Basic TCP/IP networking Basic network configuration Routes Network interface aliasing inetd configuration Basic TCP/IP networking Grado en Inform´ atica. 2013 Departamento de Computaci´ on Facultad de Inform´ atica Universidad de Coru˜ na Antonio Y´ a˜ nez Izquierdo (Antonio Y´ a˜ nez Izquierdo) Basic TCP/IP networking 1 / 39
39
Embed
Basic TCP/IP networking - Departamento de Computaci³n
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Basic TCP/IPnetworking
Basic networkconfiguration
Routes
Networkinterfacealiasing
inetdconfiguration
Basic TCP/IP networkingGrado en Informatica. 2013
Departamento de ComputacionFacultad de InformaticaUniversidad de Coruna
manual configuration: we configure manually each of theparamaters, either directly using the comand line orthrough the boot scriptsusing dhcp: the network interface card asks for itsconfiguration to a machine in the network (the dhcpserver). This can be done directly through the comand lineor using the boot scripts
most systems have a graphic utility to configure thenetwork, which can be used to configure either manuallyor via dhcp. We won’t deal with those utilities, neither willwe deal with the wireless configuration options
the configuration of the dns resides on the file/etc/resolv.conf
this file has the options to the resolver configuration. Themost common options are
nameserver to specify the address of a domain nameserver, up to 3 can be defineddomain (optional) to sepecify the local domain. Shortnames are supposed to be from this domain
the interfaces are named after the driver in the kernel thatmanages them.
example: the kernel uses the e1000g driver for Intel(R)PRO/1000 NICS. Cards of this type will get the namese1000g0, e1000g1 . . .
ifconfig interface name plumb: plumbs (or connects)the interface: no configuration can be done before this,even ifconfig won’t show the interface until it is plumbed
ifconfig interface name dhcp configures the cardinterface name using dhcp.
ifconfig interface name inet addr netmask netmbroadcast bcast configures the card interface name withaddress addr, netmask netm and broadcast address bcast.If omitted broadcast defaults to using 1’s in the hostnumber. The netmask can also be specified in the formataddress/network bits, or can be specified through one ofthe netwroks defined in /etc/networks#ifconfig e1000g1 inet 192.168.1.100 netmask 255.255.255.0
#ifconfig e1000g1 inet 192.168.1.100/24
ifconfig interface name up brings the interface up
if we want to get the interfaces automatically configuredat boot time (via svc:/network/physical) we’ll use thefollowing files
interfaces using dhcp/etc/hostname.interface name: empty file to plumbthe interface/etc/dhcp.interface name: empty file to get theinterface configured with dhcp
interfaces configured manually/etc/hostname.interface name: file containing thenecessary parameters passed to ifconfig to configure theinterface. The ’inet’ parameter is omitted: should wewant to configure an ’inet6’ interface we would use an/etc/hostname6.interface name file
/etc/nodename: contains the name of the system. It isneccessary if the system is configured via dhcp if theDHCP server does not provide a value for the hostname.The system can also get the name from the /etc/hosts
database using the ip from the primary network card
/etc/defaultrouter: the ip address (or name if definedin /etc/hosts) of the default router.
/etc/defaultdomain: a single line containing a host’sdomain name
/etc/networks: used to associate network names tonetwork addresses
if we want to get the interfaces automatically configuredat boot time (via /etc/netstart) we’ll use the followingfiles
interfaces using dhcp
/etc/hostname.interface name file containing the worddhcp (see hostname.if man page)
interfaces configured manually
/etc/hostname.interface name file containing thenecessary parameters passed to ifconfig to configure theinterface. If we’d want to configure an ’inet6’ interface wewould use inet6 instead of inet in the/etc/hostname.interface name file
the interfaces are named eth0, eth1, eth2 . . .the names eth0, eth1, eth2 . . . are asigned to theinterfaces THE FIRST TIME the kernel recognices them.This is stored in the file/etc/udev/rules.d/70-persistent-net.rules, whereit can be changed if necessary.
on older versions of linux the names were assigned eachtime the system booted, and this was driver-loading-orderdendent.
if we want to get the interfaces automatically configuredat boot time (via /etc/init.d/networking) debiansystems and derivatives will look for the file/etc/network/interfaces (see interfaces man page)/etc/hostname Contains the name of the system (eitherthe fully qualified domain name or just the nodename)Sample /etc/network/interfaces with just one NICmanually configured
By interface aliasing we refer to the act of giving aNetwork Interface Card more than one IP address. (solariscalls them logical interfaces)
linux we configure these alias as we would do with a non-aliasedinterface but using the names eth0:0, eth0:1. . . , eth1:0. . . .To get it configured at boot time we just add an entry forit in the file /etc/network/interfaces as we would dowith a non-aliased interface
this file has a mapping between the port numbers andprotocol to the services names. Info can be found in theservices man page. A fragment from an acual/etc/services is shown
An aditional layer can be placed between inetd and theserver program to perform access control based on hostname, network address or ident queries
This layer is usally called tcpwrappers or, by the name ofthe program, tcpd.
the program tcpd gets called by inetd and receives theserver to start as a parametertcpd checks its configuration files to see if the access mustbe granted or deniedin case the access is granted tcpd starts the serverprogram supplied as parameter
the corresponding line for ths telnetd server usingtcpwrappers would look like this
the configuration for the tcpwrappers resides in the files/etc/hosts.allow and /etc/hosts.deny
the manual page hosts access documents the use ofthese files
Access will be granted when a (daemon,client) pairmatches an entry in the /etc/hosts.allow file.Otherwise, access will be denied when a (daemon,client)pair matches an entry in the /etc/hosts.deny file.Otherwise, access will be granted.
tcp wrapers is treated as a property of inetd so, to enableit we must modify that property of inetd
# inetadm -M tcp_wrappers=TRUE
tcp wrapers can be enabled on a per service basismodifying just the property of that service. For example toenable the host access control ONLY for the telnet servicewe’d do
# inetadm -M tcp_wrappers=FALSE
to disable tcp wrappers. And then to enable tcp wrappersfor the telnet service