is /mnt/hda1/ntpd/ntp.conf) which will specify the servers, and then start the daemon with a -g option. the -g option tells the daemon to force the clock to the correct time first, then begin synchronization with the servers.
assume configuration file /mnt/hda1/ntpd/ntp.conf on ws0 contains: server 131.94.134.129 server 131.94.134.130 to start ntp daemon on linux workstation ws0: /usr/sbin/ntpd -g -c /mnt/hda1/ntpd/ntp.conf On your linux router (R1) you will want to use ws0 as your ntp server so your configuration file would contain server 10.XX.0.20 to start ntp daemon on linux router (R1): /usr/sbin/ntpd -g -c /mnt/hda1/ntpd/ntp.conf to query a ntp daemon about its state (from ws0): ntpq -c peers 10.XX.0.20 ( for ws0 ) ntpq -c peers 10.XX.1.1 ( for r1 )
On your linux router (R1) and WS0 you will want to modify the startup scripts (/mnt/hda1/rc.local on linux routers) so that ntp starts at boot time. You may want to include killall ntpd to make sure none are running.
killall ntpd /usr/sbin/ntpd -g -c /mnt/hda1/ntpd/ntp.conf
On cisco routers you will use the ntp server command to set the ntp server. On both R2 and R3 you will want to set 10.XX.0.20 as the ntp server. You will also want to set the timezone and daylight savings time.
conf t ntp server 10.XX.0.20 clock timezone Eastern -5 clock summer-time Eastern recurring exit
NOTE the ntp process on cisco routers only runs when you are logged into it. So do not expect the cisco routers to keep the best time. You can use the "show ntp associations" and "show ntp status" commands on cisco's to verify it is working.
On the JunOS router (BR) you will also want to configure it to user ws0 as the time source. See notes for class 7. You will want to set both the server and the boot-server parameters.
*.debug /mnt/hda1/log/logfile.allYou will want to start it up so that it accepts syslog information from the network (the -r option).
killall syslogd /sbin/syslogd -r -f /mnt/hda1/log/syslog.confYou want to make sure the syslog daemon is running at boot time on ws0. You do this by adding the appropriate lines to the /mnt/hda1/rc.local file on the appropriate machine.
On the linux router (R1) you will want to configure syslog to send all messages to 10.XX.0.20. You don't need to have the daemon started with -r option as this syslog will only send messages, not receive any. The file /mnt/hda1/log/syslog.conf on the linux routers would look like this
*.debug @10.XX.0.20You will need to make sure the syslogd starts up at boot on the linux router also, again by adding appropriate lines to /mnt/hda1/rc.local
You can kill any currently running syslog process by the command
killall syslogd
On cisco routers you will want to configure them to log all messages to 10.XX.0.20 (see notes from class 7). Of course the cisco routers should boot with this configuration. (IE copy running-config startup-config)
On the JunOS routers you will want to configure them to log all messages to 10.XX.0.20 (see notes from class 7).
You will want to configure the DHCP server to support 4 networks, and for each network provide DHCP clients with subnet mask, broadcast address, dns domain name, and dns domain name servers. The domain name will be gXX.scs (XX=group number) and the domain name servers will be 10.XX.0.20 and 10.91.0.254. You will want to be certain that these workstations get the following addresses. It is safe to assume that ws1, ws2 and ws3 will be the only host on their respective networks. You can do this by using a range of one IP address on net1/net2. For net3 you need to hard code the MAC address of ws3 in the dhcp config file.
ws1.gXX.scs = 10.XX.1.100 ws2.gXX.scs = 10.XX.1.150 ws3.gXX.scs = 10.XX.2.50For net0 you will need to specify a range which will allow 10 workstations within the IP range for that network.
See notes from class 8 for details on dhcpd configuration. The leases should be for 10 minutes maximum, and 5 minutes default.
You will also need to configure R1 to be a dhcp relay service for net1 and net2 and you will need to configure R3 to perform the dhcp relay for net3 (10.XX.2.0/24). See the notes from class 8 for details.
And of course, you will need to have R1 start the dhcrelay process at boot time. And be certain that R3 has this in its startup-config at boot time. You will also want to start the dhcpd process on ws0 and leave it running, and have it start automatically at boot.
The workstations ws1/ws2/ws3 use the program called dhclient as a DHCP client. They are configured at boot time to do this. But you can stop and start the process manually too. The command:
dhclient eth0
will start a a dhclient. If your DHCP and yoru relays are correctly configured, it will immediatly get a IP address.
dhclient -r eth0
will stop any currently running DHCP client.
Here you will need to set up a master DNS server for your zone gXX.scs (forward) and XX.10.in-addr.arpa (reverse) (XX=group number) on ws0. You will need to configure the following files in /mnt/hda1/named:
named.conf - The named configuration file rndc.conf - The rndc configuration file roothints.ca - The root zone hints file named.localhost - The reverse localhost (127.in-addr.arpa) file. gXX.zone - The zone file for gXX.scs gXX.revzone - The zone file for XX.10.in-addr.arpaYou will need to assign forward and reverse records for each interface on each router (with the exception you do not need to define reverse pointers for BR's 10.91.0.XX interface) You will name each interface RR-YY.gXX.scs. RR=router code YY=network code, XX=group number. YY=nY for the interfaces that face the access networks or the core network. YY=p2pW where p2p1 = 10.X.1.192/30 and p2p2=10.X.1.196/30. Examples:
br-n0.gXX.scs is 10.XX.0.1 r1-n1.gXX.scs is 10.XX.1.1 r1-n2.gXX.scs is 10.XX.1.129 r2-p2p1.gXX.scs is 10.XX.1.193 r1-p2p2.gXX.scs is 10.XX.1.198 r3-n3.gXX.scs is 10.XX.2.1 etc.
You will also set up DNS A and reverse DNS PTR records for ws0, ws1, ws2, and ws3. These should be at 10.XX.0.20, 10.XX.1.100, 10.XX.1.150, and 10.XX.2.50, respectively.
You will also set up aliases (CNAME records) such that
br.gXX.scs is aliased to br-n0 10.XX.0.1 r1.gXX.scs is aliased to r1-n1 10.XX.1.1 r2.gXX.scs is aliased to r2-n0 10.XX.0.2 r3.gXX.scs is aliased to r3-n0 10.XX.0.3You will want to have the TTL for all records be 10 minutes, and the use these parameters for the SOA for both forward and reverse zones:
YYYYMMDDXX ; serial number (YYYY=year, MM=month, DD=day, XX is between 00 and 99) 3600 ; Refresh (1 hour) 300 ; Retry (5 minutes) 360000 ; Expire (100 hours) 300 ; neg TTL (5 minutes)
You will want to make sure that 10.91.0.254 is listed as a NS record for both your forward and reverse zones, so it will be known as a secondary. Of course your ws0 will need to be listed as a NS record also.
You will also want to configure all your routers to use your nameservers. For the Cisco IOS routers the command is
ip name-server 10.XX.0.20 ip name-server 10.91.0.254For the JunOS routers the command is under the edit system group and is set name-server 10.XX.0.20 set name-server 10.91.0.254
For the linux/quagga router and ws0 you put this information in the /etc/resolv.conf file. The following two commands will do this.
echo "search gXX.scs" > /etc/resolv.conf echo "nameserver 10.XX.0.20" >> /etc/resolv.conf echo "nameserver 10.91.0.254" >> /etc/resolv.confYou will want to add these to your /mnt/hda1/rc.local file so that it happens on boot on the linux (WS0 and R1) systems..
If you have set up your rndc.conf and named.conf file correctly you can use the rndc command to check status and reload zones on your named/dns server.
rndc -c /mnt/hda1/named/rndc.conf reload rndc -c /mnt/hda1/named/rndc.conf status
After all is set up you will start dhclient on ws1 when it DOES NOT have a IP address.
Go to ws1 and shut down any dhcp client running to release any IP address it might have. BE SURE you do this on ws1 NOT ws0.
dhclient -r eth0Once ws1 has NO IP ADDRESS you go to ws0 and start a tcpdump.
tcpdump -i eth0 -s0 -n -w /tmp/lab3.pcapThen you go back to ws1 and use dhclient to have it get a IP address.
dhclient eth0Then (on ws1) issue the command
ping -c 1 br.gXX.scsOnce the ping is done stop the tcpdump. You will turn in with the report all the DNS and BOOTP/DHCP packets you see in the snoop. ONLY the DNS and BOOTP/DHCP packets should be turned in. You will use this to answer questions 3 and 4 below.
To grade this lab I will reboot all machines and review the following for correct function. Function will be worth 30 points for all members of your group.
NTP works and all routers have the correct time. (4 points)
syslog works and all routers log messages to ws0. (4 points)
DHCP works and assigns proper addresses at boot time to ws1, ws2 and ws3. (6 points)
DNS is correct and working. All router interfaces and hosts have addresses and alias as specified. Forward and reverse DNS must work, as well as the aliases specified. Secondary server on 10.91.0.254 is properly synced with primary (12 points)
DNS resolver on all endstations and routers work. (4 points)
Lab report
Please be sure to accurately label each of the questions and your answers in the report.
Q1. As part of your report turn in a dhcpd configuration for a server that serves two subnets: 64.100.20.0/25 and 64.100.20.128/25. It should assign addresses in the range 64.100.20.10 to 64.100.20.70 to requests from 64.100.20.0/25 and a range of 64.100.20.150 to 64.100.20.200 for requests from 64.100.20.128/25. You can choose the lease time, and maximum lease time.
Use 64.100.20.126 as default route for 64.100.20.0/25 and 64.100.20.254 as default route for 64.100.20.128/25. Use 192.160.1.1 as the DNS server for both subnets and use the domain-name of "cnt4504.org" for both subnets. - 8 points
Q2. From the packets captured in the the "Post configuration sniffing" section isolate all DHCP/BOOTP packets. Provide a detailed description of each packet in the DHCP protocol exchange. Example:
Packet #Z - This was a DHCPDISCOVER packet sent from WS1 to the broadcast address. It was relayed by the helper process on R1. The relay process added ....make sure you correlate the packet numbers such that they match the packet numbers isolated in the "Post configuration sniffing". - 8 points
Q3. From the packets captured in the the "Post configuration sniffing" section isolate all the DNS protocol packets. Describe what is going on in each DNS query and response. Example:
Packet #Y - This was a DNS query for the address of br.gXX.scs. It was sent from ws1 to the DNS server 10.XX.0.20 Packet #Z - This was a DNS responce from the nameserver on 10.XX.0.20 to ws1. It returned a (something) record. It also contained added "glue" which said that the ...This is worth 4 points