 |
Figure 15.1
A simple gateway
Networks, connecting computers to networks and managing those networks are probably the most important, or at least the most hyped, areas of computing at the moment. This and the following chapter introduce the general concepts associated with TCP/IP-based networks and in particular the knowledge required to connect and use Linux computers to those networks.
This chapter examines how you connect a Linux machine and configure it to provide basic network connections and services for other machines. Network applications, how they work and what you can do with them, is the topic for the following chapter.
This chapter introduces the process and knowledge for connecting a Linux machine to a TCP/IP network from the lowest level up using the following steps
§
network hardware
Briefly looks at the hardware peripherals that allow network connections and in
particular the network hardware which Linux supports.
§
network support in the Linux kernel
Many of the networking services require support from the kernel of the operating
system. This section examines what
support for network services the Linux kernel provides.
§
configuring the network connection
Once the hardware is installed and the kernel rebuilt the network connection
must be configured. Linux/UNIX uses
a number of specific commands to perform these tasks.
Each of these steps requires an understanding of the operation and basics of TCP/IP networks. These concepts are introduced throughout the sections as they are required.
As you might expect there is a large amount of information about creating and maintaining TCP/IP networks on the Internet. The following is a small list of some of that material
§
Linux NET-3-HOWTO
A good, succinct source of information specific to Linux networking.
Available from the Linux Documentation Project of which there is a mirror
on the 85321 Web site/CD-ROM (see the link "LDP" on the Resource
Materials Page). The LDP also includes a number of other HOW-TOs on network
related topics including DNS, Ethernet, Firewall, IPX, ISP Hookup, Intranet Server, NFS, NIS, PPP, SMB and a
number of other mini-howtos. As
always when looking for information about using Linux for some purpose, looking
through the HOW-TOs is a good idea.
§
Network Administrators Guide
A book which has been published by O'Rielly and Associates (http://www.ora.com/) but is also freely
available as part of the Linux Documentation Project. Also available from the LDP in HTML or Postscript format.
§
Linux
network project
Development on the Linux networking code is an on-going project.
The project leader maintains a Web site which contains information about
the current developments. It's
located at http://www.uk.linux.org/NetNews.html
§
comp.os.linux.networking
A newsgroup specifically for discussions about Linux networking.
§
TCP/IP introduction and administration,
Documents produced by Rutgers
University. Available via ftp from
the URLsftp://athos.rutgers.edu/runet/tcp-ip-intro.{doc|ps}
tcp-ip-admin.{doc|ps|} and also from the 85321 Web site (but not the
CD-ROM) under the Resource Materials section for Week 9.
§
RFC Database
RFCs (Request for comments) are the standards documents
for the Internet. A Web-based interface to the collection of RFCs is available
from http://pubweb.nexor.co.uk/public/rfc/index/rfc.html
§
Linux for an ISP
A number of Internet Service Providers from throughout the world use Linux
servers. There is a Web page which
maintains a list of links of interest to these folk. It is available at http://www.anime.net/linuxisp/
Some of the links are dated.
The first step in connecting a machine to a network is to find out what sort of network hardware you will be using. The aim of this unit and this chapter is not to give you a detailed introduction to networking hardware. If you are interested in the topic there are a number of readings and resources mentioned throughout this section.
Before you can use a particular type of networking hardware, or any hardware for that matter, there must be support for that device in the Linux kernel. If the kernel doesn't support the required hardware then you can't use it. Currently the Linux kernel offers support for the networking hardware outlined in list below. For more detailed information about hardware support under Linux refer to the Hardware Compatibility HOWTO available from your nearest mirror of the Linux Documentation Project.
§ arcnet
§ ATM http://lrcwww.epfl.ch/linux-atm/
§ AX25, amateur radio
§
EQL
EQL allows you to treat multiple point-to-point connections (SLIP, PPP) as a
single logical TCP/IP connection.
§ FDDI
§ Frame relay
§ ISDN
§ PLIP
§ PPP
§ SLIP
§
radio modem, STRIP, Starmode Radio IP
http://mosquitonet.standford.edu/{mosquitonet.html|strip.html}
§ token ring
§ X.25
§ WaveLan, wireless, card, and
§ ethernet
In most "normal" situations the networking hardware being used
will be either
§
modem
A modem is a serial device so your Linux kernel should support the appropriate
serial port you have in your computer. The
networking protocol used on a modem will be either SLIP or PPP which must also
be supported by the kernel.
§
ethernet
Possibly the most common form of networking hardware at the moment.
There are a number of different ethernet cards.
You will need to make sure that the kernel supports the particular
ethernet card you will be using. The
Hardware Compatibility HOW-TO includes this information.
As mentioned in chapter 10 the only way a program can gain access to a physical device is via a device file. Network hardware is still hardware so it follows that there should be device files for networking hardware. Under other versions of the UNIX operating system this is true. It is not the case under the Linux operating system.
Device files for networking hardware are created, as necessary, by the device drivers contained in the Linux kernel. These device files are not available for other programs to use. This means I can't execute the command
cat < /etc/passwd > /dev/eth0
The only way information can be sent via the network is by going through the kernel.
Remember, the main reason UNIX uses device files is to provide an abstraction which is independent of the actual hardware being used. A network device file must be configured properly before you can use it send and receive information from the network. The process for configuring a network device requires a bit more background information than you have at the moment. The following provides that background and a later section in the chapter examines the process and the commands in more detail.
The installation process for RedHat 5.0 will normally perform some network configuration for you. To find out what network devices are currently active on your system have a look at the contents of the file /proc/net/dev
[david@faile]$ cat
/proc/net/dev
Inter-| Receive
| Transmit
face |packets errs drop fifo
frame|packets errs drop fifo colls carrier
lo: 91
0 0
0 0 91
0 0
0 0 0
eth0: 0
0 0
0 0 60
0 0
0 0 60
On this machine there are two active network devices. lo: the loopback device and eth0: an ethernet device file. If a computer has more than one ethernet interface (network devices are usually called network interfaces) you would normally see entries for eth1 eth2 etc.
IP aliasing (talked about more later) is the ability for a single
ethernet card to have more than one Internet address (why this is used is also
discussed later). The following
example shows the contents of the /proc/net/dev file for a machine using IP
aliasing. It is not normal for
an ethernet card to have multiple IP addresses, normally each ethernet
card/interface will have one IP address.
[david@cq-pan ]$ cat
/proc/net/dev
Inter-| Receive
| Transmit
face |packets errs drop fifo frame|packets errs drop fifo colls carrier
lo: 285968 0
0 0
0 285968
0 0
0 0
0
eth0:61181891 59
59 0
89 77721923 0
0 0 11133617
57
eth0:0: 48849 0
0 0
0 212
0 0
0 0
0
eth0:1: 10894 0
0 0
0 210
0 0
0 0
0
eth0:2: 481325 0
0 0
0 259
0 0
0 0 0
eth0:3: 29178 0
0 0
0 215
0 0
0 0
0
You can see that the device files for an aliased ethernet device uses the
format ethX:Y where X is the number for the ethernet card and Y is the number of
the aliased device. Since aliased
devices use the same ethernet card they must use the same network, after all you
can't connect a single ethernet card to two networks.
The following provides some very brief
background information on ethernet which will be useful in the rest of the
chapter.
Every ethernet card has built into it a 48 bit address (called an Ethernet address or a Media Access Control (MAC) address). The high 24 bits of the address are used to assign a unique number to manufacturers of ethernet addresses and the low 24 bits are assigned to individual ethernet cards made by the manufacturer.
Some example ethernet addresses, you will notice that ethernet addresses are written using 6 tuples of HEX numbers, are listed below
00:00:0C:03:79:2F
00:40:F6:60:4D:A4
00:20:AF:A4:55:87
00:20:AF:A4:55:7B
Notice that the last two ethernet cards were made by the same manufacturer (with the manufacturers number of 00:20:AF).
Ethernet is a broadcast medium
Every packet, often called an ethernet frame, of information sent on ethernet contains a source and destination MAC address. The packet is placed on a ethernet network and every machine, actually the ethernet card, on the network looks at the packet. If the card recognises the destination MAC as its own it "grabs" the packet and passes it to the Network access layer.
It is possible to configure your ethernet card so that it grabs all
packets sent on the network. This
is how it is possible to "listen in" on other people on a ethernet
network.
A single ethernet network cannot cover much more than a couple of hundred meters. How far depends on the type of cabling used.
The network access layer, the lowest level of the TCP/IP protocol stack is responsible for converting Internet addresses into hardware addresses. This is how TCP/IP can be used over a large number of different networking hardware. As you might have guessed different networking hardware uses different addressing schemes.
The mapping of ethernet addresses into Internet addresses is performed by the Address Resolution Protocol (ARP). ARP maintains a table that contains the translation between IP address and ethernet address.
When the machine wants to send data to a computer on the local ethernet network the ARP software is asked if it knows about the IP address of the machine (remember the software deals in IP addresses). If the ARP table contains the IP address the ethernet address is returned.
If the IP address is not known a packet is broadcast to every host on the local network, the packet contains the required IP address. Every host on the network examines the packet. If the receiving host recognises the IP address as its own, it will send a reply back that contains its ethernet address. This response is then placed into the ARP table of the original machine (so it knows it next time).
The ARP table will only contain ethernet addresses for machines on the local network. Delivery of information to machines not on the local network requires the intervention of routing software which is introduced later in the chapter.
On a UNIX machine you can view the contents of the ARP table using the arp command. arp -a will display the entire table.
The following example shows how the arp cache for a computer is built as
it goes. In the first use of the
arp command you can see three machines in the cache, centaurus, draal and a ?.
The ? is almost certainly one of the NT computers in the student labs at
CQU. Draal is one of the Linux
computers used by project students and centaurus is the gateway between the
138.77.37 network and the rest of the world.
[root@cq-pan logs]# /sbin/arp
–a
centaurus.cqu.EDU.AU (138.77.37.1) at AA:00:04:00:0B:1C [ether] on eth0
draal.cqu.EDU.AU (138.77.37.100) at 00:20:AF:33:B5:BE [ether] on eth0
? (138.77.37.46) at <incomplete> on eth0
To see how new entries are added to the cache the next example shows the
ping command. Ping is often used to
test a network connection and to see if a particular machine is alive.
In this case I'm pinging pug, who also happens to be on the 138.77.37
network.
[root@cq-pan logs]# ping
pug
PING pug.cqu.edu.au (138.77.37.102): 56 data bytes
64 bytes from 138.77.37.102: icmp_seq=0 ttl=64 time=19.0 ms
--- pug.cqu.edu.au ping statistics ---
1 packets transmitted, 1 packets received, 0% packet loss
round-trip min/avg/max = 19.0/19.0/19.0 ms
Since we've now contacted pug and pug is on the same network as this machine its entry should now appear in the arp cache.
[root@cq-pan logs]# /sbin/arp
–a
centaurus.cqu.EDU.AU (138.77.37.1) at AA:00:04:00:0B:1C [ether] on eth0
draal.cqu.EDU.AU (138.77.37.100) at 00:20:AF:33:B5:BE [ether] on eth0
pug.cqu.EDU.AU (138.77.37.102) at 00:20:AF:A4:3B:0F [ether] on eth0
? (138.77.37.46) at <incomplete> on eth0
There (s)he blows. If pug was not on the same local area network its ethernet address would not be added to the arp cache. Remember, ethernet addresses are only used to communicate with machines on the same ethernet network. For example, if I ping the machine www.cqu.edu.au it won't be added to the arp cache since it is on a different network.
[root@cq-pan logs]# ping
www
PING plato.cqu.edu.au (138.77.5.4): 56 data bytes
64 bytes from 138.77.5.4: icmp_seq=0 ttl=63 time=1.7 ms
--- plato.cqu.edu.au ping statistics ---
1 packets transmitted, 1 packets received, 0% packet loss
round-trip min/avg/max = 1.7/1.7/1.7 ms
SLIP and PPP, used to connect machines via serial lines (and modems) are not broadcast media. They are simple "point-to-point" connections between two computers. This means that when information is placed on a SLIP/PPP connection only the two computers at either end of that connection can see the information. SLIP/PPP are usually used when a computer is connected to a network via a modem or a serial connection.
This chapter does not provide any more discussion of SLIP/PPP. However all the basic concepts and the fundamental process for connecting a machine to the network are the same for SLIP/PPP as they are for ethernet. This is one of the advantages of TCP/IP networking being layered. Above a certain level, i.e. when the network interface is configured, the system works the same regardless of the hardware.
Ensuring that the kernel includes support for your networking hardware is only the first step. In order to supply certain network services it is necessary for them to be compiled into the kernel. The following is a list of some of the services that the Linux kernel can support
§
IP accounting
IP accounting must be compiled into the kernel and is configured with the ipfwadm command. IP
accounting allows you to track the number of bytes and packets transmitted over
the network connection. This is
useful in situations where you must track the network usage of your users.
For example, if you are a Internet Service Provider.
§
IP aliasing
Essentially, IP aliasing allows your computer to pretend it is more than one
computer. In a normal configuration
each network device is allocated a single IP address. However there are times when you wish to allocate multiple IP
addresses to a computer with a single network interface.
The most common example of this is web sites, for example, the websites http://cq-pan.cqu.edu.au/,
http://webclass.cqu.edu.au/, and http://webfuse.cqu.edu.au/
are all hosted by one computer. This
computer only has one ethernet card and uses IP aliasing to create aliases for
the ethernet card. The ethernet
card's real IP address is 138.77.37.37 and its three alias addresses are
138.77.37.36, 138.77.37.59 and 138.77.37.108.
Normally the interface would only grab the network packets addressed to
138.77.37.37 but with network aliasing it will grab the packets for all three
addresses.
You can see this in action by using the arp command. Have a look at the hardware addresses for the
computers cq-pan, webclass and webfuse. What
can you tell?
[david@draal david]$ /sbin/arp
Address
HWtype HWaddress Flags
Mask
Iface
centaurus.cqu.EDU.AU ether
AA:00:04:00:0B:1C C
eth0
webfuse.cqu.EDU.AU ether
00:60:97:3A:AA:85 C
eth0
cq-pan.cqu.EDU.AU ether
00:60:97:3A:AA:85 C
eth0
science.cqu.EDU.AU ether
00:00:F8:01:9E:DA C
eth0
borric.cqu.EDU.AU ether
00:20:AF:A4:39:39 C
eth0
webclass.cqu.EDU.AU ether 00:60:97:3A:AA:85 C
eth0
138.77.37.46
(incomplete)
eth0
§
IP firewall
This option allows you to use a Linux computer to implement a firewall.
A firewall works by allowing you to selectively ignore certain types of
network connections. By doing this
you can restrict what access there is to your computer (or the network behind
it) and as a result help increase security.
The firewall option is closely related to IP accounting, for example it is
configured with the same command, ipfwadm.
§
IP encapsulation
IP encapsulation is where the IP packet from your machine is wrapped inside
another IP packet. This is of
particular use mobile IP and IP multicast.
§
IPX
IPX protocol is used in Novel Netware systems.
Including IPX support in the Linux kernel allows a Linux computer to
communicate with Netware machines.
§
IPv6
IPv6, version 6 of the IP protocol, is the next generation of which is slowly
being adopted. IPv6 includes
support for the current IP protocol. Linux
support for IPv6 is slowly developing. You
can find more information at http://www.terra.net/ipv6/
§
IP masquerade
IP masquerade allows multiple computers to use a single IP address.
One situation where this can be useful is when you have a single dialup
connection to the Internet via an Internet Service Provider (ISP).
Normally, such a dialup connection can only be used by the machine which
is connected. Even if the dialup
machine is on a LAN with other machines connected they cannot access the
Internet. However with IP
masquerading it is possible to allow all the machines on that LAN access the
Internet.
§
Network Address Translation
Support for network address translation for Linux is still at an alpha stage.
Network address translation is the "next version" of IP
masquerade. See http://www.csn.tu-chemnitz.de/HyperNews/get/linux-ip-nat.html
for more information.
§ IP proxy server
§
Mobile IP
Since an IP address consists of both a network address and a host address it can
normally only be used when a machine is connected to the network specified by
the network address. Mobile IP
allows a machine to be moved to other networks but still retain the same IP.
IP encapsulation is used to send packets destined for the mobile machine
to its new location. See http://anchor.cs.binghamton.edu/mobileip/
for more information.
§
IP multicast
IP multicast is used to send packets simultaneously to computers and separate IP
networks. It is used for a variety
of audio and video transmission. See
http://www.teksouth.com/linux/multicast/ for more information.
Before going any further it is necessary to introduce some of the basic concepts related to TCP/IP networks. An understanding of these concepts is essential for the next steps in connecting a Linux machine to a network. The concepts introduced in the following includes
§
hostnames
Every machine (also known as a host) on the Internet has a name.
This section introduces hostnames and related concepts.
§
IP addresses
Each network interface on the network also has a unique IP address.
This section discusses IP addresses, the components of an IP address,
subnets, network classes and other related issues.
§
Name resolution
Human beings use hostnames while the IP protocols use IP addresses.
There must be a way, name resolution, to convert hostnames into IP
addresses. This section looks at
how this is achieved.
§
Routing
When network packets travel from your computer to a Web site in the United
States there are normally a multitude of different paths that packet can take. The
decisions about which path it takes are performed by a routing algorithm.
This section briefly discusses how routing occurs.
Most computers on a TCP/IP network are given a name, usually known as a host name (a computer can be known as a host). The hostname is usually a simple name used to uniquely identify a computer within a given site. A fully qualified Internet host name, also known as a fully qualified domain name (FQDN), uses the following format
hostname.site.domain.country
§
hostname
A name by which the computer is known. This name must be unique to the
site on which the machine is located.
§
site
A short name given to the site (company, University, government
department etc) on which the machine resides.
§
domain
Each site belongs to a specific domain. A domain is used to group sites
of similar purpose together. Table 15.1 provides an example of some domain
names. Strictly speaking a domain name also includes the country.
§
country
Specifies the actual country in which the machine resides. Table 15.2 provides
an example of some country names. You
can see a list of the country codes at http://www.bcpl.net/~jspath/isocodes.html
For example the CQU machine jasper's fully qualified name is jasper.cqu.edu.au, where jasper is the hostname, cqu is the site name, the domain is edu and the country is au.
|
Domain |
Purpose |
|
edu |
Educational institution, university or school |
|
com |
Commercial company |
|
gov |
Government department |
|
net |
Networking companies |
Table 15.1
Example Internet domains
|
Country
code |
Country |
|
nothing or us |
United States |
|
au |
Australia |
|
uk |
United Kingdom |
|
in |
India |
|
ca |
Canada |
|
fr |
France |
Table 15.2
Example Country Codes
Under Linux the hostname of a machine is set using the hostname command. Only the root user can set the hostname. Any other user can use the hostname command to view the machine's current name.
root@faile david]# hostname
faile.cqu.edu.au
[root@faile david]# hostname fred
[root@faile david]# hostname
fred
Changes to the hostname performed using the hostname command will not
apply after you reboot a RedHat 5.0 Linux computer. RedHat 5.0 sets the hostname during startup from one of its
configuration files, /etc/sysconfig/network This
is the file which is changed by the GUI tools provided with RedHat.
If you wish a change in hostname to be retained after you reboot you will have to change this file.
jasper.cqu.edu.au is a fully qualified domain name and uniquely identifies the machine jasper on the CQU campus to the entire Internet. There cannot be another machine called jasper at CQU. However there could be another machine called jasper at James Cook University in Townsville (its fully qualified name would be jasper.jcu.edu.au).
A fully qualified name must be unique to the entire Internet. Which implies every hostname on a site should be unique.
It is not always necessary to specify a fully qualified name. If a user on aldur.cqu.edu.au enters the command telnet jasper the networking software assumes that because it isn't fully qualified hostname the user means the machine jasper on the current site (cqu.edu.au).
Alpha-numeric names, like hostnames, cannot be handled efficiently by computers, at least not as efficiently as numbers. For this reason, hostnames are only used for us humans. The computers and other equipment involved in TCP/IP networks use numbers to identify hosts on the Internet. These numbers are called IP addresses. This is because it is the Internet Protocol (IP) which provides the addressing scheme.
IP addresses are currently 32 bit numbers, IPv6 the next generation of IP uses 128 bit address. IP addresses are usually written as four numbers separated by full stops (called dotted decimal form) e.g. 132.22.42.1. Since IP addresses are 32 bit numbers, each of the numbers in the dotted decimal form are restricted to between 0-255 (32 bits divide by 4 numbers gives 8 bits per number and 255 is the biggest number you can represent using 8 bits). This means that 257.33.33.22 is an invalid address.
The address 132.22.42.1 in dotted decimal form is actually stored on the computer as 10000100 00010110 00101010 00000001. Each of the four decimal numbers represent one byte of the final binary number
§ 132 = 10000100
§ 22 = 00010110
§ 42 = 00101010
§ 1 = 00000001
The conversion from dotted quad to binary (and back again) is important for some of the following concepts.
An IP address actually consists of two parts
§
a network portion, and
This is used to identify the network that the machine belongs to.
Hosts on the same network will have this portion of the IP address in
common. This is one of the reasons
why IP masquerading is required for mobile computers (e.g. laptops).
If you move a computer to a different network you must give it a
different IP address which includes the network address of the new network it is
connected to.
§
the host portion.
This is the part which uniquely identifies the host on the network.
The network portion of the address forms the high part of the address (the bit that appears on the left hand side of the number). The size of the network and host portions of an IP address is specified by another 32 bit number called the netmask (also known as the subnet mask).
To calculate which part of an IP address is the network and which the host the IP address and the subnet mask are treated as binary numbers (see diagram 15.?). Each bit of the subnet mask and the IP address are compared and
§ if the bit is set in both the IP address and the subnet mask then the bit is set in the network address,
§ if the bit is set in the IP address but not set in the subnet mask then the bit is set in the host address.
IP address 138.77.37.21
10001010 01001101
00100101 00010101
netmask 255.255.255.0
11111111 11111111
11111111 00000000
network address 138.77.37.0
10001010 01001101
00100101 00000000
host address 0.0.0.21
00000000 00000000
00000000 00010101
The structure of IP addresses can give you some idea of how the Internet works. It is a network of networks. You start with a collection of machines all connected via the same networking hardware, a local area network. All the machines on this local area network will have the same network address, each machine also has a unique host address.
The Internet is formed by connecting a lot of local area networks together.
In Figure 15.1 there are two networks, 138.77.37.0 and 138.77.36.0. These are two networks on the Rockhampton campus of Central Queensland University and both use ethernet as their networking hardware. This means that when a computer on the 37 subnet (the network with the network address 138.77.37.0) wants to send information to another computing on the 37 subnet it simply uses the characteristics of ethernet. The information is placed on the ethernet network and gets delivered.
However, if the machine 138.77.37.37 wants to send information to the machine 138.77.36.15 it's a bit more complex. Since both computers are on separate networks the machine 138.77.37.37 just can't send information to the machine 138.77.36.15. Instead it has to use a gateway machine (only rarely is the gateway machine a computer but it can be). The gateway machine actually has two network connections. One connection to the 138.77.37.0 network and the other to the 138.77.36.0 network.
It is via this dual connection that the gateway acts as the connection between the two networks. The gateway knows that it should grab any and all packets on the 138.77.36.0 network destined for the 138.77.37.0 network (and vice versa). When it grabs these packets the gateway machine transfers them from the network device connected to the sending network to the network device connected to the receiving network.
Figure 15.1
A simple gateway
This process is repeated for other networks. Each network is then connected to each other via devices called routers, or perhaps gateways. This is a very simple example.
Some IP addresses are reserved for specific purposes and you should not assign these addresses to a machine. Table 15.3 lists some of these addresses
|
Address |
Purpose |
|
xx.xx.xx.0 |
network address |
|
xx.xx.xx.1 |
gateway address * |
|
xx.xx.xx.255 |
broadcast address |
|
127.0.0.1 |
loopback address |
* this is not a set standard
Table 15.3
Reserved IP addresses
As mentioned above 127.0.0.1 is a special IP address. It refers to the local host. The local host allows software to address the local machine in exactly the same way it would address a remote machine. For those of you without network connections the localhost will be the only method you can use to experiment with the concepts introduced in this and the following chapter.
As shown in the previous examples gateways and routers are able to distribute data from one network to another because they are actually physically connected to two or more networks through a number of network interfaces. Figure 15.? provides a representation of this.
The machine in the middle, the gateway machine, has two network interfaces. One has the IP address 138.77.37.1 and the other 138.77.36.1 (it's common practice for a networks gateway machine to have the host id 1, but by no means compulsory).
By convention the network address is the IP address with a host address that is all 0's. The network address is used to identify a network.
The broadcast address is the IP address with the host address set to all 1's and is used to send information to all the computers on a network, typically used for routing and error information.
During the development of the TCP/IP protocol stack IP addresses were divided into classes. There are three main address classes, A, B and C. Table 15.4 summarises the differences between the three classes. The class of an IP address can be deduced by the value of the first byte of the address.
|
Class |
First
byte value |
Netmask |
Number
of hosts |
|
A |
1 to 126 |
255.0.0.0 |
16 million |
|
B |
128 to 191 |
255.255.0.0 |
64,000 |
|
C |
192 to 223 |
255.255.255.0 |
254 |
|
Multicast |
224 – 239 |
240.0.0.0 |
|
Table 15.4
Network classes
If you plan on setting up a network that is connected to the Internet the addresses for your network must be allocated to you by central controlling organisation. You can't just choose any set of addresses you wish, chances are they are already taken my some other site.
If your network will not be connected to the Internet you can choose from a range of addresses which have been set aside for this purpose. These addresses are shown in Table 15.5
|
Network class |
Addresses |
|
A |
10.0.0.0 to 10.255.255.255 |
|
B |
172.16.0.0 to 172.31.255.255 |
|
C |
192.168.0.0 to 192.168.255.255 |
Table 15.5
Networks reserved for private networks
Central Queensland University has a class B network address, 138.77.0.0. This would imply that you could make the following assumptions about the IP address 138.77.1.1. The network address is 138.77.0.0 and that the host address is 1.1, this is after all how a class B address is defined.
If you did make these implications you would be wrong.
CQU has decided to break its available IP addresses into further networks, called subnets. Subnetting works by moving the dividing line between the network address bits and the host address bits. Instead of using the first two bytes for the network address CQU uses subnetting to use the first three bytes. This is achieved by setting the netmask to 255.255.255.0.
This means that the address 138.77.1.1 actually breaks up into a network address 138.77.1.0 and a host address of 1. The network 138.77.1.0 is said to be a subnet of the larger 138.77.0.0 network.
Subnetting is used for a number of reasons including
§
security reasons,
Using ethernet all hosts on the same network can see all the packets on the
network. So it makes sense to put the computers in student labs on a different
network to the computer on which student results are placed.
§
physical reasons,
Networking hardware, like ethernet, has physical limitations. You can't put
machines on the Mackay campus on the same network as machines on the Rockhampton
campus (they are separated by about 300 kilometers).
§
political reasons, and
There may be departments or groups within an organisation that have unique needs
or want to control their own network. This can be achieved by subnetting and
allocating them their own network.
§
hardware and software differences.
Someone may wish to use completely different networking hardware and software.
Generally subnet masks are byte oriented, for example 255.255.255.0. This means that divide between the network portion of the address and the host portion occurs on a byte boundary. However it is possible and sometimes necessary to use bit-oriented subnet masks, for example 255.255.255.224. Bit oriented implies that this division occurs within a byte.
For example a small company with a class C Internet address might use the subnet mask 255.255.255.224.
15.1 Complete the following table by calculating the network and host addresses. (refer back to the example earlier in the chapter)
|
IP
address |
Subnet
mask |
Network
address |
Host
address |
|
178.86.11.1 |
255.255.255.0 |
|
|
|
230.167.16.132 |
255.255.255.192 |
|
|
|
132.95.132.5 |
255.255.240.0 |
|
|
We have a problem. People will use hostnames to identify individual computers on the network while the computers use the IP address. How are the two reconciled.
When you enter http://www.lycos.com/ on your WWW browser the first thing the networking software must do is find the IP address for www.lycos.com. Once it has the IP address it can connect to that machine and download the WWW pages.
The process of taking a hostname and finding the IP address is called name resolution.
There are two methods that can be used to perform name resolution
§ the /etc/hosts file, and
§ the Domain Name Service.
One way of performing name resolution is to maintain a file that contains a list of hostnames and their equivalent IP addresses. Then when you want to know a machine's IP address you look up the file.
Under UNIX the file is /etc/hosts. /etc/hosts is a text file with one line per host. Each line has the format
IP_address hostname aliases
Comments can be indicated by using the hash # symbol. Aliases are used to indicate shorter names or other names used to refer to the same host.
For example the hosts file of the machine aldur looks like this
# every machine has the localhost entry
127.0.0.1 localhost
loopback
138.77.36.29 aldur.cqu.edu.au
aldur
138.77.1.1 jasper.cqu.edu.au
jasper
138.77.37.28 pol.cqu.edu.au
pol
When a user on aldur enters the command telnet jasper.cqu.edu.au the software first looks in the hosts file for an entry for jasper. If it finds an entry it obtains jasper's IP address and then can execute the command.
What happens if the user enters the command telnet knuth. There isn't an entry for knuth in the hosts file. This means the IP address of knuth can't be found and so the command can't succeed.
One solution would be to add an entry in the hosts file for every machine the users of aldur wish to access. With over two million machines on the Internet it should be obvious that this is not a smart solution.
The following reading on the DNS was taken from
In the early days of the Internet, all host names and their associated IP addresses were recorded in a single file called hosts.txt, maintained by the Network Information Centre in the USA. Not surprisingly, as the Internet grew so did this file, and by the mid-80's it had become impractically large to distribute to all systems over the network, and impossible to keep up to date. The Internet Domain Name System (DNS) was developed as a distributed database to solve this problem. Its primary goal is to allow the allocation of host names to be distributed amongst multiple naming authorities, rather than centralised at a single point.
The DNS is arranged as a hierarchy, both from the perspective of the structure
of the names maintained within the DNS, and in terms of the delegation of naming
authorities. At the top of the hierarchy is the root domain "." which
is administered by the Internet Assigned Numbers Authority (IANA).
Administration of the root domain gives the IANA the authority to allocate
domains beneath the root, as shown in the diagram below:
The process of assigning a domain to an organisational entity is called delegating, and involves the administrator of a domain creating a sub-domain and assigning the authority for allocating sub-domains of the new domain the subdomain's administrative entity.
This is a hierarchical delegation, which commences at the "root" of the Domain Name Space ("."). A fully qualified domain name, is obtained by writing the simple names obtained by tracing the DNS hierarchy from the leaf nodes to the root, from left to right, separating each name with a stop ".", eg.
fred.xxxx.edu.au
is the name of a host system (huxley) within the XXXX University (xxx), an educational (edu) institution within Australia (au).
The sub-domains of the root are known as the top-level domains, and include the edu (educational), gov (government), and com (commercial) domains. Although an organisation anywhere in the world can register beneath these three-character top level domains, the vast majority that have are located within, or have parent companies based in, the United States. The top-level domains represented by the ISO two-character country codes are used in most other countries, thus organisations in Australia are registered beneath au.
The majority of country domains are sub-divided into organisational-type sub-domains. In some countries two character sub-domains are created (eg. ac.nz for New Zealand academic organisations), and in others three character sub-domains are used (eg. com.au for Australian commercial organisations). Regardless of the standard adopted each domain may be delegated to a separate authority.
Organisations that wish to register a domain name, even if they do not plan to establish an Internet connection in the immediate short term, should contact the administrator of the domain which most closely describes their activities.
Even though the DNS supports many levels of sub-domains, delegations should only be made where there is a requirement for an organisation or organisational sub-division to manage their own name space. Any sub-domain administrator must also demonstrate they have the technical competence to operate a domain name server (described below), or arrange for another organisation to do so on their behalf.
The DNS is implemented as collection of inter-communicating nameservers. At any given level of the DNS hierarchy, a nameserver for a domain has knowledge of all the immediate sub-domains of that domain.
For each domain there is a primary nameserver, which contains authoritative information regarding Internet entities within that domain. In addition Secondary nameservers can be configured, which periodically download authoritative data from the primary server. Secondary nameservers provide backup to the primary nameserver when it is not operational, and further improve the overall performance of the DNS, since the nameservers of a domain that respond to queries most quickly are used in preference to any others.
When performing a name resolution most UNIX machines will check their /etc/hosts first and then check with their name server. How does the machine know where its domain name server is. The answer is in the /etc/resolv.conf file.
resolv.conf is a text file with three main types of entries
§
# comments
Anything after a # is a comment and ignored.
§
domain name
Defines the default domain. This default domain will be appended to any hostname
that does not contain a dot.
§
nameserver address
This defines the IP address of the machines domain name server. It is possible
to have multiple name servers defined and they will be queried in order (useful
if one goes down).
The /etc/resolv.conf file from my machine is listed below.
domain cqu.edu.au
nameserver 138.77.5.6
nameserver 138.77.1.1
So far we've looked at names and addresses that specify the location of a host on the Internet. We now move onto routing. Routing is the act of deciding how each individual datagram finds its way through the multiple different paths to its destination.
For most UNIX computers the routing decisions they must make are simple. If the datagram is for a host on the local network then the data is placed on the local network and delivered to the destination host. If the destination host is on a remote network then the datagram will be forwarded to the local gateway. The local gateway will then pass it on further.
However, a network the size of the Internet cannot be constructed with such a simple approach. There are portions of the Internet where routing is a much more complex business, too complex to be covered as a portion of one week of a third year unit.
Routing is concerned with finding the right network for a datagram. Once the right network has been found the datagram can be delivered to the host.
Most hosts (and gateways) on the Internet maintain a routing table. The entries in the routing table contain the information to know where to send datagrams for a particular network.
The routing table can be constructed in one of two ways
§ constructed by the Systems Administrator, sometimes referred to as static routes,
§ dynamically created by a number of different available routing protocols
The dynamic creation by routing protocols is complex and beyond the scope of this subject.
15.2 Why is the name server in /etc/resolv.conf specified using an IP address and not a hostname?
This chapter, until now, has been introducing all the basic information you need to understand in order to connect your Linux computer to a network. In the following section we put this knowledge into practice by stepping through the actual connection process. Initially we do this process at the command level so you understand what is happening. Later on the GUI tools available under RedHat 5.0 are introduced.
Having reached this stage it is assumed that you have connected (or inserted) your networking hardware (in)to your computer and have (if necessary) recompiled the kernel to provide the necessary networking support.
Earlier in the chapter the concept of a network device was introduced. The following section examines what is required to configure the network device so that it operates. Configuring the network device draws on some of the basic TCP/IP concepts introduced in previous sections.
One of the common complaints from UNIX Systems Administrators who move into administering Windows 95/NT machines is that to reconfigure (a common task which requires reconfiguring the network interface is changing the IP address) the network device on a Windows machine you have to reboot the entire machine. They are used to UNIX where you can bring network devices up and down without effecting anything (apart from the networking software), no need to reboot.
The loopback device is a special case. It is always present and is used to provide access to your own machine. Even if you do not have a network connection you will be able to use the loopback interface to test some of the basic networking services. The loopback interface always has the IP address 127.0.0.1. Whenever you use the IP address 127.0.0.1 you are connecting to your own computer.
Network interfaces are configured using the ifconfig command and has the standard format for turning a device on
ifconfig device_name IP_address netmask netmask up
For example
§
ifconfig eth0 138.77.37.26 netmask 255.255.255.0 up
Configures the first ethernet address with the IP address of 138.77.37.26 and
the netmask of 255.255.255.0.
§
ifconfig lo 127.0.0.1
Configures the loopback address appropriately.
Other parameters for the ifconfig command include
§
up and down
These parameters are used to take the device up and down (turn it on and off).
ifconfig eth0 down will disable the eth0 interface and will require an
ifconfig command like the first example above to turn it back on.
§
-arp
Will turn on/off the address resolution protocol for the specified
interface.
§
-pointtopoint addr
Used to specify the IP address (addr) of the computer at the far end of a
point to point link.
Once the device/interface is configured you can start using the network. However you'll only be able to use IP addresses. At this stage the networking system on your computer will not know how to resolve hostnames (convert hostnames into IP addresses). So if I was configuring a machine on the 138.77.37 subnet (this is the student subnet in the IT building) at CQU I would be able to execute commands like
telnet 138.77.37.37
but I would not be able to execute commands such as
telnet cq-pan.cqu.edu.au
Even though the IP address for the machine cq-pan.cqu.edu.au is 138.77.37.37 the networking on my machine doesn't know how to do the translation.
This is where the name resolver and its associated configuration files enter the picture. In particular the three files we'll be looking at are
§
/etc/resolv.conf
Specifies where the main domain name server is located for your machine.
§
/etc/hosts.conf
Allows you to specify how the name resolver will operate.
For example, will it ask the domain name server first or look at a local
file.
§
/etc/hosts
A local file which specifies the IP/hostname association between common or local
computers.
The following is an excerpt from the NET-3 HOW-TO which describes these files in a bit more detail.
The /etc/resolv.conf is the main configuration file for the name resolver code. Its format is quite simple. It is a text file with one keyword per line. There are three keywords typically used, they are:
§
domain
this keyword specifies
the local domain name.
§
search
this
keyword specifies a list of alternate domain names to search for a hostname
§
nameserver
this
keyword, which may be used many times, specifies an IP address of a domain name
server to query when resolving names
An example /etc/resolv.conf might look something like:
domain maths.wu.edu.au
search maths.wu.edu.au wu.edu.au
nameserver 192.168.10.1
nameserver 192.168.12.1
This example specifies that the default domain name to append to
unqualified names (ie hostnames supplied without a domain) is maths.wu.edu.au
and that if the host is not found in that domain to also try the wu.edu.au
domain directly. Two nameservers entry are supplied, each of which may be called
upon by the name resolver code to resolve the name.
The /etc/host.conf file is where you configure some items that govern the behaviour of the name resolver code.
The format of this file is described in detail in the resolv+
man page. In nearly all circumstances the following example will work for you:
order hosts,bind
multi on
This configuration tells the name resolver to check the /etc/hosts file before attempting to query a nameserver and to return all valid addresses for a host found in the /etc/hosts file instead of just the first.
The /etc/hosts file
is where you put the name and IP address of local hosts. If you place a host in
this file then you do not need to query the domain name server to get its IP
Address. The disadvantage of doing this is that you must keep this file up to
date yourself if the IP address for that host changes. In a well managed system
the only hostnames that usually appear in this file are an entry for the
loopback interface and the local hosts name.
# /etc/hosts
127.0.0.1 localhost
loopback
192.168.0.1 this.host.name
You may specify more than one host name per line as demonstrated by the first entry, which is a standard entry for the loopback interface.
Having performed each of the preceding steps the networking on your computer will still not be working 100% correctly. For example, assume I'm adding a machine to the 138.77.37 subnet at CQU with the IP address as 138.77.37.105 and the hostname fred. I've configured the network interface and set up the following files
(For the following discussion it is important to realise that CQU has a class B address, 138.77, and creates subnets which look like class C address, i.e. 138.77.37, 138.77.1 and 138.77.5 are all separate subnets)
§
/etc/resolv.conf
search cqu.edu.au
nameserver 138.77.5.6
nameserver 138.77.1.23
§
/etc/host.conf
order
hosts,bind
multi on
/etc/hosts
§
/etc/hosts
127.0.0.1 localhost
localhost.localdomain
138.77.37.105 fred fred.cqu.edu.au
138.77.37.37 cq-pan
cq-pan.cqu.edu.au
Now, see what happens when I execute the following commands
[david@fred david]$ ping cq-pan.cqu.edu.au
PING cq-pan.cqu.edu.au (138.77.37.37): 56 data bytes
64 bytes from 138.77.37.37: icmp_seq=0 ttl=63 time=1.1 ms
64 bytes from 138.77.37.37: icmp_seq=1 ttl=63 time=1.0 ms
64 bytes from 138.77.37.37: icmp_seq=2 ttl=63 time=1.0 ms
--- cq-pan.cqu.edu.au ping statistics ---
3 packets transmitted, 3 packets received, 0% packet loss
round-trip min/avg/max = 1.0/1.0/1.1 ms
[root@fred network-scripts]# ping jasper.cqu.edu.au
ping: unknown host jasper.cqu.edu.au
Why the difference? We've setup the name resolution configuration files properly so why can't it resolve the name jasper.cqu.edu.au to the IP address 138.77.1.1? Have a look at the IP addresses of the domain name servers specified in the /etc/resolv.conf file above? What can you tell about these hosts?
The major difference between the domain name servers and our new host fred is that they are on separate subnets. At this stage our host has not been told how it is meant to send information from its own subnet to other subnets (remember the discussion earlier in the chapter about arp and ethernet being a broadcast medium?).
fred.cqu.edu.au is able to use the cq-pan.cqu.edu.au hostname because it is specified in the /etc/hosts file and it can send information to that machine because it is on the same subnet. Because the domain name servers are on another subnet the networking software on the machine doesn't know how to communicate with them. An example of what happens can be seen in the following command where rather than use jasper.cqu.edu.au's hostname we use the IP address.
[david@fred david]$ ping 138.77.1.1
PING 138.77.1.1 (138.77.1.1): 56 data bytes
ping: sendto: Network is unreachable
ping: wrote 138.77.1.1 64 chars, ret=-1
ping: sendto: Network is unreachable
ping: wrote 138.77.1.1 64 chars, ret=-1
--- 138.77.1.1 ping statistics ---
2 packets transmitted, 0 packets received, 100% packet loss
The solution to this problem is to configuring the routing software on our computer. Routing is the art of deciding how to send IP packets from one host to another, particularly where there are possibly multiple paths that could be used. In our example above we have to specify how the networking software is to deliver IP packets from our current subnet, 138.77.37, to other subnets.
Routing is a huge and complex topic. It is not possible to provide a detailed introduction in the confines of this text. If you need more information you should take a look at the NET-3 HOW-TO, the Network Administrators Guide and other documentation. The following is an excerpt from the NET-3 HOW-TO which briefly describes the routing table and the commands used to manipulate it.
Ok, so how does routing work ? Each host keeps a special list of routing rules, called a routing table. This table contains rows which typically contain at least three fields, the first is a destination address, the second is the name of the interface to which the datagram is to be routed and the third is optionally the IP address of another machine which will carry the datagram on its next step through the network. In Linux you can see this table by using the following command:
# cat /proc/net/route
or by using either of the following commands:
# /sbin/route -n
# /bin/netstat -r
The routing process is fairly simple: an incoming datagram is received, the destination address (who it is for) is examined and compared with each entry in the table. The entry that best matches that address is selected and the datagram is forwarded to the specified interface. If the gateway field is filled then the datagram is forwarded to that host via the specified interface, otherwise the destination address is assumed to be on the network supported by the interface.
To manipulate this table a special command is used. This command takes command line arguments and converts them into kernel system calls that request the kernel to add, delete or modify entries in the routing table. The command is called `route'.
A simple example. Imagine you have an ethernet network. You've been told it is a class-C network with an address of 192.168.1.0. You've been supplied with an IP address of 192.168.1.10 for your use and have been told that 192.168.1.1 is a router connected to the Internet.
The first step is to configure the interface as described earlier. You would use a command like:
# ifconfig eth0 192.168.1.10 netmask 255.255.255.0 up
You now need to add an entry into the routing table to tell the kernel that datagrams for all hosts with addresses that match 192.168.1.* should be sent to the ethernet device. You would use a command similar to:
# route add -net 192.168.1.0 netmask 255.255.255.0 eth0
Note the use of the `-net' argument to tell the route program that this entry is a network route. Your other choice here is a `-host' route which is a route that is specific to one IP address.
This route will enable you to establish IP connections with all of the hosts on your ethernet segment. But what about all of the IP hosts that aren't on your ethernet segment ?
It would be a very difficult job to have to add routes to every possible destination network, so there is a special trick that is used to simplify this task. The trick is called the `default' route. The default route matches every possible destination, but poorly, so that if any other entry exists that matches the required address it will be used instead of the default route. The idea of the default route is simply to enable you to say "and everything else should go here". In the example I've contrived you would use an entry like:
# route add default gw 192.168.1.1 eth0
The `gw' argument tells the route command that the next argument is the IP address, or name, of a gateway or router machine which all datagrams matching this entry should be directed to for further routing.
So, your complete configuration would look like:
# ifconfig eth0 192.168.1.10 netmask 255.255.255.0 up
# route add -net 192.168.1.0 netmask
255.255.255.0 eth0
# route
add default gw 192.168.1.1 eth0
These steps are actually performed automatically by the startup files on a properly configured Linux box.
In the previous section we've looked at the individual steps used to configuring networking on a simple Linux machine. On a normal Linux machine these steps are performed automatically in the system startup files (refer back to chapter 12 for a discussion on these). While the commands introduced in the previous section are standard Linux/UNIX commands the startup and associated configuration files used by RedHat 5.0 are different from other systems. This section briefly summarises the startup files which are used on a RedHat 5.0 machine.
The files used include
§
/etc/sysconfig/network
A text file which defines shell variables for hostname, domain, gateway
and gateway device.
§
/etc/sysconfig/network-scripts
A collection of scripts used to perform common tasks including bringing network
interfaces up and down.
§
/etc/rc.d/init.d/network
A shell script which actually brings up the networking on startup.
Linked to from a number of scripts in the rcX.d directories.
A more indepth explanation of the files in the /etc/sysconfig directory can be found under the resource materials section for week 8 on the 85321 Web site.
You might ask, "Why the hell are we playing with all these text files and commands? Why can't we just use the nice GUI tools that come with RedHat". The simple answer is that knowing how to use a GUI tool isn't all that difficult, anyone can learn that. What's important for a computing professional, like a Systems Administrator, to know is what is going on underneath. There will be times when the GUI doesn't work or the problem you have can't be solved with the GUI. It is at times like this that you will need to understand what is going on underneath.
Having said that it can be a lot quicker to perform simple tasks using a GUI than with text files and a command line (depending on your personal preference). The following section introduces the GUI tools RedHat provides to manage and configure networking and also looks at a couple of other useful commands UNIX provides.
RedHat supplies a number of GUI administration tools which are all launched from the control-panel application by typing control-panel from a shell (you must be running X-Windows as control-panel is an X application). Each of the icons in the control panel window correspond to one of the GUI tools. Holding the mouse over the icon will cause it to display the name of the tool.
Of particular interest to this chapter is the network configuration tool which allows you to configure the hosts, name servers, devices and routing for your system.
The nslookup command is used to query a name server and is supplied as a debugging tool. It is generally used to determine if the name server is working correctly and for querying information from remote servers.
nslookup can be used from either the command line or interactively. Giving nslookup a hostname will result in it asking the current domain name server for the IP address of that machine.
nslookup also has an ls command that can be used to view the entire records of the current domain name server.
[david@cq-pan:~]$
nslookup
Default Server: circus.cqu.edu.au
Address: 138.77.5.6
> jasper
Server: circus.cqu.edu.au
Address: 138.77.5.6
Name: jasper.cqu.edu.au
Address: 138.77.1.1
> exit
[david@cq-pan:~]$ nslookup jasper
Server: circus.cqu.edu.au
Address: 138.77.5.6
Name: jasper.cqu.edu.au
Address: 138.77.1.1
netstat
The netstat command is used to display the status of network connections to a UNIX machine. One of the functions it can be used for is to display the contents of the kernel routing table by using the -r switch.
The following examples are from two machines on CQU's Rockhampton campus. The first one is from telnet jasper
[david@cq-pan:~]$ netstat
-rn
Kernel routing table
Destination Gateway
Genmask Flags Metric Ref
Use Iface
138.77.37.0 0.0.0.0
255.255.255.0 U
0 0
109130 eth0
127.0.0.0 0.0.0.0
255.0.0.0 U
0 0
9206 lo
0.0.0.0
138.77.37.1 0.0.0.0 UG
0 0
2546951 eth0
bash$ netstat -rn
Routing tables
Destination
Gateway
Flags Refcnt Use
Interface
127.0.0.1
127.0.0.1
UH 56
7804440 lo0
default
138.77.1.11
UG 23
1595585 ln0
138.77.32
138.77.1.11
UG 0
19621 ln0
138.77.16
138.77.1.11
UG 0
555
ln0
138.77.8
138.77.1.11 UG 0
385345 ln0
138.77.80
138.77.1.11
UG 0
0
ln0
138.77.72
138.77.1.11
UG 0
0
ln0
138.77.64
138.77.1.11
UG 0
0
ln0
138.77.41
138.77.1.11
UG 0
0
ln0
For some reason or another, users on one machine cannot connect to another machine or if they can any information transfer between the two machines is either slow or plagued by errors. What do you do?
Remember it is not only the machines at the two ends you have to check. If the two machines are on different networks the information will flow through a number of gateways and routers. It might be one of the gateway machines that is causing the problem.
The traceroute command provides a way of discovering the path taken by information as it goes from one machine to another and can be used to identify where problems might be occurring. On the Internet that path may not always be the same.
The following are the results of a number of executions of traceroute from the machine aldur (138.77.36.29).
In the first example the machine knuth is on the same network as aldur. This means that the information can get their directly.
bash$ traceroute
knuth
traceroute to knuth.cqu.edu.au (138.77.36.20), 30 hops max, 40 byte packets
1 knuth.cqu.EDU.AU (138.77.36.20) 2 ms 2 ms 2 ms
jasper is one network away from aldur
bash$ traceroute
jasper
traceroute to jasper.cqu.edu.au (138.77.1.1), 30 hops max, 40 byte packets
1 centaurus.cqu.EDU.AU (138.77.36.1) 1 ms 1 ms 1 ms
2 jasper.cqu.EDU.AU (138.77.1.1) 2 ms 1 ms 1 ms
A machine still on the CQU site but a little further away
bash$
traceroute jade
traceroute to jade.cqu.edu.au (138.77.7.2), 30 hops max, 40 byte packets
1 centaurus.cqu.EDU.AU (138.77.36.1) 1 ms 1 ms 1 ms
2 hercules.cqu.EDU.AU (138.77.5.3) 4 ms 2 ms 12 ms
3 jade.cqu.EDU.AU (138.77.7.2) 3 ms 13 ms 3 ms
A host still in Australia (but a long way from CQU)
bash$
traceroute archie.au
traceroute to archie.au (139.130.23.2), 30 hops max, 40 byte packets
1 centaurus.cqu.EDU.AU (138.77.36.1) 1 ms 1 ms 1 ms
2 tucana.cqu.EDU.AU (138.77.5.27) 2 ms 2 ms 2 ms
3 138.77.32.10 (138.77.32.10) 5 ms 5 ms 5 ms
4 qld.gw.au (139.130.60.1) 21 ms 13 ms 51 ms
5 national.gw.au (139.130.48.1) 35 ms 36 ms 40 ms
6 plaza.aarnet.edu.au (139.130.23.2) 38 ms 35 ms 68 ms
A host in the Eastern United States.
bash$ traceroute
sunsite.unc.edu
traceroute to knuth.cqu.edu.au (139.130.23.2), 30 hops max, 40 byte packets
1 centaurus.cqu.EDU.AU (138.77.36.1) 1 ms 1 ms 1 ms
2 tucana.cqu.EDU.AU (138.77.5.27) 2 ms 2 ms 3 ms
3 138.77.32.10 (138.77.32.10) 5 ms 5 ms 5 ms
4 qld.gw.au (139.130.60.1) 13 ms 20 ms 13 ms
5 national.gw.au (139.130.48.1) 51 ms 36 ms 36 ms
6 usa.gw.au (139.130.29.5) 37 ms 36 ms 38 ms
7 usa-au.gw.au (203.62.255.1) 233 ms 252 ms 264 ms
8 * * t3-0.enss144.t3.nsf.net (192.203.230.253) 224 ms
9 140.222.8.4 (140.222.8.4) 226 ms 236 ms 258 ms
10 t3-3.cnss25.Chicago.t3.ans.net (140.222.25.4) 272 ms 293 ms 266 ms
11 t3-0.cnss40.Cleveland.t3.ans.net (140.222.40.1) 328 ms 270 ms 300 ms
12 t3-1.cnss48.Hartford.t3.ans.net (140.222.48.2) 325 ms 355 ms 289 ms
13 t3-2.cnss32.New-York.t3.ans.net (140.222.32.3) 284 ms 319 ms 347 ms
14 t3-1.cnss56.Washington-DC.t3.ans.net (140.222.56.2) 352 ms 299 ms 305 ms
15 t3-1.cnss72.Greensboro.t3.ans.net (140.222.72.2) 319 ms 344 ms 310 ms
16 mf-0.cnss75.Greensboro.t3.ans.net (140.222.72.195) 343 ms 320 ms *
17 cnss76.Greensboro.t3.ans.net (192.103.68.6) 338 ms 319 ms 355 ms
18 192.103.68.50 (192.103.68.50) 338 ms 330 ms 330 ms
19 rtp5-gw.ncren.net (128.109.135.254) 357 ms 361 ms *
20 * rtp2-gw.ncren.net (128.109.70.253) 359 ms 334 ms
21 128.109.13.2 (128.109.13.2) 374 ms 411 ms 451 ms
22 * calypso-2.oit.unc.edu (198.86.40.81) 418 ms 415 ms
There are
now a number of visual versions of traceroute, http://www.visualroute.com/, is
one of them
15.3 In the above example examine the times between machines 6 & 7. Why do you think it takes so long to get from machine 6 to machine 7?
Connecting a Linux machine to a network consists of the following steps
§ identifying network hardware that is supported by the Linux kernel
§ ensuring the Linux kernel has compiled into it the necessary network functionality (including support for the hardware)
§ configure the network interface using the ifconfig command
§ ensure that the DNS is configured making use of files such as /etc/hosts /etc/resolv.conf and /etc/hosts.conf
§ ensure that the routing table is set up for your situation
The last three steps are usually performed automatically when the system starts up. Tools which can be useful in the management of a network connection include various RedHat GUI tools, nslookup, netstat and traceroute.
What UNIX commands would you use for the following tasks
a) checking a domain name server for the IP address of the machine www.seven.com.au
b) another machine,
c) finding out what machines information passes through as it goes from your machine to www.whitehouse.gov
d) configure a network interface,
e) display the routing table of your UNIX machine,
f) display the ethernet address of your UNIX machine.
g) finding out whether or not your computer can access, via the network,
 |
Following are three images taken from "The Net" a movie with Sandra
Bullock. Each screen contains what is reportedly an IP address. For each IP
address explain why it isn't an IP address.
Explain the relevance of each of the following
/etc/hosts
/etc/resolv.conf
/etc/networks
/etc/rc.d/rc.inet1
a gateway
You've just started administering a new Linux computer and executed the following two commands. What does this tell you about the network configuration of these machines?
What would the /proc/net/dev file for this system look like?
Can you see what is wrong with the configuration of the networking of this system?
List the network and host portions of the IP address for each of the network devices listed in the output of these commands.
[root@cq-pan logs]# /sbin/ifconfig
eth0
eth0 Link encap:Ethernet
HWaddr 00:60:97:3A:AA:85
inet
addr:138.77.37.37 Bcast:138.77.37.255
Mask:255.255.255.0
UP
BROADCAST RUNNING MULTICAST MTU:1500
Metric:1
RX
packets:61183404 errors:59 dropped:59 overruns:0
TX
packets:77722967 errors:0 dropped:0 overruns:0
Interrupt:9
Base address:0xff00
[root@cq-pan logs]# /sbin/ifconfig eth0:1
eth0:1 Link
encap:Ethernet HWaddr
00:60:97:3A:AA:85
inet addr:138.77.37.59 Bcast:138.77.37.255
Mask:255.255.255.0
UP BROADCAST RUNNING MTU:1500
Metric:1
RX packets:10894 errors:0 dropped:0 overruns:0
TX packets:210 errors:0 dropped:0 overruns:0
[root@cq-pan logs]# /sbin/ifconfig eth0:2
eth0:2 Link
encap:Ethernet HWaddr
00:60:97:3A:AA:85
inet addr:138.77.38.60 Bcast:138.77.38.255
Mask:255.255.255.0
UP BROADCAST RUNNING MTU:1500
Metric:1
RX packets:481325 errors:0 dropped:0 overruns:0
TX packets:259 errors:0 dropped:0 overruns:0