Data Networking/Fall 2013/Group3

The Folks

edit

People in the project

Kai Xiang

Xinmeng Lu

Yihang Liang

Yahao Wu

Motivation

edit

To create a DNS server, DHCP server and Web server,which have firewall and backup function.By doing this, we can better understand each protocol and properly utilize Ubuntu.

Understanding the Protocol

edit

DNS

In our project, we used bind9 as DNS server. And we mainly used the mapping function of DNS to map domain name to its Ipv4 address or its Ipv6 address. Then we also created the reverse zone to map Ipv4 or Ipv6 address to their domain name. For example, in our project, we create the domain name www.wxl.lan, its Ipv4 address 192.168.54.80 and Ipv6 address fec0:1111:2222:3333:aaaa:bbbb:cccc:1111. Then when we connect to the network, and suppose web server's ip is 192.168.54.80. In this situation, we can also type www.wxl.lan to get to the web instead of its ip address. We better understanded the function of DNS protocol by practice DNS into our project. DNS also use UDP protocol to transform information.

DHCP

We use isc-dhcp-server as our DHCP server. The main task for DHCP server is to assign ip address for each client in the network. When we configure the dhcp, we must assign a static ip for our DNS server, otherwise our DNS function wouldn't be accomplished. And we also have to mention the ip range we use, gateway router, broadcast address,etc. After configuring the DHCP server, our DHCP can assign dynamic ip address for the client in the network, except for DNS server, which should be the same ip address each time the DNS server connect to the network. In this way, we totally understand the function of DHCP, Ipv4 and Ipv6 protocol.

Web

Our browser used HTTP protocol to fetch the content in the web server.

Backup

We used SSH protocol to achieve our backup. Because we need to transform file to a remote machine in an automatic way, so before using ssh we also changed keys of two machine. Under this circumstance, our machine can ssh each other without entry password every time.

The Requirements

edit

The project task is to build a DNS implementation for a start-up company in the city of Boston. And build a DHCP implementation in your company. And set Web Server and firewall. Add-ons will gain more points on this Project. Try to improve and implement new ideas like: configuring VPN, NIS, NFS apart from what is mentioned above.


For DNS Server:

   Assigned a set of IP addresses that have to be used for this project
   Aassigned one of the following DNS server from BIND, Posadis and PowerDNS
   Create any 5 DNS records
   Use IPv4 and IPv6 addresses in your implementation of records
   Create reverse domains in in-addr.arpa and ipv6.arpa for the addresses you have been allocated

For DHCP Server:

   Assigned a set of IP addresses that have to be used for this project
   Use IPv4 and IPv6 addresses in your implementation of DHCP
   Dynamic allocation of network addresses
   The Client-Server Protocol
   PXE Boot and RARP

For Web Server & Firewall:

   Use only command line tools and packages
   Provide all the commands that you have used and also give a brief description in one line
   Provide the changes you have made to the files/folders for configuring the webserver as well as the Firewall. Also create a basic page to be server
   Make this page accessible to the clients in your network using a web browser

For Backup:

   Automate the process of backing up the data
   The backup file should be zipped and sent to a different server
   Describe briefly about how you backup automatically and also how file transfer is made
   Also provide the commands and configurations for sending the zipped file to a different location

Steps to perform the setup / installation

edit

11/15/13

   Install BIND9 
   DNS Server : Start to set DNS Server in BIND9, installation of bind9 using 'apt-get install bind9' 
   Web Server : Start to set Web Server, installation of apache2 using 'apt-get install apache2'

11/19/13

   DNS Server : Assign IPv4 address in DNS Server by editing '/etc/bind/named.conf.local'
   DHCP Server : Start to set DHCP server. Install isc-dhcp-server using 'apt-get install isc-dhcp-server', in which configuration of lease, assigning IP address are
   included inside the file. 

11/20/13

   DNS Server : Creat reverse domains in in-addr.arpa 
   Get a domian name
   Backup : Set ssh
   Try to use backup tool to complete backup assignment, use 'backuppc' and 'simply backup suit'

11/21/13

   DHCP Server : Set address pool
   Assign IPv4 addresses to others in the subnet by editing '/etc/dhcp/dhcpd.conf', An address pool of '192.168.54.71 to 192.168.54.85' has been created to assign IP
   addresses.
   Lease time is set. 600s for default and 7200s for max-lease-time.


11/22/13

   DHCP Server : Assign IPv6 addresses using radvd (editing '/etc/radvd.conf'), after setting IPv6 address of 64 bit prefix could be assigned to others.
   DNS Server : IPv4 and IPv6 addressing for the organization

11/25/13

   Web Server : Set Firewall using ufw
   Back up : Use RSYNC tool to back up 
   Check the backup file whether zipped

11/26/13

   DHCP Server : Set reservation IP address for a particular client or server, in fact a MAC address bounding approach

11/28/13

   DHCP Server : Try to use isc-dhcp-server6 to set more specific IPv6 address

11/29/13

   DHCP Server : Try to use wide-dhcpv6-server combined with radvd to set IPv6 address

11/30/13

   Add-ons : Start to work on VPN 
   Add-ons :  Start to work on NFS

12/01/13

   Add-ons : VPN set done
   Add-ons : NFS set done
   Add-ons : Try to set NIS
   Report start

12/02/13

   Report working

12/03/13

   Report done

Testing

edit

1.Test the network
To see if they can ping successfully.

2.Test DNS Server

Use Command nslookup

Type in domain name to see if it could get the IP address it mapped

Type in IP address to see if it could get the domain name it mapped

3.Test DHCP Server

Connect to network to see if it get IP addresses from DHCP Server’s range pool.

Connect PCs which has reserved IP address in DHCP pool to see if it can get the same IP address every time it get connected.

4.Test Web Server

Open the web browser, type in localhost to see if it can access the website.

5.Test MySQL

Type the command MySQL –uroot –ppassword to login the MySQL Database.

Type the command show databases; to see if it can get the table of database.

6.Test Backup

To run the backup.sh and find the backup file from one PC in other PC

7.Test VPN, NFS and etc.

Connect to the VPN Server to see if can get access.

Type the command mount to get the NFS Server exported file; edit the file to see if the server can get the latest edition file.

8.Test Firewall

Before enbale ufw, see if others could access the web server(192.168.54.80), if nothing goes wrong, others should be able to access

the webpage.

Enbale ufw by typing 'enable ufw' on the web server. See if others could access to the webpage. If nothing goes wrong, access should be unsuccessful.

Typing 'ufw allow from 192.168.54.71 to any port 80' See if others except 192.168.54.71 could access the webpage again. If nothing goes wrong, only

192.168.54.71 could access the webpage.




All above is just the basic way of testing, the details and the screen shot are in the report.

Future Prospects

edit

Expansion

Growth

Improvements


We can work on performance portability, so that we can easy implement servers for different PCs in different network. And when comes to a large amount hosts, our server can work as well. In firewall, we can use the iptables to manage the firewall rules instead of ufw. The iptables can define the firewall rules more flexible while it is more complex than ufw. Iptables can set the firewall with status, however others cannot. For GUI, we can use other tools instead of typing command lines for convenient, such as grsync or backuppc. These tools can provide GUI, and complete the backup and set parameters by clicking buttons. We can provide another way to complete the functions which is easier and friendlier to users.

Citations

edit

Websites, Books, Articles


For Ubuntu Server: https://help.ubuntu.com/10.04/serverguide/index.html

For DNS Server: https://help.ubuntu.com/10.04/serverguide/dns.html

For DHCP Server: https://help.ubuntu.com/12.04/serverguide/dhcp.html

For Web Server: http://www8.buyerpricer.com/Video.aspx?videoid=-q8Jj4aAWYw&slk=web+server+for+ubuntu&cid=36377261359&akwd=web+server+for+ubuntu&mt=b&nid=1&iscid=2100003&term=web+server+for+ubuntu&vx=0 https://help.ubuntu.com/10.04/serverguide/httpd.html

For Firewall: https://wiki.ubuntu.com/UncomplicatedFirewall http://blog.sina.com.cn/s/blog_8f3de3250100xy1u.html https://help.ubuntu.com/10.04/serverguide/firewall.html

For Backup: https://help.ubuntu.com/community/rsync https://www.digitalocean.com/community/articles/how-to-use-backuppc-to-create-a-backup-server-on-an-ubuntu-12-04-vps

For MySQL: https://help.ubuntu.com/lts/serverguide/mysql.html

For VPN: http://blog.163.com/monk...popo/blog/static/208680220111014101233949/

For NFS: https://help.ubuntu.com/lts/serverguide/network-file-system.html

For NIS: https://help.ubuntu.com/community/SettingUpNISHowTo