Linux+ Guide to Linux Certification, Third Edition

  • Published on
    02-Jan-2016

  • View
    28

  • Download
    0

DESCRIPTION

Linux+ Guide to Linux Certification, Third Edition. Chapter 12 Network Configuration. Objectives. Describe the purpose and types of networks, protocols, and media access methods Explain the basic configuration of TCP/IP Configure a Network interface to use TCP/IP - PowerPoint PPT Presentation

Transcript

Linux+ Guide to Linux Certification, Third EditionChapter 12Network ConfigurationLinux+ Guide to Linux Certification, 3eLinux+ Guide to Linux Certification, 3e*ObjectivesDescribe the purpose and types of networks, protocols, and media access methodsExplain the basic configuration of TCP/IPConfigure a Network interface to use TCP/IPConfigure a modem, ISDN, and DSL interfaceLinux+ Guide to Linux Certification, 3eLinux+ Guide to Linux Certification, 3e*Objectives (continued)Describe the purpose of host names and how they are resolved to IP addressesConfigure TCP/IP routingIdentify common network servicesUse command-line and graphical utilities to perform remote administrationLinux+ Guide to Linux Certification, 3eNetworksNetwork: two or more computers joined via media and able to exchange informationLocal area networks (LANs): connect computers within close proximitye.g., used to allow connection to shared resourcesWide area networks (WANs): connect computers separated by large distancese.g., used to connect to Internet Service ProviderInternet service provider (ISP): company providing Internet accessLinux+ Guide to Linux Certification, 3e*Linux+ Guide to Linux Certification, 3eLinux+ Guide to Linux Certification, 3e*Networks (continued)Routers: computers capable of transferring information between networksProtocol: set of rules for communication between networked computersPackets: packages of data formatted by a network protocolPackets can be recognized by routers and other network devicesLinux+ Guide to Linux Certification, 3eLinux+ Guide to Linux Certification, 3e*Networks (continued)Linux network protocols:TCP/IP (Transfer Control Protocol/Internet Protocol)UDP/IP (User Datagram Protocol/Internet Protocol)IPX/SPX (Internetwork Packet Exchange/Sequence Packet Exchange)AppleTalkDLC (Data Link Control)DECnet (Digital Equipment Corporation network)Linux+ Guide to Linux Certification, 3eLinux+ Guide to Linux Certification, 3e*Networks (continued)Media access method: defines how networked computers share access to the physical mediumContained within the hardware on NIC or modemEthernet: most common network media access methodEnsures that packets are retransmitted onto the network if a network error occursToken ring: popular media access methodControls which computer has the ability to transmit informationLinux+ Guide to Linux Certification, 3eLinux+ Guide to Linux Certification, 3e*The TCP/IP ProtocolSet of protocols with two core componentsTCP: ensures that packets are assembled in the correct order, regardless of arrival orderIP: responsible for labeling each packet with destination addressTogether, TCP and IP ensure that information packets travel across the network as quickly as possible without getting lostLinux+ Guide to Linux Certification, 3eLinux+ Guide to Linux Certification, 3e*IPv4 AddressesIP address: unique number that identifies a networked computerOctet: series of four 8-bit numbersCommon format of IPv4 addressesUnicast: directed TCP/IP communication from one computer to another single computerLinux+ Guide to Linux Certification, 3eLinux+ Guide to Linux Certification, 3e*IPv4 Addresses (continued)IPv4 addresses composed of two partsNetwork ID: network on which a computer is locatedHost ID: single computer on that networkTwo computers with different network IDs can have the same host IDOnly computers with same network ID can communicate without a routerLinux+ Guide to Linux Certification, 3eLinux+ Guide to Linux Certification, 3e*Subnet MasksDefine which part of IP address is the network ID and which part is the host IDSeries of four octetsOctet in subnet mask containing 255 is part of network IDOctet in subnet mask containing 0 is part of host IDANDing: calculate network and host IDs from an IP address and subnet maskCompare binary bitsLinux+ Guide to Linux Certification, 3eLinux+ Guide to Linux Certification, 3e*Subnet Masks (continued)Figure 12-1: A sample IP address and subnet maskLinux+ Guide to Linux Certification, 3eLinux+ Guide to Linux Certification, 3e*Subnet Masks (continued)0.0.0.0 = all networks255.255.255.255 = all computers on all networks255 in an IP address can specify many hostsBroadcast addressesLinux+ Guide to Linux Certification, 3eLinux+ Guide to Linux Certification, 3e*Default GatewayIP address of network interface on a router, to which you send packetsRouters can distinguish between different networks Move packets between themHave assigned IP addresses on each attached networkLinux+ Guide to Linux Certification, 3eLinux+ Guide to Linux Certification, 3e*IPv4 Classes and SubnettingIP address class defines default subnet mask of associated deviceAll IP address classes can be identified by first octetClass A: 8 bits for network ID, 24 bits for host IDAssigned to very large companiesClass B: 16 bits for network ID, 16 bits for host IDAssigned to larger organizations with several thousand usersClass C: 24 bits for network ID, 16 bits for host IDUsed for small and home networksLinux+ Guide to Linux Certification, 3eLinux+ Guide to Linux Certification, 3e*IPv4 Classes and SubnettingMulticast: TCP/IP communication destined for a certain group of computersClass D addressesSubnetting: divide a large network into smaller networksControl traffic flowTake bits from host ID; give to network IDLinux+ Guide to Linux Certification, 3eLinux+ Guide to Linux Certification, 3e*IPv4 Classes and Subnetting (continued)Table 12-1: IP address classesLinux+ Guide to Linux Certification, 3eThe IPv6 ProtocolNumber of IP addresses using IPv4 is unsuitable for Internet growthIPv6 protocol: uses 128 bits to identify computersAddresses written using eight 16-bit hexadecimal numbersIPv6 address contains two portionsFirst half assigned by ISP and identifies networkLast half is link local portion: used to uniquely identify computers in a LANLinux+ Guide to Linux Certification, 3e*Linux+ Guide to Linux Certification, 3eThe IPv6 Protocol (continued)Few networks have adopted IPv6Proxy servers and NAT routers: computers or hardware devices that have an IP address and access to a networkUsed by other computers to obtain network resources on their behalfAllows computers behind different NAT routers or proxy servers to have the same IPv4 addressLinux+ Guide to Linux Certification, 3e*Linux+ Guide to Linux Certification, 3eLinux+ Guide to Linux Certification, 3e*Configuring a Network InterfaceIf NIC detected during installation, Fedora Linux automatically configures appropriate driverinsmod and modprobe commands: used to load kernel objects into the Linux kernelCan be used to load NIC driverslsmod command: displays a list of currently loaded modulesrmmod command: removes module from kernelMost modules loaded from dist.conf file in the /etc/modprobe.d directoryLinux+ Guide to Linux Certification, 3eLinux+ Guide to Linux Certification, 3e*Configuring a Network Interface (continued)ifconfig command: assign TCP/IP configuration to a NICAlso used without any arguments to view configuration of all network interfaces in computerdhclient command: receive TCP/IP configuration from DHCP or Boot Protocol (BOOTP) serverAutomatic private IP addressing (APIPA): automatic assignment of IP address in the absence of BHCP and BOOTPLinux+ Guide to Linux Certification, 3eLinux+ Guide to Linux Certification, 3e*Configuring a Network Interface (continued)/etc/sysconfig/network-scripts/ifcfg-interface file: Stores NIC configurationsAllows the system to activate and configure TCP/IP information at each boot timeifdown command: unconfigures a NICifup command: configures NIC using /etc/sysconfig/network-scripts/ifcfg-interface fileping (Packet Internet Groper) command: Check TCP/IP connectivity on a network-c option: limit the number of ping packets sentLinux+ Guide to Linux Certification, 3eLinux+ Guide to Linux Certification, 3e*Configuring a Network Interface (continued)Figure 12-2: Configuring network interfacesLinux+ Guide to Linux Certification, 3eLinux+ Guide to Linux Certification, 3e*Configuring a Network Interface (continued)Figure 12-3: Configuring TCP/IP information for a network interfaceLinux+ Guide to Linux Certification, 3eConfiguring a Network Interface (continued)Mobile commuters typically connect to many different NICs, both wired and wirelessNetwork Manager daemon: allows users to quickly connect to wired and wireless networks from desktop environmentsLinux+ Guide to Linux Certification, 3e*Linux+ Guide to Linux Certification, 3eLinux+ Guide to Linux Certification, 3e*Configuring a PPP InterfaceRun TCP/IP over serial lines using a WAN protocolThree common Point-to-Point Protocol (PPP) connection technologies:ModemsISDNDSLLinux+ Guide to Linux Certification, 3eLinux+ Guide to Linux Certification, 3e*Configuring a PPP Interface (continued)Modems: send TCP/IP information across normal telephone linesConsidered slowTransmit information on a serial portISDN: set of standards designed to transmit data over copper telephone linesDSL: connects to Ethernet NIC and transmits data across normal telephone linesLinux+ Guide to Linux Certification, 3eLinux+ Guide to Linux Certification, 3e*Configuring a PPP Interface (continued)Normally configured manually after Linux installation is completeRequires: Support for PPP compiled into kernelPPP daemonSupporting utilities such as chat programCan use graphical programs to configure files and utilities to allow PPP communicationLinux+ Guide to Linux Certification, 3eLinux+ Guide to Linux Certification, 3e*Configuring a PPP Interface (continued)Figure 12-5: Adding a network interfaceLinux+ Guide to Linux Certification, 3eLinux+ Guide to Linux Certification, 3e*Configuring a PPP Interface (continued)Information about PPP devices stored in files named ifcfg-InternetServiceProviderName Located in /etc/sysconfig/network-scripts directoryOther configurations used by PPP daemon stored in /etc/ppp and /etc/isdn directoriesIncorrect passwords are the most common problem with PPP connectionsNeed to activate PPP device after configurationLinux+ Guide to Linux Certification, 3eLinux+ Guide to Linux Certification, 3e*Name ResolutionHostnames: user-friendly computer nameFully qualified domain name (FQDN): hostname following DNS conventionDNS: hierarchical namespace for host nameswhois command: used to obtain registration information about a domain within a name spacehostname command: view or set a computers host nameLinux+ Guide to Linux Certification, 3eLinux+ Guide to Linux Certification, 3e*Name Resolution (continued)Figure 12-6: The domain name spaceLinux+ Guide to Linux Certification, 3eLinux+ Guide to Linux Certification, 3e*Name Resolution (continued)TCP/IP cannot identify computers via hostnamesMust map hostnames to IP addressesCan be done by placing entries in the /etc/hosts fileISPs list FQDNs in DNS servers on InternetApplications request IP addresses associated with a specific FQDNConfigure by specifying the IP address of the DNS server in /etc/resolv.conf fileLinux+ Guide to Linux Certification, 3eLinux+ Guide to Linux Certification, 3e*RoutingRoute table: list of TCP/IP networks stored in system memoryroute command: displays the route tableMultihomed hosts: computers with multiple network interfacesIP forwarding: forwarding packets from one interface to anotherAlso known as routingLinux+ Guide to Linux Certification, 3eLinux+ Guide to Linux Certification, 3e*Routing (continued)Enabling routing: Place number 1 in:/proc/sys/net/ipv4/ip_forward for IPv4/proc/sys/net/ipv6/conf/all/forwarding for IPv6To enable routing at every boot:Edit the /etc/sysctl.conf file to include:net.ipv4.ip_forward = 1 for IPv4net.ipv6.conf.default.forwarding = 1 for IPv6Linux+ Guide to Linux Certification, 3eLinux+ Guide to Linux Certification, 3e*Routing (continued)Large networks may have several routersPacket may travel through several routersMay require adding entries in the router tableroute add command: add entries to route tableroute del command: remove entries from route tableip command: can be used to manipulate the route tableLinux+ Guide to Linux Certification, 3eLinux+ Guide to Linux Certification, 3e*Routing (continued)Figure 12-7: A sample routed networkLinux+ Guide to Linux Certification, 3eLinux+ Guide to Linux Certification, 3e*Routing (continued)Contents of route table lost when computer powered offAdd to /etc/rc.d/rc.local file Most routers configured with a default gatewayFor packets addressed to destinations not in route tabletraceroute command: troubleshoot routingDisplays routers between current and remote computerLinux+ Guide to Linux Certification, 3eLinux+ Guide to Linux Certification, 3e*Network ServicesMust identify types and features of network services before they can be configuredNetwork services: processes that provide some type of valuable service for client computers on networkOften presented by daemon processes that listen to certain requestsDaemons identify packets to which they should respond using a port numberLinux+ Guide to Linux Certification, 3eLinux+ Guide to Linux Certification, 3e*Network Services (continued)Port: number uniquely identifying a network serviceEnsure that packets delivered to proper serviceRange from 0 to 65534/etc/services file: lists ports and associated protocolWell-known port: ports from 0 to 1023 Represent commonly used servicesLinux+ Guide to Linux Certification, 3eLinux+ Guide to Linux Certification, 3e*Network Services (continued)Table 12-2: Common well-known portsLinux+ Guide to Linux Certification, 3eLinux+ Guide to Linux Certification, 3e*Network Services (continued)Internet super daemon (xinetd): initializes appropriate daemon to provide needed network serviceStand-alone daemons: daemons that provide network services directlyLog information themselves to subdirectories under /var/logchkconfig command or ntsysv utility can be used to configure most stand-alone daemons to start in various runlevelsLinux+ Guide to Linux Certification, 3eLinux+ Guide to Linux Certification, 3e*Network Services (continued)Figure 12-8: Interacting with network servicesLinux+ Guide to Linux Certification, 3eLinux+ Guide to Linux Certification, 3e*Network Services (continued)Table 12-3: Common network servicesLinux+ Guide to Linux Certification, 3eLinux+ Guide to Linux Certification, 3e*Network Services (continued)Table 12-3 (continued): Common network servicesLinux+ Guide to Linux Certification, 3eLinux+ Guide to Linux Certification, 3e*Network Services (continued)Table 12-3 (continued): Common network servicesLinux+ Guide to Linux Certification, 3eLinux+ Guide to Linux Certification, 3e*Network Services (continued)Table 12-3 (continued): Common network servicesLinux+ Guide to Linux Certification, 3eLinux+ Guide to Linux Certification, 3e*Remote Administration: Telnettelnet command: traditionally used to obtain a command-line shell on remote serverReceives host name or IP address of remote computer as argumentEasiest way to perform remote administrationNeed to install telnet daemon using yum commandUse regular commands and exit to kill remote BASH shellLinux+ Guide to Linux Certification, 3eRemote CommandsRemote commands: set of commands that can be used to execute commands on remote systemsyum install rsh-serverrlogin command: obtains a shell from remote computer on networkrcp command: copies files between computersrsh command: used to execute a command on a remote computerLinux+ Guide to Linux Certification, 3e*Linux+ Guide to Linux Certification, 3eRemote Commands (continued)r commands allow access to remote computers without a password, if remote computer has trusted accessTrusted access: computers allowed to access a computer without providing a passwordDoes not apply to root userMethods of setting up:Add host names of computers to /etc/hosts.equivCreate and .rhosts file in the home directory of each user who should get trusted accessLinux+ Guide to Linux Certification, 3e*Linux+ Guide to Linux Certification, 3eSecure Shell (SSH)Secure Shell (SSH): encrypts information passing between computersSecure replacement for r commandsssh command: connects to a remote computer running ssh daemonReceives host name or IP address of target computer as argumentAccept RSA encryption fingerprint for target computerCan be used to transfer files between computersLinux+ Guide to Linux Certification, 3e*Linux+ Guide to Linux Certification, 3eSecure Shell (SSH) (continued)Main types of encryption supported by ssh daemon:Triple Data Encryption Standard (3DES)Advanced Encryption Standard (AES)BlowfishCarlisle Adams Stafford Tavares (CAST)ARCfourLinux+ Guide to Linux Certification, 3e*Linux+ Guide to Linux Certification, 3eRemote X WindowsX Windows is a network applicationCan be used to obtain graphical utilities from remote Linux computerTo obtain graphical utilities using X Windows:Edit /etc/gdm/custom.confUse xhost + command within a graphical terminal to allow other computers to write X Windows clients on your computerConnect to remote computer with telnet or ssh, and export DISPLAY variable of the local computerLinux+ Guide to Linux Certification, 3e*Linux+ Guide to Linux Certification, 3eVirtual Network Computing (VNC)Graphical option for administering Linux remotelyOther computers run VNC client that connects to VNC server daemon installed on local computer to obtain a desktop environmentRemote FrameBuffer (RFB): platform-independent protocol used to transfer graphics, mouse movements and keystrokes across networkvncpasswd command: used to configure password for VNC connectionvncviewer command: connects to VNC serverLinux+ Guide to Linux Certification, 3e*Linux+ Guide to Linux Certification, 3eLinux+ Guide to Linux Certification, 3e*SummaryA network is a collection of connected computers that share informationA protocol is a set of rules that defines the format of information that is transmitted across a networkEach computer on a TCP/IP network must have a valid IPv4 or IPv6 addressThe IPv4 configuration of a network interface can be specified manually, obtained automatically from a DHCP or BOOTP server, or autoconfigured by the systemLinux+ Guide to Linux Certification, 3eSummary (continued)The IPv6 configuration of a network interface can be obtained from a router using ICMPv6, from a DHCP server, or autoconfigured by the systemThe /etc/sysconfig/network-scripts directory contains the configuration for NIC and PPP interfacesHost names are computer names that are easy for humans to remember; host names that follow the DNS are FQDNsHost names must be resolved to an IP address before network communication can take placeLinux+ Guide to Linux Certification, 3e*Linux+ Guide to Linux Certification, 3eLinux+ Guide to Linux Certification, 3e*Summary (continued)Routers are devices that forward TCP/IP packets from one network to another; each computer and router has a route table used to determine how TCP/IP packets are forwardedNetwork services are started by the Internet Super Daemon or by stand-alone daemonsThere are many ways to remotely administer a Linux system, including the telnet, rsh, rcp, rlogin, and ssh commands, X Windows and VNCLinux+ Guide to Linux Certification, 3e*********************************************************

Recommended

View more >