Data Networking/Fall 2015/ACEP
Team
edit1.Ankit Chourasia
2.Prashanth Reddy Edunuri
3.Elveera Linda Menezes
4.Venkata Pratapa
MOTIVATION:
editLinux is the most significant part or driving power behind IT industry. It is running almost everywhere, on PCs, Servers, Routers, and Smartphones, etc. Linux is an Open Source and which creates a feel like independence to work and enhance our skills and obviously it develops interest in us. It helps us to become passionate for passive learning and passively acquire self-sufficiency. The world is looking for Linux professionals. There are demand, high salaries and many opportunities for Linux professionals. We are doing this project, to get acquainted with the most versatile and collaborative OS, which has features like superior design & performance, extremely scalable, Multi-Platform, True Multi-user, True Multi-tasking, Multi-threading and security.
DHCP (DYNAMIC HOST CONFIGURATION PROTOCOL):
editThe protocol is used to allocate IP addresses to various hosts connected in a network. It automatically assigns IP addresses to all the hosts in the network of a specified range within the network, a proper subnet mask, gateway, and DNS server of the network.
For IPv4:
Step 1: Install DHCP server
Command:
sudo apt-get install isc-dhcp-server
Step 2: Now set the static IP address of the DHCP server
Command:
sudo nano /etc/network/interfaces
Step 3: Change lo to either eth0 or wlan0 and loopback to static or else keep both of them
Command:
Edit the interfaces to make the changes as following. auto lo iface lo inet loopback auto eth0 iface lo inet static address 192.168.10.3 netmask 255.255.255.0 gateway 192.168.10.1 network 192.168.10.0 broadcast 192.168.10.255 dns-domain-nameserver 192.168.10.2 dns-domain-search linuxproject.com
Step 4: Restart the network
Command:
sudo nano /etc/init.d/networking restart
Step 5: Configure the DHCP server
Command:
sudo nano /etc/dhcp/dhcp.conf
Step 6: Edit the dhcp.conf file and make the following changes
Command:
ddns-update-style none; option domain-name-servers 192.168.10.254; option domain-name “linuxproject.com”; default-lease-time 600; max-lease-time 7200; authoritative; subnet 192.168.10.0 netmask 255.255.255.0 { range 192.169.10.100 192.168.10.120; option routers 192.168.10.1; option broadcast-address 192.168.10.255; }
Step 7: Open the resolv.conf file
Command:
sudo nano /etc/resolv.conf
Step 8: Edit the resolv.conf
Command:
nameserver 192.168.10.254
Step 9: Restart the DHCP server
Command:
sudo service isc-dhcp-server restart
For IPv6:
Step 1: Install radvd to build IPv6 DHCP server
Command:
sudo apt-get install radvd
Step 2: Open radvd.conf file
Command:
sudo nano /etc/radvd.conf
Step 3: Edit the radvd.conf file and make following changes
Command:
Interfaces eth0 { AdvSentAdvert on; AdvManagedFlag on; AdvOtherConfigFlag on; Prefix 2001:db8:0:1::/64 { AdvAutonomous off; }; };
Step 4: Open dhcpd.conf file
Command:
sudo nano /etc/dhcp/dhcpd.conf
Step 5: Edit dhcpd.conf file and make following changes
Command:
default-lease-time 600; max-lease-time 7200; log-facility local7; subnet6 2001:db8:0:1::/64 { range6 2001:db8:0:1::129 2001:db8:0:1::254; }
DNS (DOMAIN NAME SYSTEM):
editDomain Name System is used to translate IP address to hostname and also hostname to IP address. Rather than implementing centralized architecture for DNS, which creates a possibility of single point of failure, DNS is implemented in hierarchy. At the top of hierarchy are the root DNS servers, then comes the Top Level Domain (TLDs) and then authoritative DNS servers.
Step 1: Install bind9
Command:
sudo apt-get install bind9
Step 2: Open the interfaces.
Command:
sudo nano /etc/networks/interfaces
Step 3: Edit the interfaces and configure static IP address for the DNS server
Command:
auto lo iface lo inet loopback auto eth0 iface eth0 inet static address 192.168.10.2 netmask 255.255.255.0 network 192.168.10.0 broadcast 192.168.10.255 gateway 192.168.10.1
Step 4: Reboot the virtual machine
Command:
sudo init 6
Step 5: Open the named.conf.options
Command:
sudo nano /etc/bind/named.conf.options
Step 6: Remove the comments from the forwarders
Command:
Remove *//* sign to uncomment and add forwarders. For examples use Google’s public DNS IPs. 8.8.8.8 and 8.8.4.4
Step 7: Configure the named.conf.options
Command:
forwarders { 192.168.10.1; };
Step 8: Open the named.conf.local
Command:
sudo nano /etc/bind/named.conf.local
Step 9: Configure zones in the named.conf.local file
Command:
// For Forward zone zone “linuxproject.com” { type master allow-transfer {192.168.10.11;}; file “/etc/bind/zone/db.linuxproject.com”; };
zone “linuxproject.com” { type slave; masters {192.168.10.2;}; file “/etc/bind/zone/db.linuxproject.com”; };
//For Reverse zone zone “10.168.192.in-addr.arpa” { type master; allow-transfer {192.168.10.11;}; file “/etc/bind/zone/db.rev”; }; zone “10.168.192.in-addr.arpa” { type slave; masters{192.168.10.2;}; file “/etc/bind/zone/db.rev”; }; #For IPv6 zone "0.0.0.0.0.0.0.0.0.0.0.0.0.8.e.f.ipv6.arpa" { type master; notify no; file "/etc/bind/db.ipv6"; };
Step 10: Open the forward lookup table in the zone
Command:
sudo nano /etc/bind/db.linuxproject.com
Step 11: Configure the forward lookup table
Command:
$TTL 604800 @ IN SOA linuxproject.com. root.linuxproject.com. ( . 12 ; Serial . 604800 ; Refresh . 86400 ; Retry . 2419200 ; Expire . 604800 ) ; Negative Cache TTL @ IN NS linuxproject.com. linuxproject.com. IN A 192.168.10.100 IN AAAA fe80::be77:37ff:fe7d:dc2e galaxy IN A 192.168.10.101 IN AAAA fe80::be77:37ff:fe7d:dc2c mail IN A 192.168.10.102 IN AAAA fe80::be77:37ff:fe7d:dc2b group IN A 192.168.10.103 IN AAAA fe80::be77:37ff:fe7d:dc2a www IN CNAME linuxproject.com.
Step 12: Open the reverse lookup table in the zone
Command:
sudo nano /etc/bind/db.rev
Step 13: Configure the reverse lookup table
Command:
$TTL 604800 @ IN SOA linuxproject.com. root.linuxproject.com. ( . 11 ; Serial . 604800 ; Refresh . 86400 ; Retry . 2419200 ; Expire . 604800 ) ; Negative Cache TTL IN NS linuxproject.com. 100 IN PTR linuxproject.com. 101 IN PTR galaxy.linuxproject.com.
Step 14: Open the resolv.conf file
Command:
sudo nano /etc/resolv.conf
Step 15: Edit the resolv.conf file
Command:
search linuxproject.com nameserver 192.168.10.2
Step 16: Restart the Bind9 server
Command:
sudo /etc/init.d/bind9 restart
WEB SERVER:
editA web server is a server placed in the network to primarily handle the HTTP requests made by hosts of the network. It helps to connect the network hosts to the World Wide Web. It is a network component which takes all the resolved requests from DNS as inputs, fetches the requested page or request and replies back with an appropriate reply.
Step 1: Install Apache Web server
Command:
sudo apt-get install apache2
Step 2: Open the index.html page, which is the webpage of Web server
Command:
sudo nano /var/www/html/index.html
Step 3: Edit the index.html
Command:
Remove the page provided by user and Write your page as you want to display
Step4: Open the interfaces
Command:
sudo nano /etc/network/interfaces
Step 5: Edit the interfaces and change the IP address to static
Command:
auto lo iface lo inet loopback auto eth0 iface eth0 inet static address 192.168.10.100 netmask 255.255.255.0 network 192.168.10.0 broadcast 192.168.10.255 gateway 192.168.10.1
Step 6: Open the hosts
Command:
sudo nano /etc/hosts
Step 7: Edit the hostnames in the hosts
Command:
127.0.0.1 localhost 127.0.1.1 linuxproject.com
Step 8: Restart the Web server
Command:
sudo /etc/init.d/apache2 restart
FIREWALL:
editA system that controls traffic coming in or going out of the network. It acts as a barrier to the unwanted traffic flowing through it. We can block a network, a particular host, or certain sections of communications such as FTP, telnet, TCP, UDP, ICMP, etc.
Step 1: Install UFW firewall
Command:
sudo ufw enable
Step 2: Check the status
Command:
sudo ufw status
Step 3: Change status to active
Command:
sudo ufw enable
Step 4: Configure UFW for port 80/tcp
Command:
sudo ufw allow 80/tcp
Step 5: Configure UFW for port 22/tcp
Command:
sudo ufw allow 22/tcp
BACKUP SERVER:
editStep 1: Log into the Web server and generate a pair of authentication keys
Command:
sudo ssh-keygen -t -rsa
Step 2: Using ssh create a directory ~/.ssh on the host machine
Command:
sudo chamu@192.168.85.10 mkdir –p .ssh
Step 3: Now append Web server’s public key to the host
Command:
cat .ssh/id_rsa.pub | ssh chamu@192.168.85.10 ‘cat >> .ssh/authorized_keys’
Step 4: Now we have to compress the file, which is needed to be backed up
Command:
sudo tar –cvpzf minutebackup.tar.gz /var/www/html/index.html
Step 5: Open crontab file
Command:
sudo crontab -e
Step 6: Using cron jobs we will schedule the backup for every minute
Command:
*****sudo tar –cvzpf /home/chamu/backupfolder/minutevbackup.tar.gz /var/www/html/index.html *****sudo scp /home/chamu/backupfolder/minutevbackup.tar.gz chamu@192.168.x.x:
MAIL SERVER:
editMail server is a network component which helps to also send e-mails to other domains other than our own. If mail server would not had been there in the network, we might just be able to send e-mails to people with our domain name. Through a mail server, a mail could be send out to everyone via internet. This service is very useful for communication within and outside your domain network.
Step 1: Update the Ubuntu OS with packages
Command:
sudo apt-get update sudo apt-get update -–fix-missing
Step 2: Install all the packages along with Postfix and Dovecot which are required
Command:
sudo apt-get install bind9 dnsutils apache2 php5 postfix dovecot-common dovecot-imapd dovecot-pop3d squirrelmail mailutils
Step 3: Change the directory to /etc/bind and open named.conf.local file
Command:
sudo nano named.conf.local
Step 4: Add zones to the named.conf.local file
Command:
zone “linux.com” { type master; file “/etc/bind/db.linux”; };
zone “0.168.192.in-addr.arpa” { type master; file “/etc/bind/db.192”; };
Step 5: Copy content of file db.local to db.linux
Command:
cp db.local db.linux
Step 6: Copy content of db.127 to db.192
Command:
cp db.127 db.192
Step 7: Open db.linux file
Command:
nano db.linux
Step 8: Edit db.linux file
Command:
Change localhost. to ns.linux.com. Change root.localhost. to root.linux.com. Add @ IN NS ns.linux.com. @ IN A 192.168.0.1 ns IN A 192.168.0.1 IN MX 10 mail.linux.com. www IN CNAME ns mail IN CNAME ns
Step 9: Open db.192 file
Command:
nano db.192
Step 10: Edit db.192 file
Command:
Change localhost. to ns.linux.com. Change root.localhost. to root.linux.com. Change 1.0.0 to 1
Step 11: Disconnect net and restart bind
Command:
invoke-rc.d bind9 restart
Step 12: Do a nslookup for mail we created
Command:
nslookup mail.linux.com
Step 13: Dig that mail
Command:
dig mail.linux.com
Step 14: change the directory to /etc/apache2/sites-available/
Command:
cd /etc/apache2/sites-available/
Step 15: Copy content in 000-default.conf to mail.conf
Command:
cp 000-default.conf mail.conf
Step 16: Open mail.conf file
Command:
sudo nano mail.conf
Step 17: Edit mail.conf file
Command:
Add ServerName mail.linux.com Change DocumentRoot to /usr/share/squirrelmail
Step 18: Ensite the mail
Command:
a2ensite mail
Step 19: Restart apache
Command:
invoke-rc.d apache2 restart
Step 20: Reconfiguring postfix
Command:
dpkg-reconfigure postfix
Step 21: Open apache.conf file in /etc/squirrelmail/
Command:
sudo nano /etc/squirrelmail/apache.conf
Step 22: Edit apache.conf file
Command:
Uncomment the DocumentRoot and ServerName Also change ServerName to mail.linux.com
Step 23: Open dovecot.conf file in /etc/dovecot/
Command:
sudo nano /etc/dovecot/dovecot.conf
Step 24: Edit dovecot.conf file
Command:
Protocols = imap pop3 #disable-plaintext_auth = no mail_location = mbox:~/mail: INBOX=/var/mail/%u mail_location = maildir:~/Maildir
Step 25: Kill all the processes
Command:
killall named killall apache2 killall dovecot
Step 26: Set the static IP address for the server
Command:
ifconfig eth0 192.168.0.1 netmask 255.255.255.0 ifconfig eth0 up
Step 27: Restart bind, apache, postfix and dovecot
Command:
invoke-rc.d bind9 restart invoke-rc.d apache2 restart invoke-rc.d postfix restart invoke-rc.d dovecot restart
Step 28: Addusers
Command:
adduser linux1 adduser linux2
NFS (NETWORK FILE SYSTEM):
editIt is a file system protocol which is of distributed type. A client can share or access files over the network such as it is stored locally. Thus, a client will be able to have access to every file available in its network only like it has been saved by itself. This protocol improves the interactive capabilities for the host and the entire network.
Step 1: Install the NFS server
Command:
sudo apt-get install nfs-kernel-server
Step 2: Create directory which we need to share with client
Command:
sudo mkdir /home/prashi/sharedir
Step 3: Providing permissions for client to access the NFS share (i.e., mkdir public to all)
Command:
sudo chmod 777 /sharedir
Step 4: Open the user file
Command:
sudo chmod 777 /home/prashi
Step 5: Open the export file having network address
Command:
sudo nano /etc/exports
Step 6: Edit export file
Command:
Write the following command /home/prashi/sharedir 192.168.85.0/10
Step 7: Do an exportfs command
Command:
exportfs
Step 8: At client end, make directory test to share the file of the server
Command:
mkdir test
Step 9: Making the test directory read and write
Command:
ls –a test
Step 10: Mounting the servers directory on to test
Command:
sudo mount –t nfs 192.168.85.135 /home/prashi/sharedir test
NTP (NETWORK TIME PROTOCOL):
editStep 1: Install ntp and ntpdate
Command:
sudo apt-get install ntp ntpdate
Step 2: Show the status of configured peers
Command:
ntpq –c lpeer
Step 3: Open ntp.conf file in /etc/
Command:
sudo nano /etc/ntp.conf
Step 4: Edit ntp.conf file
Command:
Change broadcast address 192.168.10.255
Step 5: Restart ntp server
Command:
sudo /etc/init.d/ntp/restart
Step 6: Show the status of configured peers and broadcast address should be added
Command:
ntpq –c lpeer
Step 7: Open client in new virtual machine and install ntp and ntpdate
Command:
sudo apt-get install ntp ntpdate
Step 8: Show the status of configured peers
Command:
ntpq –c lpeer
Step 9: Open ntp.conf file in /etc/
Command:
sudo nano /etc/ntp.conf
Step 10: Edit ntp.conf file
Command:
Add server 192.168.85.136
Step 11: Restart ntp server
Command:
sudo /etc/init.d/ntp/restart
Step 12: Show the status of configured peers and server IP address should be added
Command:
ntpq –c lpeer
VPN (VIRTUAL PRIVATE NETWORK):
editVPN (Virtual Private Network)- Point to Point Tunneling Protocol (PPTP)
Step 1: Install pptpd package
Command:
sudo apt-get install pptpd
Step 2 : Open pptpd.conf file
Command:
sudo nano /etc/pptpd.conf
Step 3: Open pptpd-options
Command:
sudo /etc/ppp/pptpd-options ms-dns 192.168.10.2
Step 4: Add details as specified below for authentication
Command:
sudo nano /etc/ppp/chap-secrets
TESTING:
edit• Connect all network components to a switch
• Do an –ifconfig –on client
• Client gets an IP address from DHCP server; within network range and subnet mask
• Client makes a HTTP request
• Request send to DNS for resolution
• DNS resolves the request, sends back a reply to client with associated IP/Hostname
• Subsequent HTTP request made to web server
• Web server fetches and replies back to client with associated HTTP page
REFERENCES:
edit[1] https://www.youtube.com/watch?v=hFe81mkO_uY
[2] http://mirrors.bieringer.de/Linux+IPv6-HOWTO/hints-daemons-isc-dhcp.html
[3] https://www.youtube.com/watch?v=DuVNclBfykw
[4] https://www.digitalocean.com/community/tutorials/how-to-set-up-ssh-keys--2
[5] https://www.digitalocean.com/community/tutorials/how-to-setup-a-firewall-with-ufw-on-an-ubuntu-and-debian-cloud-server
[6] https://help.ubuntu.com/community/SettingUpNFSHowTo
[7] https://help.ubuntu.com/community/BackupYourSystem
[8] https://help.ubuntu.com/12.04/serverguide/firewall.html
[9] https://vpnreviewer.com/how-to-install-vpn-server-pptp-debian-ubuntu-linux-vps
[10] http://whatismyipaddress.com/mail-server