| Goals for this chapter: | rpm packages covered in this chapter:
|
|
|
|
Today everyone speaks about the Web or has a personal access to Internet. So the concept of Net is in every place. But no one knows the true meaning.
Since several years UNIX has included the network services with the TCP/IP protocol. Novell Inc.made the IPX protocol more easy, stable and secure that it became a standard itself. NFS, Network File System is the system for mounting a remote file system, adopted by SUN Microsystems from some research work.
All these aspects show us how the network concept is not new. Its popularity started with Internet, called also the Net where it's possible to find in a few seconds information directly from the source at a very low cost.
... but what is a network ?
A network is a set of computers for interchanging information. The way to interchange this information is through the serial ports, via modem, via Ethernet with network cards at 10 or 100 Mbit/sec, through the satellite where the data is received through a dish.
The information sent between computers is split into packets that respect a protocol, that is a set of rules that confirms if a received packet can be accepted or not.
Today, the most used network protocol is the TCP/IP (Transmission Control Protocol / Internet Protocol), developed at UCLA Berkeley from the degree thesis of some students. See the RFC (Request for Comment).
Each one of this components and protocols allows to send and receive data between computers, it takes years to be tested, accepted, corrected and finally used. A good example is the US Army that used for several years the UNIX system.
Several network protocols are present in Linux,wisely inheritedfrom UNIX: FTP (File Transfer Protocol), IP (Internet Protocol) and others.
All these protocols are present in the file "/etc/protocols" :
[root@redhead /root]# more /etc/protocols
# /etc/protocols:
# $Id: protocols,v 1.1 1995/02/24 01:09:41
imurdock Exp $
#
# Internet (IP) protocols
#
#
from: @(#)protocols 5.1 (Berkeley) 4/17/89
#
# Updated for NetBSD based on RFC 1340,
Assigned Numbers (July 1992).
ip 0
IP
# internet protocol, pseudo protocol number
icmp 1
ICMP
# internet control message protocol
igmp 2
IGMP
# Internet Group Management
ggp 3
GGP
# gateway-gateway protocol
ipencap 4
IP-ENCAP # IP encapsulated in
IP (officially ``IP'')
st 5
ST
# ST datagram mode
tcp 6
TCP
# transmission control protocol
egp 8
EGP
# exterior gateway protocol
pup 12
PUP
# PARC universal packet protocol
udp 17
UDP
# user datagram protocol
hmp 20
HMP
# host monitoring protocol
xns-idp 22
XNS-IDP # Xerox NS IDP
rdp 27
RDP
# "reliable datagram" protocol
iso-tp4 29
ISO-TP4 # ISO Transport
Protocol class 4
xtp 36
XTP
# Xpress Tranfer Protocol
ddp 37
DDP
# Datagram Delivery Protocol
idpr-cmtp
39 IDPR-CMTP
# IDPR Control Message Transport
rspf 73
RSPF
#Radio Shortest Path First.
vmtp 81
VMTP
# Versatile Message Transport
ospf 89
OSPFIGP # Open Shortest
Path First IGP
ipip 94
IPIP
# Yet Another IP encapsulation
encap 98
ENCAP # Yet
Another IP encapsulation
[root@redhead /root]#
Some of you probably know that Linux includes the so called "daemons", the name used by some programs that work continually on the system waiting for a service request: printing (lpd), mounting (nfsiod), log (syslogd), time control (xntpd), HTML browsing (httpd), network (inetd).
In fact, this is an example of some "daemons" that are running in the machine at this moment :
[root@redhead /root]# ps x | grep 'd'
2 ?
SW 0:00 [kflushd]
3 ?
SW 0:00 [kpiod]
4 ?
SW 0:00 [kswapd]
5 ?
SW< 0:00 [mdrecoveryd]
117 ?
S 0:00 /usr/sbin/apmd -p 10 -w 5 -W
323 ?
S 0:03 syslogd -m 0
334 ?
S 0:00 klogd
364 ?
S 0:00 crond
382 ?
S 0:00 inetd
410 ?
S 0:00 named
437 ?
S 0:00 lpd
444 ?
S 0:00 lpd
455 ?
S 0:00 rpc.statd
466 ?
S 0:00 rpc.rquotad
477 ?
S 0:00 rpc.mountd
492 ?
SW 0:00 [nfsd]
493 ?
SW 0:00 [nfsd]
494 ?
SW 0:00 [nfsd]
495 ?
SW 0:00 [nfsd]
496 ?
SW 0:00 [nfsd]
497 ?
SW 0:00 [nfsd]
498 ?
SW 0:00 [nfsd]
499 ?
SW 0:00 [nfsd]
500 ?
SW 0:00 [lockd]
501 ?
SW 0:00 [rpciod]
518 ?
S 0:00 /usr/sbin/amd -a /.automount -l syslog
-c 1000 /net /
588 ?
S 0:00 sendmail: accepting connections on
port 25
603 ?
S 0:00 httpd
631 ?
S 0:00 /usr/local/bin/vmnet-bridge /dev/vmnet0
eth0
754 ?
S 0:00 update (bdflush)
771 ?
S 0:00 /usr/local/bin/vmnet-dhcpd -cf /etc/vmware/vmnet1.con
1442 ?
S 0:00 cons.saver /dev/tty4
1901 ?
S 0:00 /etc/X11/prefdm -nodaemon
1938 ?
S 0:00 kaudioserver
1939 ?
S 0:01 kwmsound
1943 ?
S 0:01 kbgndwm
1950 ?
S 0:00 maudio -media 23297
2037 ttyp0 S
0:00 telnet redhead
2038 ?
S 0:00 in.telnetd
2207 pts/0 S
0:00 (dns helper)
3281 ?
S 0:00 in.telnetd
3412 pts/4 S
0:00 grep d
[root@redhead /root]#
The "daemon" that we will introduce in this chapter is the "inetd" (Inter Network Daemon).
The inetd "daemon" starts at boot time depending on the default init level in the file "/etc/inittab".
In fact, if the file "/etc/inittab" contains the init level "3" as a default, called initdefault, we will have to find the init file in the directory "/etc/rc.d/rc3.d" :
[root@redhead /root]# more /etc/inittab
| grep id
id:5:initdefault:
[root@redhead /root]#
In the directory "/etc/rc.d/rc3.d" we find the file S15inet, that is a link to the file inet, present in the directory "/etc/rc.d/init.d" :
[root@redhead /root]# cd /etc/rc.d/rc3.d/
[root@redhead rc3.d]# fgrep -n inet *
S50inet:3:# inet
Start TCP/IP networking services. This script
S50inet:11:# description: The internet
superserver daemon (commonly called inetd) \
S50inet:14:#
ftp, rsh, and rlogin. Disabling inetd disables all of the \
S50inet:16:# processname: inetd
S50inet:17:# pidfile: /var/run/inetd.pid
S50inet:19:# config: /etc/inetd.conf
S50inet:34:[ -f /usr/sbin/inetd ] || exit
0
S50inet:40: daemon
inetd
S50inet:43: touch
/var/lock/subsys/inet
S50inet:46: #
bringing down NFS filesystems isn't inet's problem I don't know
S50inet:50: killproc
inetd
S50inet:53: rm
-f /var/lock/subsys/inet
S50inet:56: status
inetd
S50inet:59: killall
-HUP inetd
S50inet:62: echo
"Usage: inet {start|stop|status|restart|reload}"
[root@redhead rc3.d]#
[root@redhead rc3.d]# ls -al S50inet
lrwxrwxrwx 1 root
root 14 Jun
9 19:19 S50inet -> ../init.d/inet
[root@redhead rc3.d]#
We will explain more in detail the boot concepts in Chapter 22. Boot and shutdown.
Now let's explain how to start the daemon "inetd"and for which service this daemon can be made available.
The program "inetd" is directly connected to its resource file "/etc/inetd.conf" where there are listed all the services that will be activated at boot time by "inetd".
This is the file "/etc/inetd.conf" present in this machine :
[root@redhead /root]# more /etc/inetd.conf
#
# inetd.conf This file
describes the services that will be available
#
through the INETD TCP/IP super server. To re-configure
#
the running INETD process, edit this file, then send the
#
INETD process a SIGHUP signal.
#
# Version:
@(#)/etc/inetd.conf 3.10 05/27/93
#
# Authors:
Original taken from BSD UNIX 4.3/TAHOE.
#
Fred N. van Kempen, <waltje@uwalt.nl.mugnet.org>
#
# Modified for Debian Linux by Ian A.
Murdock <imurdock@shell.portal.com>
#
# Modified for RHS Linux by Marc Ewing
<marc@redhat.com>
#
# <service_name> <sock_type> <proto>
<flags> <user> <server_path> <args>
#
# Echo, discard, daytime, and chargen
are used primarily for testing.
#
# To re-read this file after changes,
just do a 'killall -HUP inetd'
#
#echo stream tcp
nowait root internal
#echo dgram udp
wait root internal
#discard
stream tcp nowait root
internal
#discard
dgram udp wait root
internal
#daytime
stream tcp nowait root
internal
#daytime
dgram udp wait root
internal
#chargen
stream tcp nowait root
internal
#chargen
dgram udp wait root
internal
#time stream tcp
nowait root internal
#time dgram udp
wait root internal
#
# These are standard services.
#
ftp stream
tcp nowait root /usr/sbin/tcpd
in.ftpd -l -a
telnet stream tcp
nowait root /usr/sbin/tcpd in.telnetd
#
# Shell, login, exec, comsat and talk
are BSD protocols.
#
shell stream tcp
nowait root /usr/sbin/tcpd in.rshd
login stream tcp
nowait root /usr/sbin/tcpd in.rlogind
#exec stream tcp
nowait root /usr/sbin/tcpd in.rexecd
#comsat dgram udp
wait root /usr/sbin/tcpd in.comsat
talk dgram
udp wait root
/usr/sbin/tcpd in.talkd
ntalk dgram udp
wait root /usr/sbin/tcpd in.ntalkd
#dtalk stream tcp
waut nobody /usr/sbin/tcpd in.dtalkd
#
# Pop and imap mail services et al
#
#pop-2 stream tcp
nowait root /usr/sbin/tcpd ipop2d
#pop-3 stream tcp
nowait root /usr/sbin/tcpd ipop3d
#imap stream tcp
nowait root /usr/sbin/tcpd imapd
#
# The Internet UUCP service.
#
#uucp stream tcp
nowait uucp /usr/sbin/tcpd /usr/lib/uucp/uucico
-l
#
# Tftp service is provided primarily for
booting. Most sites
# run this only on machines acting as
"boot servers." Do not uncomment
# this unless you *need* it.
#
#tftp dgram udp
wait root /usr/sbin/tcpd in.tftpd
#bootps dgram udp
wait root /usr/sbin/tcpd bootpd
#
# Finger, systat and netstat give out
user information which may be
# valuable to potential "system crackers."
Many sites choose to disable
# some or all of these services to improve
security.
#
finger stream tcp
nowait root /usr/sbin/tcpd in.fingerd
#cfinger stream tcp
nowait root /usr/sbin/tcpd in.cfingerd
#systat stream tcp
nowait guest /usr/sbin/tcpd /bin/ps -auwwx
#netstat
stream tcp nowait guest
/usr/sbin/tcpd /bin/netstat -f inet
#
# Authentication
#
auth stream tcp
nowait nobody /usr/sbin/in.identd in.identd
-l -e -o
#
# End of inetd.conf
linuxconf stream tcp wait root /bin/linuxconf
linuxconf --http
#swat stream
tcp nowait.400 root
/usr/sbin/swat swat
[root@redhead /root]#
The commented lines indicate that a service isn't
active at the moment. For activating it, just remove the comment and reload
the inetd daemon.
This file includes a series of fundamental services
for communicating with other computers or for executing special controls
like the ones we can read in the following table:
|
|
|
| telnet | Opens a session on a remote machine in the local network or the Internet |
| ftp | Opens a session for transferring files between two machines |
| finger | Controls who is connected to the local or remote machine |
| talk
ntalk |
Opens a dialogue session for communicating with
a remote machine, using the keyboard
(today this has been evolved in a videoconferencing system : audio/video) |
| gopher | Opens a gopher session
The Gopher services are a set of remote information organized in directories Today this kind of information is emigrating to the WWW |
| pop2
pop3 |
Mails services between remote machines.
(Called e-mail) |
| uucp | Transfers Data System used in UNIX systems
(UUCP: UNIX-to-UNIX Copy) Tends to be substituted by FTP and e-mail |
| netstat | Network statistics |
The IP protocol (Internet Protocol address) has to assign a number or code to each network machine.
Since some years there has been fixed that the IP address must have a numeric code as follows:
127.0.0.1
192.133.40.60
128.1.1.45
The choice for the type number depends on the
network class. The network types are as follows:
None of these computers must be connected to Internet.
If you want your Linux system to be connected to Internet, we must ask your own Internet IP address from Network Solutions.
In fact, for your local network you can choose any network class. Anyway, Internet presumes that your network belongs to class C.
If you have a direct access then your machine has a unique IP address, assigned by InterNIC.
If your access to the Web is with an ISP (Internet Service Provider), there are no problems because you will automatically receive an IP address, independent from the rest of the Web.
The IP address and the Internet connection will be explained in Chapter 12. The World Wide Web.
Therefore, once the IP address has been fixed, we choose a name and some alias for the machine, as we wrote in the machine worksheet in Chapter 1.
The number or IP address was written by the user in the installation set up.
All the IP addresses present in the local network or in the Intranet must be listed in the file "/etc/hosts" including the local IP address :
[root@redhead /root]# more /etc/hosts
127.0.0.1
localhost localhost.localdomain
192.168.1.68 redhead.futuretg.com
redhead
192.168.1.60 world.futuretg.com
world
192.168.1.61 thunder.futuretg.com
thunder
192.168.1.62 wind.futuretg.com
wind
192.168.1.63 twister.futuretg.com
twister
192.168.1.64 earth.futuretg.com
earth
192.168.1.65 water.futuretg.com
water
192.168.1.66 heaven.futuretg.com
heaven
192.168.1.70 imac.futuretg.com
imac
[root@redhead /root]#
If some network machine is not included in the file "/etc/hosts", we can access it via telnet or an FTP with its physical IP address. This is very common for Internet telnet sessions, as for example:
[root@redhead /root]# telnet 192.90.60.53
Trying 192.90.60.53...
Therefore the inclusion of the remote host is important but not fundamental.
We can also read that for the local machine there are present several alias, including also the "virtual" Internet site, like www.futuretg.com :
127.0.0.1 localhost water.futuretg.com water www.futuretg.com
If we try to send packets to this site, even without a physical connection to the Web, we will receive an answer because in actual fact we are sending packets to the local machine 127.0.0.1 :
[root@redhead /root]# ping www.futuretg.com
PING localhost (127.0.0.1): 56 data bytes
64 bytes from 127.0.0.1: icmp_seq=0 ttl=64
time=0.3 ms
64 bytes from 127.0.0.1: icmp_seq=1 ttl=64
time=0.2 ms
64 bytes from 127.0.0.1: icmp_seq=2 ttl=64
time=0.1 ms
64 bytes from 127.0.0.1: icmp_seq=3 ttl=64
time=0.1 ms
64 bytes from 127.0.0.1: icmp_seq=4 ttl=64
time=0.1 ms
--- localhost ping statistics ---
5 packets transmitted, 5 packets received,
0% packet loss
round-trip min/avg/max = 0.1/0.1/0.3 ms
[root@redhead /root]#
Using the alias we can activate this and other useful functions that help us to develop Web sites and test them locally.
It's also possible to make subnet. This can be inner to the Intranet or geographically remote as, for example, remote offices for the same company that belong to the same network.
The standard procedure for setting up sub nets is explained at the RFC 950.
This is an example :
This matter will be explained in the System Integrator course.
During the installation phase we installed the network card and assigned it an IP address, to the network interface, eth0. Anyway, there are also other network interfaces in the system.
The local loopback "lo"
Normally a Linux system that doesn't belong to the network uses the "loopback", that is a routing with itself :
[root@redhead /root]# ifconfig
eth0 Link
encap:Ethernet HWaddr 00:A0:CC:30:7E:09
inet addr:192.168.1.68 Bcast:192.168.1.255 Mask:255.255.255.0
UP BROADCAST RUNNING PROMISC MULTICAST MTU:1500 Metric:1
RX packets:150803 errors:0 dropped:0 overruns:0 frame:0
TX packets:64460 errors:1 dropped:0 overruns:0 carrier:2
collisions:24 txqueuelen:100
Interrupt:5 Base address:0xd800
lo
Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:3924 Metric:1
RX packets:924035 errors:0 dropped:0 overruns:0 frame:0
TX packets:924035 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
[root@redhead /root]# route -n
Kernel IP routing table
Destination Gateway
Genmask Flags Metric Ref
Use Iface
192.168.1.68 0.0.0.0
255.255.255.255 UH 0 0
0 eth0
192.168.1.0 0.0.0.0
255.255.255.0 U 0
0 0 eth0
172.16.222.0 0.0.0.0
255.255.255.0 U 0
0 0 vmnet1
127.0.0.0
0.0.0.0 255.0.0.0
U 0 0
0 lo
[root@redhead /root]#
To the local machine, by default, that cannot belong to any network, there was assigned the address IP 127.0.0.1, listed in the file "/etc/hosts". This is an international convention .
The "lo" is necessary for several reasons and services, the printing services (also local), the graphical X-Window server and others.
This means that without an active network loop back, the machine doesn't print.
The network interface "eth0"
The Ethernet network cards, installed in the machine at 10 or 100 Mbit, ISA, PCI or PCMCIA, use always the same interface "eth0".
This interface was active during the installation phase and is loaded at boot time by the file "/etc/rc.d/init.d/network".
This file verifies that there is a network installed. The installed services are listed in the file "network", on the dir "/etc/sysconfig" and are connected to some scripts that activate the network interface in the system.
[root@redhead /root]# more /etc/sysconfig/network
NETWORKING=yes
FORWARD_IPV4=no
HOSTNAME=redhead.futuretg.com
DOMAINNAME=futuretg.com
GATEWAY=159.656.656.65
GATEWAYDEV=eth0
[root@redhead /root]#
[root@redhead /root]# ls /etc/sysconfig/network
network
network-scripts
[root@redhead /root]# ls /etc/sysconfig/network-scripts/
ifcfg-eth0 ifdown
ifdown-ppp ifup
ifup-ipx ifup-post ifup-routes network-functions
ifcfg-lo ifdown-post
ifdown-sl ifup-aliases ifup-plip ifup-ppp
ifup-sl
[root@redhead /root]#
These files contain all the information that are loaded at boot time and and assign a fixed IP address like: 128.1.1.70 to the local network card :
[root@redhead /root]# cd !$
cd /etc/sysconfig/network-scripts/
[root@redhead network-scripts]# more ifcfg-eth0
DEVICE=eth0
IPADDR=192.168.1.68
NETMASK=255.255.255.0
NETWORK=192.168.1.0
BROADCAST=192.168.1.255
ONBOOT=yes
BOOTPROTO=none
[root@redhead network-scripts]#
So from that moment on the machine will be visible to the network with the IP number 128.1.1.70 or with the name included in the file "/etc/hosts" of each machine.
In fact, at boot time there are run the configuration "ifconfig" commands for each network interface: lo, eth0 and others. This command is similar to "ifconfig eth0 192.168.0.1 netmask 255.255.255.0 up" but through scripts.
For verifying the success of the command and the visibility of our machine in the network, we can run the command:
[root@redhead network-scripts]# ifconfig eth0
This will print the actual configuration for the interface showing also its IP address or the message "eth0: unknown interface.", that informs that the interface is not on.
The command "ifconfig" tells us about all the active interface in the system at a specific moment, including the interface for the Internet, analogical ppp0 or digital ISSN, ippp0 :
[root@redhead /root]# ifconfig
eth0 Link
encap:Ethernet HWaddr 00:A0:CC:30:78:F5
inet addr:192.168.1.66 Bcast:192.168.1.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:56453 errors:0 dropped:0 overruns:0 frame:0
TX packets:108416 errors:0 dropped:0 overruns:0 carrier:0
collisions:11 txqueuelen:100
Interrupt:11 Base address:0xe400
ippp0 Link encap:Point-to-Point
Protocol
inet addr:192.168.1.66 P-t-P:194.243.154.62 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MTU:1500 Metric:1
RX packets:702 errors:0 dropped:0 overruns:0 frame:0
TX packets:589 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:30
lo
Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:3924 Metric:1
RX packets:49 errors:0 dropped:0 overruns:0 frame:0
TX packets:49 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
lo Link encap:Local Loopback
inet addr:127.0.0.1 Bcast:127.255.255.255 Mask:255.0.0.0
UP BROADCAST LOOPBACK RUNNING MTU:3584 Metric:1
RX packets:52 errors:0 dropped:0 overruns:0
TX packets:52 errors:0 dropped:0 overruns:0
The previous screen tells us about the interface "lo", the network card eth0, PCMCIA at 100 Mbit and the Internet connection through the interface ppp0 via modem.
The Token Ring interface "tr0"
Linux also supports also the "token ring", "tr0", network interface, which was developed some years ago. To set up a token ring network card, you can proceed in the same way, using the standard program "netcfg".
How to set up various network interfaces on the same machine.
Unix and Linux support various network cards with different protocols on the same system. In the same way that for IDE/EIDE, you can specify two hard disks "hda1" and hda2", you can have interfaces like "eth0", "eth1", "tr0", "tr1", for network cards. Under Linux, to activate these cards it is necessary to create the interface and activate it.
To create the interface you can use the program "netcfg". Just choose "Add" under "Interface" button.
After complete the "IP address". The program will automatically setup the netmask address.
Under RedHat these files are present in the directory "/etc/sysconfig/network-scripts"
In this way we can have, for example, interfaces like "eth0" and "eth1",
useful to create a WebServer, or interfaces like "eth0" and "tr0" as a
bridge between networks.
