Network Configuration

Network Configuration
Chapter 1 Outline

●
In this chapter we will learn about:

✓ The basics of the IP protocol and packet delivery

✓ How to configure a network interface
✓ How to configure name resolution
✓ Some basic diagnostic tools
TCP/IP primer

Introducing TCP/IP
●
TCP/IP primer
IP addresses
Network and host components
CIDR notation
A typical internet
IP routing decisions
The routing table
MAC addresses
The ARP protocol
The ARP cache
The naming of network interfaces
Services and port numbers
The /etc/services file
Traceroute

●
Tracing data path from US (Netwok-tools.com) to Ethiopia (AAiT)
– Select “Trace” and click “Go”
Hop (ms) (ms) (ms) IP Address Host name
1 0 0 0 206.123.64.233 - Missouri, US
2 1 1 1 129.250.202.253 xe-0-4-
012.r01.dllstx04.us.bb.gin.ntt.net Colorado, US–NTT America (ISP)
3 1 1 1 89.221.40.162 ae0.dallas2.dal.seabone.net
Dallas, US – NTT America (ISP)
4 362 343 342 185.70.202.2 - Italy, RIPE ISP
5 386 386 385 185.70.202.9 - Italy, RIPE ISP
6 404 403 404 197.254.194.22 - Sudan
7 Timed out Timed out Timed out
Introducing TCP/IP

●
Linux systems communicate using a protocol suite called TCP/IP
– IP is a network layer protocol and is responsible for routing packets across
an interconnected set of networks (an “internet”) to the correct machine

– TCP (Transmission Control Protocol) is a transport layer protocol layered

over IP, and is responsible for delivering packets to a specific application
(service) on the destination machine
●
Connection-oriented (establishes a reliable “virtual circuit” between
two applications)

– UDP (User Datagram Protocol) is another transport layer protocol

●
Connectionless
●
Not guarenteed
IP addresses

A connection from a computer

to a network is identified by an
IP address (a 32-bit number)

IP addresses are written in dotted decimal notation.

Each byte of the address is written as a decimal
integer between 0 and 255

11000000 10101000 00000000 00000101

IP address 192.168.0.5
Network and host components

●
An IP address is divided into two parts: a network ID and a host ID
– The network ID is used to route packets to the correct network
– The host ID is used to deliver packets to the correct host on the network
●
A subnet mask defines how an IP address is split between network
and host components

255.255.255.0

subnet mask 11111111 11111111 11111111 00000000

IP address 11000000 10101000 00000000 00000101

192 . 168 . 0 . 5

Network ID Host ID
CIDR notation

●
CIDR (Classless Inter-Domain Routing) notation allows an interface's
IP address and subnet mask to be represented compactly:

192.168.0.5/24
The number of bits in the
IP address that should be
interpreted as the network ID

subnet mask 11111111 11111111 11111111 00000000

IP address 11000000 10101000 00000000 00000101

Network ID Host ID
A typical internet

A B C D 176.13.4.92

The Internet

192.168.0.1 192.168.0.3 192.168.0.254

192.168.0.2 192.168.0.4

P Q R S

192.168.1.1 192.168.1.3 192.168.1.254

192.168.1.2
IP routing decisions

●
IP decides how to route a packet to its destination based on the
network component of the destination IP address
Example:
Do I have a direct Yes Send the packet
connection to A to C
on this connection
this network?
No
Send the packet
Do I know a route Yes A to Q
to the IP address
to this network? via S
specified in the
routing table
No
Yes Send the packet A to the
Do I have a
default gateway? to the default outside world
gateway via D
No
Network unreachable
The routing table

●
Linux holds IP routing information in an internal routing table
– May be displayed with the command route -n
– This example is from machine 'A' and has been edited to fit the page:
# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Iface
192.168.0.0 0.0.0.0 255.255.255.0 U ens160
192.168.1.0 192.168.0.254 255.255.255.0 U ens160
0.0.0.0 192.168.0.4 0.0.0.0 UG ens160

●
The most specific matching route (the one with the longest
“Genmask”) is used
– The packet is sent to the specified gateway via the specified interface
The routing table explained

●
First entry:
– Says that the local network (192.168.0.0/24) is connected directly to the
network interface called eth0. There is no gateway (the IP address is
shown as 0.0.0.0)

●
Second entry:
– Says that packets destined for the network 192.168.1.0/24 should be sent
to the gateway 192.168.0.254 using network interface ens160

●
Third entry:
– This route always matches because the “genmask” is zero
– Specifies 192.168.0.4 as the default gateway
– Says where to send the packet if there is no more specific match
Routing table flags

●
The flags in the fourth column of the routing table show how the
kernel will interpret the entry and have the following meanings:
●
! - learned routes for network are rejected
●
A – route added by addconf (an IPv6 address resolution protocol )
●
C – cache entry
●
D – route created by a routing daemon or ICMP redirect
●
G – use the gateway given in the Gateway column for traffic going to the
network specified in the routing entry
●
M – route has been modified by a routing daemon or ICMP redirect
●
R – reinstate routing to permit routing updates for this particular routing
entry
●
U – network route is created (up) and will be used by kernel to make
routing decisions
MAC addresses

●
When an IP packet is transmitted on a physical medium (eg ethernet)
it is encapsulated inside a frame which includes the physical address
(“MAC address”) of the network interface it is being sent to
●
The MAC address is permanently assigned to the interface
– 48 bits; written in hex with colons, e.g. 00:06:5B:BA:6E:FB

A B C
00:06:44:6C:E6:8A 00:06:5B:B6:54:B9 00:06:5B:BA:6E:FB

192.168.0.1 192.168.0.2 192.168.0.3

IP Datagram 00:06:5B:BA:6E:FB
The ARP protocol

●
ARP (address resolution protocol) is used to discover MAC addresses

ARP request is broadcast:

Who is 192.168.0.3?
Tell 192.168.0.1

A B C
00:06:44:6C:E6:8A 00:06:5B:B6:54:B9 00:06:5B:BA:6E:FB

192.168.0.1 192.168.0.2 192.168.0.3

ARP reply: “192.168.0.3 is at 00:06:5B:BA:6E:FB”

The ARP cache

●
To avoid an ARP broadcast prior to every transmission, known IP-to-
MAC address bindings are stored in the ARP cache
– The cache is always consulted first
– Entries remain in the cache for about 15 minutes then time out

●
The ARP cache can be examined via /proc/net/arp:
# cat /proc/net/arp
IP address HW type Flags HW address Mask Device
192.168.0.4 0x1 0x2 00:60:97:5E:B9:E2 * ens160
192.168.0.1 0x1 0x2 00:50:BA:99:C1:A9 * ens160
Manipulating the ARP cache

●
The arp command can also be used to examine the cache and to
manually add or delete entries, though this is rarely necessary
– Show all entries:
# arp -a
– Add an entry:
# arp -s 192.168.0.3 00:60:97:1A:37:BF -i ens160 temp
– Add a permanent entry:
# arp -s 192.168.0.3 00:60:97:1A:37:BF -i ens160
– Delete an entry:
# arp -d 192.168.0.3
The naming of network interfaces

●
The linux kernel assigns names to network interfaces

Point-to-point dial-up
connection via modem
Ethernet interfaces

eno16777736 ppp0

ens160 lo

The loopback interface provides a way

to reach the local machine. Packets
are simply looped back up the TCP/IP
stack. There is no associated network
hardware. The loopback interface has
the IP address 127.0.0.1
Services and port numbers

●
An IP address identifies a specific machine for packet delivery.
Beyond that, a port number identifies a specific service (application
program) to which data should be delivered.
– Port number is 16 bits
(0-65535) Web ftp ssh
●
To connect to a specific server server server
server, a client needs to
know the IP address of
the machine, and the
service's port number
80 21 22
– e.g. 192.168.0.5:80
●
TCP and UDP each has
its own set of ports
– TCP port 21 is not the
same as UDP port 21
192.168.0.5
The /etc/services file

●
There is a fixed, standardised association between services, the port
numbers at which they listen, and the protocols (TCP orUDP) they use
– Maintained by the Internet Assigned Numbers Authority (www.iana.org)
– Held in the /etc/services file
– Here is a heavily edited extract:

ftp-data
ftp-data 20/tcp
20/tcp ## File
File Transfer
Transfer [Default
[Default Data]
Data]
ftp
ftp 21/tcp
21/tcp ## File Transfer [Control]
File Transfer [Control]
ssh
ssh 22/tcp
22/tcp ## SSH
SSH Remote
Remote Login
Login Protocol
Protocol
telnet
telnet 23/tcp
23/tcp ## Telnet
Telnet
smtp
smtp 25/tcp
25/tcp mail
mail ## Simple
Simple Mail
Mail Transfer
Transfer
time
time 37/tcp
37/tcp ## Time
Time
time
time 37/udp
37/udp ## Time
Time
domain
domain 53/tcp
53/tcp ## Domain
Domain Name
Name Server
Server
domain
domain 53/udp
53/udp ## Domain Name Server
Domain Name Server
http
http 80/tcp
80/tcp ## World
World Wide
Wide Web
Web HTTP
HTTP
Configuring a network interface

●
Configuring a
network interface
Showing interface status with ip
Configuring an interface with nmcli
Configuring an interface with nmtui
Configuring an interface with DHCP
Where are the network settings stored?
Showing interface status with ifconfig
(History)

●
The ifconfig command shows the status of a network interface. It is
becoming obsolete.
– If you get not found, please install it as
# yum install net-tools -y

Lets add some other tools that we will use later

# yum install bind-utils -y

# yum install traceroute -y

●
Example:
# ifconfig
ens160 Link encap:Ethernet HWaddr 00:06:5B:BA:6E:FB
inet addr:192.168.1.1 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::206:5bff:feba:6efb/64 Scope:Link
UP BROADCAST NOTRAILERS RUNNING MULTICAST MTU:1500 Metric:1
RX packets:9749 errors:0 dropped:0 overruns:0 frame:0
TX packets:7215 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:8034188 (7.6 Mb) TX bytes:793559 (774.9 Kb)
Interrupt:10 Base address:0x3000
Configuring an interface with ip command

● you can configure a network interface using the ip

command, but but changes are not persistent across
reboots; when you reboot, you will lose any changes. Note
that the ip utility replaces the ifconfig utility
●
ip commad add ip addresses temporary:
#ip addr add 192.168.1.1/24 dev ens160
●
To show the ip address
#ip addr
●
To show the ip address
#ip addr show dev ens160
●
Display the statistics
#ip -s link
●
Note:
NetworkManager is a service that manages network connections, but
it doesn’t manage ip command assigned configurations
Configuring an interface with nmcli

●
nmcli can also be used to configure interface settings temporarily:
#nmcli con down “Wired connection 1” Disable the interface

#nmcli con up “Wired connection 1” Enable the interface

#nmcli networking on
#nmcli networking off
#nmcli dev modify ens160 ipv4.addresses 192.168.1.1/24
ipv4.gateway 192.168.1.254 ipv4.dns 8.8.8.8 ipv4.method manual
●
Display NIC adapter
#nmcli connection show Set IP address and
default gateway
●
Display NIC adapter status
#nmcli device status
●
Restart network service
#systemctl restart NetworkManager
Configuring an interface with nmcli (continued)

●
Create adapter with new name: add additional NIC on the VMware
setting
# nmcli con add con-name test type ethernet ifname ens160
●
Assign static and DHCP IP address to the new adapter interface
respectively.
# nmcli dev modify test ip4 192.168.1.10/24 gw4 192.168.1.254
ipv4.dns 8.8.8.8 ipv4.method manual
# nmcli dev modify test ipv4.method auto
●
Activate the new created adapter
# nmcli con up test
●
To delete adapter
# nmcli con delete test
●
Restart and enable network service using NetworkManager service
# systemctl restart NetworkManager
# systemctl enable NetworkManager
Configuring an interface with nmtui

● The nmtui application is a text user interface (TUI) for

NetworkManager.
●
nmtui can also be used to configure interface settings:
#nmtui
Adding a connection profile using nmtui
Applying changes to a modified connection using
nmtui

● Select the Activate a connection menu entry:

Applying changes to a modified connection using
nmtui

● Select the Deactivate button, and press Enter:

Applying changes to a modified connection using
nmtui

● Select the Activate button, and press Enter

Configuring an interface with DHCP

●
A system can be configured to obtain network settings automatically
from a DHCP (Dynamic Host Configuration Protocol) server
– IP address, subnet mask, default gateway, DNS server, ...
– Settings are leased for a specified time; client must renew the lease
before it expires if it wants to keep using the settings
●
Advantages:
– No manual configuration needed. In particular, machines which often
move between different physical networks (e.g. laptops) do not have to
be manually re-configured each time
– IP addresses can be re-used – you can have more machines than you
have IP addresses if they are not all needed at once
●
Disadvantages
– You need a DHCP server
– Machines offering services (e.g. Web servers) cannot be guarenteed to
stay on the same IP address
●
dhclient command runs a DHCP client software
Where are the network settings stored?

●
In Redhat Linux network settings for the interface ens160 are stored
in the file /etc/sysconfig/network-scripts/ifcfg-ens160
# vi /etc/sysconfig/network-scripts/ifcfg-ens160
●
For a statically configured
machine it might look like
this:
BOOTPROTO=static
BOOTPROTO=static
ONBOOT=yes
ONBOOT=yes
BROADCAST=192.168.1.255
BROADCAST=192.168.1.255
IPADDR=192.168.1.1
IPADDR=192.168.1.1
NETMASK=255.255.255.0
NETMASK=255.255.255.0
NETWORK=192.168.1.0
NETWORK=192.168.1.0

●
For a machine configured via BOOTPROTO=dhcp
BOOTPROTO=dhcp
DHCP it might look like this:
Name resolution

●
Name resolution

Name services
Hostname
The /etc/hosts file
Domain Name resolution
The name service switch
Configuring a DNS client
Name services

●
Users prefer to identify computers using names, not IP addresses
– Simple names: server01, pluto, mars, galaxy, ...
– Fully qualified domain names:
server01.example.com, www.ftt.co.uk, …

●
Naming services translate names to IP addresses

●
The resolvers (doing the name lookup) can be made to look in several
places
– A local file (/etc/hosts)
– A NIS server (Network Information Service)
– A NIS+ server (successor to NIS)
– A DNS server (Domain Name Service)
Host Name

●
Host name configuration file /etc/hostname

$hostnamectl set-hostname server01

or

$hostname server01
● Edit Host name configuration file /etc/hostname to
permanently change hostname

$vi /etc/hostname
server01
The /etc/hosts file

●
The file /etc/hosts is used to define locally-known names

27.0.0.1
27.0.0.1 localhost
localhost localhost.localdomain
localhost.localdomain The loopback address
:1
:1 localhost
localhost localhost.localdomain
localhost.localdomain
192.168.1.1
192.168.1.1 server01
server01 server01.example.com
server01.example.com

A machine may be known

by more than one name
The Domain Name System (DNS)

●
DNS (Domain Name System) implements a distributed database of
machine name to IP address mappings, encompassing all “globally
visible” machines on The Internet

●
The implementation of DNS for UNIX / Linux is called BIND
– Berkeley Internet Name Domain
– Discussed next week

●
To use DNS, all that most computers need to know is the IP address
of a single (local) DNS server; the rest is magic

●
DNS can also do reverse lookups, to map IP addresses to host names
The name service switch

●
Resolvers read the file /etc/nsswitch.conf to determine which files
or services they should consult to look up machine names or other
items
●
The name service switch configures several lookup services
– Hostnames, user accounts, service names, others ...
●
A typical entry in nsswitch.conf looks like this:

hosts: files dns myhostname

These entries direct the
The name of Then, resolvers to use libraries:
the “database” consult dns libnss_files,
libnss_dns,
First, look in the local Finally,
file (/etc/hosts) consult myhostname
Configuring a DNS client

●
The only DNS 'client' command-line tools are diagnostic programs
such as dig and nslookup
●
The true DNS clients are the resolver functions in the C library
– They are configured by the file /etc/resolv.conf

Specifies the IP addresses of

your 'local' DNS servers. The
resolvers will try them in
nameserver the order given. It is best to
nameserver 192.168.1.1
192.168.1.1 have more than one.
nameserver 8.8.8.8
nameserver 8.8.8.8
nameserver
nameserver 4.2.2.2
4.2.2.2
search Specifies the default domain
search disney.edu
disney.edu
to be searched if DNS is
asked to resolve a simple
name like 'sleepy'
DNS resolution

●
In RHEL 7, the nslookup and host utilities were able to accept any
reply without the recursion available flag from any name server
listed. In RHEL 8, nslookup and host ignore replies from name servers
with recursion not available unless it is the name server that is last
configured. In case of the last configured name server, answer is
accepted even without the recursion available flag.
●
However, if the last configured name server is not responding or
unreachable, name resolution fails. To prevent such fail, you can use
one of the following approaches:
– Ensure that configured name servers always reply with the recursion
available flag set.
– Allow recursion for all internal clients.
●
Optionally, you can also use the dig utility to detect whether
recursion is available or not.
Nslookup tool

●
Dig tool

●
Basic diagnostic tools

●
Basic diagnostic
tools

Testing reachability with ping

Testing name resolution with ping and dig
How did the packet get there? - traceroute
Showing TCP status with netstat -t
Showing interface statistics with netstat -i
Establishing static routes
Testing reachability with ping

●
The ping command tests reachability of a remote machine
– Sends ICMP 'Echo request' packet, expects ICMP 'Echo reply”
– Reports the round-trip time

Send 2 echo requests ...

With an interval of 5 seconds ...

to this address
$ ping -c2 -i5 192.168.1.1
PING 192.168.1.1 (192.168.1.1) 56(84) bytes of data.
64 bytes from 192.168.1.1: icmp_seq=1 ttl=47 time=188 ms
64 bytes from 192.168.1.1: icmp_seq=2 ttl=47 time=189 ms

--- 192.168.1.1 ping statistics ---

2 packets transmitted, 2 received, 0% loss, time 5000ms
rtt min/avg/max/mdev = 188.487/188.785/189.084/0.527 ms
Testing name resolution with ping and dig

●
By supplying ping with a machine name instead of an IP address, you
can also test name resolution
$ ping -c1 server01 Resolved by local /etc/hosts file
PING sleepy (192.168.1.1) 56(84) bytes of data.
64 bytes from server01 (192.168.1.1): ....
Resolved by DNS
$ ping -c1 server01.example.com
PING server01.example.com (192.168.1.1) 56(84) bytes of
data.
64 bytes from server01.example.com (192.168.1.1): ....

●
The command dig can be used to test DNS servers
– Very flexible tool, see man dig for details
– Here we use it to do simple name resolution:
$ dig server01.example.com
 How did the packet get there? - traceroute

●
The command traceroute can be used to determine the route that
an IP packet will take to reach a specific destination:
root@server01 ~]# traceroute server01.example.com

traceroute to server01.example.com (192.168.1.1), 30 hops max, 60 byte packets

1 server01 (192.168.1.1) 0.047 ms 0.014 ms 0.013 ms

Exercise: Configuring the in-class network

●
Overview: In this exercise we will perform basic configuration of the
network, assigning a hostname, a static IP address, a subnet mask
and a default gateway to each network interface.
●
We will configure our machines to do name resolution using a
combination of a local hosts file and DNS
●
We will test connectivity and name resolution on the network
●
Note: The machines are configured with a regular account called
'lpiuser' or using root user.
1. Edit the file /etc/sysconfig/network-scripts/ifcfg-ens160 Edit
ONBOOT=yes
Can you see the network settings you established? Reboot the
system
2. Configure your second server to have a static IP address of
192.168.1.2 and a subnet mask of 255.255.255.0 and default
gateway 192.168.1.1
3. Set the host name server02, and a domain name of example.com
 Exercise (continued)

4. Add entries to /etc/hosts to point to your second server.

192.168.1.2 server02 server02.example.com
5. Try to ping the machine by hostname, IP address and fully qualified
domain name server02.example.com
6. Verify that you can ping the first server 192.168.1.1
7. Edit the file /etc/resolv.conf and set the IP address of the DNS
server to 8.8.8.8. In the real world.
Nameserver 8.8.8.8
8. Try to ping one of the machines not in your hosts file. Does name
resolution work now?
If not, use dig to help debug your resolver configuration.
Hint:- comment dns entry on /etc/resolv.conf. #nameserver 8.8.8.8
Showing TCP status with netstat -t

●
netstat -t shows the current state of TCP connections
– -a flag also shows endpoints listening for connections
# netstat -at
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 *:nfs *:* LISTEN
tcp 0 0 *:echo *:* LISTEN
tcp 0 0 *:netbios-ssn *:* LISTEN
tcp 0 0 *:sunrpc *:* LISTEN
tcp 0 0 *:x11 *:* LISTEN
tcp 0 0 localhost:smtp *:* LISTEN
tcp 0 0 localhost:32925 localhost:echo ESTABLISHED
tcp 0 0 localhost:echo localhost:32925 ESTABLISHED
tcp 0 0 localhost:725 localhost:sunrpc TIME_WAIT
tcp 0 0 *:www-http *:* LISTEN
tcp 0 0 *:ssh *:* LISTEN
Showing TCP status with netstat -t (continued)

●
By default, netstat displays IP addresses as machine names, and
known port numbers as service names
– -n flag forces numeric representation instead
# netstat -nt
Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 127.0.0.1:32925 127.0.0.1:7 ESTABLISHED
tcp 0 0 127.0.0.1:7 127.0.0.1:3292 ESTABLISHED

7 is the port number

of the echo service 3292 is the (arbitrary)
port number of the
client's end of the
connection
 Establishing static routes

●
“Static” (permanent) routes can be added to the routing table using
the route command
– For the two-network intranet we saw earlier in the chapter:
# route add -net 192.168.0.0 netmask 255.255.255.0 gw
192.168.1.1 dev ens160

to reach this
send via this using this network ...
gateway ... interface

Now show the updated routing table:

# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Iface
192.168.0.0 192.168.1.1 255.255.255.0 U ens160
192.168.1.0 192.168.0.254 255.255.255.0 U eth0
0.0.0.0 192.168.0.4 0.0.0.0 UG eth0
Quiz

●
A machine needs to send an IP packet to address 192.168.9.44 from
an interface with an assigned address and subnet mask of
192.168.0.5/20. Can the packet be sent directly, or does it need to be
routed?
●
What is the name of the protocol used to convert IP addresses to MAC
addresses?
●
Which file defines the association between service names and port
numbers?
●
Name one advantage and one disadvantage of using DHCP to assign
network settings
●
Name three ways of doing name resolution
– Which file would you edit to specify the order in which these three ways
are tried?