Download Les 4 – Networking

Les 4 – Networking
The OSI Model




7 Layers
Physical, Data Link, Network, Transport,
Session, Presentation, Application – Layer
A basic tool for troubleshooting
Must know !
TCP/IP




IP provides a solution for sending packets
of information from one machine to
another
TCP is connection-oriented
UDP is connectionless
IPv4 and IPv6
Common connection




Client -> Server
Client uses dynamically chosen source
port
Server listens on dedicated TCP/UDP port
HTTP = 80, HTTPS = 443, DNS =53, FTP
= 23, SSH = 22, SMTP=25, POP3 =110,
IMAP=143, etc ...
Configuration of network
interfaces







Ubuntu configuration is done selecting System->Administration->Networking.
RedHat Linux comes with redhat-config-network, which has both a graphical and a
text mode interface.
Suse's YAST or YAST2 is an all-in-one configuration tool.
Mandrake/Mandriva comes with a Network and Internet Configuration Wizard,
which is preferablE started up from Mandrake's Control Center.
On Gnome systems: gnome-network-preferences.
On KDE systems: knetworkconf.
On debian via /etc/network/interfaces
DHCP vs Static ?



DHCP is the Dynamic Host Configuration
Protocol
Why/when DHCP ?
Why/when Static ?
Domain Name System





Resolve the ip behind a name
How does it effectively work
Udp 53 (common DNS)
Tcp 53 (Zone transfers)
Operates on Layer 4
/etc/hosts
raiden@TBE1ID980168:~$ cat /etc/hosts
127.0.0.1 localhost
127.0.1.1 TBE1ID980168.telindus.intra
# The following lines are desirable for IPv6 capable hosts
::1 ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
ff02::3 ip6-allhosts
192.168.254.252 fwsm
192.168.254.251 asa
192.168.254.253 nexus nexus
192.168.254.254 cat6k
192.168.254.250 obelix
10.0.8.249 sgdportal
/etc/resolv.conf
raiden@TBE1ID980168:~$ cat /etc/resolv.conf
### BEGIN INFO
#
# Modified_by: NetworkManager
# Process:
/usr/bin/NetworkManager
# Process_id: 6806
#
### END INFO
search middle-earth
nameserver 10.10.30.2
nameserver 195.238.2.22
/etc/nsswitch.conf
[bob@tux ~] grep hosts
/etc/nsswitch.conf
hosts: files dns
Networking commands




Ifconfig
Ip addr show
Ip route show
Netstat
Networking test commands





Ifconfig
Ip
Netstat -edap (of -an)
Nslookup
Traceroute (of tracepath)
Proxy server

What is a proxy server ?
Why use it ?
Most common ports or usage via port
8080
Used in almost every company these days
http://proxy.phl.be:8080

export http_proxy=“http://proxy.phl.be:8080”




Remote management




Remote management is mandatory for
decent system administration
RDP on Windows
VNC on Linux for GUI
SSH on Linux for easy console access
SSH



The ssh is a package which (via the
openssh suite) provides secure console
access as secure filetransfer in one
SSH is leightweight and configurable
SSH is configured via /etc/ssh/sshd_config
SSH
raiden@TBE1ID980168:~$ ssh minas-morgul
The authenticity of host 'minas-morgul (10.10.30.4)' can't be established.
RSA key fingerprint is 0b:16:32:81:b9:ef:34:bd:f1:e4:cf:a1:3e:e1:c3:25.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'minas-morgul,10.10.30.4' (RSA) to the list of known
hosts.
raiden@minas-morgul's password:
Linux Minas-Morgul 2.6.18-6-xen-686 #1 SMP Mon Oct 13 20:36:55 UTC 2008 i686
The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.
Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
You have new mail.
Last login: Tue Nov 25 21:20:35 2008 from 10.10.30.1
raiden@Minas-Morgul:~$
Remote control with openssh
Windows clients : SecureCRT, Putty
 Server side : apt-get install openssh-server
