COMPUTER NETWORK II NET 461 Sunday, 22 October, 2023

Kingdom of Saudi Arabia ‫المــمـــــــــلكــــة العـربية الســــــعودية‬

Royal Commission at Yanbu
‫بــينبعالـــــــهـــــــــــيـــــئة الملــــــكـــــــية‬
Colleges & Institutes Division
‫قــــطـــاع الـكــــــــــــلــيات والـمــعــاهـد‬
Yanbu Industrial College
Computer Science & Engineering Dept. ‫كلية ينبع الصناعية‬
‫قسم علوم وهندسة الحاسب األلي‬

ASSIGNMENT1

ACADEMIC YEAR 1444/1445 H(2023/2024 G), SEMESTER 451

COMPUTER NETWORK ii
NET 461

START TIME:
DATE: Sunday, 22 October, 2023
FINISH TIME: 2 Weeks

STUDENT NAME: _________________________________________________________

STUDENT ID: SECTION: 1

FOR INSTRUCTOR USE ONLY GENERAL INSTRUCTIONS

MAX MARKS  Write your name and I.D. number in the space
Q. No. CLOs
MARK OBTAINED
provided above.
A 2.02 3
 Support materials are not allowed in the examination
B 2.03 4
C 3.02 3 Hall except those provided by instructor.
 Do not use digital or printed dictionary.
 Do not use pencils for answering except for drawing.
 Read each question carefully before answering.
TOTAL MARKS 10
 Number shown on the right-hand side against each
question is the mark allocated.

MARKED BY: Mr. Sivakumar Ramu Signature:

CHECKED BY: Dr. Bassma Aldahlan Signature:

Page 1 of 10
COMPUTER NETWORK II NET 461 Sunday, 22 October, 2023

A)Packet Tracer - Configuring IPv6 Addressing

Topology

Addressing Table

Device Interface IPv6 Address/Prefix Default Gateway

G0/0 2001:DB8:1:1::1/64 N/A

G0/1 2001:DB8:1:2::1/64 N/A
R1
S0/0/0 2001:DB8:1:A001::2/64 N/A
Link-local FE80::1 N/A
Sales NIC 2001:DB8:1:1::2/64 FE80::1
Billing NIC 2001:DB8:1:1::3/64 FE80::1
Accounting NIC 2001:DB8:1:1::4/64 FE80::1
Design NIC 2001:DB8:1:2::2/64 FE80::1
Engineering NIC 2001:DB8:1:2::3/64 FE80::1
CAD NIC 2001:DB8:1:2::4/64 FE80::1

Background
In this activity, you will practice configuring IPv6 addresses on a router, servers, and clients. You will also
practice verifying your IPv6 addressing implementation.

Page 2 of 10
COMPUTER NETWORK II NET 461 Sunday, 22 October, 2023

Write the commands here:

Part 1: Configure IPv6 Addressing on the Router
R1(config)#int gigabitEthernet0/0
R1(config-if)#ipv6 address 2001:DB8:1:1::1/64
R1(config-if)#ipv6 address FE80::1 link-local
R1(config-if)#no shutdown
R1(config)#int gigabitEthernet0/1
R1(config-if)#ipv6 address 2001: DB8:1:2::1/64
R1(config-if)#ipv6 address FE80::1 link-local
R1(config-if)#no shutdown
R1(config)#int serial 0/0/0
R1(config-if)#ipv6 address 2001:DB8:1:A001::2/64
R1(config-if)#ipv6 address FE80::1 link-local
R1(config-if)#no shutdown

Part 2: Configure IPv6 Addressing on Servers

Page 3 of 10
COMPUTER NETWORK II NET 461 Sunday, 22 October, 2023
Part 3: Configure IPv6 Addressing on Clients

Part 4: Test and Verify Network Connectivity (Screenshots here)

Step 1:Open the server web pages from the clients.

Page 4 of 10
COMPUTER NETWORK II NET 461 Sunday, 22 October, 2023

Step 2:Ping the ISP.

Page 5 of 10
COMPUTER NETWORK II NET 461 Sunday, 22 October, 2023

B) Configuring Basic EIGRP with IPv6

Topology

Addressing Table

Device Interface IPv6 Address Default Gateway

G0/0 2001:DB8:CAFE:1::1/64 N/A

S0/0/0 2001:DB8:CAFE:A001::1/64 N/A
R1
S0/0/1 2001:DB8:CAFE:A003::1/64 N/A
Link-local FE80::1 N/A
G0/0 2001:DB8:CAFE:2::1/64 N/A
S0/0/0 2001:DB8:CAFE:A001::2/64 N/A
R2
S0/0/1 2001:DB8:CAFE:A002::1/64 N/A
Link-local FE80::2 N/A
G0/0 2001:DB8:CAFE:3::1/64 N/A
S0/0/0 2001:DB8:CAFE:A003::2/64 N/A
R3
S0/0/1 2001:DB8:CAFE:A002::2/64 N/A
Link-local FE80::3 N/A
PC1 NIC 2001:DB8:CAFE:1::3/64 Fe80::1
PC2 NIC 2001:DB8:CAFE:2::3/64 Fe80::2
PC3 NIC 2001:DB8:CAFE:3::3/64 Fe80::3

Page 6 of 10
COMPUTER NETWORK II NET 461 Sunday, 22 October, 2023

Scenario
In this activity, you will configure the network with EIGRP routing for IPv6. You will also assign router IDs,
configure passive interfaces, verify the network is fully converged, and display routing information using
show commands.
EIGRP for IPv6 has the same overall operation and features as EIGRP for IPv4. There are a few major
differences between them:
 EIGRP for IPv6 is configured directly on the router interfaces.
 With EIGRP for IPv6, a router-id is required on each router or the routing process will not start.
 The EIGRP for IPv6 routing process uses a “shutdown” feature.

Write Commands here:

Part 1: Configure EIGRP for IPv6 Routing

R1(config)#ipv6 unicast-routing
R1(config)#ipv6 router eigrp 1
R1(config-rtr)#eigrp router-id 1.1.1.1
R1(config-rtr)#no shutdown
R1(config-rtr)#exit
R1(config)#interface gigabitEthernet 0/0
R1(config-if)#ipv6 eigrp 1
R1(config-if)#exit
R1(config)#interface serial 0/0/0
R1(config-if)#ipv6 eigrp 1
R1(config-if)#exit
R1(config)#interface serial 0/0/1
R1(config-if)#ipv6 eigrp 1
R1(config-if)#exit

Page 7 of 10
COMPUTER NETWORK II NET 461 Sunday, 22 October, 2023

Part 2: Verify IPv6 EIGRP for IPv6 Routing (Screenshot here)

C. Configuring IPv6 ACLs

Page 8 of 10
COMPUTER NETWORK II NET 461 Sunday, 22 October, 2023
Topology

Addressing Table

Device Interface IPv6 Address/Prefix Default Gateway

Server3 NIC 2001:DB8:1:30::30/64 FE80::30

Fill in the blanks by the commands:

Part 1: Configure, Apply, and Verify an IPv6 ACL
Part 2: Configure, Apply, and Verify a Second IPv6 ACL

Part 2: Configure, Apply, and Verify an IPv6 ACL

Logs indicate that a computer on the 2001:DB8:1:11::0/64 network is repeatedly refreshing their web page
causing a Denial-of-Service (DoS) attack against Server3. Until the client can be identified and cleaned, you
must block HTTP and HTTPS access to that network with an access list.

Step 1: Configure an ACL that will block HTTP and HTTPS access.
Configure an ACL named BLOCK_HTTP on R1 with the following statements.
a. Block HTTP and HTTPS traffic from reaching Server3.
R1(config)# ___________________________________________
R1(config)# ___________________________________________
b. Allow all other IPv6 traffic to pass.
R1(config)# _____________________________________________

Step 2: Apply the ACL to the correct interface.

Apply the ACL on the interface closest the source of the traffic to be blocked.
R1(config)# _____________________________________________
R1(config-if)# __________________________________________

Page 9 of 10
COMPUTER NETWORK II NET 461 Sunday, 22 October, 2023
Step 3: Verify the ACL implementation.
Verify the ACL is operating as intended by conducting the following tests:
 Open the web browser of PC1 to http://2001:DB8:1:30::30 or https://2001:DB8:1:30::30. The website
should appear.
 Open the web browser of PC2 to http://2001:DB8:1:30::30 or https://2001:DB8:1:30::30. The website
should be blocked
 Ping from PC2 to 2001:DB8:1:30::30. The ping should be successful.

Part 3: Configure, Apply, and Verify a Second IPv6 ACL

The logs now indicate that your server is receiving pings from many different IPv6 addresses in a Distributed
Denial of Service (DDoS) attack. You must filter ICMP ping requests to your server.

Step 1: Create an access list to block ICMP.

Configure an ACL named BLOCK_ICMP on R3 with the following statements:
a. Block all ICMP traffic from any hosts to any destination.
R3(config)# _________________________________________________
b. Allow all other IPv6 traffic to pass.
R3(config)# ________________________________________________

Step 2: Apply the ACL to the correct interface.

In this case, ICMP traffic can come from any source. To ensure that ICMP traffic is blocked regardless of its
source or changes that occur to the network topology, apply the ACL closest to the destination.
R3(config)# ____________________________________________________
R3(config-if)# __________________________________________________

Step 3: Verify that the proper access list functions.

a. Ping from PC2 to 2001:DB8:1:30::30. The ping should fail.
b. Ping from PC1 to 2001:DB8:1:30::30. The ping should fail.
Open the web browser of PC1 to http://2001:DB8:1:30::30 or https://2001:DB8:1:30::30. The website
should display.

Page 10 of 10