L120: Linux System Administration II
Yüklə 1,05 Mb.
|
- Bu səhifədəki naviqasiya:
- 1. The Network Interface
- 2. Host Information
- 3. Stop and Start Networking
- 4. Routing
- 5. Common Network Tools
- 6. Exercises and Summary
Network ConfigurationPrerequisites
Goals
1. The Network InterfaceThe network interface card (NIC) must be supported by the kernel. To determine which card you are using you can get information from dmesg, /proc/interrupts, /sbin/lsmod or /etc/modules.conf Example:
From the example above we see that the Ethernet card’s chipset is Tulip, the i/o address is 0xf800 and the IRQ is 10. This information can be used either if the wrong module is being used or if the resources (i/o or IRQ) are not available. This information can either be used to insert a module with a different i/o address (using the modprobe or insmod utilities) or can be saved in /etc/modules.conf (this will save the settings for the next system boot).
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
nameserver 192.168.1.108 |
|
nameserver 192.168.1.1 |
|
search linuxit.org |
-
/etc/hostname or /etc/sysconfig/network is used to give a name to the PC
-
One can also associate a name to a network interface. This is done in differently across distributions.
-
/etc/hosts contains your machine's IP number as well as a list of known hosts
|
# Do not remove the following line, or various programs |
|
# that require network functionality will fail. |
|
127.0.0.1 localhost localhost.localdomain |
|
# other hosts |
|
192.168.1.108 mesa mesa.domain.org |
|
192.168.1.119 pico |
-
/etc/sysconfig/network defines if networking must be started. (can also contain the HOSTNAME variable)
|
NETWORKING=yes |
|
HOSTNAME=mesa.domain.org |
|
GATEWAY=192.168.1.1 |
|
GATEWAYDEV= |
-
/etc/sysconfig/network-scripts/ifcfg-eth0 The configuration parameters for eth0
|
DEVICE=eth0 |
|
BOOTPROTO=none |
|
BROADCAST=192.168.1.255 |
|
IPADDR=192.168.1.108 |
|
NETWORK=192.168.1.0 |
|
ONBOOT=yes |
|
USERCTL=no |
3. Stop and Start Networking
● From the command line
The main tool used to bring up the network interface is /sbin/ifconfig. Once initialised the kernel module aliased to eth0 in /etc/modules.conf (e.g tulip.o) is loaded and assigned an IP and netmask value.
As a result the interface can be switched on and off without loosing this information as long as the kernel module is inserted.
Examples: Using ifconfig.
 /sbin/ifconfig eth0 192.168.10.1 netmask 255.255.128.0
|
|
/sbin/ifconfig eth0 down |
|
/sbin/ifconfig eth0 up |
Another tool is /sbin/ifup. This utility reads the system’s configuration files in /etc/sysconfig/ and assigns the stored values for a given interface. The script for eth0 is called ifcfg-eth0 and has to be configured. If a boot protocol such as DHCP is defined then ifup will start the interface with that protocol.
Examples: Using ifup.
|
/sbin/ifup eth0
|
|
/sbin/ifup ppp0 |
|
/sbin/ifdown eth0 |
●. Using the network script
At boot time the ethernet card is initialised with the /etc/rc.d/init.d/network script. All the relevant networking files are sourced in the /etc/sysconfig/ directory.
In addition the script also reads the sysctl options in /etc/sysctl.conf, this is where you can configure the system as a router (allow IP forwarding in the kernel). For example the line:
net.ipv4.ip_forward = 1
will enable ip forwarding and the file /proc/sys/net/ipv4/ip_forward will contain a one.
The network script is started with the following command
|
/etc/rc.d/init.d/network restart |
●. Renewing a DHCP lease
The following tools can query the DHCP server for a new IP:
pump
dhcpclient
A client daemon exists called dhcpcd (do not confuse this with the DHCP server daemon dhcpd)
4. Routing
A noticeable difference when using a system script such as ifup rather than ifconfig on its own, is that the system’s routing tables are set in one case and not in the other.
This is because either the /etc/sysconfig/network file is read, where a default gateway is stored, or the DHCP server has sent this information together with the IP number. The routing tables are configured, checked and changed with the /sbin/route tool.
Routing examples:
Add a static route to the network 10.0.0.0 through the device eth1 and use 192.168.1.108 as the gateway for that network:
|
/sbin/route add -net 10.0.0.0 gw 192.168.1.108 dev eth1
|
Add a default gateway:
|
/sbin/route add default gw 192.168.1.1 eth0
|
Listing the kernel routing table:
|
/sbin/route -n
|
|
► Kernel IP routing table |
|
Destination Gateway Genmask Iface |
|
192.168.1.0 0.0.0.0 255.255.255.0 eth0 |
|
10.1.8.0 192.168.1.108 255.0.0.0 eth1 |
|
127.0.0.0 0.0.0.0 255.0.0.0 lo |
|
0.0.0.0 192.168.1.1 0.0.0.0 eth0 |
Default Gateway:
In the last listing, the Destination field is a list of networks. In particular, 0.0.0.0 means ‘anywhere’. With this in mind, there are two IP’s in the Gateway field. Which one is the default gateway ?
To avoid having to enter static routes by hand special daemons gated or routed are run to dynamically update routing tables across a network
If you belong to the 192.168.10.0 network and you add a route to the 192.168.1.0 network you may find that machines in the latter network are not responding. This is because no route has been set from the 192.168.1.0 network back to your host!! This problem is solved using dynamic routing.
Permanent Static Routes
If you have several networks with more than one gateway you can use the /etc/sysconfig/static-routes (instead of routing daemons). These routes will be added at boot time by the network script.
Static route configuration is stored in a /etc/sysconfig/network-scripts/route-interface file. For example, static routes for the eth0 interface would be stored in the /etc/sysconfig/network-scripts/route-eth0 file. The route-interface file has two formats: IP command arguments and network/netmask directives.
Example /etc/sysconfig/network-scripts/route-eth0 IP command file:
default 192.168.0.1 dev eth0
10.10.10.0/24 via 192.168.0.1 dev eth0
172.16.1.0/24 via 192.168.0.1 dev eth0
Example /etc/sysconfig/network-scripts/route-eth0 network/netmask IP command file:
ADDRESS0=10.10.10.0
NETMASK0=255.255.255.0
GATEWAY0=192.168.0.1
ADDRESS1=172.16.1.0
NETMASK1=255.255.255.0
GATEWAY1=192.168.0.1
Naming Networks
Using the /etc/networks file it is possible to assign names to network numbers (for network numbers see TCP/IP Networks on p. 40).
|
/etc/networks format |
|
network-name network-number aliases |
For example, the network number 10.0.0.0 can be called office.org, following the above format. It is then possible to use network names with tools like route as below:
|
route add -net office.org netmask 255.0.0.0
|
A routing scenario:
5. Common Network Tools
Here is a short list of tools helpful when trouble shouting network connections.
ping:
This tool sends an ICMP ECHO_REQUEST datagram to a host and expects an ICMP ECHO_RESPONSE.
|
Options for ping | |
|
-b |
ping a broadcast address |
|
-c N |
send N packets |
|
-q |
quiet mode: display only start and end messages |
tcpdump:
This is a tool used to analyse network traffic by capturing network packets. The following commands illustrate some options:
|
Let tcpdump autodetect network interface |
|
tcpdump |
|
Specify a network interface to capture packets from |
|
tcpdump -i wlan0 |
|
Give an expression to match |
|
tcpdump host 192.168.10.1 and port 80 |
Notice that in a switched environment the switch may be configured to send packets to a given network interface only if those packets were addressed to that interface. In that case it is not possible to monitor the whole network.
netstat:
You may get information on current network connections, the routing table or interface statistics depending on the options used.
|
Options for netstat: | |
|
-r |
same as /sbin/route |
|
-I |
display list of interfaces |
|
-n |
don’t resolve IP addresses |
|
-p |
returns the PID and names of programs (only for root) |
|
-v |
verbose |
|
-c |
continuous update |
Example: Output of netstat --inet -n :
► Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 192.168.1.10:139 192.168.1.153:1992 ESTABLISHED
tcp 0 0 192.168.1.10:22 192.168.1.138:1114 ESTABLISHED
tcp 0 0 192.168.1.10:80 192.168.1.71:18858 TIME_WAIT
In the above listing you can see that the local host has established connections on ports 139, 22 and 80.
arp:
Display the kernel address resolution cache.
Example:
|
arp
|
|
► Address HWtype HWaddress Iface |
|
192.168.1.71 ether 00:04:C1:D7:CA:2D eth0 |
traceroute:
Displays the route taken from the local host to the destination host. Traceroute forces intermediate routers to send back error messages (ICMP TIME_EXCEEDED) by deliberately setting the ttl (time to live) value too low. After each TIME_EXEEDED notification traceroute increments the ttl value, forcing the next packet to travel further, until it reaches its’ destination.
|
Options for traceroute: | |
|
-f ttl |
change the initial time to live value to ttl instead of 1 |
|
-n |
do not resolve IP numbers |
|
-v |
verbose |
|
-w sec |
set the timeout on returned packets to sec |
6. Exercises and Summary
Files
|
File |
Description |
|
/etc/resolv.conf |
file containing a list of DNS servers used to resolve computer host names |
|
/etc/sysctl.conf |
configuration file for the sysctl tool used to customise kernel settings in /proc/sys/ |
|
/proc/sys/net/ipv4/ip_forward |
file containing information about the kernel forwarding status. The kernel will either forward or not packets that are addressed to a different host depending if the file contains a 1 or a 0 |
Commands
|
Command |
Description |
|
arp |
print the kernel ARP cache |
|
dhcpcd |
a DHCP client daemon |
|
dhcpclient |
a DHCP client daemon |
|
ifconfig |
ifconfig(8) – is used to configure the kernel-resident network interfaces. It is used at boot time to set up interfaces as necessary |
|
netstat |
netstat(8) – print information about network connections, routing tables, interface statistics, etc |
|
ping |
ping(8) – uses the ICMP protocol’s mandatory ECHO_REQUEST datagram to elicit an ICMP ECHO_RESPONSE from a host or gateway. ECHO_REQUEST datagrams (‘‘pings’’) have an IP and ICMP header, followed by a struct timeval and then an arbitrary number of ‘‘pad’’ bytes used to fill out the packet |
|
pump |
pump(8) – is a daemon that manages network interfaces that are controlled by either the DHCP or BOOTP protocol. While pump may be started manually, it is normally started automatically by the /sbin/ifup script for devices configured via BOOTP or DHCP |
|
route |
route(8) – manipulates the kernel’s IP routing tables. Its primary use is to set up static routes to specific hosts or networks via an interface after it has been configured with the ifconfig(8) program. When the add or del options are used, route modifies the routing tables. Without these options, route displays the current contents of the routing tables |
|
sysctl |
sysctl(8) – is used to modify kernel parameters at runtime. The parameters available are those listed under /proc/sys/ |
|
traceroute |
traceroute(8) - utilizes the IP protocol ‘time to live’ field and attempts to elicit an ICMP TIME_EXCEEDED response from each gateway along the path to some host |
Dostları ilə paylaş: