PPT

1,034 views

Published on

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
1,034
On SlideShare
0
From Embeds
0
Number of Embeds
4
Actions
Shares
0
Downloads
8
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

PPT

  1. 1. UNIX Networking CSCI N321 – System and Network Administration Copyright © 2000, 2005 by Scott Orr and the Trustees of Indiana University
  2. 2. Section Overview <ul><li>TCP/IP Basics </li></ul><ul><li>TCP/IP Configuration </li></ul><ul><li>TCP/IP Network Testing </li></ul><ul><li>Dynamic Host Config Protocol (DHCP) </li></ul><ul><li>Wireless Networking </li></ul>
  3. 3. References <ul><li>CQU 85321 System Administration Course </li></ul><ul><li>Textbook </li></ul><ul><li>Chapter 15 </li></ul><ul><li>Lectures </li></ul><ul><li>2002 #15 </li></ul>
  4. 4. TCP/IP Protocol Stack Physical Layer (media) Link Layer (Device Drivers) Network Layer (IP) Transport Layer (TCP,UDP) Application (FTP, HTTP, DNS)
  5. 5. TCP/IP Packet Encapsulation E IP T/U UTP/PSTN Ethernet/PPP IP TCP/UDP Service Data Data T/U Data IP T/U Data E
  6. 6. Connecting to a Network <ul><li>Hostname and IP Address assignment </li></ul><ul><li>Configuration of hardware </li></ul><ul><li>Default route (gateway) assignment </li></ul><ul><li>Name Service Configuration </li></ul><ul><li>Testing and troubleshooting </li></ul>
  7. 7. Hostnames <ul><li>Uniquely identifies each system </li></ul><ul><li>Fully Qualified Domain Name </li></ul><ul><ul><li>hostname.site.domain[.country] </li></ul></ul><ul><ul><li>Country: 2 letter identifier for country </li></ul></ul><ul><ul><li>Domain: Type of site (edu, com, org) </li></ul></ul><ul><ul><li>Site: Unique name of organization </li></ul></ul><ul><ul><li>Hostname: Unique name of system </li></ul></ul><ul><li>hostname : Display or set system name </li></ul>
  8. 8. IP Addresses <ul><li>Unique for each connection (interface) </li></ul><ul><li>Consists of 4 octets (#.#.#.#) </li></ul><ul><ul><li>Network portion </li></ul></ul><ul><ul><li>Host portion </li></ul></ul><ul><li>Special Addresses </li></ul><ul><ul><li>Network Address </li></ul></ul><ul><ul><li>Broadcast Address </li></ul></ul>
  9. 9. IP Address Classes (Experimental) - 240 – 254 E (Multicast) - 224 – 239 D 254 N.N.N.H 192 – 239 C 64 Thousand N.N.H.H 128 – 191 B 16 Million N.H.H.H 0 – 126 A Total Hosts Format 1 st Byte Class
  10. 10. Subnet Masks <ul><li>Splits networks into subnetworks </li></ul><ul><li>Separates address into 2 parts </li></ul><ul><ul><li>1’s – Network Portion </li></ul></ul><ul><ul><li>0’s – Host Portion </li></ul></ul><ul><li>Example: Class C Network </li></ul><ul><ul><li>Address: N.N.N.H </li></ul></ul><ul><ul><li>Mask: 255.255.255.0 (255 = 11111111) </li></ul></ul><ul><ul><li>CIDR Notation: N.N.N.H/24 </li></ul></ul>
  11. 11. Interface Configuration <ul><li>Hardware to connect to network </li></ul><ul><li>Common interfaces </li></ul><ul><ul><li>Ethernet </li></ul></ul><ul><ul><li>Modem </li></ul></ul><ul><li>Loopback ( lo ) Interface </li></ul><ul><li>ifconfig – View/Configure interface </li></ul>
  12. 12. Ethernet Addressing <ul><li>Assigned by manufacturer (hardware) </li></ul><ul><li>Must be absolutely unique </li></ul><ul><li>Address format </li></ul><ul><ul><li>6 octets in hex (#:#:#:#:#:#) </li></ul></ul><ul><ul><li>First 3 octets: Manufacturer Identifier </li></ul></ul><ul><ul><li>Last 3 octets: Card serial number </li></ul></ul><ul><li>Used for local network communication </li></ul>
  13. 13. <ul><li>Translates IP addresses to Ethernet (MAC) addresses </li></ul>Address Resolution Protocol <ul><li>Translates IP addresses to Ethernet (MAC) addresses </li></ul>Who is 10.0.0.3? 10.0.0.1 10.0.0.2 10.0.0.3 10.0.0.4 I am (1:2:3:7:8:9) <ul><li>arp –a : View the cache </li></ul>
  14. 14. <ul><li>Connects Networks together </li></ul><ul><li>If destination not on local network, packets sent through gateway </li></ul>Default Gateways <ul><li>route : Display/configure routing </li></ul>
  15. 15. RedHat Network Files <ul><li>/etc/sysconfig/network </li></ul><ul><ul><li>HOSTNAME </li></ul></ul><ul><li>/etc/sysconfig/network-scripts/ ifcfg-[interface] </li></ul><ul><ul><li>BOOTPROTO ONBOOT </li></ul></ul><ul><ul><li>IPADDR GATEWAY </li></ul></ul><ul><ul><li>USERCTL NETMASK </li></ul></ul><ul><ul><li>NETWORK BROADCAST </li></ul></ul><ul><li>ifup/ifdown [interface] </li></ul>
  16. 16. Name Services <ul><li>/etc/hosts </li></ul><ul><ul><li>Local configuration </li></ul></ul><ul><ul><li>Localhost – 127.0.0.1 </li></ul></ul><ul><li>/etc/resolv.conf </li></ul><ul><ul><li>Domain Name Service (DNS) lookup </li></ul></ul><ul><ul><li>search : domains to search if not FQDN </li></ul></ul><ul><ul><li>nameserver (3): Nameservers to consult </li></ul></ul><ul><li>/etc/nsswitch.conf </li></ul>
  17. 17. DNS Name Resolution 1 2 3 4 5 6 7 8 host.domain.com dns.domain.com dns.iupui.edu dns.cs.iupui.edu Root Server Non-Recursive Recursive
  18. 18. Network Testing <ul><li>Localhost reachability </li></ul><ul><li>Hostname reachability </li></ul><ul><li>Local network reachability </li></ul><ul><li>Internet network reachability </li></ul><ul><li>DNS resolution </li></ul>
  19. 19. Network tools <ul><li>ping – Reachability test </li></ul><ul><li>traceroute – Routing performance </li></ul><ul><li>netstat – Network performance stats </li></ul><ul><li>tcpdump – Packet sniffing </li></ul><ul><li>nslookup/dig – DNS Queries </li></ul><ul><li>Configuration tools (already discussed) </li></ul>
  20. 20. Dynamic Host Config Protocol <ul><li>Client broadcasts a request for an IP address and network information </li></ul><ul><li>Server leases address to client </li></ul><ul><li>Lease must be renewed periodically </li></ul><ul><li>Easy to make global network changes </li></ul><ul><li>Linux: BOOTPROTO=dhcp </li></ul>
  21. 21. Wireless Networks <ul><li>Extend the network </li></ul><ul><li>Included in many devices now </li></ul><ul><ul><li>Laptops </li></ul></ul><ul><ul><li>PDAs </li></ul></ul><ul><ul><li>DSL/Cable Modems </li></ul></ul><ul><li>Bandwidth (YMMV!) </li></ul><ul><ul><li>802.11b – 11 Mbps </li></ul></ul><ul><ul><li>802.11g – 54 Mbps </li></ul></ul><ul><li>Set Service Identifier (SSID) </li></ul><ul><ul><li>Shared “key” between clients and Access Point (AP) </li></ul></ul><ul><ul><li>Automatically detected vs. assigned </li></ul></ul>
  22. 22. Wireless Security Issues <ul><li>Sniffing / War Driving </li></ul><ul><li>Bandwidth stealing </li></ul><ul><li>Access to private resources </li></ul><ul><li>Security Measures </li></ul><ul><ul><li>Non-broadcasting SSIDs </li></ul></ul><ul><ul><li>MAC Access Control Lists (ACLs) </li></ul></ul><ul><ul><li>WEP? </li></ul></ul>
  23. 23. RedHat ifcfg- Additions <ul><li>TYPE=Wireless </li></ul><ul><li>ESSID=[ssid name] </li></ul><ul><li>CHANNEL=[1-11] </li></ul><ul><li>MODE=[Auto|Managed|Ad-hoc] </li></ul><ul><li>Can set manually with /sbin/iwconfig </li></ul>
  24. 24. Virtual Private Networks Virtual Private Network VPN Server Application Server Internet
  25. 25. Point to Point Tunneling Protocol <ul><li>Based on </li></ul><ul><ul><li>Point to Point Protocol (PPP) </li></ul></ul><ul><ul><li>Generic Routing Encapsulation (GRE) </li></ul></ul>IP Hdr GRE Hdr Encrypted GRE Body PPP Data TCP IP <ul><li>Weaknesses </li></ul><ul><ul><li>Poor Encryption </li></ul></ul><ul><ul><li>Session handshaking done in clear </li></ul></ul>
  26. 26. IPSec <ul><li>Part of IPv6 Spec </li></ul><ul><li>Authentication Header (AH) </li></ul>IPv4 Hdr Auth Hdr TCP/UDP Hdr & Data <ul><li>Encapsulating Security Payload (ESP) </li></ul>IPv4 Hdr ESP Hdr Encrypted Payload Data TCP Hdr ESP Auth ESP Tlr <ul><li>Modes: Transport and Tunnel </li></ul>

×