Chapter 4- NETWORK MANAGEMENT

Introduction to Network Administration approach

The role of the network administrator can vary significantly depending on an organizations size,
location and socio-economic considerations. Some organizations work on a user-to-technical
support ratio, whilst others implement many other strategies.

Generally, in terms of reactive situations (i.e.: unexpected disruptions to service, or service

improvements), IT Support Incidents are raised through an Issue tracking system. Typically,
issues work their way through a Help desk and then flow through to the relevant technology
area for resolution. In the case of a network related issue, an issue will be directed towards a
network administrator. If a network administrator is unable to resolve an issue, a ticket will be
escalated to a more senior network engineer for restoration of service or a more appropriate
skill group.

Network administrators are often involved in proactive work. This type of work will often
include:

 Network monitoring

 Testing the network for weakness

 Keeping an eye out for needed updates

 Installing and implementing security programs

 In many cases, E-mail and Internet filters

 Evaluating implementing network management software

 Monitoring network traffic

Network administrators are for making sure that computer hardware

and network infrastructure related to an organization's data network are effectively
maintained. In smaller organizations, they are typically involved in the procurement of new
hardware, the roll out of new software, maintaining disk images for new computer installs,
making sure that licenses are paid for and up to date for software that need it, maintaining the
standards for server installations and applications, monitoring the performance of the network,
checking for security breaches, and poor data management practices. Typically, within a larger
organization, these roles are split into multiple roles or functions across various divisions and
are not action by the one individual. In other organizations, some of these roles mentioned are
carried out by system administrators. As with many technical roles, network administrator

PREPARED BY ER.SAIYED FAIAYAZ WARIS

positions require a breadth of technical knowledge and the ability to learn the intricacies of
new networking and server software packages quickly. Within smaller organizations, the more
senior role of network engineer is sometimes attached to the responsibilities of the network
administrator. It is common for smaller organizations to outsource this function.

17. TCP/IP Networking Basics

OSI Reference Model: - International standard organization (ISO) established a committee in 1977
to develop architecture for computer communication.

 Open Systems Interconnection (OSI) reference model is the result of this effort.
 In 1984, the Open Systems Interconnection (OSI) reference model was approved as an
international standard for communications architecture.
 Term “open” denotes the ability to connect any two systems which conform to the
reference model and associated standards.
It is a theoretical blueprint that helps us understand how data gets from one user’s computer to
another. It is also a model that helps develop standards so that all of our hardware and
software talks nicely to each other. It aids standardization of networking technologies by
providing an organized structure for hardware and software developers to follow, to insure
their products are compatible with current and future technologies.

OSI Reference model Layered Architecture

PREPARED BY ER.SAIYED FAIAYAZ WARIS

Physical layer: - The physical layer is responsible for the movement of individual bits from one
hop (node) to the next.

Responsibility

 Physical characteristics of interfaces and Medium.

 Representation of Bits

 Data Rate

 Synchronization of bits

 Line Configuration

 Physical Topology

 Transmission Mode

Data Link Layer: - The data link layer is responsible for moving frames from one hop (node) to
the next.

Sub- Layer of data link Layer

 MAC (Media Access Control)

◦ Gives data to the NIC

◦ Controls access to the media through:

 CSMA/CD Carrier Sense Multiple Access/Collision Detection

 Token passing

 LLC (Logical Link Layer)

◦ Manages the data link interface (or Service Access Points (SAPs))

◦ Can detect some transmission errors using a Cyclic Redundancy Check (CRC). If
the packet is bad the LLC will request the sender to resend that particular packet

Responsibility

 Framing

 Physical Addressing

 Flow Control

 Error Control

PREPARED BY ER.SAIYED FAIAYAZ WARIS

  Access Control

Network Layer: - The network layer is responsible for the delivery of individual packets from
the source host to the destination host.

Responsibility

 Logical Addressing

 Routing

Transport Layer: - The transport layer is responsible for the delivery of a message from one
process to another.

Responsibility

 Service point Addressing

 Segmentation and Reassembly

 Connection Control

 Flow Control

 Error Control

Session Layer:-The session layer is the network dialog controller.Its establishes, maintains, and
synchronizes the interaction among communicating systems

Responsibility

 Dialog Controller

 Synchronization

Presentation Layer :-It is concerned with the Syntax and Semantics of the information
exchanged between two systems.

Responsibility

 Translation

 Encryption

 Compression

Application Layer:-The application layer enables the user, whether human or software. To
access the network. It provide user interface and support for services such as electronic mail,
remote file access and transfer, shared database management, and other types of distributed
Information services.

PREPARED BY ER.SAIYED FAIAYAZ WARIS

Responsibility

 Network Virtual terminal

 File transfer, access and management

 Mail Services

 Directory Services

TCP/IP Protocol Suite

The TCP/IP Model, or Internet Protocol Suite, describes a set of general design guidelines and
implementations of specific networking protocols to enable computers to communicate over a network.
TCP/IP provides end-to-end connectivity specifying how data should be formatted, addressed,
transmitted, routed and received at the destination. Protocols exist for a variety of different types of
communication services between computers The TCP/IP Model was created in the 1970s by DARPA, an
agency of the United States Department of Defense (DOD). It evolved from ARPANET, which was the
world's first wide area network and a predecessor of the Internet.

1. Network Interface Layer

The network interface layer, also called the link layer or the data-link layer or Host to Network Layer, is
the interface to the actual network hardware. This interface may or may not provide reliable delivery,
and may be packet or stream oriented

2. Internetwork layer
The internetwork layer, also called the internet layer or the network layer, provides the “virtual
network” image of an internet this layer shields the higher levels from the physical network architecture
below it. Internet Protocol (IP) is the most important protocol in this layer. It is a connectionless
protocol that does not assume reliability from lower layers. IP does not provide reliability, flow control,
or error recovery. IP provides a routing function that attempts to deliver transmitted messages to their
destination. A message unit in an IP network is called an IP datagram. Other internetwork-layer
protocols are IP, ICMP, IGMP, ARP, and RARP.

3. Transport Layer
The transport layer provides the end-to-end data transfer by delivering data from an application to its
remote peer. Multiple applications can be supported simultaneously. The most-used transport layer
protocol is theTransmission Control Protocol (TCP), which provides connection-oriented reliable data
delivery,duplicate data suppression, congestion control, and flow control.

Another transport layer protocol is the User Datagram Protocol It provides connectionless, unreliable,
best-effort service. As a result, applications using UDP as the transport protocol have to provide their
own end-to-end integrity, flow control, and congestion control, if desired. Usually, UDP is used by
applications that need a fast transport mechanism and can tolerate the loss of some data.

4. Application layer

PREPARED BY ER.SAIYED FAIAYAZ WARIS

The application layer in TCP/IP is equivalent to the combined session, presentation, and application
layers in the OSI Reference model. Examples of applications include Telnet and the File Transfer
Protocol (FTP).

CONFIGURING A LINUX BOX FOR NETWORKING:

The device names are numbered and begin at zero and count upwards. For example, a
computer running two Ethernet cards will have two devices labeled /dev/eth0 and /dev/eth1.
Linux network configuration, management, monitoring and system tools are covered in this
tutorial.

$sudo ifconfig:

ifconfig stands for "interface configuration". It is used to view and change the configuration of
the network interfaces on your system.

$sudo dhclient:

The DHCP client in Linux is called dhclient. It requests dynamic IP addresses from the DHCP
server, which "leases" addresses to clients for a set amount of time. dhclient can be invoked
manually to "release" the client's currently assigned IP address, and get another address from
the DHCP server.

Normally, dhclient produces no output, to see what it's doing, we need to give it the -
v (verbose) option. We also need to run dhclient as root with the sudo command, because
changing the system networking configuration requires escalated privileges.

Let's start by running dhclient verbosely, without any other options. It should reach out and say
"hello" to our DHCP server, which, in this case, is a simple home router.

Command:

sudo dhclient -v

Restart the networking services when the configuration has been done using the following
command:

$sudo/etc/init.d/networking restart

PREPARED BY ER.SAIYED FAIAYAZ WARIS

Assigning IP address:

Computers may be assigned a static IP address or assigned one dynamically. Typically a server
will require a static IP while a workstation will use DHCP (dynamic IP assignment). The Linux
server requires a static IP so that those who wish to use its resources can find the system
consistently. It is more easily found if the IP address does not change and is static. This is not
important for the Linux client workstation and thus it is easier to use an automated Dynamic
Host Configuration Protocol (DHCP) for IP address assignment.

File: sudo vi /etc/network/interfaces

Static IP example:
auto eth0

iface eth0 inet static

address 208.88.34.106

netmask 255.255.255.248

broadcast 208.88.34.111

network 208.88.34.104

gateway 208.88.34.110

Dynamic IP (DHCP) example:

auto eth0

iface eth0 inet dhcp

PREPARED BY ER.SAIYED FAIAYAZ WARIS

Domain Resolution Configuration Files:

The following files configure the system so that host names can be resolved. This is required
when one will ssh to a host name eg. venus.megacorp.com or point an email client to
smtp.megacorp.com. The system must be able to resolve the host names to IP addresses so
that the network connection can be made.

File: /etc/resolv.conf - host name resolver configuration file to define server responsible for
name resolution

Configuring the host name:

To view the host name:

$ sudo /bin/ hostname

To change the hostname:

$ sudo /bin/hostname new name

Restart systems which relied on the hostname (or reboot):

Restart network services: service network restart

(or: /etc/init.d/network restart)

Using the Ping Command

The ping command helps to verify IP-level connectivity. When troubleshooting, you can
use ping to send an ICMP echo request to a target host name or IP address. Use ping whenever
you need to verify that a host computer can connect to the TCP/IP network and network
resources. You can also use ping to isolate network hardware problems and incompatible
configurations.

Follow this sequence to diagnose network connectivity:

Ping the loopback address to verify that TCP/IP is configured correctly on the local computer.

$ sudo ping 127.0.0.1

Ping the IP address of the local computer to verify that it was added to the network correctly.

$ sudo ping IP_address_of_local_host

PREPARED BY ER.SAIYED FAIAYAZ WARIS

Ping the IP address of the default gateway to verify that the default gateway is functioning and
that you can communicate with a local host on the local network.

$ sudo ping IP_address_of_default_gateway

Ping the IP address of a remote host to verify that you can communicate through a router.

$ sudo ping IP_address_of_remote_host

For example: ping www.facebook.com

Firewall configuration:

Just as a firewall in building attempts to prevent a fire from spreading, a computer firewall
attempts to prevent malicious software from spreading to your computer. It also helps to
prevent unauthorized users from accessing your computer.

In a default Red Hat Enterprise Linux installation, a firewall exists between your computer or
network and any un trusted networks, for example the Internet. It determines which services
on your computer remote users can access. A properly configured firewall can greatly increase
the security of your system. It is recommended that you configure a firewall for any Red Hat
Enterprise Linux system with an Internet connection.

The following commands are used :

$ sudo ufw status : to check the status of the firewall

$ sudo ufw default allow: allow default setting

$ sudo ufw default deny: disallow default setting

$ sudo ufw allow 80: allow port 80

$ sudo ufw deny 80: don’t allow port 80

$ sudo ufw delete allow 80: delete the port 80

$ sudo ufw allow from 207.10.10.1 : allow the ip address of 207.10.10.1

$$ sudo ufw allow from 207.10.*.* : allow the ip address start from 207.10.

$ sudo ufw deny from 207.10.10.1 : deny the ip address of 207.10.10.1

$ sudo ufw allow from 207.10.10.1 to 22 : allow the ip address of 207.10.10.1 to port 22

PREPARED BY ER.SAIYED FAIAYAZ WARIS

PREPARED BY ER.SAIYED FAIAYAZ WARIS