Professional Documents
Culture Documents
4.2.2 Networking
4.2.2 Networking
Network Configuration
Chapter 1 Outline
●
In this chapter we will learn about:
Introducing TCP/IP
●
TCP/IP primer
IP addresses
Network and host components
CIDR notation
A typical internet
IP routing decisions
The routing table
MAC addresses
The ARP protocol
The ARP cache
The naming of network interfaces
Services and port numbers
The /etc/services file
Traceroute
●
Tracing data path from US (Netwok-tools.com) to Ethiopia (AAiT)
– Select “Trace” and click “Go”
Hop (ms) (ms) (ms) IP Address Host name
1 0 0 0 206.123.64.233 - Missouri, US
2 1 1 1 129.250.202.253 xe-0-4-
012.r01.dllstx04.us.bb.gin.ntt.net Colorado, US–NTT America (ISP)
3 1 1 1 89.221.40.162 ae0.dallas2.dal.seabone.net
Dallas, US – NTT America (ISP)
4 362 343 342 185.70.202.2 - Italy, RIPE ISP
5 386 386 385 185.70.202.9 - Italy, RIPE ISP
6 404 403 404 197.254.194.22 - Sudan
7 Timed out Timed out Timed out
Introducing TCP/IP
●
Linux systems communicate using a protocol suite called TCP/IP
– IP is a network layer protocol and is responsible for routing packets across
an interconnected set of networks (an “internet”) to the correct machine
IP address 192.168.0.5
Network and host components
●
An IP address is divided into two parts: a network ID and a host ID
– The network ID is used to route packets to the correct network
– The host ID is used to deliver packets to the correct host on the network
●
A subnet mask defines how an IP address is split between network
and host components
255.255.255.0
Network ID Host ID
CIDR notation
●
CIDR (Classless Inter-Domain Routing) notation allows an interface's
IP address and subnet mask to be represented compactly:
192.168.0.5/24
The number of bits in the
IP address that should be
interpreted as the network ID
A B C D 176.13.4.92
The Internet
P Q R S
●
IP decides how to route a packet to its destination based on the
network component of the destination IP address
Example:
Do I have a direct Yes Send the packet
connection to A to C
on this connection
this network?
No
Send the packet
Do I know a route Yes A to Q
to the IP address
to this network? via S
specified in the
routing table
No
Yes Send the packet A to the
Do I have a
default gateway? to the default outside world
gateway via D
No
Network unreachable
The routing table
●
Linux holds IP routing information in an internal routing table
– May be displayed with the command route -n
– This example is from machine 'A' and has been edited to fit the page:
# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Iface
192.168.0.0 0.0.0.0 255.255.255.0 U ens160
192.168.1.0 192.168.0.254 255.255.255.0 U ens160
0.0.0.0 192.168.0.4 0.0.0.0 UG ens160
●
The most specific matching route (the one with the longest
“Genmask”) is used
– The packet is sent to the specified gateway via the specified interface
The routing table explained
●
First entry:
– Says that the local network (192.168.0.0/24) is connected directly to the
network interface called eth0. There is no gateway (the IP address is
shown as 0.0.0.0)
●
Second entry:
– Says that packets destined for the network 192.168.1.0/24 should be sent
to the gateway 192.168.0.254 using network interface ens160
●
Third entry:
– This route always matches because the “genmask” is zero
– Specifies 192.168.0.4 as the default gateway
– Says where to send the packet if there is no more specific match
Routing table flags
●
The flags in the fourth column of the routing table show how the
kernel will interpret the entry and have the following meanings:
●
! - learned routes for network are rejected
●
A – route added by addconf (an IPv6 address resolution protocol )
●
C – cache entry
●
D – route created by a routing daemon or ICMP redirect
●
G – use the gateway given in the Gateway column for traffic going to the
network specified in the routing entry
●
M – route has been modified by a routing daemon or ICMP redirect
●
R – reinstate routing to permit routing updates for this particular routing
entry
●
U – network route is created (up) and will be used by kernel to make
routing decisions
MAC addresses
●
When an IP packet is transmitted on a physical medium (eg ethernet)
it is encapsulated inside a frame which includes the physical address
(“MAC address”) of the network interface it is being sent to
●
The MAC address is permanently assigned to the interface
– 48 bits; written in hex with colons, e.g. 00:06:5B:BA:6E:FB
A B C
00:06:44:6C:E6:8A 00:06:5B:B6:54:B9 00:06:5B:BA:6E:FB
IP Datagram 00:06:5B:BA:6E:FB
The ARP protocol
●
ARP (address resolution protocol) is used to discover MAC addresses
A B C
00:06:44:6C:E6:8A 00:06:5B:B6:54:B9 00:06:5B:BA:6E:FB
●
To avoid an ARP broadcast prior to every transmission, known IP-to-
MAC address bindings are stored in the ARP cache
– The cache is always consulted first
– Entries remain in the cache for about 15 minutes then time out
●
The ARP cache can be examined via /proc/net/arp:
# cat /proc/net/arp
IP address HW type Flags HW address Mask Device
192.168.0.4 0x1 0x2 00:60:97:5E:B9:E2 * ens160
192.168.0.1 0x1 0x2 00:50:BA:99:C1:A9 * ens160
Manipulating the ARP cache
●
The arp command can also be used to examine the cache and to
manually add or delete entries, though this is rarely necessary
– Show all entries:
# arp -a
– Add an entry:
# arp -s 192.168.0.3 00:60:97:1A:37:BF -i ens160 temp
– Add a permanent entry:
# arp -s 192.168.0.3 00:60:97:1A:37:BF -i ens160
– Delete an entry:
# arp -d 192.168.0.3
The naming of network interfaces
●
The linux kernel assigns names to network interfaces
Point-to-point dial-up
connection via modem
Ethernet interfaces
eno16777736 ppp0
ens160 lo
●
An IP address identifies a specific machine for packet delivery.
Beyond that, a port number identifies a specific service (application
program) to which data should be delivered.
– Port number is 16 bits
(0-65535) Web ftp ssh
●
To connect to a specific server server server
server, a client needs to
know the IP address of
the machine, and the
service's port number
80 21 22
– e.g. 192.168.0.5:80
●
TCP and UDP each has
its own set of ports
– TCP port 21 is not the
same as UDP port 21
192.168.0.5
The /etc/services file
●
There is a fixed, standardised association between services, the port
numbers at which they listen, and the protocols (TCP orUDP) they use
– Maintained by the Internet Assigned Numbers Authority (www.iana.org)
– Held in the /etc/services file
– Here is a heavily edited extract:
ftp-data
ftp-data 20/tcp
20/tcp ## File
File Transfer
Transfer [Default
[Default Data]
Data]
ftp
ftp 21/tcp
21/tcp ## File Transfer [Control]
File Transfer [Control]
ssh
ssh 22/tcp
22/tcp ## SSH
SSH Remote
Remote Login
Login Protocol
Protocol
telnet
telnet 23/tcp
23/tcp ## Telnet
Telnet
smtp
smtp 25/tcp
25/tcp mail
mail ## Simple
Simple Mail
Mail Transfer
Transfer
time
time 37/tcp
37/tcp ## Time
Time
time
time 37/udp
37/udp ## Time
Time
domain
domain 53/tcp
53/tcp ## Domain
Domain Name
Name Server
Server
domain
domain 53/udp
53/udp ## Domain Name Server
Domain Name Server
http
http 80/tcp
80/tcp ## World
World Wide
Wide Web
Web HTTP
HTTP
Configuring a network interface
●
Configuring a
network interface
Showing interface status with ip
Configuring an interface with nmcli
Configuring an interface with nmtui
Configuring an interface with DHCP
Where are the network settings stored?
Showing interface status with ifconfig
(History)
●
The ifconfig command shows the status of a network interface. It is
becoming obsolete.
– If you get not found, please install it as
# yum install net-tools -y
●
Example:
# ifconfig
ens160 Link encap:Ethernet HWaddr 00:06:5B:BA:6E:FB
inet addr:192.168.1.1 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::206:5bff:feba:6efb/64 Scope:Link
UP BROADCAST NOTRAILERS RUNNING MULTICAST MTU:1500 Metric:1
RX packets:9749 errors:0 dropped:0 overruns:0 frame:0
TX packets:7215 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:8034188 (7.6 Mb) TX bytes:793559 (774.9 Kb)
Interrupt:10 Base address:0x3000
Configuring an interface with ip command
●
nmcli can also be used to configure interface settings temporarily:
#nmcli con down “Wired connection 1” Disable the interface
●
Create adapter with new name: add additional NIC on the VMware
setting
# nmcli con add con-name test type ethernet ifname ens160
●
Assign static and DHCP IP address to the new adapter interface
respectively.
# nmcli dev modify test ip4 192.168.1.10/24 gw4 192.168.1.254
ipv4.dns 8.8.8.8 ipv4.method manual
# nmcli dev modify test ipv4.method auto
●
Activate the new created adapter
# nmcli con up test
●
To delete adapter
# nmcli con delete test
●
Restart and enable network service using NetworkManager service
# systemctl restart NetworkManager
# systemctl enable NetworkManager
Configuring an interface with nmtui
●
A system can be configured to obtain network settings automatically
from a DHCP (Dynamic Host Configuration Protocol) server
– IP address, subnet mask, default gateway, DNS server, ...
– Settings are leased for a specified time; client must renew the lease
before it expires if it wants to keep using the settings
●
Advantages:
– No manual configuration needed. In particular, machines which often
move between different physical networks (e.g. laptops) do not have to
be manually re-configured each time
– IP addresses can be re-used – you can have more machines than you
have IP addresses if they are not all needed at once
●
Disadvantages
– You need a DHCP server
– Machines offering services (e.g. Web servers) cannot be guarenteed to
stay on the same IP address
●
dhclient command runs a DHCP client software
Where are the network settings stored?
●
In Redhat Linux network settings for the interface ens160 are stored
in the file /etc/sysconfig/network-scripts/ifcfg-ens160
# vi /etc/sysconfig/network-scripts/ifcfg-ens160
●
For a statically configured
machine it might look like
this:
BOOTPROTO=static
BOOTPROTO=static
ONBOOT=yes
ONBOOT=yes
BROADCAST=192.168.1.255
BROADCAST=192.168.1.255
IPADDR=192.168.1.1
IPADDR=192.168.1.1
NETMASK=255.255.255.0
NETMASK=255.255.255.0
NETWORK=192.168.1.0
NETWORK=192.168.1.0
●
For a machine configured via BOOTPROTO=dhcp
BOOTPROTO=dhcp
DHCP it might look like this:
Name resolution
●
Name resolution
Name services
Hostname
The /etc/hosts file
Domain Name resolution
The name service switch
Configuring a DNS client
Name services
●
Users prefer to identify computers using names, not IP addresses
– Simple names: server01, pluto, mars, galaxy, ...
– Fully qualified domain names:
server01.example.com, www.ftt.co.uk, …
●
Naming services translate names to IP addresses
●
The resolvers (doing the name lookup) can be made to look in several
places
– A local file (/etc/hosts)
– A NIS server (Network Information Service)
– A NIS+ server (successor to NIS)
– A DNS server (Domain Name Service)
Host Name
●
Host name configuration file /etc/hostname
$hostname server01
● Edit Host name configuration file /etc/hostname to
permanently change hostname
$vi /etc/hostname
server01
The /etc/hosts file
●
The file /etc/hosts is used to define locally-known names
27.0.0.1
27.0.0.1 localhost
localhost localhost.localdomain
localhost.localdomain The loopback address
:1
:1 localhost
localhost localhost.localdomain
localhost.localdomain
192.168.1.1
192.168.1.1 server01
server01 server01.example.com
server01.example.com
●
DNS (Domain Name System) implements a distributed database of
machine name to IP address mappings, encompassing all “globally
visible” machines on The Internet
●
The implementation of DNS for UNIX / Linux is called BIND
– Berkeley Internet Name Domain
– Discussed next week
●
To use DNS, all that most computers need to know is the IP address
of a single (local) DNS server; the rest is magic
●
DNS can also do reverse lookups, to map IP addresses to host names
The name service switch
●
Resolvers read the file /etc/nsswitch.conf to determine which files
or services they should consult to look up machine names or other
items
●
The name service switch configures several lookup services
– Hostnames, user accounts, service names, others ...
●
A typical entry in nsswitch.conf looks like this:
●
The only DNS 'client' command-line tools are diagnostic programs
such as dig and nslookup
●
The true DNS clients are the resolver functions in the C library
– They are configured by the file /etc/resolv.conf
●
In RHEL 7, the nslookup and host utilities were able to accept any
reply without the recursion available flag from any name server
listed. In RHEL 8, nslookup and host ignore replies from name servers
with recursion not available unless it is the name server that is last
configured. In case of the last configured name server, answer is
accepted even without the recursion available flag.
●
However, if the last configured name server is not responding or
unreachable, name resolution fails. To prevent such fail, you can use
one of the following approaches:
– Ensure that configured name servers always reply with the recursion
available flag set.
– Allow recursion for all internal clients.
●
Optionally, you can also use the dig utility to detect whether
recursion is available or not.
Nslookup tool
●
Dig tool
●
Basic diagnostic tools
●
Basic diagnostic
tools
●
The ping command tests reachability of a remote machine
– Sends ICMP 'Echo request' packet, expects ICMP 'Echo reply”
– Reports the round-trip time
to this address
$ ping -c2 -i5 192.168.1.1
PING 192.168.1.1 (192.168.1.1) 56(84) bytes of data.
64 bytes from 192.168.1.1: icmp_seq=1 ttl=47 time=188 ms
64 bytes from 192.168.1.1: icmp_seq=2 ttl=47 time=189 ms
●
By supplying ping with a machine name instead of an IP address, you
can also test name resolution
$ ping -c1 server01 Resolved by local /etc/hosts file
PING sleepy (192.168.1.1) 56(84) bytes of data.
64 bytes from server01 (192.168.1.1): ....
Resolved by DNS
$ ping -c1 server01.example.com
PING server01.example.com (192.168.1.1) 56(84) bytes of
data.
64 bytes from server01.example.com (192.168.1.1): ....
●
The command dig can be used to test DNS servers
– Very flexible tool, see man dig for details
– Here we use it to do simple name resolution:
$ dig server01.example.com
How did the packet get there? - traceroute
●
The command traceroute can be used to determine the route that
an IP packet will take to reach a specific destination:
root@server01 ~]# traceroute server01.example.com
●
Overview: In this exercise we will perform basic configuration of the
network, assigning a hostname, a static IP address, a subnet mask
and a default gateway to each network interface.
●
We will configure our machines to do name resolution using a
combination of a local hosts file and DNS
●
We will test connectivity and name resolution on the network
●
Note: The machines are configured with a regular account called
'lpiuser' or using root user.
1. Edit the file /etc/sysconfig/network-scripts/ifcfg-ens160 Edit
ONBOOT=yes
Can you see the network settings you established? Reboot the
system
2. Configure your second server to have a static IP address of
192.168.1.2 and a subnet mask of 255.255.255.0 and default
gateway 192.168.1.1
3. Set the host name server02, and a domain name of example.com
Exercise (continued)
●
netstat -t shows the current state of TCP connections
– -a flag also shows endpoints listening for connections
# netstat -at
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 *:nfs *:* LISTEN
tcp 0 0 *:echo *:* LISTEN
tcp 0 0 *:netbios-ssn *:* LISTEN
tcp 0 0 *:sunrpc *:* LISTEN
tcp 0 0 *:x11 *:* LISTEN
tcp 0 0 localhost:smtp *:* LISTEN
tcp 0 0 localhost:32925 localhost:echo ESTABLISHED
tcp 0 0 localhost:echo localhost:32925 ESTABLISHED
tcp 0 0 localhost:725 localhost:sunrpc TIME_WAIT
tcp 0 0 *:www-http *:* LISTEN
tcp 0 0 *:ssh *:* LISTEN
Showing TCP status with netstat -t (continued)
●
By default, netstat displays IP addresses as machine names, and
known port numbers as service names
– -n flag forces numeric representation instead
# netstat -nt
Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 127.0.0.1:32925 127.0.0.1:7 ESTABLISHED
tcp 0 0 127.0.0.1:7 127.0.0.1:3292 ESTABLISHED
●
“Static” (permanent) routes can be added to the routing table using
the route command
– For the two-network intranet we saw earlier in the chapter:
# route add -net 192.168.0.0 netmask 255.255.255.0 gw
192.168.1.1 dev ens160
to reach this
send via this using this network ...
gateway ... interface
●
A machine needs to send an IP packet to address 192.168.9.44 from
an interface with an assigned address and subnet mask of
192.168.0.5/20. Can the packet be sent directly, or does it need to be
routed?
●
What is the name of the protocol used to convert IP addresses to MAC
addresses?
●
Which file defines the association between service names and port
numbers?
●
Name one advantage and one disadvantage of using DHCP to assign
network settings
●
Name three ways of doing name resolution
– Which file would you edit to specify the order in which these three ways
are tried?