Download TGIF: NetDB for Power Users April 11, 2003

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
page
15
page
16
page
17
page
18
page
19
page
20
page
21
page
22
page
23
page
24
Document related concepts

CAN bus wikipedia , lookup

AppleTalk wikipedia , lookup

Wireless security wikipedia , lookup

Wake-on-LAN wikipedia , lookup

Piggybacking (Internet access) wikipedia , lookup

Recursive InterNetwork Architecture (RINA) wikipedia , lookup

IEEE 802.1aq wikipedia , lookup

I²C wikipedia , lookup

Cracking of wireless networks wikipedia , lookup

Dynamic Host Configuration Protocol wikipedia , lookup

Zero-configuration networking wikipedia , lookup

Transcript 
TGIF:
NetDB for Power Users
April 11, 2003
Sunia Yang
[email protected]
Networking Systems
1
Topics
• What's NetDB for
• Help and Report Pages
• Node Configurations
– Wireless, roaming, laptops, etc
• Full and log searches
• Questions
2
Purpose of NetDB- Review
•
•
•
•
Data feed to DNS and DHCP
Node record keeping for LNAs
Network record keeping for Networking
Reports for LNAs and Networking
3
DNS
• External DNS servers = 3As
– argus, avallone, atalante
• Internal DNS servers = 3Cs
– caribou, cassandra, cilantro
• DNS updates every 4 hours except midnight
– 4am, 8am, noon, 4pm, 8pm
• ".Local" domain not resolved externally
– security through obscurity
• ".NoDomain" domain- no DNS resolution
4
DHCP
• Updates every 10 minutes from NetDB
• DHCP logs under SUNet reports
5
Help and Reports
• NetDB help:
– http://www.stanford.edu/group/networking/netdb/help/h
tml/helpnetdb.html
• SUNet reports- generated from NetDB and
"reality"
– http://www.stanford.edu/group/networking/dist/sunet.re
ports
6
Managing Multiple Nets/Depts
• User profile settings
– 3 default settings inherited by new nodes
• group, address space, domain
• "Use Node as Template" or Template Node
– inherits fields:
• dept, location, room, make/model, OS, admin, user,
ip address range, group, domain, custom field name,
expiration date
7
Node Types
•
•
•
•
Simple (default)
Router Node- for NetDB access control
Template node- already discussed
Advanced node- requires extra access
– allows DNS names for IP addresses and
interfaces
– allows multiple names
8
Advanced Node
• DNS preferences on name
– closest name is returned first. i.e., in this order:
• ip address name, interface name, name (random)
• DNS preference on IP addresses
– all addresses returned in random order
– if request from same net, that address returned
first in list
– future option to set preferences in order
9
Advanced node- example
Name1: alpha.stanford.edu
Name2: bravo.stanford.edu
Interface1: charlie.stanford.edu
171.64.20.10 www-judo.stanford.edu
171.64.30.10
Interface2:
171.64.40.10
1. IP for alpha? 171.64.20.10, 171.64.30.10, 171.64.40.10
in random order
2. Name for 171.64.30.10? charlie, (alpha, bravo) random
order for last two
3. Name for 171.64.40.10? alpha and bravo
4. Name for 171.64.20.10? www-judo, charlie, (alpha,
bravo) random order for last two
10
Node Configurations- Laptops
•
•
•
•
Laptop with multiple network cards
Laptop in multiple campus networks
Laptop between dorms and campus nets
Laptop between off-campus and campus
11
Node ConfigurationsConsiderations
• Conserving roaming addresses
– use fixed address whenever possible
• Accountability
– use fixed address, register hardware address
• DHCP lease times
– 2 days for fixed IP, 42 minutes for roaming
• DNS resolution
– if multiple IPs, random list of IPs returned
12
1. Computer with Multiple NICs
• Examples:
– Laptop with docking station
– Laptop with wired and wireless card
• Create node with an interface per NIC
– Separate hardware address with DHCP
– Assign IP per interface (including wireless!)
– Laptop will get appropriate IP associated with
interface
13
1. Computer with multiple NICsExample
Name: mylaptop.stanford.edu
Interface 1:
Hardware address: 0000.0000.1111 DHCP
IP address:
171.64.20.10
Interface 2:
Hardware address: 0000.0000.2222 DHCP
IP address:
171.64.30.20
14
2. Laptop in multiple campus nets
• Two offices: assign two IP addresses with
DHCP to one interface. DHCP will hand
out IP address based on network location
• One office and Stanford DSL: assign as
above. HelpSU request to enable DHCP on
DSL router.
• One office and roaming: assign one IP with
roaming DHCP. DHCP will give fixed IP if
on that net and will give roaming DHCP
address otherwise
15
2. Laptop in multiple campus nets
Example
Name: mylaptop.stanford.edu
Interface1:
Hardware address: 0000.0000.1111 DHCP Roam
IP address1:
171.64.20.10
IP address 2:
171.64.30.10
16
3. Laptop- dorm and campus nets
• Student should register laptop in the dorms
– fees pay for support staff and equipment
• LNA requests access to that record through
HelpSU (by adding group).
• LNA adds IP address to record
• Same if user has Stanford West connection
since fee is involved
17
3. Laptop- dorm and campus nets
Example
Name: shakespeare.stanford.edu
Interface:
Hardware address: 0000.0000.1111 DHCP
IP address 1:
128.12.40.7
IP address 2:
171.64.20.10
Groups:
Residential Computing
English
18
4. Laptop between off-campus &
on-campus
• User only roams on campus (wireless, library)
– Create NetDB record with hardware address
and roaming and no IP address
• User uses other ISP or dial-up at home and
has office on campus
– Create NetDB record with hardware address,
DHCP and fixed IP address
19
Node Power Searches
• How many machines did I register this
year?
• What machines on my network are
supposedly running Solaris?
• What machines were added to my net by
someone else?
20
Log Power Searches
• Who deleted my node?
• Who took my IP address?
21
ipm (IP management)
• Checks "theoretical" info in NetDB with
"real" info from routers
• Routers polled every 4 hours for arp tables
• Printers and local devices may not show up
• /usr/pubsw/sbin/ipm -h
• Only for folks with NetDB accounts
22
ipm examples
• Has this stolen laptop been seen elsewhere
on campus in the last 100 days?
– "ipm mylaptop.stanford.edu"
Result: 171.64.20.10 0000.0000.0001
– "ipm -d 100 0000.0000.0001"
Result: 171.64.20.10, 171.64.30.1
• Machine 171.64.20.10 hacked
– "ipm 171.64.20.10"
Result: 0000.0000.0001
– Look in forwarding (i.e. mac table) on switches for
hardware address
23
Questions?
24
Related documents
Lab 9
Lab 9
How to Use an Alternate TCP/IP Configuration
How to Use an Alternate TCP/IP Configuration
Chapter 1
Chapter 1
Mobile Data Networking
Mobile Data Networking
Recitation_Week3 - FSU Computer Science
Recitation_Week3 - FSU Computer Science
E-Business - Computer Science and Information Systems Technical
E-Business - Computer Science and Information Systems Technical
Remote Access Service
Remote Access Service
Understanding Networking
Understanding Networking
Introduction to Computer Programming Language
Introduction to Computer Programming Language
DOWNLOAD ANDROID MULTI TOOLS V1 02B GSMFORUM
DOWNLOAD ANDROID MULTI TOOLS V1 02B GSMFORUM
Appendix H – Host Self Registration Data Flow
Appendix H – Host Self Registration Data Flow