Introduction to Linux Networking in Linux. Internet In 1970's, DARPA (Defence Advanced Research Projects Agency) wanted something to link their computers.

Introduction to Linux

Networking in Linux

Internet

In 1970's, DARPA (Defence Advanced Research Projects Agency) wanted something to link their computers together.

They chose BSD to implement the first internet, arpa net because if Unix's portability.

Thus, all networking protocols nowadays are all based on the original BSD implementation of networking.

Basic networking

In a networked environment, each computer has its own IP address and MAC address.

There is also a subnet mask associated with the IP address.

Basic routing is that when a computer receives an IP address that is not known, it passes it upstream to its router.

Simple Networking Setup

192.168.1.10255.255.255.0

192.168.1.11255.255.255.0

165.248.1.11255.255.254.0

192.168.1.1255.255.255.0

Router B

A B

Router A

192.168.2.10255.255.255.0

192.168.2.11255.255.255.0

165.248.2.12255.255.254.0

165.248.1.1255.255.254.0

165.248.1.12255.255.254.0

192.168.2.1255.255.255.0

C D

Router C

Setting up the network on Linux

To assign an IP address to a computer, you use the ifconfig command.

There are many options to ifconfig, typical parameters are:ifconfig IP netmask

After assigning an IP address, the computer needs a default gateway so it can pass packets upstream.

To add a default route, you use the route command:route add default IP

Hosts

IP addresses are hard to remember. Who remebers the IP address to yahoo.com? So there is a hosts file all unix. Windows actually have this file too, but

windows don't normally uses it because it uses NetBUI.

An entry in /etc/hosts contains the following:IP Address (IPv4 or IPv6) alias

domain

DNS and /etc/resolv.conf

In Local Network, hosts files works fine, but on the internet, hosts files would not work. So DNS is created.

In DNS, there is a DNS name server that resolves the IP address of a domain name.

The file /etc/resolv.conf is responsible for DNS resolution in a workstation (non-server).

Normally, /etc/hosts is querying a DNS server, however, that option may be changed.

An entry in /etc/resolv.conf:nameserver IP addresssearch domain

DHCP

Assigning an IP address to each computer is not a feasible solution if clients are not always connected.

DHCP or Dynamic Host Configuration Protocol is developed.

Most Linux distributions is configured to automatically asks for an IP address from a DHCP server when it boots up.

To asks for an IP address manually, you use the dhclient command:dhclient interface

More on routing

To do “routing” with linux, the kernel usually needs to be recompiled with ip forwarding.

But a loadable module may be loaded instead of recompile if the kernel supports loading additional modules.

Benefits of using monolithic kernel is added security.

Once ip forwarding is enabled, the machine can act as a basic router.

Routed is the routing daemon.

Routing protocols

Base installation of Unix supports the RIP protocol. (Routing Information Protocol)

There are a few more protocols: IGRP (Interior Gateway Routing Protocol) EGP (Exterior Gateway Protocol) BGP (Border Gateway Protocol)

To use the above routing protocols, third party programs will be needed: Zebra (GNU) Bgpd Gated Quagga (Told to be the best)

Netstat

The command netstat show network statistics. (Note: different unixes shows different outputs)

The options -r shows the routing table. -n shows numeric IPs instead of hosts. -i shows configured network interfaces. -t shows active TCP connections, -u for

udp, -w for raw and -x for unix sockets. -a shows listening sockets.

Routing Table

Routing tables

Internet:Destination Gateway Flags Refs Use Netif Expiredefault 172.16.16.2 UGS 0 251 rl0127.0.0.1 127.0.0.1 UH 1 6 lo0172.16.16/22 link#1 UC 0 0 rl0172.16.16.2 08:00:02:56:93:f0 UHLW 1 0 rl0 346172.16.18.67 127.0.0.1 UGHS 0 0 lo0

FlagsG – uses a gatewayU – interface upH – only single host

Network statistics on connections

Active Internet connectionsProto Recv-Q Send-Q Local Address Foreign Address (state)tcp4 0 48 fukakyon.ssh 165.248.17.24.6080 ESTABLISHEDudp4 0 0 localhost.55092 localhost.54628udp4 0 0 localhost.54628 localhost.55092udp4 0 0 localhost.domain *.*udp4 0 0 fukakyon.domain *.*udp4 0 0 fukakyon.domain *.*

Active Internet connections (including servers)Proto Recv-Q Send-Q Local Address Foreign Address (state)tcp4 0 48 fukakyon.ssh 165.248.17.24.6080 ESTABLISHEDtcp4 0 0 *.3128 *.* LISTENtcp4 0 0 *.http *.* LISTENtcp4 0 0 *.https *.* LISTENtcp4 0 0 *.3127 *.* LISTENtcp4 0 0 localhost.8005 *.* LISTENtcp4 0 0 *.8009 *.* LISTENtcp4 0 0 *.8008 *.* LISTENtcp4 0 0 *.ftp *.* LISTENtcp4 0 0 localhost.10025 *.* LISTENtcp4 0 0 *.smtp *.* LISTENtcp4 0 0 *.postgresql *.* LISTENtcp4 0 0 *.3306 *.* LISTENtcp4 0 0 *.3129 *.* LISTENtcp4 0 0 *.imaps *.* LISTENtcp4 0 0 *.imap *.* LISTENtcp4 0 0 localhost.10024 *.* LISTENtcp4 0 0 *.ssh *.* LISTENtcp4 0 0 localhost.rndc *.* LISTENtcp4 0 0 localhost.domain *.* LISTENtcp4 0 0 fukakyon.domain *.* LISTENtcp4 0 0 fukakyon.domain *.* LISTEN

More on DNS

DNS is Domain Name System. There are different types of records in DNS

(Common types): A record Direct address

translation PTR record IP->host translation MX record Mail Exchange record CNAME record Alias of an A record

Types of quering for a DNS record

When asking for a reply to a DNS query. (i.e. Asking for the IP address to yahoo.com), there are 2 types of queries: Recursive lookup (default) Non-recursive lookup

In recursive lookup, when the reply to a query is not in a nameserver cache, that nameserver will ask another nameserver for the answer. That nameserver will then do the same thing if the reply is not in the cache.

In recursive lookup, you will always get the IP address for a valid domain.

In non-recursive lookup, if the reply is not in the cache, the nameserver will just return with a possible link to a nameserver that might have the reply.

Example replies

Say we search for the IP address of gpro.com non-recursive:

; <<>> DiG 9.3.0 <<>> +norecurse gpro.com;; global options: printcmd;; Got answer:;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 25102;; flags: qr ra; QUERY: 1, ANSWER: 0, AUTHORITY: 13, ADDITIONAL: 14

;; QUESTION SECTION:;gpro.com. IN A

;; AUTHORITY SECTION:com. 165661 IN NS M.GTLD-SERVERS.NET.com. 165661 IN NS A.GTLD-SERVERS.NET.

;; ADDITIONAL SECTION:A.GTLD-SERVERS.NET. 142702 IN A 192.5.6.30

;; Query time: 6 msec;; SERVER: 165.248.1.209#53(165.248.1.209);; WHEN: Wed Mar 16 18:42:26 2005;; MSG SIZE rcvd: 498

We are asked to query another server, which gives us the following:

; <<>> DiG 9.2.2 <<>> @192.5.6.30 +norecurse gpro.com;; global options: printcmd;; Got answer:;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 12241;; flags: qr; QUERY: 1, ANSWER: 0, AUTHORITY: 2, ADDITIONAL: 1

;; QUESTION SECTION:;gpro.com. IN A

;; AUTHORITY SECTION:gpro.com. 172800 IN NS ns-tk022.ocn.ad.jp.gpro.com. 172800 IN NS ns.gpro.com.

;; ADDITIONAL SECTION:ns.gpro.com. 172800 IN A 210.248.35.130

;; Query time: 152 msec;; SERVER: 192.5.6.30#53(192.5.6.30);; WHEN: Wed Mar 16 18:54:21 2005;; MSG SIZE rcvd: 91

One more query and we get the answer:; <<>> DiG 9.2.2 <<>> @210.248.35.130 +norecurse gpro.com;; global options: printcmd;; Got answer:;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 52025;; flags: qr aa ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2

;; QUESTION SECTION:;gpro.com. IN A

;; ANSWER SECTION:gpro.com. 86400 IN A 128.121.200.80

;; AUTHORITY SECTION:gpro.com. 86400 IN NS ns-tk022.ocn.ad.jp.gpro.com. 86400 IN NS ns.gpro.com.

;; ADDITIONAL SECTION:ns-tk022.ocn.ad.jp. 75806 IN A 203.139.160.104ns.gpro.com. 86400 IN A 210.248.35.130

;; Query time: 306 msec;; SERVER: 210.248.35.130#53(210.248.35.130);; WHEN: Wed Mar 16 18:55:48 2005;; MSG SIZE rcvd: 123