LFS101x: Chapter 14 - Network Operations

Network Operations

Introduction to Networking

A network is a group of computers and computing devices connected together (either locally or worldwide) through communication channels, such as cables or wireless media

A network is used to

  • Allows the connected devices to communicate with each other
  • Enable multiple users to share devices over the network (such as music, video servers, printers, scanners, etc.)
  • Share and manage information across computers easily

Most organizations have both an internal network and an Internet connection for users to communicate with machines and people outside the organization

  • The Internet is the largest network in the world and can be called "the network of networks"

IP Addresses

Devices attached to a network must have at least one unique network address identifier known as the IP (Internet Protocol) address

  • IP addresses are essential for routing packets of information through the network
      * Exchanging information across the network requires using streams of small packets, each of which contains a piece of the information going from one machine to another
        * These packets contain data buffers, together with headers which contain information about where the packet is going to and coming from, and where it fits in the sequence of packets that constitute the stream
IPv4 (IP version 4)

  • An older and more widely used

  • Uses 32-bits for addresses
      * There are only 4.3 billion unique addresses available, and many addresses are allocated and reserved, but not actually used

  • Considered inadequate for meeting future needs because the number of devices available on the global network has increased enormously in recent years

  • One reason IPv4 hasn't disappeared is there are ways to effectively make many more addresses available by methods such as NAT (Network Address Translation)
      * NAT enables sharing one IP address among many locally connected computers, each of which has a unique address only seen on the local network

  * While this is used in organizational settings, it's also used in simple home networks
    * For example, if you have a router hooked up to your Internet Provider (such as a cable system) it gives you one externally visible address, but issues each device in your home an individual local address

IPv6 (version 6)

  • Newer and is designed to get past limitations inherent in the older standard and furnish many more possible addresses

  • Uses 128-bits for addresses
      * This allows for 3.4 X 1038 unique addresses

  • If you have a larger network of computers and want to add more, you may want to move to IPv6, because it provides more unique addresses
      * However, it can be complex to migrate to IPv6 since IPv4 and IPv6 don't always inter-operate well

  * Thus, moving equipment and addresses to IPv6 requires significant effort and hasn't been quite as fast as was originally intended

Decoding IPv4 Addresses

A 32-bit IPv4 address is divided into four 8-bit sections called octets (Octet is just another word for byte)

  • Network addresses are divided into five classes:
Classes A, B and C

Classes A, B and C are classified into two parts:

  • Network addresses (Net ID) - Used to identify the network

  • Host address (Host ID) - Used to identify a host in the network

  • Class A network addresses use the first octet of an IP address as their NET ID and use the other three octets as the Host ID
      * The first bit of the first octet is always set to zero (So you can only use 7-bits for unique network numbers)
        * As a result, there's a maximum of 126 Class A networks available (The addresses 0000000 and 1111111 are reserved)

    * Not surprisingly, this was only feasible when there were very few unique networks with large numbers of hosts
      * As the use of the Internet expanded, Classes B and C were added in order to accommodate the growing demand for independent networks

    * Each Class A network can have up to 16.7 million unique hosts on its network
      * The range of host addresses is from 1.0.0.0 to 128.255.255.255, while the value of an octet, or 8-bits, can range from 0 to 255

  • Class B network addresses use the first two octets of the IP address as their NET ID and the last two octets as the Host ID
      * The first two bits of the first octet are always set to binary 10, so there's a maximum of 16 384 (14-bit) Class B networks

  * The first octet of a Class B network address has values from 128 to 191
    * The introduction of Class B networks expanded the number of networks but it soon became clear that a further level would be needed

  * Each Class B network can support a maximum of 65 536 unique hosts on its network
    * The range of host addresses is from 128.0.0.0 to 191.255.255.255

  • Class C network addresses use the first three octets of the IP address as their NET ID and the last octet as their Host ID
      * The first three bits of the first octet are set to binary 110, so almost 2.1 million (21-bits) Class C networks are available

  * The first octet of a Class C network address has values from 192 to 223
    * These are most common for smaller networks which don't have many unique hosts

  * Each Class C network can support up to 256 (8-bit) unique hosts
    * The range of host addresses is from 192.0.0.0 to 233.255.255.255

Class D

Class D is used for special multicast applications

  • Information is broadcast to multiple computers simultaneously
Class E

Class E is reserved for future use

IP Address Allocation

Typically, a range of IP addresses are requested from your ISP (Internet Service Provider) by your organization's network administrator

  • Often, your choice of which class of IP address you're given depends on the size of your network and expected growth needs

  • If NAT (Network Address Translator) is in operation, then you only get one externally visible address

You can assign IP addresses to computers over a network either

  • Manually
      * Manual IP address assignments add static (never changing) addresses to the network

  • Dynamically
      * Dynamically IP address assignments can change every time you reboot or even more often
      * The DHCP (Dynamic Host Configuration Protocol) is used to assign IP addresses

Name Resolution

Name Resolution is used to convert numerical IP address values into a human-readable format known as the hostname

  • ex: 104.95.85.15 is the numerical IP address that refers to the hostname Whitehouse. gov

  • Given an IP address, you can obtain its corresponding hostname
      * Accessing the machine over the network becomes easier when you can type the hostname instead of the IP address

  • You can view your system's hostname by typing hostname with no argument
      * If you give an argument, the system will try to change its hostname to match it, however, only root users can do that

The special hostname localhost is associated with the IP address 127.0.0.1 and describes the machine you are currently on (which normally has additional network-related IP addresses).

Domain Name System (DNS)

translates Internet domain and host names to IP addresses

Networking Configuration and Tools

Network Configuration Files

Network configuration files are essential to ensure that interfaces function correctly

  • They're located in /etc directory tree (However, the exact files used have historically been dependent on the particular Linux distribution and version being used)
      * For Debian family configurations, the basic network configuration files could be found under /etc/network/

  * For Red Hat and SUSE family configuration, the basic network configuration files could be found under /etc/sysconfig/network

Modern systems emphasize the use of Network Manager rather than trying to keep up with the vagaries of the files in /etc

  • While the graphical versions of Network Manager do look somewhat different in different distributions, the nmtui utility varies almost not at all, as does the even more sparse nmcli (command line interface) utility
      * If you are proficient in the use of the GUIs, by all means, use them

  * If you are working on a variety of systems, the lower-level utilities may make life easier

  • Recent Ubuntu distributions include netplan (which is turned on by default) and supplant Network Manager

Network Interfaces

Network interfaces are a connection channel between a device and a network

  • Physically, network interfaces can proceed through a NIC (Network Interface Card), or can be more abstractly implemented as software

  • You can have multiple network interfaces operating at once (Specific interfaces can be brought up/activated or brought down/deactivated at any time)

Information about a particular network interface or all network interfaces can be reported by the ip and ifconfig utilities, which you have to run as the superuser, or at least, give the full path

ip
  • ip is a very powerful program that can do many things (Older and more specific utilities such as ifconfig and route are often used to accomplish similar tasks)
      * To view the IP address type /sbin/ip addr show
      * To view the routing information type /sbin/ip route show
ping

  • ping is used to check whether or not a machine attached to the network can receive and send data (ex: It confirms that the remote host is online and is responding)
      * To view the status of the remote host type ping

  • ping is frequently used for network testing and management
      * However, its usage can increase network load unacceptably

  * Hence, you can abort the execution of ping by typing CTRL-C, or by using the -c option, which limits the number of packets that ping will send before it quits. When execution stops, a summary is displayed

route
  • A network requires the connection of many nodes (Data moves from source to destination by passing through a series of routers and potentially across multiple networks)
      * Servers maintain routing tables containing the addresses of each node in the network

  * The IP routing protocols enable routers to build a forwarding table that correlates final destinations with the next hop addresses

  • You can use the route utility or the newer ip route command to view or change the IP routing table to add, delete, or modify specific (static) routes to specific hosts or networks
      * IP routing commands examples:
        * route -n or ip route (Shows the current routing table)

    * route add -net address or ip route add (Adds a static route)

    * route del -net address or ip route del (Deletes a static route)

traceroute

  • traceroute is used to inspect the route that the data packet takes to reach the destination host, which makes it quite useful for troubleshooting network delays and errors

  • By using traceroute, you can isolate connectivity issues between hops, which helps resolve them faster

  • To print the route taken by the packet to reach the network host type traceroute

Additional Networking Tools

  • ethtool (Queries network interfaces and can also set various parameters such as the speed)

  • netstat (Displays all active connections and routing tables; Useful for monitoring performance and troubleshooting)

  • nmap (Scans open ports on a network; Important for security analysis)

  • tcpdump (Dumps network traffic for analysis)

  • iptraf (Monitors network traffic in text mode)

  • mtr (Combines functionality of ping and traceroute and gives a continuously updated display)

  • dig (Tests DNS workings; A good replacement for host and nslookup)

Browsers, wget and curl

Graphical and Non-Graphical Browsers

Browsers are used to retrieve, transmit and explore information resources, usually on the WWW (World Wide Web)

  • Graphical browsers: Firefox, Google Chrome, Opera, Konqueror, etc.

  • Non-graphical browsers: lynx, elinks (It can display tables and frames), w3m, etc.

wget

wget is a command line utility that can capably handle the following types of downloads

  • Large file downloads
  • Recursive downloads, where a web page refers to other web pages and all are downloaded at once
  • Password-required downloads
  • Multiple file downloads

To download a web page just type wget

curl

curl allows you to obtain information about a URL, such as the source code being used, and to save the content of a web page to a file, as does wget

  • You can read a URL using curl
  • To get the contents of a web page and store it in a file type curl -o save.html http:// www. mysite. com

Transferring Files

FTP (File Transfer Protocol)

FTP is a method for transferring files between computers using the internet (This method is built on a client-server model)

  • FTP can be used within a browser or with stand-alone client programs

FTP is one of the oldest methods of network data transfer, dating back to the early 1970s. As such, it is considered inadequate for modern needs, as well as being intrinsically insecure

  • However, it is still in use and when security is not a concern (such as with so-called anonymous FTP) it can make sense

  • However, many websites, such as kernel. org, has abandoned its use.

FTP Clients

FTP clients enable you to transfer files with remote computers using the FTP protocol (These clients can be either graphical or command line tools)

  • Graphical tools: Filezille, Browser, etc.

  • Command line tool: ftp, sftp, ncftp, yafc, etc.

Filezilla, for example, allows the use of the drag-and-drop approach to transfer files between hosts

  • All web browsers support FTP, all you have to do is give a URL like ftp:// ftp. kernel. org where the usual http:// becomes ftp://

  • Some command line FTP clients are ftp, sftp, ncftp, yafc (Yet Anothet FTP Client), etc.

FTP has fallen into disfavour on modern systems, as it is intrinsically insecure since passwords are user credentials that can be transmitted without encryption and are thus prone to interception.

  • Thus, it was removed in favour of using rsync and web browser https access for example 

  • As an alternative, sftp is a very secure mode of connection, which uses the Secure Shell (ssh) protocol
      * sftp encrypts its data and thus sensitive information is transmitted more securely. However, it does not work with so-called anonymous FTP (guest user credentials)

SSH: Executing Commands Remotely

SSH (Secure Shell) is a cryptographic network protocol used for secure data communication

  • It's also used for remote services and other secure services between two devices on the network and is very useful for administering systems which are not easily available to physically work on, but to which you have remote access

  • To login to a remote system using your same user name, you can just type ssh some_system
      * SSH then prompts you for the remote password
        * You can also configure ssh to securely allow your remote access without typing a password each time

  • If you want to run as another user, you can type either ssh -a someone some_system or ssh someone@some_system

  • To run a command on a remote system via SSH type ssh some_system my_command

Copying Files Securely with scp

scp (Secure Copy) allows you to move files securely between two networked hosts

  • scp uses the SSH protocol for transferring data

  • To copy a local file to a remote system type scp
      * You'll then receive a prompt for the remote password
        * You can also configure scp so that it doesn't prompt for a password for each transfer