Chapter 4

Network Management

4.1 TCP/IP Networking :

TCP/IP provides a number of command-line utilities that can be useful when
troubleshooting networks.
Linux was built for the Internet and networking, it works extremely well as a computer
connected to other computers.
TCP/IP is the protocol that all applications along with networking will uses. It's the way data
is sent over a network.
The idea behind TCP/IP is to send data broken up into little packets. These packets then are
sent out into the network. If one is lost or gets corrupted, it is easy to resend them.
In TCP/IP networking everything is built on TCP/IP that means that all computers will follow
the same protocol for sending and getting data over a network.
The specifics of these protocols require that each computer on a network have an IP address,
which is a number that looks something like (192.168.0.1). Four number that go from 0-255
with dots in between. This is how other computers can find each over a network, by using an
IP address.
There are two ways to get an IP address. You can either use a static IP address or a dynamic
IP address.
1. Static means that you put in the IP number yourself.
2. Dynamic means that you will get your IP address from a server (this is also called DHCP)

4.2 Configuring Linux Box for networking :

To connect to a network, we have ethernet, as it is the most common form of a network today.
In Linux, the ethernet card is described as eth0. The zero is because it will be for the first
ethernet card. If you have another one installed, it will be called eth1. So whenever you eth0
it means the first ethernet card and the way that you are connecting to the network.

The easy way to change your IP address is to use one of the configuration programs that
come with the distribution. To change it the difficult way though we'll use the command line
The command 'ifconfig' will tell you all about your networking currently, but it will also let
you reset your IP address.

ifconfig eth0 192.168.0.4 netmask 255.255.255.0 broadcast 192.168.0.255

The first option, 'eth0' says this is for the first ethernet card. The next is the IP address you are
assigning to that ethernet card. The next two fields are the netmask and broadcast.

The netmask number, which usually looks like 255.255.255.0, is used to determine whether a
message goes to a machine that is on the same subnet as the machine that sends the message.
This means that if all your computers on your network start with 192.168.0.x, where x
changes (from 0- 255), then your netmask will be 255.255.255.0 because messages will only
get sent to the last part of the network number.

A broadcast number is used to talk to all computers or hosts on your LAN at the same time

The function of the broadcast IP number is to make sure that all hosts that are supposed to be
listening are and that the broadcast is not passed to the entire Internet.

Network and System Administration 1

The broadcast number for the number 129.100.27.44 would be 129.100.27.255, allowing the
broadcast to reach all the hosts on net 27 but no other nets.

Ubuntu Commands
Configuring Static IP Address For Your Network Card
Configure a Static IP address by editing /etc/network/interfaces. Replace eth0 with your
network interface card (see Find Network Interface Card).
sudo nano /etc/network/interfaces
# The primary network interface
auto eth0
iface eth0 inet static
address 192.168.2.33
gateway 192.168.2.1
netmask 255.255.255.0
network 192.168.2.0
broadcast 192.168.2.255
For these settings to take effect you need to restart your networking services.
sudo /etc/init.d/networking restart

• ifconfig
– ifconfig (interface configurator) command is use to initialize an interface,
assign IP Address to interface and enable or disable interface on demand.
– With this command you can view IP Address and Hardware / MAC
address assign to interface and also MTU (Maximum transmission unit) size.
– Example: ifconfig eth0
• ifconfig with interface (eth0) command only shows specific interface
details like IP Address, MAC Address etc
• Enable or Disable Specific Interface
– To enable or disable specific interfaces we use the following commands
respectively.
• ifup eth0 – enables eth0 interface
• ifdown eth0 – disables eth0 interface

Changing the hostname : After installation of the system, we will be asked for what the
hostname of the computer would be. If you wanted to change this name now, you can use the
command 'hostname', like –
 [root@comp root]# hostname new-name
Then you would open the file
/etc/sysconfig/network
where a few network setting are saved and change the field that says hostname to your new
name.
You also have to make sure you /etc/hosts file is changed and updated with your new
hostname
The next time you restart your computer the new hostname will take effect.

4.3 Configuring a Linux Box as a Router :

We can even use Linux to act as a router, forwarding all the requests on a network into the
Internet for example
To set this, use the following command –
 echo 1 > /proc/sys/net/ipv4/ip_forward

Network and System Administration 2

This will turn on forwarding in the system and other computers will now be able to use the
Linux computer as a router.
The command echo will output '1' into the file called ip_forward.
That means it will enable it.

Programs to look at your network

There are a lot of programs that will help you understand what is happening in your network.
We'll go over a few of them :
Turn on networking on your computer (in case you made a change) –
 [root@comp root]# service network start
Show the IP routing table (the path that packets will take on their destination) –
 [root@comp root]# route -e

# netstat
- Display connections, routing tables, stats etc
–List externally connected processes:
 netstat -punta
–List all connected processes:
 netstat -nap
–Show network statistics:
 netstat -s
4.4 Configuring a Web Server (Apache)
 The port for a webserver is usually port 80. That means when you go to a webpage,
you are sending data that says 'give me this webpage' to some IP address to port 80.
Ports allow many networked services run on a computer at the same time.
 Most computers will usually have quite a few services running that have opened
different ports on a computer
 Network services on a Linux computer will act just like the services in the /etc/init.d
folder, except there is a more sophisticated way to control them.
4.5 Configuring a DNS Server (BIND)
 The Configuration files
 /etc/resolv.conf - resolver configuration file – domain domain.com – your domain
name – search name-of-domain.com - Name of your domain or ISP's domain if using
their name server – nameserver XXX.XXX.XXX.XXX - IP address of primary name
server – nameserver XXX.XXX.XXX.XXX - IP address of secondary name server.
 This configures Linux so that it knows which DNS server will be resolving domain
names into IP addresses.
If using DHCP is used, this will automatically be sent to you by the ISP and loaded into
this file as part of the DHCP protocol. If using a static IP address, then you'll have to fill it
in yourself.

4.6 Configuring Mail Transfer Agents (Postfix)

• The main components of an e-mail system that facilitate sending and receiving of e-mails on
Internet are :
 An e-mail client
 An e-mail server (SMTP server)
 POP and IMAP servers.
• An e-mail client provides you with the following capabilities:

Network and System Administration 3

  Provides a list of messages that people have sent to you. Each entry in the list
contains the name of sender, a subject, a few words from the message body and the
time/date on which it was received.
 Provides the ability to read a complete message, reply to it or forward it to other
people.
 Provides the ability to compose a new message and send it to the desired recipients.
 Delete a message.
• The e-mail clients could be:
 Standalone (like Microsoft Outlook, Pegasus etc) or
 Could be web based (like gmail, yahoo etc).
• There could be many advanced abilities that e-mail clients may provide.
 But whatever the type of e-mail client be, the core abilities described above are
provided by all type of clients.
Email Server :
• Whenever you send a message from your e-mail client, it goes to an e-mail server.
• The e-mail server manages the messages received by it.
 It forwards the message to a POP or IMAP service if the message is to be sent to a
recipient on the same subnet
 else it follows the standard procedure to send the message over Internet to the
destined person.
• An e-mail server comes into the picture twice if e-mail is sent over Internet to a remote
destination.
 First it’s the sender’s e-mail server that sends the e-mail over the Internet
 Second is the receiver’s e-mail server that receives the e-mail and makes sure that it is
delivered to the recipient’s system.
 On the other hand, an E-mail server comes into picture only once when the recipient
is on the same subnet.
 SMTP servers are widely used as e-mail servers all over the internet. An SMTP
server is also known as Mail Transfer Agent (MTA).

• The flow of e-mail on the Internet is managed by the SMTP (Simple Mail Transfer
Protocol).
• The SMTP server is simply a computer running SMTP, and which acts more or less
like the postman.
POP
• POP stands for Post Office Protocol.
• A POP (or POP3) server in it’s simplest form stores the messages for a
particular user in a text file.
• The file for a particular user is appended with information each time an e-mail
is received by a POP server.
• A POP server requires the log-in credentials of a user that are sent through e-

Network and System Administration 4

 mail client.
• Once a user is authenticated, the POP server provides access to user’s e-mails.
• As with any client server architecture, the e-mail client interacts with the POP
server through a predefined set of commands.
• USER – For User-ID
• PASS – For Password
• LIST – Provide message list
• DELE – To delete a message
• QUIT – To end the interaction
• The e-mail client connects to port 110 on the server where POP service is
running.
IMAP stands for Internet message access protocol.
• This protocol is also used to access e-mails but it is far more capable than POP.
• One of the most prominent feature an IMAP server provides is the central
access to e-mails.
• Unlike POP server, an IMAP server keeps the e-mails on the server itself and
so you can access e-mails from any machine or device.
• This server also provides easy management of e-mails like searching, categorizing the
e-mails and placing them into various sub-folders etc.
• The only problem that one could imagine with IMAP server is that you always
need an Internet connection so that the e-mail client is able to fetch e-mails
from the IMAP server.
• To interact with IMAP server, the e-mail client connects to server machine on
port 143.
• A linux system administrator can follow the following basic configuration to
configure mail server:
 Set hostname for the machine
Edit the file /etc/hostname
Eg. mail.gam.edu.et
 Set the time zone.
ln -sf /usr/share/zoneinfo/Africa/Addis Ababa /etc/localtime
 Configure /etc/hosts file
127.0.0.1 localhost.localdomain localhost
213.55.83154 mail.gam.edu.et mail

4.7 Configuring a Proxy Caches (Squid)

Squid is a Linux based proxy application . The Squid proxy server is used for filtering traffic .
security and DNS lookups.
Also squid can speed up webserver by caching resource. The squid proxy allows a server to cache
frequently visited web pages . When the user request a web page or a file , then the request directly
goes to the proxy server . The proxy server pulls up the resources and repays them to the user.

Network and System Administration 5

4.8 Network Configuration (IP Networking and Linux Network Configuration) and Network
Services
Configure the Network
Because the Ubuntu installer has configured our system to get its network settings via DHCP,
we have to change that now because a server should have a static IP address.
Edit/etc/network/interfaces and adjust it to your needs (in this example setup I will use the IP
address 192.168.1.100 and the DNS servers 8.8.4.4, 8.8.8.8 starting with Ubuntu 12.04, you
cannot edit /etc/resolv.conf directly anymore, but have to specify your nameservers in your
network configuration - see for more details):
man resolvconf
Open the network configuration file with nano:
nano /etc/network/interfaces
The server is using DHCP right after the install; the interfaces file will look like this:
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
source /etc/network/interfaces.d/*
# The loopback network interface
auto lo
iface lo inet loopback
# The primary network interface
auto ens33
iface ens33 inet dhcp
To use a static IP address 10.0.4.136, I will change the file so that it looks like this afterward:
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
source /etc/network/interfaces.d/*
# The loopback network interface
auto lo
iface lo inet loopback
# The primary network interface
auto ens33
iface ens33 inet static
address 10.0.4.136
netmask 255.255.255.0
network 10.0.4.0
broadcast 10.0.4.255
gateway 10.0.4.1
dns-nameservers 8.8.8.8 8.8.4.4
Then restart your network to apply the changes:
Sudo service networking restart
Or

Network and System Administration 6

Sudo /etc/init.d/networking restart
Then edit /etc/hosts.
nano /etc/hosts
Make it look like this:
127.0.0.1 localhost
10.0.4.136 tvetinstitute.local server1

Now, we will change the hostname of our machine as follows:

echo server1 > /etc/hostname
service hostname start
Afterward, run:
hostname
hostname -f
The first command returns the short hostname while the second command shows the fully
qualified domain name
(fqdn):
root@server1:/home/administrator# hostname
server1
root@server1:/home/administrator# hostname -f
server1.example.com
root@server1:/home/administrator#
Congratulations! Now we have a basic Ubuntu 16.04 server setup that provides a solid basis
for all kind of Ubuntu
Server setups.
6. Test the network connection
Start up Windows 7 workstation / client computer. Open command prompt and write the
command “ping
10.0.4.36”
6. If responding or replying, you have finished setting up ubuntu server

4.9.1 Dynamic Host Control Protocol (DHCP)

Dynamic Host Configuration Protocol (DHCP) servers are used to automatically provide
client computers and other TCP/IP based network devices with valid IP addresses. You
can also provide the additional configuration parameters these clients and devices need,
called DHCP options that allow them to connect to other network resources, such as DNS
servers, WINS servers, and routers.

DHCP is a client-server technology that allows DHCP servers to assign, or lease, IP

addresses to computers and other devices that are enabled as DHCP clients. With DHCP,

Network and System Administration 7

 you can do the following:

Lease IP addresses for a specific amount of time to DHCP clients, and then
automatically renew the IP
addresses when the client requests a renewal.
Update DHCP client parameters automatically by changing a server or scope option at
the DHCP server rather than performing this action individually on all DHCP clients.
Reserve IP addresses for specific computers or other devices so that they always
have the same IP
address and also receive the most up-to-date DHCP options.
Exclude IP addresses or address ranges from distribution by the DHCP server so that
these IP addresses and ranges can be used to statically configure servers, routers, and
other devices that require static IP addresses.
Provide DHCP services to many subnets, if all routers between the DHCP server and
the subnet for which you want to provide service are configured to forward DHCP
messages.

4.9.2 Network Time Services and Sharing Desktops with VNC

Network Time Protocol (NTP) is a protocol used to synchronize computer clock times in a
network of computes. NTP used coordinated universal time UTC to synchronize computer
clock time to a millisecond and sometimes to a fraction of a millisecond. Setting up NTP
server on Ubuntu involves series of steps as follows :
Update the system
Sudo apt-get update
Sudo apt-get upgrade

Install NTP
Sudo apt-get install ntp

Configure NTP server

Sudo nano /etc/ntp.conf

Allow NTP through firewall

Sudo ufw allow 123/udp

Restart NTP service

Sudo systemctl restart ntp

Network and System Administration 8

Verify if NTP is working
Sudo systemmctl status ntp

To check synchronization status

Ntpq -p

4.9.3 RPC-Based Services and INET Super Server

Remote procedure call is powerful technique for constructing distributed, client server based
applications It is based on extending the conventional local procedure calling so the the called
procedure need not exit in the same address space as the calling procedure. The two process
may be in the same system or may be in different system with a network connectivity among
them.
INET D often called Internet Super Server is server of Servers . It executes rarely used
servers on demand so that they do not hat to run continuously.
The /etc/inetd.conf file list this servers and their usual ports.
4.10 TCP/IP Trouble shooting :
Programs to look at your network
 ping –
To test if your network connection is complete between two computers, you can use the
Packet Internet Groper, better known as ping. The ping utility works by sending a message
to a remote computer. If the remote computer receives the message, it responds with a reply
message (see Figure 2). The reply consists of the remote workstation's IP address, the
number of bytes in the message, how long it took to reply - given in milliseconds (ms) - and
the time-to-live (TTL) in seconds. If you receive back the message "Request timed out," this
means that the remote workstation did not respond before the TTL time expired.
ping send packets to see if a computer is on –
For example to check, if the computer having IP address 192.168.0.1 is at on state :
[root@comp root]# ping 192.168.0.1

 traceroute –
Another utility that documents network performance is called tracert. While the ping utility
merely lets us know that the connection from A to B is complete, tracert informs us of the
route and number of hops the packet of data took to arrive at its destination.
traceroute print the route packets take to network host –
Example
[root@comp root]# traceroute google.com

 mtr - Like traceroute, except gives more information. –

Example
[root@comp root]# mtr google.com

Network and System Administration 9

  finger - Display information on a system user. –
Example
[root@comp root]# finger root@localhost

 tcpdump – a list of all network traffic –

Example
[root@comp root]# tcpdump

 nslookup - Give a host name and it returns the IP address. –

Example
[root@comp root]# nslookup google.com

 ipconfig –
Another useful software troubleshooting tool is ipconfig. This diagnostic command displays
all current TCP/IP network-configuration values. This command is useful on systems running
DHCP, allowing users to determine which TCP/IP configuration values have been configured
by DHCP.
 route –
Every computer and network routing device stores a routing table in its RAM. A routing table
stores information about which routers to send network packets to. The route command can
be used to display and modify the routing table of a computer.

 netstat –
The netstat command can be used to display the currently active TCP connections on a
computer.

4.11 Remote Administration with SSH and SCP

SSH was designed and created to provide the best security when accessing another computer
remotely.
Secure copy(SCP) on the other hand, allows files to be copied between to or from different
hosts, i.e., from remote to home machine. It uses SSH for data transfer, and provides the same
authentication and same level of security as SSH. It has some exit status 0on success and if an
occurs it uses >0

4.11.1 Configuration, Telnet Replacement, Secure Copy and Rsync

• Accessing a shell account through the telnet:
 Exposes everything that you send or receive over that telnet session is visible in plain
text on your local network, and the local network of the machine you are connecting
to.

• SSH was designed and created to provide the best security when accessing another
computer remotely.
• Not only does it encrypt the session

Network and System Administration 10

  It also provides better authentication facilities, as well as features like
 secure file transfer,
 X session forwarding,
 port forwarding and more so that you can increase the security of other
protocols.
4.11.2 RSA and DSA Authentication (Password-less Logins)
SSH can use either "RSA" (Rivest-Shamir-Adleman) or "DSA" ("Digital Signature Algorithm") keys.
Both of these were considered state-of-the-art algorithms when SSH was invented, but DSA has come
to be seen as less secure in recent years. RSA is the only recommended choice for new keys, so this
guide uses "RSA key" and "SSH key" interchangeably.

Key-based authentication uses two keys, one "public" key that anyone is allowed to see, and another
"private" key that only the owner is allowed to see. To securely communicate using key-based
authentication, one needs to create a key pair, securely store the private key on the computer one
wants to log in from, and store the public key on the computer one wants to log in to.

Using key based logins with ssh is generally considered more secure than using plain password
logins. This section of the guide will explain the process of generating a set of public/private RSA
keys, and using them for logging into your Ubuntu computer(s) via OpenSSH.

Generating RSA Keys

The first step involves creating a set of RSA keys for use in authentication.

This should be done on the client.

To create your public and private SSH keys on the command-line:

mkdir ~/.ssh
chmod 700 ~/.ssh
ssh-keygen -t rsa
You will be prompted for a location to save the keys, and a passphrase for the keys. This passphrase
will protect your private key while it's stored on the hard drive:

Generating public/private rsa key pair.

Enter file in which to save the key (/home/b/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/b/.ssh/id_rsa.
Your public key has been saved in /home/b/.ssh/id_rsa.pub.
Your public key is now available as .ssh/id_rsa.pub in your home folder.

4.11.3 Remote Command Execution and Port Forwarding

Remote SSH Port Forwarding
In remote port forwarding, the server accepts the connections and sends the data to the client.

Network and System Administration 11

Remote port forwarding allows you to connect from your remote machine to the local
computer. By default, SSH does not permit remote port forwarding. You can enable this using
the GatewayPorts directive in your SSHD main configuration file /etc/ssh/sshd_config on the
remote host.

Open the file for editing using your favorite command-line editor.

$ sudo vim /etc/ssh/sshd_config

Look for the required directive, uncomment it, and set its value to yes, as shown in the
screenshot.

GatewayPorts yes

Save the changes and exit. Next, you need to restart sshd to apply the recent change you
made.

$ sudo systemctl restart sshd

OR
$ sudo service sshd restart
Next run the following command to forward port 5000 on the remote machine to port 3000
on the local machine.

$ ssh -f -N [email protected] -R 5000:localhost:3000

Once you understand this method of tunneling, you can easily and securely expose a local
development server, especially behind NATs and firewalls to the Internet over secure tunnels.

Network and System Administration 12