Linux Networking

This tutorial covers TCP/IP networking and system configuration basics. Linux can support multiple network devices. The device names are numbered and begin at zero and count upwards. For example, a computer running two ethernet cards will have two devices labeled /dev/eth0 and /dev/eth1. Linux network configuration, management, monitoring and system tools are covered in this tutorial.

Tutorial Contents: Other YoLinux Networking Tutorials:

l # Configuration files l Setting up an internet gateway for home or office l # Red Hat Linux network GUI using iptables configuration tools. l Load balancing servers using LVS (Linux Virtual l # Assigning an IP address Server) l # Activating and DeActivating your NIC l Modem dialup: l # Subnets ¡ Configuring PPP dial up connections to an l # Enable Forwarding ISP l # Adding a network interface card (NIC) ¡ Dialing Compuserve l # Route ¡ Dialing AOL l # VPN, Tunneling ¡ Configuring PPP dialin connections l # Usefull Linux networking commands l DNS Name server configuration l # inetd/xinetd: Network Socket l DHCP server configuration: Dynamic Host Listener Daemons Configuration Protocol # rwhod: Remote Who Daemon l l NIS authentication configuration: Server and Client # RPC: Remote Procedure Call. l l Internet/Network Security (portmapper) l Security Tools and Hacker Tools l # PAM: Network Wrappers. l YoLinux Tutorials Index l # ICMP protocol. l # Network Monitoring Tools l # IDS: Intruder Detection System SNORT

l # ARP: Address Resolution Protocol l # Configuring Linux For Network Multicast

l # Living in a MS/Windows world l # Network Definitions

l # Related Links

TCP/IP Network Configuration Files:

l File: /etc/resolv.conf host name resolver configuration file search nameofdomain.com Name of your domain or ISP's domain if using their name server nameserver XXX.XXX.XXX.XXX IP address of primary name server nameserver XXX.XXX.XXX.XXX IP address of secondary name server

This configures Linux so that it knows which DNS server will be resolving domain names into IP addresses. If using DHCP client, this will automatically be sent to you by the ISP and loaded into this file as part of the DHCP protocol. If using a static IP address, ask the ISP or check another machine on your network. Red Hat/Fedora GUI: /usr/sbin/systemconfignetwork (select tab "DNS".

l File: /etc/hosts locally resolve node names to IP addresses 127.0.0.1 yournodename.yourdomain.com localhost.localdomain localhost XXX.XXX.XXX.XXX nodename

Note when adding hosts to this file, place the fully qualified name first. (It helps sendmail identify your server correctly) i.e.:

XXX.XXX.XXX.XXX superserver.yolinux.com superserver

This informs Linux of local systems on the network which are not handled by the DNS server. (or for all systems in your LAN if you are not using DNS or NIS) Red Hat/Fedora GUI: /usr/sbin/systemconfignetwork (select tab "Hosts".

l File: /etc/nsswitch.conf System Databases and Name Service Switch configuration file hosts: files dns nisplus nis

This example tells Linux to first resolve a host name by looking at the local hosts file(/etc/hosts), then if the name is not found look to your DNS server as defined by /etc/resolv.conf and if not found there look to your NIS server.

In the past this file has had the following names: /etc/nsswitch.conf, /etc/svc.conf, /etc/netsvc.conf, ... depending on the distribution. Free Information Technology Magazine Fedora / Red Hat Network Configuration Files: Subscriptions and Document l /etc/sysconfig/network Downloads Red Hat network configuration file used by the system during the boot process.

l File: /etc/sysconfig/networkscripts/ifcfgeth0 Configuration settings for your first ethernet port (0). Your second port is eth1.

l File: ¡ /etc/modprobe.conf (kernel 2.6) ¡ /etc/modules.conf (kernel 2.4) ¡ (or for older systems: /etc/conf.modules) Example statement for Intel ethernet card: alias eth0 eepro100

Modules for other devices on the system will also be listed. This tells the kernel which device driver to use if configured as a loadable module. (default for Red Hat)

Fedora / Red Hat Network GUI Configuration Tools:

The following GUI tools edit the system configuration files. There is no difference in the configuration developed with the GUI tools and that developed by editing system configuration files directly.

TCP/IP ethernet configuration:

l Network configuration: /usr/sbin/systemconfignetwork (FC2/3) GUI shown here > /usr/bin/redhatconfignetwork (/usr/bin/neat) (RH 7.2+ FC1) l Text console configuration tool: /usr/sbin/systemconfignetworktui (Text User Interface (TUI) for Fedora Core 2/3) /usr/bin/redhatconfignetworktui (RH 9.0 FC1) l Text console network configuration tool. First interface only eth0: /usr/sbin/netconfig l /usr/bin/netcfg (GUI) (last available with RH 7.1)

Gnome Desktop:

l Gnome Desktop Network Configuration /usr/bin/gnomenetworkpreferences (RH 9.0 FC3) Proxy configuration. Choose one of three options: 1. Direct internet connection 2. Manual proxy configuration (specify proxy and port) 3. Automatic proxy configuration (give URL)

Assigning an IP address:

Computers may be assiged a static IP address or assigned one dynamically.

Static IP address assignment:

Choose one of the following methods:

l Command Line:

/sbin/ifconfig eth0 192.168.10.12 netmask 255.255.255.0 broadcast 192.168.10.255

Network address by convention would be the lowest: 192.168.10.0 Broadcast address by convention would be the highest: 192.168.10.255 The gateway can be anything, but following convention: 192.168.10.1

Note: the highest and lowest addresses are based on the netmask. The previous example is based on a netmask of 255.255.255.0

l Red Hat / Fedora GUI tools: ¡ /usr/bin/neat Gnome GUI network administration tool. Handles all interfaces. Configure for Static IP or DHCP client.

(First available with Red Hat 7.2.) ¡ /usr/bin/netcfg (Handles all interfaces) (last available in Red Hat 7.1)

l Red Hat / Fedora Console tools: ¡ /usr/sbin/systemconfignetworktui (Text User Interface) ¡ /usr/sbin/netconfig (Only seems to work for the first network interface eth0 but not eth1,...)

l Directly edit configuration files/scripts. See format below.

The ifconfig command does NOT store this information permanently. Upon reboot this information is lost. (Manually add the commands to the end of the file /etc/rc.d/rc.local to execute them upon boot.) The commands netcfg and netconfig make permanent changes to system network configuration files located in /etc/sysconfig/networkscripts/, so that this information is retained.

The IANA has allocated IP addresses in the range of 192.168.0.0 to 192.168.255.255 for private networks.

Helpful tools:

l Network Calculators: Subnet mask calculator, node calculator, mask inverter, ... l IP subnet calculator

Ubuntu / Debian IP Configuration Files:

File: /etc/network/interfaces

Static IP example: auto lo iface lo inet loopback auto eth0 iface eth0 inet static address 208.88.34.106 netmask 255.255.255.248 broadcast 208.88.34.111 network 208.88.34.104 gateway 208.88.34.110

Dynamic IP (DHCP) example:

auto lo iface lo inet loopback auto eth0 iface eth0 inet dhcp auto eth1 iface eth1 inet dhcp auto eth2 iface eth2 inet dhcp auto ath0 iface ath0 inet dhcp auto wlan0 iface wlan0 inet dhcp

Interfaces: l lo: Loopback interface (network within your system without slowing down for the real ethernet based network) l eth0: First ethernet interface card l wlan0: First wireless network interface

Also see "man interfaces"

Red Hat / Fedora Core IP Configuration Files:

The Red Hat configuration tools store the configuration information in the file /etc/sysconfig/network. They will also allow one to configure routing information.

l File: /etc/sysconfig/network

Static IP address Configuration: (Configure gateway address)

NETWORKING=yes HOSTNAME=myhostname Hostname is defined here and by command hostname FORWARD_IPV4=true True for NAT firewall gateways and linux routers. False for everyone else desktops and servers. GATEWAY="XXX.XXX.XXX.YYY" Used if your network is connected to another network or the internet. Static IP configuration. Gateway not defined here for DHCP client.

OR for DHCP client configuration: NETWORKING=yes HOSTNAME=myhostname Hostname is defined here and by command hostname

(Gateway is assigned by DHCP server.) OR for NIS client configuration: NETWORKING=yes HOSTNAME=myhostname Hostname is defined here and by command hostname NISDOMAIN=NISProject1 NIS domain to attach

l File (Red Hat/Fedora): /etc/sysconfig/networkscripts/ifcfgeth0 (S.u.s.e.: /etc/sysconfig/network/ifcfgethidXX:XX:XX:XX:XX) This file used by the command scripts ifup and ifdown

Static IP address configuration:

DEVICE=eth0 BOOTPROTO=static BROADCAST=XXX.XXX.XXX.255 IPADDR=XXX.XXX.XXX.XXX NETMASK=255.255.255.0 NETWORK=XXX.XXX.XXX.0 ONBOOT=yes Will activate upon system boot

RHEL4/FC3 additions: l TYPE=Ethernet l HWADDR=XX:XX:XX:XX:XX:XX l GATEWAY=XXX.XXX.XXX.XXX

OR for DHCP client configuration:

DEVICE=eth0 ONBOOT=yes BOOTPROTO=dhcp

RHEL4/FC3 additions: l IPV6INIT=no l USERCTL=no l PEERDNS=yes l TYPE=Ethernet l HWADDR=XX:XX:XX:XX:XX:XX

(Used by script /etc/sysconfig/networkscripts/ifup to bring the various network interfaces online) To disable DHCP change BOOTPROTO=dhcp to BOOTPROTO=none

In order for updated information in any of these files to take effect, one must issue the command: service network restart (or: /etc/init.d/network restart)

Changing the host name:

This is a three step process:

1. Issue the command: hostname newhostname 2. Change network configuration file: /etc/sysconfig/network Edit entry: HOSTNAME=newhostname 3. Restart systems which relied on the hostname (or reboot): ¡ Restart network services: service network restart (or: /etc/init.d/network restart) ¡ Restart desktop: n Bring down system to console mode: init 3 n Bring up XWindows: init 5

One may also want to check the file /etc/hosts for an entry using the system name which allows the system to be self aware.

The hostname may be changed at runtime using the command: sysctl w kernel.hostname="superserver"

Change the host name using GUI tool: /usr/sbin/systemconfignetwork (Red Hat / Fedora / CentOS)

Hostname entries are made in two places:

Select the "DNS" tab. Select the "Devices" tab + "Edit" + the "General" tab.

Network IP aliasing:

Assign more than one IP address to one ethernet card:

ifconfig eth0 XXX.XXX.XXX.XXX netmask 255.255.255.0 broadcast XXX.XXX.XXX.255 ifconfig eth0:0 192.168.10.12 netmask 255.255.255.0 broadcast 192.168.10.255 ifconfig eth0:1 192.168.10.14 netmask 255.255.255.0 broadcast 192.168.10.255

route add host XXX.XXX.XXX.XXX dev eth0 route add host 192.168.10.12 dev eth0 route add host 192.168.10.14 dev eth0

In this example 0 and 1 are aliases in addition to the regular eth0. The result of the ifconfig command:

eth0 Link encap:Ethernet HWaddr 00:10:4C:25:7A:3F inet addr:XXX.XXX.XXX.XXX Bcast:XXX.XXX.XXX.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:14218 errors:0 dropped:0 overruns:0 frame:0 TX packets:1362 errors:0 dropped:0 overruns:0 carrier:0 collisions:1 txqueuelen:100 Interrupt:5 Base address:0xe400 eth0:0 Link encap:Ethernet HWaddr 00:10:4C:25:7A:3F inet addr:192.168.10.12 Bcast:192.168.10.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 Interrupt:5 Base address:0xe400 eth0:1 Link encap:Ethernet HWaddr 00:10:4C:25:7A:3F inet addr:192.168.10.14 Bcast:192.168.10.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 Interrupt:5 Base address:0xe400 Config file: /etc/sysconfig/networkscripts/ifcfgeth0:0

DEVICE=eth0:0 ONBOOT=yes BOOTPROTO=static BROADCAST=192.168.10.255 IPADDR=192.168.10.12 NETMASK=255.255.255.0 NETWORK=192.168.10.0 ONBOOT=yes

Aliases can also be shut down independently. i.e.: ifdown eth0:0

The option during kernel compile is: CONFIG_IP_ALIAS=y (Enabled by default in Redhat)

Note: The Apache web server can be configured so that different IP addresses can be assigned to specific domains being hosted. See Apache configuration and "configuring an IP based virtual host" in the YoLinux Web site configuration tutorial.

DHCP Linux Client: get connection info: /sbin/pump i eth0 status (Red Hat Linux 7.1 and older)

Device eth0 IP: 4.XXX.XXX.XXX Netmask: 255.255.252.0 Broadcast: 4.XXX.XXX.255 Network: 4.XXX.XXX.0 Boot server 131.XXX.XXX.4 Next server 0.0.0.0 Gateway: 4.XXX.XXX.1 Domain: vz.dsl.genuity.net Nameservers: 4.XXX.XXX.1 4.XXX.XXX.2 4.XXX.XXX.3 Renewal time: Sat Aug 11 08:28:55 2001 Expiration time: Sat Aug 11 11:28:55 2001

Activating and DeActivating your NIC:

Commands for starting and stopping TCP/IP network services on an interface:

l Activate: /sbin/ifup eth0 (Also: ifconfig eth0 up Note: Even if no IP address is assigned you can listen.) l DeActivate: /sbin/ifdown eth0 (Also: ifconfig eth0 down)

These scripts use the scripts and NIC config files in /etc/sysconfig/networkscripts/

GUI Interface control/configuration:

l Start/Stop network interfaces /usr/bin/systemcontrolnetwork (Fedora Core 2/3) /usr/bin/redhatcontrolnetwork (RH 9.0 FC1) l Configure Ethernet, ISDN, modem, token Ring, Wireless or DSL network connection: /usr/sbin/systemconfignetworkdruid (FC2/3) /usr/sbin/redhatconfignetworkdruid (RH 9 FC1)

Subnets:

M # OF SUB CLASS C CLASS CLASS A NETS Slash CLASS A CLASS B CLASS B CLASS C SUB CLASS C SUB A C S Fmt HOSTS HOSTS MASK MASK HOSTS MASK MASK HOSTS K 1 Invalid 255 or /32 16,777,214 255.0.0.0 65,534 255.255.0.0 254 255.255.255.0 255.255.255.255 1 address 256 Invalid 254 128 /31 33,554,430 254.0.0.0 131,070 255.254.0.0 510 255.255.254.0 255.255.255.254 2 addresses 2 hosts 252 64 /30 67,108,862 252.0.0.0 262,142 255.252.0.0 1,022 255.255.252.0 255.255.255.252 4 addresses 6 hosts 248 32 /29 134,217,726 248.0.0.0 524,286 255.248.0.0 2,046 255.255.248.0 255.255.255.248 8 addresses 14 hosts 240 16 /28 268,435,454 240.0.0.0 1,048,574 255.240.0.0 4,094 255.255.240.0 255.255.255.240 16 addresses 30 hosts 224 8 /27 536,870,910 224.0.0.0 2,097,150 255.224.0.0 8,190 255.255.224.0 255.255.255.224 32 addresses 62 hosts 192 4 /26 1,073,741,822 192.0.0.0 4,194,302 255.192.0.0 16,382 255.255.192.0 255.255.255.192 64 addresses 126 hosts 128 2 /25 2,147,483,646 128.0.0.0 8,388,606 255.128.0.0 32,766 255.255.128.0 128 255.255.255.128 addresses

Binary position 8 7 6 5 4 3 2 1 Value 128 64 32 16 8 4 2 1 Example: 192 1 1 0 0 0 0 0 0

Example 192=128+64

Some addresses are reserved and outside this scope. Loopback (127.0.0.1), reserved class C 192.168.XXX.XXX, reserved class B 172.31.XXX.XXX and reserved class A 10.XXX.XXX.XXX.

Subnet Example:

Your ISP assigns you a subnet mask of 255.255.255.248 for your office. l 208.88.34.104 Network Base address l 208.88.34.105 Computer 1 l 208.88.34.106 Computer 2 l 208.88.34.107 Computer 3 l 208.88.34.108 Computer 4 l 208.88.34.109 Computer 5 l 208.88.34.110 DSL router/Gateway l 208.88.34.111 Broadcast address Of the eight addresses, there are six assigned to hardware systems and ultimately only five usable addresses.

Links:

l Subnet Cheat Sheet l Subnet calculator l Table of subnets l IP Subnetting, Variable Subnetting, and CIDR (Supernetting) l CISCO.com: Subnet Masking and Addressing

Network Classes:

The concept of network classes is a little obsolete as subnets are now used to define smaller networks. These subnets may be part of a class A, B, C, etc network. For historical reference the network classes are defined as follows:

l Class A: Defined by the first 8 bits with a range of 0 127. First number (8 bits) is defined by Internic i.e. 77.XXX.XXX.XXX One class A network can define 16,777,214 hosts. Range: 0.0.0.0 127.255.255.255 l Class B: Defined by the first 8 bits with a range from 128 191 First two numbers (16 bits) are defined by Internic i.e. 182.56.XXX.XXX One class B network can define 65,534 hosts. Range: 128.0.0.0 191.255.255.255 l Class C: Defined by the first 8 bits with a range from 192 223 First three numbers (24 bits) are defined by Internic i.e. 220.56.222.XXX One class B network can define 254 hosts. Range: 192.0.0.0 223.255.255.255 l Class D: Defined by the first 8 bits with a range from 224 239 This is reserved for multicast networks (RFC988) Range: 224.0.0.0 239.255.255.255 l Class E: Defined by the first 8 bits with a range from 240 255 This is reserved for experimental use. Range: 240.0.0.0 247.255.255.255

Enable Forwarding: Forwarding allows the network packets on one network interface (i.e. eth0) to be forwarded to another network interface (i.e. eth1). This will allow the Linux computer to conect ("ethernet bridge") or route network traffic.

The bridge configuration will merge two (or several) networks into one single network topology. IpTables firewall rules can be used to filter traffic.

A router configuration can support multicast and basic IP routing using the "route" command. IP masquerading (NAT) can be used to connect private local area networks (LAN) to the internet or load balance servers.

l Turn on IP forwarding to allow Linux computer to act as a gateway or router. echo 1 > /proc/sys/net/ipv4/ip_forward Default is 0. One can add firewall rules by using ipchains.

Another method is to alter the Linux kernel config file: /etc/sysctl.conf Set the following value:

net.ipv4.ip_forward = 1

See file /etc/sysconfig/network for storing this configuration.

FORWARD_IPV4=true

Change the default "false" to "true".

All methods will result in a proc file value of "1". Test: cat /proc/sys/net/ipv4/ip_forward

The TCP Man page Linux Programmer's Manual and /usr/src/linux/Documentation/proc.txt (Kernel 2.2 RH 7.0) cover /proc/sys/net/ipv4/* file descriptions.

Alos see: (YoLinux tutorials)

l Configure Linux as an internet gateway router: Using Linux and iptables/ipchains to set up an internet gateway for home or office (iptables) l Load balancing servers using LVS (Linux Virtual Server) (ipvsadm)

Adding a network interface card (NIC):

Manual method: This does not alter the permanent configuration and will only configure support until the next reboot.

l cd /lib/modules/2.2.515/net/ Use kernel version for your system. This example uses 2.2.515 (Fedora Core 3: /lib/modules/2.6.121.1381_FC3/kernel/net/) Here you will find the modules supported by your system. It can be permanently added to: ¡ /etc/modprobe.conf (kernel 2.6) ¡ /etc/modules.conf (kernel 2.4) ¡ (or for older systems: /etc/conf.modules) Example:

alias eth0 3c59x

l /sbin/insmod 3c59x (For a 3Com ethernet card) This inserts the specified module into the kernel. l /sbin/modprobe 3c59x This also loads a module into the system kernel. Modprobe command line options: ¡ r : to unload the module. ¡ /sbin/modprobe l \* : list all modules. ¡ /sbin/modprobe lt net \* : List only network modules ¡ /sbin/modprobe t net \* : Try loading all network modules and see what sticks. (act of desperation) l ifconfig ...

The easy way: Red Hat versions 6.2 and later, ship with Kudzu, a device detection program which runs during system initialization. (/etc/rc.d/init.d/kudzu) This can detect a newly installed NIC and load the appropriate driver. Then use /usr/sbin/netconfig to configure the IP address and network settings. The configuration will be stored so that it will be utilized upon system boot.

Systems with two NIC cards: Typically two cards are used when connecting to two networks. In this case the device must be defined using one of three methods:

1. Use the Red Hat GUI tool /usr/bin/netcfg

2. Define network parameters in configuration files:

Define new device in file (Red Hat/Fedora) /etc/sysconfig/networkscripts/ifcfgeth1 (S.u.s.e 9.2: /etc/sysconfig/network/ifcfgethidXX:XX:XX:XX:XX)

DEVICE=eth1 BOOTPROTO=static IPADDR=192.168.10.12 NETMASK=255.255.255.0 GATEWAY=XXX.XXX.XXX.XXX HOSTNAME=nodename.nameofdomain.com DOMAIN=nameofdomain.com

Special routing information may be specified, if necessary, in the file (Red Hat/Fedora): /etc/sysconfig/staticroutes (S.u.s.e. 9.2: /etc/sysconfig/network/routes)

Example:

eth1 net XXX.XXX.XXX.0 netmask 255.255.255.0 gw XXX.XXX.XXX.XXX

3. Define network parameters using Unix command line interface:

Define IP address:

ifconfig eth0 XXX.XXX.XXX.XXX netmask 255.255.255.0 broadcast XXX.XXX.XXX.255 ifconfig eth1 192.168.10.12 netmask 255.255.255.0 broadcast 192.168.10.255

If necessary, define route with with the route command: Examples:

route add default gw XXX.XXX.XXX.XXX dev eth0 route add net XXX.XXX.XXX.0 netmask 255.255.255.0 gw XXX.XXX.XXX.XXX dev eth0

Where XXX.XXX.XXX.XXX is the gateway to the internet as defined by your ISP or network operator.

If a mistake is made just repeat the route command substituting "del" in place of "add".

Configuring your NIC: Speed and Duplex settings:

This is usually not necessary because most ethernet adapters can autonegotiate link speed and duplex setting.

l List NIC speed and configuration: miitool eth0: negotiated 100baseTxFD flowcontrol, link ok

Verbose mode: miitool v

eth0: negotiated 100baseTxFD flowcontrol, link ok product info: Intel 82555 rev 4 basic mode: autonegotiation enabled basic status: autonegotiation complete, link ok capabilities: 100baseTxFD 100baseTxHD 10baseTFD 10baseTHD advertising: 100baseTxFD 100baseTxHD 10baseTFD 10baseTHD flowcontrol link partner: 100baseTxFD 100baseTxHD 10baseTFD 10baseTHD flowcontrol

l Set NIC configuration: miitool F option Option Parameters F 100baseTxFD 100baseTxHD 10baseTFD 10baseTHD A 100baseT4 100baseTxFD 100baseTxHD 10baseTFD 10baseTHD

l Query NIC with ethtool: Command Description ethtool g eth0 Queries ethernet device for rx/tx ring parameter information. ethtool a eth0 Queries ethernet device for pause parameter information. ethtool c eth0 Queries ethernet device for coalescing information. ethtool i eth0 Queries ethernet device for associated driver information. ethtool d eth0 Prints a register dump for the specified ethernet device. ethtool k eth0 Queries ethernet device for offload information. ethtool S eth0 Queries ethernet device for NIC and driver statistics.

Man Pages:

l miitool view, manipulate mediaindependent interface status l ethtool Display or change ethernet card settings

Route:

Static routes: IP (Internet Protocol) uses a routing table to determine where packets should be sent. First the packet is examined to see if its' destination is for the local or remote network. If it is to be sent to a remote network, the routing table is consulted to determine the path. If there is no information in the routing table then the packet is sent to the default gateway. Static routes are set with the route command and with the configuration file (Red Hat/Fedora): /etc/sysconfig/networkscripts/routeeth0 or (Red Hat 7: /etc/sysconfig/staticroutes) (S.u.s.e. 9.2: /etc/sysconfig/network/routes):

10.2.3.0/16 via 192.168.10.254

See command: /etc/sysconfig/networkscripts/ifuproutes eth0

Dynamic routes: RIP (Routing Information Protocol) is used to define dynamic routes. If multiple routes are possible, RIP will choose the shortest route. (Fewest hops between routers not physical distance.) Routers use RIP to broadcast the routing table over UDP port 520. The routers would then add new or improved routes to their routing tables.

Man pages:

l route show / manipulate the IP routing table (Static route) Examples: ¡ Show routing table: route e ¡ Access individual computer host specified via network interface card eth1: route add host 123.213.221.231 eth1 ¡ Access ISP network identified by the network address and netmask using network interface card eth0: route add net 10.13.21.0 netmask 255.255.255.0 gw 192.168.10.254 eth0 Conversly: route del net 10.13.21.0 netmask 255.255.255.0 gw 192.168.10.254 eth0 ¡ Specify default gateway to use to access remote network via network interface card eth0: route add default gw 201.51.31.1 eth0 (Gateway can also be defined in /etc/sysconfig/network) ¡ Specify two gateways for two network destinations: (i.e. one external, one internal private network. Two routers/gateways will be specified.) Add internet gateway as before: route add default gw 201.51.31.1 eth0 Add second private network: route add net 10.0.0.0 netmask 255.0.0.0 gw 192.168.10.254 eth0 l routed network routing daemon. Uses RIP protocol to update routing table. l ipx_route show / manipulate the IPX routing table IPX is the Novell networking protocol (Not typically used unless your office has Novell servers) l ifuser Identify destinations routed to a particular network interface.

VPN, Tunneling:

l Commercial VPN Linux software solutions YoLinux l OpenSWAN.org IPSec VPN for Linux l FreeSWAN.org IPSec VPN for Linux l FreeSWAN tutorial howto l OpenVPN SSL VPN solution for site to site, WiFi security, and enterprisescale remote access with load balancing, failover, and finegrained accesscontrols. l SSLExplorer Java SLL based VPN l Quagga dynamic routing suite VLAN l n2n pier to pier within a private fabric l CIPE: Crypto IP Encapsulation (Easiest way to configure two Linux gateways connecting two private networks over the internet with encryption.) ¡ CIPE Home page CIPE is a simple encapsulation system that securely connects two subnets. ¡ The Linux Cipe+Masquerading miniHOWTO Anthony Ciaravalo l GRE Tunneling Generic Routing Encapsulation Hugo Samayoa l VPN HowTo Matthew D. Wilson l Installing and Running PPTP on Linux l L2TP Extensions (l2tpext) Internet Drafts.

Usefull Linux networking commands:

l /etc/rc.d/init.d/network start command to start, restart or stop the network l netstat Display connections, routing tables, stats etc ¡ List externally connected processes: netstat punta ¡ List all connected processes: netstat nap ¡ Show network statistics: netstat s ¡ Kernel interface table info: netstat a i eth0 l ping send ICMP ECHO_REQUEST packets to network hosts. Use CntlC to stop ping. l traceroute print the route packets take to network host ¡ traceroute IPaddressofserver ¡ traceroute domainnameofserver l mtr a network diagnostic tool introduced in Fedora Like traceroute except it gives more network quality and network diagnostic info. Leave running to get real time stats. Reports best and worst round trip times in milliseconds. ¡ mtr IPaddressofserver ¡ mtr domainnameofserver l whois Lookup a domain name in the internic whois database. l finger Display information on a system user. i.e. finger user@host Uses $HOME/.plan and $HOME/.project user files. Often used by game developers. See http://finger.planetquake.com/ l iptables IP firewall administration (Linux kernel 2.6/2.4) See YoLinux firewall/gateway configuration. l ipchains IP firewall administration (Linux kernel 2.2) See YoLinux firewall/gateway configuration. l socklist Display list of open sockets, type, port, process id and the name of the process. Kill with fuser or kill. l host Give a host name and the command will return IP address. Unlike nslookup, the host command will use both /etc/hosts as well as DNS. Example: host domainnameofserver l nslookup Give a host name and the command will return IP address. Also see Testing your DNS (YoLinux Tutorial) Note that nslookup does not use the /etc/hosts file.

inetd/xinetd: Network Socket Listener Daemons:

The network listening daemons listen and respond to all network socket connections made on the TCP/IP ports assigned to it. The ports are defined by the file /etc/services. When a connection is made, the listener will attempt to invoke the assigned program and pipe the data to it. This simplified matters by allowing the assigned program to read from stdin instead of making its own sockets connection. The listener hadles the network socket connection. Two network listening and management daemons have been used in Red Hat Linux distributions:

l inetd: Red Hat 6.x and older l xinetd: Red Hat 7.09.0, Fedora Core

inetd:

Configuration file: /etc/inetd.conf Entries in this file consist of a single line made up of the following fields:

service sockettype protocol wait user server cmdline

l service: The name assigned to the service. Matches the name given in the file /etc/services l sockettype: ¡ stream: connection protocols (TCP) ¡ dgram: datagram protocols (UDP) ¡ raw ¡ rdm ¡ seqpacket l protocol: Transport protocol name which matches a name in the file /etc/protocols. i.e. udp, icmp, tcp, rpc/udp, rpc/tcp, ip, ipv6 l wait: Applies only to datagram protocols (UDP). ¡ wait[.max]: One server for the specified port at any time (RPC) ¡ nowait[.max]: Continue to listen and launch new services if a new connection is made. (multithreaded) Max refers to the maximum number of server instances spawned in 60 seconds. (default=40) l user[.group]: login id of the user the process is executed under. Often nobody, root or a special restricted id for that service. l server: Full path name of the server program to be executed. l cmdline: Command line to be passed to the server. This includes argument 0 (argv[0]), that is the command name. This field is empty for internal services. Example of internal TCP services: echo, discard, chargen (character generator), daytime (human readable time), and time (machine readable time). (see RFC)

Sample File: /etc/inetd.conf

#echo stream tcp nowait root internal #echo dgram udp wait root internal ftp stream tcp nowait root /usr/sbin/tcpd in.ftpd l a #pop3 stream tcp nowait root /usr/sbin/tcpd ipop3d #swat stream tcp nowait.400 root /usr/sbin/swat swat

A line may be commented out by using a '#' as the first character in the line. This will turn the service off. The maximum length of a line is 1022 characters.

The inet daemon must be restarted to pick up the changes made to the file: /etc/rc.d/init.d/inetd restart

For more information see the man pages "inetd" and "inetd.conf".

xinetd: Extended Internet Services Daemon:

Xinetd has access control machanisms, logging capabilities, the ability to make services available based on time, and can place limits on the number of servers that can be started, redirect services to different ports and network interfaces (NIC) or even to a different server, chroot a service etc... and thus a worthy upgrade from inetd.

Use the command chkconfig list to view all system services and their state. It will also list all network services controlled by xinetd and their respective state under the title "xinetd based services". (Works for xinetd (RH7.0+) but not inetd)

The xinetd network daemon uses PAM also called network wrappers which invoke the /etc/hosts.allow and /etc/hosts.deny files.

Configuration file: /etc/xinetd.conf which in turn uses configuration files found in the directory /etc/xinetd.d/.

To turn a network service on or off:

l Edit the file /etc/xinetd.d/servicename Set the disable value: disable = yes or disable = no Restart the xinetd process using the signal: ¡ SIGUSR1 (kill SIGUSR1 processid) Soft reconfiguration does not terminate existing connections. (Important if you are connected remotely) ¡ SIGUSR2 Hard reconfiguration stops and restarts the xinetd process. (Note: Using the HUP signal will terminate the process.) OR l Use the chkconfig command: chkconfig servicename on (or off) This command will also restart the xinetd process to pick up the new configuration.

The file contains entries of the form:

service servicename { attribute assignmentoperator value value ...... {

Where: l attribute: ¡ disable: n yes n no ¡ type: n RPC n INTERNAL: n UNLISTED: Not found in /etc/rpc or /etc/services ¡ id: By default the service id is the same as the service name. ¡ socket_type: n stream: TCP n dgram: UDP n raw: Direct IP access n seqpacket: service that requires reliable sequential datagram transmission ¡ flags: Combination of: REUSE, INTERCEPT, NORETRY, IDONLY, NAMEINARGS, NODELAY, DISABLE, KEEPALIVE, NOLIBWRAP. See the xinetd man page for details. ¡ protocol: Transport protocol name which matches a name in the file /etc/protocols. ¡ wait: n no: multithreaded n yes: singlethreaded One server for the specified port at any time (RPC) ¡ user: See file : /etc/passwd ¡ group: See file : /etc/group ¡ server: Program to execute and recieve data stream from socket. (Fully qualified name full pathe name of program) ¡ server_args: Unlike inetd, arg[0] or the name of the service is not passed. ¡ only_from: IP address, factorized address, netmask range, hostname or network name from file /etc/networks. ¡ no_access: Deny from ... (inverse of only_from) ¡ access_times ¡ port: See file /etc/services Also: log_type, log_on_success, log_on_failure (Log options: += PID,HOST,USERID,EXIT,DURATION,ATTEMPT and RECORD), rpc_version, rpc_number, env, passenv, redirect, bind, interface, banner, banner_success, banner_fail, per_source, cps, max_load, groups, enabled, include, includedir, rlimit_as, rlimit_cpu, rlimit_data, rlimit_rss, rlimit_stack. The best source of information is the man page and its many examples. l assignmentoperator: ¡ = ¡ +=: add a value to the set of values ¡ =: delete a value from the set of values

Then restart the daemon: /etc/rc.d/init.d/xinetd restart

Example from man page: Limit telnet sessions to 8 Mbytes of memory and a total 20 CPU seconds for child processes.

service telnet { socket_type = stream wait = no nice = 10 user = root server = /usr/etc/in.telnetd rlimit_as = 8M rlimit_cpu = 20 }

[Pitfall] Red Hat 7.1 with updates as of 07/06/2001 required that I restart the xinetd services before FTP would work properly even though xinetd had started without failure during the boot sequence. I have no explanation as to why this occurs or how to fix it other than to restart xinetd: /etc/rc.d/init.d/xinetd restart.

Man Pages:

l xinetd l xinetd.conf l xinetd.log l tcpd

For more info see:

l LinuxFocus.org: xinetd Frederic Raynal l RedHat.com: Controlling Access to Services l http://www.xinetd.org l See RFC's: 862, 863, 864, 867, 868, 1413. l man page xinetd, xinetd.conf, xinetd.log

RWHO: Remote Who daemon rwhod

The "rwho" command is used to display users logged into computers on your LAN.

By default, Red Hat Linux has the network interface to the rwhod disabled. Thus if one issues the command "rwho", you will only see who is logged into the system you are logged into and not remote systems on the network. This is a safe approach for internet servers as it reduces the exposure of a service which could be exploited by hackers. If you wish to use rwhod on a local private and firewall protected network, here is how:

Allow broacast capabilities. Edit /etc/init.d/rwhod change from: daemon rwhod to: daemon rwhod b

Start service:

l Set service to start with system boot: chkconfig level 345 rwhod on l Start rwhod service: service rwhod start (or: service rwhod restart)

Man pages:

l rwho: who is logged in on local network machines l rwhod: system status server l who: show who is logged on to the same system

RPC: Remote Procedure Calls (Portmapper)

Portmpper is a network service required to support RPC's. Many services such as NFS (file sharing services) require portmapper.

List RPC services supported: [root]# rpcinfo p localhost

Starting portmap server:

l /etc/rc.d/init.d/portmap start l service portmap start (Red Hat/Fedora Core)

Man Pages:

l portmap l rpcinfo l pmap_set l pmap_dump

PAM: Network Wrappers:

Pluggable Authentication Modules for Linux (TCP Wrappers)

This system allows or denies network access. One can reject or allow specific IP addresses or subnets to access your system.

File: /etc/hosts.allow

in.ftpd:208.188.34.105

This specifically allows the given IP address to ftp to your system. One can also specify an entire domain. i.e. .nameof domain.com Note the beginning ".".

File: /etc/hosts.deny

ALL:ALL

This generally denies any access.

See the pam man page.

File: /etc/inetd.conf

ftp stream tcp nowait root /usr/sbin/tcpd in.ftpd l a

The inet daemon accepts the incoming network stream and assigns it to the PAM TCP wrapper, /usr/sbin/tcpd, which accepts or denies the network connection as defined by /etc/hosts.allow and /etc/hosts.deny and then passes it along to ftp. This is logged to /var/log/secure

Advanced PAM: More specific access can be assigned and controlled by controlling the level of authentication required for access.

Files reflect the inet service name. Rules and modules are stacked to achieve the level of security desired.

See the files in /etc/pam.d/... (some systems use /etc/pam.conf)

The format: service type control modulepath modulearguments

l auth (type) Password is required for the user ¡ nullok Null or nonexistatant password is acceptable ¡ shadow encrypted passwords kept in /etc/shadow l account (type) Verifies password. Can track and force password changes. l password (type) Controls password update ¡ retry=3 Sets the number of login attempts ¡ minlen=8 Set minimum length of password l session (type) Controls monitoring

Modules:

l /lib/security/pam_pwdb.so password database module l /lib/security/pam_shells.so l /lib/security/pam_cracklib.so checks is password is crackable l /lib/security/pam_listfile.so

After reconfiguration, restart the inet daemon: killall HUP inetd

For more info see:

l Wietse's Papers l Pluggable Authentication Modules for Linux (PAM) Home Page

ICMP:

ICMP is the network protocol used by the ping and traceroute commands.

ICMP redirect packets are sent from the router to the host to inform the host of a better route. To enable ICMP redirect, add the following line to /etc/sysctl.conf :

net.ipv4.conf.all.accept_redirects = 1

Add the following to the file: /etc/rc.d/rc.local

for f in /proc/sys/net/ipv4/conf/*/accept_redirects do echo 1 > $f done

Command to view Kernel IP routing cache: /sbin/route Cn

NOTE: This may leave you vulnerable to hackers as attackers may alter your routes.

Blocking ICMP and look invisible to ping:

The following firewall rules will drop ICMP requests.

Iptables:

iptables A OUTPUT p icmp d 0/0 j DROP

Ipchains:

ipchains A output p icmp d 0/0 j DENY

OR drop all incomming pings:

echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_all

This is sometimes necessary to look invisible to DOS (Denial Of Service) attackers who use ping to watch your machine and launch an attack when it's pressence is detected

Network Monitoring Tools:

l tcpdump dump traffic on a network. See discussion below. Command line option Description c Exit after receiving count packets. C Specify size of output dump files. i Specify interface if multiple exist. Lowest used by default. i.e. eth0 w filename Write the raw packets to file rather than parsing and printing them out. They can later be printed with the r option. n Improve speed by not performing DNS lookups. Report IP addresses. t Don't print a timestamp on each dump line.

Filter expressions: primitive Description host hostname If host has multiple IP's, all will be checked. net networknumber Network number. net networknumber mask mask Network number and netmask specified. port portnumber Port number specified. tcp Sniff TCP packets. udp Sniff UDP packets. icmp Sniff icmp packets.

Examples:

l tcpdump tcp port 80 and host server1 l tcpdump ip host server1 and not server2 l iptraf Interactive Colorful IP LAN Monitor l nmap Network exploration tool and security scanner ¡ List pingable nodes on network: nmap sP 192.168.0.0/24 Scans network for IP addresses 192.168.0.0 to 192.168.0.255 using ping. l Ethereal Network protocol analyzer. Examine data from a live network. RPM's required: l ethereal0.8.152.i386.rpm Red Hat 7.1 Powertools CD RPM l ucdsnmp4.212.i386.rpm Red Hat 7.1 binary CD 1 l ucdsnmputils4.212.i386.rpm Red Hat 7.1 binary CD 1 l Also: gtk+, glib, glibc, XFree86libs4.0.35 (base install) There is an error in the ethereal package because it does not show the snmp libraries as a dependancies, but you can deduce this from the errors that you get if the ucdsnmp libraries are not installed. l EtherApe Graphical network monitor for Unix modeled after etherman. This is a great network discovery program with cool graphics. (Red Hat Powertools CD 7.1) l Gkrellm Network and system monitor. Good for monitoring your workstation. (Red Hat Powertools CD) l IPTraf ncursesbased IP LAN monitor. (Red Hat Powertools CD) l Cheops Network discovery, location, diagnosis and management. Cheops can identify all of the computers that are on your network, their IP address, their DNS name, the operating system they are running. Cheops can run a port scan on any system on your network. (Red Hat Powertools CD) l ntop Shows network usage in a way similar to what top does for processes. Monitors how much data is being sent and received on your network. (Red Hat Powertools CD) l MRTG Multi Router Traffic Grapher Monitor network traffic load using SNMP and generate an HTML/GIF report. (See sample output) l dnsad IP traffic capture. Export to Cisco Netflow for network analysis reporting. l scotty Obtain status and configuration information about your network. Supports SNMP, ICMP, DNS, HTTP, SUN RPC, NTP, & UDP. (Red Hat Powertools CD) l Big Brother Monitoring ans services availablility. l OpenNMS.org Network Management using SNMP. l Nagios host, service and network monitoring l Angel network monitor

Using tcpdump to monitor the network:

[root]# ifconfig eth0 promisc Put nic into promiscuous mode to sniff traffic. [root]# tcpdump n host not XXX.XXX.XXX.XXX | more Sniff net but ignore IP which is your remote session. [root]# ifconfig eth0 promisc Pull nic out of promiscuous mode.

Network Intrusion and Hacker Detection Systems:

SNORT: Monitor the network, performing realtime traffic analysis and packet logging on IP networks for the detection of an attack or probe.

l Linux Journal: Planning IDS for Your Enterprise Nalneesh Gaur l InterSect Alliance Intrusiuon analysis. Identifies malicious or unauthorized access attempts.

ARP: Address Resolution Protocol

Ethernet hosts use the Address Resolution Protocol (ARP) to convert a 32bit internet IP addresses into a 48bit Ethernet MAC address used by network hardware. (See: RFC 826) ARP broadcasts are sent to all hosts on the subnet by the data transmitting host to see who replies. The broadcast is ignored by all except the intended receiver which recognizes the IP address as its own. The MAC addresses are remembered (APR cache) for future network communications. Computers on the subnet typically keep a cache of ARP responses. ARP broadcasts are passed on by hubs and switches but are blocked by routers.

Reverse ARP (See: RFC 903) is a bootstrap protocol which allows a client to broadcast requesting a server to reply with its IP address.

l arp (8) man page manipulate the system ARP cache l Shows other systems on your network (including IP address conflicts): arp a l Show ARP table Linux style: arp e l arpwatch (8) man page keep track of ethernet/ip address pairings l arpsnmp (8) man page keep track of ethernet/ip address pairings. Reads information generated by snmpwalk l arping (8) man page send ARP REQUEST to a neighbor host Print ARP reply (similar to arp a): arping 192.168.10.99 l List ARP table: cat /proc/net/arp l ip (8) man page show / manipulate routing, devices, policy routing and tunnels View ARP table: ip neighbor

ARP is something that simply works. No Linux system configuration is necessary. It's all part of the ethernet and IP protocol. The aforementioned information is just part of the Linux culture of full visibility into what is going on.

Configuring Linux For Network Multicast:

Regular network exchanges of data are peer to peer unicast transactions. An HTTP request to a web server (TCP/IP), email SNMP (TCP/IP), DNS (UDP), FTP (TCP/IP), ... are all peer to peer unicast transactions. If one wants to transmit a video, audio or data stream to multiple nodes with one transmission stream instead of multiple individual peer to peer connections, one for each node, one may use multicasting to reduce network load. Note that multicast and a network broadcast are different. Multicast messages are only "heard" by the nodes on the network that have "joined the multicast group" which are those that are interested in the information.

The Linux kernel is Level2 MulticastCompliant. It meets all requirements to send, receive and act as a router for multicast datagrams. For a process to receive multicast datagrams it has to request the kernel to join the multicast group and bind the port receiving the datagrams. When a process is no longer interested in the multicast group, a request is made to the kernel to leave the group. It is the kernel/host which joins the multicast group and not the process. Kernel configuration requires "CONFIG_IP_MULTICAST=y". In order for the Linux kernel to support multicast routing, set the following in the kernel config:

l CONFIG_IP_MULTICAST=y l CONFIG_IP_ROUTER=y l CONFIG_IP_MROUTE=y l CONFIG_NET_IPIP=y

The default Red Hat / Fedora kernels are compiled to support multicast.

See the YoLinux tutorial on optimization and rebuilding the Linux kernal.

Note that on multihomed systems (more than one IP address/network card), only one device can be configured to handle multicast.

Class D networks with a range of IP addresses from 224.0.0.0 to 239.255.255.255 (See Network Classes above) have typically been reserved for multicast.

Usefull commands:

Command Description List multicast group to which the host is subscribed. Use "Internet Group Management cat /proc/net/igmp Protocol". (See /usr/src/linux/net/core/igmp.c)

cat /proc/net/dev_mcast List multicast interfaces. (See /usr/src/linux/net/core/dev_mcast.c) ping 224.0.0.1 All hosts configured for multicast will respond with their IP addresses ping 224.0.0.2 All routers configured for multicast will respond ping 224.0.0.3 All PIM routers configured for multicast will respond ping 224.0.0.4 All DVMRP routers configured for multicast will respond ping 224.0.0.5 All OSPF routers configured for multicast will respond

Multicast transmissions are achieved through proper routing, router configuration (if communicating through subnets) and programatically with the use of the following "C" function library calls:

Function Call Description setsockopt() Pass information to the Kernel. getsockopt() Retrieve information broadcast using multicast. For more on multicast programming see: Multicast Howto.

The multicast application will specify the multicast loopback interface, TTL (network time to live), network interface and the multicast group to add or drop.

Add route to support multicast:

l route add 224.0.0.0 netmask 240.0.0.0 dev eth0

Note that if adding a route to forward packets through a router, that the router MUST be configured to forward multicast packets. Many routers do not support forwarding of multicast packets or have a default configuration which does not. The internet by default does not forward multicast packets.

Living in a MS/Windows World:

l SMB4k: My favorite MS/Windows file share browser.

l In Nautilus use the URL "smb:" to view MS/Windows servers. [tutorial]

l LinNeighborhood: Linux workstation gui tool.

Make your life simple and use the GUI/File Manager LinNeighborhood. It uses smbmount, samba and smbclient to give you access to MS/Windows servers and printers.

¡ LinNeighborhood Home Page ¡ LinNeighborhood Screen Shot

See the YoLinux tutorial on integrating Linux into a Microsoft network.

Network Definitions:

l IPv4: Most of the Internet servers and personal computers use Internet Protocol version 4 (IPv4). This uses 32 bits to assign a network address as defined by the four octets of an IP address up to 255.255.255.255. Which is the representation of four 8 bit numbers thus totaling 32 bits. l IPv6: Internet Protocol version 6 (IPv6) uses a 128 bit address and thus billions and billions of potential addresses. The protocol has also been upgraded to include new quality of service features and security. Currently Linux supports IPv6 but IPv4 is used when connecting your computer to the internet. l TCP/IP: (Transmission Control Protocol/Internet Protocol) uses a client server model for communications. The protocol defines the data packets transmitted (packet header, data section), data integrity verification (error detection bytes), connection and acknowledgement protocol, and retransmission. l TCP/IP time to live (TTL): This is a counting mechanism to determine how long a packet is valid before it reaches its destination. Each time a TCP/IP packet passes through a router it will decrement its TTL count. When the count reaches zero the packet is dropped by the router. This ensures that errant routing and looping aimless packets will not flood the network. l MAC Address: (media access control) is the network card address used for communication between other network devices on the subnet. This info is not routable. The ARP table maps TCP/IP address (global internet) to the local hardware on the local network. Use the command /sbin/ifconfig to view both the IP address and the MAC address. The MAC address uniquely identifies each node of a network and is used by the Ethernet protocol. l Full Duplex: Allows the simultaneous sending and receiving of packets. Most modern modems support full duplex. l Half Duplex: Allows the sending and receiving of packets in one direction at a time only. l OSI 7 Layer Model: The ISO (International Standards Organization) has defined the OSI (Open Systems Interconnection) model for current networking protocols. OSI Layer Description Linux Networking Use 7 Application Layer. telnet, web browser, sendmail The top layer for communications applications like email and the web. 6 Presentation Layer. SMTP, http Syntax and format of data transfer. 5 Session Layer. 4 Transport Layer. TCP Connection, acknowledgement and data packet transmission. UDP 3 Network Layer. IP ARP 2 Data Link Layer. Ethernet Error control, timing 1 Physical Layer. Ethernet Electrical characteristics of signal and NIC

l Network Hub: Hardware to connect network devices together. The devices will all be on the same network and/or subnet. All network traffic is shared and can be sniffed by any other node connected to the same hub. l Network Switch: Like a hub but creates a private link between any two connected nodes when a network connection is established. This reduces the amount of network collisions and thus improves speed. Broadcast messages are still sent to all nodes.

Related Links:

l Cable modem HowTo Vladimir Vuksan l Ethernet HowTo Paul Gortmaker l YoLinux Tutorial: Setting up an internet gateway for home or office using iptables or ipchains l Firewall HowTo Mark Grennan l YoLinux networking tutorial l Networking Overview HowTo Daniel Lopez Ridruejo l Networking Howto Joshua Drake l NFS Howto Nicolai Langfeldt l SNMP: Simple Network Management Protocol (Uses ports 161,162,391,1993) ¡ SNMP Intro and tutorials ¡ Linux SNMP Network Management Tools ¡ SNMP FAQ ¡ netsnmp tools and libraries l News/Usenet Group: comp.os.linux.networking Deja l MARSnwe Netware emulator l Linux 2.4 Advanced Routing HOWTO iproute2, traffic shaping and a bit of netfilter l ISDN: ¡ ISDN4LINUX FAQ Matthias Hessler ¡ ISDN4 Linux Home Page ¡ Dan Kegel's ISDN Page l PPP: PointtoPoint Protocol ¡ YoLinux Tutorial: Configuring PPP dial up connections to an ISP ¡ YoLinux Tutorial: Dialing Compuserve ¡ YoLinux Tutorial: Dialing AOL ¡ YoLinux Tutorial: Configuring PPP dialin connections l PPTP: PointtoPoint Tunneling Protocol ¡ RFC 2637: PointtoPoint Tunneling Protocol (PPTP). ¡ PPTPLinux Client A PPTP Linux client that allows a linux system to connect to a PPTP server. Developed by C. S. Ananian. ¡ Counterpane Systems FAQ on Microsoft's PPTP Implementation FAQ on the security flaws in Microsoft's PPTP Implementation. l DHCP: (Dynamic Host Configuration Protocol) ¡ YoLinux DHCP Tutorial How to set up a DHCP server. ¡ ISC Dynamic Host Configuration Protocol DHCP home page l Multicast: ¡ YoLinux Tutorial: Configuring Linux for multicast this tutorial in section above ¡ Multicast over TCP/IP HOWTO l ISP's: (National/Global) ¡ TheList.com Comprehensive list of ISP's ¡ Earthlink ¡ Concentric ¡ ATT Worldnet l NIS: (NFS infrastructure) ¡ YoLinux NIS tutorial ¡ NIS howto ¡ NIS configuration and use l Ethernet cables: ¡ Making CAT 3, 5, 5E RJ45 Ethernet Cables ¡ Wiring and Installation l Gigabit Ethernet l VIX: Vienna Internet eXchange European traffic exchange for ISP's

Test Internet Bandwidth:

l DSLreports.com: bandwidth and diagnostic tests l Speakeasy connection speed test l CNET Bandwidth Meter speed test l Network speed test l Bandwidth explained and List of bandwidth test sites

Man Pages:

l icmp Linux IPv4 ICMP kernel module l ifport select the transceiver type for a network interface l usernetctl allow a user to manipulate a network interface if permitted l ripquery query RIP (Routing Information Protocol) gateways l gated gateway routing daemon

Books:

"Networking Linux: A Practical Guide to TCP/IP" by Pat Eyler ISBN # 0735710317, New Riders Publishing

"LINUX TCP/IP Network Administration by Scott Mann, Mitchell Krell ISBN # 0130322202, rentice Hall PTR

"Advanced Linux Networking" by Roderick W. Smith ISBN# 0201774232, AddisonWesley Professional; 1st edition (July 15, 2002)

"Linux Routing" by Dee Ann LeBlanc, Joe "Zonker" Brockmeier, Ronald W. McCarty Jr. ISBN# 1578702674, Sams; 1st edition (October 11, 2001)

"Policy Routing Using Linux" by Matthew G. Marsh ISBN# 0672320525, Sams; (March 6, 2001)

"Red Hat Fedora 6 and Enterprise Linux Bible" by Christopher Negus Sams, ISBN# 047008278X

"Fedora 7 & Red Hat Enterprise Linux: The Complete Reference" by Richard Petersen Sams, ISBN# 0071486429

"Red Hat Fedora Core 6 Unleashed" by Paul Hudson, Andrew Hudson Sams, ISBN# 0672329298

"Red Hat Linux Fedora 3 Unleashed" by Bill Ball, Hoyt Duff Sams, ISBN# 0672327082

"Red Hat Linux 9 Unleashed" by Bill Ball, Hoyt Duff Sams, ISBN# 0672325888

I have the Red Hat 6 version and I have found it to be very helpful. I have found it to be way more complete than the other Linux books. It is the most complete general Linux book in publication. While other books in the "Unleashed" series have dissapointed me, this book is the best out there. "Redhat Linux 9 (Visual QuickPro Guide)" by Harold Davis ISBN #032121918X, Peachpit Press, Addison Wesley

The best basic Linux book around for the GUI generation. This book can be best described as a guide to using the GUI configuration tools.

Return to http://YoLinux.com for more Linux links, information and tutorials Return to YoLinux Tutorial Index Feedback Form