tcp/ip administration
DESCRIPTION
TCP/IP Administration. IP addresses & Names DNS, BOOTP, DHCP, IP Routing, Routing protocols. Addressing Issues. Name to IP address conversion /etc/hosts file used first If unsatisfied, need to find a nameserver use /etc/resolv.conf to search find resolver - PowerPoint PPT PresentationTRANSCRIPT
www.infotech.monash.edu
TCP/IP Administration
IP addresses & Names
DNS, BOOTP, DHCP, IP Routing, Routing protocols
www.infotech.monash.edu
2
Addressing Issues
• Name to IP address conversion• /etc/hosts file
– used first
• If unsatisfied, need to find a nameserver– use /etc/resolv.conf to search find resolver
> [may be running a local nameserver (named) so this may not be necessary]
www.infotech.monash.edu
3
Domain Name Service (DNS)
• Server listens on UDP port 53• Provides distributed database of names and associated
IP addresses• Consists of local network-based servers that connect to
authoritative servers if they cannot resolve name• Local servers cache responses for future use
www.infotech.monash.edu
4
Domain Hierarchy
Top-level domain (.) has root servers • these have only information about top-level domains
– au, .., za, edu, org, com, etc
• Top-level servers have information about their particular domain
eg…
“org.au” server has all registered names listed
www.infotech.monash.edu
5
Name Server software
DNS on UNIX systems use Berkeley Internet Name Daemon (BIND)
• http://www.isc.org/sw/bind/• Consists of two parts:
– resolver implements a policy that requests the lookup of a name
– nameserver responds to the request
www.infotech.monash.edu
6
Name Server software - Types
BIND usually runs as the process “named” on systems that provide name service
Categories of name server:• Primary
– loads information from disk
– has complete information about the domain
– always accurate
– Authoritative - only one server per domain
www.infotech.monash.edu
7
Name Server software - Types
• Secondary – periodically transfers from primary server - authoritative for their
own domain
• Caching-only– get answers for all name service queries
from other name servers
– non-authoritativeuse second-hand and incomplete DNS data
www.infotech.monash.edu
8
New Domain Names must be registered
• ensure appropriate allocation– Identify organisations and responsible persons (not always
done!)
• create pointers to– authoritative server
• create DNS entries [primary and secondary]
www.infotech.monash.edu
9
Why register domain?
New network setup• A new organisation will need a domain registered for their
network if they intend to connect to the Internet.
Web-hosting• Web servers differentiate between hosted sites using different
domain names – eg, www.netcomp.monash.edu.au is neptune.netcomp.monash.edu.au
www.infotech.monash.edu
10
named Configuration
Several files used by the nameserver daemon:• named.boot
sets general parameters and points to domain database information (local files or remote servers)
• named.capoints to the root domain servers
• named.hostsmaps host names to IP addresses
www.infotech.monash.edu
11
named Configuration…
• named.revreverse domain maps IP addresses to host names
• named.localused for loopback address resolution
http://www.netadmintools.com/art25.html
http://www.isc.org/sw/bind/arm94/Bv9ARM.ch03.html
www.infotech.monash.edu
12
named.boot;; Description: The named.boot file is required to boot a BIND name server.;; Syntax: directory <directory_name>; ;[comment]; primary <domain> <file>; secondary <domain> [<host> <host>...] <file>; cache <domain> <file>; slave; forwarders <host> [<host> <host>...];; <directory_name> location where domain data files are stored; ;[comment] text following the ';' character is ignored; domain For a secondary or primary line, the name of the BIND; domain for which the server is a secondary or primary; server. For a cache line, the name of the domain for; which the file, <file>, is a cache.; host For a secondary line, the IP address of a primary or; secondary server distributing the database for domain,; <domain>. For a forwarders line, the IP address of a host; to which queries should be forwarded.
www.infotech.monash.edu
13
Named.boot continued…; file For a secondary line, the name of the file in which the; data of domain, <domain>, received from one of the hosts; specified can be dumped. For a primary line, the file from; which to read the master copy of the domain data. For a; cache line, the name of the file in which the cache is; stored.;Directory /etc/namedb;;secondary newcontent.net.au 203.24.105.16 db.newcontent;secondary maplecorp.com.au 203.24.105.16 db.maplecorp;secondary avram.com.au 24.192.21.121 avram.com.au.sec;;Primary 0.0.127.in-addr.arpa named.localPrimary avram.com.au avram.com.au;; load the cache data lastCache . named.ca
www.infotech.monash.edu
14
named.ca; BIND data file for initial cache data for root domain servers.;. 99999999 IN NS ns.nic.ddn.mil.. 99999999 IN NS aos.arl.army.mil.. 99999999 IN NS c.psi.net.. 99999999 IN NS terp.umd.edu.. 99999999 IN NS ns.nasa.gov.. 99999999 IN NS nic.nordu.net.. 99999999 IN NS ns1.isi.edu.. 99999999 IN NS ns.isc.org.. 99999999 IN NS ns.internic.net.ns.nic.ddn.mil. 99999999 IN A 192.112.36.4 ; BINDaos.arl.army.mil. 99999999 IN A 128.63.4.82 ; BIND 99999999 IN A 192.5.25.82c.psi.net. 99999999 IN A 192.33.4.12 ; BINDterp.umd.edu. 99999999 IN A 128.8.10.90 ; BINDns.nasa.gov. 99999999 IN A 128.102.16.10 ; BIND 99999999 IN A 192.52.195.10nic.nordu.net. 99999999 IN A 192.36.148.17 ; BINDns1.isi.edu. 99999999 IN A 128.9.0.107 ; BINDns.isc.org. 99999999 IN A 192.5.5.241 ; BINDns.internic.net. 99999999 IN A 198.41.0.4 ; BIND
www.infotech.monash.edu
15
named.local;; BIND data file for local loopback interface.;@ IN SOA broncho.ct.monash.edu.au. postmaster.broncho.ct.monash.edu.au. ( 1 ; Serial 3600 ; Refresh 300 ; Retry 3600000 ; Expire 3600 ) ; Minimum IN NS broncho.ct.monash.edu.au.1 IN PTR localhost.b
www.infotech.monash.edu
16
Subnet masks
• Sub network masks provide an alternative to class-based IP addressing
• An administrator will have the responsibility for setting subnet masks for routers and workstations
• May be used to identify IP addresses that are local to a subnetwork
• 255.255.255.0 is the usual value(same as Class C addressing)
http://antionline.com/archive/index.php/t-125580.html
www.infotech.monash.edu
17
BOOTP
• Used to allocate an IP address to a particular computer• BOOTP host resides on the local network. Network node
needing address allocation requests by broadcasting a bootp packet
• receives a response with address and other associated information [eg, nameserver address, gateway address]
www.infotech.monash.edu
18
Dynamic Host Configuration Protocol
• Also used to allocate IP address• Network node needing address allocation requests using
DHCP broadcast• Receives a response with address and other associated
information [eg, nameserver, gateway, time server, etc] from DHCP servers
• Has provision for reuse of addresses from a pool of dynamic (ie reusable) IP addresses
www.infotech.monash.edu
19
Windows Internet Name Server WINS
• Microsoft technique for locating other windows machines• A WINS server receives nameservice requests from windows
workstations• WINS resolution is necessary in larger IP networks.• As well as IP, also resolve NetBIOS addresses• May be carried out using DCHP or DNS.
www.infotech.monash.edu
20
Routers
• Packets must be forwarded between networks• Routers can link dissimilar LANs
– ie LANs using dissimilar physical/datalink transport
• Routing decisions are made at network layer based on IP address whereas bridging (switching) forwards packets based on datalink address (eg ethernet)
www.infotech.monash.edu
21
Routers connecting between remote sites
www.infotech.monash.edu
22
Network Routing
• To ensure the appropriate routing of the traffic, routers implement either proprietary routing methods (eg netBIOS) or one of the standard routing protocols (eg Internet Protocol).
• IP-routing is the common form used in TCP/IP networks and is based upon a table look-up. Routing is done by a device which could either be a computer or a dedicated hardware unit providing the interface between sub-networks of a larger internetwork.
Required Reading:
http://www.networkcomputing.com/netdesign/1122ipr.html
(please follow the links therein under table of contents to all six parts of this primer on IP routing).
www.infotech.monash.edu
23
IP Routing
Eg the following network, has 3 subnetworks which would be identified in the networks file as:
IP address Name
223.1.2 development
223.1.3 accounting
223.1.4 factory
www.infotech.monash.edu
24
IP Routing…
IP address Name
223.1.1.1 alpha
223.1.2.2 epsilon
223.1.3.2 iota
223.1.1.1 devnetrouter, delta
223.1.2.1 accnetrouter
223.1.3.1 facnetrouter
all machines have /etc/hosts filewith the entries shown below
www.infotech.monash.edu
25
Each machine maintains a route table
Target Network
Network Name
Local? Router IP Interface
223.1.1 Development Direct - 1
223.1.2 Accounting Indirect 223.1.1.1 1
223.1.3 Factory Indirect 223.1.1.1 1
For machine ALPHA
Target Network
Network Name
Local? Router IP Interface
223.1.1 Development Direct - 1
223.1.2 Accounting Direct - 2
223.1.3 Factory Direct - 3
For machine DELTA
www.infotech.monash.edu
26
IP address Name223.1.1.2 alpha223.1.2.2 epsilon223.1.3.2 iota223.1.1.1 devnetrouter delta223.1.2.1 accnetrouter223.1.3.1 facnetrouter
Route table (cont’d)
www.infotech.monash.edu
27
Route table (cont’d)
• It is essential that each router operates using the same routing table, but how can multiple copies of a common table be kept up to date?
• This requires a separate exchange of messages between neighbouring routers so that each can advise others when something changes…
• These are called “Routing Protocols”
www.infotech.monash.edu
28
Routing protocols
Routing Information Protocol (RIP)• Regularly broadcasts entire routing table to all neighbours• Best route is then chosen based on network path that has
minimum number of hopsInter-Gateway Routing Protocol (IGRP)• Chooses network path based on:
– measured round-trip delay for transfer of data, or– smallest bandwidth, or– channel capacity or– the reliability of the path
Required Readinghttp://www.cisco.com/univercd/cc/td/doc/cisintwk/ito_doc/igrp.htm
www.infotech.monash.edu
29
Link State Routing Protocols
Open Shortest Path First (OSPF)• routing information flooded
IS-IS INTERMEDIATE SYSTEM - INTERMEDIATE SYSTEM
• For large collections of independent networks• Allows internal routing method to be hidden from internet• Border Gateway Protocol (BGP)• Netware Link Services Protocol (NLSP)
Required Reading:http://www.ciscopress.com/articles/article.asp?p=26850&rl=1
www.infotech.monash.edu
End…