Chapter Four

Network Management

Chapter contents
1. TCP/IP Networking
2. Configuring a Linux Box for Networking
8. Network Services
3. Configuring a Linux Box as a Router
1. Network Time Services and Sharing Desktops with VNC
4. Configuring a Web Server (Apache)
9. TCP/IP Troubleshooting: ping, traceroute, ifconfig, netstat.
5. Configuring a DNS Server (BIND)
10. Remote Administration with SSH and SCP
6. Configuring Mail Transfer Agents (Postfix)
7. Configuring a Proxy Caches (Squid)

1
 TCP/IP Networking
TCP/IP Network: is a family of network protocols that offer various services of the network for the users.

❖ It is a set of communications protocols that define how different types of computers can communicate with each
other. It is also a modern network model that provides four layers of network communications.

2
 Configuring a Linux Box for Networking
❖ To configure the device to connect to the TCP network in Linux the following three steps are needed:-
1. Configuring the network interface(s). This part of TCP/IP configuration joins the link-layer portion of the
protocol stack to the network, or IP layer. The most important part of this configuration step is assigning IP
addresses.

2. Setting up routing. In this part of the configuration process, the system must know where to send information
destined for machines outside the local network. In the simplest situation, this portion of TCP/IP configuration
involves setting a default gateway.

3. Setting up name service. Although the TCP/IP software works with numerical addresses, people find it more
convenient to work with hostnames (such as www.google.com). The last phase of TCP/IP configuration makes
name service(DNS) available.

❖ Before configuring TCP/IP on your Linux system, you need to ensure that your filesystem is ready. The first step
is to make sure the networking software has been installed or not. Then reboot the system after installations.

3
 Configuring a Linux Box as a Router
❖ A computer may have several network interfaces, such as a loopback, an Ethernet LAN, a direct line to another
computer, or a dial-up interface.

❖ For a client computer to use a router to reach the Internet, it may have private IP addresses assigned to computers
on the LAN, while the connection to a routing computer would act as the gateway to all other addresses.

❖ Here are the case in which Linux can be used as a router:-

➢ The Linux system has at least two network interfaces: one to the office LAN and one to the Internet.

➢ Packets on the LAN that are not addressed to a known computer on another LAN are forwarded. So, each client identifies that Linux
system as the gateway system.

➢ The Linux "router" firewall is set up to receive packets from the local LAN, then forward those packets to its other interface. If the LAN
uses private IP addresses, the firewall is also configured to use Network Address Translation.

❖ Before setup the Linux system as a router we need to know the following concept about our system
➢ Connection to our LAN, Connection to the global Internet.

➢ Type of IP address used in our LAN (if private IP address we need to use NAT, if public ne need to use NAT). 4
 Con.
❖ The following are the steps we need to follow to set up our Linux system as a router:-
1. Setting default gateway or default devices. To do this open the /etc/sysconfig/network file in a text editor as the root user
and then add either a default gateway or default gateway device.

2. Turn on IP packet forwarding. One way to do this is to change the value of net.ipv4.ip_forward to 1 in the
/etc/sysctl.conf file.

3. If your computer uses private IP address, you need to set up NAT.

4. To get NAT going on your Linux router, you need to define which addresses will be translated and forwarded.

5. Then reboot your system.

6. Then check whether the set up was applied to your system or not.

❖ To be able to reach client computers on the Internet, each client must be able to do the following:
➢ Resolve the names it requests into IP addresses(DNS services).

➢ Find a route from the local system to the remote system, using its network interfaces.
5
 Configuring a Web Server (Apache)
What is a Web server and how it works?

❖ A web server is computer software and the underlying hardware that uses http/https and other
protocols to respond to client requests made over the World Wide Web.

❖ The main job of a web server is to display website content through storing, processing, and
delivering webpages to users,

❖ How it Works?
❖ First, your browser sends a request to the server then the server takes the requested file or page from your
browser and then maps it to the corresponding file from the server. The server then sends the file back to the
browser with some useful information.

❖ Sometimes the requested file is a static page like an HTML page or dynamic pages like PHP, Java, Perl, or
any other server-side language. 6
 Con.
❖ There are many Linux web server implementations available for you to use.
❖ Following are the common and basic servers:
➢ Apache server
➢ Nginx
➢ Lighttpd
➢ Apache Tomcat
➢ Monkey HTTP Daemon (used especially for embedded systems)
❖ The most used web servers are Apache, we will use it for several reasons: Stable, Flexible and
Secured.
❖ Apache installation steps Red hat Debian

To start your service and

enable it on boot:

7
 Configuring a DNS Server (BIND)
❖ A DNS server is a computer server that contains a database of public IP addresses and their associated hostnames,
and in most cases serves it is used to resolve, or translate, those names to IP addresses as requested.

❖ The Domain Name System (DNS) protocol is an important part of the web’s infrastructure, which serves as the
Internet’s phone book.

❖ BIND is the most common program used for maintaining a name server on Linux and its
stands for Berkley Internet Naming Daemon.

❖ In DNS there a concept of forward and reverse resolution.

➢ Forward resolution: getting the IP address by using the hostname

➢ Reverse resolution: getting the hostname by using the IP address.

❖ Important terminology in DNC Configurations.

❖ Lookup request, lookup response, DNS server, and DNS client

8
 Con.
❖ The following are the steps to configure Linux system as DNS server:-
1. Install bind packages with their dependencies.

2. Assign a static IP address in Linux OS.

3. Add a host entry in the host file. Just add your local machine IP address with the domain name of the
website which you are hosting on a local server.

4. Add server IP to the resolv.conf file.

5. Configure /etc/named.conf file

6. Open /etc/amed.rfc1912.zones file and add zone records for the forward zone file and reverse zone file.

7. Change the group ownership for forward zone and reverse zone files.

8. Restart the DNS service.

9
 Configuring Mail Transfer Agents(MTA Postfix)
❖ MTA is a piece of software that is responsible for transferring emails between computers by using
SMTP protocols.

❖ It is referred to as a mail transport agent, mail transfer agent, mail relay, mail router, or even
internet mailer.

❖ It may receive mail from another MTA, a mail submission agent (MSA), or a mail user agent
(MUA). A computer dedicated to running these applications is also called a mail server.

❖ The basic function of an MTA is the transmission of mail between users.

❖ There are two types of MTA servers:-

1. On-premise MTA servers: the servers can be physically located at an organization’s premises.
2. cloud-based MTA servers. The servers can be hosted as third-party virtually that organizations can access to
meet their email transfer needs.. 10
 How MTA works?
❖ MTAis a component of the message-handling system. It works in collaboration with the other components to
enable the email delivery process.

❖ The main element in the email delivery process are:-

1. Mail User Agent (MUA) - MUA is usually an application used by users to send or receive emails.

2. Mail Submission Agent (MSA) - It is an intermediate element that receives mail from MUA and transfers it to MTA.

3. Message Transfer Agent (MTA) - A MTA can receive mail from either an MSA or another MTA, or even an MUA.

4. Message Delivery Agent (MDA) - This is the last step where emails arrive before being sent into the users’ inbox.

❖ The SMTP (Simple Mail Transfer Protocol) is used to send emails between servers.

❖ Then the message is routed directly over POP3 (Post Office Protocol - a one-way client-server protocol) or
IMAP4 protocols.

❖ The IMAP4 and POP3 protocols are used by email clients to retrieve messages directly from the server.
11
How MTA works?

12
 Configuring MTA(postfix)
Steps to configure the MTA: there are two types of MTAthose are sendmail and postfix, send mail is a default
agent for the MTA, and the following is the configuration step of MTAfor postfix.

1. Replacing the hostname with the mail server’s hostname

2. Replacing the domain with the domain mail server’s

3. Specifying the location of the mailbox files

4. Adding the list of valid and trusted remote SMTP servers.

5. Restart the postfix service.

13
 Proxy Caches (Squid)
What is a proxy server cache, how it works, and why proxy cache?

❖ Caching proxy is a network caching technique that enables a proxy server to save recent and
frequently requested websites/webpages and data which are requested by one or more client machines.

❖ Caching is a feature in which the proxy server saves local copies of the files that clients request. So,
that it can serve them quickly from the cache when they are requested again.

❖ It is used to decrease the time it takes for users on computer networks to access content on the
Internet.

❖ In Linux OS Squid proxy server is used as a proxy caching server.

❖ Squid caching can be used due to different reasons:- for traffic filtering, to accelerate HTTP requests,
to increase network performance, to save WAN bandwidth, etc.
14
How it works?

15
 Network Services
➢ Network Time Protocol (NTP) Service allows devices to set their date/time clock to a known-good
clock, and to keep their clock synchronized with a high degree of accuracy.
➢ It is a networking protocol used for clock synchronization between computer systems over packet-switched.
➢ Virtual Network Computing (VNC) is a free tool that allows a client to connect to a server, and
interact with the desktop of the remote machine.
➢ It is a cross-platform screen-sharing system that was created to remotely control other computer devices.
➢ In this case a computer's screen, keyboard, and mouse can be used from a distance by a remote user from a secondary
device as though they were sitting right in front of it.

➢ Remote Procedure Call (RPC) is a software communication protocol that one program can use to
request a service from a program located in another computer on a network without having to
understand the network's details.
➢ RPC is used to call other processes on remote systems like a local system.
16
Network Troubleshooting
❖ Network Troubleshooting: The term troubleshooting refers to the process of identifying
problems with a network through a repeatable process and then solving those problems using
testable methods.
❖ Network troubleshooting is a repeatable process, which means that you can break it down into
clear steps that anyone can follow.
❖ The first step in troubleshooting a network is to identify the problem. As a part of this step,
you should do the following:
1. Gather information using network troubleshooting tools
2. Question users on the network to know difficulties they have encountered.
3. Identify the symptoms of the network outage.
4. Determine if anything has changed in the network before the issues appeared.
17
Network Troubleshooting Tool
❖ There are a number of tools available for you to use when it comes to diagnosing and treating
network issues.
❖ These tools may exist in the computer’s operating system, as standalone software applications
or as hardware tools that you can use to troubleshoot a network.
❖ Command-Line Tools: The following commands can be to know specific information about
the network status.
➢ Ping: used to check whether the destination device is reachable or not.
➢ tracert/traceroute: to know max number of routers between source and destination.
➢ Nslookup: It is DNS utility used to get IP address by providing domain name and viseversa.
➢ Ipconfig/ifconfig: To get information about network status of our device
➢ netstat: A utility that shows the status of each active network connection.
18
Network Troubleshooting Application
❖ In addition to command-line tools, there are also a number of standalone applications that can be used to

determine the status of a network and to troubleshoot issues.

❖ Some of these applications may be included in the system that you are working with, while others may

need to be installed separately.

➢ Packet Sniffer: Provides a comprehensive view of a given network. Used to analyze traffic on the network, figure out

which ports are open, and identify network vulnerabilities.

➢ Port Scanner: Looks for open ports on the target device and gathers information, including whether the port is open or

closed, what services are running on a given port, and information about the operating system on that machine.

➢ Protocol Analyzer: Integrates diagnostic and reporting capabilities to provide a comprehensive view of an organization's

network.

➢ Wi-Fi Analyzer: This tool can help you went to troubleshoot issues in network connectivity over a wireless network.

➢ Bandwidth Speed Tester: Tests the bandwidth and latency of a user’s internet connection. 19
Hardware tool for Troubleshooting Network
❖ Command-line tools and applications are software tools for troubleshooting, but some network

problems have hardware causes and solutions.

❖ Wire Crimpers: A wire crimper (sometimes called a cable crimper) is a tool that attaches media connectors

to the ends of cables. You can use it to make or modify network cables.

❖ Cable Testers: A cable tester (sometimes called a line tester) is a tool that verifies if a signal is transmitted by

a given cable.

❖ Tone Generator: A tone generator is a device that sends an electrical signal through one pair of UTP wires.

On the other end, a tone locator or tone probe is a device that emits an audible tone when it detects a signal in

a pair of wires.

❖ Loopback Adapter: A loopback adapter is a virtual or physical tool that can be used for troubleshooting

network transmission issues.

20
 Remote Administration with SSH and SCP
❖ Remote administration means controlling or getting access to any device from another location
remotely.

❖ Software that allows remote administration is known as Remote Administration Tools(RAT).

❖ SSH is a powerful tool for remote access and securing communication by allowing users to enter
passwords to the devices and run commands on a just as if you were sitting in front of it. So,
remote administration with SSH has better security.

❖ Secure Copy Protocol (SCP) is a protocol for securely transferring files between a local and a
remote host. So when we are copying files between devices it is better to use remote administration
with SCP for securing file transfer.

21
.

Cont …

?
22