Download TCP/IP and Networking

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
page
15
page
16
page
17
page
18
page
19
page
20
page
21
page
22
page
23
page
24
page
25
page
26
page
27
page
28
page
29
page
30
page
31
Document related concepts

Server Message Block wikipedia , lookup

AppleTalk wikipedia , lookup

Airborne Networking wikipedia , lookup

Recursive InterNetwork Architecture (RINA) wikipedia , lookup

Wake-on-LAN wikipedia , lookup

Cracking of wireless networks wikipedia , lookup

Zero-configuration networking wikipedia , lookup

Transcript 
Tonga Institute of Higher Education
The Linux Operating System
Lecture 4:
TCP/IP, Networking and
Networked Services
Networking
●
●
●
Since Linux was built for the Internet and networking, it
works extremely well as a computer connected to other
computers
Entire books have been written about Linux
Networking with TCP/IP so we will try to cover just the
basics, enough to get your computer on the internet
and working with other computers.
The first thing to know about is TCP/IP. This is the
protocol that all applications that use networking will
use. It's the way data is sent over a network. The idea
behind TCP/IP is to send data broken up into little
packets. These packets then are sent out into the
network. If one is lost or gets corrupted, it is easy to
resend them.
Networking Review
●
●
●
If everything is built on TCP/IP that means that all
computers will follow the same protocol for sending and
getting data over a network.
The specifics of these protocols require that each
computer on a network have an IP address, which is a
number that looks something like (192.168.0.1). Four
number that go from 0-255 with dots in between. This
is how other computers can find each over a network,
by using an IP address.
There are two ways to get an IP address. You can
either use a static IP address or a dynamic IP address.
Static means that you put in the IP number yourself.
Dynamic means that you will get your IP address from
a server (this is also called DHCP)
Networking Review
●
●
After you have an IP address, your IP address will
connect to the address that is built into your ethernet
card (called a MAC address). So when other computers
send data to an IP address it will find the right ethernet
card to send it to.
After awhile, people got tired of always typing in IP
numbers, so they made names, called domain names,
that made it easier for people to remember how to
access computers. For awhile, these lists of IP numbers
and their domain names were just kept in a regular file,
but when the Internet started to grow very fast, people
needed a faster way to lookup IP and domain names,
so they invented DNS (domain name service) which is a
program that looks up IP address and their domain
names.
Networking Review
●
●
●
So once a computer is on a network with an IP address
it will want to connect to other computers using things
like a webserver or FTP server or telnet server.
A computer will run these programs (like a telnet server
or webserver) and they will sit on a computer and wait
until another computer tries to connect to it.
Because most computers only have one ethernet card
and one IP address, people needed a way for many
programs to be available over the network at the same
time, so they made these things called 'ports'. Ports are
like places for different programs to listen on. So when
you send data to a computer, you have to tell it what IP
address and what port to send the data to. A computer
can have thousands of different ports
Networking Review
●
●
●
So the port for a webserver is usually port 80. That
means when you go to a webpage, you are sending
data that says 'give me this webpage' to some IP
address to port 80. Ports allow many networked
services run on a computer at the same time.
Most computers will usually have quite a few
services running that have opened different ports
on a computer
Network services on a Linux computer will act just
like the services in the /etc/init.d folder, except
there is a more sophisticated way to control them
Networking in Linux
●
●
To connect to a network, we'll just be talking
about ethernet, as it is the most common
form of a network today.
In Linux, the ethernet card is described as
eth0. The zero is because it will be for the
first ethernet card. If you have another one
installed, it will be called eth1. So whenever
you eth0 it means the first ethernet card and
the way that you are connecting to the
network
Configuration files
●
/etc/resolv.conf - resolver configuration file
–
–
–
–
●
domain domain.com – your domain name
search name-of-domain.com - Name of your
domain or ISP's domain if using their name server
nameserver XXX.XXX.XXX.XXX - IP address of
primary name server
nameserver XXX.XXX.XXX.XXX - IP address of
secondary name server
This configures Linux so that it knows which DNS
server will be resolving domain names into IP
addresses. If using DHCP is used, this will automatically
be sent to you by the ISP and loaded into this file as
part of the DHCP protocol. If using a static IP address,
then you'll have to fill it in yourself
Changing network files
●
●
Like everything else in Linux, network
settings are determined by values that are
stored in different files on the system. You
can either edit these files directly, or use
different configuration programs to help you
out. One configuration program is 'netconfig'.
There are also other ones that you can find
when you login to the graphical Linux
So we can better understand how
networking is all set up, we'll look at how the
files are made and how we can edit them to
change values.
Configuration Files
●
●
●
●
/etc/hosts - locally resolve node names to IP
addresses
– 127.0.0.1
localhost hostname
– XXX.XXX.XXX.XXX
different-hostname
This file will keep a list of host-name to IP address
matching. So if you look up a hostname, it will check
this file to see if the correct IP address is in it.
This was used before DNS was invented. It will still
serve a lot of purposes though where DNS is not used
or if your server is not running a DNS server.
Note that your computer can have as many names as
you want. Just make sure you use the same IP and put
in different names. Your computer will then respond to
all the names you call it.
Setting your IP address
●
●
●
●
The easy way to change your IP address is to use
one of the configuration programs that come with
the distribution. To change it the difficult way
though we'll use the command line
The command 'ifconfig' will tell you all about your
networking currently, but it will also let you reset
your IP address.
ifconfig eth0 192.168.0.4 netmask
255.255.255.0 broadcast 192.168.0.255
The first option, 'eth0' says this is for the first
ethernet card. The next is the IP address you are
assigning to that ethernet card. The next two fields
are the netmask and broadcast
Netmask and Broadcast
●
●
●
The netmask number, which usually looks like 255.255.255.0,
is used to determine whether a message goes to a machine
that is on the same subnet as the machine that sends the
message. This means that if all your computers on your
network start with 192.168.0.x, where x changes (from 0255), then your netmask will be 255.255.255.0 because
messages will only get sent to the last part of the network
number.
A broadcast number is used to talk to all computers or hosts
on your LAN at the same time
The function of the broadcast IP number is to make sure that
all hosts that are supposed to be listening are and that the
broadcast is not passed to the entire Internet creating havoc.
The broadcast number for the number 129.100.27.44 would
be 129.100.27.255, allowing the broadcast to reach all the
hosts on net 27 but no other nets.
Changing the hostname
●
●
●
●
When you did the install of the system, you were
asked for what the hostname of the computer
would be. If you wanted to change this name now,
you can use the command 'hostname', like
– [root@comp root]# hostname new-name
Then you would open the file
/etc/sysconfig/network where a few network
setting are saved and change the field that says
hostname to your new name.
You also have to make sure you /etc/hosts file is
changed and updated with your new hostname
The next time you restart your computer the new
hostname will take effect
Making your Linux computer into a router
●
●
You can even use Linux to act as a router for
you, forwarding all the requests on a
network into the Internet for example
To set this, use the following command
–
●
●
echo 1 > /proc/sys/net/ipv4/ip_forward
This will turn on forwarding in the system
and other computers will now be able to use
the Linux computer as a router
The command echo will output '1' into the
file called ip_forward. That means it will
enable it.
Programs to look at your network
●
●
●
●
There are a lot of programs that will help you understand
what is happening in your network. We'll go over a few of
them
Turn on networking on your computer (in case you made a
change)
– [root@comp root]# service network start
Show the IP routing table (the path that packets will take
on their destination)
– [root@comp root]# route -e
# netstat - Display connections, routing tables, stats etc
–
List externally connected processes: netstat -punta
–
List all connected processes: netstat -nap
–
Show network statistics: netstat -s
Programs to look at your network
●
●
●
●
●
●
ping - send packets to see if a computer is on
– [root@comp root]# ping 192.168.0.1
traceroute - print the route packets take to network host
– [root@comp root]# traceroute google.com
mtr - Like traceroute, except gives more information.
– [root@comp root]# mtr google.com
finger - Display information on a system user.
– [root@comp root]# finger root@localhost
tcpdump – a list of all network traffic
– [root@comp root]# tcpdump
nslookup - Give a host name and it returns the IP address.
– [root@comp root]# nslookup google.com
Networked Services
●
●
●
Just like the services that run during startup from the
/etc/rc.d/ folder, there are networked services that run at
startup and will listen on different ports for incoming
connections
On RedHat these are called xinet.d services, short for
Extended Internet Services Daemon. We control them a little
differently, and they are easier to setup
The network listening daemons listen and respond to all
network socket connections made on the TCP/IP ports
assigned to it. The ports are defined by the file /etc/services.
When a connection is made, the listener will attempt to invoke
the assigned program and pipe the data to it. This simplified
matters by allowing the assigned program to read from stdin
instead of making its own sockets connection. The listener
hadles the network socket connection.
/etc/services
●
●
●
●
/etc/services is the file that contains a list of all
possible programs and the ports that they use.
When data comes in on a specific port it will look
inside this file to find out where it should go and
what service runs to handle that data
One example:
– smtp
25/tcp
mail
This says the services smtp runs on port 25 and
uses the TCP protocol. The last field is an alias,
meaning that another name for that port is mail
Xinet.d
●
●
The extended services (xinet.d) work much like init.d, in
that files will specify which programs start up and which
do not. The file for xinet.d though are all standard. That
means they will all have the same form.
We can control the way these programs operate through
these files, and also through the chkconfig program
To see all services (xinet.d and init.d), use the command
[root@comp root]# chkconfig --list
●
To turn a xinet.d service on or off use
[root@comp root]# chkconfig service on/off
●
xinet.d files
●
The xinet.d files all use the format like below
service service-name
{
attribute assignment-operator value value ...
}
●
Where attribute can be any of the following:
–
disable=yes / no – turn the service on or off
–
socket_type=stream / dgram / raw – tells what type of
protocol it uses
user – will tell the program what user to run the program as
–
Server – the path to the program that will run this service
–
–
–
only_from – allows you to limit who uses this service by IP
address
port – the port that the service will run on
Example xinet.d
service telnet
{
socket_type
= stream
user
= root
server
= /usr/etc/in.telnetd
port
= 23
}
●
So this is the service for telnet.
●
It says the socket type is stream which means it uses tcp/ip
●
It runs as the root user
●
The program that will run the server is at /usr/etc/in.telnetd
●
It uses port 23
xinet.d example
service imap
{
socket_type
= stream
wait
= no
user
= root
server
= /usr/sbin/imapd
log_on_success
+= HOST DURATION
log_on_failure
+= HOST
}
●
●
This is the service for imap (email). It has some new
attributes, like wait, which says if the program uses threads
Log on success will say what to do if the person is
successful in logging in. Same for log on failure.
Service
●
●
●
If you have made changes to a program and just
need to restart the service, it is better to use a
program called “service”
Service will just start, shutdown or restart a
program using the startup scripts
For example, if you made a change to sendmail,
–
●
[root@comp root]# service sendmail restart
Or if you wanted to turn of imap because of a
problem
–
[root@comp root]# service imap stop
ICMP and UDP
●
●
●
●
ICMP is a type of protocol used for sending data
over networks, much like TCP/IP.
It used mostly with pinging a computer and with
tracing routes of packets
UDP is another type of protocol that's used for
sending data. It is not as popular as TCP/IP and it
does not carry as much information as TCP/IP
does.
The difference is that it is connectionless, which
means that it does not require to know if the host
got the message. It just sends data and hope that
it gets the stuff
Living with Windows
●
●
●
A lot of times you'll have a Linux computer
on a network with Windows computers and
you'll want to share files
There has been an effort to make this as
easy as possible and to do it, you use a
program called 'samba' and 'smb' shares.
We will try to cover briefly the steps to set it
up and make it so it will run well enough on
a system
Samba
●
●
●
Most Linux distributions will allow you to
install Samba with the system. You should
always choose to install Samba
Once it is installed, you'll need to change the
configuration file to get it to work with your
network
The file is usually located at
/etc/samba/smb.conf, but if it's not there you
can try a 'locate smb.conf' and it will
find where it is.
Global settings in smb.conf
●
You'll want to look for the lines like this
# workgroup = NT-Domain-Name or Workgroup-Name
workgroup = MYGROUP
# server string is the equivalent of the NT
Description field
server string = Server description
●
●
The workgroup setting will be the domain or the
windows workgroup you will want the computer a
part of
The server-string is the description that will be
displayed to other computers when they are
browsing through the network, so you should make
this something that will stand out
Passwords
●
You'll also want to change the following lines below
; encrypt passwords = yes
; smb passwd file = /etc/samba/smbpasswd
●
●
If you remove the semi-colon before the lines that
will 'uncomment' the lines or turn them on.
What this will do is make the share folder available
to Windows 98 and above. Before Win98, plain text
passwords were used, but after, Windows started
using encrypted passwords, so for SAMBA to work
with newer versions of Windows you should use
encryption. (It's also safer)
Share Definitions
●
Now you need to edit the smb.conf file so that you are
sharing one or more directories.
To give access to users home directories who use the
same username on windows and linux, you'll want to
change the following
[homes]
●
comment = Home Directories
browseable = yes
writable = yes
●
And then you need to make sure you add the user to
your samba password file, which you can do with the
program 'smbpasswd', like
– [root@comp root]# smbpasswd -a user1
Running the daemons
●
●
●
A daemon, in terms of programs, is just a program that runs in
the background. That means you don't see what it is doing.
The samba daemon needs to be running now to make the drives
shareable over Linux
Since it is a service that runs on the computer, you can use the
command we used on the xinet.d services,
–
●
●
[root@comp root]# service smb start
This should start up the daemons that run the samba server and
you should be able to access the Linux share folders you have
made over the network from a Windows computer
If your system was not set up to use Samba as a service though,
you can start the daemons yourself with the following commands
–
–
[root@comp root]# smbd -D
[root@comp root]# nmbd -D
Summary
●
●
●
Linux computers were built to take
advantage of the network, thus it's important
to have an idea about how it works.
Once you have the basic understanding of
network protocols and how Linux deals with
services and daemons, then it is simple to
expand that knowledge to new programs and
services
This section should give you a decent idea of
how to get your computer on a network and
doing some of the things you need.
Related documents
Setup Networking in Linux over VMware
Setup Networking in Linux over VMware
Competencies for ITNW 2413.doc
Competencies for ITNW 2413.doc
ETC212 Linux Operating Systems and Mobile Devices 3 Credits
ETC212 Linux Operating Systems and Mobile Devices 3 Credits
Ch 5 Quick Quiz
Ch 5 Quick Quiz
Abet stuff Goals
Abet stuff Goals
DEREE COLLEGE SYLLABUS FOR: ITC 2293 OPERATING
DEREE COLLEGE SYLLABUS FOR: ITC 2293 OPERATING
Advanced Placement Seminar April 6, 2013 Mt. Dora High School
Advanced Placement Seminar April 6, 2013 Mt. Dora High School
Review Exercise 2
Review Exercise 2
Operating Systems Autumn 2003
Operating Systems Autumn 2003
Operating Systems (OS)
Operating Systems (OS)
操作系统
操作系统
Samba-3 by Example
Samba-3 by Example