CNT-2311-Chapter 8 Notes: Difference between revisions
Jump to navigation
Jump to search
(Created page with "== Ifup and ifdown command *(pg. 408) == ::-The ifup command bring the interface up ::-The ifdown command bring the interface down == Example of ifup/ifdown *(pag.408) == ::“...") |
|||
(2 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
= Chapter 8 = | |||
== Network Hardware Configuration == | |||
::-The most basic part of network configuration is getting the network hardware up and running. | |||
::-Most of the time that is a fairly automatic task since most systems ship with startup scripts that auto-detect the ::network card and loads the correct driver module. | |||
::-If the network hardware is not detected subsequent configuration will not work. You will need to load your network ::hardware driver. | |||
::-You will use the modprobe command. You must know the name of the networks hardware kernel module. | |||
:: # modprobe <insert kernel name here> | |||
== Configuring with DHCP== | |||
::-One of the most easy ways to configure a computer to use a TCP/IP network is to use DHCP. This allows one computer on ::a network to manage the settings for many other computers. | |||
::-When a computer running a DHCP client boots up it send out a broadcast looking for a DHCP server. The server then ::replies with the configuration information needed by the client to communicate with the computers on the network. | |||
::-Linux has three common DHCP clients. | |||
::: pump | |||
::: dhclient | |||
::: dhcpcd | |||
::-Some distributions ship with one of these but others ship with two or all three. They will all have a default DHCP ::client, that is installed when you tell the system you want to use DHCP at the installation. | |||
::-On systems that ship with more then one DHCP client you can swap one out for another by removing the old client and ::installing the package for the new one. | |||
::-The DHCP client runs at system bootup and is handled by its own SysV startup file or as part of the main network ::configuration startup file. | |||
::-This SysV file is typically named networking or network. | |||
::-The system uses a line in a configuration file to determine whether to run a DHCP client. | |||
::-Red Hat and Fedora set this option in a file called /etc/sysconfig/network-scripts/ifcfg-eth0 (the filename will be ::different if something other than a single Ethernet interface is used) | |||
::-The line in question looks like this: BOOTPROTO=dhcp | |||
::-If the BOOTPROTO variable is set to something different changing to the above line will set the system to use DHCP. | |||
::-Ubuntu uses the /etc/network/interfaces file for a similar purpose but the details differ. | |||
::-On a system that uses DHCP you will see a line like: iface eth0 inet dhcp | |||
::-You may prefer to use the GUI system to adjust these options. | |||
::-Once the DHCP client is configured to run when the system boots the configuration task is complete. On rare occasions ::you may need to tweak the DHCP settings to work around client/server incompatibilities. | |||
::-If you have to manually run a DHCP client you can do so by typing its name (as root) followed by a network identifier ::such as: dhclient eth0 to have the DHCP client attempt to configure eth0 with the help of any DHCP server it find on the | |||
::network. | |||
== Configure with a Static IP Address == | |||
::-When a network lacks a DHCP server you will need to provide basic network configuration options manually. | |||
::-These options can be set using interactive commands but to sent them long term you need to adjust a configuration file ::such as: | |||
::/etc/sysconfig/ network-scripts/ifcfg-eth0 or /etc/network/interfaces | |||
::-IP address: You can set the IP address manually with the ifconfig command or at the IPADDR line in the configuration ::file. | |||
::-Network mask: You can set the netmask manually with the ifconfig command or at the NETMASK line in the configuration ::file. | |||
::-Gateway address: You can manually set the gateway via the route command. To make it permanent you need to adjust the ::configuration file. This file may be the same that holds other options or another file such as: /etc/sysconfig/ | |||
::network/routes and is most likely called GATEWAY. | |||
::-DNS settings: In order for Linux to use DNS to translate between IP addresses and hostnames you must specify at least ::one DNS server in the /etc/resolv.config file. Adjusting this file is all you need to do to set the name server address. | |||
::-You can also set your computers local domain name in this file using the domain option: domain <name of the domain you ::want to use> | |||
::-The network configuration script may hold other options such as: | |||
::DEVICE=eth0 to specify the interface name | |||
::BOOTPROTO=static to assign a static IP address | |||
::ONBOOT=yes to bring up an interface when the system boots | |||
::NETWORK and BROADCAST are derived from the IPADDR and NETMASK and can be changed if you understand the consequences of ::doing so. | |||
::-This command will bring up eth0 using address 192.168.29.39 and netmask 255.255.255.0 | |||
::# ifconfig etho up 192.168.29.39 netmask 255.255.255.0 | |||
::-This command links the specified address to the card so that the computer responds to the address and claims to be that ::address when sending data. | |||
::-Both ifconfig and route can display information on the current network configuration. | |||
::-For ifconfig, omit up and everything that follows; for route, omit add everything that follows. | |||
::-To view the interface you may use this command: # ifconfig eth0 | |||
::-When configured correctly ifconfig should show a hardware address an IP address and some other statistics. | |||
== Configuring Routing == | |||
::-Routers pass traffic from one network to another. You give the computer a routers address which your system uses as a ::gateway to the internet. | |||
::-Any traffic not directed to the network is directed to the router which then sends it on to it’s destination. Every ::router has a list of rules concerning where to send data based on the destination IP address. | |||
::-The –net and –host force route to interpret the target as a network or computer address, respectively. | |||
::-Netmask lets you set a netmask as you desire and gw lets you specify a router through which packets to the specified ::target should go. | |||
::-The reject keyword installs a blocking route , which refuses all traffic destined for the specific network. | |||
::-Incorrect routing tables can cause serious problems causing some or all computers on the network not to respond. You ::can use route alone to compare the results to what your routing table should be. | |||
== Ifup and ifdown command *(pg. 408) == | == Ifup and ifdown command *(pg. 408) == | ||
Line 42: | Line 102: | ||
== Tracepath command *(pg. 413) == | == Tracepath command *(pg. 413) == | ||
::- This command is a lot similar to traceroute | ::- This command is a lot similar to traceroute | ||
== Checking Network Status == | |||
::-A useful diagnostic tool is Netstat | |||
::-Netstat can be used in place of many other tools. | |||
::-It also shows information that is not easily found in other ways. | |||
== Netstat options == | |||
::-Interface information: use netstat –interface or -i parameter to see information about | |||
::network interfaces. This is similar to what ifconfig command displays | |||
::-Routing information: use netstat –route or -r parameter to see the routing table. This | |||
::output is similar to what the route command shows | |||
::-Masquerade information: use netstat –masquerade or –M to see information about | |||
::connections mediated by Linux’s NAT features . This is a good way to stretch limited | |||
::IPv4 addresses. | |||
::-Program use: use netstat –program or –p parameter to show information about programs that | |||
::are using network connections. | |||
::-All connections: use netstat –all or –a parameter to display information about the ports | |||
::that server programs open to listen for network connections. | |||
== tcpdump == | |||
::-Advanced network troubleshooting tool. | |||
::-tcpdump is a packet sniffer that intercepts network packets and log them on the screen. | |||
::-Useful tool to verify that computer is receiving data from other computers | |||
::-This is also useful to examine the data in its raw form, which can be helpful if you | |||
::-understand protocols implementation details allowing you to spot problems. | |||
::-Be aware that packet sniffers can be used by individuals to capture passwords sent over | |||
::the network. | |||
::-You must use tcpdump in root mode. | |||
::-Once you enter tcpdump it summarizes what it is doing and prints lines, one for each packet | |||
::it monitors. | |||
::-Lines consist of time stamps, stack identifiers, origin system name, IP addresses and | |||
::port, destination system name and packet-specific information. | |||
::-Once tcpdump starts it dose not stop so you must press Ctrl+C to terminate it. | |||
== tcpdump options == | |||
::- A: displays packet contents in ASCII | |||
::- D: Displays a list of interfaces tcpdump can listen to. | |||
::- n: Shows all addresses numerically. | |||
::- v: Shows additional packet information. | |||
::- w file: Used to write captured packets to the specified file. | |||
::-You could consult tcpdump’s man page for details and for additional options. | |||
== Additional Networking Tools == | |||
::-Other than networking diagnostic programs you could use some common programs as debugging tools. | |||
::-One of the most helpful tools may be Telnet a program and protocol tool that is mainly used as | |||
::a remote login tool. | |||
::-Telnet is considered a poor choice as a remote login protocol due to the fact that it | |||
::is entirely unencrypted. | |||
::-A good rule to follow is that you should remove Telnet server from your system and never use | |||
::the telnet client program. SSH is a safer alternative to Telnet described in chapter 10. | |||
== Using Telnet to Debug Network Protocols == | |||
::-If you include a port number after the remote hostname, the program connects to the | |||
::specified port allowing you to interact with the server. | |||
::-To use telnet this way you must know a lot of information about the protocol. Without | |||
::the knowledge of the protocol you can still use Telnet to test if a server is running or not. | |||
::-If you try to connect and get a connection refused error message you know that a remote | |||
::server is not running or is inaccessible. (This may be because a firewall is blocking | |||
::the connection) | |||
::-If the result is Escape character this means that the server is running, even though it | |||
::could not be working correctly. | |||
::-This test only works for protocols that us TCP. UDP tools will not connect. | |||
== Using Telnet to Debug Network Protocols continued == | |||
::-Sometimes File Transfer Protocols (FTP) can be a helpful tool. | |||
::-This program allows you to transfer files between systems, as its name suggests. | |||
::-To use this tool type the program name followed by the FTP servers name, which will then | |||
::show you a login prompt, allowing you to issue FTP commands. |
Latest revision as of 23:22, 27 March 2011
Chapter 8
Network Hardware Configuration
- -The most basic part of network configuration is getting the network hardware up and running.
- -Most of the time that is a fairly automatic task since most systems ship with startup scripts that auto-detect the ::network card and loads the correct driver module.
- -If the network hardware is not detected subsequent configuration will not work. You will need to load your network ::hardware driver.
- -You will use the modprobe command. You must know the name of the networks hardware kernel module.
- # modprobe <insert kernel name here>
Configuring with DHCP
- -One of the most easy ways to configure a computer to use a TCP/IP network is to use DHCP. This allows one computer on ::a network to manage the settings for many other computers.
- -When a computer running a DHCP client boots up it send out a broadcast looking for a DHCP server. The server then ::replies with the configuration information needed by the client to communicate with the computers on the network.
- -Linux has three common DHCP clients.
- pump
- dhclient
- dhcpcd
- -Some distributions ship with one of these but others ship with two or all three. They will all have a default DHCP ::client, that is installed when you tell the system you want to use DHCP at the installation.
- -On systems that ship with more then one DHCP client you can swap one out for another by removing the old client and ::installing the package for the new one.
- -The DHCP client runs at system bootup and is handled by its own SysV startup file or as part of the main network ::configuration startup file.
- -This SysV file is typically named networking or network.
- -The system uses a line in a configuration file to determine whether to run a DHCP client.
- -Red Hat and Fedora set this option in a file called /etc/sysconfig/network-scripts/ifcfg-eth0 (the filename will be ::different if something other than a single Ethernet interface is used)
- -The line in question looks like this: BOOTPROTO=dhcp
- -If the BOOTPROTO variable is set to something different changing to the above line will set the system to use DHCP.
- -Ubuntu uses the /etc/network/interfaces file for a similar purpose but the details differ.
- -On a system that uses DHCP you will see a line like: iface eth0 inet dhcp
- -You may prefer to use the GUI system to adjust these options.
- -Once the DHCP client is configured to run when the system boots the configuration task is complete. On rare occasions ::you may need to tweak the DHCP settings to work around client/server incompatibilities.
- -If you have to manually run a DHCP client you can do so by typing its name (as root) followed by a network identifier ::such as: dhclient eth0 to have the DHCP client attempt to configure eth0 with the help of any DHCP server it find on the
- network.
Configure with a Static IP Address
- -When a network lacks a DHCP server you will need to provide basic network configuration options manually.
- -These options can be set using interactive commands but to sent them long term you need to adjust a configuration file ::such as:
- /etc/sysconfig/ network-scripts/ifcfg-eth0 or /etc/network/interfaces
- -IP address: You can set the IP address manually with the ifconfig command or at the IPADDR line in the configuration ::file.
- -Network mask: You can set the netmask manually with the ifconfig command or at the NETMASK line in the configuration ::file.
- -Gateway address: You can manually set the gateway via the route command. To make it permanent you need to adjust the ::configuration file. This file may be the same that holds other options or another file such as: /etc/sysconfig/
- network/routes and is most likely called GATEWAY.
- -DNS settings: In order for Linux to use DNS to translate between IP addresses and hostnames you must specify at least ::one DNS server in the /etc/resolv.config file. Adjusting this file is all you need to do to set the name server address.
- -You can also set your computers local domain name in this file using the domain option: domain <name of the domain you ::want to use>
- -The network configuration script may hold other options such as:
- DEVICE=eth0 to specify the interface name
- BOOTPROTO=static to assign a static IP address
- ONBOOT=yes to bring up an interface when the system boots
- NETWORK and BROADCAST are derived from the IPADDR and NETMASK and can be changed if you understand the consequences of ::doing so.
- -This command will bring up eth0 using address 192.168.29.39 and netmask 255.255.255.0
- ifconfig etho up 192.168.29.39 netmask 255.255.255.0
- -This command links the specified address to the card so that the computer responds to the address and claims to be that ::address when sending data.
- -Both ifconfig and route can display information on the current network configuration.
- -For ifconfig, omit up and everything that follows; for route, omit add everything that follows.
- -To view the interface you may use this command: # ifconfig eth0
- -When configured correctly ifconfig should show a hardware address an IP address and some other statistics.
Configuring Routing
- -Routers pass traffic from one network to another. You give the computer a routers address which your system uses as a ::gateway to the internet.
- -Any traffic not directed to the network is directed to the router which then sends it on to it’s destination. Every ::router has a list of rules concerning where to send data based on the destination IP address.
- -The –net and –host force route to interpret the target as a network or computer address, respectively.
- -Netmask lets you set a netmask as you desire and gw lets you specify a router through which packets to the specified ::target should go.
- -The reject keyword installs a blocking route , which refuses all traffic destined for the specific network.
- -Incorrect routing tables can cause serious problems causing some or all computers on the network not to respond. You ::can use route alone to compare the results to what your routing table should be.
Ifup and ifdown command *(pg. 408)
- -The ifup command bring the interface up
- -The ifdown command bring the interface down
Example of ifup/ifdown *(pag.408)
- “ifup eth0”
- –bring up the interface eth0“ifdown eth0”.
- –bring down the interface eth0- useful to quickly to take down a interface or
- bring it up, because you do not need to remember all the detail of the IP
- address, route and so on.
Hostnames *(pg. 409)
- There are 2 way to configure the hostname
- -On DNS
- -On you local computer
Domain Name System (DNS) *(pg. 409)
- - “is a distributed database computers that converts between IP addresses and
- hostnames”.
- - The DNS server just sit and listen for other computers on the network to send
- request.
- - The server then send the request out to other DNS server if it cannot find it
- in it cache.
- - If the server found what the request is asking for then it will send a request
- back to the computer telling it where to go.
Diagnosing Network Connections *(pg. 412)
- - There are a few command that will help diagnose a problem.
- - They are ping, traceroute, tracepath, netstat, and tcpdump.
Ping command *(pg. 412)
- - The ping command is a very basic network test, which send ICMP packet to the
- system you name, hostnames, or ip address and wait for a reply
- - In Linux it send the packet every second until you press Ctrl+C key to stop
- the stroke.
Traceroute command *(pg. 412-413)
- - This command will sends a series of three test packets to each computer
- between your system and a specified target system
Tracepath command *(pg. 413)
- - This command is a lot similar to traceroute
Checking Network Status
- -A useful diagnostic tool is Netstat
- -Netstat can be used in place of many other tools.
- -It also shows information that is not easily found in other ways.
Netstat options
- -Interface information: use netstat –interface or -i parameter to see information about
- network interfaces. This is similar to what ifconfig command displays
- -Routing information: use netstat –route or -r parameter to see the routing table. This
- output is similar to what the route command shows
- -Masquerade information: use netstat –masquerade or –M to see information about
- connections mediated by Linux’s NAT features . This is a good way to stretch limited
- IPv4 addresses.
- -Program use: use netstat –program or –p parameter to show information about programs that
- are using network connections.
- -All connections: use netstat –all or –a parameter to display information about the ports
- that server programs open to listen for network connections.
tcpdump
- -Advanced network troubleshooting tool.
- -tcpdump is a packet sniffer that intercepts network packets and log them on the screen.
- -Useful tool to verify that computer is receiving data from other computers
- -This is also useful to examine the data in its raw form, which can be helpful if you
- -understand protocols implementation details allowing you to spot problems.
- -Be aware that packet sniffers can be used by individuals to capture passwords sent over
- the network.
- -You must use tcpdump in root mode.
- -Once you enter tcpdump it summarizes what it is doing and prints lines, one for each packet
- it monitors.
- -Lines consist of time stamps, stack identifiers, origin system name, IP addresses and
- port, destination system name and packet-specific information.
- -Once tcpdump starts it dose not stop so you must press Ctrl+C to terminate it.
tcpdump options
- - A: displays packet contents in ASCII
- - D: Displays a list of interfaces tcpdump can listen to.
- - n: Shows all addresses numerically.
- - v: Shows additional packet information.
- - w file: Used to write captured packets to the specified file.
- -You could consult tcpdump’s man page for details and for additional options.
Additional Networking Tools
- -Other than networking diagnostic programs you could use some common programs as debugging tools.
- -One of the most helpful tools may be Telnet a program and protocol tool that is mainly used as
- a remote login tool.
- -Telnet is considered a poor choice as a remote login protocol due to the fact that it
- is entirely unencrypted.
- -A good rule to follow is that you should remove Telnet server from your system and never use
- the telnet client program. SSH is a safer alternative to Telnet described in chapter 10.
Using Telnet to Debug Network Protocols
- -If you include a port number after the remote hostname, the program connects to the
- specified port allowing you to interact with the server.
- -To use telnet this way you must know a lot of information about the protocol. Without
- the knowledge of the protocol you can still use Telnet to test if a server is running or not.
- -If you try to connect and get a connection refused error message you know that a remote
- server is not running or is inaccessible. (This may be because a firewall is blocking
- the connection)
- -If the result is Escape character this means that the server is running, even though it
- could not be working correctly.
- -This test only works for protocols that us TCP. UDP tools will not connect.
Using Telnet to Debug Network Protocols continued
- -Sometimes File Transfer Protocols (FTP) can be a helpful tool.
- -This program allows you to transfer files between systems, as its name suggests.
- -To use this tool type the program name followed by the FTP servers name, which will then
- show you a login prompt, allowing you to issue FTP commands.