Professional Documents
Culture Documents
Advanced 5 - Networking 102
Advanced 5 - Networking 102
inst.eecs.berkeley.edu at
128.32.42.199
DNS files
● /etc/hosts
○ Simple text file that associates IP addresses with hostnames
○ ip_address canonical_hostname [aliases]
○ 31.13.70.36 www.facebook.com fb ZuccBook myspace.com
○ A common entry that you’re probably familiar with is … Hint: think about loopback
● /etc/resolv.conf
○ Configuration file for system resolver, recall that the resolver communicates with DNS
nameservers
○ One domain or search, 3 nameservers, and any number of options
○ nameserver <ip_address>
○ domain <domain_name> vs search <domain_names>
○ Options (a variety)
■ timeout:<n>
■ attempts:<n>
Files continued
● /etc/nsswitch.conf
○ Determine sources to get service information from and in what order.
○ Used for a variety of service like hostnames, password files, and group files.
○ Information categories are referred to as “databases”
○ <database> [source action]
■ hosts dns files
○ ethers (/etc/ethers) and networks (/etc/networks) are also here but are
artifacts of the past
DHCP
● Dynamic Host Configuration Protocol (DHCP) is one way a
device receives a IP addresses alongside other config information
● Leased IP addresses are valid for a time specified by the DHCP
server
● Once expired, the client must acquire a new IP address lease
○ The client does have the option to renew a previous lease so
that it can retain a previous IP address
● 4 stage process
1. DISCOVERY - BROADCAST
2. OFFER - BROADCAST OR UNICAST
3. REQUEST - BROADCAST (if multiple DHCP servers), can
be unicast
4. ACKNOWLEDGE - BROADCAST OR UNICAST
/etc/dhcp/dhclient.conf
● Configuration file for dhclient
○ Lines end in semicolons
● Timing
○ timeout
○ retry
● static lease:
○ If DHCP server can’t be contacted then loop through database of old leases then consult static
leases that can be defined in the dhclient.conf file
● Interface configuration
○ Interface “name” {
[declarations;]
}
Transmission Control Protocol (TCP)
● TCP is a stateful stream oriented protocol
that ensures reliable transport
● Also has mechanisms to guarantee that
information arrives intact and in order at the
destination
● To set up a TCP connection you have to go
through the TCP handshake
● Also has a connection close procedure
● Both of the above are overhead associated
with TCP
● Good for usage cases where receiving all data
is critical
User Datagram Protocol (UDP)
● UDP is stateless connectionless protocol
○ UDP focuses on sending messages in datagrams
● Being stateless UDP also doesn't incur the overhead of the TCP
handshake and termination
● UDP also makes no guarantees about reliable transport so messages may
arrive out of order, or not arrive at all.
○ UDP is sometimes called Unreliable Datagram Protocol
● For use cases that don’t need reliable transport
○ Marginal performance increase since we avoid connection overhead
Ports and Sockets
● A port is an identifier defining a service endpoint.
● A socket is an internal endpoint for traffic.
○ Associated with a socket address, typically an IP address
and a port number.
○ Also consists of a protocol
● A connection consists of two sockets
○ Essentially a 5-tuple of information [protocol, local IP,
local port, remote IP, remote port]
/proc/net
● Network information available here as virtual files
○ netstat and other tools usually provide a cleaner interface and leverage these files
● /proc/net/dev
○ Contains information on network devices and statistics like number of bytes
received and transmitted
○ Read by ifconfig
● /proc/net/[tcp|udp|raw]
○ Contains information and statistics on open system sockets
○ Used by ss, netstat, etc.
● /proc/net/route
○ Contains routing table information
● /proc/net/arp
● /proc/net/snmp
○ Contains statistics intended to be used by snmp agents
○ https://elixir.bootlin.com/linux/v4.4/source/include/net/snmp.h
/proc/sys/net
● Contains writable files that allow a sysadmin to modify network
configurations
● Editing these files:
○ echo [args] > /proc/sys/net/ipv4/ip_forward
○ sysctl -p <conf_file>
○ sysctl -w variable=value
● Subdirectories that can vary from system to system
○ /proc/sys/net/core/
○ /proc/sys/net/ipv4/
● /etc/systctl.conf to preserve changes
○ variable=value
○ net.ipv4.forward=1
/proc/sys/net/core
● message_burst and message_cost
○ Limits number of warning messages written to kernel log
○ messsage_burst = 10, message_cost = 5 => 10 messages every 5 second
○ Ideally strike a balance between granular logging and
performance/storage
● netdev_max_backlog
○ max number of packets allowed to queue on a particular interface
● rmem_default and rmem_max
○ Receive socket buffer default and maximum size, respectively
● smem_default and smem_max
○ Send socket buffer default and maximum size, respectively
● Adjusting queues/buffers is a matter of flow control vs paging
/proc/sys/net/ipv4
● icmp_echo_ignore_all
○ Allows kernel to ignore ICMP ECHO packets from every host or only those
originating from broadcast and multicast addresses
● ip_forward
○ Permits interfaces on the system to forward packets
● ip_default_ttl
○ Sets default TTL for outbound packets
● ip_local_port_range
○ Specifies range of ports to be used by TCP or UDP when a local port is
needed, e.g. ephemeral ports for outgoing connections
/proc/sys/net/ipv4
● tcp_syn_retries
○ Limits the number of times the system re-transmits a SYN packet when
attempting to make a connection
● tcp_retries1
○ Limit on number of re-transmissions for attempting to establish a connection
● tcp_retries2
○ Limit on number of re-transmissions of TCP packets
● https://www.kernel.org/doc/Documentation/networking/ip-sysctl.txt
Sysadmin Commands
● host(name)
● ping
● traceroute
● mtr
● arp
● dig
● ip
● netstat
● nc
● curl
● wget
● iptables
host(name)
● Used to either set or display the current host, domain or node
name of the system
● Lookup utility for hosts and addresses
ping
Send packets to a server; good for getting metrics and testing connectivity
RTT = Round
Trip Time
traceroute
Print the route that a packet takes to the destination
● ip route add
○ ip route add default via <ip>
○ ip route add <dest> [via <ip> | dev <device>]
● ip route del
● ip route change
The rest
● wget/curl
○ Similar tools used to transfer data from or to a server with certain
protocols like HTTP, FTP, etc …
● GOOGLE and MAN pages are your friends -- use them!
Iptables
● A firewall included with most Linux distributions that serves as an interface to
setting up traffic filters in the kernel
● Hard to do this topic justice … will defer this to lab
● Additional information can be found at these great links from our sponsors:
○ https://www.digitalocean.com/community/tutorials/how-the-iptables-firewall-works
○ https://www.digitalocean.com/community/tutorials/how-to-set-up-a-firewall-using-iptables-on-ubun
tu-14-04
○ https://www.digitalocean.com/community/tutorials/iptables-essentials-common-firewall-rules-and-c
ommands
○ https://www.digitalocean.com/community/tutorials/how-to-list-and-delete-iptables-firewall-rules
● Thanks DigitalOcean
Questions?
● Lab and checkoff form TBA:
○ Basic for head start and reference
■ https://decal.ocf.berkeley.edu/labs/b5