Practical 8: Linux Network Configuration, ifconfig Command and Routing

Verified

Added on 2023/01/19

AI Summary

This document provides a comprehensive solution to a practical assignment focused on Linux network configuration. The assignment covers the use of the `ifconfig` command to view and manage network interfaces, including MAC and IP address analysis. It explores the loopback interface, netmask, and the functions of broadcast and multicast. The document also delves into MAC address spoofing, including preventive measures, and provides an in-depth explanation of routing tables, default gateways, and their roles in network communication. The solution includes answers to specific questions posed in the practical, offering insights into network configuration and troubleshooting within a Linux environment.

A1.Ans)
The following MAC address and also the allocated IP address of the network interfaces that
are active are as follows:
enp3s0 : MAC address : 18:db:f2:1f:c6:e7
IP address : 192.168.0.255
lo : No MAC address since it is a loopback
wlp2s0 : MAC address : e4:02:9b:d0:d2:43
IP address : ---------

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

A2.Ans)
Yes there is a loopback interface being shown. We know that loopback is considered as a
virtual interface and that remains always up after it has been properly configured. It is similar to the
other interfaces and can be assigned any address.
Uses of Loopback Interface:
a) Device Identification: A loopback interface can be used to identify a device. A loopback interface is
a preferred method to identify if a device is online. Based on network topology the interfaces might be
removed and also the addresses might be changed but the loopback address never changes.
b) Routing Information: Protocol such as OSPF uses the loopback address to determine the protocol
specific properties of the network and the device. Ping mpls commands also need loopback addresses
to function properly.
c) Packet Filtering: Packets originating from or destined for a routing engine can be filtered by using a
stateless firewall filter to the loopback address.
A3.Ans)
The meaning as uses of the output fields of the above used ifconfig command are explained
as follows:
a) UP:
UP is a flag which shows that the kernel module that is related to the interface ‘Ethernet’
has been already loaded.
b) BROADCAST:
This field means that the Ethernet device actively supports the broadcasting facility
which is an important characteristic to obtain IP address via DHCP. Particularly, it shows that the
device also has the facility to send packets to all hosts which share the same link such as Ethernet link.
c) MULTICAST:
This is known an advisory flag that shows that the interface supports multicasting
such as it can send packets to some subnets of neighboring nodes. The above field Broadcast is a
specific case of multicasting whereas in multicasting all the nodes in the link are considered. We can
also say that any POINT-TO-POINT or BROADCAST is also a multicasting by its definition since we
can have direct access to all the neighbors and also specifically any part of it.

Q.A4.Ans)
A netmask is known as a 32 bit mask which is specifically taken into use to divide an
allocated IP address into its subnets and also to specify the available hosts of the network. In an
assigned network address 2 bits of netmask is always automatically assigned. For example, in
255.255.255.255 the “255” is the assigned broadcast address and cannot be used.
The use of netmask is to determine the class and range of IP address. For example:
It is also used to provide a technique to create small sub networks from a large IP addresses range.
Q.A5.Ans)
The MAC address spoofing attack is an unapproved and unpermitted change of a specific
MAC address, specifically falsification of a MAC address of that network device which is within a
computer network.
To prevent the MAC address spoofing attack we can use the method of network monitoring
and analysis. In this method we control access to a company’s network to prevent and stop that
unauthorized people who try to connect to the network. The network connections such as wifi should
have a restricted access and should also be reserved for the visitors because this might be a big case of
MAC spoofing attack within an internal network. This prevents the risk of manipulating and
controlling the internal network by the technique of bypassing the wifi protection by directly
connecting the Ethernet cable.
For the purpose of protection the company should use IP sec technologies and they should
also use the technique of encryption of communication on the network that can eventually prevent and
stop eavesdropping of the current existing MAC address.

Q.A6.Ans)
A route table works similarly as a post office. When a specific network node wants to send
some information to another node on the internet or the local network then it first needs an initial idea
the where the information should be sent so for this purpose if the destined network is directly not
connected to the source node then the information is sent through other nodes. Hence a routing table
maintains a routing table list for the reachable destinations that can be accessed from the source router.
Destination: It is the final network destination or the destination host.
Gateway: It shows a gateway address that is of a router interface in the local network to send packets
out the local network.
Flags: Possible flags include
U (this shows that the route is currently up)
H (this shows that the target is the required host)
G (this shows that it is a use gateway)
R (this shows that it is a reinstate route which is used for dynamic routing)
D (this shows that it is dynamically installed by daemon or may be redirect)
M (this shows that it is modified from routing daemon or from redirect)
A (this shows that it has been installed by addrconf)
C (this shows that it is a cache entry)
! (this shows that it is a reject route)
Ref: It shows the total count of references to this route.
Use: It is used to count the lookups which are used for the route which depends on the use of -F or -C
that can either route cache misses or the route cache hits.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

MSS: This shows the default maximum segment size used for the TCP connection on this route.
Window: It shows default window size used for the TCP connection.
Irtt: It is known as initial rtt(round trip time) which is used by the Kernel to estimate about the best TCP
protocol characteristics and parameters without waiting for answers.
Q.A7.Ans)
A default gateway IP address is known as an access point or a IP router in a network that is
used by a computer to send the information to a computer that is in another network.
It is not necessary for a default server to be a router. It may also be a computer with two different
network adapters in which one adapter is connected to a local subnet and another adapter is connected
to a network which is outside.

Q.A8.Ans)
Here we can see that the default gateway IP address has been deleted. No, other computers on the lan
can not be reached because it has no route to host.