REDHAT 5 – TCP / IP

Posted: September 7, 2010 in REDHAT 5 LinUX



TCP/ IP

Introduction

Now that you have a firm grasp of many of the most commonly used networking concepts, it is time to apply them to the configuration of your server. Some of these activities are automatically covered during a Linux installation, but you will often find yourself having to know how to modify these initial settings whenever you need to move your server to another network, add a new network interface card or use an alternative means of connecting to the Internet.

we started with an explanation of TCP/IP, so we’ll start this Linux networking chapter with a discussion on how to configure the IP address of your server.

How to Configure Your NIC’s IP Address

You need to know all the steps needed to configure IP addresses on a NIC card. Web site shopping cart applications frequently need an additional IP address dedicated to them. You also might need to add a secondary NIC interface to your server to handle data backups. Last but not least, you might just want to play around with the server to test your skills.

This section shows you how to do the most common server IP activities with the least amount of headaches.

Determining Your IP Address

Most modern PCs come with an Ethernet port. When Linux is installed, this device is called eth0. You can determine the IP address of this device with the ifconfig command.

[root@bigboy tmp]# ifconfig -a

eth0 Link encap:Ethernet HWaddr 00:08:C7:10:74:A8

BROADCAST MULTICAST MTU:1500 Metric:1

RX packets:0 errors:0 dropped:0 overruns:0 frame:0

TX packets:0 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:100

RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)

Interrupt:11 Base address:0x1820

lo Link encap:Local Loopback

inet addr:127.0.0.1 Mask:255.0.0.0

UP LOOPBACK RUNNING MTU:16436 Metric:1

RX packets:787 errors:0 dropped:0 overruns:0 frame:0

TX packets:787 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:0

RX bytes:82644 (80.7 Kb) TX bytes:82644 (80.7 Kb)

wlan0 Link encap:Ethernet HWaddr 00:06:25:09:6A:B5

inet addr:192.168.1.100 Bcast:192.168.1.255 Mask:255.255.255.0

UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1

RX packets:47379 errors:0 dropped:0 overruns:0 frame:0

TX packets:107900 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:100

RX bytes:4676853 (4.4 Mb) TX bytes:43209032 (41.2 Mb)

Interrupt:11 Memory:c887a000-c887b000

wlan0:0 Link encap:Ethernet HWaddr 00:06:25:09:6A:B5

inet addr:192.168.1.99 Bcast:192.168.1.255 Mask:255.255.255.0

UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1

Interrupt:11 Memory:c887a000-c887b000

[root@bigboy tmp]#
In this example, eth0 has no IP address because this box is using wireless interface wlan0 as its main NIC. Interface wlan0 has an IP address of 192.168.1.100 and a subnet mask of 255.255.255.0

You can see that this command gives good information on the interrupts, or PCI bus ID, used by each card. On very rare occasions you might find that your NIC card doesn’t work because it shares both an interrupt and memory access address with some other device. You can look at the contents of the /proc/interrupts file to get a listing of all the interrupt IRQs used by your system. In the example below we can see that there are no conflicts with each IRQ from 0 to 15 having only a single entry. Devices eth0 and eth1 use interrupts 10 and 5, respectively:

[root@bigboy tmp]# cat /proc/interrupts

CPU0

0:  2707402473          XT-PIC  timer

1:          67          XT-PIC  i8042

2:           0          XT-PIC  cascade

5:      411342          XT-PIC  eth1

8:           1          XT-PIC  rtc

10:     1898752          XT-PIC  eth0

11:           0          XT-PIC  uhci_hcd

12:          58          XT-PIC  i8042

14:     5075806          XT-PIC  ide0

15:         506          XT-PIC  ide1

NMI:           0

ERR:          43

[root@bigboy tmp]#

If there are conflicts, you might need to refer to the manual for the offending device to try to determine ways to either use another interrupt or memory I/O location.

Changing Your IP Address

If you wanted, you could give this eth0 interface an IP address using the ifconfig command.

[root@bigboy tmp]# ifconfig eth0 10.0.0.1 netmask 255.255.255.0 up

The “up” at the end of the command activates the interface. To make this permanent each time you boot up you’ll have to add this command in your /etc/rc.local file which is run at the end of every reboot.

Fedora Linux also makes life a little easier with interface configuration files located in the /etc/sysconfig/network-scripts directory. Interface eth0 has a file called ifcfg-eth0, eth1 uses ifcfg-eth1, and so on. You can place your IP address information in these files, which are then used to auto-configure your NICs when Linux boots. See Figure 3-1 for two samples of interface eth0. One assumes the interface has a fixed IP address, and the other assumes it requires an IP address assignment using DHCP.

Fixed IP Address

[root@bigboy tmp]# cd /etc/sysconfig/network-scripts

[root@bigboy network-scripts]# cat ifcfg-eth0

#

# File: ifcfg-eth0

#

DEVICE=eth0

IPADDR=192.168.1.100

NETMASK=255.255.255.0

BOOTPROTO=static

ONBOOT=yes

#

# The following settings are optional

#

BROADCAST=192.168.1.255

NETWORK=192.168.1.0

[root@bigboy network-scripts]#

Getting the IP Address Using DHCP

[root@bigboy tmp]# cd /etc/sysconfig/network-scripts

[root@bigboy network-scripts]# cat ifcfg-eth0

#

# File: ifcfg-eth0

#

DEVICE=eth0

BOOTPROTO=dhcp

ONBOOT=yes

[root@bigboy network-scripts]#

How to Activate/Shut Down Your NIC

The ifup and ifdown commands can be used respectively to activate and deactivate a NIC interface. You must have an ifcfg file in the /etc/sysconfig/network-scripts directory for these commands to work. Here is an example for interface eth0:

[root@bigboy tmp]# ifdown eth0
[root@bigboy tmp]# ifup eth0

How to View Your Current Routing Table

The netstat -nr command will provide the contents of the touting table. Networks with a gateway of 0.0.0.0 are usually directly connected to the interface. No gateway is needed to reach your own directly connected interface, so a gateway address of 0.0.0.0 seems appropriate. The route with a destination address of 0.0.0.0 is your default gateway.

  • In this example there are two gateways, the default and one to 255.255.255.255 which is usually added on DHCP servers. Server bigboy is a DHCP server in this case.

[root@bigboy tmp]# netstat -nr

Kernel IP routing table

Destination     Gateway     Genmask         Flags MSS Window irtt Iface

255.255.255.255 0.0.0.0     255.255.255.255 UH    40  0      0    wlan0

192.168.1.0     0.0.0.0     255.255.255.0   U     40  0      0    wlan0

127.0.0.0       0.0.0.0     255.0.0.0       U     40  0      0    lo

0.0.0.0         192.168.1.1 0.0.0.0         UG    40  0      0    wlan0

[root@bigboy tmp]#

  • In this example, there are multiple gateways handling traffic destined for different networks on different interfaces.

[root@bigboy tmp]# netstat -nr

Kernel IP routing table

Destination   Gateway       Genmask         Flags MSS Window irtt Iface

172.16.68.64  172.16.69.193 255.255.255.224 UG    40  0      0    eth1

172.16.11.96  172.16.69.193 255.255.255.224 UG    40  0      0    eth1

172.16.68.32  172.16.69.193 255.255.255.224 UG    40  0      0    eth1

172.16.67.0   172.16.67.135 255.255.255.224 UG    40  0      0    eth0

172.16.69.192 0.0.0.0       255.255.255.192 U     40  0      0    eth1

172.16.67.128 0.0.0.0       255.255.255.128 U     40  0      0    eth0

172.160.0     172.16.67.135 255.255.0.0     UG    40  0      0    eth0

172.16.0.0    172.16.67.131 255.240.0.0     UG    40  0      0    eth0

127.0.0.0     0.0.0.0       255.0.0.0       U     40  0      0    lo

0.0.0.0       172.16.69.193 0.0.0.0         UG    40  0      0    eth1

[root@bigboy tmp]#

Configuring Your /etc/hosts File

The /etc/hosts file is just a list of IP addresses and their corresponding server names. Your server will typically check this file before referencing DNS. If the name is found with a corresponding IP address then DNS won’t be queried at all. Unfortunately, if the IP address for that host changes, you also have to also update the file. This may not be much of a concern for a single server, but can become laborious if it has to be done companywide. For ease of management, it is often easiest to limit entries in this file to just the loopback interface and also the server’s own hostname, and use a centralized DNS server to handle most of the rest. Sometimes you might not be the one managing the DNS server, and in such cases it may be easier to add a quick /etc/hosts file entry till the centralized change can be made.

192.168.1.101  smallfry

In the example above server smallfry has an IP address of 192.168.1.101. You can access 192.168.1.101 using the ping, telnet or any other network aware program by referring to it as smallfry. Here is an example using the ping command to see whether smallfry is alive and well on the network:

[root@bigboy tmp]# ping smallfry
PING zero (192.168.1.101) 56(84) bytes of data.
64 bytes from smallfry (192.168.1.101): icmp_seq=0 ttl=64 time=0.197 ms
64 bytes from smallfry (192.168.1.101): icmp_seq=1 ttl=64 time=0.047 ms

--- smallfry ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 2017ms
rtt min/avg/max/mdev = 0.034/0.092/0.197/0.074 ms, pipe 2
[root@bigboy tmp]#

You can also add aliases to the end of the line which enable you to refer to the server using other names. Here we have set it up so that smallfry can also be accessed using the names tiny and littleguy.

192.168.1.101  smallfry  tiny  littleguy

You should never have an IP address more than once in this file because Linux will use only the values in the first entry it finds.

192.168.1.101  smallfry    # (Wrong)
192.168.1.101  tiny        # (Wrong)
192.168.1.101  littleguy   # (Wrong)

The loopback Interface’s localhost Entry

Usually the first entry in /etc/hosts defines the IP address of the server’s virtual loopback interface. This is usually mapped to the name localhost.localdomain (the universal name used when a server refers to itself) and localhost (the shortened alias name). By default, Fedora inserts the hostname of the server between the 127.0.0.1 and the localhost entries like this:

127.0.0.1     bigboy    localhost.localdomain    localhost

When the server is connected to the Internet this first entry after the 127.0.0.1 needs to be the fully qualified domain name (FQDN) of the server. For example, bigboy.mysite.com, like this:

127.0.0.1     bigboy.my-site.com    localhost.localdomain    localhost

Some programs such as Sendmail are very sensitive to this and if they detect what they feel is an incorrect FQDN they will default to using the name localhost.localdomain when communicating with another server on the network. This can cause confusion, as the other server also feels it is localhost.localdomain.

Note: You must always have a localhost and localhost.localdomain entry mapping to 127.0.0.1 for Linux to work properly and securely

Conclusion

As you can imagine, configuring Linux networking is just a first step in providing Internet access to your server. There always things that can go wrong that may be totally out of your control. Good systems administrators know the tools needed to be able to identify the probable causes of these types of problem which enables them to know the type of help they need to fix it. The next two chapters show you how to confidently test your network and Linux server applications confidently when things appear to go wrong. The skills you develop to identify and rectify these issues could prove to be invaluable to your company and career

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s