Lab #5

Two hosts, a DHCP/NAT router and a NAT cloud

The purpose of this lab is to show how end-systems attached to a private LAN can reach hosts in the public Internet by means of a NAT router.

NOTICE: this lab requires the GNS3 VM to instantiate a Docker container of a Linux-based DHCP server.

Preparation steps

Experiment steps

1. Recreate the following topology in GNS3. Choose the "GNS3 VM" server to instantiate all the devices of this lab.

2. When the devices are still inactive, right-click on the dhcp-nat-1 icon and select the Configure option.
3. Press Edit to modify the router's network configuration.
4. Modify the router's interfaces configuration as illustrated in the following picture.


 

5. Start all devices.
6. Open dhcp-nat-1 terminal and execute the start.sh script with the command:

./start.sh

7. Start capture on link connecting Switch1 to dhcp-nat-1.
8. Open PC1 terminal and execute the following command to configure PC1's NIC with an IP address obtained via DHCP:

ip dhcp

A sequence of DHCP messages (Discover, Offer, Request, Ack) is exchanged between PC1 and the DHCP server until an IP address (e.g. 192.168.30.6) is assigned to PC1.



9. In PC1 terminal execute the command to ping the external host on the public Internet at the IP address 8.8.8.8:

   ping 8.8.8.8

   and verify that answers are received.

Packet capture analysis

The picture below shows the packets captured by Wireshark running on the link connecting Switch1 to dhcp-nat-1 during ping.

The picture below shows the packets captured by Wireshark running on the link connecting dhcp-nat-1 to NAT1 during ping.

Notice that ICMP packets generated from PC1 (echo requests) have the IP source address translated from 192.168.30.6 into 192.168.122.109.
Conversely, incoming ICMP packets (echo replies) have the IP destination address translated fron 192.168.122.109 into 192.168.30.6

Copyright (c) 2024 - Roberto Canonico

Last updated: October 3, 2024 by Roberto Canonico