Systems Administration Chapter 16: Networks: The Connection Page 375 Chapter Networks: The Connection Introduction Connecting computers to networks and managing those networks are probably the most important, or at least the most hyped, areas of computing at the moment. This and the following chapter introduce the general concepts associated with TCP/IP- based networks and in particular the knowledge required to connect and use Linux computers to those networks. This chapter examines how you connect a Linux machine and configure it to provide basic network connections and services for other machines. Higher level network applications, such as file sharing and web servers, and how they work and what you can do with them, is the topic for the following chapter. This chapter contains the following topics: · Overview Provides an overview of connecting a Linux machine to a network. · TCP/IP Basics A brief introduction to the fundamentals of TCP/IP networking. · Hardware Quick coverage of the hardware which can be used for networking. · Kernel support · Network configuration Other Resources As you might expect, there is a large amount of information about creating and maintaining TCP/IP networks on the Internet. The following is a small list of some of that material: · HOWTOs Linux Networking-HOWTO describes how to install and configure the Linux networking software and associated tools. Linux Networking Overview HOWTO provides an overview of the networking capabilities of Linux and provides pointers to further information. Multicast over TCP/IP HOWTO, DNS HOWTO covers the configuration of the Domain Name Service on Linux, Ethernet HOWTO, IPX HOWTO covers the installation on Linux of the network protocol used by Novell, IP Masquerade HOWTO, ISP Hookup HOWTO, PLIP Install HOWTO covers how to connect Linux boxes using null parallel cables, PPP HOWTO, Asymmetric Digital Subscriber Loop mini-HOWTO, Bridge mini- HOWTO, Bridge+Firewall mini-HOWTO, Cipe+Masquerading mini-HOWTO, IP Alias mini-HOWTO, IP Subnetworking mini-HOWTO, Leased Line mini- HOWTO, Token Ring mini-HOWTO, VPN mini-HOWTO, Linux Modem Sharing mini-HOWTO. · LDP Guides The Linux Installation and Getting Started Guide’s Chapter 6 covers networking. Systems Administration Chapter 16: Networks: The Connection Page 376 · The major one is the Linux Network Administrators Guide. It was actually published by O'Reilly and Associates (http://www.ora.com/) but is also freely available as part of the Linux Documentation Project. · Linux network project Development on the Linux networking code is an on-going project. The project leader maintains a web site which contains information about the current developments. It's located at http://www.uk.linux.org/NetNews.html · comp.os.linux.networking A newsgroup specifically for discussions about Linux networking. · TCP/IP introduction and administration Documents produced by Rutgers University. Available from ftp://athos.rutgers.edu/runet/ with the filenames tcp-ip-intro and tcp- ip-admin as either Word documents or postscript files. Should also be present on the course website/CD-ROM. · RFC Database RFCs (Request for comments) are the standards documents for the Internet. A web-based interface to the collection of RFCs is available from http://pubweb.nexor.co.uk/public/rfc/index/rfc.html · Linux for an ISP A number of Internet Service Providers from throughout the world use Linux servers. There is a web page which maintains a list of links of interest to these folk. It is available at http://www.anime.net/linuxisp/ Some of the links are dated. The Overview This chapter introduces the process and knowledge for connecting a Linux machine to a TCP/IP network. There are many other types of networking protocols, but TCP/IP is the protocol family on the Internet, so that is the one we concentrate on. Creating a TCP/IP network does not necessarily mean you are connected to the Internet. You can have a TCP/IP network between the two computers you have at home. What you need In order to create some sort of TCP/IP network using Linux, you will need the following: · Networking hardware You will need to make some sort of connection between the machines on your network so they can communicate. Linux supports a wide range of networking hardware. You can only use networking hardware that Linux supports (unless you want to start writing device drivers). · Appropriately configured kernel To use your network hardware, the kernel must contain the appropriate device driver or have access to an appropriate module. The kernel also requires a number of other components which provide necessary low-level support for networking. If you are using some sort of strange hardware, you will need to make sure you have any appropriate kernel modules installed or may even need to recompile the kernel to include support for your hardware. · Network configuration tools These should be already present on most Linux systems, and are used to configure networking. Systems Administration Chapter 16: Networks: The Connection Page 377 · Network applications These are the topic of the next chapter and again, most are supplied with the common Linux distributions. These provide the higher level services such as email, web and file sharing. · Network information This information is necessary to configure your system on the network. It includes your machine’s IP address, the network address, the broadcast and netmask addresses, the router address and the address of your DNS server. What you do To install your Linux box onto a network, you move on up the layers with steps something like the following: · Obtain the appropriate hardware · Connect it to your system · Configure your kernel to recognise the hardware · Configure the network software · Test the connection TCP/IP Basics Before going any further it is necessary to introduce some of the basic concepts related to TCP/IP networks. An understanding of these concepts is essential for the next steps in connecting a Linux machine to a network. If you find the following too confusing or disjointed please refer to some of the other resources mentioned at the start of this chapter. The concepts introduced in the following include: · hostnames Every machine (also known as a host) on the Internet has a name. This section introduces hostnames and related concepts. · IP addresses Each network interface on the network also has a unique IP address. This section discusses IP addresses, the components of an IP address, subnets, network classes and other related issues. · Name resolution Human beings use hostnames while the IP protocols use IP addresses. There must be a way, name resolution, to convert hostnames into IP addresses. This section looks at how this is achieved. · Routing When network packets travel from your computer to a web site in the United States, there are normally a multitude of different paths that packet can take. The decisions about which path it takes are performed by a routing algorithm. This section briefly discusses how routing occurs. Hostnames Most computers on a TCP/IP network are given a name, usually known as a host name (a computer can be known as a host). The hostname is usually a simple name used to uniquely identify a computer within a given site. A fully qualified Internet host name, also known as a fully qualified domain name (FQDN), uses the following format: hostname.site.domain.country Systems Administration Chapter 16: Networks: The Connection Page 378 · hostname A name by which the computer is known. This name must be unique to the site on which the machine is located. · site A short name given to the site (company, University, government department etc) on which the machine resides. · domain Each site belongs to a specific domain. A domain is used to group sites of similar purpose together (Table 16.1 provides some examples). Strictly speaking, a domain name also includes the country code. · country Specifies the actual country in which the machine resides. Table 16.2 provides an example of some country names. You can see a list of the country codes at http://www.bcpl.net/~jspath/isocodes.html For example, the CQU machine jasper's fully qualified name is jasper.cqu.edu.au , where jasper is the hostname, cqu is the site name, the domain is edu and the country is au . Domain Purpose edu Educational institution, university or school com Commercial company gov Government department net Networking companies Table 16.1 Example Internet domains Country code Country nothing or us United States au Australia uk United Kingdom in India ca Canada fr France Table 16.2 Example Country Codes hostname Under Linux, the hostname of a machine is set using the hostname command. Only the root user can set the hostname. Any other user can use the hostname command to view the machine's current name. root@faile david]# hostname faile.cqu.edu.au [root@faile david]# hostname fred [root@faile david]# hostname fred Changes to the hostname performed using the hostname command will not apply after you reboot a Red Hat Linux computer. Red Hat Linux sets the hostname during startup from one of its configuration files, /etc/sysconfig/network. This is the file which is changed by the GUI tools provided with Red Hat. If you wish a change in hostname to be retained after you reboot, you will have to change this file. Systems Administration Chapter 16: Networks: The Connection Page 379 Qualified names jasper.cqu.edu.au is a fully qualified domain name and uniquely identifies the machine jasper on the CQU campus to the entire Internet. There cannot be another machine called jasper at CQU. However there could be another machine called jasper at James Cook University in Townsville (its fully qualified name would be jasper.jcu.edu.au ). A fully qualified name must be unique to the entire Internet. Which implies every hostname on a site should be unique. Not qualified It is not always necessary to specify a fully qualified name. If a user on aldur.cqu.edu.au enters the command telnet jasper, the networking software assumes that because it isn't a fully qualified hostname, the user means the machine jasper on the current site ( cqu.edu.au ). IP/Internet addresses Alpha-numeric names, like hostnames, cannot be handled efficiently by computers, at least not as efficiently as numbers. For this reason, hostnames are only used for us humans. The computers and other equipment involved in TCP/IP networks use numbers to identify hosts on the Internet. These numbers are called IP addresses. This is because it is the Internet Protocol (IP) which provides the addressing scheme. IP addresses are currently 32 bit numbers. IPv6 the next generation of IP uses 128 bit addresses. IP addresses are usually written as four numbers separated by full stops (called dotted decimal form), for example 132.22.42.1 . Since IP addresses are 32 bit numbers, each of the numbers in the dotted decimal form are restricted to between 0-255 (32 bits divided by 4 numbers gives 8 bits per number, and 255 is the biggest number you can represent using 8 bits). This means that 257.33.33.22 is an invalid address. Dotted quad to binary The address 132.22.42.1 in dotted decimal form is actually stored on the computer as 10000100 00010110 00101010 00000001 . Each of the four decimal numbers represents one byte of the final binary number as Figure 16.1 shows: Figure 16.1 Dotted quad to binary The conversion from dotted quad to binary (and back again) is important for some of the following concepts. 10000100 00010110 00101010 00000001 132.22.42.1 Systems Administration Chapter 16: Networks: The Connection Page 380 Networks and hosts An IP address actually consists of the following two parts: · a network portion This is used to identify the network that the machine belongs to. Hosts on the same network will have this portion of the IP address in common. This is one of the reasons why IP masquerading is required for mobile computers (for example laptops). If you move a computer to a different network, you must give it a different IP address which includes the network address of the new network it is connected to. · the host portion This is the part which uniquely identifies the host on the network. Figure 16.2 Hostid and netid of an IP address As Figure 16.2 shows, the network portion of the address forms the high part of the address (the bit that appears on the left hand side of the number). The size of the network and host portions of an IP address is specified by another 32 bit number called the netmask (also known as the subnet mask). To calculate which part of an IP address is the network and which is the host, the IP address and the subnet mask are treated as binary numbers (see example below). Each bit of the subnet mask and the IP address are compared and: · if the bit is set in both the IP address and the subnet mask, then the bit is set in the network address · if the bit is set in the IP address but not set in the subnet mask, then the bit is set in the host address. For example IP Address 138.77.37.21 10001010 01001101 00100101 00100101 Netmask 255.255.255.0 11111111 11111111 11111111 00000000 Network Address 138.77.37.0 10001010 00100101 01001101 00000000 Host Address 0.0.0.21 00000000 00000000 00000000 00100101 Four bytes make up the IP address divided (unequally, depending on settings) into netid and hostid Netid Hostid Systems Administration Chapter 16: Networks: The Connection Page 381 The Internet is a network of networks The structure of IP addresses can give you some idea of how the Internet works. It is a network of networks. You start with a collection of machines all connected via the same networking hardware, a local area network. All the machines on this local area network will have the same network address, each machine also has a unique host address. The Internet is formed by connecting a lot of local area networks together. For example In Figure 16.3 there are two networks, 138.77.37.0 and 138.77.36.0 . These are two networks on the Rockhampton campus of CQU and both use ethernet as their networking hardware. This means that when a computer on the 37 subnet (the network with the network address 138.77.37.0 ) wants to send information to another computer on the 37 subnet, it simply uses the characteristics of ethernet. The information is placed on the ethernet network and gets broadcasted to every ethernet card on the network. The ethernet card which has the appropriate address is the only one which “accepts” the information. However, if the machine 138.77.37.37 wants to send information to the machine 138.77.36.15, it's a bit more complex. Since both computers are on separate networks (one on the 37 subnet and the other on the 36 subnet), the machine 138.77.37.37 just can't send information to the machine 138.77.36.15 . Instead it has to use a gateway machine (only rarely is the gateway machine a computer, but it can be). The gateway machine has two network connections; one connection to the 138.77.37.0 network and the other to the 138.77.36.0 network. It is via this dual connection that the gateway acts as the connection between the two networks. The gateway knows that it should grab any and all packets on the 138.77.36.0 network destined for the 138.77.37.0 network (and vice versa). When it grabs these packets, the gateway machine transfers them from the network device connected to the sending network to the network device connected to the receiving network. Figure 16.3 A simple gateway This process is repeated for other networks. Each network is then connected to each other via devices called routers, or perhaps gateways. This is a very simple example. Systems Administration Chapter 16: Networks: The Connection Page 382 Assigning IP addresses Some IP addresses are reserved for specific purposes and you should not assign these addresses to a machine. Table 16.3 lists some of these addresses. Address Purpose xx.xx.xx.0 Network address xx.xx.xx.1 Gateway address * xx.xx.xx.255 Broadcast address 127.0.0.1 Loopback address * this is not a set standard Table 16.3 Reserved IP addresses As mentioned above, 127.0.0.1 is a special IP address. It refers to the local host (or the loopback address). The local host allows software to address the local machine in exactly the same way it would address a remote machine. For those of you without network connections, the localhost will be the only method you can use to experiment with the concepts introduced in this and the following chapter. As shown in the previous examples, gateways and routers are able to distribute data from one network to another because they are actually physically connected to two or more networks through a number of network interfaces. Figure 16.3 provides a representation of this. The machine in the middle, the gateway machine, has two network interfaces. One has the IP address 138.77.37.1 and the other 138.77.36.1 (it is common practice for a network’s gateway machine to have the host id 1, but this is by no means compulsory). By convention, the network address is the IP address with a host address that is all 0's. The network address is used to identify a network. For example Figure 16.3 showed two networks 138.77.37.0 and 138.77.36.0 . The broadcast address is the IP address with the host address set to all 1's and is used to send information to all the computers on a network. It is typically used for routing and error information. Network classes During the development of the TCP/IP protocol, stack IP addresses were divided into classes. There are three main address classes, A, B and C. Table 16.4 summarises the differences between the three classes. The class of an IP address can be deduced by the value of the first byte of the address. Class First byte value Netmask Number of hosts A 1 to 126 255.0.0.0 16 million B 128 to 191 255.255.0.0 64,000 C 192 to 223 255.255.255.0 254 Multicast 224 – 239 240.0.0.0 Table 16.4 Network classes If you plan on setting up a network that is connected to the Internet, the addresses for your network must be allocated to you by central controlling organisation. You can't just choose any set of addresses you wish, since chances are they are already taken by some other site. Systems Administration Chapter 16: Networks: The Connection Page 383 If your network will not be connected to the Internet, you can choose from a range of private addresses which have been set aside for this purpose. These addresses are shown in Table 16.5. Network class Addresses A 10.0.0.0 to 10.255.255.255 B 172.16.0.0 to 172.31.255.255 C 192.168.0.0 to 192.168.255.255 Table 16.5 Networks reserved for private networks Subnets Central Queensland University has a class B network address, 138.77.0.0 . This would imply that you could make the following assumptions about the IP address 138.77.1.1. The network address is 138.77.0.0 and that the host address is 1.1 , this is after all how a class B address is defined. If you did make these implications you would be wrong. CQU has decided to break its available IP addresses into further networks, called subnets. Subnetting works by moving the dividing line between the network address bits and the host address bits. Instead of using the first two bytes for the network address, CQU uses subnetting to use the first three bytes. This is achieved by setting the netmask to 255.255.255.0 . This means that the address 138.77.1.1 actually breaks up into a network address 138.77.1.0 and a host address of 1 . The network 138.77.1.0 is said to be a subnet of the larger 138.77.0.0 network. Why subnet? Subnetting is used for a number of reasons including: · security reasons Using Ethernet, all hosts on the same network can see all the packets on the network. So it makes sense to put the computers in student labs on a different network to the computer on which student results are placed. · physical reasons Networking hardware, like ethernet, has physical limitations. You can't put machines on the Mackay campus on the same network as machines on the Rockhampton campus (they are separated by about 300 kilometres). · management and political reasons There may be departments or groups within an organisation that have unique needs or want to control their own network. It is far easier to manage a smaller network of about 250 computers than a single network with 16 000. Subnetting allows separate networks to be allocated to different departments. · hardware and software differences Someone may wish to use completely different networking hardware and software. "Strange" subnets Generally, subnet masks are byte oriented, for example 255.255.255.0 . This means that the divide between the network portion of the address and the host portion occurs on a byte boundary. However it is possible and sometimes necessary to use bit oriented subnet masks, for example 255.255.255.224 . Bit oriented implies that this division occurs within a byte. Systems Administration Chapter 16: Networks: The Connection Page 384 For example, a small company with a class C Internet address might use the subnet mask 255.255.255.224 . The following example demonstrates how this netmask is applied. IP Address 192.168.98.44 11000000 10101000 01100010 00101100 Netmask 255.255.255.224 11111111 11111111 11111111 11100000 Network Address 192.168.98.32 11000000 10101000 01100010 00100000 Host Address 0.0.0.12 00000000 00000000 00000000 00001100 This example shows that there are now only 5 bits available for a host address so there can only be 32 hosts on each subnet. Exercises 16.10. Complete the following table by calculating the network and host addresses. IP address Subnet mask Network address Host address 178.86.11.1 255.255.255.0 230.167.16.132 255.255.255.192 132.95.132.5 255.255.240.0 Name resolution We have a problem. People will use hostnames to identify individual computers on the network, while the computers use the IP address. How are the two reconciled? When you enter http://www.lycos.com/ on your web browser, the first thing the networking software must do is find the IP address for www.lycos.com . Once it has the IP address, it can connect to that machine and download the web pages. The process of taking a hostname and finding the IP address is called name resolution. Methods of name resolution The two methods that can be used to perform name resolution are: · the /etc/hosts file · the Domain Name Service [...]... most UNIX computers, the routing decisions they must make are simple If the datagram is for a host on the local network then the data is placed on the local network and delivered to the destination host If the destination host is on a remote network then the datagram will be forwarded to the local gateway The local gateway will then pass it on further However, a network the size of the Internet cannot... can see that the device files for an aliased ethernet device uses the format ethX:Y where X is the number for the ethernet card and Y is the number of the aliased device Since aliased devices use the same ethernet card, they must use the same network, after all you can't connect a single ethernet card to two networks Ethernet The following provides some very brief background information on ethernet which... useful in the rest of the chapter Refer to the Ethernet HOWTO for more information Ethernet addresses Every ethernet card has built into it a 48 bit address (called an Ethernet address or a Media Access Control (MAC) address) The high 24 bits of the address are used to assign a unique number to manufacturers of ethernet addresses and the low 24 bits are assigned to individual ethernet cards made by the manufacturer... sent on ethernet contains a source and destination MAC address The packet is placed on an ethernet network and every machine (actually the ethernet card) on the network looks at the packet If the card recognises the destination MAC as its own, it "grabs" the packet and passes it to the Network access layer It is possible to configure your ethernet card so that it grabs all packets sent on the network... addresses) If the ARP table contains the IP address, the ethernet address is returned If the IP address is not known, a packet which contains the required IP address is broadcast to every host on the local network Every host on the network examines the packet If the receiving host recognises the IP address as its own, it will send a reply back that contains its ethernet address This response is then placed... contain at least three fields, the first is a destination address, the second is the name of the interface to which the datagram is to be routed and the third is optionally the IP address of another machine which will carry the datagram on its next step through the network In Linux you can see this table by using the following command: # cat /proc/net/route or by using either of the following commands: #... Resolution Protocol The mapping of ethernet addresses into Internet addresses is performed by the Address Resolution Protocol (ARP) ARP maintains a table that contains the translation between IP address and ethernet address When the machine wants to send data to a computer on the local ethernet network, the ARP software is asked if it knows about the IP address of the machine (remember the software deals... that there should be device files for networking hardware Under other versions of the UNIX operating system this is true It is not the case under the Linux operating system Device files for networking hardware are created, as necessary, by the device drivers contained in the Linux kernel (ethernet and others) or by user programs which make network connections (for example modems, PPP connections) These... will display the entire table The following example shows how the arp cache for a computer is built as it goes In the first use of the arp command you can see three machines in the cache: centaurus, draal and a ? The ? is almost certainly one of the Windows XP computers in the student labs at CQU Draal is one of the Linux computers used by project students and centaurus is the gateway between the 138.77.37... and the fundamental process for connecting a machine to the network are the same for SLIP/PPP as they are for ethernet This is one of the advantages of TCP/IP networking being layered Above a certain level, i.e when the network interface is configured, the system works the same regardless of the hardware Refer to the appropriate HOWTOs for more information Kernel support for networking Ensuring that the . shows, the network portion of the address forms the high part of the address (the bit that appears on the left hand side of the number). The size of the network. both the IP address and the subnet mask, then the bit is set in the network address · if the bit is set in the IP address but not set in the subnet mask, then