Learning subnetting with GNS3 Part 2: Configuring Subnets
This is Part 2 of a multi-part post on using GNS3 as a learning aid when studying subnetting. You can find Part 1 here.
In part 1 of this tutorial, we installed GNS3 and set up a basic network topology with one router, two switches, and two virtual PC’s. With that network complete, we now have to configure static IP address information for our virtual PCs and setup up our router as a default gateway for each of the two subnets that we plan to create. Remember that we will be doing just enough configuration to get our network up and running with basic functionality. As a reminder, here is out network in GNS3:
Let’s take a closer look at the router we set up. How many interfaces does it have? To find out, right click on the router icon in the topology and select “Show node information.” You should see something very similar to this:
We can see that out router has 4 interfaces, Ethernet0 through Ethernet3. It also tells us that Ethernet1 is our WAN link. We’ll need this info shortly.
Next, we will open up command prompts for all of our devices. At the top menu, click the icon that looks like a little command prompt.
Upon doing so, three terminals will pop up on your screen, two for each virtual PC and one for the router. If you’ve followed along with the same naming convention so far, these terminals will be titled PC1, PC2, and R1. Let’s start with the router and confirm that the interfaces mentioned above are there. Click on the R1 terminal. This is our router with OpenWRT installed. At heart, this is Linux and we can issue UNIX commands. Begin by typing “ifconfig”.
root@OpenWrt:/# ifconfig
br-lan Link encap:Ethernet HWaddr 0C:C6:44:DA:1D:00
inet addr:192.168.1.1 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fdbc:9784:9335::1/60 Scope:Global
inet6 addr: fe80::ec6:44ff:feda:1d00/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:14 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:2132 (2.0 KiB)
eth0 Link encap:Ethernet HWaddr 0C:C6:44:DA:1D:00
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:20 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:3517 (3.4 KiB)
eth1 Link encap:Ethernet HWaddr 0C:C6:44:DA:1D:01
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:256 errors:0 dropped:0 overruns:0 frame:0
TX packets:256 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:17408 (17.0 KiB) TX bytes:17408 (17.0 KiB)
We see that there are currently four interfaces up: br-lan, eth0, eth1 and the loopback interface. In order to keep things simple, I want to work with the eth* interfaces. First let’s take down the br-lan interface:
root@OpenWrt:/# ifconfig br-lan down
[ 2146.953989] br-lan: port 1(eth0) entered disabled state
Recall from earlier that we have additional interfaces available, Ethernet2 and Ethernet3. Ethernet1 is reserved for the WAN link, which we may use in a future post. Because we want to have two subnets, let’s bring up the eth2 interface:
root@OpenWrt:/# ifconfig eth2 up
[ 2476.000447] 8021q: adding VLAN 0 to HW filter on device eth2
Now we need to configure the router for two subnets. To keep things simple, we will use standard /24 Class C network addresses. We’ll put PC1 and Switch1 on the 192.168.1.0/24 network attached to eth0 and PC2 and Switch2 on 192.168.2.0/24 attached to eth2. Enter these lines separately at the router prompt:
root@OpenWrt:/# ip addr add 192.168.1.1/24 dev eth0
root@OpenWrt:/# ip addr add 192.168.2.1/24 dev eth2
We have now configured the router as the default gateway for these two subnets. Next we can configure our virtual PCs with static IP addresses, subnet masks, and default gateways. These virtual PCs are not UNIX-like. They are an open-source lightweight PC simulator written by Paul Meng. Click on the PC1 terminal and enter the following command:
PC1> ip 192.168.1.2/24 192.168.1.1
Checking for duplicate address...
PC1 : 192.168.1.2 255.255.255.0 gateway 192.168.1.1
Here we’ve given PC1 the IP address 192.168.1.2 with a /24 subnet mask. Second, we’ve told PC1 that its default gateway is the router at 192.168.1.1. To test the connection, let’s see if we can ping the router from PC1:
PC1> ping 192.168.1.1
84 bytes from 192.168.1.1 icmp_seq=1 ttl=64 time=0.275 ms
84 bytes from 192.168.1.1 icmp_seq=2 ttl=64 time=0.404 ms
84 bytes from 192.168.1.1 icmp_seq=3 ttl=64 time=0.462 ms
84 bytes from 192.168.1.1 icmp_seq=4 ttl=64 time=0.387 ms
84 bytes from 192.168.1.1 icmp_seq=5 ttl=64 time=0.458 ms
Success. Now let’s do the same thing for PC2. We’ll give it an ip address on the 192.168.2.0 subnet, so that it will not be on the same subnet as PC1. Click on the PC2 terminal and give it an IP address of 192.168.2.2 with a /24 subnet mask and indicate a default gateway of 192.168.2.1:
PC2> ip 192.168.2.2/24 192.168.2.1
Checking for duplicate address...
PC1 : 192.168.2.2 255.255.255.0 gateway 192.168.2.1
Now we check if PC2 can ping its gateway.
PC2> ping 192.168.2.1
84 bytes from 192.168.2.1 icmp_seq=1 ttl=64 time=0.183 ms
84 bytes from 192.168.2.1 icmp_seq=2 ttl=64 time=0.370 ms
84 bytes from 192.168.2.1 icmp_seq=3 ttl=64 time=0.436 ms
84 bytes from 192.168.2.1 icmp_seq=4 ttl=64 time=0.389 ms
84 bytes from 192.168.2.1 icmp_seq=5 ttl=64 time=0.393 ms
PC2 can succesfully ping its default gateway.
Now that this is all set up, PC1 and PC2 should be able to communicate. Let’s test to see if that is the case:
PC1> ping 192.168.2.2
*192.168.1.1 icmp_seq=1 ttl=64 time=0.323 ms (ICMP type:3, code:3, Destination port unreachable)
*192.168.1.1 icmp_seq=2 ttl=64 time=0.417 ms (ICMP type:3, code:3, Destination port unreachable)
*192.168.1.1 icmp_seq=3 ttl=64 time=0.399 ms (ICMP type:3, code:3, Destination port unreachable)
*192.168.1.1 icmp_seq=4 ttl=64 time=0.411 ms (ICMP type:3, code:3, Destination port unreachable)
*192.168.1.1 icmp_seq=5 ttl=64 time=0.421 ms (ICMP type:3, code:3, Destination port unreachable)
We’ve run into a problem in that PC1 cannot reach PC2. We’ve configured our subnets correctly, so what could be wrong? The last thing that we need to do is allow forwarding of traffic through our router’s firewall. To do that we can enter the following command at router R1’s command prompt:
root@OpenWrt:/# iptables -I FORWARD -j ACCEPT
Once done, our virtual PCs should now be able to communicate with each other. Let’s test again. At PC1 type:
PC1> ping 192.168.2.1
84 bytes from 192.168.2.1 icmp_seq=1 ttl=64 time=0.328 ms
84 bytes from 192.168.2.1 icmp_seq=2 ttl=64 time=0.384 ms
84 bytes from 192.168.2.1 icmp_seq=3 ttl=64 time=0.724 ms
84 bytes from 192.168.2.1 icmp_seq=4 ttl=64 time=0.380 ms
84 bytes from 192.168.2.1 icmp_seq=5 ttl=64 time=0.923 ms
Great, PC1 can ping PC2. Let’s test in the opposite direction. Ping PC1 from PC2:
PC2> ping 192.168.1.2
84 bytes from 192.168.1.2 icmp_seq=1 ttl=63 time=0.498 ms
84 bytes from 192.168.1.2 icmp_seq=2 ttl=63 time=0.561 ms
84 bytes from 192.168.1.2 icmp_seq=3 ttl=63 time=0.596 ms
84 bytes from 192.168.1.2 icmp_seq=4 ttl=63 time=0.633 ms
84 bytes from 192.168.1.2 icmp_seq=5 ttl=63 time=0.587 ms
Success! We now have a virtual PC on each of two separate subnets with a router configured to forward traffic between those subnets.
At this point, you now have everything you need to really begin experimenting with subnetting. You can change the network addresses and subnet masks to something other than a /24 network, add additional PCs, and even add an additional subnet on router interface eth3. I encourage you to use this playground to experiment with a wide range of scenarios. See what works and what doesn’t. Break things and then put them back together. Have fun and I hope you found this tutorial useful. In future posts we will take this further and set up DHCP, connect to the Internet, and more.