INSTITUTE OF COMMUNICATION ENGINEERING

Telecommunications Laboratory

SOHO Router Lab

laboratory guide
Table of Contents
1 – Overview........................................................................................................................................3
1.1 – Physical Layer and Interfaces.................................................................................................3
1.2 – Data Layer...............................................................................................................................3
1.3 – Network Layer........................................................................................................................4
1.4 – Transport Layer.......................................................................................................................7
2 – Measurement Tasks........................................................................................................................8
2.1 – Physical Layout.......................................................................................................................8
2.2 – Task List..................................................................................................................................8
3 – Questions......................................................................................................................................13
1 – Overview

1.1 – Physical Layer and Interfaces

The main focus of this exercise is a device called “router” for small office/home office (SOHO) use.
It has two types of physical interfaces: an array of 10/100/1000 Ethernet wired interfaces (at least
one WAN port and several (e.g. 4) LAN ports, covered by IEEE 802.3), and a built-in WLAN
access point (covered by IEEE 802.11), that’s used to establish wireless connections in the 2.4 GHz
ISM (Industrial, Scientific and Medical) band.
The latter’s main use is to provide a connection for phones, tablets, laptops, smart devices, etc. But
of course more conventional fixed hardware can connect to it too, if only with the occasional use of
an USB wireless adapter. The connection is usually done by selecting the network’s Service Set ID
(commonly referred to simply as the name of the network) and typing in the WPA passphrase
(usually called the password). In this case we connect to the router’s wireless interface that’s
running in interface mode, and we can access the local network.
As you’ll see later the physical interface and the data layer cannot be separated in most cases.

1.2 – Data Layer

The most ubiquitous standard today for wired local networks is the IEEE 802.3. While it’s not
exactly the same as the Xerox standard preceding it, but it’s commonly called Ethernet regardless. It
has taken over the world of networks mainly due to its simplicity, and the low price of cabling and
network hardware.
Every IEEE 802.3 compatible network adapter on an active device has a unique identifier that’s
called Media Access Control address or MAC address. It’s a 48 bit number, most commonly
written in hexadecimal form as six times two digits, and it identifies the network endpoint. This is
required because of the broadcasting nature of the Ethernet network. In this layer the network sends
the data in a form called “frames”, and this Ethernet frame has, among others, information about its
intended recipient. The sender broadcasts it to the whole network when sending, but only the
endpoint that’s MAC address is written into the frame’s appropriate field is supposed to read it.
When an endpoint is broadcasting on the network no other endpoint should broadcast
simultaneously. In order to achieve this there are collision detection and collision avoidance
methods (CSMA/CD in the case of 802.3 and CSMA/CA when using 802.11). Obviously this is an
increasing problem as the number of endpoints grow in a network, so modern switches used in
Ethernet networks analyze the traffic and limit the scope of this broadcast accordingly.
When this standard was first finalized the intention was that every device will have a unique MAC
address. Half of it is used to identify a manufacturer, and the rest was used to differentiate between
the devices themselves, and is set by the vendor. As time went on this rigid system was more or less
abandoned, and of course a network interface’s MAC address is software definable today.
1.3 – Network Layer
Today’s most widely used network protocol set is the TCP/IP and UDP/IP. The name TCP/IP
refers to to the protocols used both in the Network Layer and the Transport Layer. Internet Protocol
is more or less the only one used nowadays in the network, since Novell’s IPX/SPX is inching
closer and closer to extinction. Unlike the Ethernet used in the Data Layer, IP uses logical addresses
(most commonly known as “IP address”) to establish connections. Its main use is to connect
different local networks, and it does it so successfully that IP networks span the globe. It uses 32 bit
addresses, most commonly represented by four segments divided by decimal points, with each
segment representing an 8-bit number between 0 and 255, written decimally. For example
192.168.1.0 is a very friendly looking IP address.
Every IP address in a network can be divided into two parts. Starting from its most significant bit to
a certain cutoff point is the network address. As the name suggests, this identifies the network. The
rest after this cutoff point to the least significant bit is the part that’s used to identify the endpoint
within the network – this is the host address. This cutoff point is determined by the subnet mask,
which is a literal bit mask that’s used to calculate the network address belonging to any IP address.
Let’s see an example! If my subnet mask is 255.255.255.0 and my IP address is 192.168.1.3 then
the bitwise AND calculation looks like this:
192.168. 1.3 = 11000000.10101000.00000001.00000011
255.255.255.0 = 11111111.11111111.11111111.00000000 AND
-------------------------------------------------------------
192.168.1.0 = 11000000.10101000.00000001.00000000
The address in the last line above is our network address.

Routers work mainly in the Network Layer (sometimes referred to the “third layer”, referring to its
place in the OSI model). They take the packets in, read their headers, recalculate and rewrite it, and
send the packets on their way with the new header. The packets can be forwarded in the following
manners:
• unicast – when the packet is for a certain recipient
• anycast – when the packet is for any one of a number of recipients
• broadcast – when the packet is for every endpoint within a certain network

An IPv4 packet’s header has many fields:

Version (4 bits) – This is binary 0100 in our case, meaning IPv4.
Internet Header Length (4 bits) – The length of the header itself, the number of 32-bit words that
it contains. The minimum and the default is 5, the maximum is 15.
Type of Service (16 bits) – If both endpoints and the network between them supports it, the data in
this field can help with packet prioritization and help in case of network congestion.
Total Length (16 bits) – The total length of the packet.
ID (16 bits) – The unique identifier of the packet, mostly used in case of fragmentation.
Flags (3 bits) – 3 flag bits: always 0, Don’t Fragment, More Fragments
Fragment Offset (13 bits) – If the packet is fragmented this tells us the offset of this specific
fragment relative to the beginning of the original unfragmented packet.
Time To Live (8 bits) – The number of “hops” that a packet can do in a network. It’s decreased by
one every time the header is recalculated at a router, and if it reaches 0 the router discards the
packet. This “packet decay” has been put into the system so packets that can’t find their destination
or malformed can’t clog up the network by circling around endlessly.
Protocol (8 bits) – Defines the protocol that’s used in the packet. This distinction is for the
Transport Layer, e.g. 1 means ICMP, 6 is TCP, 17 is UDP. Covered by RFC 790.
Header Checksum (16 bits)
Source Address & Destination Address (32 bits each)
Options – Rarely used. IHL field is greater than 5 if so.

Forwarding packets on a network is done by routers. They use the information in the IP headers to
decide how to regenerate the packet’s header, and on which interface should the router send the
packet out. The following things are taken into consideration by the routers when doing their job:
• Which bits of the destination address code the network address. (A router between networks
doesn’t have to take into account the whole address. It just have to route the packet to the
network where the destination is in, and that subnetwork’s router will use the rest of the
address to deliver the package to the specific endpoint.)
• Which networks can be accessed on which physical interfaces of the router. This
information is stored in the routing table.
 • When no routing information can be found what should be the last resort route to send the
packets to.

As we saw before, the IP header has no information about the network address. But some kind of
agreement has to be made how to divide the 32 bits up to a network address and host address. There
are a bunch of networks around with different sizes, so a static method isn’t feasible. So when IP
networks were defined (in RFC 791) classes of IP addresses were defined. The first few bits were
supposed to define the class of an IP address, then the rest was shared between the network and the
hosts in a predefined manner:

Network Host
A class address space 0xxxxxxx xxxxxxxx xxxxxxxx xxxxxxxx 0-127.x.x.x
bitmask 11111111 00000000 00000000 00000000 255.0.0.0
Network Host
B class address space 10xxxxxx xxxxxxxx xxxxxxxx xxxxxxxx 128-191.x.x.x
bitmask 11111111 11111111 00000000 00000000 255.255.0.0
Network Host
C class address space 110xxxxx xxxxxxxx xxxxxxxx xxxxxxxx 192-239.x.x.x
bitmask 11111111 11111111 11111111 00000000 255.255.255.0
D class 1110xxxx xxxxxxxx xxxxxxxx xxxxxxxx 224-239.x.x.x
E class 1111xxxx xxxxxxxx xxxxxxxx xxxxxxxx 240-254.x.x.x

This worked well, until the number of networks multiplied beyond a certain point; the A class
defined needlessly big networks, and the demand for B classes were much larger than ever
anticipated. To solve this problem the system has been amended, and classless IP addresses was
introduced.
Let’s see an example of a classless IP! Our address now is 193.10.24.129/30. The “/30” part means
that the division between the network address and the host address is after the 30th bit, so only the
last two bits are used to identify endpoints in this network. The subnet mask is not neatly on the
octet borders this time; it’s 255.255.255.252. Doing the same binary calculation as before:
193. 10. 24.129 = 11000001.00001010.00011000.10000001
255.255.255.252 = 11111111.11111111.11111111.11111100 AND
-------------------------------------------------------------
193. 10. 24.128 = 11000001.00001010.00011000.10000000
Our network address is the one in the last row. We have “room” for another endpoint at
193.10.24.130 in our subnet (.1000 0010 binary as the last octet), and the 193.10.24.131 address is
our broadcast address (.1000 0011 binary as the last octet).
The broadcast address is the network address plus all the bits of the host address set to ones. This
means that every endpoint on the network gets it. This also means, that with n bits used to denote
hosts we can give address to 2n-2 hosts. The 2n part is trivial because of the use of binary, but we
have to subtract the case when every host bit is 0 (that’s the network address), and the case when
every bit is 1 (that’s the broadcast address).
That’s how in our last example with 2 bits we have 22-2 = 2 hosts.

In order to successfully configure an endpoint on an IP network you have to know the

following:

• the IP address of the device

• the subnet mask to the IP address (this is to decide if an address is on the same network)
• an IP address where the device can send the packet if by itself can’t reach the destination
(because it’s not on the same subnet)
• the IP address of a Domain Name Server (DNS) – this is for the convenience of the users,
since no one will memorize 193.224.40.214 to reach hti.kvk.uni-obuda.hu, or type
172.217.16.99 instead of google.hu
Another way of saving on IP addresses is using Network Address Translation (NAT) or rather
Network Address and Port Translation (NAPT). Let’s say you have a local network at home or in
the office (as you obviously do). You use private IP addresses from these three specific IP ranges
inside these networks:
• 10.0.0.0-10 – 10.255.255.255/8
• 172.16.0.0 – 172.31.255.255/16
• 192.168.0.0 – 192.168.255.255/32
The trick is, that everyone uses these at the same time, but there is no conflict, because they are only
used to communicate inside each network. Routers do not make these internal addresses available to
the whole world, but when you want to access the Internet from a device your packet will be given
the router’s public IP address as source. This gives each small network a relatively large range of
addresses to use for all kinds of devices locally, but only a few (most of the time only one) public IP
to access the Internet.
The only downside is, that the device (typically a router) at the edge of the local network has to
translate addresses, and you need extra configuration to access resources inside of the network
using NAT (such as port forwarding).

1.4 – Transport Layer

The entire existence of the transport layer stems from the problem that the IP can only identify
endpoints, and after that it can’t differentiate between applications running on the computer for
instance. Another problem is that since the Network Layer has to be very lean to speed up the
process of routing it doesn’t have proper error correction.
The Transmission Control Protocol (TCP) can run multiple services in parallel. Every connection
has a 16 bit ID that’s called “port number”, and they communicate using that. There are a few
widely used so-called “well-known port” numbers like 20 and 21 is used by FTP, 80 is HTTP, 443
is HTTPS, 6112 is used by various Battle.net games, etc.
A TCP data stream is determined by 4 pieces of information:
• Source IP address
• Source port number
• Destination IP address
• Destination port number
Using these four the TCP can identify which application should get an incoming packet. TCP builds
up a logical connection over IP with a 3-way handshake, numbers each packet in a sequence to
ensure they are delivered in order, uses a checksum to check for errors, and request a resend if there
is one. Every TCP packet is acknowledged with an ACK packet and by its number. This is a very
good way of communicating, when you are downloading sensitive data, like an application that
you’ll run or if you are doing online banking. But it can be slow for some uses.
UDP on the other hand does not build up a logical connections, does not care about sequencing, or
errors, or acknowledgments. In return it’s low latency and low overhead, so ideal for real-time
applications, broadcasting, and DNS queries.
2 – Measurement Tasks

2.1 – Physical Layout

Check the network connection before anything else. The computer should be connected to one of
the LAN ports of the router with a patch cable, like this:

After switching the router on you will be configuring it using this connection. The PC should get its
IP configuration from the DHCP server. (If there is a manual IP address set then switch it to
automatic.)

2.2 – Task List

These are the actual tasks that you should be doing in this class.

1. To configure the router you should check the address of the Default Gateway (Windows
terminology) or Default Route (under Linux). On the graphical interface you can click the
icon, then click 'Properties'.
Alternatively you can start a command line, and use written commands. Under Windows:
Win+R (run), "cmd", OK. The command to use is "ipconfig /all", this lists all properties of
all network connections. Under Linux Ctrl-Alt-T brings up the terminal, and "ifconfig" is the
command to list all the information about the network connections.

2. Log in to the administration interface of the router. Open up any browser installed on the
PC, and type in the IP address that you got in the step before. (Sometimes you can use
vendor-specific shortcuts here, like http://tplinklogin.net ) Use the following login info:
User name: admin
Password: admin
These factory default logins are printed on the bottom label of the router, and they must be
changed in any real world scenario during the initial setup of the device.
3. In the setup interface, under 'Network' / 'WAN' choose 'Dynamic IP' as a connection type:

4. Under 'Wireless' / 'Wireless Settings' set the SSID (or network name) to "Router A" at one of
the lab spots and "Router B" at the other. The region should be "Hungary", and the mode
should be "11bgn mixed". Let the other settings on "Auto" for now.

5. Open LinSSID on the PC. Click 'Run', and evaluate the results given. What does the graph
shows us here? (What's on the horizontal and vertical axes?) Choose 5 networks and explain
it using those as specific examples.

Return to the router settings page. Under 'Wireless' / 'Wireless Settings' choose a channel
now, and set different channel widths. Observe each change in LinSSID. What is the
purpose of the automatic channel selection?
6. Under 'Wireless' / 'Wireless Security' set "WPA/WPA2 – Personal", with version "WPA2-
PSK" and encryption "AES". Set a password. Verify the changes with LinSSID.

7. Under 'Wireless' / 'Wireless MAC filtering' ban the other lab spot's PC from your network.

You can use the "ifconfig" command to determine the MAC address of a machine. Be
advised: every network interface (wired or wireless) has its own MAC address.

Connect one of the 4 ports on each table's switching box to the WAN port of the router. Try
to connect to the router with the other machine now. What is happening?
8. Under 'DHCP' set the address range to start from 192.168.0.110 and end at 192.168.0.150.
What will we see in the IP configuration, if we reconnect?

9. Under 'Wireless' / 'Wireless Advanced' set the transmit power to Low/Medium/High, and
check each setting in LinSSID. What can you see on the graph, and why?

10. Under 'Access Control' / 'Target' add the following domain name to the firewall: www.uni-
obuda.hu, like this:

Don't forget to click 'Save'! Then under 'Access Control' / 'Host' select the host to be
firewalled by MAC address (use "ifconfig" again, if needed):

Under 'Access Control' / 'Schedule' set the time interval to include the time of the class:
And finally build the firewall rule under 'Access Control' / 'Rule':

Now go to 'Access Control', and enable the firewall. Set it so it will deny the packets that
fall under the rules:

Verify with your browser that you can't visit the firewalled domain, www.uni-obuda.hu
 11. Change the password to "kando" under 'System Tools' / 'Password':

12. Show your work to the teacher.

13. Reset the router to factory defaults under 'System Tools' / 'Factory Defaults'.

3 – Questions
1. What is a SSID?
2. Explain in detail what a MAC address, and an IPv4 address is. Where do we use these
addresses? What is their purpose?
3. What are the differences between a switch and a router?
4. Explain IP classes. What's the purpose of a subnet mask?
5. Explain classless IP addresses.
6. When do we use Network Address Translation? Show how the process works with an
example.
7. What can we knew about the following IP addresses? Explain in detail, and write them
down in binary form. Are they valid addresses?
◦ 192.168.1.2 /24
◦ 10.10.10.10 /8
◦ 134.146.243.175 /29
◦ 102.244.96.236 /27
◦ 85.247.256.14 /30