MAC and IP Routing

A simple demonstration with clients and routers to illustrate how IP and MAC addresses work together to route packets.

This demonstration is a part of my talk on MAC and IP Routing.

Network Topology

Setup

Some of the instructions are pertaining to a Windows base OS, but it should be easy to find similar instructions for other OSs online.

• Install Docker to simulate clients, routers and subnets.
  • More on Docker and Docker networking
• Install an X Server for GUI support.
  • NOTE: This step is optional. Please refer to the 'Working without an X Server' section if this step is not being done.
  • Instructions: Run GUI app in linux docker container on windows host
  • Change the DISPLAY environment variable in all the services in the compose.yaml file with the appropriate base OS' local IP address (as the article instructs).
  • Start the X Server. (Instructions are in the article above.)
• Navigate to the project root directory (mac-ip-routing).
• Build the custom Docker image with the name nhttpd (Networked HTTPd) from the Dockerfile.
  • Ensure that no existing image has the name nhttpd using the docker image ls command.
    • If an image with that name already exists, then either delete that image (docker image rm <image_id>) or change the image name in the command below and then in the the compose.yaml file as well.
  • Build Docker image: docker build . -t nhttpd
• Create and/or start containers and subnets
  • Ensure that no existing containers have the same names as the container_name field in all the services listed in the compose.yaml file using the command docker container ls.
    • If any containers have their names matching any of the names in the compose.yaml file, either delete the existing container (docker container rm <container_id>) or change the corresponding container_name field in the compose.yaml file.
  • Ensure that no existing networks have the same names as the name field in all the networks listed in the compose.yaml file using the command docker network ls.
    • If any networks have their names matching any of the names in the compose.yaml file, either delete the existing network (docker network rm <container_id>) or change the corresponding name field in the compose.yaml file.
  • Use Docker Compose (bundled with the default Docker installation) to create and/or start the clients and routers, and if required, to create the networks as well: docker compose up
  • If faced with Docker bugs and errors, please clear all containers (docker container rm node-a node-b node-c router-1 router-2 router-3) and networks (docker network rm net-1 net-2 net-3 net-4) before running docker compose up again.

Commands

On the Base Host Machine

Please run these commands in the project's root directory.

• All setup commands are listed above in the 'Setup' section.

• Docker commands

• List all running Docker containers

  $ docker container ls

• Go into Docker container and run Bash

  $ docker exec -it container_name bash

• Remove all containers and networks created for this demonstration

  $ sh clean-up.sh

In the Containers

• Packet capture

  NOTE:

  • Please run this command on all containers.
  • More on tcpdump

  $ tcpdump -envA -i any -w htdocs/file_name.pcap

• Packet analysis

  NOTE:

  • Please start the X Server before running this command for GUI support. Instructions are above in the 'Setup' section.
  • If this doesn't work, forget about the X Server and just use Wireshark on the base host machine. Please refer to the 'Working without an X Server' section below.
  • More on Wireshark

  $ wireshark htdocs/file_name.pcap

• List ARP cache

  $ arp -n

• Clear ARP cache

  $ ip -s -s neigh flush all

  _source

• List IP table

  $ ip route show table all

Working without an X Server

• Packet capture is done using tcpdump and its results are stored in file_name.pcap packet capture files in the /usr/local/apache2/htdocs directory if the commands in the 'In the Containers' section are followed.
• Wireshark is used to open those packet capture (.pcap) files to analyse them.
• The X Server is installed so that Docker can have GUI support to open Wireshark's GUI.
• Now if the X Server is not installed on the base host machine or is not working, then
  • Install Wireshark on the base host machine.
  • Open the packet capture files from each of the node or router directories in this project (Eg: ./node-a, etc.) in Wireshark
    • This is possible as these directories are mapped to the /usr/local/apache2/htdocs directory of each container.