diff --git a/.gitignore b/.gitignore index 857bb80..7063ce7 100644 --- a/.gitignore +++ b/.gitignore @@ -20,3 +20,6 @@ /**/*.qpf /**/*.qsf !/1ano/2semestre/lsd/master.qsf + +# QEMU Virtual Hard Disks +/**/*.qcow2 diff --git a/.gitmodules b/.gitmodules index 7aea979..4c0f22d 100644 --- a/.gitmodules +++ b/.gitmodules @@ -14,3 +14,6 @@ [submodule "2ano/1semestre/aed/trabalho1-113221-114184"] path = 2ano/1semestre/aed/trabalho1-113221-114184 url = https://github.com/detiuaveiro/trabalho1-113221-114184.git +[submodule "2ano/1semestre/rc1/rc1-project"] + path = 2ano/1semestre/rc1/rc1-project + url = https://github.com/TiagoRG/rc1-project.git diff --git a/2ano/1semestre/rc1/pratica04/Guide3_RC1_DHCP_NAT_IPv6_VMware.pdf b/2ano/1semestre/rc1/pratica04/Guide3_RC1_DHCP_NAT_IPv6_VMware.pdf new file mode 100644 index 0000000..d742119 Binary files /dev/null and b/2ano/1semestre/rc1/pratica04/Guide3_RC1_DHCP_NAT_IPv6_VMware.pdf differ diff --git a/2ano/1semestre/rc1/pratica04/ipv6-ex1.pcapng b/2ano/1semestre/rc1/pratica04/ipv6-ex1.pcapng new file mode 100644 index 0000000..a05dacd Binary files /dev/null and b/2ano/1semestre/rc1/pratica04/ipv6-ex1.pcapng differ diff --git a/2ano/1semestre/rc1/pratica04/ipv6-ex2.pcapng b/2ano/1semestre/rc1/pratica04/ipv6-ex2.pcapng new file mode 100644 index 0000000..b7b542d Binary files /dev/null and b/2ano/1semestre/rc1/pratica04/ipv6-ex2.pcapng differ diff --git a/2ano/1semestre/rc1/pratica04/ipv6-ex3.pcapng b/2ano/1semestre/rc1/pratica04/ipv6-ex3.pcapng new file mode 100644 index 0000000..4ff541d Binary files /dev/null and b/2ano/1semestre/rc1/pratica04/ipv6-ex3.pcapng differ diff --git a/2ano/1semestre/rc1/pratica04/ipv6-ex4.pcapng b/2ano/1semestre/rc1/pratica04/ipv6-ex4.pcapng new file mode 100644 index 0000000..6a12394 Binary files /dev/null and b/2ano/1semestre/rc1/pratica04/ipv6-ex4.pcapng differ diff --git a/2ano/1semestre/rc1/pratica04/ipv6-ex5.pcapng b/2ano/1semestre/rc1/pratica04/ipv6-ex5.pcapng new file mode 100644 index 0000000..530552e Binary files /dev/null and b/2ano/1semestre/rc1/pratica04/ipv6-ex5.pcapng differ diff --git a/2ano/1semestre/rc1/pratica04/pratica04-ipv6/p04-ipv6.gns3 b/2ano/1semestre/rc1/pratica04/pratica04-ipv6/p04-ipv6.gns3 new file mode 100644 index 0000000..ce065ff --- /dev/null +++ b/2ano/1semestre/rc1/pratica04/pratica04-ipv6/p04-ipv6.gns3 @@ -0,0 +1,312 @@ +{ + "auto_close": true, + "auto_open": false, + "auto_start": false, + "drawing_grid_size": 25, + "grid_size": 75, + "name": "p04-ipv6", + "project_id": "1b3231f6-4dbd-4ae3-97ae-fc4db89f5afd", + "revision": 9, + "scene_height": 1000, + "scene_width": 2000, + "show_grid": false, + "show_interface_labels": false, + "show_layers": false, + "snap_to_grid": false, + "supplier": null, + "topology": { + "computes": [], + "drawings": [], + "links": [ + { + "filters": {}, + "link_id": "597bc895-8637-45ac-94be-a053c5628fcd", + "link_style": {}, + "nodes": [ + { + "adapter_number": 0, + "label": { + "rotation": 0, + "style": "font-family: TypeWriter;font-size: 10.0;font-weight: bold;fill: #000000;fill-opacity: 1.0;", + "text": "e0", + "x": 72, + "y": 24 + }, + "node_id": "94e87dbb-89d9-4938-a0c6-ced3802d1b58", + "port_number": 0 + }, + { + "adapter_number": 0, + "label": { + "rotation": 0, + "style": "font-family: TypeWriter;font-size: 10.0;font-weight: bold;fill: #000000;fill-opacity: 1.0;", + "text": "e0", + "x": -4, + "y": 21 + }, + "node_id": "e304c27b-756f-49f0-b7ec-f7acbcd7cda4", + "port_number": 0 + } + ], + "suspend": false + }, + { + "filters": {}, + "link_id": "ce5e6499-05fa-4de9-9899-6f97e38567b4", + "link_style": {}, + "nodes": [ + { + "adapter_number": 0, + "label": { + "rotation": 0, + "style": "font-family: TypeWriter;font-size: 10.0;font-weight: bold;fill: #000000;fill-opacity: 1.0;", + "text": "e1", + "x": 75, + "y": 14 + }, + "node_id": "e304c27b-756f-49f0-b7ec-f7acbcd7cda4", + "port_number": 1 + }, + { + "adapter_number": 0, + "label": { + "rotation": 0, + "style": "font-family: TypeWriter;font-size: 10.0;font-weight: bold;fill: #000000;fill-opacity: 1.0;", + "text": "f0/0", + "x": -6, + "y": 23 + }, + "node_id": "fdddf689-2b11-4e73-8644-5bb3c5a4de49", + "port_number": 0 + } + ], + "suspend": false + } + ], + "nodes": [ + { + "compute_id": "local", + "console": 5002, + "console_auto_start": false, + "console_type": "none", + "custom_adapters": [], + "first_port_name": null, + "height": 32, + "label": { + "rotation": 0, + "style": "font-family: TypeWriter;font-size: 10.0;font-weight: bold;fill: #000000;fill-opacity: 1.0;", + "text": "Switch1", + "x": 7, + "y": -25 + }, + "locked": false, + "name": "Switch1", + "node_id": "e304c27b-756f-49f0-b7ec-f7acbcd7cda4", + "node_type": "ethernet_switch", + "port_name_format": "Ethernet{0}", + "port_segment_size": 0, + "properties": { + "ports_mapping": [ + { + "name": "Ethernet0", + "port_number": 0, + "type": "access", + "vlan": 1 + }, + { + "name": "Ethernet1", + "port_number": 1, + "type": "access", + "vlan": 1 + }, + { + "name": "Ethernet2", + "port_number": 2, + "type": "access", + "vlan": 1 + }, + { + "name": "Ethernet3", + "port_number": 3, + "type": "access", + "vlan": 1 + }, + { + "name": "Ethernet4", + "port_number": 4, + "type": "access", + "vlan": 1 + }, + { + "name": "Ethernet5", + "port_number": 5, + "type": "access", + "vlan": 1 + }, + { + "name": "Ethernet6", + "port_number": 6, + "type": "access", + "vlan": 1 + }, + { + "name": "Ethernet7", + "port_number": 7, + "type": "access", + "vlan": 1 + } + ] + }, + "symbol": ":/symbols/ethernet_switch.svg", + "template_id": "1966b864-93e7-32d5-965f-001384eec461", + "width": 72, + "x": -65, + "y": -132, + "z": 1 + }, + { + "compute_id": "local", + "console": 5000, + "console_auto_start": false, + "console_type": "spice", + "custom_adapters": [], + "first_port_name": "", + "height": 59, + "label": { + "rotation": 0, + "style": "font-family: TypeWriter;font-size: 10.0;font-weight: bold;fill: #000000;fill-opacity: 1.0;", + "text": "Debian10-1", + "x": -5, + "y": -25 + }, + "locked": false, + "name": "Debian10-1", + "node_id": "94e87dbb-89d9-4938-a0c6-ced3802d1b58", + "node_type": "qemu", + "port_name_format": "Ethernet{0}", + "port_segment_size": 0, + "properties": { + "adapter_type": "e1000", + "adapters": 1, + "bios_image": "", + "bios_image_md5sum": null, + "boot_priority": "c", + "cdrom_image": "", + "cdrom_image_md5sum": null, + "cpu_throttling": 0, + "cpus": 1, + "create_config_disk": false, + "hda_disk_image": "LabComServer2.qcow2", + "hda_disk_image_md5sum": "534cd2b4f40ba5a9ff5dd52ac65f3190", + "hda_disk_interface": "ide", + "hdb_disk_image": "", + "hdb_disk_image_md5sum": null, + "hdb_disk_interface": "none", + "hdc_disk_image": "", + "hdc_disk_image_md5sum": null, + "hdc_disk_interface": "none", + "hdd_disk_image": "", + "hdd_disk_image_md5sum": null, + "hdd_disk_interface": "none", + "initrd": "", + "initrd_md5sum": null, + "kernel_command_line": "", + "kernel_image": "", + "kernel_image_md5sum": null, + "legacy_networking": false, + "linked_clone": true, + "mac_address": "0c:e8:7d:bb:00:00", + "on_close": "power_off", + "options": "", + "platform": "x86_64", + "process_priority": "normal", + "qemu_path": "/usr/bin/qemu-system-x86_64", + "ram": 1024, + "replicate_network_connection_state": true, + "tpm": false, + "uefi": false, + "usage": "" + }, + "symbol": ":/symbols/qemu_guest.svg", + "template_id": "a97b619f-01b3-4a60-b31f-e257a1ea6774", + "width": 65, + "x": -294, + "y": -146, + "z": 1 + }, + { + "compute_id": "local", + "console": 5003, + "console_auto_start": false, + "console_type": "telnet", + "custom_adapters": [], + "first_port_name": null, + "height": 45, + "label": { + "rotation": 0, + "style": "font-family: TypeWriter;font-size: 10.0;font-weight: bold;fill: #000000;fill-opacity: 1.0;", + "text": "R1", + "x": 20, + "y": -25 + }, + "locked": false, + "name": "R1", + "node_id": "fdddf689-2b11-4e73-8644-5bb3c5a4de49", + "node_type": "dynamips", + "port_name_format": "Ethernet{0}", + "port_segment_size": 0, + "properties": { + "auto_delete_disks": true, + "aux": null, + "clock_divisor": 4, + "disk0": 0, + "disk1": 0, + "dynamips_id": 1, + "exec_area": 64, + "idlemax": 500, + "idlepc": "", + "idlesleep": 30, + "image": "c7200-adventerprisek9-mz.151-4.M2.image", + "image_md5sum": "d54b063e3d0b368a702ffb49f497825e", + "mac_addr": "ca01.8b87.0000", + "midplane": "vxr", + "mmap": true, + "npe": "npe-400", + "nvram": 512, + "platform": "c7200", + "power_supplies": [ + 1, + 1 + ], + "ram": 512, + "sensors": [ + 22, + 22, + 22, + 22 + ], + "slot0": "C7200-IO-FE", + "slot1": "PA-2FE-TX", + "slot2": "PA-2FE-TX", + "slot3": null, + "slot4": null, + "slot5": null, + "slot6": null, + "sparsemem": true, + "system_id": "FTX0945W0MY", + "usage": "" + }, + "symbol": ":/symbols/router.svg", + "template_id": "4e0ff74f-f52f-457f-bca1-d3e4a7639f57", + "width": 66, + "x": 183, + "y": -137, + "z": 1 + } + ] + }, + "type": "topology", + "variables": null, + "version": "2.2.43", + "zoom": 100 +} \ No newline at end of file diff --git a/2ano/1semestre/rc1/pratica04/pratica04-ipv6/project-files/captures/Debian10-1_Ethernet0_to_Switch1_Ethernet0.pcap b/2ano/1semestre/rc1/pratica04/pratica04-ipv6/project-files/captures/Debian10-1_Ethernet0_to_Switch1_Ethernet0.pcap new file mode 100644 index 0000000..b0c3111 Binary files /dev/null and b/2ano/1semestre/rc1/pratica04/pratica04-ipv6/project-files/captures/Debian10-1_Ethernet0_to_Switch1_Ethernet0.pcap differ diff --git a/2ano/1semestre/rc1/pratica04/pratica04-ipv6/project-files/dynamips/fdddf689-2b11-4e73-8644-5bb3c5a4de49/configs/i1_private-config.cfg b/2ano/1semestre/rc1/pratica04/pratica04-ipv6/project-files/dynamips/fdddf689-2b11-4e73-8644-5bb3c5a4de49/configs/i1_private-config.cfg new file mode 100644 index 0000000..7f2d065 --- /dev/null +++ b/2ano/1semestre/rc1/pratica04/pratica04-ipv6/project-files/dynamips/fdddf689-2b11-4e73-8644-5bb3c5a4de49/configs/i1_private-config.cfg @@ -0,0 +1,2 @@ + +end diff --git a/2ano/1semestre/rc1/pratica04/pratica04-ipv6/project-files/dynamips/fdddf689-2b11-4e73-8644-5bb3c5a4de49/configs/i1_startup-config.cfg b/2ano/1semestre/rc1/pratica04/pratica04-ipv6/project-files/dynamips/fdddf689-2b11-4e73-8644-5bb3c5a4de49/configs/i1_startup-config.cfg new file mode 100644 index 0000000..8a25dfd --- /dev/null +++ b/2ano/1semestre/rc1/pratica04/pratica04-ipv6/project-files/dynamips/fdddf689-2b11-4e73-8644-5bb3c5a4de49/configs/i1_startup-config.cfg @@ -0,0 +1,127 @@ +! + +! +! Last configuration change at 19:43:25 UTC Sun Nov 5 2023 +upgrade fpd auto +version 15.1 +service timestamps debug datetime msec +service timestamps log datetime msec +no service password-encryption +! +hostname R1 +! +boot-start-marker +boot-end-marker +! +! +! +no aaa new-model +! +ip source-route +no ip icmp rate-limit unreachable +ip cef +! +! +! +! +! +no ip domain lookup +ipv6 unicast-routing +ipv6 cef +! +multilink bundle-name authenticated +! +! +! +! +! +! +! +crypto pki token default removal timeout 0 +! +! +! +redundancy +! +! +ip tcp synwait-time 5 +! +! +! +! +! +! +! +! +interface FastEthernet0/0 + no ip address + duplex half + ipv6 address 2001:A:1:1::100/64 + ipv6 address 2001:A:1:2::100/64 + ipv6 address 2001:A:1:2::/64 eui-64 + ipv6 enable +! +interface FastEthernet1/0 + no ip address + shutdown + duplex auto + speed auto +! +interface FastEthernet1/1 + no ip address + shutdown + duplex auto + speed auto +! +interface FastEthernet2/0 + no ip address + shutdown + duplex auto + speed auto +! +interface FastEthernet2/1 + no ip address + shutdown + duplex auto + speed auto +! +ip forward-protocol nd +no ip http server +no ip http secure-server +! +! +! +no cdp log mismatch duplex +! +! +! +! +! +! +control-plane +! +! +! +mgcp profile default +! +! +! +gatekeeper + shutdown +! +! +line con 0 + exec-timeout 0 0 + privilege level 15 + logging synchronous + stopbits 1 +line aux 0 + exec-timeout 0 0 + privilege level 15 + logging synchronous + stopbits 1 +line vty 0 4 + login + transport input all +! +end diff --git a/2ano/1semestre/rc1/pratica04/pratica04-ipv6/project-files/dynamips/fdddf689-2b11-4e73-8644-5bb3c5a4de49/dynamips_i1_log.txt b/2ano/1semestre/rc1/pratica04/pratica04-ipv6/project-files/dynamips/fdddf689-2b11-4e73-8644-5bb3c5a4de49/dynamips_i1_log.txt new file mode 100644 index 0000000..0c5f295 --- /dev/null +++ b/2ano/1semestre/rc1/pratica04/pratica04-ipv6/project-files/dynamips/fdddf689-2b11-4e73-8644-5bb3c5a4de49/dynamips_i1_log.txt @@ -0,0 +1,31 @@ +Nov 05 16:56:23.289 HYPERVISOR: Release 0.2.23-amd64/Linux (tag 2023010200) +Nov 05 16:56:23.289 HYPERVISOR: Started on IP = 127.0.0.1, TCP port = 53197. +Nov 05 16:56:23.293 HYPERVISOR: exec_cmd: hypervisor version +Nov 05 16:56:23.293 HYPERVISOR: exec_cmd: hypervisor working_dir /home/tiagorg/repos/uaveiro-leci/2ano/1semestre/rc1/pratica04/pratica04-ipv6/project-files/dynamips +Nov 05 16:56:23.293 GENERAL: working_dir=/home/tiagorg/repos/uaveiro-leci/2ano/1semestre/rc1/pratica04/pratica04-ipv6/project-files/dynamips +Nov 05 16:56:23.293 HYPERVISOR: exec_cmd: ethsw create Switch1 +Nov 05 16:56:23.383 HYPERVISOR: exec_cmd: nio create_udp udp-7bb00811-df56-4ecf-8168-6e8c7b294b90 10001 127.0.0.1 10000 +Nov 05 16:56:23.383 HYPERVISOR: exec_cmd: ethsw add_nio Switch1 udp-7bb00811-df56-4ecf-8168-6e8c7b294b90 +Nov 05 16:56:23.397 HYPERVISOR: exec_cmd: ethsw set_access_port Switch1 udp-7bb00811-df56-4ecf-8168-6e8c7b294b90 1 +Nov 05 16:56:23.415 HYPERVISOR: exec_cmd: nio create_udp udp-828f6597-2a0d-4064-9212-01e3d84cc17a 10002 127.0.0.1 10003 +Nov 05 16:56:23.415 HYPERVISOR: exec_cmd: ethsw add_nio Switch1 udp-828f6597-2a0d-4064-9212-01e3d84cc17a +Nov 05 16:56:23.417 HYPERVISOR: exec_cmd: ethsw set_access_port Switch1 udp-828f6597-2a0d-4064-9212-01e3d84cc17a 1 +Nov 05 17:16:37.827 HYPERVISOR: exec_cmd: nio bind_filter udp-7bb00811-df56-4ecf-8168-6e8c7b294b90 2 capture +Nov 05 17:16:37.827 HYPERVISOR: exec_cmd: nio setup_filter udp-7bb00811-df56-4ecf-8168-6e8c7b294b90 2 en10mb /home/tiagorg/repos/uaveiro-leci/2ano/1semestre/rc1/pratica04/pratica04-ipv6/project-files/captures/Debian10-1_Ethernet0_to_Switch1_Ethernet0.pcap +Nov 05 17:36:02.498 HYPERVISOR: exec_cmd: nio unbind_filter udp-7bb00811-df56-4ecf-8168-6e8c7b294b90 2 +Nov 05 17:36:54.416 HYPERVISOR: exec_cmd: nio bind_filter udp-7bb00811-df56-4ecf-8168-6e8c7b294b90 2 capture +Nov 05 17:36:54.416 HYPERVISOR: exec_cmd: nio setup_filter udp-7bb00811-df56-4ecf-8168-6e8c7b294b90 2 en10mb /home/tiagorg/repos/uaveiro-leci/2ano/1semestre/rc1/pratica04/pratica04-ipv6/project-files/captures/Debian10-1_Ethernet0_to_Switch1_Ethernet0.pcap +Nov 05 19:29:24.577 HYPERVISOR: exec_cmd: nio unbind_filter udp-7bb00811-df56-4ecf-8168-6e8c7b294b90 2 +Nov 05 19:29:28.547 HYPERVISOR: exec_cmd: nio bind_filter udp-7bb00811-df56-4ecf-8168-6e8c7b294b90 2 capture +Nov 05 19:29:28.547 HYPERVISOR: exec_cmd: nio setup_filter udp-7bb00811-df56-4ecf-8168-6e8c7b294b90 2 en10mb /home/tiagorg/repos/uaveiro-leci/2ano/1semestre/rc1/pratica04/pratica04-ipv6/project-files/captures/Debian10-1_Ethernet0_to_Switch1_Ethernet0.pcap +Nov 05 19:33:41.465 HYPERVISOR: exec_cmd: nio unbind_filter udp-7bb00811-df56-4ecf-8168-6e8c7b294b90 2 +Nov 05 19:33:43.951 HYPERVISOR: exec_cmd: nio bind_filter udp-7bb00811-df56-4ecf-8168-6e8c7b294b90 2 capture +Nov 05 19:33:43.951 HYPERVISOR: exec_cmd: nio setup_filter udp-7bb00811-df56-4ecf-8168-6e8c7b294b90 2 en10mb /home/tiagorg/repos/uaveiro-leci/2ano/1semestre/rc1/pratica04/pratica04-ipv6/project-files/captures/Debian10-1_Ethernet0_to_Switch1_Ethernet0.pcap +Nov 05 19:44:07.461 HYPERVISOR: exec_cmd: nio unbind_filter udp-7bb00811-df56-4ecf-8168-6e8c7b294b90 2 +Nov 05 19:44:11.195 HYPERVISOR: exec_cmd: nio bind_filter udp-7bb00811-df56-4ecf-8168-6e8c7b294b90 2 capture +Nov 05 19:44:11.196 HYPERVISOR: exec_cmd: nio setup_filter udp-7bb00811-df56-4ecf-8168-6e8c7b294b90 2 en10mb /home/tiagorg/repos/uaveiro-leci/2ano/1semestre/rc1/pratica04/pratica04-ipv6/project-files/captures/Debian10-1_Ethernet0_to_Switch1_Ethernet0.pcap +Nov 05 20:01:21.037 HYPERVISOR: exec_cmd: nio unbind_filter udp-7bb00811-df56-4ecf-8168-6e8c7b294b90 2 +Nov 05 20:01:33.700 HYPERVISOR: exec_cmd: ethsw delete Switch1 +Nov 05 20:01:33.722 HYPERVISOR: exec_cmd: hypervisor stop +Nov 05 20:01:34.155 HYPERVISOR: Stopped. +Nov 05 20:01:34.155 GENERAL: reset done. diff --git a/2ano/1semestre/rc1/pratica04/pratica04-ipv6/project-files/dynamips/fdddf689-2b11-4e73-8644-5bb3c5a4de49/dynamips_i1_stdout.txt b/2ano/1semestre/rc1/pratica04/pratica04-ipv6/project-files/dynamips/fdddf689-2b11-4e73-8644-5bb3c5a4de49/dynamips_i1_stdout.txt new file mode 100644 index 0000000..fdbda92 --- /dev/null +++ b/2ano/1semestre/rc1/pratica04/pratica04-ipv6/project-files/dynamips/fdddf689-2b11-4e73-8644-5bb3c5a4de49/dynamips_i1_stdout.txt @@ -0,0 +1,21 @@ +Cisco Router Simulation Platform (version 0.2.23-amd64/Linux stable) +Copyright (c) 2005-2011 Christophe Fillot. +Build date: Sep 5 2023 18:29:26 + +Log file: writing to dynamips_i1_log.txt +Console binding address set to localhost +Hypervisor TCP control server started (IP 127.0.0.1 port 53197). +NIO udp-7bb00811-df56-4ecf-8168-6e8c7b294b90: capturing to file '/home/tiagorg/repos/uaveiro-leci/2ano/1semestre/rc1/pratica04/pratica04-ipv6/project-files/captures/Debian10-1_Ethernet0_to_Switch1_Ethernet0.pcap' +NIO udp-7bb00811-df56-4ecf-8168-6e8c7b294b90: ending packet capture. +NIO udp-7bb00811-df56-4ecf-8168-6e8c7b294b90: capturing to file '/home/tiagorg/repos/uaveiro-leci/2ano/1semestre/rc1/pratica04/pratica04-ipv6/project-files/captures/Debian10-1_Ethernet0_to_Switch1_Ethernet0.pcap' +NIO udp-7bb00811-df56-4ecf-8168-6e8c7b294b90: ending packet capture. +NIO udp-7bb00811-df56-4ecf-8168-6e8c7b294b90: capturing to file '/home/tiagorg/repos/uaveiro-leci/2ano/1semestre/rc1/pratica04/pratica04-ipv6/project-files/captures/Debian10-1_Ethernet0_to_Switch1_Ethernet0.pcap' +NIO udp-7bb00811-df56-4ecf-8168-6e8c7b294b90: ending packet capture. +NIO udp-7bb00811-df56-4ecf-8168-6e8c7b294b90: capturing to file '/home/tiagorg/repos/uaveiro-leci/2ano/1semestre/rc1/pratica04/pratica04-ipv6/project-files/captures/Debian10-1_Ethernet0_to_Switch1_Ethernet0.pcap' +NIO udp-7bb00811-df56-4ecf-8168-6e8c7b294b90: ending packet capture. +NIO udp-7bb00811-df56-4ecf-8168-6e8c7b294b90: capturing to file '/home/tiagorg/repos/uaveiro-leci/2ano/1semestre/rc1/pratica04/pratica04-ipv6/project-files/captures/Debian10-1_Ethernet0_to_Switch1_Ethernet0.pcap' +NIO udp-7bb00811-df56-4ecf-8168-6e8c7b294b90: ending packet capture. +Hypervisor: closing control sockets. +Hypervisor: closing remote client connections. +Shutdown in progress... +Shutdown completed. diff --git a/2ano/1semestre/rc1/pratica04/pratica04-ipv6/project-files/qemu/94e87dbb-89d9-4938-a0c6-ced3802d1b58/qemu-img.log b/2ano/1semestre/rc1/pratica04/pratica04-ipv6/project-files/qemu/94e87dbb-89d9-4938-a0c6-ced3802d1b58/qemu-img.log new file mode 100644 index 0000000..5bec393 --- /dev/null +++ b/2ano/1semestre/rc1/pratica04/pratica04-ipv6/project-files/qemu/94e87dbb-89d9-4938-a0c6-ced3802d1b58/qemu-img.log @@ -0,0 +1 @@ +qemu-img: This image format does not support checks diff --git a/2ano/1semestre/rc1/pratica04/pratica04-ipv6/project-files/qemu/94e87dbb-89d9-4938-a0c6-ced3802d1b58/qemu.log b/2ano/1semestre/rc1/pratica04/pratica04-ipv6/project-files/qemu/94e87dbb-89d9-4938-a0c6-ced3802d1b58/qemu.log new file mode 100644 index 0000000..db0517f --- /dev/null +++ b/2ano/1semestre/rc1/pratica04/pratica04-ipv6/project-files/qemu/94e87dbb-89d9-4938-a0c6-ced3802d1b58/qemu.log @@ -0,0 +1,6 @@ +Start QEMU with /usr/bin/qemu-system-x86_64 -name Debian10-1 -m 1024M -smp cpus=1,sockets=1 -enable-kvm -machine smm=off -boot order=c -drive file=/home/tiagorg/repos/uaveiro-leci/2ano/1semestre/rc1/pratica04/pratica04-ipv6/project-files/qemu/94e87dbb-89d9-4938-a0c6-ced3802d1b58/hda_disk.qcow2,if=ide,index=0,media=disk,id=drive0 -uuid 94e87dbb-89d9-4938-a0c6-ced3802d1b58 -spice addr=localhost,port=5000,disable-ticketing -vga qxl -monitor tcp:127.0.0.1:45655,server,nowait -net none -device e1000,mac=0c:e8:7d:bb:00:00,netdev=gns3-0 -netdev socket,id=gns3-0,udp=127.0.0.1:10007,localaddr=127.0.0.1:10006 + +Execution log: +qemu-system-x86_64: -spice addr=localhost,port=5000,disable-ticketing: warning: short-form boolean option 'disable-ticketing' deprecated +Please use disable-ticketing=on instead +qemu-system-x86_64: warning: Spice: ../spice-0.15.2/server/display-channel.cpp:2356:display_channel_validate_surface: surface 0 is NULL diff --git a/2ano/1semestre/rc1/pratica04/pratica04.md b/2ano/1semestre/rc1/pratica04/pratica04.md new file mode 100644 index 0000000..b86d2be --- /dev/null +++ b/2ano/1semestre/rc1/pratica04/pratica04.md @@ -0,0 +1,314 @@ +# Guião 4 + +# NAT/PAT mechanisms + +## Ex2 + +Before establishing any connection, this is the output for `show ip nat statistics`: +```console +R1#show ip nat statistics +Total active translations: 0 (0 static, 0 dynamic; 0 extended) +Peak translations: 0 +Outside interfaces: + FastEthernet1/1 +Inside interfaces: + FastEthernet1/0 +Hits: 0 Misses: 0 +CEF Translated packets: 0, CEF Punted packets: 0 +Expired translations: 0 +Dynamic mappings: +-- Inside Source +[Id: 1] access-list 2 pool MYNATPOOL refcount 0 + pool MYNATPOOL: netmask 255.255.255.0 + start 192.1.1.21 end 192.1.1.21 + type generic, total addresses 1, allocated 0 (0%), misses 0 + +Total doors: 0 +Appl doors: 0 +Normal doors: 0 +Queued Packets: 0 +R1# +``` + +### PC1 → 192.1.1.45 (PCB) + +There's an exchange in packets between these IP addresses. After running `show ip nat translations` we get the following output: +```console +R1#show ip nat translations +Pro Inside global Inside local Outside local Outside global +--- 192.1.1.21 192.168.1.1 --- --- +R1# +``` + +And the output for `show ip nat statistics`: +```console +R1#show ip nat statistics +Total active translations: 1 (0 static, 1 dynamic; 0 extended) +Peak translations: 6, occurred 00:07:42 ago +Outside interfaces: + FastEthernet1/1 +Inside interfaces: + FastEthernet1/0 +Hits: 10 Misses: 0 +CEF Translated packets: 10, CEF Punted packets: 0 +Expired translations: 5 +Dynamic mappings: +-- Inside Source +[Id: 1] access-list 2 pool MYNATPOOL refcount 1 + pool MYNATPOOL: netmask 255.255.255.0 + start 192.1.1.21 end 192.1.1.21 + type generic, total addresses 1, allocated 1 (100%), misses 0 + +Total doors: 0 +Appl doors: 0 +Normal doors: 0 +Queued Packets: 0 +R1# +``` + +### PC2 → 192.1.1.45 (PCB) + +There's an exchange of packets between the devices even though the destination was unreachable: +```console +PC2> ping 192.1.1.45 + +*192.168.1.254 icmp_seq=1 ttl=255 time=6.796 ms (ICMP type:3, code:1, Destination host unreachable) +*192.168.1.254 icmp_seq=2 ttl=255 time=12.338 ms (ICMP type:3, code:1, Destination host unreachable) +*192.168.1.254 icmp_seq=3 ttl=255 time=11.187 ms (ICMP type:3, code:1, Destination host unreachable) +*192.168.1.254 icmp_seq=4 ttl=255 time=12.594 ms (ICMP type:3, code:1, Destination host unreachable) +*192.168.1.254 icmp_seq=5 ttl=255 time=11.072 ms (ICMP type:3, code:1, Destination host unreachable) + +PC2> +``` + +The output for `show ip nat translations` is still the same and the output for `show ip nat statistics` is the following: +```console +R1#show ip nat statistics +Total active translations: 1 (0 static, 1 dynamic; 0 extended) +Peak translations: 6, occurred 00:23:37 ago +Outside interfaces: + FastEthernet1/1 +Inside interfaces: + FastEthernet1/0 +Hits: 10 Misses: 0 +CEF Translated packets: 10, CEF Punted packets: 15 +Expired translations: 5 +Dynamic mappings: +-- Inside Source +[Id: 1] access-list 2 pool MYNATPOOL refcount 1 + pool MYNATPOOL: netmask 255.255.255.0 + start 192.1.1.21 end 192.1.1.21 + type generic, total addresses 1, allocated 1 (100%), misses 15 + +Total doors: 0 +Appl doors: 0 +Normal doors: 0 +Queued Packets: 0 +R1# +``` +The difference between this and the previous output is the existence of CEF Punted packets. + + +From these results and from the wireshark capture we can conclude the packets having their source IP addresses translated are the ones being sent from PC1. + +This is because while configuring the router's nat pool, we only set the pool with a single public address. Since PC1 was the first to execute the ping command, it's the one who takes and keeps the only public address of that private network, therefore PC2 won't be able to communicate to the public network. + +--- + +## Ex3 + +Now that we've cleared the router's nat pool, PC2 is able to ping outside the private network, now taking the only public address to itself. + +```PC2> ping 192.1.1.45 + +84 bytes from 192.1.1.45 icmp_seq=1 ttl=63 time=29.740 ms +84 bytes from 192.1.1.45 icmp_seq=2 ttl=63 time=19.308 ms +84 bytes from 192.1.1.45 icmp_seq=3 ttl=63 time=19.172 ms +84 bytes from 192.1.1.45 icmp_seq=4 ttl=63 time=21.246 ms +84 bytes from 192.1.1.45 icmp_seq=5 ttl=63 time=20.365 ms + +PC2> +``` + +--- + +## Ex4 + +When setting the NAT timeout to 60 seconds, upon 60 seconds of inactivity from PC1, the timer starts and when reaching 0, PC2 can now take the public address. + +When executing `ping 192.1.1.40` from PC2 right after pinging from PC1, we get the following output: + +```console +(...) +*192.168.1.254 icmp_seq=84 ttl=255 time=7.848 ms (ICMP type:3, code:1, Destination host unreachable) +84 bytes from 192.1.1.40 icmp_seq=85 ttl=63 time=18.135 ms +84 bytes from 192.1.1.40 icmp_seq=86 ttl=63 time=18.628 ms +84 bytes from 192.1.1.40 icmp_seq=87 ttl=63 time=17.988 ms +``` + +--- + +## Ex5 + +The advantages are that many terminals in a private network are able to use the same public address, distinguishing each connection by their respective port, preserving security and privacy. + +``` +R1#show ip nat translations +Pro Inside global Inside local Outside local Outside global +icmp 192.1.1.21:41850 192.168.1.1:41850 192.1.1.45:41850 192.1.1.45:41850 +icmp 192.1.1.21:42106 192.168.1.1:42106 192.1.1.45:42106 192.1.1.45:42106 +icmp 192.1.1.21:1024 192.168.1.1:42362 192.1.1.45:42362 192.1.1.45:1024 +icmp 192.1.1.21:1025 192.168.1.1:42618 192.1.1.45:42618 192.1.1.45:1025 +icmp 192.1.1.21:1026 192.168.1.1:42874 192.1.1.45:42874 192.1.1.45:1026 +icmp 192.1.1.21:42362 192.168.1.2:42362 192.1.1.45:42362 192.1.1.45:42362 +icmp 192.1.1.21:42618 192.168.1.2:42618 192.1.1.45:42618 192.1.1.45:42618 +icmp 192.1.1.21:42874 192.168.1.2:42874 192.1.1.45:42874 192.1.1.45:42874 +icmp 192.1.1.21:43130 192.168.1.2:43130 192.1.1.45:43130 192.1.1.45:43130 +icmp 192.1.1.21:43386 192.168.1.2:43386 192.1.1.45:43386 192.1.1.45:43386 +R1# +``` + +--- + +## Ex6 + +If we take a look at the command `ping 192.1.1.40 -2 -p 80`, the argument `-2` represents a UDP port, `-3` represents a TCP port and `-p ##` sets the port to `##`. + +For UDP we have the following ping output: +``` +84 bytes from 192.1.1.40 udp_seq=1 ttl=63 time=20.132 ms +``` + +For TCP we have: +``` +Connect 80@192.1.1.40 seq=1 ttl=63 time=25.151 ms +SendData 80@192.1.1.40 seq=1 ttl=63 time=15.486 ms +Close 80@192.1.1.40 seq=1 ttl=63 time=16.103 ms +``` + +After pinging `192.1.1.40` using the specified ports and running `show ip nat translations` we get the following output: +``` +R1#show ip nat translations +Pro Inside global Inside local Outside local Outside global +tcp 192.1.1.21:20618 192.168.1.1:20618 192.1.1.40:80 192.1.1.40:80 +udp 192.1.1.21:28795 192.168.1.1:28795 192.1.1.40:80 192.1.1.40:80 +udp 192.1.1.21:30114 192.168.1.1:30114 192.1.1.40:22 192.1.1.40:22 +tcp 192.1.1.21:50598 192.168.1.1:50598 192.1.1.40:22 192.1.1.40:22 +udp 192.1.1.21:42352 192.168.1.2:42352 192.1.1.40:80 192.1.1.40:80 +udp 192.1.1.21:64301 192.168.1.2:64301 192.1.1.40:22 192.1.1.40:22 +R1# +``` + +From this we can conclude that all UDP connections are registered even if the port had already been used, but when connecting using TCP through an already used port, the previous connection is overwritten. + +--- + +## Ex7 + +PCA is unable to ping any terminal in the private network. + +--- + +## Ex8 + +Once setting up the static public address for PC1, PCA is now able to ping it. + +The request packets use the PCA address and the reply packets use the PC1 private address. + +NAT/PAT is often required in scenarios where a device inside a private network needs to be accessible from the public internet. For example, if a company hosts its own website on a server within its private network, it would use static NAT/PAT to allow internet users to access that website. It could also be useful for home networks, since it preserves a terminal's private address. + +--- + +# DHCP + +## Ex10 + +### ip dhcp +We initially have a DHCP Discovery packet, used to check if the IP address is available by requesting an ARP packet. After that we have another DHCP Discovery packet, this time to validate if the address is available. Then we have a DHCP Offer packet to tell the terminal that it can use that address. Afterwards, we have a DHCP Request packet from the terminal to the router telling it that it wants to use that address. Finally we have a DHCP ACK (acknowledge) packet that goes from the router to the terminal confirming that it will be using that address. + +### ip dhcp -r +This time we only have one DCHP Discovery since it comes from a terminal that the DCHP service knows that it has an IP address linked to it. The other steps and packets are the same as the previous command. This command is used to renew its lease. + +### ip dchp -x +The only packet exchanged is the DCHP Release packet that tells the router to release the IP address that was being used by it. + +### ip dchp +The procedure is the same as the first execution of this command but now the IP address is increased by 1 (from 192.168.1.101 to 192.168.1.102). + +--- + +# IPv6 Basic Mechanisms + +## Ex1 + +There are two types of packets shown, ICMPv6(IPv6) and MDNS. + +First, there is a solicitation from the VM to the Switch for a specific IPv6 address. Then, the Switch "flushes" that IPv6 address, shown through MDNS packets. + +The Switch attempts to communicate with a Router (through Router Solicitation), but since there is no Router connected, nothing happens. + +--- + +## Ex2 + +The captured packets are similar to the ones found in the previous exercise, but this time, since there is a router to communicate, we get Router Advertisements and CDP packets, that show where the Router is connected and that there is connection between the VM and the Router. + +After verifying the IPv6 information on the Router by running `show ipv6 interface brief` and `show ipv6 route`, we can verify that the IPv6 address does correspond with the one captured in the packets. + +--- + +## Ex3 + +With the command `ipv6 address 2001:A:1:1::100/64`, we are giving the VM the IPv6 address `2001:A:1:1::100/64`. This can be seen by checking the Router's information, as shown below. + +```console +R1#show ipv6 interface brief +FastEthernet0/0 [up/up] + FE80::C801:8BFF:FE87:0 + 2001:A:1:1::100 +FastEthernet1/0 [administratively down/down] + unassigned +FastEthernet1/1 [administratively down/down] + unassigned +FastEthernet2/0 [administratively down/down] + unassigned +FastEthernet2/1 [administratively down/down] + unassigned +``` + +On the VM: + +```console +2: ens3: mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 + link/ether 0c:e8:7d:bb:00:00 brd ff:ff:ff:ff:ff:ff + inet6 2001:a:1:1:1dbc:639a:3c2b:69a4/64 scope global temporary dynamic + valid_lft 604646sec preferred_lft 85768sec + inet6 2001:a:1:1:ee8:7dff:febb:0/64 scope global dynamic mngtmpaddr noprefixroute + valid_lft 2591846sec preferred_lft 604646sec + inet6 fe80::ee8:7dff:febb:0/64 scope link noprefixroute + valid_lft forever preferred_lft forever +``` + +The IPv6 address was obtained by the following steps: + +1. The Router sends a message to the VM (remember that the IPv6 address was requested in the Router); +2. A solicitation from the Router to the VM for that specific IPv6 address; +3. Another message from the router indicating that the address is available and can be used; +4. An advertisement from the VM to the router to confirm that the IPv6 address will be used by the VM. + +## Ex4 + +The process of completion of the last 64 bits is explained in the image below: + +![An image explaining the EUI-64 process](https://cdn.discordapp.com/attachments/1031545540757966878/1170815832545304777/ipv6-eui-64.png?ex=655a6a37&is=6547f537&hm=bb6ef828c35959d543c760c464c1587364e3591f998111e821db34766e178840&) + + +One of the disadvantages of using EUI-64 is that if an attacker gains access inside a network, it can easily triangulate someone's IPv6 address, and then target that specific terminal. This can be avoided by simply randomizing the Interface ID, making our IPv6 address harder to track/find. + +The process of obtaining a IPv6 address does not change if done by the same MAC address, since the process is the exact same, hence why it's not very secure to use. + +--- + +## File created by: +* Rúben Gomes, 113435 +* Tiago Garcia, 114184 \ No newline at end of file diff --git a/2ano/1semestre/rc1/rc1-project b/2ano/1semestre/rc1/rc1-project new file mode 160000 index 0000000..07e08da --- /dev/null +++ b/2ano/1semestre/rc1/rc1-project @@ -0,0 +1 @@ +Subproject commit 07e08da3e95990fa0ccd7ba804801dfcb7ab2ed2