Networking

Overview of Networking
TCP/IP
• TCP/IP is the de facto standard for transmitting data over networks.
• TCP/IP stands for Transmission Control Protocol (TCP) while IP stands for Internet Protocol (IP).
• TCP is responsible for establishing and maintaining network conversations so that two devices
can exchange data.
• The Internet Protocol is responsible for sending data from one device to another device on a
network. Each one of these network devices is known as a host and has at east one IP address.
• For a device on a network to communicate properly, it needs three pieces of information: an IP
address, a subnet mask, and a broadcast address.
• Each one of these numbers is comprised of four octets separated by a dot. An octet represents
eight-bits and therefore can have a value starting at 0 and going up to 255.
• Example IP Address: 199.83.131.168
• Example Subnet Mask: 255.255.255.0
• Example Broadcast Address: 199.83.131.255
TCP/IP
• TCP/IP is the de facto standard for transmitting data over networks.
• TCP/IP stands for Transmission Control Protocol (TCP) while IP stands for
Internet Protocol (IP).
• IP addresses are comprised of two parts. The first part of an IP address is the
network address and the second part is the host address.
• The network portion of the IP address tells routers what network the host
belongs to and thus where to route data that is destined for that host.
• The host address tells routers the specific device that the data should be
sent to.
• For routing to work properly, each group of devices, or network, needs to
have a unique network address.
• Also, each device within that network needs to have a unique host address.
• The class of an address determines what portion is used as the network
address and what portion is used for host addresses.
TCP/IP
• A class determines the possible number of
networks and the addressable space per network.
For example, a Class A network can accommodate
about 16 million host addresses. A Class B network
can have up to 65,536 hosts in it, and a class C
network can address 255 hosts.
• The network portion of an IP address corresponds
to the 255s in the subnet mask. For example, the
first octet of a Class A network is the network
portion while the three remaining octets are the
host portion. For Class B networks, the first two
octets are for network addresses while the last
two octets are for host addresses. Finally, Class C
networks use the first three octets for the network
and just the last octet for the host addresses.
TCP/IP
• A broadcast address is a special
logical address used to send data to
all hosts on a given network.
• In addition to their own IP
addresses, all network hosts receive
data sent to the broadcast address.
You can quickly determine the
broadcast IP address by using the
value 255 in the octets where there
are 0’s in the subnet mask.
Classless Inter-Domain Routing
• CIDR stands for Classless Inter-Domain Routing.
• It allows networks to be subdivided regardless of their traditional class. These
subdivided networks are called subnets.
• For example, the IP address 121.67.198.94 falls in the Class A network range. By
default, the network is 121.0.0.0, the subnet mask is 255.0.0.0, and the broadcast
address is 121.255.255.255.
• However, if you specify a subnet mask, you can alter the portion of the IP address
that is used as the network and the portion that is used as the host address. By
specifying a 255.255.255.0 subnet with the 121.67.198.94 address, the network
becomes 121.67.198.0 and the broadcast address becomes 121.67.198.255.
Routing Reserved Private Address Space
• There are ranges of IP addresses that are dedicated
for use in private networks. You’ll often see these
types of IP addresses being used in your company’s
internal network and you’ll most likely being using a range
of these IP addresses for your home network as well.
• These private addresses are also called non-routable IPs
since they are not routed through the public Internet.
You’ll also hear these IP addresses referred to as RFC1918
address, which refers to the RFC1918 standards document
where these private ranges were initially defined.
• As you can see in the table, there is a dedicated range of
non-routable private address space for each network class.
Keep in mind that you can subnet these networks however
you like, regardless of their associated traditional class.
Linux Networking
Displaying IP Address Information
• To show your current IP address, or to get a list of all the IP addresses in use on
your system, run the ip command with an argument of address.
• With the ip command, you can use abbreviations, so instead of running ip
address you can run ip addr or even ip a. You can also be more explicit by
running ip address show.
• Output from the ip address command.
• You can see two devices listed: lo and eth0. The lo device is the loopback
device. This is a special virtual network interface that a Linux system uses to
communicate with itself. The loopback device has an IP address of 127.0.0.1.
The other network device on this system is the eth0 device. This is an actual
hardware device and it has an ip address of 192.168.1.122.
Displaying IP Address Information
• In addition to the ip command, the ifconfig tool can be used to display IP address information. At
this point the ifconfig utility is considered to be deprecated.
• However, this little utility hasn’t quite yet disappeared on modern Linux systems and may be
around for quite some time to come. If this is a refresher for you or if you are coming from a Unix
background, you may already be familiar with the ifconfig command, but not its newer
replacement, the ip command.
• To display the ip address in use with the ifconfig command, execute it without any arguments.
• Here is some output from the ifconfig command. It lists two interfaces: eth0 and the
loopback device. You’ll notice that the output is slightly different from the ip command.
However, it gets the job done by displaying the IP address, netmask, and more. Just like with
the ip command, you can see that the eth0 device has an IP of 192.168.1.122 and the
loopback device has an IP of 127.0.0.1.
Hostnames
• In addition to the ip command, the ifconfig tool can be used to display IP address
information. At this point the ifconfig utility is considered to be deprecated.
• Host is a device connected to a network. Since we are talking about TCP/IP
networking, a host in this case is a device with an IP address.
• A hostname is simply a human-readable name that corresponds to an IP address.
Let’s say we have a Linux server that will act as a web server in production. We
can give that server a hostname, webprod01 for example, and refer to it by that
hostname instead of its IP address, which might be something like
10.109.155.174. A one word hostname like this is sometimes called the short
hostname or the unqualified hostname.
DNS Hostnames
• In addition to the ip command, the ifconfig tool can be used to display IP address information. At
this point the ifconfig utility is considered to be deprecated.
• The primary purpose of DNS, which stands for Domain Name System, is to translate human
readable names into IP addresses. Of course, DNS does the reverse as well.
• It can translate an IP address to a hostname.
• The fully qualified domain name, or FQDN, of a host also contains a domain name and a top-level
domain name. Each section of the FQDN is separated by a period.
• TLD stands for top-level domain and is the rightmost portion of a DNS name. Common top level
domains include .com, .net, and .org, but there actually hundreds of other top level domains.
• You can display the current hostname by using the hostname command or by running uname -n.
In the following example, the hostname is webprod01. If you want to display the FQDN, run
hostname -f.
Resolving DNS Hostnames
• You want to lookup or resolve a DNS name or an IP address, you can use the host or dig tools.
• In their simplest forms, you specify the IP address or dns name you want to lookup as an
argument to the command.
The Host File
• The /etc/hosts file contains a list of IP addresses and hostnames.
• You can create entries in the hosts file by starting a line with an IP address and then following it
with the name or names you want to translate that IP address to.
• The following example entry uses multiple names, but if you don’t need or want to access the
system by multiple names, you can simply list one name. This entry could be one of many in the
hosts file.
10.11.12.13 webprod02.mycorp.com webprod02
• You can create an entry for the members of the cluster in /etc/hosts and use their private
address, thus forcing network communications through the private network.
• It’s important to note that /etc/hosts is local to the system. Adding an entry to the /etc/hosts file
does not add an entry into DNS.
Name Service Switch
• Typically, the /etc/hosts file is checked first before a DNS server is queried, but
you can change this behavior by editing the /etc/nsswitch.conf file.
• NSS stands for Name Service Switch and it controls the order in which lookups
are performed.
• The hosts line determines the order for name resolution. For example, if you
have hosts: files dns in the nsswitch.conf file, the /etc/hosts file will be searched
first. If an IP address is found, that IP is used and the search stops. If it is not
found, then DNS is queried.
• There are other services that can resolve hostnames. If you want to use NIS for
name resolution you can add it to the hosts line in /etc/nsswitch.conf
Network Ports
• Just like IP addresses identify hosts on a network, ports identify
the services on a host. When a service starts on a system, it
binds itself to a port and listens for traffic destined for its port.
• Ports range from 1 to 65,535. Ports from 1 through 1,023 are
called well-known ports or system ports. These ports are pre-
assigned ports and are used for common system services.
• These ports are also called privileged ports since it requires
superuser privileges to open these ports. Ports above 1,024 can
be opened and used by normal users on a system and are
called unprivileged ports
• For a complete list of ports visit
http://www.linuxtrainingacademy.com/ports
• The /etc/services file translates human-readable names into
port numbers. Here you’ll find a list of predefined ports
Dynamic Host Configuration Protocol.
DHCP
• DHCP stands for Dynamic Host Configuration Protocol.
• DHCP is primarily used to assign IP addresses to hosts on a network. When a DHCP client wants to
request an IP address it sends a broadcast message looking for a DHCP server. The DHCP server
then responds to the client and provides it with an IP address and other additional information
such as the netmask, gateway, and DNS servers to use for name resolution.
• The DHCP client configures itself with this information and begins to communicate on the
network.
• The IP address assigned to a DHCP client is leased from the DHCP server. The client will be able to
use that IP address for the lease expiration time configured by the DHCP server.
• If the DHCP client wants to continue using the IP address beyond the lease expiration time, it
must send a renewal request to the DHCP server. If no renewal is received by the DHCP server, it
will place this IP back into the pool of available addresses.
Configuring DHCP
• To configure a RedHat based system as a DHCP client
• Edit the network device configuration file located in the
/etc/sysconfig/network-scripts directory. The name of this file will be ifcfg-
network-device-name. Depending on the system configuration and the
underlying hardware, it might be ifcfg-eth0 or even something like ifcfg-
enp5s2. To get a list of network devices on your system, run ifconfig -a or ip
link. Once you’ve identified the configuration file for the network device, set
the BOOTPROTO variable to “dhcp.”
• To configure an Ubuntu system as a DHCP client
• Edit the /etc/network/interfaces file. Add the dhcp method to the inet
address family statement for the interface. The line will read iface <network-
device-name> inet dhcp. For eth0, this will be iface eth0 inet dhcp.
Assigning Static IP Address
• You can also assign a static IP address to a Linux system. For RedHat based
systems, edit the network interface configuration file located in
/etc/sysconfig/network-scripts. Be sure to set the BOOTPROTO variable to
static. Assign the IP address, netmask, network, broadcast, and gateway. If you
want the network device to be activated at boot time, set ONBOOT to yes.
• To assign an interface a static IP address on an Ubuntu system, edit the
/etc/network/interfaces file. Use the static keyword following inet on the iface
line for the network interface. Next, supply the IP address, netmask, and gateway
address.
Assigning Static IP Address
• You can use the ip command to manually assign an IP address to a network interface.
• The format is ip address add IP[/NETMASK] dev NETWORK_DEVICE.
• To add the IP address 10.11.12.13 to eth0, run ip address add 10.11.12.13 dev eth0.
• You can also supply the netmask by following the IP address with a forward slash and then
providing the netmask like so: ip address add 10.11.12.13/255.255.255.0 dev eth0.
• To bring the interface up, run ip link set eth0 up.
• If the ifconfig tool is available, you can use it to assign IP addresses to network interfaces as well.
• The format is ifconfig NETWORK_DEVICE addr netmask SUBNET_MASK.
• To add the IP address 10.11.12.13 to eth0 with ifconfig, run ifconfig eth0 10.11.12.13.
• To specify the netmask, use the netmask keyword and follow it by the netmask you intend to
use.
• Run ifconfig eth0 10.11.12.13 netmask 255.255.255.0, for example. To bring the interface up,
run ifconfig eth0 up.
• An easier way to bring network interfaces up and down is by using the ifup and ifdown commands.
Domain Name Server (DNS)
DNS
• DNS is a network service that enables clients to
resolve names to IP address and vice-versa.
• Allows machines to be logically grouped by domain
names.
• Provides email routing information.
Internet Naming Hierarchy
DNS Operation
• A DNS server maintains the name to IP address mapping of the
domain for which it is the name server.
• The DNS server for a domain is registered with the domain
registrar and the entry is maintained by the Internet Root-Servers
(13) or Country Level Root-Servers.
• Whenever a server is queried, if doesn’t have the answer, the root
servers are contacted.
• The root servers refer to the DNS server for that domain (in case
the domain is a top level domain) or the Country Root Server (in
case the domain is country level domain).
Basic Bind Configuration
• The configuration file for a Bind server is /etc/named.conf.
• This file has the following main entries:
DNS Configuration
• named daemon is used
• A DNS Server may be caching/master/slave server
• The named.ca file has information of all Root Servers.
• There is a Forward Zone file and a Reverse Zone file for every domain.
• Configuration file:
/var/named/chroot/etc/named.conf
• Forward Zone File:
/var/named/chroot/var/named/<forward_zone_file>
• Reverse Zone File:
/var/named/chroot/var/named/<reverse_zone_file>
Sample Master named.conf
zone "." {
type hint;
file "named.ca";
};
zone "0.0.127.in-addr.arpa" {
type master;
file "named.local";
allow-query {any;};
};
zone "iitk.ac.in" {
type master;
file "hosts.db";
allow-query {any;};
};
zone "95.200.203.IN-ADDR.ARPA" {
type master;
file "hosts.rev.203.200.95";
allow-query {any;};

};

zone "iitk.ernet.in" {

type slave;

file "hosts.iitk.ernet.in";

masters { 202.141.40.10; };

allow-query {any;};
Sample Forward Zone File
TTL 86400

@ IN SOA ns.iitk.ac.in. root.ns.iitk.ac.in. (

200605091 ; Serial

10800 ; Refresh - 3 hours

3600 ; Retry - 1 hour

1209600 ;Expire - 1 week

43200 ) ; Minimum TTL for negative answers - 12 hours

IN NS ns.iitk.ac.in.

IN NS proxy.iitk.ac.in.

IN MX 5 mail0.iitk.ac.in.

IN MX 10 mail1.iitk.ac.in.

IN MX 20 mail2.iitk.ac.in.

$ORIGIN iitk.ac.in.

ns IN A 203.200.95.142

mail IN A 203.200.95.144

proxy IN CNAME mail

Sample Reverse Zone File
• $TTL 86400
• $ORIGIN 200.203.in-addr.arpa.
• 95 IN SOA ns1.iitk.ac.in. root.ns1.iitk.ac.in. (
• 200605091 ; Serial
• 10800 ; Refresh - 5 minutes
• 3600 ; Retry - 1 minute
• 1209600 ; Expire - 1 weeks
• 43200 ) ; Minimum TTL for negative answers - 12 hours
• IN NS ns.iitk.ac.in.
• IN NS proxy.iitk.ac.in.

• $ORIGIN 95.200.203.in-addr.arpa.
• ;
• ;
• 142 IN PTR ns.iitk.ac.in.
• 144 IN PTR mail.iitk.ac.in.
Configuring Local Resolver
• /etc/resolv.conf
server 127.0.0.1
DNS Setup
• Test DNS
• Tools - Nslookup, host and dig
• Advanced BIND Features
• Access List, Round Robin Load Sharing and Dynamic DNS Update
• Access Control List
• ACL is a list of semi-colon separated IP addresses or networks.
• Create ACLs and apply directives on specified ACLs
acl “mynetwork” { 172.31.0.0/16; 172.30.1.1; };

allow-query {mynetwork; };
allow-transfer {mynetwork; };
allow-update {mynetwork; };
DNS Setup
• Dynamic DNS Update
• Allows the DNS server to update the Name and IP address of hosts on the
network.
• To disable DDNS, use the directive:
allow-update {none; };
• Round Robin Load Sharing
• Load Balancing can be achieved by use of multiple A records for the same
name:
www IN A 203.200.95.140
www IN A 203.200.95.141
www IN A 203.200.95.142
Electronic Mail (SMTP, POP,IMAP)
Configuring Linux Mail
Servers
Configuring a Mail Server

• Identify key elements in the Linux e-mail architecture

• Describe how MTAs and MUAs are used in the Linux mail system
• Configure a mail server in YaST
Introduction to the Linux Mail System
• E-mail predates the Internet
• Today, e-mail is the most widely used Internet service
• OpenSUSE includes sophisticated e-mail programs
• Such as Evolution and Kmail
• In Linux environment, e-mail is modular
• A separate program is used to manage each function
Introduction to the Linux Mail System

Figure 12-1 The Linux e-mail architecture

© Cengage Learning 2013
Introduction to the Linux Mail System
• Two main types of programs typically used on a Linux e-mail server:
• Mail transfer agent (MTA)
• A program for receiving and delivering messages via Simple Mail Transfer Protocol
• In Linux, the MTA is often Postfix or sendmail
• Mail user agent (MUA)
• An e-mail program that enables users to access their mailboxes for reading and sending
electronic messages
• Examples: Evolution, KMail, command-line utility mail
• Simple Mail Transfer Protocol (SMTP)
• TCP/IP protocol that defines how e-mail is sent across the network
• Postfix
• Default MTA in openSUSE
Introduction to the Linux Mail System
• When MTA receives the message from MUA:
• It determines whether the message is intended for a recipient on local
domain or a recipient on another domain
• If it’s on the local domain (example.com):
• MTA saves the message in local machine’s message store until the recipient reads it
• For a recipient on another domain:
• MTA sends the message via SMTP to a remote MTA
Mail Transfer Agents
• MTA
• Actual mail server
• Responsible for:
• Receiving e-mails from local users
• Forwarding them to a local message store or a remote MTA
• Messages are transferred from the local message store to users via mail delivery agent (MDA)
• Protocols which can be used for the transfer:
• Post Office Protocol (POP3)
• Internet Message Access Protocol (IMAP)
• Process of an MTA sending messages not belonging to local domain to a remote MTA isn’t
automatic
• Your domain’s DNS settings must be configured correctly
• MTA needs to be able to establish a connection with the remote MTA
Sendmail
• Sendmail
• Most widely used MTA on UNIX/Linux systems
• Not the preferred MTA on openSUSE Linux systems
• Postfix
• Preferred MTA
• Ease of configuration, reliability, and security
• In most organizations, employees need to send e-mail to many other domains
• You can edit Sendmail configuration file to:
• Change the MTA behavior to allow multiple domains
• Set rules, such as message filters
• Sendmail is a large program compared with other mail programs
• It performs all MTA functions
Qmail
• Written by Dan Bernstein
• A fast, modular MTA
• Lightweight, secure, and reliable
• Designed with security and ease of use in mind
• Easier to configure
• Such as allowing multiple domains
• Multiple modules handle qmail’s MTA functions
• Each no bigger than 30 KB
Postfix
• Developed by Wietse Venema
• Default MTA package on openSUSE Linux systems
• Designed as a modular MTA
• Easier to configure, and more reliable and secure than sendmail
• Its modular design enhances security
• Each module has its own set of permissions to follow the guideline of least
privileges
Mail User Agents
• MUA
• An e-mail program that enables users to send and read messages stored in their mailboxes
• In the Linux e-mail system:
• Each user has a local mailbox
• Local MTAs send messages to users’ mailboxes
• MUA doesn’t actually receive messages
• It allows users to read messages that have already been placed in mailboxes
• MUAs can store messages in one of two ways
• Method 1
• Messages are stored on users’ computers
• Frees up space on the server
• Method 2
• Messages are stored on the mail server
• Users can access them from any computer on the local domain
Mail Server Configuration
• Configuration procedures differ depending on the Linux distribution
• With openSUSE Linux, you can use a mail server configuration utility
in YaST Control Center to perform configuration tasks, including:
• Enable virus scanning
• Define the type of network connection MTA uses to determine how e-mail is
delivered
• Configure an outbound mail server that’s used if you have a dial-up
connection or aren’t connected to the Internet
Mail Server Configuration
• Define masquerade name for outgoing e-mail
• Useful for companies that prefer using a more professional name than actual mail server
name
• Configure incoming mail options, such as:
• Firewall settings
• Root mailbox account
• Whether to accept mail from remote servers
• Local alias accounts
• Virtual domains
The Mail Server Configuration Wizard
• Root user can start Mail Server Configuration Wizard
• yast2 mail command is used to start wizard
• Following sections describe the steps in wizard
General Settings
• Can use General Settings window to specify network connection type
• Determines how MTA delivers messages
• Default option is “Permanent”
• Selecting this option allows Postfix (the MTA) to send messages in real time as they’re
created
General Settings
• Dial-up option
• For Linux machines that connect to the Internet via a dial-up connection
• Forces users to queue outbound mail server manually when they’re ready to send or
receive messages
• Example:
• To e-mail a user on a remote computer, you must use sendmail -q command after sending your
message
• “No connection” option
• For Linux machines that don’t have access to the Internet
• Users with this option can e-mail each other only on local machines
• Can also use General Settings window to enable virus scanning with
AMaViS program
• AMaViS stands for A Mail Virus Scanner
Outgoing Mail
• Outgoing Mail window is used to configure dial-up connections by:
• Adding your ISP’s SMTP server, such as smtp.provider.com
• Clicking Authentication button to enter authentication credentials
• MTAs can send messages to remote MTAs
• If your mail server is connected to the Internet, you can leave outgoing mail server entry blank
• When you send e-mails, your full computer name is used in the name field
• Example:
• [email protected]
• Most companies prefer to have the organization name displayed
• To do this:
• Click the Masquerading button
• Set a display name for each user on the network
Outgoing Mail
Incoming Mail
• Accept remote SMTP connections option
• This check box is disabled if:
• If your computer isn’t directly connected to the Internet
• You have a dial-up connection
• Select this option if:
• If you’re connected to the Internet directly
• If you select this option, you must configure firewall settings
• Need to select Open Port in Firewall check box
Incoming Mail
Incoming Mail
• Downloading section
• If a company hosts e-mail on a server that isn’t connected directly to its networks:
• Enter remote server’s credentials in Downloading section
• Protocols that can be used to transfer e-mail from a remote MTA:
• POP3—Post Office Protocol 3 (POP3)
• IMAP—Internet Message Access Protocol (IMAP)
• “Forward root’s mail to” text box
• Root user account has full access to all Linux machines on a network
• Logging in to mail server as a regular user with limited permissions is
recommended
• You can redirect system e-mails to your regular user account by entering your
username in “Forward root’s mail to” text box
Incoming Mail
• Delivery Mode drop-down list
• Options
• Directly
• Through procmail
• To Cyrus IMAP Server
• Aliases button
• Used for redirecting e-mail to a different local user or a list of local users
• Virtual domains button
• Used to create an alias for your domain name
• If you selected masquerading option in Outgoing Mail window:
• You should configure a domain alias
• Activity 12-2: Configuring a Mail Server
• Configure a mail server to send e-mail from a user on one computer to a user on another computer