Remote Laboratory for Computer Networks
Ladislav Balik, Josef Horalek, Vladimir Sobeslav and Ondrej Hornig
Faculty of Informatics and Management, University of Hradec Králové,
Rokitanského 62, 50003, Hradec Králové, Czech Republic
Keywords: Education, Remote Lab, Cisco Certified Network Professional, Access to Hardware, Network Architecture
and Design.
Abstract: The article introduces the reasons for realisation of the remote laboratory of computer networks which
originate from the comparisons of the alternatives of working with the specialised networking hardware.
These use the principle of virtualisation or simulation of such devices as an alternative for obtaining
competencies from the area of computer networks. Due to this reason, this article discusses other technical
solutions and the analysis of usability of such solutions is conducted. For a maximal efficiency of the
networking hardware utilization in laboratories it is necessary to make it fully available for students which
is the 24/7 regime. This option can be executed using secure technologies and protocols for distant
accessing of laboratory hardware. This solution, which is based on using console controllers and single
utility interface, is introduced and described in detail in the following paragraphs. Moreover, from the
analysis of the pilot operation of remote access to the laboratory equipment of the networking laboratory,
suggestions for improvement of the current solution and its usage in fully working condition – access to a
greater number of students in unlimited regime – can be obtained.
1 INTRODUCTION
As the reason of the education strategy of the
Informatics and Management Faculty of the Hradec
Kralove University, which is particularly focused on
the practical usage of learning, the Cisco
Networking Academy programme was incorporated
in bachelor courses called Applied Informatics and
Information Management in 2007. Four basic
modules Introduction to Networks, Routing and
Switching Essentials, Scaling Networks and
Connecting Networks are included in the
educational process. These modules form the basic
elements of the so called Cisco Certified Network
Associate (CCNA). In order to enable the teaching
of these subjects, it is necessary to have a
professionally equipped computer network
laboratory with elements, such as Cisco 2801 and
2911 routers and Cisco Catalyst 2960 and 3560
switches. This equipment is essential for execution
of above mentioned courses. Students can use these
elements when working on laboratory tasks within
the practical exercises in subjects of Computer
Networks I to IV.
This set of basic courses is followed by more
advanced and complex subjects, which go into a
much greater detail in many related areas and are
called collectively Cisco Certified Network
Professional (CCNP). This course contains (Odom,
2010) Cisco CCNP ROUTE: Implementing IP
Routing, (Hucaby, 2010) Cisco CCNP SWITCH:
Implementing IP Switching and (Wallace, 2010)
Cisco CCNP TSHOOT: Maintaining and
Troubleshooting IP Networks. These courses are
very specialised and difficult for lecturers and
students that they cannot be incorporated into a
standard education on a bachelor or magister level
and are therefore taught in specialized lectures once
per two years. The profound knowledge of
theoretical concepts of such matters is required, as
well as practical skills of students who need to be
able to solve within timely laboratory exercises
(Browning and Tafa, 2011) the specific
configurations and problems on professional
network elements that are often used in a job
environment. The common solution of one task
would take one student even more than 4 hours
which means that even with sufficient hardware
equipment of the laboratory at the faculty, it is often
difficult to compensate students the lack of time for
solution of such tasks. This is either due to the lack
28
Balik L., Horalek J., Sobeslav V. and Hornig O..
Remote Laboratory for Computer Networks.
DOI: 10.5220/0005113600280035
In Proceedings of the 5th International Conference on Data Communication Networking (DCNET-2014), pages 28-35
ISBN: 978-989-758-042-0
Copyright
c
2014 SCITEPRESS (Science and Technology Publications, Lda.)
of time that the student has or lack of the reserved
time for access of the laboratory.
Especially the above mentioned restrictions of
physical access to the specialised equipment was one
of the main reasons for the suggestion to the
execution of remote access to the individual
elements and in this way enable the solution of
assigned tasks independently of the physical
presence of the student in the laboratory. The
implementation of this distant access for students
would enable the teaching of above mentioned
courses more frequently than once per two year and
also it would enable distant education of such
courses using e-learning tools. This solution also
uses individual physical topologies in terms of the
taught course where the specification is based on the
specialised software configurations of individual
elements and not on the physical connection. This
represents the solution to problems in real life on the
basis of hierarchical network design model.
2 USE OF REMOTE
LABORATORY FOR
EDUCATION
There are many scientific research and educational
institutions which are engaged in the suggestion and
solution of distant laboratories, not only in the Czech
Republic. The common view on the issue of using
distant laboratories and their usage for educational
purposes is presented by Barrios, A (2013) who
namely introduces the structure and accesses of the
distant laboratories systems and their
interconnection with Learning Management
Systems. The specific solution for using PLC
devices is suggested in the article of Chen, X and
Gao, H (2012) which also focuses on specifications
of distant access to hardware tools of PLC systems.
Similar characteristics should be taken into account
when finding the solution for access to the computer
network laboratories which is aimed at enabling the
access to the built physical network topology in the
area of Cisco Certified Network Professional
certification to students.
2.1 Secondary Access
The teaching of computer networks at the
universities requires, even for the basic
understanding of the given topic, a complex study
access including the opportunities for checking the
obtained theoretical knowledge on practical
examples. In this way, the student’s competencies
can be expanded. The learning of specifications and
protocols cannot replace the practical part of the
subject which is the previously mentioned
configuration of real devices in a tangible topology,
ideally with a maximum of real data traffic.
As Bodnarova, A. (2010) presents, in the case
when there are no suitable specialised hardware
tools for individual teaching, for example in the
home setting, it is possible to use simulation or
virtual tools. One of the simulation tools is for
example Cisco Packet Tracer by Cisco Systems
(2104), a proprietary simulation tool for students of
the Cisco Networking Academy. The disadvantage
of such solution is how abstract the real behaviour of
the system is. This can further result in
misinterpretation of results. However, it is simply to
develop such tools and run them even on basic
computer systems due to the fact that they can be
used by beginners.
The virtual tools can closer simulate the
behaviour of the network device system. However,
there are serious problems with licencing of the
active elements of operation systems and with high
power overload which can generate these devices.
One of such devices is for example a freely available
virtual tool GNS3 by GNS3 (2014) or IOU as
described by Route Reflector (2014).
If the mentioned disadvantages of both
approaches should be avoided, it is necessary to
compromise and work on real devices which are the
only ones that can provide authentic response and
realistic (predictable) behaviour. The local
connection to the device is usually not the main
problem as it can be accessed by standardised
protocols, such as telnet or SSH.
However, when not working from the home
environment or university environment, but during
the home studying, it can be difficult to optimally
allocate hardware resources in a way to serve the
highest number of students without collisions. Our
introduced solution was able to solve this problem to
a certain extent and the way in which it was done is
presented below.
2.2 Remote Lab Concepts
The purpose of the introduced solution was to create
a system for distant access to the specialised
network hardware within the previously built
physical topology. The philosophy of the pilot
project originates from the sample laboratory
exercises of the course (Wallace, 2010) CCNP
TSHOOT which are used for practical verification of
RemoteLaboratoryforComputerNetworks
29
obtained competencies in the area of advanced
computer networks.
The specification of these tasks is that they are
executed in one physical topology which is
represented in Fig. 1 and is used for various types of
configurations and detection of hidden problems in
realised network. Three routers Cisco 2801, Cisco
2911, two L3 distribution layer switches Cisco
Catalyst 3560 and one access switch Cisco Catalyst
2960 are used here.
A student can request a reservation for specific
time for his/hers training and the correction of
his/hers knowledge in practical tasks where he/she
can choose the particular topic whose pre-
configurations are then automatically recorded on
the single network elements. Three identical logical
topologies which are mutually interconnected (as is
described below) are available in the pilot operation.
A student can, according to the difficulty of the
chosen task, work on one to three topologies
simultaneously or up to three students can work
concurrently or independently of each other. In the
same time, a student has the choice of ten different
laboratory tasks which cover the most important
topics of the above mentioned course.
R1
R2 R3
DLS1L3 DLS2L3
ALS1L2
Figure 1: The basic scheme of physical labs topology.
2.3 Remote Lab Structure
The system of the remote lab can be divided into
three basic block components, as is shown on the
Fig. 2. The first basic component is the virtual server
which takes care of the maintenance of the actual
remote lab and provides tool for automatic task
deployment. The second component is the console
server that enables the distant access to the
individual devices. The final element is the
specialised network hardware and virtual end
stations.
Virtual sever
Console sever
Network hardware
Figure 2: Block diagram of a remote lab.
2.3.1 Virtual Server
The virtual server is the first basic block component
and represents the virtual server Linux Debian that is
virtualised on VMware ESXi 5.1 on which are run
several basic services for ensuring the operation of
the laboratory. Firstly, this server provides the
platform for verification of users on the basis of
RADIUS protocol. Moreover, it is intended for
possible controlling of the access of individual
students to the infrastructure of the remote lab. The
database MySQL, in which the registration details of
individual users of the remote lab are saved, is used
as the data platform for RADIUS tool. The server
also provides the web-interface for operation of the
laboratory and networking devices management.
The internet application also offers tools for
planning the access to virtual laboratory. The
calendar displays the specific detail about when the
DCNET2014-InternationalConferenceonDataCommunicationNetworking
30
virtual laboratory is fully-utilised and when it is free
for possible reservation. The admin, who is the
lecturer, has the option to add new users, that ought
to have a beforehand approved time-slot to access
the infrastructure, to the RADIUS database server
according to the students’ requests.
Working with the distant laboratory requires
maintenance of the individual devices in order to
always create a new original configuration for each
student. This involves the deletion of the
configuration after each student’s session, as well as
the recording of the new chosen configuration before
another student starts his/hers session. The system
offers this function using the beforehand prepared
service package of commands (script). These are run
manually on the basis of creating and ending the
individual sessions. The system uses the connection
through SSH protocol on the console server in the
same way as the actual distant access to the
laboratory and it maintains the individual devices
through this console connection.
2.3.2 Console Server
The console server enables the necessary distant
access to individual devices which is not dependent
on the actual topology of the remote lab. However,
the usage of the standard access through the
protocols telnet or SSH can create a problem for the
running of such networking laboratory. Any
unthoughtful or wrongly configured change of the
topology can cause unavailability of a certain
network segment and the access to the devices could
be only obtained through a physical connection of a
serial link.
In our introduced and realised solution of the
remote lab connection the serial routes of individual
devices are connected to the console server. This
server is further attached using the IP protocol to the
university network, namely Internet, where it
functions as a SSH server. The user, who wishes to
access the given network device, is able to connect
to the console server using the SSH protocol from
anywhere at the university. On the basis of the given
port, the user is then connected through the SSH
connection directly to the console port of the
particular network device. This is the way in which
the access to the network device, that is independent
of the actual topology of the remote lab, is assured.
The access to the devices through the console is
in certain cases necessary even for the laboratory
practices. One of the examples can be the situation
when the student connects to the bootloader device
with the purpose to re-gain the access after
forgetting his/hers password. This can also be the
situation related to the maintaining server if the
student does not follow the set convention for using
passwords during the laboratory practices.
2.4 Network Devices of the Laboratory
The individual network device of the laboratory is
composed in the pilot operation of elements which
are intended for practicing laboratory tasks of the
course CCNP TSHOOT. Specifically, these
elements include routers Cisco 2801 and 2911 and
switches Cisco Catalyst 2960 and 3560. These are
connected into single-type topology which is used
across the whole course CCNP TSHOOT and can be
also applied for practicing of some of the topologies
which are to be found in the CCNP Routing and
Switching lectures.
In order to use the distant laboratory, the
topology is enlarged to enable the broadest usage of
the employed network device. Topology must offer
students full-value in terms of its working, in the
same way as if the students were physically present
in the laboratory and the sufficient modularity for
testing of own examples of different types. An
important characteristic of the suggested solution is
the independency from the specific network
elements as the console access is in the enterprise of
the network devices used as the standard. Therefore
this solution is easily scalable.
Networking devices can be replaced by new
ones, or expanded up to number of console ports,
that can be handled by a console terminal. The use
Figure 3: Interconnection between remote laboratory and
public network.
Internet
Management
s
erver
Virtual PC
_Ethernet
connections_
Console
terminal
controller
Virtual
PC switch
Remotelab
topology
Console
links
Internet
distribution
switch
RemoteLaboratoryforComputerNetworks
31
of multiple console terminal controllers is possible
and the management server is able to handle up to
50+ networking devices.
The basic CCNP TSHOOT exercises (topology)
were expanded by multiple end stations. These are
created as virtual devices connected into the network
topology of the distant laboratory, as well as into the
laboratory infrastructure as shown in the Fig. 3. The
virtual end stations are currently utilised using
Windows XP operating system which is adjusted to
minimise the demand on the hardware.
Instead of Windows XP system, it is of course
possible to use some other undemanding Linux
distributions, such as Puppy Linux or a system
without the graphic interface. Windows XP system
can be used in this case because for most students it
represents a common environment and therefore,
students can fully concentrate on the
accomplishment of their tasks without having to
solve specification of the configurations in Linux
systems. Using Remote Desktop Protocol (RDP),
students can in this way distantly access devices
which function as the local guests in the laboratory
network and in the same way as in the case of using
console server are available independently on the
actual configuration of the laboratory topology.
Another broadening of the former CCNP
TSHOOT topology is conducted by the addition of
elements from wireless networks. Examples of these
are the wireless controller and some centrally-
controlled Wi-Fi access points. In this way, it is
possible to use the distant laboratory for testing
network technologies which go beyond the CCNP
Routing and Switching course and are not usually
taught at FIM UHK. Therefore, it is also possible to
prepare students for courses which belong to the
Wireless family.
The last consistent solution of the topology is the
usage of Cisco Advanced Security Appliance (ASA)
elements. These offer students the platform for
testing configurations with the focus on the security
of enterprise networks. Among these can be found
the IPS technologies which follow the data running
in real time or the possibility to work with powerful
point-to-point and point-to-multipoint VPN tunnels.
The actual modularity of the network topology,
shown in the Fig. 4., of the distant laboratory is built
on the connection of multiple basic topologies
CCNP TSHOOT. In the pilot operation three basic
topologies enlarged by the wireless device of the
virtual end station are connected. It is possible to use
these links between individual topologies for
simulation in larger networks and they also enable to
create complex tasks which can be solved in student
teams. This topology was chosen because CCNP
TSHOOT course covers topics of both preceding
CCNP Route and CCNP Switch and is therefore
most universally usable. Interconnection of the
topologies and overall size of the remote laboratory
is a result of an effort to fully utilize the devices and
the amount of devices available.
In order to solve specific problems, for example
when finding the correct solution for graduate tasks,
it is possible to create an entirely different topology.
This requirement demands physical modification of
Figure 4: Remote lab topology – interconnection of three isolated CCNP TSHOOT topologies.
DCNET2014-InternationalConferenceonDataCommunicationNetworking
32
the former topology, but the actual topology still
enables a broad selection of simulations (i.e.
dynamic routing protocol adjustments, L2
redundancy simulations). These specific problems
usually require a lot of time and in ordinary
functioning of the laboratory even a few students
would fill up the capacity of the laboratory. Due to
the operation of the distant laboratory, it is possible
to add links to the current topology which will be
normally turned off, unless they are defined for
solving problems in advance. Students who would
work on complex problems can solve the problem in
a longer time scale during which they gradually
create the configuration which can be backed up and
reloaded again in the different sessions.
3 EVALUATION OF THE PILOT
OPERATION
The used system of the distant access to the
laboratory equipment is currently employed in the
pilot operation and tested for stability and reliability
of accesses. The significant advantage is the
utilisation of Remote lab controllers which provides
reliable connection with configuration interface of
individual elements, as well as it standardly uses the
special interface of the console for serial
communication. Moreover, remote lab controllers
also communicate with Linux server on which are
Network Policy Server RADIUS and MySQL
database, as well as management application, as
described above.
Before connecting remote lab to the educational
process of the faculty, it was not possible to use the
devices during the lecturers in the laboratory. This
presents approximately 6 hours a day during the
work days. Furthermore, it was also impossible to
access the elements during the hours when the
university was closed, which was not a problem
during the semester, but mainly during holidays. The
physical work in the laboratory also requires the
supervision of one of the lecturers or admins of the
lecture room. It was possible to eliminate these
disadvantages by introducing this system of the
distant access to the network elements. Under the
pilot operation, a group of students is preparing for
the CCNP Route certificate and uses the services of
the laboratory during the time when the access is
physically unfeasible. On the basis of the messages
from the Syslog server, the distant laboratory is used
on average 8 hours a day, including weekends.
Based on the student’s feedback, they sometimes
miss immediate lecturer assistance, such as in
standard courses. Overall student’s feedback is
positive, mainly because of the amount of time,
when they can work on the topology and practice
their skills. It is sometimes also their only possibility
to go through the course, so it is highly valued by
the students.
The disadvantage of the current solution is the
necessity of administration by lecturer who must
manually enable the time-slot of the chosen
laboratory task using the special web-interface. This
is where the disadvantage of the pilot operation is
obvious and it is therefore necessary cooperate with
university information systems, especially with
directory services, namely the implementation of
LDAP address services which opens up the
opportunities for full automation of the time-slot
reservation of individual elements (whole laboratory
tasks). This automation offers the possibility of
automatic choice of the type and level of the
laboratory task which the lecturer must set for the
current configuration during the time-slot
reservation of the device.
The current solution still cannot fully simulate
the conditions of the production computer network.
This is due to the fact that the laboratory network
still is not in the realistic operation on individual
links. In order to eliminate this disadvantage, one of
the possibilities is to broaden the topology by
generators of network operation. These can function
as a specialised hardware or another option is to use
one of the open source tools in form of another PC,
such as BackTrack Linux.
4 CONCLUSIONS
The realisation of the distant access to hardware
device and automatic pre-configuration of elements
for individual laboratory tasks seems to be an ideal
option for effective usage of specialised network
elements. This approach enables not only to broaden
the possibilities for highly specialised education
within the CCNP course, but also the possibility for
distance learning at FIM UHK. After the expansion
and interconnection of current model with
authentication systems of the university, it will be
possible to use the laboratory equipment even for
more complex tasks in courses within the computer
network III and IV which currently cannot be
realised (other than for practice with lecturer) due to
the time limit on access to the laboratory. On the
basis of the experiences gained from the pilot
operation, this platform can become an essential part
RemoteLaboratoryforComputerNetworks
33
of the education tools in various levels of teaching at
FIM UHK. Another important advantage of the
remote lab would be the possibility to use it for final
academic works which are much more practically
oriented because of the emphasis on team work and
practical usage. Due to the distant access, the
opportunities for effective usage of laboratory
equipment at FIM UHK are significantly improving.
ACKNOWLEDGEMENTS
This work and contribution is supported by the
project of the European Operational Programme
Education for Competitiveness project
CZ.1.07/2.3.00/45.0014 and by the project No. CZ.
1.07/2.2.00/28.0327 Innovation and support of
doctoral study program (INDOP), financed from EU
and Czech Republic funds.
This work and the contribution were supported
by project “SP/2014/05 – Smart Solutions for
Ubiquitous Computing Environments” from
University of Hradec Kralove.
REFERENCES
Barrios, A, et. al., 2013. A multi-user remote academic
laboratory system, In Computers & Education,
Volume 62, Pages 111-122, ISSN 0360-1315.
Bodnarova, A., et. al., 2010. Virtual and Virtualization
Technologies in Computer Networks Education.
European conference of communications (ECCOM
'10), Greece: NAUN, 2010, no. 50. ISSN 978-960-
474-250-9.
Browning, P., Tafa, F.,2011 . 101 labs for the Cisco
CCNP exams: hands on practical labs for the Cisco
CCNP exams. Milton Keynes [England]: Reality
Press. ISBN 978-095-6989-208.
Cisco Systems, 2014. Cisco Packet Tracer – Networking
Academy. [online] Available at
<https://www.netacad.com/web/about-us/cisco-
packet-tracer> [Accessed 13 February 2014].
GNS3, 2014. Graphical Network Simulator – GNS3
[online] Available at < http://www.gns3.net/>
[Accessed 13 February 2014].
Hucaby, D. , 2010. CCNP SWITCH 642-813 official
certification guide. Indianapolis: Cisco Press, ISBN
978-1-58720-243-8.
Odom, W., 2010. CCNP Route 642-902 official
certification guide. Indianapolis: Cisco Press, ISBN
978-1-58720-253-7.
Chen, X, Gao, H., 2012. A Remote PLC Laboratory
Design and Realization, In Procedia Engineering,
Volume 31, ISSN 1877-7058.
Route Reflector, 2014. Cisco IOU Web Interface | Route
Reflector [online] Available at
http://www.routereflector.com/en/cisco/cisco-iou-web-
interface/> [Accessed 13 February 2014].
Wallace, K., 2010. CCNP TSHOOT 642-832 official
certification guide. Indianapolis: Cisco Press, ISBN
9781587058448.
DCNET2014-InternationalConferenceonDataCommunicationNetworking
34
RemoteLaboratoryforComputerNetworks
35
