Linux Networking This Tutorial Covers TCP/IP Networking And
Total Page:16
File Type:pdf, Size:1020Kb
Linux Tutorial - Linux Network Administration YoLinux Tutorial - Linux Networking This tutorial covers TCP/IP networking and system configuration basics. Linux can support multiple network devices. The device names are numbered and begin at zero and count upwards. For example, a computer running two ethernet cards will have two devices labeled /dev/eth0 and /dev/eth1. Contents: Configuration files Red Hat Linux network GUI configuration tools. Assigning an IP address Activating and De-Activating your NIC Subnets Enable Forwarding Adding a network interface card (NIC) Route VPN, Tunneling Usefull Linux networking commands inetd/xinetd: Network Socket Listener Daemons RPC: Remote Procedure Call. (portmapper) PAM: Network Wrappers. ICMP protocol. Network Monitoring Tools IDS: Intruder Detection System - SNORT Living in a MS/Windows world Related Links Other YoLinux Networking Tutorials: Setting up an internet gateway for home or office using iptables Modem dial-up: Configuring PPP dial up connections to an ISP Dialing Compuserve Dialing AOL Configuring PPP dial-in connections DNS Name server configuration DHCP server configuration: Dynamic Host Configuration Protocol Internet/Network Security Security Tools and Hacker Tools TCP/IP Network Configuration Files: File: /etc/resolv.conf - resolver configuration file search name-of-domain.com - Name of your domain or ISP's domain if using their name server nameserver XXX.XXX.XXX.XXX - IP address of primary name server nameserver XXX.XXX.XXX.XXX - IP address of secondary name server This configures Linux so that it knows which DNS server will be resolving domain names into IP addresses. If using DHCP client, this will automatically be sent to you by the ISP and loaded into this file as part of the DHCP protocol. If using a static IP address, ask the ISP or check another machine on your network. File: /etc/hosts - locally resolve node names to IP addresses 127.0.0.1 your-node-name.your-domain.com localhost.localdomain localho st XXX.XXX.XXX.XXX node-name Note when adding hosts to this file, place the fully qualified name first. (It helps sendmail identify your server correctly) i.e.: XXX.XXX.XXX.XXX superserver.yolinux.com superserver This informs Linux of local systems on the network which are not handled by the DNS server. (or for all systems in your LAN if you are not using DNS or NIS) /etc/sysconfig/network Red Hat network configuration file used by the system during the boot process. /etc/nsswitch In the past this file has had the following names: /etc/nsswitch.conf, /etc/svc.conf, /etc/netsvc.conf, ... depending on the distribution. File: /etc/nsswitch.conf - System Databases and Name Service Switch configuration file hosts: files dns nisplus nis This example tells Linux to first resolve a host name by looking at the local hosts file(/etc/hosts), then if the name is not found look to your DNS server as defined by /etc/resolv.conf and if not found there look to your NIS server. File: /etc/sysconfig/network-scripts/ifcfg-eth0 Configuration settings for your first ethernet port (0). Your second port is eth1. File: /etc/modules.conf (or for older systems: /etc/conf.modules) Example statement for Intel ethernet card: alias eth0 eepro100 Modules for other devices on the system will also be listed. This tells the kernel which device driver to use if configured as a loadable module. (default for Red Hat) Fedora / Red Hat Network GUI Configuration Tools: The following GUI tools edit the system configuration files. There is no difference in the configuration developed with the GUI tools and that developed by editing system configuration files directly. TCP/IP ethernet configuration: Network configuration: /usr/sbin/system-config-network (FC-2/3) GUI shown here ---> /usr/bin/redhat-config-network (/usr/bin/neat) (RH 7.2+ FC-1) Text console configuration tool: /usr/sbin/system-config-network-tui (Fedora Core 2/3) /usr/bin/redhat-config-network-tui (RH 9.0 - FC-1) Text console network configuration tool. First interface only - eth0: /usr/sbin/netconfig /usr/bin/netcfg (GUI) (last available with RH 7.1) Gnome Desktop: Gnome Desktop Network Configuration /usr/bin/gnome-network-preferences (RH 9.0 - FC-3) Proxy configuration. Choose one of three options: Direct internet connection Manual proxy configuration (specify proxy and port) Automatic proxy configuration (give URL) Assigning an IP address: Computers may be assiged a static IP address or assigned one dynamically. Static IP address assignment: Choose one of the following methods: Command Line: /sbin/ifconfig eth0 192.168.10.12 netmask 255.255.255.0 broadcast 192.168.10 .255 Network address by convention would be the lowest: 192.168.10.0 Broadcast address by convention would be the highest: 192.168.10.255 The gateway can be anything, but following convention: 192.168.10.1 Note: the highest and lowest addresses are based on the netmask. The previous example is based on a netmask of 255.255.255.0 GUI tools: /usr/bin/neat Gnome GUI network administration tool. Handles all interfaces. Configure for Static IP or DHCP client. (First available with Red Hat 7.2.) /usr/bin/netcfg (Handles all interfaces) (last available in Red Hat 7.1) Console tool: /usr/sbin/netconfig (Only seems to work for the first network interface eth0 but not eth1,...) Directly edit configuration files/scripts. See format below. The ifconfig command does NOT store this information permanently. Upon reboot this information is lost. (Manually add the commands to the end of the file /etc/rc.d/rc.local to execute them upon boot.) The commands netcfg and netconfig make permanent changes to system network configuration files located in /etc/sysconfig/network-scripts/, so that this information is retained. The IANA has allocated IP addresses in the range of 192.168.0.0 to 192.168.255.255 for private networks. Helpful tools: Cisco's IP Subnet calculator CIDR Conversion table - CIDR values, masks etc. The Red Hat configuration tools store the configuration information in the file /etc/sysconfig/network. They will also allow one to configure routing information. File: /etc/sysconfig/network Static IP address Configuration: (Configure gateway address) NETWORKING=yes HOSTNAME=my-hostname - Hostname is defined here and by command hostname FORWARD_IPV4=true - True for NAT firewall gateways and linux routers. Fa lse for everyone else - desktops and servers. GATEWAY="XXX.XXX.XXX.YYY" - Used if your network is connected to another network or the internet. Static IP configuration. Gateway not defined here fo r DHCP client. OR for DHCP client configuration: NETWORKING=yes HOSTNAME=my-hostname - Hostname is defined here and by command hostname (Gateway is assigned by DHCP server.) File: /etc/sysconfig/network-scripts/ifcfg-eth0 Static IP address configuration: DEVICE=eth0 BOOTPROTO=static BROADCAST=XXX.XXX.XXX.255 IPADDR=XXX.XXX.XXX.XXX NETMASK=255.255.255.0 NETWORK=XXX.XXX.XXX.0 ONBOOT=yes OR for DHCP client configuration: DEVICE=eth0 ONBOOT=yes BOOTPROTO=dhcp (Used by script /etc/sysconfig/network-scripts/ifup to bring the various network interfaces on-line) To disable DHCP change BOOTPROTO=dhcp to BOOTPROTO=none In order for updated information in any of these files to take effect, one must issue the command: service network restart Changing the host name: This is a three step process: Issue the command: hostname new-host-name Change network configuration file: /etc/sysconfig/network Edit entry: HOSTNAME=new-host-name Restart systems which relied on the hostname (or reboot): Restart network services: service network restart Restart desktop: Bring down system to console mode: init 3 Bring up X-Windows: init 5 One may also want to check the file /etc/hosts for an entry using the system name which allows the system to be self aware. Network aliasing: Assign more than one IP address to one ethernet card: ifconfig eth0 XXX.XXX.XXX.XXX netmask 255.255.255.0 broadcast XXX.XXX.XXX. 255 ifconfig eth0:0 192.168.10.12 netmask 255.255.255.0 broadcast 192.168.10.2 55 ifconfig eth0:1 192.168.10.14 netmask 255.255.255.0 broadcast 192.168.10.2 55 route add -host XXX.XXX.XXX.XXX dev eth0 route add -host 192.168.10.12 dev eth0 route add -host 192.168.10.14 dev eth0 In this example 0 and 1 are aliases in addition to the regular eth0. The result of the ifconfig command: eth0 Link encap:Ethernet HWaddr 00:10:4C:25:7A:3F inet addr:XXX.XXX.XXX.XXX Bcast:XXX.XXX.XXX.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:14218 errors:0 dropped:0 overruns:0 frame:0 TX packets:1362 errors:0 dropped:0 overruns:0 carrier:0 collisions:1 txqueuelen:100 Interrupt:5 Base address:0xe400 eth0:0 Link encap:Ethernet HWaddr 00:10:4C:25:7A:3F inet addr:192.168.10.12 Bcast:192.168.10.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 Interrupt:5 Base address:0xe400 eth0:1 Link encap:Ethernet HWaddr 00:10:4C:25:7A:3F inet addr:192.168.10.14 Bcast:192.168.10.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 Interrupt:5 Base address:0xe400 Config file: /etc/sysconfig/network-scripts/ifcfg-eth0:0 DEVICE=eth0:0 ONBOOT=yes BOOTPROTO=static BROADCAST=192.168.10.255 IPADDR=192.168.10.12 NETMASK=255.255.255.0 NETWORK=192.168.10.0 ONBOOT=yes Aliases can also be shut down independently. i.e.: ifdown eth0:0 The option during kernel compile is: CONFIG_IP_ALIAS=y (Enabled by default in Redhat) DHCP Linux Client: get connection info: /sbin/pump -i eth0 --status (Linux 7.1 and older) Device eth0 IP: 4.XXX.XXX.XXX Netmask: 255.255.252.0 Broadcast: 4.XXX.XXX.255 Network: 4.XXX.XXX.0