A host is a computer.

Many people automatically think of a desktop computer or laptop

when they hear the term computer. In reality, many other devices, such as cell phones,
Host
digital music players and many modern televisions, are also computers. In networking
terms, a host is any device that communicates via a network with another device.
A network is a collection of two or more hosts (computers) that are able to communicate
Network
with each other. This communication can be via a wired connection or wireless.
The Internet is an example of a network. It consists of a publicly accessible network that
connects millions of hosts throughout the world. Many people use the Internet to surf
Internet
web pages and exchange emails, but the Internet has many additional capabilities besides
these activities.
Wi-Fi The term Wi-Fi refers to wireless networks.
A host that provides a service to another host or client is called a server. For example, a
Server web server stores, processes and delivers web pages. An email server receives incoming
mail and delivers outgoing mail.
A feature provided by a host is a service. An example of a service would be when a host
Service
provides web pages to another host.
A client is a host that is accessing a server. When you are working on a computer surfing
Client
the Internet, you are considered to be on a client host.
Also called a gateway, a router is a machine that connects hosts from one network to
another network. For example, if you work in an office environment, the computers
within the company can all communicate via the local network created by the
Router administrators. To access the Internet, the computers would have to communicate with a
router that would be used to forward network communications to the Internet. Typically
when you communicate on a large network (like the Internet), several routers are used
before your communication reaches its final destination.

14.3 Networking Features Terminology

In addition to the networking terms discussed in the last section, there are some additional terms
with which you should be familiar. These terms focus more on the different types of networking
services that are commonly used, as well as some of the techniques that are used to communicate
between machines.

A network packet is used to send network communication between hosts. By breaking

Packet down communication into smaller chunks (packets), the data delivery method is much
more efficient.
An Internet Protocol (IP) address is a unique number assigned to a host on a network.
IP Address
Hosts use these numbers to address network communication.
Also called a netmask, subnet mask or mask, a network mask is a number system that
Mask can be used to define which IP addresses are considered to be within a single network.
Because of how routers perform their functions, networks have to be clearly defined.
Each host on a network could have its own hostname because names are more natural
for humans to remember than numbers, making it easier for us to address network
Hostname
packets to another host. Hostnames are translated into IP addresses before the network
packet is sent on the network.
URL A Uniform Resource Locator (URL), also commonly called a web address, is used to
locate a resource, like a web page, on the internet. It’s what you type into your web
browser to access a web page. For example, http://www.netdevgroup.com. It includes
 the protocol http:// and the hostname www.netdevgroup.com.
Hosts can be assigned hostnames, IP addresses and other network-related information
by a DHCP (Dynamic Host Configuration Protocol) server. In the world of computers,
DHCP a protocol is a well-defined set of rules. DHCP defines how network information is
assigned to client hosts, and the DHCP server is the machine that provides this
information.
As mentioned previously, hostnames are translated into IP addresses, prior to the
network packet being sent on the network. So your host needs to know the IP address
of all of the other hosts with which you are communicating. When working on a large
DNS
network (like the Internet), this can pose a challenge as there are so many hosts. A
Domain Name System (DNS) provides the service of translating domain names into IP
addresses.
In a wired network environment, Ethernet is the most common way to physically
connect the hosts into a network. Ethernet cables are connected to network cards that
support Ethernet connections. Ethernet cables and devices (such as routers) are
Ethernet
specifically designed to support different communication speeds, the lowest being 10
Mbps (10 Megabits per second) and the highest being 100 Gbps (100 gigabits per
second). The most common speeds are 100 Mbps and 1 Gbps.
The Transmission Control Protocol/Internet Protocol (TCP/IP) is a fancy name for a
collection of protocols (remember, protocol = set of rules) that are used to define how
network communication should take place between hosts. While it isn't the only
TCP/IP
collection of protocols used to define network communication, it is the most often
utilized one. As an example, TCP/IP includes the definition of how IP addresses and
network masks work.

14.4 IP Addresses
As previously mentioned, hosts address network packets by using the IP address of the destination
machine. The network packet also includes a return address, which is the IP address of the sending
machine.
There are, in fact, two different types of IP addresses: IPv4 and IPv6. To understand why there are
two different types, you need to understand a brief bit of IP addressing history.
For many years, the IP addressing technique that was used by all computers was IPv4. In an IPv4
address, a total of four 8-bit numbers are used to define the address. This is considered a 32-bit
address (4 x 8 = 32). For example:
192.168.10.120.

8-bit refers to numbers from 0 to 255.

Each host on the Internet must have a unique IP address. In an IPv4 environment, there is a
technical limit of about 4.3 billion IP addresses. However, many of these IP addresses are not usable
for various reasons. Also, many organizations haven't made use of all of the IP addresses they have
available.
While it seems like there should be plenty of IP addresses to go around, various factors have led to a
problem: the Internet started running out of IP addresses.
This issue encouraged the development of IPv6. IPv6 was officially created in 1998. In an IPv6
network the addresses are much larger, 128-bit addresses that look like this:
2001:0db8:85a3:0042:1000:8a2e:0370:7334

Essentially, this provides for a much larger address pool, so large that running out of addresses any
time in the near future is very unlikely.
It is important to note that the difference between IPv4 and IPv6 isn't just a larger address pool.
IPv6 has many other advanced features that address some of the limitations of IPv4, including better
speed, more advanced package management and more efficient data transportation.
Considering all the advantages, you would think that by now all hosts would be using IPv6.
However, the majority of network-attached devices in the world still use IPv4 (something like 98-
99% of all devices).
So, why hasn't the world embraced the superior technology of IPv6?
There are primarily two reasons:
 NAT: Invented to overcome the possibility of running out of IP addresses in an IPv4
environment, Net Address Translation (NAT) used a technique to provide more hosts access
to the Internet. In a nutshell, a group of hosts is placed into a private network with no direct
access to the Internet; a special router provides Internet access, and only this one router
needs an IP address to communicate on the Internet. In other words, a group of hosts shares
a single IP address, meaning a lot more computers can attach to the Internet. This feature
means the need to move to IPv6 is less critical than before the invention of NAT.
 Porting: Porting is switching over from one technology to another. IPv6 has a lot of great
new features, but all of the hosts need to be able to utilize these features. Getting everyone
on the Internet (or even just some) to make these changes poses a challenge. ‌ 
Nonetheless, most experts agree that IPv6 will eventually replace IPv4, so understanding the basics
of both is recommended for those who work in the IT industry.

Configuration File
The primary configuration file for an IPv4 network interface is the
/etc/sysconfig/network-scripts/ifcfg-eth0 file. The following demonstrates what
this file looks like when configured for a static IP address:
root@localhost:~# cat /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE="eth0"
BOOTPROTO=none
NM_CONTROLLED="yes"
ONBOOT=yes
TYPE="Ethernet"
UUID="98cf38bf-d91c-49b3-bb1b-f48ae7f2d3b5"
DEFROUTE=yes
IPV4 _FAILURE_FATAL=yes
IPV6INOT=no
NAME="System eth0"
IPADDR=192.168.1.1
PREFIX=24
GATEWAY=192.168.1.1
DNS1=192.168.1.2
HWADDR=00:50:56:90:18:18
LAST_CONNECT=1376319928

If the device were configured to be a DHCP client, the BOOTPROTO value would be set to dhcp,
and the IPADDR, GATEWAY and DNS1 values would not be set.

14.5.1.2 Primary IPv6 Configuration File

On a CentOS system, the primary IPv6 configuration file is the same file where IPv4 configuration
is stored; the /etc/sysconfig/network-scripts/ifcfg-eth0 file. If you want to have
your system have a static IPv6 address, add the following to the configuration file:
IPV6INIT=yes
IPV6ADDR=<IPv6 IP Address>
IPV6_DEFAULTGW=<IPv6 IP Gateway Address>

If you want your system to be a DHCP IPv6 client, then add the following setting:
DHCPV6C=yes

You also need to add the following setting to the /etc/sysconfig/network file:
NETWORKING_IPV6=yes

Consider This
The widely accepted method of making changes to a network interface is to take the interface down
using a command such as ifdown eth0, make the desired changes to the configuration file, and
then bring the interface back up and into service with a command such as ifup eth0.

Another less specific method is to restart the system’s networking entirely, with a command such as
service network restart, which takes down ALL interfaces, re-reads all related
configuration files, and then restarts the networking for the system.
Restarting the network service can disrupt much more than just the single interface a user wanted to
change, so use the most limited and specific commands to restart the interface if possible.
The following example demonstrates how the service command would need to be executed on a
CentOS system:
[root@localhost ~]# service network restart
Shutting down interface eth0: Device state: 3 (disconnected)
[ OK ]
Shutting down loopback interface: [ OK ]
Bringing up loopback interface: [ OK ]
Bringing up interface eth0: Active connection state: activated
Active connection path: /org/freedesktop/NetworkManager/ActiveConnection/1
[ OK ]

14.5.1.3 Domain Name System (DNS)

When a computer is asked to access a website, such as www.example.com, it does not necessarily
know what IP address to use. For the computer to associate an IP address with the URL or hostname
request, the computer relies upon the DNS service of another computer. Often, the IP address of the
DNS server is discovered during the DHCP request, while a computer is receiving important
addressing information to communicate on the network.
The address of the DNS server is stored in the /etc/resolv.conf file. A typical
/etc/resolv.conf file is automatically generated and looks like the following:
sysadmin@localhost:~$ cat /etc/resolv.conf
nameserver 127.0.0.1

The nameserver setting is often set to the IP address of the DNS server. The following example
uses the host command, which works with DNS to associate a hostname with an IP address. Note
that the example server is associated with the IP address 192.168.1.2 by the DNS server:
sysadmin@localhost:~$ host example.com
example.com has address 192.168.1.2

It is also common to have multiple nameserver settings, in the event that one DNS server isn't
responding.

14.5.1.4 Network Configuration Files

Name resolution on a Linux host is accomplished by 3 critical files: the /etc/hosts,
/etc/resolv.conf and /etc/nsswitch.conf files. Together, they describe the location of
name service information, the order in which to check resources, and where to go for that
information.
‌ 
Files Explanation
This file contains a table of hostnames to IP addresses. It can be used to
supplement a DNS server.
/etc/hosts
sysadmin@localhost:~$ cat /etc/hosts
127.0.0.1 localhost

This file contains the IP addresses of the name servers the system should
consult in any attempt to resolve names to IP addresses. These servers are
/ often DNS servers. It also can contain additional keywords and values that
etc/resolv.con can affect the resolution process.
f
sysadmin@localhost:~$ cat /etc/resolv.conf
nameserver 127.0.0.11

/ This file can be used to modify where hostname lookups occur. It contains a
etc/nsswitch.c particular entry that describes in what order name resolution sources are
onf consulted.

sysadmin@localhost:~$ cat /etc/nsswitch.conf

# /etc/nsswitch.conf
#

Output Omitted...

hosts: files dns

 Files Explanation

Output Omitted...

The /etc/hosts file is searched first, the DNS server second:

hosts: files dns

The DNS server would be searched first, local files second:

hosts: dns files

Commands or programs on the system, such as the browser, request a connection with a remote
computer by DNS name. Then the system consults various files in a particular order to attempt to
resolve that name into a usable IP address.
1. First, the /etc/nsswitch.conf file is consulted:
hosts: files dns

This line indicates that the system should consult local files first in an attempt to resolve
hostnames, which means that the /etc/hosts file will be parsed for a match to the
requested name.
2. Second, the system will consult the /etc/hosts file to attempt to resolve the name. If the
name matches an entry in /etc/hosts, it is resolved.

It will not failover (or continue) to the DNS option, even if the resolution is inaccurate. This
can occur if the entry in /etc/hosts points to a non-assigned IP address.

3. Third, if the local /etc/hosts file doesn’t result in a match, the system will use the
configured DNS server entries contained in the /etc/resolv.conf file to attempt to
resolve the name.
The /etc/resolv.conf file should contain at least two entries for name servers, such as
the example file below:
nameserver 10.0.2.3
nameserver 10.0.2.4

The DNS resolution system will use the first name server for an attempted lookup of the
name. If that is unavailable, or a timeout period is reached, the second server will then be
queried for the name resolution. If a match is found, it is returned to the system and used for
initiating a connection and is also placed in the DNS cache for a configurable time period.
Consider This
Two other keywords may appear in the system’s /etc/resolv.conf file. Although these are
beyond the scope of this course, they are routinely included in default /etc/resolv.conf files
and so we include explanations of these terms below:
domain Followed by a qualified domain, such as snowblower.example.com, allows the
query for the host polaris to be tried both just as the host polaris, or failing that,
 appending the rest of the domain name to it and hopefully having it resolved by the
server as that name (e.g. polaris.snowblower.example.com.).
search Followed by a set of separate domains which can be queried one after the other hopefully
to resolve the name.

14.6 Network Tools

There are several commands that you can use to view network information. These tools can also be
useful when you are troubleshooting network issues.

14.6.1 The ifconfig Command

The ifconfig command stands for interface configuration and is used to display network
configuration information. Not all network settings are covered in this course, but it is important to
note from the output below that the IP address of the primary network device eth0 is
192.168.1.2 and that the device is currently active UP:
root@localhost:~# ifconfig
eth0 Link encap:Ethernet HWaddr b6:84:ab:e9:8f:0a
inet addr:192.168.1.2 Bcast:0.0.0.0 Mask:255.255.255.0
inet6 addr: fe80::b484:abff:fee9:8f0a/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:95 errors:0 dropped:4 overruns:0 frame:0
TX packets:9 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:25306 (25.3 KB) TX bytes:690 (690.0 B)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:6 errors:0 dropped:0 overruns:0 frame:0
TX packets:6 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:460 (460.0 B) TX bytes:460 (460.0 B)

The lo device is referred to as the loopback device. It is a special network device used by the
system when sending network-based data to itself.
The ifconfig command can also be used to modify network settings temporarily. Typically these
changes should be permanent, so using the ifconfig command to make such changes is
relatively rare.

14.6.2 The ip Command

The ifconfig command is becoming obsolete in some Linux distributions (deprecated) and is
being replaced with a form of the ip command, specifically ip addr show.

The ip command differs from ifconfig in several important manners, chiefly that through its
increased functionality and set of options, it can almost be a one-stop shop for configuration and
control of a system’s networking. The format for the ip command is as follows:
ip [OPTIONS] OBJECT COMMAND
While ifconfig is limited primarily to modification of networking parameters, and displaying
the configuration details of networking components, the ip command branches out to do some of
the work of several other legacy commands such as route and arp.

Note: Linux and Unix commands don’t usually just disappear when they become obsolete; they
stick around as a legacy command, sometimes for many years, as the number of scripts that depend
on those commands, and the amount of muscle memory amongst system administrators, makes it a
good idea to keep them around for compatibility sake.
The ip command can initially appear to be a little more verbose than the ifconfig command,
but it’s a matter of phrasing and a result of the philosophy behind the operation of the ip command.

In the example below, both the ifconfig command and ip command are used to show all
interfaces on the system.
root@localhost:~# ifconfig
eth0 Link encap:Ethernet HWaddr 00:0c:29:71:f0:bb
inet addr:172.16.241.140 Bcast:172.16.241.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fe71:f0bb/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:8506 errors:0 dropped:0 overruns:0 frame:0
TX packets:1201 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:8933700 (8.9 MB) TX bytes:117237 (117.2 KB)

lo Link encap:Local Loopback

inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:285 errors:0 dropped:0 overruns:0 frame:0
TX packets:285 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1
RX bytes:21413 (21.4 KB) TX bytes:21413 (21.4 KB)
root@localhost:~# ip addr show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group
default qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP
group default qlen 1000
link/ether 00:0c:29:71:f0:bb brd ff:ff:ff:ff:ff:ff
inet 172.16.241.140/24 brd 172.16.241.255 scope global eth0
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fe71:f0bb/64 scope link
valid_lft forever preferred_lft forever

Both show the type of interface, protocols, hardware and IP addresses, network masks and various
other information about each of the active interfaces on the system.
 14.6.3 The route Command
Recall that a router (or gateway) is a machine that allows hosts from one network to communicate
with another network. To view a table that describes where network packages are sent, use the
route command:
root@localhost:~# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.1.0 * 255.255.255.0 U 0 0 0 eth0
default 192.168.1.1 0.0.0.0 UG 0 0 0 eth0

The first highlighted line in the preceding example indicates that any network package sent to a
machine in the 192.168.1 network is not sent to a gateway machine (the * indicates no
gateway). The second highlighted line indicates that all other network packets are sent to the host
with the IP address of 192.168.1.1 (the router).

Some users prefer to display this information with numeric data only, by using the -n option to the
route command. For example, look at the following and focus on where the output used to display
default:
root@localhost:~# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
0.0.0.0 192.168.1.1 0.0.0.0 UG 0 0 0 eth0

The 0.0.0.0 refers to all other machines, and is the same as default.

The route command is becoming obsolete in some Linux distributions (deprecated) and is being
replaced with a form of the ip command, specifically ip route show. Note that the same
information highlighted above can also be found using this command:
root@localhost:~# ip route show
default via 192.168.1.254 dev eth0 proto static
192.168.1.0/24 dev eth0 proto kernel scope link src 192.168.1.2