Download Linux+ Guide to Linux Certification

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
page
15
page
16
page
17
page
18
page
19
page
20
page
21
page
22
page
23
page
24
page
25
page
26
page
27
page
28
page
29
page
30
page
31
page
32
page
33
page
34
page
35
page
36
page
37
page
38
page
39
page
40
page
41
page
42
page
43
page
44
page
45
page
46
page
47
page
48
page
49
page
50
page
51
page
52
page
53
page
54
page
55
page
56
Document related concepts

Internet protocol suite wikipedia , lookup

Net bias wikipedia , lookup

Distributed firewall wikipedia , lookup

Deep packet inspection wikipedia , lookup

Network tap wikipedia , lookup

Computer network wikipedia , lookup

Recursive InterNetwork Architecture (RINA) wikipedia , lookup

Wake-on-LAN wikipedia , lookup

Airborne Networking wikipedia , lookup

Piggybacking (Internet access) wikipedia , lookup

List of wireless community networks by region wikipedia , lookup

Cracking of wireless networks wikipedia , lookup

Zero-configuration networking wikipedia , lookup

Transcript 
Week 12
Network Configuration
Objectives
Describe the purpose and types of
networks, protocols, and media access
methods
 Explain the basic configuration of
TCP/IP
 Configure a Network interface to use
TCP/IP
 Configure a modem, ISDN, and DSL
interface

Linux+ Guide to Linux Certification, 3e
2
Objectives (continued)
Describe the purpose of host names and
how they are resolved to IP addresses
 Configure TCP/IP routing
 Identify common network services
 Use command-line and graphical utilities
to perform remote administration

Linux+ Guide to Linux Certification, 3e
3
Networks
Network: two or more computers joined via
media and able to exchange information
 Local area networks (LANs): connect
computers within close proximity

 e.g., used to allow connection to shared
resources

Wide area networks (WANs): connect
computers separated by large distances
 e.g., used to connect to Internet Service
Provider

Internet service provider (ISP): company
providing Internet access
Linux+ Guide to Linux Certification, 3e
4
Networks (continued)
Routers: computers capable of
transferring information between
networks
 Protocol: set of rules for communication
between networked computers
 Packets: packages of data formatted by
a network protocol

 Packets can be recognized by routers and
other network devices
Linux+ Guide to Linux Certification, 3e
5
Networks (continued)

Linux network protocols:
 TCP/IP (Transfer Control Protocol/Internet





Protocol)
UDP/IP (User Datagram Protocol/Internet
Protocol)
IPX/SPX (Internetwork Packet
Exchange/Sequence Packet Exchange)
AppleTalk
DLC (Data Link Control)
DECnet (Digital Equipment Corporation
network)
Linux+ Guide to Linux Certification, 3e
6
Networks (continued)

Media access method: defines how
networked computers share access to the
physical medium
 Contained within the hardware on NIC or
modem

Ethernet: most common network media
access method
 Ensures that packets are retransmitted onto the
network if a network error occurs

Token ring: popular media access method
 Controls which computer has the ability to
transmit information
Linux+ Guide to Linux Certification, 3e
7
The TCP/IP Protocol

Set of protocols with two core
components
 TCP: ensures that packets are assembled in
the correct order, regardless of arrival order
 IP: responsible for labeling each packet with
destination address

Together, TCP and IP ensure that
information packets travel across the
network as quickly as possible without
getting lost
Linux+ Guide to Linux Certification, 3e
8
IPv4 Addresses

IP address: unique number that
identifies a networked computer
 Octet: series of four 8-bit numbers
○ Common format of IPv4 addresses

Unicast: directed TCP/IP communication
from one computer to another single
computer
Linux+ Guide to Linux Certification, 3e
9
IPv4 Addresses (continued)

IPv4 addresses composed of two parts
 Network ID: network on which a computer is
located
 Host ID: single computer on that network
○ Two computers with different network IDs can
have the same host ID

Only computers with same network ID
can communicate without a router
Linux+ Guide to Linux Certification, 3e
10
Subnet Masks

Define which part of IP address is the
network ID and which part is the host ID
 Series of four octets
 Octet in subnet mask containing 255 is part
of network ID
 Octet in subnet mask containing 0 is part of
host ID

ANDing: calculate network and host IDs
from an IP address and subnet mask
 Compare binary bits
Linux+ Guide to Linux Certification, 3e
11
Subnet Masks (continued)
Figure 12-1: A sample IP address and subnet mask
Linux+ Guide to Linux Certification, 3e
12
Subnet Masks (continued)
0.0.0.0 = all networks
 255.255.255.255 = all computers on all
networks
 255 in an IP address can specify many
hosts

 Broadcast addresses
Linux+ Guide to Linux Certification, 3e
13
Default Gateway
IP address of network interface on a
router, to which you send packets
 Routers can distinguish between
different networks

 Move packets between them
 Have assigned IP addresses on each
attached network
Linux+ Guide to Linux Certification, 3e
14
IPv4 Classes and Subnetting

IP address class defines default subnet
mask of associated device
 All IP address classes can be identified by first
octet
 Class A: 8 bits for network ID, 24 bits for host ID
○ Assigned to very large companies
 Class B: 16 bits for network ID, 16 bits for host
ID
○ Assigned to larger organizations with several
thousand users
 Class C: 24 bits for network ID, 16 bits for host
ID
○ Used for small and home networks
Linux+ Guide to Linux Certification, 3e
15
IPv4 Classes and Subnetting

Multicast: TCP/IP communication
destined for a certain group of
computers
 Class D addresses

Subnetting: divide a large network into
smaller networks
 Control traffic flow
 Take bits from host ID; give to network ID
Linux+ Guide to Linux Certification, 3e
16
IPv4 Classes and Subnetting
(continued)
Table 12-1: IP address classes
Linux+ Guide to Linux Certification, 3e
17
The IPv6 Protocol
Number of IP addresses using IPv4 is
unsuitable for Internet growth
 IPv6 protocol: uses 128 bits to identify
computers

 Addresses written using eight 16-bit
hexadecimal numbers

IPv6 address contains two portions
 First half assigned by ISP and identifies network
 Last half is link local portion: used to uniquely
identify computers in a LAN
Linux+ Guide to Linux Certification, 3e
18
The IPv6 Protocol (continued)

Few networks have adopted IPv6
 Proxy servers and NAT routers: computers
or hardware devices that have an IP address
and access to a network
○ Used by other computers to obtain network
resources on their behalf
○ Allows computers behind different NAT routers
or proxy servers to have the same IPv4
address
Linux+ Guide to Linux Certification, 3e
19
Configuring a Network Interface


If NIC detected during installation, Fedora
Linux automatically configures appropriate
driver
insmod and modprobe commands: used to
load kernel objects into the Linux kernel
 Can be used to load NIC drivers



lsmod command: displays a list of currently
loaded modules
rmmod command: removes module from
kernel
Most modules loaded from dist.conf file in the
/etc/modprobe.d directory
Linux+ Guide to Linux Certification, 3e
20
Configuring a Network Interface
(continued)

ifconfig command: assign TCP/IP
configuration to a NIC
 Also used without any arguments to view
configuration of all network interfaces in
computer
dhclient command: receive TCP/IP
configuration from DHCP or Boot Protocol
(BOOTP) server
 Automatic private IP addressing (APIPA):
automatic assignment of IP address in the
absence of BHCP and BOOTP

Linux+ Guide to Linux Certification, 3e
21
Configuring a Network Interface
(continued)

/etc/sysconfig/network-scripts/ifcfginterface file: Stores NIC configurations
 Allows the system to activate and configure
TCP/IP information at each boot time
ifdown command: unconfigures a NIC
ifup command: configures NIC using
/etc/sysconfig/network-scripts/ifcfginterface file
 ping (Packet Internet Groper)
command: Check TCP/IP connectivity on a
network


-c option: limit the number of ping packets sent
Linux+ Guide to Linux Certification, 3e
22
Configuring a Network Interface
(continued)
Figure 12-2: Configuring network interfaces
Linux+ Guide to Linux Certification, 3e
23
Configuring a Network Interface
(continued)
Figure 12-3: Configuring TCP/IP information for a network interface
Linux+ Guide to Linux Certification, 3e
24
Configuring a Network Interface
(continued)
Mobile commuters typically connect to
many different NICs, both wired and
wireless
 Network Manager daemon: allows users
to quickly connect to wired and wireless
networks from desktop environments

Linux+ Guide to Linux Certification, 3e
25
Configuring a PPP Interface
Run TCP/IP over serial lines using a
WAN protocol
 Three common Point-to-Point Protocol
(PPP) connection technologies:

 Modems
 ISDN
 DSL
Linux+ Guide to Linux Certification, 3e
26
Configuring a PPP Interface
(continued)

Modems: send TCP/IP information
across normal telephone lines
 Considered slow
 Transmit information on a serial port
ISDN: set of standards designed to
transmit data over copper telephone
lines
 DSL: connects to Ethernet NIC and
transmits data across normal telephone
lines

Linux+ Guide to Linux Certification, 3e
27
Configuring a PPP Interface
(continued)

Normally configured manually after
Linux installation is complete
 Requires:
○ Support for PPP compiled into kernel
○ PPP daemon
○ Supporting utilities such as chat program

Can use graphical programs to
configure files and utilities to allow PPP
communication
Linux+ Guide to Linux Certification, 3e
28
Configuring a PPP Interface
(continued)
Figure 12-5: Adding a network interface
Linux+ Guide to Linux Certification, 3e
29
Configuring a PPP Interface
(continued)

Information about PPP devices stored in
files named ifcfgInternetServiceProviderName
 Located in /etc/sysconfig/network-scripts
directory
Other configurations used by PPP daemon
stored in /etc/ppp and /etc/isdn directories
 Incorrect passwords are the most common
problem with PPP connections
 Need to activate PPP device after
configuration

Linux+ Guide to Linux Certification, 3e
30
Name Resolution





Hostnames: user-friendly computer name
Fully qualified domain name (FQDN):
hostname following DNS convention
DNS: hierarchical namespace for host
names
whois command: used to obtain
registration information about a domain
within a name space
hostname command: view or set a
computer’s host name
Linux+ Guide to Linux Certification, 3e
31
Name Resolution (continued)
Figure 12-6: The domain name space
Linux+ Guide to Linux Certification, 3e
32
Name Resolution (continued)

TCP/IP cannot identify computers via
hostnames
 Must map hostnames to IP addresses
○ Can be done by placing entries in the /etc/hosts
file

ISPs list FQDNs in DNS servers on Internet
 Applications request IP addresses associated
with a specific FQDN
 Configure by specifying the IP address of the
DNS server in /etc/resolv.conf file
Linux+ Guide to Linux Certification, 3e
33
Routing
Route table: list of TCP/IP networks
stored in system memory
 route command: displays the route
table
 Multihomed hosts: computers with
multiple network interfaces
 IP forwarding: forwarding packets from
one interface to another

 Also known as routing
Linux+ Guide to Linux Certification, 3e
34
Routing (continued)

Enabling routing:
 Place number 1 in:
○ /proc/sys/net/ipv4/ip_forward for IPv4
○ /proc/sys/net/ipv6/conf/all/forwarding for IPv6

To enable routing at every boot:
 Edit the /etc/sysctl.conf file to include:
○ “net.ipv4.ip_forward = 1” for IPv4
○ “net.ipv6.conf.default.forwarding = 1” for IPv6
Linux+ Guide to Linux Certification, 3e
35
Routing (continued)

Large networks may have several routers
 Packet may travel through several routers
 May require adding entries in the router table
route add <route> command: add
entries to route table
 route del <route> command: remove
entries from route table
 ip command: can be used to manipulate
the route table

Linux+ Guide to Linux Certification, 3e
36
Routing (continued)
Figure 12-7: A sample routed network
Linux+ Guide to Linux Certification, 3e
37
Routing (continued)

Contents of route table lost when computer
powered off
 Add to /etc/rc.d/rc.local file

Most routers configured with a default
gateway
 For packets addressed to destinations not in
route table

traceroute command: troubleshoot
routing
 Displays routers between current and remote
computer
Linux+ Guide to Linux Certification, 3e
38
Network Services
Must identify types and features of
network services before they can be
configured
 Network services: processes that
provide some type of valuable service
for client computers on network

 Often presented by daemon processes that
listen to certain requests
○ Daemons identify packets to which they
should respond using a port number
Linux+ Guide to Linux Certification, 3e
39
Network Services (continued)

Port: number uniquely identifying a
network service
 Ensure that packets delivered to proper
service
 Range from 0 to 65534
/etc/services file: lists ports and
associated protocol
 Well-known port: ports from 0 to 1023

 Represent commonly used services
Linux+ Guide to Linux Certification, 3e
40
Network Services (continued)
Table 12-2: Common well-known ports
Linux+ Guide to Linux Certification, 3e
41
Network Services (continued)
Internet super daemon (xinetd):
initializes appropriate daemon to provide
needed network service
 Stand-alone daemons: daemons that
provide network services directly

 Log information themselves to
subdirectories under /var/log
 chkconfig command or ntsysv utility can
be used to configure most stand-alone
daemons to start in various runlevels
Linux+ Guide to Linux Certification, 3e
42
Network Services (continued)
Figure 12-8: Interacting with network services
Linux+ Guide to Linux Certification, 3e
43
Network Services (continued)
Table 12-3: Common network services
Linux+ Guide to Linux Certification, 3e
44
Network Services (continued)
Table 12-3 (continued): Common network services
Linux+ Guide to Linux Certification, 3e
45
Network Services (continued)
Table 12-3 (continued): Common network services
Linux+ Guide to Linux Certification, 3e
46
Remote Administration: Telnet

telnet command: traditionally used to
obtain a command-line shell on remote
server
 Receives host name or IP address of remote
computer as argument
 Easiest way to perform remote
administration
Need to install telnet daemon using yum
command
 Use regular commands and exit to kill
remote BASH shell

Linux+ Guide to Linux Certification, 3e
47
Remote Commands

Remote commands: set of commands
that can be used to execute commands
on remote systems
 yum install rsh-server
rlogin command: obtains a shell from
remote computer on network
 rcp command: copies files between
computers
 rsh command: used to execute a
command on a remote computer

Linux+ Guide to Linux Certification, 3e
48
Remote Commands (continued)
r commands allow access to remote
computers without a password, if remote
computer has trusted access
 Trusted access: computers allowed to
access a computer without providing a
password

 Does not apply to root user
 Methods of setting up:
○ Add host names of computers to /etc/hosts.equiv
○ Create and .rhosts file in the home directory of
each user who should get trusted access
Linux+ Guide to Linux Certification, 3e
49
Secure Shell (SSH)

Secure Shell (SSH): encrypts information
passing between computers
 Secure replacement for r commands

ssh command: connects to a remote
computer running ssh daemon
 Receives host name or IP address of target
computer as argument
 Accept RSA encryption fingerprint for target
computer
 Can be used to transfer files between computers
Linux+ Guide to Linux Certification, 3e
50
Secure Shell (SSH) (continued)

Main types of encryption supported by
ssh daemon:
 Triple Data Encryption Standard (3DES)
 Advanced Encryption Standard (AES)
 Blowfish
 Carlisle Adams Stafford Tavares (CAST)
 ARCfour
Linux+ Guide to Linux Certification, 3e
51
Remote X Windows

X Windows is a network application
 Can be used to obtain graphical utilities from
remote Linux computer

To obtain graphical utilities using X
Windows:
 Edit /etc/gdm/custom.conf
 Use xhost + command within a graphical
terminal to allow other computers to write X
Windows clients on your computer
 Connect to remote computer with telnet or
ssh, and export DISPLAY variable of the local
computer
Linux+ Guide to Linux Certification, 3e
52
Virtual Network Computing (VNC)





Graphical option for administering Linux remotely
Other computers run VNC client that connects to
VNC server daemon installed on local computer to
obtain a desktop environment
Remote FrameBuffer (RFB): platform-independent
protocol used to transfer graphics, mouse
movements and keystrokes across network
vncpasswd command: used to configure password
for VNC connection
vncviewer command: connects to VNC server
Linux+ Guide to Linux Certification, 3e
53
Summary
A network is a collection of connected
computers that share information
 A protocol is a set of rules that defines the
format of information that is transmitted
across a network
 Each computer on a TCP/IP network must
have a valid IPv4 or IPv6 address
 The IPv4 configuration of a network
interface can be specified manually,
obtained automatically from a DHCP or
BOOTP server, or autoconfigured by the
system

Linux+ Guide to Linux Certification, 3e
54
Summary (continued)




The IPv6 configuration of a network interface can
be obtained from a router using ICMPv6, from a
DHCP server, or autoconfigured by the system
The /etc/sysconfig/network-scripts directory
contains the configuration for NIC and PPP
interfaces
Host names are computer names that are easy for
humans to remember; host names that follow the
DNS are FQDNs
Host names must be resolved to an IP address
before network communication can take place
Linux+ Guide to Linux Certification, 3e
55
Summary (continued)
Routers are devices that forward TCP/IP
packets from one network to another; each
computer and router has a route table used
to determine how TCP/IP packets are
forwarded
 Network services are started by the
Internet Super Daemon or by stand-alone
daemons
 There are many ways to remotely
administer a Linux system, including the
telnet, rsh, rcp, rlogin, and ssh
commands, X Windows and VNC

Linux+ Guide to Linux Certification, 3e
56
Related documents
ETC212 Linux Operating Systems and Mobile Devices 3 Credits
ETC212 Linux Operating Systems and Mobile Devices 3 Credits
Ch 5 Quick Quiz
Ch 5 Quick Quiz
Abet stuff Goals
Abet stuff Goals
DEREE COLLEGE SYLLABUS FOR: ITC 2293 OPERATING
DEREE COLLEGE SYLLABUS FOR: ITC 2293 OPERATING
Review Exercise 2
Review Exercise 2
Operating Systems Autumn 2003
Operating Systems Autumn 2003
Setup Networking in Linux over VMware
Setup Networking in Linux over VMware
操作系统
操作系统
Operating System Research Worksheet
Operating System Research Worksheet
MCS 022 Term-End Examination June, 2014
MCS 022 Term-End Examination June, 2014