System Configuration for TCP/IP networking Spring 2012, Fordham University Xiaolan Zhang
System Configuration for TCP/IP networking
Spring 2012, Fordham UniversityXiaolan Zhang
Outline
Unix overview Unix and TCP/IP: where are network func.
implemented? Different variants of Unix Pointers to resources
Introduction to Unix system administration Key commands for knowing system being
used Packaging utility
Unix and TCP/IP
Berkeley's Unix was first Unix to include libraries supporting Internet Protocol stacks: Berkeley sockets. Integrate sockets with Unix operating
system's file descriptors, it became almost as easy to read and write data across a network as it was to access a disk.
Reference: TCP/IP Illustrated, Volume 2: The Implementation, by Gary R. Wright, W. Richard Stevens
Recall: Socket
a host-local, application-created OS-controlled interface (a “door” or “mailbox”) into which application process
can both send and receive messages
to/from another application process (remote or local)
Application 2-4
process
TCP withbuffers,variables
socket
host orserver
process
TCP withbuffers,variables
socket
host orserver
Internet
controlledby OS
controlled byapp developer
Socket API: interface for C programming socket(): creates a new socket of a certain socket
type, identified by an integer number, and allocates system resources to it.
bind(): server side, and associates a socket with a socket address structure, i.e. a specified local port number and IP address.
listen(): server side, causes a bound TCP socket to enter listening state.
accept(): server side, accepts a received incoming attempt to create a new TCP connection from remote client, and creates a new socket associated with the socket address pair of this connection.
Socket API: interface for C programming connect(): (client side) assigns a free local port
number to a socket. In case of a TCP socket, it causes an attempt to establish a new TCP connection.
send() and recv(), or write() and read(), or sendto() and recvfrom(), used for sending and receiving data to/from a socket.
close() causes system to release resources allocated to a socket. In case of TCP, the connection is terminated.
…
closeconnectionSocket
read reply fromclientSocket
closeclientSocket
Client/server socket interaction: TCP
wait for incomingconnection requestconnectionSocket =welcomeSocket.accept()
create socket,port=x, forincoming request:welcomeSocket =
ServerSocket()
create socket,connect to hostid, port=xclientSocket =
Socket()
Server (running on hostid) Client
send request usingclientSocketread request from
connectionSocket
write reply toconnectionSocket
TCP connection setup
Application 2-7
two socketsat server
outT
oSer
ver
to network from network
inFr
omS
erve
r
inFr
omU
ser
keyboard monitor
Process
clientSocket
inputstream
inputstream
outputstream
TCPsocket
Clientprocess
client TCP socket
Stream jargon
Stream: a sequence of characters that flow into or out of a process
input stream is attached to some input source for the process, e.g., keyboard, socket, file, …
output stream is attached to an output source, e.g., monitor, socket, file, …
Key: stream interface provides an abstraction, i.e., no matter what’s the actual source/dest, reading from input stream/writing to output stream are same
Application 2-8
This course
TCP/IP network administration on Unix/Linux system
Where are Network Func. Implemented? Link layer: implemented in device drivers TCP/IP: implemented in kernel Application layer protocols implemented in
command (software) DNS: dig, nslookup DHCP ssh ftp HTTP:
Will learn how to install/configure all these!
Origin of Unix
Dennis Ritchie (standing) and Ken Thompson begin porting UNIX to the PDP-11 via two Teletype 33 terminals.
Unix Lineage
Linux kernel versions
Unix Kernel Kernel: part of Unix operating system
that remains running at all times when the system is up
kernel executable image named unix (System V-based), vmunix (BSD-
based system), or something similar stored in or linked to root directory
• AIX /unix (actually a link to a file in /usr/lib/boot)• FreeBSD /kernel• HP-UX /stand/vmunix• Linux /boot/vmlinuz• Solaris /kernel/genunix
Linux distribution built upon standard kernels but are
packaged and bundled differently. collection of packages and how packages
were compiled and ultimately delivered are what make Linux distributions unique
Examples Linux Mint, linuxmit.com Ubuntu, ubuntu.com Fedora, federaproject.org Debian, redhat, …
For more complete list of distributions:
http://distrowatch.com/http://lwn.net/Distributions/
for system-specific guide, go to specificWebsite:help.ubuntu.comredhat.com/docs, …
Outline
Unix overview Unix and TCP/IP: where are network func.
implemented? Different variants of Unix Pointers to resources
Key commands for knowing system being used
Introduction to Unix system administration installation: compiling, driver, package
Interface/Routing configuration
System Administrator Resource General (for all distributions)
http://tldp.org/LDP/sag/html/index.html And much more
Distribution specific resource https://help.ubuntu.com/community/
SystemAdministration => We will use this as our example
And much more Essentials:
Using terminal and command lie AddUsersHowTo FilePermissions (permission bits and Access Control List) BackupYourSystem Software Management
Useful Commands
Focus on underlying commands (command line to use in terminal window), instead of GUI interface More ubiquitious More complete functionalities
First, one needs to know what kernel or distribution is running In order to find out relevant online info, get
help, …
System info
What’s Unix/Linux kernel version?zhang@mocha:~$ uname -aLinux mocha 2.6.32-38-generic #83-Ubuntu
SMP Wed Jan 4 11:13:04 UTC 2012 i686 GNU/Linux
What Linux distribution is used? zhang@mocha:~$ lsb_release -r -i -c -dDistributor ID: UbuntuDescription: Ubuntu 10.04.4 LTSRelease: 10.04Codename: lucid
Which version of command is used ? Almost all commands have a –v optionzhang@mocha:~$ nmap –vStarting Nmap 5.00 ( http://nmap.org ) at 2012-03-21 13:40 EDTNSE: Loaded 0 scripts for scanning.Read data files from: /usr/share/nmapWARNING: No targets were specified, so 0 hosts scanned.Nmap done: 0 IP addresses (0 hosts up) scanned in 0.07 seconds
Finding stuffs: where is …? which: locate a command whereis: locate binary, source, and manual
page files for a command locate, find: find files by names
Installing software
Suppose you want to install program dig Google “How to install dig on Ubuntu?” A resource:
Luckily this is easy to install, just not terribly intuitive or easy to find as it’s not a package known as dig:sudo apt-get install dnsutils
Software (or command) and Package
Software, a program which you can run on your computer Programs often need other resources to work Thousands of files may be required (and put in
exact location) Packages : store everything that a
particular program needs to run a collection of files bundled into a single file,
which can be handled much more easily contained special files called installation
scripts, which copy files to where they are needed (amongst other things)
Source Package and binary package
Source packages just include source code, and can be used on any type of machine if code is compiled in the right way
Binary packages have been made specifically for one type of computer, or architecture, e.g., x86 (i386 or i686), AMD64 and PPC Generally, correct binary packages will be
used automatically, so you don't have to worry about picking right ones
Installing new software (1)
Software you want => relevant software package locate command => findutils package named (DNS server) => BIND package
Know your packaging utilities Ubunto: APT (Debian Advanced Package Tool)
• E.g., apt-get install wget
RedHat: YUM• E.g., yum install wget
Solaris:• Pktutil –-install wget
Advanced Packaging Tool (APT) apt-get command is a powerful
command-line tool installation of new software packages upgrade of existing software packages updating of the package list index Upgrading entire Ubuntu system.
Install/Remove package
Install a Package: e.g., to install the network scanner nmap:sudo apt-get install nmap
Remove a Package:sudo apt-get remove nmap --purge options to apt-get remove will remove the
package configuration files as well.
Multiple Packages: You may specify multiple packages to be installed or removed, separated by spaces.
Update Package Index
APT package index is essentially a database of available packages from repositories defined in /etc/apt/sources.list file
deb http://us.archive.ubuntu.com/ubuntu/ lucid main restricteddeb-src http://us.archive.ubuntu.com/ubuntu/ lucid main restricted
## Major bug fix updates produced after the final release of the## distribution.deb http://us.archive.ubuntu.com/ubuntu/ lucid-updates main restricteddeb-src http://us.archive.ubuntu.com/ubuntu/ lucid-updates main restricted
To update local package index with latest changes made in repositories sudo apt-get update
Upgrade Packages
To upgrade your system, first update your package index as outlined above, and then type:sudo apt-get upgrade
sudo
allows a permitted user to execute a command as superuser (root) or another user, as specified in sudoers file. Typically, sudo requires that users
authenticate themselves with a password Once a user has been authenticated, a
timestamp is updated and the user may then use sudo without a password for a short period of time (15 minutes unless overridden in sudoers).
Outline
Unix overview Unix and TCP/IP: where are network func.
implemented? Different variants of Unix Pointers to resources
Key commands for knowing system being used
Introduction to Unix system administration installation: compiling, driver, package
Linux boot in a nutshell
System startup
When a system is first booted, or is reset, processor executes code at a well-known location For PC, this location is in
basic input/output system (BIOS), which is stored in flash memory on motherboard
BIOS must determine which devices are candidates for boot.
BIOS/Boot loader
BIOS searches for devices that are both active and bootable in the order of preference A boot device can be a floppy disk, a CD-
ROM, a partition on a hard disk, a device on network, or a USB flash memory stick
When booted from a hard disk, where Master Boot Record (MBR) contains the primary boot loader After the MBR is loaded into RAM, the BIOS
yields control to it.
Primary Boot Loader MBR, a 512-byte sector, first
sector on disk (sector 1 of cylinder 0, head 0)• contains both executable code and
error message text• partition table contains a record for
each of four partitions (sixteen bytes each).
• magic number: a validation check of MBR.
The job: to find and load secondary boot loader (stage 2)• Using partition tables
Second-stage boot loader, or kernel loader
a splash screen is commonly displayed, and Checks system hardware Enumerates attached hardware devices Mounts root device, and loads the necessary
kernel modules. Linux and an optional initial RAM disk
(temporary root file system) are loaded into memory.
When images are loaded, second-stage boot loader passes control to kernel image and kernel is decompressed and initialized
GRUB
first- and second-stage boot loaders combined Linux Loader (LILO) GRand Unified Bootloader (GRUB) in the x86
PC environment.
GRUB a three-stage boot loader Stage 1 (MBR) boots a stage 1.5 boot loader
that understands particular file system containing Linux kernel image
When stage 1.5 boot loader is loaded and running, stage 2 boot loader can be loaded.
With stage 2 loaded, GRUB displays a list of available kernels (defined in /etc/grub.conf, with soft links from /etc/grub/menu.lst and /etc/grub.conf).
kernel image and initrd image are loaded into memory. With images ready, stage 2 boot loader invokes kernel image.
multibooting
One boot disk (which as one MBR) Choose one boot loader to be the
“master” Use GRUB for Intel-based Unix/Linux
system
Kernel
prepares itself Uncompress itself Initialize internal tables, creating in-memory
data structures Complete hardware diagnostics Install loadable drivers for various hardware
devices present on system. creates a process (PID 1) to run init program
Command dmesg: display a copy of console messages generated during last boot at this stage
init process
the parent of all processes in the system, it is executed by kernel and is responsible for starting all other processes (including daemons, network services) System V startup model (sysvinit), book
talked about this Upstart, used on mocha Systemd, used on storm, erdos
After this, boot is complete, and the system is up and running normally.
Startup Runlevels
Indicate state of system when init process is complete 0: shuts down all processes and halt system 1: single-user mode, for sys. Admin. To
perform maintenance 2: special multi-user mode, no support for
file sharing 3: full multi-user mode, NFS file sharing 4: unused 5: dedicated X windows terminal 6: shuts down all processes and reboots
Configuration file, /etc/inittab
To set the default runlevel you can edit following line in your /etc/inittab file: id:X:initdefault:
where X is the runlevel. So to automatically startup X11, you would replace X with 5. Or if you're at the lilo prompt, you can enter linux X (where X again is the runlevel).
During the init process, the /etc/rc.sysinit file is run which in turn goes into the default runlevel from the /etc/inittab file.
Configuration file, /etc/inittab
Every runlevel runs available scripts in appropriate runlevel directory found in /etc/rcX.d where X is the runlevel.
If you're entering runlevel 3, scripts in /etc/rc3.d are executed. These files are symbolic links to main scripts located in /etc/init.d directory.
E.g., under /etc/init.3 K20nfs -> ../init.d/nfs S10network -> ../init.d/network S55sshd -> ../init.d/sshd
Upstart event-based replacement for
/sbin/init daemon which handles starting of tasks and services during boot, stopping them during shutdown and supervising them while the system is running. originally developed for Ubuntu but is
intended to be suitable for deployment in all Linux distributions as a replacement for venerable System-V init.
systemd system and service manager for Linux,
compatible with SysV and LSB init scripts. aggressive parallelization capabilities uses socket and D-Bus activation for starting
services offers on-demand starting of daemons keeps track of processes using Linux cgroups, supports snapshotting and restoring of the system
state maintains mount and automount points …
It can work as a drop-in replacement for sysvinit.
Homework
Download and install Ubuntu http://www.ubuntu.com/download/ubuntu/downloadPlease use same release as mocha: Distributor ID: UbuntuDescription: Ubuntu 10.04.4 LTSRelease: 10.04Codename: lucid