I maintain a small collection of routers and switches that I can use to study various routing and switching configurations. Also I experiment here with botnets, packet shapers, security tools like Snort, Nessus, and so on.
This lab is isolated from the rest of my network, and also from the Internet so I can pretty much do anything I want without concern for running a vulnerable service or doing something that might be considered "illegal". Pretty much protecting myself from the bad guys and the good guys by only allowing traffic to come in, but no traffic to go out.
I started a collection of practice labs but have since found a lot of good sites on the web that already have better collections than I have time to make myself. I will keep dumping random labs in here anyway.
Tools (My tools are stored here)
ettcp - ettcp is based on the venerable ttcp application.ttcp allows measurement of network throughputover TCP or UDP, between two nodes. ettcp adds several useful features to ttcp, whileretaining bckwards compability.
ping+ - I got this tool from Dr. James Yu at DePaul University. It is free to use but please leave the names of the authors in the headers if you copy it.
perl/expect scripts - PERL is a classic language for UNIX admins to automate their tasks and I find it extremely useful when the expect module is added to it. I have written (and lost) quite a few of these scripts over the years. For example, here is a script that allows a log-in to a single device without having to do all the tedious intermediate steps. Cisco includes TCL ("tickle") as of 12.3T, you can read all about that here.
MC Hammer - Love the name, tool from Nortel that allows user to generate Multicast traffic. The link for download is Multicast Hammer
Other tools: tacacs+, ettercap
Equipment
netlab1
I keep a 1u Sun Sparc v100 running OpenBSD to serve various lab functions like Tacacs server, NTP server, TFTP server for backing up IOS images and router configurations, syslog server, etc.
remote power
You can remotely power the routers and switches up and down using the
web interface here. The login is "device" and
the password is "apc".
Cisco routers
Some of my router conifgurations are stored here. Most of them are stored in the /tftpboot directory on the netlab1 host. I've tried a
few times to document the connections between devices in a Visio drawing, but
things tend to change so often that they're quickly obsolete. My plan is to
eventually get the routers and switches set up in a configuration that matches
one of those popular lab "workbooks" and just leave it that way.
| Model | hostname | DRAM | Flash | IOS Version | local sw port | remote sw port | serial # |
|---|---|---|---|---|---|---|---|
| 2610 | R1 | 64MB | 16MB | (C2600-IK9O3S3-M), Version 12.3(26) | e0/0 | 11 | 9 |
| 2621 | R2 | 64MB | 8MB | (C2600-I-M), Version 12.1(4) | fa0/0,fa0/1 | 5,18 | 10 |
| 2621 | R3 | 64MB | 8MB | (C2600-I-M), Version 12.1(4) | fa0/0,fa0/1 | 8,10 | 11 |
| 2621 | R4 | 64MB | 16MB | (C2600-DS-M), Version 12.1(2) | fa0/0,fa0/1 | 14,16 | 12 |
| 2620 | R5 | 48MB | 16MB | (C2600-DS-M), Version 12.1(5)T10 | fa0/0 | 12 | 13 |
| 2621 | R6 | 64MB | 16MB | ||||
| 2501 | BB1 | 16MB | 16MB | 2 | 15 | ||
| 2501 | BB2 | 16MB | 16MB | 9 | 16 | ||
| 2522 | R9 (frame_switch) | 16MB | 16MB | e0 | 4 | 14 |
To connect to the console of one of the devices, look at the number in the "serial #" column. Telnet to labgate and then select portX, where X is the number from the column. For example, to connect to the console port of R1, telnet to labgate and then type "port9" and you will be connected to the console.
Also remember that you can Suspend the Telnet session by entering Ctrl-Shift-6 x So easy to use and remember, thanks Cisco! =]
Books
Network Diagrams
 |
An updated view of the lab network that includes the new PIX and remote power controller. I think this one is a bit easier to read, though it does not show any serial connections. |
 |
This is the current configuration for serial connections. It's here so it can be printed out and used to do labs. |
 |
This is the current configuration for ethernet connections. It's here so it can be printed out and used to do labs. |
 |
Here is a Visio diagram I did earlier this year that shows my whole network. This diagram does not show "everything" believe it or not since things are always changing around and you can't expect to track everything down to the last laptop and game machine these days when everything has an IP address, but it does hit the highlights. If I find the time I may do a smaller diagram that shows just the Network lab components. |
 |
This is a typical "Distance Learning Pod" at DePaul University in Chicago. Pod is the term they use for a single lab rack, I think they have 4 or 5 of these. Lucky me I get to spend all kinds of time doing labs on these racks =] |
Links
IOS AdventuresINE Blog
How to Download a Software Image to a Cisco 2600 via TFTP Using the tftpdnld ROMMON Command
D-ITG, Distributed Internet Traffic Generator
