I can download the .deb package of bridge-utils on the host the copy it to UML folder together with the libs.

on the host, I use -d option for apt-get to download the package

vic@vicubuntu:~$ sudo apt-get -d install bridge-utils 
[sudo] password for vic: 
Reading package lists... Done
Building dependency tree       
Reading state information... Done
The following packages were automatically installed and are no longer required:
  linux-headers-2.6.32-24 linux-headers-2.6.32-24-generic
Use 'apt-get autoremove' to remove them.
The following NEW packages will be installed:
  bridge-utils
0 upgraded, 1 newly installed, 0 to remove and 9 not upgraded.
5 not fully installed or removed.
Need to get 32.6kB of archives.
After this operation, 205kB of additional disk space will be used.
Get:1 http://nl.archive.ubuntu.com/ubuntu/ lucid/main bridge-utils 1.4-5ubuntu2 [32.6kB]
Fetched 32.6kB in 0s (1,164kB/s)
Download complete and in download only mode

Next step is to extract it.

#extract the contents of the package
vic@vicubuntu:~/Downloads/bridge-utils$ dpkg -x /var/cache/apt/archives/bridge-utils_1.4-5ubuntu2_i386.deb ./
#ls what we got from the package
vic@vicubuntu:~/Downloads/bridge-utils$ ls
etc  lib  usr
#copy the binary file to UML
vic@vicubuntu:~/Downloads/bridge-utils$ cp usr/sbin/brctl ~/uml/bin/
 
#check the dependencies on the lib files
vic@vicubuntu:~/Downloads/bridge-utils$ ldd usr/sbin/brctl 
	linux-gate.so.1 =>  (0x001c2000)
	libc.so.6 => /lib/tls/i686/cmov/libc.so.6 (0x007b1000)
	/lib/ld-linux.so.2 (0x0055e000)

As we copied all the necessaries already in the previous assignment, I do not have to copy them again.

I mount the modules on the host to the UML instance. This provide full module support to the UML instances. I do not have to cp all the modules files, I can directly use them from the mount point /lib/modules/

mount -t hostfs none /lib/modules/ -o /usr/lib/uml/modules
modprobe bridge

It, however, unexpectedly gave an error. See below please.

The busybox will capture all the command and try to execute it which will run the busybox version of brctl. We do not want that as normal brctl provides more function and we do need them in our assignment. There are two ways to go around

• use dash instead of bash/sh
• use hard reference

I copy the normal brctl to /bin/ in the UML instance and use hard link in my rcS

I try to start a bridge but get the following error on UML instance.

/ # modprobe bridge
bridge: Unknown symbol llc_mac_hdr_init
bridge: Unknown symbol stp_proto_register
bridge: Unknown symbol stp_proto_unregister

I am sure every module is copied to UML instance and the module folder of host is mounted through hostfs into UML instance.

# lsmod
bridge 40934 0 - Live 0x0a8fa000
stp 1116 1 bridge, Live 0x0a8e3000
llc 2785 2 bridge,stp, Live 0x0a8da000

Searched a lot on the internet but no help. After consult with Cosmin, he told me that the dependency check of busybox while loading module is not properly done. so I have to manually load llc first, secondly stp then bridge, this will remove the error. The bridge still works without this change, but it makes it more neat.

During the startup of tcpdump we have to log everything. So the sniffers should be the first thing to boot directly after the uml_switches.

If we want to see the captured file, we can use -xx -vv options. With the help of them we can have more verbose and human-readable output.

To be able to, and easily know where one specific packet come from, we can “mark” it with MAC address.

For example:

• I gave bridge 1 a specified MAC address: AA:BB:CC:DD:01:AA
• And for the interfaces on that bridge: AA:BB:CC:DD:01:01

With this setting I can see clear where does one packet come from

configuration file of network 1

#!/bin/sh
 
#start switches in hub mode first
./netstart start hub sw1
./netstart start hub sw2
 
#start sniffers
./netstart start sniffer sniffer1 sw1
./netstart start sniffer sniffer2 sw2
 
#start hosts
./netstart start host host1 sw1 192.168.0.1 255.255.255.0 192.168.0.255
./netstart start host host2 sw2 192.168.0.2 255.255.255.0 192.168.0.255
 
#start bridges
./netstart start bridge br1 aa:bb:cc:dd:01:aa aa:bb:cc:dd:01:01 sw1 aa:bb:cc:dd:01:02 sw2
./netstart start bridge br2 aa:bb:cc:dd:02:aa aa:bb:cc:dd:02:01 sw1 aa:bb:cc:dd:02:02 sw2
./netstart start bridge br3 aa:bb:cc:dd:03:aa aa:bb:cc:dd:03:01 sw1 aa:bb:cc:dd:03:02 sw2

This setup starts the hubs first, then the sniffers. This will make sure that the initial activities of the network will also be captured. I let it run for a while and scp the dump files. For detailed analysis, please see the answers.

#!/bin/sh
 
#start switches in hub mode first
./netstart start hub sw1
./netstart start hub sw2
./netstart start hub sw3
./netstart start hub sw4
./netstart start hub sw5
./netstart start hub sw6
 
#start sniffers
./netstart start sniffer sniffer1 sw1
./netstart start sniffer sniffer2 sw2
./netstart start sniffer sniffer3 sw3
./netstart start sniffer cores4 sw4
./netstart start sniffer cores5 sw5
./netstart start sniffer cores6 sw6
 
#start hosts
./netstart start host host1 sw1 192.168.0.1 255.255.255.0 192.168.0.255
./netstart start host host2 sw2 192.168.0.2 255.255.255.0 192.168.0.255
./netstart start host host3 sw3 192.168.0.3 255.255.255.0 192.168.0.255
 
#start bridges
./netstart start bridge br1 aa:bb:cc:dd:01:aa aa:bb:cc:dd:01:01 sw1 aa:bb:cc:dd:01:02 sw4 aa:bb:cc:dd:01:03 sw6
./netstart start bridge br2 aa:bb:cc:dd:02:aa aa:bb:cc:dd:02:01 sw2 aa:bb:cc:dd:02:02 sw4 aa:bb:cc:dd:02:03 sw5
./netstart start bridge br3 aa:bb:cc:dd:03:aa aa:bb:cc:dd:03:01 sw3 aa:bb:cc:dd:03:02 sw5 aa:bb:cc:dd:03:03 sw6

This setup starts 6 hubs, 3 as core switch which connect bridges, 3 as access switch connect hosts to bridges. For detailed analysis see the answers please.