Professional Documents
Culture Documents
Kevin Yoshimoto
Yasha Yakhnis
Shawn Khalighi
6-18-2022
CST311
R3-etho1
R5-eth1
192.168.1.1
192.168.2.2
r3 r4 r5
R4-etho0 R4-etho1
10.0.1.1 10.0.1.2
s1-eth3
s2-eth3
s2: lo
s1: lo
127.0.0.1
127.0.0.1
s1-eth1 s1 s2 s2-eth2
s1-eth2
s2-eth1
h2-eth0 127.0.0.1:6633
h1-eth0 h3-eth0 h4-eth0
10.0.1.3
10.0.1.2 10.0.2.2 10.0.2.3
h1 h2 c0 h3 h4
2. Screenshot of Test Run
3. Screenshot of Pingall
Probably the greatest takeaway from this assignment was the complexity of networks. This
was only a simple exercise in software defined networking. In the real world, there are
numerous routers. In this simulation, r4 was used to represent the entire internet. As we
learned in this assignment, static routes must be defined. In the real world this would be an
innumerable amount of paths. The formula to determine how many static routes are
necessary is n(n-1), where n = the number of routers. This is in the order of n 2. In this case,
with only 3 routers, n(n – 1) is just 6. In the case of 10 routers, however, that is 10 * 9, which
is 90. Thus, as n increases, the number of static routes asymptotically approaches n 2.
Another takeaway from this assignment is how easily a python program can be corrupted or
broken, due to Python’s sensitivity to indentation. Yasha commented out several lines,
namely the static routes, to intentionally break the program, using the multiline string
approach. When he reinstated the commented-out section, the program was still broken, and
he found no way to restore it to its former state, even though it seemed as though nothing else
was changed. The only solution was to resort to recovering a previous version of the
program.
Lastly, we gained some experience with Bash programming. One thing we found is that
certain Linux terminal commands do not work as expected in a bash script as in the terminal
itself. For example, toggling between root mode within a bash script, using “sudo su,” does
not work to its desired effect if called within a Bash script, as it interrupts execution of the
script and returns to the terminal. It is necessary to switch to root mode prior to running a
Bash script that executes commands that require root privileges. Beyond that, we learned
how to properly translate openssl statements into a Bash script. We learned the proper syntax
to allow openssl commands to accept input parameters in order to deal with the password and
other fields (country, state, etc.) automatically rather than prompting the user for manual
input. Lastly, we learned how to use Bash scripts to edit existing files on the system.
2. Why didn’t the original program forward packets between the hosts?
In the original network, hosts in the same subnet were able to forward packets between each
other, but not hosts in different subnets. The original network lacked several features that are
necessary in order for different subnets to forward packets between each other. The first
feature it lacked was defined routes between the hosts and the routers as well as between the
routers themselves. Each host must be assigned a default route, which is defined by the IP
address of the router interface to which hosts in a given subnet are connected. Secondly, the
routers themselves must be assigned unique IP address. Their original addresses were just
0.0.0.0. Thirdly, each individual router interface (not to be confused with the router as a
whole) must be assigned a unique IP address, as well as an interface name. Router interfaces
and associated IP addresses were initially not defined at all. Lastly, static routes were not
defined in the original script.
Failure to include this line causes pingall to fail, with a 38% drop rate. Therefore, one must
conclude that this line is necessary. Moreover, equivalent lines applied to the other two
routers is equally necessary. If all three such lines were omitted, the drop rate would be 61%.
Without these lines, routers are not capable of forwarding packets to non-adjacent entities
(hosts or routers) in the network, and packets can only travel between the router in question
and adjacent entities. Thus, r3 could still send packets to h1, h2, and r4, but not to r5, h3, and
h4.
4. Intentionally break your working program, e.g.: change a subnet length, IP address,
or default route for a host. Explain why your change caused the network to break.
There are many ways to break the network. One such way is to have an incorrect subnet
mask for one or more of the hosts, or for the entire subnet. The subnet mask for each host
address is the same as the subnet mask for the subnet address itself. However, an incorrect
subnet mask does not in all circumstances break the network. A subnet with a mask of /24 is
a 254-host network, as it supports 256 IP addresses, 0-255, but two of those 256 addresses
are already taken (the network address and the broadcast address). So, in this case, we have 2
host addresses as there are currently 2 hosts, but we also have the network address and the
broadcast address, so that is a total of 4 IP addresses currently. In order to support at least 4
IP addresses (2 hosts), the subnet mask must not be greater than 29 (3 bits equals 7 in
decimal). A subnet mask of 30 can support 3 IP addresses (2 bits equals 3 in decimal), which
means only 1 host. If the subnet mask of any one host is set to 30 or greater, that host will be
completely shut down, and will not be able to ping any other host or receive a ping from any
other host. Similarly, if the subnet mask of the entire subnet were changed to 30 or greater,
the entire network would be neutralized. If the router interface associated with the subnet
were assigned a subnet mask too great to support the current network, then not only would it
neutralize the network (i.e., causing ping to fail), but it would result in a runtime error.
Note: The Bash script to create the CA and issue the server certificate requires root privileges
and must be run in root mode (i.e. “sudo su” must be called prior to launching the script).