DOMAIN RESOLUTION CONFIGURATION FILES IN LINUX RED HAT

You are viewing the theme
[Voti: 0    Media Voto: 0/5]

 

Domain Resolution Configuration Files:
  • File: /etc/resolv.conf – host name resolver configuration file 

     

    This configures Linux so that it knows which DNS server will be resolving domain names into IP addresses. If using DHCP client, this will automatically be sent to you by the ISP and loaded into this file as part of the DHCP protocol. If using a static IP address, ask the ISP or check another machine on your network.
    Red Hat/Fedora GUI: /usr/sbin/system-config-network (select tab “DNS”.

  • File: /etc/hosts – locally resolve node names to IP addresses 

    Note when adding hosts to this file, place the fully qualified name first. (It helps sendmail identify your server correctly) i.e.:

    This informs Linux of local systems on the network which are not handled by the DNS server. (or for all systems in your LAN if you are not using DNS or NIS)
    Red Hat/Fedora GUI: /usr/sbin/system-config-network (select tab “Hosts”.

  • File: /etc/nsswitch.conf – System Databases and Name Service Switch configuration file

    This example tells Linux to first resolve a host name by looking at the local hosts file(/etc/hosts), then if the name is not found look to your DNS server as defined by /etc/resolv.conf and if not found there look to your NIS server.

    In the past this file has had the following names: /etc/nsswitch.conf, /etc/svc.conf, /etc/netsvc.conf, … depending on the distribution.


Fedora / Red Hat Network Configuration Files:
  • /etc/sysconfig/networkRed Hat network configuration file used by the system during the boot process.

 

  • File: /etc/sysconfig/network-scripts/ifcfg-eth0
    Configuration settings for your first ethernet port (0). Your second port is eth1.
  • File:
    • /etc/modprobe.conf (kernel 2.6)
    • /etc/modules.conf (kernel 2.4)
    • (or for older systems: /etc/conf.modules)

    Example statement for Intel ethernet card:

     

    Modules for other devices on the system will also be listed. This tells the kernel which device driver to use if configured as a loadable module. (default for Red Hat)


Fedora / Red Hat Network GUI Configuration Tools:

The following GUI tools edit the system configuration files. There is no difference in the configuration developed with the GUI tools and that developed by editing system configuration files directly.

TCP/IP ethernet configuration:

  • Network configuration:
    /usr/sbin/system-config-network (FC-2/3) GUI shown here —>
    /usr/bin/redhat-config-network (/usr/bin/neat) (RH 7.2+ FC-1)
  • Text console configuration tool:
    /usr/sbin/system-config-network-tui (Text User Interface (TUI) for Fedora Core 2/3)
    /usr/bin/redhat-config-network-tui (RH 9.0 – FC-1)
  • Text console network configuration tool.
    First interface only – eth0: /usr/sbin/netconfig
  • /usr/bin/netcfg (GUI) (last available with RH 7.1)

Gnome Desktop:

  • Gnome Desktop Network Configuration
    /usr/bin/gnome-network-preferences (RH 9.0 – FC-3)
    Proxy configuration. Choose one of three options:

    1. Direct internet connection
    2. Manual proxy configuration (specify proxy and port)
    3. Automatic proxy configuration (give URL)


Assigning an IP address:

Computers may be assiged a static IP address or assigned one dynamically. Typically a server will require a static IP while a workstation will use DHCP (dynamic IP assignment). The Linux server requires a static IP so that those who wish to use its resources can find the system. It is more easily found if the IP address does not change and is static. This is not important for the Linux client workstation and thus it is easier to use an automated Dynamic Host Configuration Protocol (DHCP) for IP address assignment.

Static IP address assignment:

Choose one of the following methods:

  • Command Line:
  • Network address by convention would be the lowest: 192.168.10.0
  • Note: the highest and lowest addresses are based on the netmask. The previous example is based on a netmask of 255.255.255.0
  • Red Hat / Fedora GUI tools:
    • /usr/bin/neat Gnome GUI network administration tool. Handles all interfaces. Configure for Static IP or DHCP client.
      (First available with Red Hat 7.2.)
    • /usr/bin/netcfg (Handles all interfaces) (last available in Red Hat 7.1)
  • Red Hat / Fedora Console tools:
    • /usr/sbin/system-config-network-tui (Text User Interface)
    • /usr/sbin/netconfig (Only seems to work for the first network interface eth0 but not eth1,…)
  • Directly edit configuration files/scripts. See format below.

The ifconfig command does NOT store this information permanently. Upon reboot this information is lost. Manually add the network configuration to /etc/sysconfig/network-scripts/ifcfg-eth0 (Red Hat/Fedora/CentOS) for the first NIC, ifcfg-eth1 for the second, etc, or /etc/network/interfaces (Ubuntu) as shown below. Any other commands you may want to add to the system boot sequence can be added to the end of the file /etc/rc.d/rc.local. The commands netcfg and netconfig make permanent changes to system network configuration files located in /etc/sysconfig/network-scripts/, so that this information is retained and used upon system boot.

The IANA has allocated IP addresses in the range of 192.168.0.0 to 192.168.255.255 for private networks.

Helpful tools:


Ubuntu / Debian IP Configuration Files:

File: /etc/network/interfaces

Static IP example:

Dynamic IP (DHCP) example:

Interfaces:

  • lo: Loopback interface (network within your system without slowing down for the real ethernet based network)
  • eth0: First ethernet interface card
  • wlan0: First wireless network interface

Also see “man interfaces


Red Hat / Fedora Core IP Configuration Files:

The Red Hat configuration tools store the configuration information in the file /etc/sysconfig/network.
They will also allow one to configure routing information.

  • File: /etc/sysconfig/networkStatic IP address Configuration: (Configure gateway address)

    OR for DHCP client configuration:

     

    (Gateway is assigned by DHCP server.)

    OR for NIS client configuration:


     

  • File (Red Hat/Fedora): /etc/sysconfig/network-scripts/ifcfg-eth0
    (S.u.s.e.: /etc/sysconfig/network/ifcfg-eth-id-XX:XX:XX:XX:XX)
    This file used by the command scripts ifup and ifdownStatic IP address configuration:


     

    RHEL4/FC3 additions:

    • TYPE=Ethernet
    • HWADDR=XX:XX:XX:XX:XX:XX
    • GATEWAY=XXX.XXX.XXX.XXX

    OR for DHCP client configuration:

     

    RHEL4/FC3 additions:

    • IPV6INIT=no
    • USERCTL=no
    • PEERDNS=yes
    • TYPE=Ethernet
    • HWADDR=XX:XX:XX:XX:XX:XX

(Used by script /etc/sysconfig/network-scripts/ifup to bring the various network interfaces on-line)
To disable DHCP change BOOTPROTO=dhcp to BOOTPROTO=none

In order for updated information in any of these files to take effect, one must issue the command: service network restart (or: /etc/init.d/network restart)


Changing the host name:

This is a three step process:

  1. Issue the command: hostname new-host-name
  2. Change network configuration file: /etc/sysconfig/network
    Edit entry: HOSTNAME=new-host-name
  3. Restart systems which relied on the hostname (or reboot):
    • Restart network services: service network restart
      (or: /etc/init.d/network restart)
    • Restart desktop:
      • Bring down system to console mode: init 3
      • Bring up X-Windows: init 5

One may also want to check the file /etc/hosts for an entry using the system name which allows the system to be self aware.

The hostname may be changed at runtime using the command: sysctl -w kernel.hostname="superserver"


Change the host name using GUI tool: /usr/sbin/system-config-network
(Red Hat / Fedora / CentOS)

Hostname entries are made in two places:

system-config-network system-config-network
Select the “DNS” tab. Select the “Devices” tab + “Edit” + the “General” tab.


Network IP aliasing:

Assign more than one IP address to one ethernet card:

In this example 0 and 1 are aliases in addition to the regular eth0. The result of the ifconfig command:

 

Config file: /etc/sysconfig/network-scripts/ifcfg-eth0:0

 

Aliases can also be shut down independently. i.e.: ifdown eth0:0

The option during kernel compile is: CONFIG_IP_ALIAS=y (Enabled by default in Redhat)

Note: The Apache web server can be configured so that different IP addresses can be assigned to specific domains being hosted. See Apache configuration and “configuring an IP based virtual host” in theYoLinux Web site configuration tutorial.


DHCP Linux Client: get connection info: /sbin/pump -i eth0 --status
(Red Hat Linux 7.1 and older)


Activating and De-Activating your NIC:
Commands for starting and stopping TCP/IP network services on a Network Interface Card (NIC):

  • Activate: /sbin/ifup eth0
    (Also: ifconfig eth0 up – Note: Even if no IP address is assigned you can listen.)
  • De-Activate: /sbin/ifdown eth0
    (Also: ifconfig eth0 down)

These scripts use the scripts and NIC config
files in /etc/sysconfig/network-scripts/

GUI Interface control/configuration:

  • Start/Stop network interfaces
    /usr/bin/system-control-network (Fedora Core 2/3)
    /usr/bin/redhat-control-network (RH 9.0 – FC-1)
  • Configure Ethernet, ISDN, modem, token Ring, Wireless or DSL network connection:
    /usr/sbin/system-config-network-druid (FC2/3)
    /usr/sbin/redhat-config-network-druid (RH 9 – FC-1)


Subnets:
M
A
S
K
# OF
SUB
NETS
Slash
Fmt
CLASS A
HOSTS
CLASS A
MASK
CLASS B
HOSTS
CLASS B
MASK
CLASS C
HOSTS
CLASS C
MASK
CLASS C SUB
HOSTS
CLASS C SUB
MASK
255 1
or
256
/32 16,777,214 255.0.0.0 65,534 255.255.0.0 254 255.255.255.0 Invalid
1 address
255.255.255.255
254 128 /31 33,554,430 254.0.0.0 131,070 255.254.0.0 510 255.255.254.0 Invalid
2 addresses
255.255.255.254
252 64 /30 67,108,862 252.0.0.0 262,142 255.252.0.0 1,022 255.255.252.0 2 hosts
4 addresses
255.255.255.252
248 32 /29 134,217,726 248.0.0.0 524,286 255.248.0.0 2,046 255.255.248.0 6 hosts
8 addresses
255.255.255.248
240 16 /28 268,435,454 240.0.0.0 1,048,574 255.240.0.0 4,094 255.255.240.0 14 hosts
16 addresses
255.255.255.240
224 8 /27 536,870,910 224.0.0.0 2,097,150 255.224.0.0 8,190 255.255.224.0 30 hosts
32 addresses
255.255.255.224
192 4 /26 1,073,741,822 192.0.0.0 4,194,302 255.192.0.0 16,382 255.255.192.0 62 hosts
64 addresses
255.255.255.192
128 2 /25 2,147,483,646 128.0.0.0 8,388,606 255.128.0.0 32,766 255.255.128.0 126 hosts
128 addresses
255.255.255.128
Binary position 8 7 6 5 4 3 2 1
Value 128 64 32 16 8 4 2 1
Example: 192 1 1 0 0 0 0 0 0

Example 192=128+64

Some addresses are reserved and outside this scope. Loopback (127.0.0.1), reserved class C 192.168.XXX.XXX, reserved class B 172.31.XXX.XXX and reserved class A 10.XXX.XXX.XXX.

Subnet Example:

Your ISP assigns you a subnet mask of 255.255.255.248 for your office.

  • 208.88.34.104 Network Base address
  • 208.88.34.105 Computer 1
  • 208.88.34.106 Computer 2
  • 208.88.34.107 Computer 3
  • 208.88.34.108 Computer 4
  • 208.88.34.109 Computer 5
  • 208.88.34.110 DSL router/Gateway
  • 208.88.34.111 Broadcast address

Of the eight addresses, there are six assigned to hardware systems and ultimately only five usable addresses.

Links:


Network Classes:

The concept of network classes is a little obsolete as subnets are now used to define smaller networks. These subnets may be part of a class A, B, C, etc network. For historical reference the network classes are defined as follows:

  • Class A: Defined by the first 8 bits with a range of 0 – 127.
    First number (8 bits) is defined by Internic i.e. 77.XXX.XXX.XXX
    One class A network can define 16,777,214 hosts.
    Range: 0.0.0.0 – 127.255.255.255
  • Class B: Defined by the first 8 bits with a range from 128 – 191
    First two numbers (16 bits) are defined by Internic i.e. 182.56.XXX.XXX
    One class B network can define 65,534 hosts.
    Range: 128.0.0.0 – 191.255.255.255
  • Class C: Defined by the first 8 bits with a range from 192 – 223
    First three numbers (24 bits) are defined by Internic i.e. 220.56.222.XXX
    One class B network can define 254 hosts.
    Range: 192.0.0.0 – 223.255.255.255
  • Class D: Defined by the first 8 bits with a range from 224 – 239
    This is reserved for multicast networks (RFC988)
    Range: 224.0.0.0 – 239.255.255.255
  • Class E: Defined by the first 8 bits with a range from 240 – 255
    This is reserved for experimental use.
    Range: 240.0.0.0 – 247.255.255.255


Enable Forwarding:

Forwarding allows the network packets on one network interface (i.e. eth0) to be forwarded to another network interface (i.e. eth1). This will allow the Linux computer to conect (“ethernet bridge”) or route network traffic.

The bridge configuration will merge two (or several) networks into one single network topology. IpTables firewall rules can be used to filter traffic.

A router configuration can support multicast and basic IP routing using the “route” command. IP masquerading (NAT) can be used to connect private local area networks (LAN) to the internet or load balance servers.

  • Turn on IP forwarding to allow Linux computer to act as a gateway or router.
    echo 1 > /proc/sys/net/ipv4/ip_forward
    Default is 0. One can add firewall rules by using ipchains.Another method is to alter the Linux kernel config file: /etc/sysctl.conf Set the following value:

    See file /etc/sysconfig/network for storing this configuration.

    Change the default “false” to “true”.

All methods will result in a proc file value of “1”. Test: cat /proc/sys/net/ipv4/ip_forward

The TCP Man page – Linux Programmer’s Manual and /usr/src/linux/Documentation/proc.txt (Kernel 2.2 RH 7.0-) cover /proc/sys/net/ipv4/* file descriptions.

Also see: (YoLinux tutorials)


Adding a network interface card (NIC):

Manual method: This does not alter the permanent configuration and will only configure support until the next reboot.

  • cd /lib/modules/2.2.5-15/net/ – Use kernel version for your system. This example uses 2.2.5-15
    (Fedora Core 3: /lib/modules/2.6.12-1.1381_FC3/kernel/net/)
    Here you will find the modules supported by your system.
    It can be permanently added to:

    • /etc/modprobe.conf (kernel 2.6)
    • /etc/modules.conf (kernel 2.4)
    • (or for older systems: /etc/conf.modules)

    Example:

  • /sbin/insmod 3c59x (For a 3Com ethernet card)
    This inserts the specified module into the kernel.
  • /sbin/modprobe 3c59x
    This also loads a module into the system kernel.
    Modprobe command line options:

    • -r : to unload the module.
    • /sbin/modprobe -l * : list all modules.
    • /sbin/modprobe -lt net * : List only network modules
    • /sbin/modprobe -t net * : Try loading all network modules and see what sticks. (act of desperation)
  • ifconfig …

The easy way: Red Hat versions 6.2 and later, ship with Kudzu, a device detection program which runs during system initialization. (/etc/rc.d/init.d/kudzu) This can detect a newly installed NIC and load the appropriate driver. Then use /usr/sbin/netconfig to configure the IP address and network settings. The configuration will be stored so that it will be utilized upon system boot.

Systems with two NIC cards: Typically two cards are used when connecting to two networks. In this case the device must be defined using one of three methods:

  1. Use the Red Hat GUI tool /usr/bin/netcfgOR
  2. Define network parameters in configuration files:Define new device in file (Red Hat/Fedora) /etc/sysconfig/network-scripts/ifcfg-eth1
    (S.u.s.e 9.2: /etc/sysconfig/network/ifcfg-eth-id-XX:XX:XX:XX:XX)

    Special routing information may be specified, if necessary, in the file
    (Red Hat/Fedora): /etc/sysconfig/static-routes
    (S.u.s.e. 9.2: /etc/sysconfig/network/routes)

    Example:

    OR

  3. Define network parameters using Unix command line interface:Define IP address:

    If necessary, define route with with the route command:
    Examples:

    Where XXX.XXX.XXX.XXX is the gateway to the internet as defined by your ISP or network operator.

    If a mistake is made just repeat the route command substituting “del” in place of “add”.


Configuring your NIC: Speed and Duplex settings:

This is usually not necessary because most ethernet adapters can auto-negotiate link speed and duplex setting.

  • List NIC speed and configuration: mii-tool
    eth0: negotiated 100baseTx-FD flow-control, link okVerbose mode: mii-tool -v

  • Set NIC configuration: mii-tool -F option
    Option Parameters
    -F 100baseTx-FD
    100baseTx-HD
    10baseT-FD
    10baseT-HD
    -A 100baseT4
    100baseTx-FD
    100baseTx-HD
    10baseT-FD
    10baseT-HD
  • Query NIC with ethtool:
    Command Description
    ethtool -g eth0 Queries ethernet device for rx/tx ring parameter information.
    ethtool -a eth0 Queries ethernet device for pause parameter information.
    ethtool -c eth0 Queries ethernet device for coalescing information.
    ethtool -i eth0 Queries ethernet device for associated driver information.
    ethtool -d eth0 Prints a register dump for the specified ethernet device.
    ethtool -k eth0 Queries ethernet device for offload information.
    ethtool -S eth0 Queries ethernet device for NIC and driver statistics.

Man Pages:

  • mii-tool – view, manipulate media-independent interface status
  • ethtool – Display or change ethernet card settings


Route:

Static routes: IP (Internet Protocol) uses a routing table to determine where packets should be sent. First the packet is examined to see if its’ destination is for the local or remote network. If it is to be sent to a remote network, the routing table is consulted to determine the path. If there is no information in the routing table then the packet is sent to the default gateway. Static routes are set with the route command and with the configuration file
(Red Hat/Fedora): /etc/sysconfig/network-scripts/route-eth0
or
(Red Hat 7: /etc/sysconfig/static-routes)
(S.u.s.e. 9.2: /etc/sysconfig/network/routes):

See command: /etc/sysconfig/network-scripts/ifup-routes eth0

Dynamic routes: RIP (Routing Information Protocol) is used to define dynamic routes. If multiple routes are possible, RIP will choose the shortest route. (Fewest hops between routers not physical distance.) Routers use RIP to broadcast the routing table over UDP port 520. The routers would then add new or improved routes to their routing tables.

Man pages:

  • route – show / manipulate the IP routing table (Static route)
    Examples:

    • Show routing table: route -e
    • Access individual computer host specified via network interface card eth1:
      route add -host 123.213.221.231 eth1
    • Access ISP network identified by the network address and netmask using network interface card eth0:
      route add -net 10.13.21.0 netmask 255.255.255.0 gw 192.168.10.254 eth0
      Conversly: route del -net 10.13.21.0 netmask 255.255.255.0 gw 192.168.10.254 eth0
    • Specify default gateway to use to access remote network via network interface card eth0:
      route add default gw 201.51.31.1 eth0
      (Gateway can also be defined in /etc/sysconfig/network)
    • Specify two gateways for two network destinations: (i.e. one external, one internal private network. Two routers/gateways will be specified.)
      Add internet gateway as before: route add default gw 201.51.31.1 eth0
      Add second private network: route add -net 10.0.0.0 netmask 255.0.0.0 gw 192.168.10.254 eth0
  • routed – network routing daemon. Uses RIP protocol to update routing table.
  • ipx_route – show / manipulate the IPX routing table – IPX is the Novell networking protocol (Not typically used unless your office has Novell servers)
  • ifuser – Identify destinations routed to a particular network interface.


VPN, Tunneling:


Usefull Linux networking commands:
  • /etc/rc.d/init.d/network   start – command to start, restart or stop the network
  • netstat – Display connections, routing tables, stats etc
    • List externally connected processes: netstat -punta
    • List all connected processes: netstat -nap
    • Show network statistics: netstat -s
    • Kernel interface table info: netstat -a -i eth0
  • ping – send ICMP ECHO_REQUEST packets to network hosts. Use Cntl-C to stop ping.
  • traceroute – print the route packets take to network host.
    (Ubuntu Note: Typically Ubuntu installs tracepath for IPv4 and traceroute6 for IPv6. One can install traceroute: apt-get install traceroute)

    • traceroute IP-address-of-server
    • traceroute domain-name-of-server
  • mtr – a network diagnostic tool introduced in Fedora – Like traceroute except it gives more network quality and network diagnostic info. Leave running to get real time stats. Reports best and worst round trip times in milliseconds.
    • mtr IP-address-of-server
    • mtr domain-name-of-server
  • whois – Lookup a domain name in the internic whois database.
  • finger – Display information on a system user. i.e. finger user@host Uses $HOME/.plan and $HOME/.project user files. Often used by game developers. See http://finger.planetquake.com/
  • iptables – IP firewall administration (Linux kernel 2.6/2.4) See YoLinux firewall/gateway configuration.
  • ipchains – IP firewall administration (Linux kernel 2.2) See YoLinux firewall/gateway configuration.
  • socklist – Display list of open sockets, type, port, process id and the name of the process. Kill with fuser or kill.
  • host – Give a host name and the command will return IP address. Unlike nslookup, the host command will use both /etc/hosts as well as DNS.
    Example: host domain-name-of-server
  • nslookup – Give a host name and the command will return IP address. Also see Testing your DNS (YoLinux Tutorial) Note that nslookup does not use the /etc/hosts file.


inetd/xinetd: Network Socket Listener Daemons:

The network listening daemons listen and respond to all network socket connections made on the TCP/IP ports assig