introduction to linux networking in linux. internet in 1970's, darpa (defence advanced research...
Post on 27-Mar-2015
230 Views
Preview:
TRANSCRIPT
Introduction to Linux
Networking in Linux
Internet
In 1970's, DARPA (Defence Advanced Research Projects Agency) wanted something to link their computers together.
They chose BSD to implement the first internet, arpa net because if Unix's portability.
Thus, all networking protocols nowadays are all based on the original BSD implementation of networking.
Basic networking
In a networked environment, each computer has its own IP address and MAC address.
There is also a subnet mask associated with the IP address.
Basic routing is that when a computer receives an IP address that is not known, it passes it upstream to its router.
Simple Networking Setup
192.168.1.10255.255.255.0
192.168.1.11255.255.255.0
165.248.1.11255.255.254.0
192.168.1.1255.255.255.0
Router B
A B
Router A
192.168.2.10255.255.255.0
192.168.2.11255.255.255.0
165.248.2.12255.255.254.0
165.248.1.1255.255.254.0
165.248.1.12255.255.254.0
192.168.2.1255.255.255.0
C D
Router C
Setting up the network on Linux
To assign an IP address to a computer, you use the ifconfig command.
There are many options to ifconfig, typical parameters are:ifconfig IP netmask
After assigning an IP address, the computer needs a default gateway so it can pass packets upstream.
To add a default route, you use the route command:route add default IP
Hosts
IP addresses are hard to remember. Who remebers the IP address to yahoo.com? So there is a hosts file all unix. Windows actually have this file too, but
windows don't normally uses it because it uses NetBUI.
An entry in /etc/hosts contains the following:IP Address (IPv4 or IPv6) alias
domain
DNS and /etc/resolv.conf
In Local Network, hosts files works fine, but on the internet, hosts files would not work. So DNS is created.
In DNS, there is a DNS name server that resolves the IP address of a domain name.
The file /etc/resolv.conf is responsible for DNS resolution in a workstation (non-server).
Normally, /etc/hosts is querying a DNS server, however, that option may be changed.
An entry in /etc/resolv.conf:nameserver IP addresssearch domain
DHCP
Assigning an IP address to each computer is not a feasible solution if clients are not always connected.
DHCP or Dynamic Host Configuration Protocol is developed.
Most Linux distributions is configured to automatically asks for an IP address from a DHCP server when it boots up.
To asks for an IP address manually, you use the dhclient command:dhclient interface
More on routing
To do “routing” with linux, the kernel usually needs to be recompiled with ip forwarding.
But a loadable module may be loaded instead of recompile if the kernel supports loading additional modules.
Benefits of using monolithic kernel is added security.
Once ip forwarding is enabled, the machine can act as a basic router.
Routed is the routing daemon.
Routing protocols
Base installation of Unix supports the RIP protocol. (Routing Information Protocol)
There are a few more protocols: IGRP (Interior Gateway Routing Protocol) EGP (Exterior Gateway Protocol) BGP (Border Gateway Protocol)
To use the above routing protocols, third party programs will be needed: Zebra (GNU) Bgpd Gated Quagga (Told to be the best)
Netstat
The command netstat show network statistics. (Note: different unixes shows different outputs)
The options -r shows the routing table. -n shows numeric IPs instead of hosts. -i shows configured network interfaces. -t shows active TCP connections, -u for
udp, -w for raw and -x for unix sockets. -a shows listening sockets.
Routing Table
Routing tables
Internet:Destination Gateway Flags Refs Use Netif Expiredefault 172.16.16.2 UGS 0 251 rl0127.0.0.1 127.0.0.1 UH 1 6 lo0172.16.16/22 link#1 UC 0 0 rl0172.16.16.2 08:00:02:56:93:f0 UHLW 1 0 rl0 346172.16.18.67 127.0.0.1 UGHS 0 0 lo0
FlagsG – uses a gatewayU – interface upH – only single host
Network statistics on connections
Active Internet connectionsProto Recv-Q Send-Q Local Address Foreign Address (state)tcp4 0 48 fukakyon.ssh 165.248.17.24.6080 ESTABLISHEDudp4 0 0 localhost.55092 localhost.54628udp4 0 0 localhost.54628 localhost.55092udp4 0 0 localhost.domain *.*udp4 0 0 fukakyon.domain *.*udp4 0 0 fukakyon.domain *.*
Active Internet connections (including servers)Proto Recv-Q Send-Q Local Address Foreign Address (state)tcp4 0 48 fukakyon.ssh 165.248.17.24.6080 ESTABLISHEDtcp4 0 0 *.3128 *.* LISTENtcp4 0 0 *.http *.* LISTENtcp4 0 0 *.https *.* LISTENtcp4 0 0 *.3127 *.* LISTENtcp4 0 0 localhost.8005 *.* LISTENtcp4 0 0 *.8009 *.* LISTENtcp4 0 0 *.8008 *.* LISTENtcp4 0 0 *.ftp *.* LISTENtcp4 0 0 localhost.10025 *.* LISTENtcp4 0 0 *.smtp *.* LISTENtcp4 0 0 *.postgresql *.* LISTENtcp4 0 0 *.3306 *.* LISTENtcp4 0 0 *.3129 *.* LISTENtcp4 0 0 *.imaps *.* LISTENtcp4 0 0 *.imap *.* LISTENtcp4 0 0 localhost.10024 *.* LISTENtcp4 0 0 *.ssh *.* LISTENtcp4 0 0 localhost.rndc *.* LISTENtcp4 0 0 localhost.domain *.* LISTENtcp4 0 0 fukakyon.domain *.* LISTENtcp4 0 0 fukakyon.domain *.* LISTEN
More on DNS
DNS is Domain Name System. There are different types of records in DNS
(Common types): A record Direct address
translation PTR record IP->host translation MX record Mail Exchange record CNAME record Alias of an A record
Types of quering for a DNS record
When asking for a reply to a DNS query. (i.e. Asking for the IP address to yahoo.com), there are 2 types of queries: Recursive lookup (default) Non-recursive lookup
In recursive lookup, when the reply to a query is not in a nameserver cache, that nameserver will ask another nameserver for the answer. That nameserver will then do the same thing if the reply is not in the cache.
In recursive lookup, you will always get the IP address for a valid domain.
In non-recursive lookup, if the reply is not in the cache, the nameserver will just return with a possible link to a nameserver that might have the reply.
Example replies
Say we search for the IP address of gpro.com non-recursive:
; <<>> DiG 9.3.0 <<>> +norecurse gpro.com;; global options: printcmd;; Got answer:;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 25102;; flags: qr ra; QUERY: 1, ANSWER: 0, AUTHORITY: 13, ADDITIONAL: 14
;; QUESTION SECTION:;gpro.com. IN A
;; AUTHORITY SECTION:com. 165661 IN NS M.GTLD-SERVERS.NET.com. 165661 IN NS A.GTLD-SERVERS.NET.
;; ADDITIONAL SECTION:A.GTLD-SERVERS.NET. 142702 IN A 192.5.6.30
;; Query time: 6 msec;; SERVER: 165.248.1.209#53(165.248.1.209);; WHEN: Wed Mar 16 18:42:26 2005;; MSG SIZE rcvd: 498
We are asked to query another server, which gives us the following:
; <<>> DiG 9.2.2 <<>> @192.5.6.30 +norecurse gpro.com;; global options: printcmd;; Got answer:;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 12241;; flags: qr; QUERY: 1, ANSWER: 0, AUTHORITY: 2, ADDITIONAL: 1
;; QUESTION SECTION:;gpro.com. IN A
;; AUTHORITY SECTION:gpro.com. 172800 IN NS ns-tk022.ocn.ad.jp.gpro.com. 172800 IN NS ns.gpro.com.
;; ADDITIONAL SECTION:ns.gpro.com. 172800 IN A 210.248.35.130
;; Query time: 152 msec;; SERVER: 192.5.6.30#53(192.5.6.30);; WHEN: Wed Mar 16 18:54:21 2005;; MSG SIZE rcvd: 91
One more query and we get the answer:; <<>> DiG 9.2.2 <<>> @210.248.35.130 +norecurse gpro.com;; global options: printcmd;; Got answer:;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 52025;; flags: qr aa ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2
;; QUESTION SECTION:;gpro.com. IN A
;; ANSWER SECTION:gpro.com. 86400 IN A 128.121.200.80
;; AUTHORITY SECTION:gpro.com. 86400 IN NS ns-tk022.ocn.ad.jp.gpro.com. 86400 IN NS ns.gpro.com.
;; ADDITIONAL SECTION:ns-tk022.ocn.ad.jp. 75806 IN A 203.139.160.104ns.gpro.com. 86400 IN A 210.248.35.130
;; Query time: 306 msec;; SERVER: 210.248.35.130#53(210.248.35.130);; WHEN: Wed Mar 16 18:55:48 2005;; MSG SIZE rcvd: 123
top related