CN LAB MANUAL

EXPERIMENT-1

To run all the above commands, we need to install the following command first:

1. ifconfig— Interface configurator.

ifconfig (interface configuration) command is used to configure the kernel-resident network interfaces.

 It is used at the boot time to set up the interfaces as necessary.

 After that, it is usually used when needed during debugging or when you need system tuning.

 Also, this command is used to assign the IP address and netmask to an interface or to enable or

disable a given interface.

Syntax: ifconfig
 Displays information about all network interfaces currently in operation. The output resembles the

following:
Here, enp0s3, lo are the names of the active network interfaces on the system.

 enp0s3is the first Ethernet interface. This type of interface is usually a NIC connected to the network
by a category 5 cable.
 lo is the loopback interface. This is a special network interface that the system uses to communicate
with itself.

Syntax: ifconfig [interface] [options]

Viewing the configuration of all interfaces
If you'd like to view the configuration of all network interfaces on the system (not just the ones that are
currently active), you can specify the -a option, like this:

This produces output similar to running ifconfig, but if there are any inactive interfaces on the system, their
configuration is also shown.
Viewing the configuration of a specific interface
To view the configuration of a specific interface, specify its name as an option. For instance,

 Displays the configuration of device enp0s3 only.

  Displays the configuration of device lo only.
Enabling and disabling an interface
 When a network interface is active, it can send and receive data; when it is inactive, it is not able to
transmit or receive. You can use ifconfig to change the status of a network interface from inactive to
active, or vice versa.
 To enable an inactive interface, provide ifconfig with the interface name followed by the
keyword up.
 Enabling or disabling a device requires superuser permissions, so you either have to be logged in as
root, or prefix your command with sudo to run it with superuser privileges.
 you can disable an active network interface using the down keyword.

 if network interface enp0s3 is inactive, you can activate it with the command:

Ifconfig –s : Display a short list

Different Options:

-a Display information for all network interfaces, even if they are down.
-s Display a short list in a format identical to the command "netstat -i".
-v Verbose mode; display additional information for certain error conditions.
interface The name of the interface. This is usually a driver name followed by a unit
number, for example "eth0" for the first Ethernet interface. If your kernel
supports alias interfaces, you can specify them with eth0:0 for the first alias
of eth0. You can use them to assign a second address. To delete an alias
interface, use ifconfig eth0:0 down. Note: for every scope (i.e., same net with
address/netmask combination) all aliases are deleted, if you delete the first
(primary).
up This flag causes the interface to be activated. It is implicitly specified if an
address is assigned to the interface.
down This flag causes the driver for this interface to be shut down.

2. netstat

 netstat ("network statistics") is a command-line tool that displays network connections (both
incoming and outgoing), routing tables, and many network interface (network interface controller or
software-defined network interface) and network protocol statistics. It is available on Unix-like
operating systems, including OS X, Linux, Solaris, and BSD, and on Windows NT-based operating
systems, including Windows XP, Windows Vista, Windows 7 and Windows 8.
 It is used for finding problems in the network and to determine the amount of traffic on the network
as a performance measurement.

Displays generic statistics about the network activity of the local system.
netstat –rn
 Displays the routing table for all IP addresses bound to the server.

The netstat -rn command in Unix-like operating systems displays the kernel routing table. Here's what
each part of the output typically represents:
Destination:
 The destination network or IP address. This column shows the network or IP address to which the route
corresponds.
 Each entry in the "Destination" column represents a network or IP address to which the system can
route packets. These destinations may be local networks or remote networks accessible via gateways.
The system uses this routing table to determine where to forward packets based on their destination IP
addresses.
Gateway:
 The IP address of the next hop or gateway through which packets should be sent to reach the
destination.
Genmask:
 The netmask associated with the destination network. It defines the network portion of the IP
address.
Flags:
 Additional flags associated with the route, such as U (route is up), G (route is to a gateway), H (target
is a host), and more.
Metric:
 The routing metric or cost associated with the route. It's used by the routing algorithm to determine
the best path to a destination.
Ref:
 The reference count for the route. It indicates how many routes are using the same route entry.
Use:
 The number of times the route has been used.
Iface:
 The network interface associated with the route. It specifies the outgoing interface used for sending
packets to the destination.
3. tcpdump:
 Tcpdump is a command line utility that allows you to capture and analyze network traffic going
through your system. It is often used to help troubleshoot network issues, as well as a security tool.
 Check whether tcpdump is installed on your system with the following command:

 If tcpdump is not installed, you can install it but using your distribution's package manager.

$ sudo dnf install -y tcpdump

 To begin, use the command tcpdump -D to see which interfaces are available for capture:

 In the example above, you can see all the interfaces available in my machine. The special interface
any allows capturing in any active interface.
Let's use it to start capturing some packets. Capture all packets in any interface by running this command:

Tcpdump continues to capture packets until it receives an interrupt signal. You can interrupt capturing by
pressing Ctrl+C.
To limit the number of packets captured and stop tcpdump, use the -c (for count) option:
  Tcpdump is capable of capturing and decoding many different protocols, such as TCP, UDP, ICMP,
and many more. let's explore the TCP packet.

 The first field, 13:29:41.429579, represents the timestamp of the received packet as per the local
clock.
 Next, IP represents the network layer protocol—in this case, IPv4. For IPv6 packets, the value is
IP6.
 The next field, is the source IP address and port. This is followed by the destination IP address
and port, represented by.
To filter packets based on protocol, specifying the protocol in the command line. For example, capture
ICMP packets only by using this command:
$ sudo tcpdump -i any -c5 icmp
$ sudo tcpdump -i any -c5 tcp
4. nslookup
 Nslookup enables users to look up the IP address of a domain or host on a network.
 The nslookup command can also perform a reverse lookup using an IP address to find the domain or
host associated with that IP address.

 nslookup mvsrec.edu.in: This is the command that you entered. It's asking the DNS (Domain Name
System) server to look up the IP address associated with the domain name "mvsrec.edu.in".
 Server: 127.0.0.53: This line indicates the DNS server that was used for the lookup. In this case, the
DNS server used is running locally on the machine, and its IP address is 127.0.0.53. The address
127.0.0.53 is a loopback address, commonly used for local testing and communication within the same
device.
 Address: 127.0.0.53#53: This line specifies the IP address and port number of the DNS server. In this
case, the IP address is again 127.0.0.53, and the port number is 53. Port 53 is the standard port for DNS
communication.
 Non-authoritative answer: This line indicates that the response being provided is not from an
authoritative DNS server for the domain "mvsrec.edu.in". Non-authoritative answers are typically
cached responses provided by DNS servers that have previously looked up the domain.
 Name: mvsrec.edu.in: This line confirms the domain name being looked up.
 Address: 43.255.154.67: This line provides the IP address associated with the domain name
"mvsrec.edu.in". In this case, the IP address is 43.255.154.67. This is the result of the DNS lookup,
showing the IP address to which the domain resolves.

MX records, or Mail Exchanger records, are an essential part of the email routing process. They specify
which server is responsible for handling mail for a particular domain.

Here’s how you can use nslookup to query MX records:

5. traceroute
 Traceroute is a Linux command-line utility used to trace the path network packets take from the source
to a destination host or IP address.
 Traceroute command performs its diagnostic magic by sending ICMP echo packets, also known as
ping packets, with increasing TTL (Time To Live) values. It initially starts with a TTL of 1, so the first
router receives the packet, decrements the TTL to 0, and drops the packet while sending an “ICMP
time exceeded” message back.
 Going forward, traceroute increments the TTL for each packet that it sends. This means the next router
that receives these packets then decrements the TTL down to 0 and then also returns the time-exceeded
message. This continues right up until the packet reaches the destination host being tested. Along the
way, traceroute records each hop and provides the hostname, IP address, and round-trip time for each
one.
 This maps out the path the packets take to reach the destination, giving us a better idea of the route
taken to get there. It identifies all routers in between, which can help pinpoint network latency and
bottlenecks, and sometimes even failed devices where the packet stops dead in its tracks.

Installing traceroute:
sudo apt install traceroute
1 _gateway (10.0.2.2) 2.405ms 2.382ms 2.363ms: This line indicates the first hop in the traceroute, which is
likely the gateway of your local network. Here's what each part of this line represents:
 1: Hop number.
 _gateway: The hostname of the first hop, which often represents your local router or gateway.
 (10.0.2.2): The IP address of the first hop.
 2.405ms 2.382ms 2.363ms: Three round-trip times (RTT) measured in milliseconds for packets
to travel from your computer to the first hop and back. These times indicate the latency
experienced during communication with the first hop.
 2 * * *: This line indicates the second hop. However, the asterisks (*) suggest that there was
no response from the second hop within the allotted time. This lack of response could be due
to various reasons, such as a firewall blocking ICMP (Internet Control Message Protocol)
packets, a misconfigured router, or network congestion.
 If the traceroute output continues with stars (*) until the maximum number of hops allowed (in
this case, 30), it indicates that the traceroute was unable to successfully reach the destination
within the specified number of hops.

Typical output:

6. FTP

 FTP (File Transfer Protocol) is a network protocol used for transferring files from one computer
system to another.

How to Use ftp Command in Linux

 The ftp command connects a computer system to a remote server using the FTP protocol. Once
connected, it also lets users transfer files between the local machine and the remote system, and manage
files and directories on the remote system.

Establish an FTP Connection

 To establish an FTP connection to a remote system, use the ftp command with the remote system's IP
address:

ftp [IP]

 For instance, connecting to a remote server with the IP address 192.168.100.9:

ftp 192.168.100.9
Log into the FTP Server

 Once you initiate a connection to a remote system using the ftp command, the FTP interface requires
you to enter a username and password to log in:

 Entering the required credentials logs you in and starts the FTP interface. In this example, we are
logging in as the phoenixnap user:

 The FTP interface is now active and ready to execute commands:

7. telnet
 A terminal emulation that lets users connect to a remote host or device using a telnet client, usually
over port 23.
 For example, typing telnet hostname connects a user to a hostname named hostname.
 Telnet lets users manage an account or device remotely. For example, a user may telnet into a computer
that hosts their website to manage their files remotely.
Note: Telnet is considered insecure because it transfers all data in clear text. If a user was sniffing a network,
they could grab your username and password as they were transmitted. Users concerned about transmitting
data securely should use SSH (secure shell) instead of telnet.
The primary use of the telnet command is to connect to a remote server. Here’s an example:
  In this example, we’re using telnet to connect to google.com on port 80, which is often used for
HTTP. The output shows that the connection was successful.
 This basic use of the telnet command is straightforward, but it’s also very powerful. By simply
changing the host and port, you can connect to a wide variety of servers and services.

 One of the most common uses of the telnet command is for network troubleshooting. For example,
you can use telnet to check if a specific port is open on a remote server.

In this example, we’re using telnet to connect to google.com on port 80. The output shows that the
connection was successful, which means the port is open.
 You can also use the telnet command to connect to a mail server and interact with it. This can be
useful for testing the server or diagnosing issues.

In this example, we’re using telnet to connect to smtp.gmail.com on port 25, which is the standard port for
SMTP. The output shows that the connection was successful and the server is ready to accept commands.

8. ping
Allows you to test the reachability of a host on an Internet Protocol (IP) network and to measure the round-
trip time for messages sent from the originating host to a destination computer.
To use the ping command in Linux, you simply type ‘ping’ followed by the IP address or domain name of
the server you want to test.

The complete syntax would be,

ping [option] domain_or_ip.

EXPERIMENT-2

Implement programs to illustrate socket programming using UDP and TCP

Introduction to Socket Programming:
 A socket is a software interface/communication endpoint that enables communication between
two computers over a network.
 It allows data to be exchanged between processes running on different hosts.
 Sockets are used extensively in network programming to establish connections, transmit data, and
receive data.
 Sockets can be implemented in C, C++, Java, Python etc.

Key features of sockets include:

 Endpoint Identification: A socket is identified by a combination of an IP address and a port number.
This combination uniquely identifies a communication endpoint on a network.
 Communication Protocols: Sockets can use various communication protocols such as Transmission
Control Protocol (TCP) or User Datagram Protocol (UDP). TCP provides reliable, connection-oriented
communication, while UDP offers faster, connectionless communication.
 Socket Types: There are different types of sockets, including stream sockets and datagram sockets.
Stream sockets provide a reliable, bidirectional, byte-stream communication channel, while datagram
sockets offer connectionless, unreliable communication using discrete messages.
 APIs: Sockets are typically used through programming interfaces provided by the operating system or
network libraries. These APIs allow developers to create, bind, connect, send, and receive data through
sockets.
 Applications: Sockets are widely used in various networked applications such as web browsers, email
clients, file transfer protocols, online gaming, and more. They enable processes running on different
computers to communicate and exchange data seamlessly over a network.

Berkley Sockets
 Berkeley sockets, also known as BSD sockets, are a programming interface for network socket
communication. They originated from the University of California, Berkeley, in the 1980s as part of
the Berkeley Software Distribution (BSD) UNIX operating system.
 Berkeley sockets provide a set of system calls, functions, and data structures for creating, configuring,
and managing network sockets in Unix-like operating systems.
 They offer a standardized interface for network programming, allowing developers to write networked
applications that can communicate over the Internet.