Presentation is loading. Please wait.

Presentation is loading. Please wait.

Linux Network Setup.

Published byEric McLaughlin Modified over 8 years ago

Similar presentations

Presentation on theme: "Linux Network Setup."— Presentation transcript:

1 Linux Network Setup

2 Introduction Linux can implement different protocols for networking
TCP/IP the most common one We will look at how to setup a simple linux network using Fedora Core 6

3 Network topology – simple configuration
Cable modem eth0 = Firewall/Router eth1 = Hub/Switch eth0 = eth0 = Server/Gateway Workstation 1 Workstation 2 eth0 =

4 Network Components Firewall/router – a modest computer with two network interfaces can easily become a firewall/router if there is no such device available Hub/Switch – a physical device used to extend the network Server – a computer that will be running FC6 and implement DNS, web server and database server. Workstation – a computer that will be running FC6 Except the hub, everything else can be implemented using virtual machines

5 FC6 installation Partitioning the hard drive:
Can be done either manually or automatically(by the installation script) For the beginning the best bet is to let the script do the work for you On the firewall and the server we will install only the packages that we need. On the workstations we will install everything

6 Network installation screen for FC6

7 Installing the Firewall
Use FC6 DVD and proceed with the installation. When prompted for network setup choose to set up hostname manually Type in the name firewall.mynetwork.com Edit the network devices Input the network address for eth0 – If the script shows a configuration option for eth1, edit that one too, and entered the network address for eth1 – – If it does not you will have to configure this interface manually after the system is started In the Miscellaneous Settings area enter The gateway address: (this is the address of the server) The Primary DNS: (this is the address of the server)

8 Installing the Firewall – cont.
All Fedora Core installations include the following network services: centralized logging through syslog through SMTP (Simple Mail Transfer Protocol) network file sharing through NFS (Network File System) remote access through SSH (Secure SHell) resource advertising through mDNS (multicast DNS) The default installation also provides: network file transfer through HTTP (HyperText Transfer Protocol) printing through CUPS (Common UNIX Printing System) remote desktop access through VNC (Virtual Network Computing)

9 Installing the Firewall – cont.
We will choose a minimal installation – packages can be added off the DVD later on if we need to The minimal installation should include DNS Iptables You do not have to worry about the dependencies since the installation script checks for them

10 Installing the Server The installation of the server is similar to that of the firewall except that we can choose to install more packages, even a complete installation. When installing the network, follow the same steps as for the firewall. The IP address of the server is

11 Installing the Server (cont.)
If you want to be conservative – select only the packages that you need to run DNS, Apache and Mysql – you do not have to worry about the dependencies since the installation script checks for them Otherwise, install everything – be aware that install everything does not mean install every single package on the DVD

12 Installing the Workstations
The installation is similar to the server and the firewall

13 TCP/IP Network Configuration files
/etc/resolv.conf - host name resolver configuration file search name-of-domain.com - Name of your domain or ISP's domain if using their name server nameserver XXX.XXX.XXX.XXX - IP address of primary name server nameserver XXX.XXX.XXX.XXX - IP address of secondary name server /etc/hosts - locally resolve node names to IP addresses your-node-name.your-domain.com localhost.localdomain localhost XXX.XXX.XXX.XXX node-name – enter the full qualified network name first then the alias

14 TCP/IP Network Configuration files (cont.)
/etc/nsswitch.conf - System Databases and Name Service Switch configuration file hosts: files dns nisplus nis It tells Linux to first resolve a host name by looking at the local hosts file(/etc/hosts), then if the name is not found look to your DNS server as defined by /etc/resolv.conf and if not found there look to your NIS server

15 TCP/IP Network Configuration files (cont.)
/etc/sysconfig/network Red Hat network configuration file used by the system during the boot process. /etc/sysconfig/network-scripts/ifcfg-eth0 Configuration settings for your first ethernet port (0). Your second port is eth1. /etc/modules.conf alias eth0 eepro100 Modules for other devices on the system will also be listed. This tells the kernel which device driver to use if configured as a loadable module.

16 Fedora Network GUI Configuration Tools - TCP/IP ethernet configuration
Network configuration: /usr/sbin/system-config-network Text console configuration tool: /usr/sbin/system-config-network-tui

17 Fedora Network GUI Configuration Tools – Gnome Desktop
Gnome Desktop Network Configuration /usr/bin/gnome-network-preferences Proxy configuration. Choose one of three options: 1. Direct internet connection 2. Manual proxy configuration (specify proxy and port) 3. Automatic proxy configuration (give URL)

18 Assigning an IP address - Static IP address assignment
Command Line: ifconfig eth netmask broadcast Fedora GUI tools: /usr/bin/neat Gnome GUI network administration tool. Handles all interfaces. Configure for Static IP or DHCP client. Fedora Console tools: /usr/sbin/system-config-network-tui (Text User Interface)

19 More Network Configuration
Directly edit configuration files/scripts The ifconfig command does NOT store this information permanently. Upon reboot this information is lost. (Manually add the commands to the end of the file /etc/rc.d/rc.local to execute them upon boot.) The commands netcfg and netconfig make permanent changes to system network configuration files located in /etc/sysconfig/network-scripts/, so that this information is retained.

20 Fedora Core IP Configuration Files
/etc/sysconfig/network Static IP address Configuration: (Configure gateway address) NETWORKING=yes HOSTNAME=my-hostname Hostname is defined here and by command hostname FORWARD_IPV4=true True for NAT firewall gateways and linux routers. False for everyone else - desktops and servers. GATEWAY="XXX.XXX.XXX.YYY" - Used if your network is connected to another network or the internet. Static IP configuration Gateway not defined here for DHCP client.

21 Fedora Core IP Configuration Files (cont.)
DHCP client configuration NETWORKING=yes HOSTNAME=my-hostname Hostname is defined here and by command hostname (Gateway is assigned by DHCP server.)

22 Fedora Core IP Configuration Files (cont.)
/etc/sysconfig/network-scripts/ifcfg-eth0 This file used by the command scripts ifup and ifdown Static IP address configuration: DEVICE=eth0 BOOTPROTO=static BROADCAST=XXX.XXX.XXX.255 IPADDR=XXX.XXX.XXX.XXX NETMASK= NETWORK=XXX.XXX.XXX.0 ONBOOT=yes Will activate upon system boot TYPE=Ethernet HWADDR=XX:XX:XX:XX:XX:XX GATEWAY=XXX.XXX.XXX.XXX

23 Fedora Core IP Configuration Files (cont.)
DHCP client configuration DEVICE=eth0 ONBOOT=yes BOOTPROTO=dhcp IPV6INIT=no USERCTL=no PEERDNS=yes TYPE=Ethernet HWADDR=XX:XX:XX:XX:XX:XX Used by script /etc/sysconfig/network-scripts/ifup to bring the various network interfaces on-line To disable DHCP change BOOTPROTO=dhcp to BOOTPROTO=none In order for updated information in any of these files to take effect, one must issue the command: service network restart (or: /etc/rc.d/init.d/network restart)

24 Changing the host name This is a three step process:
1. Issue the command: hostname new-host-name 2. Change network configuration file: /etc/sysconfig/network Edit entry: HOSTNAME=new-host-name 3. Restart systems which relied on the hostname (or reboot): * Restart network services: service network restart (or: /etc/rc.d/init.d/network restart) * Restart desktop: o Bring down system to console mode: init 3 o Bring up X-Windows: init 5 One may also want to check the file /etc/hosts for an entry using the system name which allows the system to be self aware

25 Network IP aliasing Assign more than one IP address to one ethernet card: ifconfig eth0 XXX.XXX.XXX.XXX netmask broadcast XXX.XXX.XXX.255 ifconfig eth0: netmask broadcast ifconfig eth0: netmask broadcast route add -host XXX.XXX.XXX.XXX dev eth0 route add -host dev eth0 route add -host dev eth0 n this example 0 and 1 are aliases in addition to the regular eth0

26 Network IP aliasing (cont.)
The result of the ifconfig command: eth Link encap:Ethernet HWaddr 00:10:4C:25:7A:3F inet addr:XXX.XXX.XXX.XXX Bcast:XXX.XXX.XXX.255 Mask: UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:14218 errors:0 dropped:0 overruns:0 frame:0 TX packets:1362 errors:0 dropped:0 overruns:0 carrier:0 collisions:1 txqueuelen:100 Interrupt:5 Base address:0xe400 eth0:0 Link encap:Ethernet HWaddr 00:10:4C:25:7A:3F inet addr: Bcast: Mask: eth0:1 Link encap:Ethernet HWaddr 00:10:4C:25:7A:3F inet addr: Bcast: Mask:

27 Network IP aliasing (cont.)
Config file: /etc/sysconfig/network-scripts/ifcfg-eth0:0 DEVICE=eth0:0 ONBOOT=yes BOOTPROTO=static BROADCAST= IPADDR= NETMASK= NETWORK= Aliases can also be shut down independently. i.e.: ifdown eth0:0

28 Activating and De-Activating your NIC
Activate: /sbin/ifup eth0 (Also: ifconfig eth0 up - Note: Even if no IP address is assigned you can listen.) De-Activate: /sbin/ifdown eth0 (Also: ifconfig eth0 down) These scripts use the scripts and NIC config files in /etc/sysconfig/network-scripts/

29 GUI Interface control/configuration
/usr/bin/system-control-network

30 Adding a network interface card (NIC)
It can be permanently added to /etc/modules.conf alias eth0 3c59x insmod -v 3c59x (For a 3Com ethernet card) Fedora Core has a hardware detection tool called kudzu which will detect any new hardware added to the system and will try to install it and configure it(with the user’s help)

31 Adding a network interface card (NIC) (cont.)
Define network parameters in configuration files /etc/sysconfig/network-scripts/ifcfg-eth1 DEVICE=eth1 BOOTPROTO=static IPADDR= NETMASK= GATEWAY=XXX.XXX.XXX.XXX HOSTNAME=firewall.mydomain.com DOMAIN=mydomain.com Special routing information may be specified, if necessary, in the file /etc/sysconfig/static-routes

32 Adding a network interface card (NIC) (cont.)
Define network parameters using Unix command line interface: Define IP address: ifconfig eth netmask broadcast ifconfig eth netmask broadcast If necessary, define route with with the route command: Examples: route add default gw XXX.XXX.XXX.XXX dev eth0 route add -net XXX.XXX.XXX.0 netmask gw XXX.XXX.XXX.XXX dev eth0 XXX.XXX.XXX.XXX is the gateway to the internet as defined by your ISP or network operator If you make a mistake just repeat the route command substituting "del" in place of "add"

33 Routes route - show / manipulate the IP routing table (Static route)
Examples: Show routing table: route -e Access individual computer host specified via network interface card eth1: route add -host eth1 Access ISP network identified by the network address and netmask using network interface card eth0: route add -net netmask gw eth0 Conversly: route del -net netmask gw eth0 Specify default gateway to use to access remote network via network interface card eth0: route add default gw eth0 (Gateway can also be defined in /etc/sysconfig/network) Specify two gateways for two network destinations: (i.e. one external, one internal private network. Two routers/gateways will be specified.) Add internet gateway as before: route add default gw eth0 Add second private network: route add -net netmask gw eth1 routed - network routing daemon. Uses RIP protocol to update routing table. ipx_route - show / manipulate the IPX routing table - IPX is the Novell networking protocol (Not typically used unless your office has Novell servers) ifuser - Identify destinations routed to a particular network interface.

34 Domain Name Server (DNS) configuration - Primary server (master)
File: /etc/named.conf options { version "Bind"; Don't disclose real version to hackers directory "/var/named"; allow-transfer { XXX.XXX.XXX.XXX; }; - IP address of secondary DNS recursion no; fetch-glue no; Bind 8 only! Not used by version 9 }; zone "your-domain.com"{ type master; file "named.your-domain.com"; notify yes; zone " in-addr.arpa"{ file "named.local"; allow-update { none; };

35 Domain Name Server (DNS) configuration - Primary server (master)
File: /var/named/named.mydomain.com

36 $TTL Bind 9 (and some of the later versions of Bind 8) requires $TTL statement. Measured in seconds. This value is 7 days. mydomain.com. IN SOA server.mydomain.com. hostmaster.mydomain.com. ( ; serial - Many people use year+month+day+integer as a system. Never greater than for a 32 bit processor. 86400 ; refresh How often secondary servers (in seconds) should check in for changes in serial number. (86400 sec = 24 hrs) 7200 ; retry How long secondary server should wait for a retry if contact failed. ; expire Secondary server to purge info after this length of time. ) ; default_ttl - How long data is held in cache by remote servers. IN A Note that this is the default IP address of the domain. I put the web server IP address here so that domain.com points to the same servers as ; ; Name servers for the domain IN NS server.mydomain.com. ; Mail server for domain IN MX server Identify "mail" as the node handling mail for the domain. Do NOT specify an IP address! ; Nodes in domain workstation1 IN A Note that this is the IP address of workstation1 workstation2 IN A Note that this is the IP address of workstation1 server IN A Optional: For hosting your own primary name server. Note that this is the IP address of server firewall IN A this is the IP address of the firewall IN MX Identify the IP address for mail server named server

37 Domain Name Server (DNS) configuration - Secondary server (slave)
File: named.conf options { version "Bind"; Don't disclose real version to hackers directory "/var/named"; allow-transfer { none; }; recursion no; fetch-glue no; Bind 8 only! Not used by version 9 }; zone "your-domain.com"{ type slave; file "named.mydomain.com"; - Specify slaves/named.your-domain.com for RHEL chrooted bind masters { ; }; - IP address of primary DNS zone " in-addr.arpa"{ type master; file "named.local";

38 DNS GUI configuration /usr/bin/system-config-bind

39 DNS Most modern Linux distributions default to a "chrooted" installation. This technique runs the Bind name service with a view of the filesystem which changes the definition of the root directory "/" to a directory in which Bind will operate. i.e. /var/named/chroot. The latest Fedora bind updates run the named as user "named" to avoid a lot of earlier hacker exploits. To chroot the process is to create an even more secure environment by limiting the view of the system that the process can access. The process is limited to the chrooted directory assigned

40 Chrooted DNS configuration
Directory: /var/named/chroot Configuration files: /var/named/chroot/etc devices used by bind: /var/named/chroot/dev /dev/null /dev/random /dev/zero Zone files and configuration information: /var/named/chroot/var

41 More DNS HOWTO

Download ppt "Linux Network Setup."

Similar presentations

Jump to first page Setup Ethernet & PPP client on Laptop computer Presented by: Xuewu Cai Jianfang Wang.

Jump to first page Setup Ethernet & PPP client on Laptop computer Presented by: Xuewu Cai Jianfang Wang.
Static Routing Exercise AFNOG 2003/ Track 2 # 1 Static Routing Exercise u Unix network interface configuration u Cisco network interface configuration.

Static Routing Exercise AFNOG 2003/ Track 2 # 1 Static Routing Exercise u Unix network interface configuration u Cisco network interface configuration.
Static Routing Exercise. What will the exercise involve?  Unix network interface configuration  Cisco network interface configuration  Static routes.

Static Routing Exercise. What will the exercise involve?  Unix network interface configuration  Cisco network interface configuration  Static routes.
CIS 193A – Lesson9 Network Infrastructure. CIS 193A – Lesson9 Focus Question What are three high level subnets a corporate intranet will want to support?

CIS 193A – Lesson9 Network Infrastructure. CIS 193A – Lesson9 Focus Question What are three high level subnets a corporate intranet will want to support?
DHCP -Ameeta and Haripriya -cmsc 691x. DHCP ► Dynamic Host Configuration Protocol ► It controls vital networking parameters of hosts with the help of.

DHCP -Ameeta and Haripriya -cmsc 691x. DHCP ► Dynamic Host Configuration Protocol ► It controls vital networking parameters of hosts with the help of.
1 Dynamic DNS. 2 Module - Dynamic DNS ♦ Overview The domain names and IP addresses of hosts and the devices may change for many reasons. This module focuses.

1 Dynamic DNS. 2 Module - Dynamic DNS ♦ Overview The domain names and IP addresses of hosts and the devices may change for many reasons. This module focuses.
Linux+ Guide to Linux Certification, Second Edition

Linux+ Guide to Linux Certification, Second Edition
Linux network troubleshooting If your network connection is not working..

Linux network troubleshooting If your network connection is not working..
Web Server Administration

Web Server Administration
1 Linux Networking and Security Chapter 2. 2 Configuring Basic Networking Describe how networking devices differ from other Linux devices Configure Linux.

1 Linux Networking and Security Chapter 2. 2 Configuring Basic Networking Describe how networking devices differ from other Linux devices Configure Linux.
Web Server Administration Chapter 4 Name Resolution.

Web Server Administration Chapter 4 Name Resolution.
DNS server & Client Objectives Contents

DNS server & Client Objectives Contents
The Domain Name System. CeylonLinux DNS concepts using BIND 2 Hostnames IP Addresses are great for computers –IP address includes information used for.

The Domain Name System. CeylonLinux DNS concepts using BIND 2 Hostnames IP Addresses are great for computers –IP address includes information used for.
Linux Networking TCP/IP stack kernel controls the TCP/IP protocol Ethernet adapter is hooked to the kernel in with the ipconfig command ifconfig sets the.

Linux Networking TCP/IP stack kernel controls the TCP/IP protocol Ethernet adapter is hooked to the kernel in with the ipconfig command ifconfig sets the.
Linux+ Guide to Linux Certification, Second Edition Chapter 14 Network Configuration.

Linux+ Guide to Linux Certification, Second Edition Chapter 14 Network Configuration.
Linux+ Guide to Linux Certification, Second Edition Chapter 3 Linux Installation and Usage.

Linux+ Guide to Linux Certification, Second Edition Chapter 3 Linux Installation and Usage.
Network Management And Debugging

Network Management And Debugging
Linux Networking TCP/IP stack – kernel controls the TCP/IP protocol – Ethernet adapter is hooked to the kernel in with the ipconfig command – ifconfig.

Linux Networking TCP/IP stack – kernel controls the TCP/IP protocol – Ethernet adapter is hooked to the kernel in with the ipconfig command – ifconfig.
Linux Setting up your network. Basic Approaches Configure during installation –Disadvantage -> not able to redo easily –Advantage-> holds your hand Configure.

Linux Setting up your network. Basic Approaches Configure during installation –Disadvantage -> not able to redo easily –Advantage-> holds your hand Configure.
Module 9 - Networking. 1.Network Concepts and Commands 2.Network Files 3.Network Services 4.Configure a network device 5.Network File-System (NFS & CIFS)

Module 9 - Networking. 1.Network Concepts and Commands 2.Network Files 3.Network Services 4.Configure a network device 5.Network File-System (NFS & CIFS)

Similar presentations

Ads by Google