Unix Networking Basics
Material to be covered
• Contents– LAN concepts and components
– Configuring Unix networking
– Configuring Internet services
1. LAN Concepts and Components
• This will be the biggest section, because it’s the most foundational
Application
Presentation
Session
1
2
3
4
5
6
7
Transport
Network
Data Link
Physical
OSI Protocol Stack
Understanding
Transmission
OSI Protocol Stack (cont.)
• Layers 1-4: transmission - how data moves through the network.
• Layers 5-7: understanding - how data appears to applications and users
OSI Protocol Stack (cont.)
• Explanation of the layers:– Physical: Physical cable, electrical signalling, cable
length specifications, connector size.
– Data link: Error free (not reliable) media access for datagrams
– Network: Provides path (route) through the network for data
– Transport: Reliable (usually) flow of datagrams between two nodes
– Session: Synchronises dialogue between two programs
OSI Protocol Stack (cont.)
• Explanation (cont.):– Presentation: Converts data between formats used by
two programs
– Application: Obvious (hopefully)
Application
Presentation
Session
1
2
3
4
5
6
7
Transport
Network
Data Link
Physical
Berkeley/ARPA NFS
XDR
RPC
TCP UDP
ARP
ICMP
IP
802.2
802.3Ethernet
10 base T/2/5 Optical fibre
Internet Protocols and Services
SSL
Transmission Attributes
• Bandwidth– Measure of channel throughput
– Baseband: one channel (most LAN technologies)
– Broadband: multiple channels (cable TV)
• Electrical interference– Noise produced by other electrical devices and cables
– Shielding used to reduce
• Attenuation– Signal decay over the length of the cable
– Reduced by amplifiers (analog), repeaters (digital)
Access Methods
• CSMA/CD (ethernet)– Carrier sense, multiple access, collision detection
– Nodes must wait to transmit, and back off if there is a collision
– Performs poorly under high load conditions
• Token passing (token ring)– A token is passed around from node to node - only the
node with the token can transmit
– If a node has nothing to send, it passes the token to the next node
– Performs well under high load
– Provides guaranteed access to every node
• Point-to-point (SLIP, PPP)
IEEE Standards
• IEEE defined LAN standards– Similar to OSI stack
– Split data link layer into two levels:
» Logical link control (LLC)
» Media access control (MAC)
• Standards– 802.2: LLC
– 802.3: CSMA/CD
– 802.4: Token passing (bus topology)
– 802.5: Token passing (ring topology)
Media Types
• Coaxial (10 base 2): “BNC”, “Thin Ethernet”– Central conductor surrounded by a metal shield and
insulators
– Bus topology
– Pros:
» No powered components
– Cons:
» Breaking one cable breaks whole network
– Length: 180 m total
– Not common any more
Media Types (cont.)
• Twisted pair (10 base T, 100 base T): “UTP”– Pairs of wires (2 or 4 pairs), twisted together
– Star topology
– Pros:
» Each node has a separate connection, thus easy to “plug and play”
» Failure of one cable only affects attached node
» Hubs can provide management information
– Cons:
» Requires a hub, thus more expensive than coaxial
» Failure of hub affects all attached nodes
– Most commonly used cable in the industry
– Length: 90 m per cable run, maximum of 4 hops
Media Types (cont.)
• Optical fibre– Glass fibres transmit light pulses
– Point-to-point connection
– Pros:
» Immune to electrical interference
» High bandwidth
– Cons:
» Installation and maintenance difficult
» Equipment often expensive
– Used for some inter-network connections and high-bandwidth disk connectivity
Transceivers
• Convert signals from a LAN card to specific cable types
• Several types used;– 10 base T
– 10 base 2
– 100 base T
– Gigabit
Application
Presentation
Session
1
2
3
4
5
6
7
Transport
Network
Data Link
Physical
Transport Relay
L3 SwitchRouter
SwitchBridge
HubRepeater
Gateway
Gateways
Gateways
• “Gateway”: Generic term for something that passes data at any level of the OSI stack, but generally used for level 4 or higher.
• For the lower levels, more specific terms are normally used.
Physical Gateways
• Repeater: Re-generates signal
• Allows extension of network beyond standard cable length limits
• Hub: Multi-port repeater
Data Link Gateways
• Bridge: Uses link-level address to determine passing of packets
• Will only transmit frames if the destination address belongs to a node on the other side (learn this automatically)
• Switch: Multi-port bridge– Switches turn CSMA/CD into point to point, enabling it to
scale much more effectively
Network Gateways
• Router: Transmits packets based on IP addresses
• Unix systems can be routers by turning on packet forwarding
• Not recommended: Let routers do routing, and Unix boxes do Unix applications
IP Family Protocols
• TCP: Transmission Control Protocol– Layer 4 connection-oriented (stream) protocol
– Guarantees delivery order and reliability of packets
• UDP: User Datagram Protocol– Layer 4 connectionless (datagram) protocol
– Packets could be lost, duplicated, or out of sequence
• IP(v4): Internet Protocol
• ICMP: Internet Control Message Protocol
• ARP: Address Resolution Protocol
• Unix file: /etc/protocols
Application
Presentation
Session
1
2
3
4
5
6
7
Transport
Network
Data Link
Physical
Port
IP
MAC
Addressing
Host Name
Link Level Addresses
• Also called:– Ethernet address, MAC address, station address,
hardware address
• 48-bits
• Top 24 bits: vendor id
• Bottom 24 bits: node id
• Looks like this:– 000502879BD1, 08:00:09:C8:2D:F0
• Unix commands:– lanscan (HP-UX), ifconfig (Solaris, Linux)
IP Addresses
• Address notation– 32 bit number
– Expressed in “dotted-quad” notation, e.g. 164.112.128.1
• Address classes– Allocate addresses efficiently to different sized
organisations
– Use high-order bits of address to determine class
• Class A– For large organisations
– 24 bits for host addresses
– High order bit: 0
– Network numbers: 1 - 126 (0x00 - 0x7F)
IP Addresses (cont.)
• Class B– For medium-sized organisations
– 16 bits for host addresses
– High order bits: 10
– Network numbers: 128 - 191 (0x80 - 0xBF)
• Class C– For small organisations
– 8 bits for host addresses
– High order bits: 110
– Network numbers: 192 - 223 (0xC0 - 0xDF)
IP Addresses (cont.)
• Class D (Multicast)– Special purpose, datagram only
– Mainly targeted at multimedia broadcasts
– High order bits: 1110
– Network numbers: 224 - 239 (0xE0 - 0xEF)
• Reserved– 240-255: Reserved (undefined?)
• Private networks (RFC 1918):– 10.0.0.0
– 172.16.0.0 - 172.31.0.0
– 192.168.0.0 - 192.168.255.0
– NAT is used to connect private networks to the Internet
IP Addresses (cont.)
• Site notes:– Class B: most nodes
– Class A private: 10.0.0.0 (some routers)
– Class C private: 192.168.x.x (clusters, private backup LANs)
– Class D: 224.0.x.x (NTP, OSPF, RIP, others?)
• Unix commands:– ifconfig: interfaces
– netstat -in: interfaces
– netstat -gn: multicast
– netstat -rn: routing
Subnets
• Subnets are a way of breaking up a larger network into smaller chunks
• Your subnet is the group of hosts you can talk to without going through a router
• Subnets can vary in length, up to the size of the network
• The main reason to use different sizes of subnets is to use address space efficiently, and optimise performance of hosts and routers
Special IP Addresses
• Network: the address on each subnet where the host address is all zeros
• Broadcast: the address on each subnet where the host address is all ones. All hosts on the local subnet should respond to this address
• Loopback: 127.0.0.1. Only the local host will ever respond to this.
Subnet Masks
• Subnet masks are how subnet lengths are specified
• They consist of a bit mask, with the number of 1 bits indicating the number of bits used for the network portion of the IP address.
• 32 bit number, specified as dotted quad, e.g.:– 255.255.252.0
– 255.255.255.0
– 255.255.255.192
• Can also be specified after IP address as a number of bits, e.g.: 10.20.30.0/24
Subnet Masks (cont.)
• Given any IP address and subnet mask, you can work out which subnet it’s in by ANDing the subnet mask with the IP address:
– IP 10.20.30.81 = 0x0A141E51– mask 255.255.255.192 = 0xFFFFFFC0– AND 10.20.30.64 = 0x0A141E40
• To find out the broadcast address, invert the subnet mask and OR them:
– network 10.20.30.81 = 0x0A141E51– ~mask 0.0.0.63 = 0x0000003F– OR 10.20.30.127 = 0x0A141E7F
Subnet Masks (cont.)
• In the above example, everything between 10.20.30.65 and 10.20.30.126 is a useable node address on this subnet
• Common conventions:1:
– Low addresses are communications equipment
– High addresses are servers
2:
– Low addresses are servers
– Middle addresses are workstations
– High addresses are communications equipment
IP Addresses: Warnings
• The same IP address may not be assigned to different hosts (under normal circumstances)
• A node can have more than one interface card
• An interface card can have more than one IP address. This is not supported by HP until HP-UX 11.x; Solaris (and others?) are no problem
• HP-UX, Solaris (and others?) cannot have more than one interface card on the same LAN without problems
TCP/UDP Addresses
• Port number
• 16 bits
• Separate TCP and UDP address spaces
• Unix files:– /etc/services - all known port assignments
– /etc/inetd.conf - active port assignments (mostly)
• Command:– netstat -an - shows all active ports
Host Naming
• Unix host name– hostname
– uname -n
• Network naming systems:– NIS:
» Flat name space» Does more than just hosts: users, groups, protocols,
home directories, etc.– DNS:
» hierarchical» Internet standard» Does mainly hostnames and email routing
– NIS+: combines features of NIS and DNS, adding secure authentication
2. Configuring Unix Networking
• This section will be a bit more practical, but shorter
• We’ll cover:– LAN cards
– IP addresses
– Routes
– Hosts
– Troubleshooting
• Some details are applicable to HP-UX only
LAN Cards
• General hardware information: ioscan -u
• Specific LAN card information: lanscan
• Detailed LAN card information: lanadmin
• Software: swlist -l product | grep Networking
IP Addresses and Routes
• General information: netstat -in
• Multicast: netstat -gn
• Per-LAN card information: ifconfig <lan>
• Routing tables: netstat -rn, route
• Routing daemons: gated, rdpd
• Startup files: /etc/rc.config.d/{netconf,netdaemons}
Host Names
• Looking up hosts– Local: /etc/hosts
– NIS: ypcat hosts
– DNS: nslookup host(on HP-UX, this does local and NIS also)
• Configuring hostname resolution– Resolution order: /etc/nsswitch.conf
– NIS, DNS: /etc/rc.config.d/namesvrs
– DNS: /etc/resolv.conf
Troubleshooting Commands
• ping
• traceroute
• arp
• netstat
• linkloop
• lanadmin
3. Configuring Internet Services
• In this section:– Internet services overview
– Configuration and startup
– Checking connections
Internet Services
C a p a b i l i t y G e n e r a l ( m o s t l y A R P A )B e r k e l e y ( B S D )L o g in T e ln e t r lo g inF ile tr a n s fe r F T P , T F T P r c pC o m m a n d e x e c u tio n r e x e c , r e m s h ( r s h )E m a il s e n d m a ilN e tw o r k in fo r m a tio n r w h o , r u p tim e , fin g e rD y n a m ic r o u tin g g a te d r o u te dN a m e s e r vic e s B IN D , N IST im e s y n c h r o n iz a tio nN T P tim e dD y n a m ic c o n fig u r a tio nB O O T P , D H C PS y s te m lo g g in g s y s lo g dP r in tin g lp d
Clients and Servers
D a e m o n ( / u s r / s b i n )S e r v e r ( / u s r / l b i n )C l i e n t ( / u s r / b i n )S e r v i c ein e t d t e ln e t d , r lo g in dt e ln e t , r lo g in L o g in
f t p d , t f t p d f t p , t f t p F ile t r a n s f e rr e m s h d r c p F ile t r a n s f e rr e x e c d , r e m s h dr e x e c , r e m s h ( r s h )C o m m a n d e x e c u t io ns e n d m a il m a il E m a ilr w h o d , f in g e r d r w h o , r u p t im e , f in g e rN e t w o r k in f o r m a t io n
b o o t p d b o o t p d b o o t p q u e r y D y n a m ic c o n f ig u r a t io ng a t e d , r d p d D y n a m ic r o u t in gn a m e d n s lo o k u p N a m e s e r v ic e sx n t p d n t p q , n t p d a t e T im e s y n c h r o n iz a t io ns y s lo g d s y s lo g d , lo g g e r S y s t e m lo g g in gr lp d a e m o n lp ( r lp ) P r in t in g
How inetd Works
• Listens on ports, waiting for connections
• When connection arrives, UNIX checks against security file /var/adm/inetd.sec to allow or deny access
Linux uses tcpd for the same purpose: /etc/hosts.{allow,deny}
• Sets up socket connection
• Invokes server process and transfers control to it
• Returns to listening
inetd Configuration Files
• /etc/services: Well-known ports
• /etc/inetd.conf: Active inetd services
• /var/adm/inetd.sec: Access control for inetd
• /etc/rc.config.d/netdaemons: Command line parameters for inetd startup
Service StartupService Startup Script Startup Configuration
/sbin/init.d /etc/rc.config.dDynamic routing gated netconfInternet daemon inetd netdaemonsDNS named namesvrsGeneral networking net netconfTracing and logging nettl nettlNFS nfs.client nfsconfNFS nfs.core nfsconfNFS nfs.server nfsconfNIS nis.client namesvrsNIS nis.server namesvrsNetwork informationrwhod netdaemonsEmail sendmail mailservsSystem logging syslogdNTP xntp netdaemons
Checking Connections
• netstat
• netstat -a
Remote Login
• rlogin configuration files:– /etc/hosts.equiv
» System-wide
» Permissions 444
» root ignores it
– $HOME/.rhosts
» Per-user
» Permissions 600
» Can override hosts.equiv
» Can be overridden with rlogind -l
FTP
• /etc/ftpusers– Lists users not allowed to login via ftpd
– All users without passwords are also not allowed to login
• $HOME/.netrc– Specifies hosts, usernames, and passwords for ftp &
rexec
– Don’t use it!
Anonymous FTP
• Uses ftp user home directory
• Does a chroot() to ~ftp so that user is “sandboxed”
• Needs certain directories & files to work:– ~ftp/usr/bin/ls, mode 111
– ~ftp/etc/{passwd,group,logingroup}, mode 444
• Other directories:– ~ftp/dist: outgoing files (elsewhere ~ftp/pub)
– ~ftp/pub: incoming files (elsewhere ~ftp/incoming)
• ftpd -l logs information to syslog
Other Protocols and Services
• See the separate handout for:– Router Discovery Protocol (RDP)
– Network Time Protocol (NTP)
– Network Information Service (NIS)
– Network File System (NFS)
Recommended