26 Static Networking Part 2

Jacob Christensen

Up to this point, we have been using one router in our working environments that use DHCP. However, you will rarely work on a network with only one router because the whole point of an enterprise network is to connect multiple LANs into a single cohesive network.

In this lab, we will create and connect three LANs via three routers. We introduce you to static routing solutions so you can become familiar with routing procedures. Static routing is impractical mainly because it is very manpower intensive to maintain and prone to human error.

Estimated time for completion: 60 minutes

Learning objectives

  • Successfully create three functional LANs:
    • Gray (DHCP Server)
    • Red (Switch + 2 PCs)
    • Blue (Switch + 2 PCs)
  • Configure three routers to use static routing so all devices can communicate

Prerequisites

Deliverables

4 screenshots are required to receive credit for this lab

  • Screenshot of GNS3 workspace with everything labeled
  • Screenshot of the DHCP configuration
  • Wireshark Screenshots of a Red host successfully pinging:
    • Blue Host
    • Gray Host

Resources

Contributors and Testers

  • Dante Rocca, Cybersecurity Student, ERAU-Prescott

Phase I -Building the Topology

The following steps are to create the baseline for completing the lab.  It makes assumptions about learner knowledge from completing previous labs.  To reduce the amount of stress on the PC, we will be using Linux boxes for DHCP.

By the end of this chapter, your network should look like the following:

GNS3 network
Figure 1 – Final GNS3 network
  1. Open GNS3
    1. Create a new project: LAB_12
  2. Build a small network with the following specifications:
    1. Class B Supernet – 10.0.0.0/16

      Host Range  
      Host Lower Bound 10.0.0.1
      Host Upper Bound 10.0.255.254

      NOTE: Our supernet is the total IP address space we are allowed to use for this network. We will subnet this as necessary to fit our needs for each LAN. If you still confused how subnetting works, there are plenty of online tools that can help augment your learning!

    2. Subnet – Red
      1. One switch – Ethernet switch
      2. Two client machines – VPCS
      3. Minimize wasted address space for 300 hosts

        Network Information  
        Network 10.0.0.0
        Netmask 255.255.254.0 (/23)
        Broadcast 10.0.1.255
        Gateway 10.0.0.1
        DHCP Lower Bound 10.0.0.100
        DHCP Upper Bound 10.0.1.250

        NOTE: I am choosing to reserve the first usable host for my gateway addresses. In addition, my DHCP range does not include every single host address available (mostly because I like clean numbers). These are not hard and fast rules. Feel free to adjust as necessary.

    3. Subnet – Blue
      1. One switch – Ethernet switch
      2. Two client machines – VPCS
      3. Minimize wasted address space for 150 hosts

        Network Information  
        Network 10.0.2.0
        Netmask 255.255.255.0 (/24)
        Broadcast 10.0.2.255
        Gateway 10.0.2.1
        DHCP Lower Bound 10.0.2.100
        DHCP Upper Bound 10.0.2.250
    4. Subnet – Gray
      1. One DHCP server – Ubuntu 22.04.X LTS

        NOTE: In this example, the server will have a static IP address of 10.0.3.6.

      2. Minimize wasted address space for 6 hosts

        Network Information  
        Network 10.0.3.0
        Netmask 255.255.255.248 (/29)
        Broadcast 10.0.3.7
        Gateway 10.0.3.1
    5. Subnet – Backbone
      1. Three routers – MikroTik CHR
      2. Full-mesh topology

        NOTE: The term full-mesh simply means that each node is connected to every other node.

      3. Minimize wasted address space for each router-to-router connection
        Connection Network
        Router1 <-> Router2 10.0.4.0/30
        Router1 <-> Router3 10.0.5.0/30
        Router2 <-> Router3 10.0.6.0/30
  3. Connect each LAN to their own router
  4. Label and organize your network as necessary
    GNS3 working environment
    Figure 2 – GNS3 working environment

Phase II – Configuring the Backbone Network

Before any of the clients can receive IP addresses, we need to ensure that the routers can communicate with each other. This phase will focus on how to configure MikroTik routers and establishing static routes.

  1. Login to Router1 and open its console
    1. Set static IP addresses for all active network interfaces (Figure 3)
      Interface Network IPv4 Address
      ether1 -> Red 10.0.0.0/23 10.0.0.1
      ether2 -> Router2 10.0.4.0/30 10.0.4.1
      ether3 -> Router3 10.0.5.0/30 10.0.5.1

      NOTE: Refer to Chapter 16, Phase II for additional information on how to configure IP address in MikroTik.

    2. Configure Router1 to act as a relay for DHCP discover packets (Figure 4)

      > ip dhcp-relay add name=Red-Relay interface=ether1 dhcp-server=10.0.3.6 local-address=10.0.0.1 disabled=no

      NOTE: You only need to configure DHCP forwarders for networks directly connected to the relay. In this case, only the Red subnet is attached to this router, so only one relay needs to be made. Refer to Chapter 21, Phase II for additional information.

    3. Statically update Router1’s  routing table with routes to the Blue and Gray networks (Figure 5)

      NOTE: Two routes need to be created for every subnet, with each specifying the same destination via different gateways (Router2 and Router3). This is a form of redundancy that ensures network functionality even in the case of either path going offline. When building networks, it is important to mitigate as many single point of failures as possible to ensure availability and reliability.

      1. Add all routes to the Blue subnet

        > ip route add dst-address=10.0.2.0/24 gateway=10.0.4.2 distance=1

        > ip route add dst-address=10.0.2.0/24 gateway=10.0.5.2 distance=2

        NOTE: The distance option specifies how many additional routers are needed to reach the destination network. The route with the shortest number of hops will take priority over the other.

      2. Add all routes to the Gray subnet

        > ip route add dst-address=10.0.3.0/29 gateway=10.0.5.2 distance=1

        > ip route add dst-address=10.0.3.0/29 gateway=10.0.4.2 distance=2

  2. Login to Router2 and open its console
    1. Set static IP addresses for all active network interface (Figure 6)
      Interfaces Network IPv4 Address
      ether1 -> Blue 10.0.2.0/24 10.0.2.1
      ether2 -> Router1 10.0.4.0/30 10.0.4.2
      ehter3 -> Router3 10.0.6.0/30 10.0.6.1
    2. Configure Router2 to act as a relay for DHCP discover packets (Figure 7)

      > ip dhcp-relay add name=Blue-Relay interface=ether1 dhcp-server=10.0.3.6 local-address=10.0.2.1 disabled=no

    3. Statically update Router2’s routing table with routes to the Red and Gray networks (Figure 8)
      1. Add all routes to the Red subnet

        > ip route add dst-address=10.0.0.0/23 gateway=10.0.4.1 distance=1

        > ip route add dst-address=10.0.0.0/23 gateway=10.0.6.2 distance=2

      2. Add all routes to the Gray subnet

        > ip route add dst-address=10.0.3.0/29 gateway=10.0.6.2 distance=1

        > ip route add dst-address=10.0.3.0/29 gateway=10.0.4.1 distance=2

  3. Login to Router3 and open its console
    1. Set static IP addresses for all active network interfaces (Figure 9)
      Interfaces Network IPv4 Address
      ether1 -> Gray 10.0.3.0/29 10.0.3.1
      ether2 -> Router1 10.0.5.0/30 10.0.5.2
      ether3 -> Router2 10.0.6.0/30 10.0.6.2

      NOTE: We will not configure any DHCP relays on this device since there is no DHCP-dependent LAN that is directly connected to it. The Gray subnet will only consist of statically assigned host addresses.

    2. Statically update Router3’s  routing table with routes to the Red and Blue networks (Figure 10)
      1. Add all routes to the Red subnet

        > ip route add dst-address=10.0.0.0/23 gateway=10.0.5.1 distance=1

        > ip route add dst-address=10.0.0.0/23 gateway=10.0.6.1 distance=2

      2. Add all routes to the Blue subnet

        > ip route add dst-address=10.0.2.0/24 gateway=10.0.6.1 distance=1

        > ip route add dst-address=10.0.2.0/24 gateway=10.0.5.1 distance=2

  4. Verify that all three routers can ping each other before continuing to the next section

Phase III – Configure the DHCP Server

Now that the network is setup, we can configure our server and test the reliability of the routes.

  1. Start the DHCP server and login
    1. Configure the network interface with the static IPv4 address 10.0.3.6 (Figure 11)
    2. Modify the DHCP daemon configuration file to support the Red and Blue networks (Figure 12)
  2. Start PC1 and open its console
    1. Test the DHCP service by requesting a new IP address

      > ip dhcp

    2. Test the reliability of the network by cutting the Router1-Router3 link
      cut wire in network
      Figure 13 – Cut wire in network
    3. Request a new IP address

      > ip dhcp

  3. Repeat step 2 with a client device from the Blue network

    NOTE: Try cutting the Router2-Router3 link instead. We are trying to see if the routers can successfully redirect packets via the longest path!

Congratulations! You were able to create small network with multiple routers by manually administering the routing tables. Hopefully by the end of this exercise you realize how tedious and error-prone this can be as network sizes increases. Luckily, the next few chapters will introduce new protocols that can automate this process for a much friendlier experience.

End of Lab

Deliverables

4 screenshots are required to receive credit for this lab

  • Screenshot of GNS3 workspace with everything labeled
  • Screenshot of the DHCP configuration
  • Wireshark Screenshots of a Red host successfully pinging:
    • Blue Host
    • Gray Host

Homeworks

Assignment 1 – Add another LAN and router to our enterprise

  • Add a Green network to the enterprise
  • It is projected to use 73 hosts
  • The new router needs to connect to both Router1 and Router2 for redundancy
  • The Green network needs to get DHCP addresses from the DHCP server
  • Hint: don’t forget to update the old routers with new paths as well!
  • RECOMMENDED GRADING CRITERIA
    • Screenshot of GNS3 Workspace with all devices labeled
    • Screenshot of the DHCP configuration
    • Wireshark Packet Captures where a Green host can ping
      • Red Host
      • Blue Host
      • Gray Host
  • Sample network environment:
    GNS3 working environment
    Figure 14 – Assignment 1 network

Assignment 2 – Create a full mesh network

  • Building off of Assignment 1
  • Add a Purple network to the enterprise
  • It is projected to use 600 hosts
  • Add network paths so each router has a link to every other router.  (e.g. as it stands, Router3 has no direct connection to Router4)
  • RECOMMENDED GRADING CRITERIA
    • Screenshot of GNS3 Workspace with all devices labeled
    • Wireshark capture on the following links showing that an ICMP packet from a Blue host takes different paths to reach the Purple host (You may have to disconnect some connections to force the change in path)
      • Router1 <-> Router5
      • Router2 <-> Router5
      • Router3 <-> Router5
      • Router4 <-> Router5
  • Sample network environment:
    gns3 environment
    Figure 15 – Assignment 2 network
Figures for Printed Version
Picture of commands
Figure 3 – Set static addresses for each interface
Picture of commands
Figure 4 – Set the router for DHCP relay traffic
Picture of commands
Figure 5 – Add routes to Blue and Grey networks
Picture of commands
Figure 6 – Set static IPs for router 2’s interfaces
Picture of commands
Figure 7 – Set router 2 to act as a DHCP relay
Picture of commands
Figure 8 – Add routes to Red and Grey networks on router 2
Picture of commands
Figure 9 – Set static IPs on router 3
Picture of commands
Figure 10 – Add routes to Red and Blue network on router 3
Picture of commands
Figure 11 – Static IP on DHCP relay server
Picture of commands
Figure 12 – Add DHCP support for Red and Blue networks

License

Icon for the Creative Commons Attribution 4.0 International License

Mastering Enterprise Networks Copyright © 2024 by Jacob Christensen is licensed under a Creative Commons Attribution 4.0 International License, except where otherwise noted.

Share This Book