------------------------- Week 08 Notes for NET2003 ------------------------- -Ian! D. Allen - idallen@idallen.ca Remember - knowing how to find out an answer is more important than memorizing the answer. Learn to fish! RTFM! (Read The Fine Manual) Keep up on your readings (Course Outline: average 5 hours/week homework) [************************************************************] [************************************************************] [*** Students should be taking their own notes in class ***] [*** and updating them with my published summaries. ***] [************************************************************] [************************************************************] Abbreviation "ALN" = your "Advanced Linux Networking" text by R.W.Smith Script control flow ------------------- Useful tests for IF statements: test -z -n -r -w -x -s -e -L -f -d Combining tests using -a or -o: test -r foo -a -w foo Q: Know the meanings of: test -z -n -r -w -x -s -e -L -f -d Q: Know how to combine tests using -a (and) and -o (or) Text-based Internet Protocols ----------------------------- HTTP: Hyper Text Transfer Protocol RFC: http://tools.ietf.org/html/rfc2616 see Notes file http_session.txt SMTP: Simple Mail Transfer Protocol RFC: http://tools.ietf.org/html/rfc2821 see Notes file smtp_session.txt POP3: Post Office Protocol Version 3 RFC: http://tools.ietf.org/html/rfc1939 http://www.electrictoolbox.com/article/networking/pop3-commands/ see course text ALN p.263 - try using this on your Algonquin account inmail.algonquincollege.com NNTP: Network News Transport Protocol RFC: http://tools.ietf.org/html/rfc977 see Notes file nntp_session.txt Q: T/F HTTP, SMTP, POP3, and NNTP are text-based Internet protocols that you can operate directly using a text program such as netcat. Journalling File System ----------------------- You created "journalling" file systems on your virtual disk, using the "-t ext3" option to mkfs. Another way to request this kind of file system is to use the "-j" (Journalling) option to the original "mke2fs" command. This type of Linux journalling file system is usually called "ext3", and some distributions have a small shell script named "mke3fs" that simply calls mke2fs with the "-t ext3" or "-j" option. Journalling file systems are more resistant to corruption due to sudden power loss, allowing the system to come back up more quickly by avoiding a long file system check at boot time. (This does *NOT* give you permission to power off a running Linux system! Always shut down cleanly.) Q: What is the advantage of a journalling file system? Debian package tools -------------------- # apt-get update # apt-get install pkgname # dpg-query -W pkgname # dpg-query -l pkgname # dpg-query -p pkgname # apt-show-versions | grep pkgname # dpg-query -L pkgname # dpg-query -S filename # apt-file list package_pattern # apt-file search package_pattern # apt-cache search pathname Q: What command fetches and installs a package on a Debian system? Getting a machine on the net - network parameter requirements ------------------------------------------------------------- At minimum, your machine needs two network parameters to be a good network citizen: 1. an IP address assigned to at least one connected network card 2. a network mask or prefix length, so you the machine knows which IP addresses are on the local net and which are not Q: What are the two minimum network parameters needed to allow your machine to talk on the local network? If you want to talk to more than your local network, you also need: 3. the IP address of a gateway machine (for off-net access) Q: What are the three minimum network parameters needed to allow your machine to talk to machines not on your local network? If you want to use names instead of IP addresses, you need: 4. addresses of DNS server(s) to resolve host names 5. a host name for your machine (fully qualified with a domain name) You can program your machine with all or some these things directly (static addressing); or, you can have your machine broadcast a request to see if some other machine on the network has its configuration info: DHCP, BOOTP(old), RARP The Unix "hostname" command shows and sets the machine host name. ALN p.48 Q: What command sets or shows your system host name? The Unix "ifconfig" command shows and sets IP addresses and network masks on interfaces. ALN p.36 Q: What command sets and shows your network interface parameters? A "gateway" machine is a machine on your local network to which packets will be sent if your machine doesn't know where else to send them. Without a gateway, your machine can only communicate with other machines on the local network segment (the local ARP domain). The "route" and "ip route" commands can set and display network route tables that use gateway IP addresses, including the "default" route to your gateway machine(s). ALN p.40-42 Q: What command(s) set and show your kernel network routing tables? The "arp" command shows the kernel table listing current known MAC addresses on the local network. Q: What command shows the currently known MAC addresses? You can run your machine without defining any DNS servers, in which case you will have to use IP addresses (not names) for all hosts. If you want to use DNS names, The file /etc/resolv.conf ("man resolv.conf") contains the definitions of your domain name and your DNS servers. ALN p.47 A network broadcast address can be calculated from IP and mask. Q: What Internet network access is possible without a DNS server? Q: What Internet network access is possible without a gateway machine? Q: What Internet network access is possible without a network mask? Q: I want my computer to talk to another computer on the same network as mine. What minimum network configuration do I need? Q: I want my computer to talk to another computer on a different network from mine. What minimum network configuration do I need? Q: What file stores the addresses of the DNS servers used by this machine? Network configuration - DHCP or static -------------------------------------- With reference to the above network parameter requirements: DHCP often supplies the host name for your machine. Whether or not DHCP is used depends on how the distribution is configured at boot. Often, the act of bringing up an interface will also bring up the DHCP client for that interface, if the config file says to do so. *** Debian-style systems 1. Debian systems keep network information in /etc/network/interfaces ("man 5 interfaces"). All the interfaces are configured in one single file. The "dhcp" keyword indicates using DHCP. The "ifup" and "ifdown" commands use this file. (ALN p.34 bottom) 2. Debian program defaults are usually kept under /etc/default/ Q: What is the principal network config file for Debian systems? Q: What config file is used by the Debian "ifup" and "ifdown" commands? Q: What Debian network keyword, used in the interfaces file, indicates that an interface uses DHCP? A. Configuring DHCP networking ALN p.33 ------------------------------ For the DHCP client to work, your system must have some DHCP client software package installed. One package is "pump" (the exact version number will vary): # dpkg-query -W pump pump 0.8.24-1 Q: What is the name of the default DHCP client on a Debian system? A DHCP-configured machine usually receives all the required network parameters (hostname and domain, IP address, Gateway address, and DNS server info) via the DHCP protocol. Q: What basic network information is supplied to a client by a DHCP server? All Unix/Linux machines keep DNS resolver information in "/etc/resolv.conf". The /etc/resolv.conf file is set up automatically (overwritten!) when your client gets its IP address via DHCP. Q: What file gets overwritten when a DHCP server supplies your system with the IP addresses of DNS servers? You can use the following commands to query the state of your machine (host name, IP address(es), gateway address [default route], and DNS information): # hostname foo.happy.machine.ca # ifconfig eth0 eth0 Link encap:Ethernet HWaddr 01:A0:CC:2C:A8:00 inet addr:192.168.1.2 Bcast:192.168.1.255 Mask:255.255.255.0 [...] # route Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 192.168.1.0 * 255.255.255.0 U 0 0 0 eth0 default 192.168.1.1 0.0.0.0 UG 0 0 0 eth0 # ip route 192.168.1.0/24 dev eth0 proto kernel scope link src 192.168.1.2 default via 192.168.1.1 dev eth0 # cat /etc/resolv.conf search happy.machine.ca domain happy.machine.ca nameserver 192.168.1.3 nameserver 192.168.1.4 Q: What commands let you determine these basic network settings: machine name, interface addresses, routing tables, DNS servers ? You can use the above commands to display the current host name, network, route, and DNS information. Given a properly configured DHCP server, there is no need to manually use "hostname", "ifconfig" or "route" to configure your network address or routing tables - the networking start-up script (run via symbolic links in the /etc/rc?.d directories) should examine your network config file, discover that you want DHCP, and do all the netowrk configuration for you. Debian network start-up script: /etc/init.d/networking Q: What is the name of the system start-up script for networking on a Debian system? Q: What is the principal network config file for Debian systems? Q: What file stores the addresses of the DNS servers used by this machine? B. Configuring static networking -------------------------------- If you use static addresses instead of DHCP for one or more of your network interfaces, you must set some or all of the required network configuration parameters yourself (host name, IP address(es), gateway machine, DNS servers). You may not have to set all of the parameters if your host has multiple interfaces and some other interface already sets some of the required network parameters (e.g. you may already have a DNS server configured). If you use only static IP addressing (no DHCP), you must manually set your host name and domain, IP address, network mask, gateway IP (default route), and DHCP servers. Without DHCP, some systems set your hostname at boot time using an init.d script. Often the script gets the information from a text file named /etc/hostname or /etc/HOSTNAME. DNS domain and name server info are kept in file /etc/resolv.conf. ("man resolv.conf") For a static network, you must edit this file. Debian systems set all the network interface parameters in one big file /etc/network/interfaces ("man 5 interfaces"). Q: What is the principal network config file for Debian systems? Q: What file stores the addresses of the DNS servers used by this machine? Linux Networking Booting / Start / Stop / Restart ------------------------------------------------- ALN Chapter 4 - "Starting Servers" p.79-89 ------------- Read: Using SysV startup scripts Read: Using inetd Skip: the /etc/inetd.conf file format Read: using TCP wrappers Read: Using xinetd Read: Using local startup scripts Skip: Using GUI tools Read: When to use each startup method Read: Summary Most Unix/Linux distributions provide a SysV RC "network" start-up script - may be called /etc/init.d/network or networking - script may detect and load special modules (e.g. ipv6) - script may set network kernel options using sysctl - see /etc/sysctl.conf - may use helper scripts such as "ifup" and "ifdown" to start network - Debian: see info in master network config file /etc/network/interfaces - Debian: each network device has a stanza in the one "interfaces" file - may start network interface monitoring programs such as ifplugd - see the config file under /etc/ifplugd/ - enabling the network device also adds a route for that device, and possibly a gateway for that network Q: What is the name of the Debian network start-up script? Q: What is the principal network config file for Debian systems? Q: What config file is used by the Debian "ifup" and "ifdown" commands? start-up script symlinks in /etc/rc?.d/ or /etc/rc.d/rc?.d/ start "daemons" - many daemon programs listen on well-known TCP and UDP network ports - /etc/services is a plain text list of names of many well-known ports - see also the master list at http://www.iana.org/assignments/port-numbers Q: Where are the links to start-up scripts for run level 3 kept? Debian networking is started/stopped using the SysV script "networking". At boot time, this start-up script calls "ifup -a" to bring up all interfaces configured as "auto" in /etc/network/interfaces. The main "networking" SysV script is linked symbolically into the run level directories rc?.d. You can also call the script manually: # /etc/init.d/networking stop # /etc/init.d/networking start The start-up script will only configure interfaces listed as "auto" in /etc/network/interfaces - if that file is empty, nothing happens. Q: What does the "auto" keyword mean in the Debian "interfaces" file? Using a network start/stop script will affect all your configured network interfaces, including the "loopback" interface, and configure your default gateway. Using the "ifup" and "ifdown" scripts affects only one interface and may not set your default gateway. Use the main network script unless you are doing something unusual. Q: What is the Debian name of the networking start-up script? Q: What is the principal network config file for Debian systems? Q: What file stores the addresses of the DNS servers used by this machine? Q: What config file is used by the Debian "ifup" and "ifdown" commands? Network-related system start-up scripts --------------------------------------- Once you have your network working, it's time to enable network and other system servers. Servers often write errors into the system log; so, we need a working system log before we try to configure servers. System Logging - file /etc/syslog.conf and directory /var/log/ -------------- System logging is configured via /etc/syslog.conf and managed by SysV scripts such as klogd and sysklogd. The main daemon name is usually "syslogd" with a Kernel daemon "klogd". Logs are usually stored under directory /var/log/; but, /etc/syslog.conf may put them anywhere. In the VNS, the base VNS machine writes log info to console /dev/tty3 and the individual UML machines will log to the main console /dev/vc0 when logging is enabled. (Logging is not enabled in the UML machines.) In a VNS UML, don't enable logging unless you redirect the logs to something that isn't your console terminal! (Edit syslog.conf first!) Q: What is the name of the master system logger config file? Q: Under what directory are most log files usually stored? Network Diagnostic Tools ------------------------ Please re-read the "Acceptable Use Warning" on the course home page. Note that at Algonquin College many/most network probe ports and protocols (even ping and sometimes traceroute) are blocked and will *NOT* work. Sorry! Try them at home instead. These tools are helpful in diagnosing network problems: arp - show/change MAC addresses currently known to this host ethereal - GUI packet sniffer fuser - (-n tcp, -n udp) list processes with open TCP or UDP ports mtr - ping-style traceroute: packet route diagnostic netcat (nc) - Network Swiss Army Knife: connect/listen to ports netstat -natu - list open and listening TCP and UDP connections nmap - Network Mapper - port prober ping - ICMP echo generator/receiver tcpdump - command-line (non-GUI) packet sniffer telnet - TCP connection program: use when netcat is not available traceroute - packet route diagnostic Major service port numbers (often seen in trace output): - port numbers are given names in the file /etc/services - see also the master list at http://www.iana.org/assignments/port-numbers TCP 20 ftp-data TCP 21 ftp (control) TCP 22 SSH TCP 23 telnet TCP 25 SMTP (sending mail only) UDP/TCP 53 domain (DNS) UDP 67-68 DHCP TCP 80 HTTP (WWW) TCP 110 POP3 (receiving mail only) TCP 113 ident (identifying incoming TCP connections) TCP 119 NNTP (Network News) UDP/TCP 123 NTP (Network Time) UDP/TCP 137-139 Microsoft netbios (SMB) (Samba) TCP 443 HTTPS (secure WWW) UDP/TCP 445 Microsoft-DS UDP/TCP 631 Internet Printing Protocol (IPP - CUPS) Individual network servers/daemons (e.g. ssh, http) may start up individually through individual start-up scripts, or they may run on demand out of the master "inetd" or "xinetd" super-servers (ALN p.89,96). A server must be configured to start individually or to start via xinetd - having both enabled will cause a port conflict. Do it one way or the other. Q: T/F A network server may be configured to start via xinetd and via an init.d script at the same time. Network Configuration Files --------------------------- If your computer has simple network connectivity, you never need to use any of the low-level Linux network or routing commands. Either DHCP configures your system for you; or, you set up static routing using system configuration files (which differ between RedHat and Debian systems): On Debian (Ubuntu, Knoppix, etc.): - One network config file for all interfaces: /etc/network/interfaces - "ifup" and "ifdown" use this file (empty file, no networking!) - the Debian network start-up script /etc/init.d/networking uses this file by calling the "ifup -a" command (no file, no networking!) - Sample /etc/network/interfaces file: # This file describes the network interfaces available on your system # and how to activate them. For more information, see interfaces(5). # The loopback network interface, auto-started at boot auto lo iface lo inet loopback # The primary network interface, auto-started at boot auto eth0 iface eth0 inet static address 192.168.1.1 netmask 255.255.255.0 network 192.168.1.0 broadcast 192.168.1.255 gateway 192.168.1.254 # This is all you need for a dhcp interface, auto-started at boot auto eth1 iface eth1 inet dhcp Q: What is the format of the Debian master network config file? If you have special routing needs, you will need to understand Linux routing and add special routing commands to the networking config files. Configuring static networking - ALN p.36 ----------------------------- - What minimum network parameters need to be set to manually configure a machine to be a "good network citizen" with a static IP address? - What command sets/shows the global host name of a Linux machine? (ALN p.48) - What command shows the IP addresses on each network interface? (ALN p.36) - What command shows the default gateway? (ALN p.40-42) - What command shows the list of DNS servers? (ALN p.46-47) - True/False: once you have put DNS servers in the /etc/resolv.conf file, you must start/stop the network using the /etc/init.d/network script to make the changes active. p.48 - True/False: a Linux computer with multiple network interfaces will normally have a main host name and also separate names for each network interface. p.49 - True/False: Using the "hostname", "ifconfig" and "route" commands makes permanent changes to your system that will re-appear on reboot. p.49 - True/False: a static configuration doesn't need a Gateway machine or default route. - True/False: giving a single interface name argument to the ifconfig command toggles the interface (if the interface is up, it takes it down; if down, it brings it up) p.37 - True/False: if you don't supply a netmask to the ifconfig command when you bring up an interface, the netmask is set based on the traditional TCP/IP class (A,B,C) of the address. p.37 - What is the traditional/default netmask for IP address 10.34.56.78? p.39 Linux routing - ALN p.40 ------------- - What are the two functions of the Linux routing table? p.40 - How does Linux find out the IP addresses of hosts on a directly-connected network? p.40 - What is the purpose of a "gateway" IP address? p.40 - What command configures the Linux routing table? p.41 - True/False: Linux systems only allow one gateway address. p.41 - In which order does the kernel match an outgoing packet destination address against the table of routes? p.41 - What is another common name for the most general route in the routing table (the route that matches any address)? p.41 - How does using the ifconfig command affect the routing table? p.42 - True/False: using the route command without any parameters, or with just the "-n" parameter, clears the current routing table. p.42 - What is the most common use of the "route" command? p.44 - True/False: the ifconfig command also adds a route to your gateway. p.44 - What are the two types of actions needed to manually configure a machine with multiple interfaces and one gateway? p.44 - True/False: it is safe and normal for a router to run non-routing software (e.g. a GUI, web server, ssh, telnet, etc.). p.44 Configuring NTP - ALN Chapter 10 - p.241 Maintaining Consistent Time: Time Servers ----------------------------------------- Read: When to run a time server Read: Setting up an NTP server Skip: Using samba to serve time Read: Summary Canadian time servers (stratum 2): time.nrc.ca and time.chu.nrc.ca - http://inms-ienm.nrc-cnrc.gc.ca/time_services/network_time_protocol_e.html - why run a time server at all? p.242 - what is a "stratum 3" or "stratum 4" time server? p.243 - what is "slewing" a system clock? p.244 - True/False: the ntp program can correct any size time differences. p.244 - True/False: the Linux ntp service start-up script calls the ntpdate program to correct large clock differences. (go look at the script!) - True/False: running NTP automatically keeps your system's hardware clock synchronized. p.245 - True/False: The NTP service on Linux is server-only. Other compters can connect to this computer to receive time information; but, this computer does not synchronize with other computers unless you install another package than ntp). p.245/246 - True/False: the "rdate" program (p.246) is not installed on your Debian system. - where is the ntp configuration file kept? p.246 - how do you specify the names of time servers in the config file? p.246 - True/False: the default config file supplied with Debian Linux for the NTP packages does not work. p.247 - what network tool is useful in choosing the best NTP server for your location? p.248 - how do you get ntp to re-read its configuration file? p.248 - can some NTP servers require authentication? p.252 - True/False: if you have many computers, you should configure them all to query the same remote ntp servers. p.252 - True/False: if you want high-precision time keeping, you should run the ntpdate program instead of ntp. p.252 - True/False: the ntpdate program is replacing ntp. p.253 - ntp runs continually as a server daemon. How do you run ntpdate? p.254 - True/False: the best time to synchronize your system clock is at midnight, when other time servers are most accurate. p.254