A network is where you have two or more computers connected together and able to transfer data. The two main types of networks which exist in wired and wireless states: Wide Area Network (WAN) and Local Area Network (LAN). A LAN is a network which is confided to one building, A WAN can be seen a collection of LAN’s that are geographically displaced. The internet is a global WAN.
TCP/IP is the standard communication protocol for the internet. All systems connected to a network will use the TCP/IP Suite or Model to communicate to other systems in the outside world. The TCP/IP Model provides end to end connectivity specifying how data is formatted, addressed shipped, routed and delivered to its destination.
The Open Systems Interconnection Reference Model is the standard way in which computers communicate over a network. Consists of 7 layers
Application Layer - provides the user a means of viewing the data on the network - using telnet FTP HTTP or SMTP
Presentation Layer - transforms the data so that the application layer can use it, using MIME encoding, data compression and encryption, SSL and TLS
Session Layer - establishes links between network entities so that data can be transferred. TCP protocol
Transport Layer - provides reliable data transfer, ensuring data goes to the right place and in sequence, TCP, or UDP for speed no reliablitiy.
Network Layer - provides network routing and error reports in the transfer of data from source to destination, IP, ICMP
Data Link Layer - provides error checking on data from the physical layer for the safe transfer of data
Physical Layer - is the hardware from which data is passed through
The TCP/IP Model encompasses all layers of the OSI Model but groups them in four layers
Application Layer (includes presentation and session layers)
Transport Layer
Internet Layer (includes network layer)
Link Layer (includes physical and data link layer)
Data is passed from machine to machine over the network in the form a packets, The packet has a header and a body. TCP is the protocol for sending and receiving data over a computer network. Data is sent in packets of 64KB, checks are made to ensure that data has no errors and received in the correct order.
Basic Configuration on Linux box
Configure NIC using system-config-redhat - this can be configured during the initial stages of installation. The network configuration file is located in /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0 HWADDR=00:06:5B:F1:EF:82 BOOTPROTO=none ONBOOT=yes IPADDR= GATEWAY= NETMASK=
This will be loaded everything the system boots or when running ifup ifdown (device)
Network card can also be configured using ifconfig
ifconfig eth0 10.91.10.10 netmask 255.255.255.0
Dynamic Host Configuration Protocol - responsible for issuing computers on a network with IP addresses. Two types: static - same IP address all the time, dynamic - changes every time the computer boots up.
In Linux a program called DHCPD is used to run this service.
Below is an example of the configuration file required for static routes.
First we define the configuration information
default-lease-time 600;
max-lease-time 7200;
option subnet-mask 255.255.255.0;
option broadcast-address 192.168.1.255;
option routers 192.168.1.1;
option domain-name-servers 192.168.1.101, 192.168.1.1;
option domain-name "anandhacorp.net";
subnet 192.168.1.0 netmask 255.255.255.0 {
range 192.168.1.10 192.168.1.15;
}
Then define all the hosts either by ip address or hostname, the host MAC address is used as a unique identifier of the machine to issue it the IP address.
ddns-update-style ad-hoc;
host nausicaa {
option host-name "nausicaa.anandhacorp.net";
hardware ethernet 00:90:27:16:7B:3E;
fixed-address 192.168.1.101;
}
to start dhcpd
/etc/init.d/dhcpd start
Berkeley Internet Name Daemon acts as the DNS on the Linux operating system. DNS is the standard protocol used to map domain names to an IP address, to make the host easier to access.
Each DNS server is a tree in the whole in the domain space, individual trees can have seperate zones - administrators can decide which of these zones can be seen and accessed by servers in other trees in the domain space.
For name resolution /etc/hosts and /etc/resolv.conf files are involved. Ensure all main servers are located in the /etc/hosts file, and /etc/resolv.conf should have all the name servers and the searching domain name.
Named.conf - is the main configuration file where you define what role the DNS will have.
options {
directory "/var/named";
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;
forward only;
};
At a bare minimal the directory has to be defined. Other options like forwarding and allow transfer depends on what type of network you run - standalone DNS or slave DNS
allow-transfer { local_net; };
allow-transfer { 192.168.2.12; };
allow-notify { 192.168.2.12; };
transfer-format many-answers;
zone-statistics yes;
controls
inet 192.168.2.4 allow { 192.168.2.4; } keys { shrek_key; };
};
zone "anandhacorp.net"{
type master;
file "pz/anandhacorp.net";
notify yes;
};
zone "1.168.192.in-addr.arpa"
type master;
file "pz/192.168.1.101";
notify yes;
};
zone "0.0.127.in-addr.arpa"{
type master;
file "named.local";
allow-update { none; };
The in-addr-arpa is used to convert 32 bit numeric IP address back to domain name. This is our reserve lookup zone. the zone file for anandhacorp.net
anandhacorp.net. IN SOA nausicaa.anandhcorp.net. nausicaa.anandhacorp.net. ( 26002 ; serial 86400 ; refresh 7200 ; retry 1209600 ; expire 604800 ) ; default_ttl ; ; Name servers for the domain ; IN NS nausicaa.anandhacorp.net. ; ; Mail server for domain ; IN MX 5 mail ; ; Nodes in domain ; nausicaa IN A 192.168.1.101 andromida IN A 192.168.1.100
Aliases to existing nodes in domain ;
www IN CNAME nausicaa ftp IN CNAME nausicaa the zone file for 1.168.192.in-addr.arpa $TTL 604800 @ IN SOA nausicaa.anandhacorp.net. nausicaa.anandhacorp.net. 26008 ; serial 86400 ; refresh 7200 ; retry 1209600 ; expire 604800 ) ; default_ttl ; ; Name servers for the domain
IN NS nausicaa.anandhacorp.net. ; ; Mail server for domain ; IN MX 5 mail ; ; Nodes in domain ; 101 IN PTR nausicaa.anandhacorp.net. 100 IN PTR andromida.anandhcorp.net.
serial:updated each time changes are made Never greater than 2147483647 for a 32 bit processor.
refresh: How often secondary servers (in seconds) should check in for changes in serial number. (86400 sec = 24 hrs)
retry: How long secondary server should wait for a retry
expire: Secondary server to purge info after this length of time.
default_ttl: How long data is held in cache by remote servers.
TTL - time to live
SOA - Start on Authority
NS - Name server
Ensure that the name server is in the /etc/resolv.conf and /etc/hosts file
/etc/init.d/named start
to check to see if its working use nslookup command to search for an entry in the zone file.
DIG - Domain Information Groper can be used to study domain name servers from the outside world.
Network Information Service (NIS) is a central component in a linux environment
for authenticaing users onto the system. NIS holds information of users, groups
and devices on a network, it forms part of the authenication process with a Samb
a PDC.
NIS is now seen as a legacy authenication program with LDAP and Kerberos taking
over. However NIS is a lot easier to setup and manage, for smaller networks this
would be a preferred option.
Configuration of NIS server.
Download the ypserv rpm from the rpmfind.net website
latest version for FC5: ypserv-2.19-0.i386.rpm
set domainnamedomainname anandhacorp
Modify the /etc/sysconfig/network configuration file to add the name of the NISDOMAIN
NETWORKING=yes HOSTNAME=nausicaa NISDOMAIN=anandhacorp GATEWAY=192.168.1.1
Add server ip address or hostname in the /etc/yp.conf file
ypserver 192.168.1.101
add a securenets file to allow which identifies the machine allowed to access the NIS
/var/yp/securenets
255.255.255.255 192.168.1.101
Modify the nsswitch.conf file to add nis database for a lookup for usernames group and password files.
passwd: files nis shadow: files nis group: files nis
Start the necessary NIS daemons in the /etc/init.d directory
service portmap startservice ypserv start
run ypinit -m to build the databases
/usr/lib/ypinit -m
will build all the databases in /var/yp/anandhacorp/ directory where anandhacorp is the domainname
type ypbind to bind the server to itself.
ypbind
ypwhich should produce the servename