Professional Documents
Culture Documents
Ubuntu Basics of Networking
Ubuntu Basics of Networking
Ubuntu Basics of Networking
1. IP Addressing:
- Definition: An IP address is a unique numerical label assigned to each device connected to a
computer network that uses the Internet Protocol for communication.
- Commands:
o ifconfig: Displays information about network interfaces, including IP addresses.
- Example:
$ ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.1.10 netmask 255.255.255.0 broadcast 192.168.1.255
...
- Explanation: This shows the IP address (192.168.1.10) assigned to the eth0 interface.
2. Subnetting:
- Definition: Subnetting is the process of dividing a network into smaller sub-networks, called
subnets.
- Commands:
o ipcalc: Calculate subnet information.
- Example:
$ ipcalc 192.168.1.0/24
Address: 192.168.1.0 11000000.10101000.00000001. 00000000
Netmask: 255.255.255.0 = 24 11111111.11111111.11111111. 00000000
...
- Explanation: This shows the network address (192.168.1.0) and the subnet mask
(255.255.255.0) for a given IP range.
3. Routing:
- Definition: Routing is the process of selecting a path for traffic in a network or between multiple
networks.
- Commands:
o route: Display or manipulate the IP routing table.
- Example:
$ route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.1.1 0.0.0.0 UG 0 0 0 eth0
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
- Explanation: This shows the routing table, including the destination network, gateway, subnet
mask, and interface.
Practice Scenarios:
1. Configuring Static IP Address:
o Task: Set a static IP address (192.168.1.100) on interface eth0.
o Commands:
$ sudo ifconfig eth0 192.168.1.100 netmask 255.255.255.0
$ sudo route add default gw 192.168.1.1 eth0
2. Subnetting Exercise:
o Given network 192.168.0.0/24, divide it into four subnets.
o Commands:
$ ipcalc 192.168.0.0/24
$ ipcalc 192.168.0.0/26
$ ipcalc 192.168.0.64/26
$ ipcalc 192.168.0.128/26
$ ipcalc 192.168.0.192/26
- Example:
$ nslookup example.com
Server: 192.168.1.1
Address: 192.168.1.1#53
Non-authoritative answer:
Name: example.com
Address: 93.184.216.34
- Explanation: This shows the IP address (93.184.216.34) corresponding to the domain name
example.com.
- Explanation: This requests an IP address from the DHCP server for the eth0 interface.
6. Firewall Configuration:
- Definition: Firewalls control incoming and outgoing network traffic based on predetermined
security rules.
- Commands:
o iptables: Tool to set up, maintain, and inspect the tables of IP packet filter rules in the
Linux kernel.
- Example:
$ sudo iptables -A INPUT -p tcp --dport 80 -j ACCEPT
- Explanation: This allows incoming TCP traffic on port 80 (HTTP) through the firewall.
Practice Scenarios:
3. Setting Up a DNS Server:
o Task: Configure a Linux machine as a DNS server and host a domain.
o Commands:
Install and configure bind9.
Edit the DNS zone files (/etc/bind/db.*) to define domain records.
4. Configuring DHCP Server:
o Task: Set up a Linux machine as a DHCP server to dynamically assign IP addresses to
clients on the network.
o Commands:
Install and configure dhcpd.
Edit the DHCP configuration file (/etc/dhcp/dhcpd.conf) to define DHCP
settings.
5. Implementing Firewall Rules:
o Task: Create firewall rules to allow specific types of traffic and block others.
o Commands:
Use iptables to define rules for incoming and outgoing traffic.
Save the rules using iptables-save or iptables-persistent.
7. VLANs (Virtual Local Area Networks):
- Definition: VLANs enable segmentation of a physical network into multiple logical networks,
improving network performance and security.
- Commands:
o vconfig: Utility to create and manage VLANs on Linux interfaces.
- Example:
$ sudo vconfig add eth0 10
$ sudo ifconfig eth0.10 192.168.10.1 netmask 255.255.255.0 up
- Explanation: This creates a VLAN interface (eth0.10) with VLAN ID 10 and assigns it an IP
address.
- Example:
$ sudo apt-get install openvpn
$ sudo openvpn --config client.ovpn
- Explanation: This installs OpenVPN and connects to a VPN server using a configuration file
(client.ovpn).
9. Routing Protocols:
- Definition: Routing protocols enable routers to dynamically exchange routing information and
make decisions about the best paths for traffic.
- Commands:
o bird: Internet Routing Daemon for Linux, supporting multiple routing protocols.
- Example:
$ sudo apt-get install bird
$ sudo nano /etc/bird.conf
- Explanation: This installs BIRD and allows configuration of routing protocols in the bird.conf
file.
Practice Scenarios:
6. Configuring VLANs:
o Task: Create two VLANs (vlan10 and vlan20) on interface eth0 with IP addresses
192.168.10.1 and 192.168.20.1 respectively.
o Commands:
Use vconfig to create VLAN interfaces.
Assign IP addresses to VLAN interfaces using ifconfig.
7. Setting Up a VPN Server:
o Task: Deploy an OpenVPN server on Ubuntu to provide secure remote access to a
private network.
o Commands:
Install and configure OpenVPN server.
Generate client configuration files and distribute to remote users.
8. Implementing Dynamic Routing:
o Task: Configure BIRD as a dynamic routing daemon to exchange routing information
with neighboring routers.
o Commands:
Install and configure BIRD.
Define routing protocols and neighbors in the bird.conf file.
- Example:
$ sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
- Explanation: This configures NAT to masquerade outgoing traffic from the private network
(eth0) with the public IP address of the router.
- Example:
$ sudo ip -6 addr add 2001:0db8:0:1::1/64 dev eth0
o traceroute: Trace the route packets take from your device to a destination.
o netstat: Display network connections, routing tables, interface statistics, and more.
- Example:
$ ping google.com
$ traceroute google.com
$ netstat -tuln
- Explanation: These commands help diagnose various network issues, such as connectivity
problems, routing issues, and open ports.
Practice Scenarios:
9. Setting Up a NAT Gateway:
o Task: Configure a Linux machine as a NAT gateway to provide internet access to devices
on a private network.
o Commands:
Use iptables to configure NAT rules for masquerading outgoing traffic.
10. IPv6 Configuration:
o Task: Assign IPv6 addresses to network interfaces on a Linux machine.
o Commands:
Use the ip command to add IPv6 addresses to interfaces.
11. Network Troubleshooting:
o Task: Troubleshoot network connectivity issues using ping, traceroute, and netstat.
o Commands:
Use ping to test connectivity to remote hosts.
Use traceroute to trace the route packets take to a destination.
Use netstat to display network connections and statistics.
o nfs: Network File System for sharing files and directories between Unix/Linux systems.
- Example:
$ smbclient //server/share -U username
$ sudo apt-get install nfs-common
$ sudo mount server:/path /mnt
- Explanation: These commands demonstrate accessing SMB/CIFS shares and mounting NFS
shares on a Linux machine.
- Example:
$ sudo iftop -i eth0
$ sudo tcpdump -i eth0 -n host 192.168.1.100
- Explanation: These commands show real-time bandwidth usage on the eth0 interface and
capture traffic to/from a specific IP address.
o fail2ban: Intrusion prevention software that monitors log files and bans IP addresses
exhibiting malicious behavior.
- Example:
$ sudo nmap -sS -p 1-65535 192.168.1.0/24
$ sudo apt-get install fail2ban
- Explanation: These commands demonstrate scanning a network for open ports and installing
fail2ban for enhanced security.
Practice Scenarios:
12. Setting Up File Sharing:
o Task: Configure a Linux machine to share files and folders with Windows and Unix/Linux
systems.
o Commands:
Install and configure Samba (for Windows file sharing) and NFS (for Unix/Linux
file sharing).
13. Network Monitoring:
o Task: Monitor network bandwidth usage and capture network traffic for analysis.
o Commands:
Use iftop to monitor bandwidth usage and tcpdump to capture network traffic.
14. Enhancing Network Security:
o Task: Scan the network for open ports and install fail2ban to prevent unauthorized
access.
o Commands:
Use nmap to scan for open ports and install fail2ban for intrusion prevention.
- Example:
switch(config)# vtp mode server
switch(config)# vtp domain example
- Explanation: These commands configure a Cisco switch as a VTP server in the domain
"example".
- Example:
switch(config)# spanning-tree vlan 1 root primary
switch(config)# spanning-tree portfast default
- Explanation: These commands set the switch as the root bridge for VLAN 1 and enable PortFast
on all ports.
18. Quality of Service (QoS):
- Definition: QoS allows prioritization of network traffic to ensure that critical applications receive
sufficient bandwidth and low latency.
- Commands:
o tc: Traffic control command to configure QoS settings on Linux systems.
- Example:
$ sudo tc qdisc add dev eth0 root tbf rate 1mbit burst 10kbit latency 50ms
- Explanation: This command limits the outgoing traffic on interface eth0 to 1 Mbps with a burst
rate of 10 kbps and latency of 50 ms.
Practice Scenarios:
15. Configuring VLANs and Trunking:
o Task: Configure VLANs on multiple switches and enable trunking between them.
o Commands:
Use vtp to configure VTP settings and spanning-tree to configure STP settings.
16. Implementing Quality of Service:
o Task: Prioritize VoIP traffic over other traffic on a Linux router.
o Commands:
Use tc to set up traffic control rules to prioritize VoIP traffic.