1 / 25

CT 320: Network and System Administration

CT 320: Network and System Administration. NETWORKING Colorado State University Computer Science Department Chris Wilcox Fall 2012. Original slides from Dr. James Walden at Northern Kentucky University. Topics. Connecting to the Internet ifconfig Network Configuration DHCP Routing

kamana
Télécharger la présentation

CT 320: Network and System Administration

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. CT 320: Network and System Administration NETWORKING Colorado State University Computer Science Department Chris Wilcox Fall 2012 Original slides from Dr. James Walden at Northern Kentucky University.

  2. Topics • Connecting to the Internet • ifconfig • Network Configuration • DHCP • Routing • Troubleshooting Methods • Troubleshooting Tools

  3. Connecting to the Internet After OS installation and configuration, you need to: 1. Assign a hostname. 2. Assign an IP address. 3. Configure appropriate netmask. 4. Set default routes. 5. Set up name resolution.

  4. ifconfig Enables/disables network interfaces Sets IP address. Sets subnet mask. Sets broadcast address. Example use ifconfigem1 192.168.1.100 netmask 255.255.255.0 up

  5. ifconfig # /sbin/ifconfig em1 Link encap:EthernetHWaddr 00:22:64:33:63:E7 inetaddr:129.82.45.186 Bcast:129.82.47.255 Mask 255.255.252.0 inet6 addr: fe80::222:64ff:fe33:63e7/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:33091048 errors:0 dropped:350 overruns:0 frame:0 TX packets:27113894 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:20188020783 (18.8 GiB) TX bytes:15708154240 (14.6 GiB) Interrupt:17

  6. Fedora Network Configuration • /etc/sysconfig/network • Options • NETWORKING=yes|no • FORWARD_IPV4=yes|no • GATEWAY="Gateway IP" • HOSTNAME="Your hostname"

  7. Redhat Interface Configuration Per-interface configuration files: /etc/sysconfig/network-scripts/ifcfg-NAME Static IP DEVICE="eth0" IPADDR="10.1.0.153" NETMASK="255.255.0.0" ONBOOT="yes" BOOTPROTO="none" Dynamic IP DEVICE="eth0" ONBOOT="yes" BOOTPROTO= "dhcp"

  8. DHCP Dynamic Host Configuration Protocol Client “leases” configuration from server. Client must periodically renew lease. Centralizes host network configuration Set IP addresses, DNS svrs, etc. on server. Users don’t need to know how to cfg network. Easy to move machines to new subnets.

  9. DHCP Parameters IP addresses and netmasks Default routes DNS servers Syslog hosts WINS servers X font servers Proxy servers NTP servers TFTP servers for loading a boot image

  10. How DHCP Works • Client broadcasts DHCPDISCOVER Sends to 255.255.255.255 from 0.0.0.0 May contain hints (hardware arch or even IP) • Server responds with OFFER message Suggested IP address + parameters. • Client accepts with REQUEST message. or declines with a DECLINE message. • Server acknowledges with ACK message. or refuses with a NAK message.

  11. How DHCP Works Client runs dhclient Sends REQUEST messages to renew lease. Or sends RELEASE to relinquish lease. Server runs dhcpd Listens for lease requests, renewals, releases. Configuration file: /etc/dhcpd.conf Stores leases in dhcpd.leases file.

  12. /etc/dhcpd.conf default-lease-time 900; max-lease-time 86400; option subnet-mask 255.255.255.0; option domain "example.com"; option domain-name-servers 192.168.12.9, 192.168.3.9; subnet 192.168.12.0 netmask 255.255.255.0 { option routers 192.168.12.1; option broadcast-address 192.168.12.255; range 192.168.12.50 192.168.12.250; } subnet 192.168.3.0 netmask 255.255.255.0 { option routers 192.168.3.1; option broadcast-address 192.168.3.255; range 192.168.3.65 192.168.3.192; }

  13. Routing For a typical system need: Route to local system. Route to everywhere else (default route). Routers handle more complex routing issues. Typically use routing protocols to handle. Set routes with: route /etc/sysconfig/network

  14. Routing > route -n Kernel IP routing table Destination Gateway GenmaskIface 192.168.1.0 0.0.0.0 255.255.255.0 U eth1 0.0.0.0 192.168.1.1 0.0.0.0 UG eth1 # Creating these routes on the command line > route add –net 192.168.1.0 netmask 255.255.255.0 em1 > route add default gw 192.168.1.1

  15. Bottom-up Troubleshooting • Do you have physical connectivity and link light? • Is interface configured properly? • Is DNS configured properly? • Do your ARP tables show other hosts? • Can you ping 127.0.0.1? • Can you ping local hosts by IP address? • Can you ping local hosts by hostname? • Can you ping hosts on other subnets? • Do high-level commands like ssh work?

  16. Troubleshooting Tools ifconfig arp ping traceroute netstat ethereal

  17. ifconfig Use ifconfig to check Is the interface configured? Does the interface have an IP address? Does it have the right IP address? Does it have the right netmask? Is the number of errors large? Is the number of collisions large?

  18. arp waters (129.82.45.186) # /sbin/arp Address HWtypeHWaddressFlags Mask Iface chopin.cs.colostate.edu ether 44:1e:a1:05:fa:b6 C em1 cs-gw-1.cs.colostate.ed ether 88:43:e1:a3:1b:40 C em1 bach.cs.colostate.edu ether 44:1e:a1:04:e0:36 C em1 parsons.cs.colostate.ed ether 44:1e:a1:05:56:06 C em1

  19. ping • Simple, but very useful. • Variants • Three-ping. • Continuous. • Statistics. • Limitations • Failed ping only indicates something is wrong. • May be server, intermediate routers, etc.

  20. traceroute > traceroute www.google.com Warning: www.l.google.com has multiple addresses; using 72.14.203.104 www.l.google.com (72.14.203.104), 30 hops max, 40 byte packets 1 172.20.20.253 (172.20.20.253) 0.552 ms 0.327 ms 2 192.122.237.10 (192.122.237.10) 0.746 ms 0.741 ms 3 h13.188.140.67.ip.alltel.net (67.140.188.13) 1.124 ms 4 h6.31.213.151.ip.alltel.net (151.213.31.6) 30.256 ms 5 h212.33.213.151.ip.alltel.net (151.213.33.212) 3.456 ms 6 so-10-1.ipcolo1.Chicago1.Level3.net (4.79.76.249) 19.705 ms 7 so-5-0-0.mp1.Cincinnati1.Level3.net (4.68.124.241) 6.107 ms 8 4.79.66.138 (4.79.66.138) 20.194 ms 19.723 ms 9 66.249.95.246 (66.249.95.246) 20.054 ms 10 72.14.238.89 (72.14.238.89) 41.575 ms 4.79.66.150 11 66.249.95.246 (66.249.95.246) 16.222 ms 15.985 ms 12 72.14.203.104 (72.14.203.104) 21.079 ms 72.14.238.89

  21. netstat netstat –a List active TCP/UDP ports. netstat –i List interface configuration. netstat –r List routing table. netstat –s Packet statistics by protocol.

  22. netstat TCP: IPv4 Local Address Remote Address Swind Send-Q Rwind Recv-Q State -------------------- -------------------- ----- ------ ----- ------ ------- *.* *.* 0 0 49152 0 IDLE *.sunrpc *.* 0 0 49152 0 LISTEN *.* *.* 0 0 49152 0 IDLE *.time *.* 0 0 49152 0 LISTEN *.echo *.* 0 0 49152 0 LISTEN *.discard *.* 0 0 49152 0 LISTEN *.daytime *.* 0 0 49152 0 LISTEN *.chargen *.* 0 0 49152 0 LISTEN *.32771 *.* 0 0 49152 0 LISTEN *.32772 *.* 0 0 49152 0 LISTEN *.fs *.* 0 0 49152 0 LISTEN *.dtspc *.* 0 0 49152 0 LISTEN *.printer *.* 0 0 49152 0 LISTEN *.shell *.* 0 0 49152 0 LISTEN *.login *.* 0 0 49152 0 LISTEN *.exec *.* 0 0 49152 0 LISTEN *.exec *.* 0 0 49152 0 LISTEN *.finger *.* 0 0 49152 0 LISTEN *.telnet *.* 0 0 49152 0 LISTEN

  23. netstat > netstat -i Kernel Interface table Iface MTU Met RX-OK RX-ERR RX-DRP RX-OVR TX-OK TX-ERR TX-DRP TX-OVR Flg eth1 1500 0 2019920 0 0 0 2545593 0 0 0 BMRU lo 16436 0 14001346 0 0 014001346 0 0 0 LRU > netstat -r Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt Iface 192.168.1.0 * 255.255.255.0 U 0 0 0 eth1 default 192.168.1.1 0.0.0.0 UG 0 0 0 eth1

  24. netstat > netstat -s Ip: 16009667 total packets received 0 forwarded 0 incoming packets discarded 15975957 incoming packets delivered 16532222 requests sent out Icmp: 3 ICMP messages received 0 input ICMP message failed. ICMP input histogram: echo requests: 3 38 ICMP messages sent 0 ICMP messages failed ICMP output histogram: destination unreachable: 35 echo replies: 3 > netstat –s (continued) Tcp: 30058 active connections openings 6237 passive connection openings 0 failed connection attempts 2940 connection resets received 5 connections established 15922004 segments received 16492629 segments send out 766 segments retransmited 5 bad segments received. 1320 resets sent Udp: 39411 packets received 35 packets to unknown port received. 0 packet receive errors 39541 packets sent

  25. Network Sniffing • Sniffers intercept network traffic. • Protocol analyzers translate packets • Headers for each layer of TCP/IP stack. • Packet data. • Sniffers • Ethereal • tcpdump • snort • snoop

More Related