Data Networking/Fall 2015/ACEP

Team

edit

1.Ankit Chourasia
2.Prashanth Reddy Edunuri
3.Elveera Linda Menezes
4.Venkata Pratapa

MOTIVATION:

edit

Linux is the most significant part or driving power behind IT industry. It is running almost everywhere, on PCs, Servers, Routers, and Smartphones, etc. Linux is an Open Source and which creates a feel like independence to work and enhance our skills and obviously it develops interest in us. It helps us to become passionate for passive learning and passively acquire self-sufficiency. The world is looking for Linux professionals. There are demand, high salaries and many opportunities for Linux professionals. We are doing this project, to get acquainted with the most versatile and collaborative OS, which has features like superior design & performance, extremely scalable, Multi-Platform, True Multi-user, True Multi-tasking, Multi-threading and security.

DHCP (DYNAMIC HOST CONFIGURATION PROTOCOL):

edit

The protocol is used to allocate IP addresses to various hosts connected in a network. It automatically assigns IP addresses to all the hosts in the network of a specified range within the network, a proper subnet mask, gateway, and DNS server of the network.

For IPv4: Step 1: Install DHCP server
Command:

        sudo apt-get install isc-dhcp-server

Step 2: Now set the static IP address of the DHCP server
Command:

        sudo nano /etc/network/interfaces

Step 3: Change lo to either eth0 or wlan0 and loopback to static or else keep both of them
Command:

         Edit the interfaces to make the changes as following.
         auto lo
         iface lo inet loopback 
         auto eth0
         iface lo inet static
         address 192.168.10.3
         netmask 255.255.255.0
         gateway 192.168.10.1
         network 192.168.10.0
         broadcast 192.168.10.255
         dns-domain-nameserver 192.168.10.2
         dns-domain-search linuxproject.com

Step 4: Restart the network
Command:

         sudo nano /etc/init.d/networking restart

Step 5: Configure the DHCP server
Command:

         sudo nano /etc/dhcp/dhcp.conf

Step 6: Edit the dhcp.conf file and make the following changes
Command:

         ddns-update-style none;
         option domain-name-servers 192.168.10.254;
         option domain-name “linuxproject.com”;
         default-lease-time 600;
         max-lease-time 7200;
         authoritative;
         subnet 192.168.10.0 netmask 255.255.255.0
         {
         range 192.169.10.100 192.168.10.120;
         option routers 192.168.10.1;
         option broadcast-address 192.168.10.255;
         }

Step 7: Open the resolv.conf file
Command:

         sudo nano /etc/resolv.conf

Step 8: Edit the resolv.conf
Command:

          nameserver 192.168.10.254

Step 9: Restart the DHCP server
Command:

          sudo service isc-dhcp-server restart


For IPv6:
Step 1: Install radvd to build IPv6 DHCP server
Command:

          sudo apt-get install radvd

Step 2: Open radvd.conf file
Command:

          sudo nano /etc/radvd.conf

Step 3: Edit the radvd.conf file and make following changes
Command:

         Interfaces eth0
         {
         AdvSentAdvert on;
         AdvManagedFlag on;
         AdvOtherConfigFlag on;
         Prefix 2001:db8:0:1::/64
         {
         AdvAutonomous off;
         };
         };

Step 4: Open dhcpd.conf file
Command:

         sudo nano /etc/dhcp/dhcpd.conf

Step 5: Edit dhcpd.conf file and make following changes
Command:

         default-lease-time 600;
         max-lease-time 7200;
         log-facility local7;
         subnet6 2001:db8:0:1::/64
         {
         range6 2001:db8:0:1::129 2001:db8:0:1::254;
         }

DNS (DOMAIN NAME SYSTEM):

edit

Domain Name System is used to translate IP address to hostname and also hostname to IP address. Rather than implementing centralized architecture for DNS, which creates a possibility of single point of failure, DNS is implemented in hierarchy. At the top of hierarchy are the root DNS servers, then comes the Top Level Domain (TLDs) and then authoritative DNS servers.

Step 1: Install bind9
Command:

          sudo apt-get install bind9 

Step 2: Open the interfaces.
Command:

          sudo nano /etc/networks/interfaces

Step 3: Edit the interfaces and configure static IP address for the DNS server
Command:

          auto lo
          iface lo inet loopback
          auto eth0
          iface eth0 inet static
          address 192.168.10.2
          netmask 255.255.255.0
          network 192.168.10.0
          broadcast 192.168.10.255
          gateway 192.168.10.1

Step 4: Reboot the virtual machine
Command:

          sudo init 6

Step 5: Open the named.conf.options
Command:

          sudo nano /etc/bind/named.conf.options

Step 6: Remove the comments from the forwarders
Command:

          Remove *//* sign to uncomment and add
          forwarders. For examples use Google’s
          public DNS IPs. 8.8.8.8 and 8.8.4.4

Step 7: Configure the named.conf.options
Command:

          forwarders
          {
          192.168.10.1;
          };


Step 8: Open the named.conf.local
Command:

          sudo nano /etc/bind/named.conf.local

Step 9: Configure zones in the named.conf.local file
Command:

          // For Forward zone
          zone “linuxproject.com”
          {
          type master
          allow-transfer {192.168.10.11;};
          file “/etc/bind/zone/db.linuxproject.com”;
          };
          zone “linuxproject.com”
          {
          type slave;
          masters {192.168.10.2;};
          file “/etc/bind/zone/db.linuxproject.com”;
          };
          //For Reverse zone
          zone “10.168.192.in-addr.arpa”
          {
          type master;
          allow-transfer {192.168.10.11;};
          file “/etc/bind/zone/db.rev”;
          };
          zone “10.168.192.in-addr.arpa”
          {
          type slave;
          masters{192.168.10.2;};
          file “/etc/bind/zone/db.rev”;
          };
          #For IPv6
          zone "0.0.0.0.0.0.0.0.0.0.0.0.0.8.e.f.ipv6.arpa" {
          type master;
          notify no;
          file "/etc/bind/db.ipv6";
          };


Step 10: Open the forward lookup table in the zone
Command:

          sudo nano /etc/bind/db.linuxproject.com	

Step 11: Configure the forward lookup table
Command:

                                                  $TTL                604800
                                                   @         IN          SOA                 linuxproject.com.       
 root.linuxproject.com. (
      	   .                                          12               ; Serial
          .                                      604800               ; Refresh
          .                                       86400               ; Retry
          .                                     2419200               ; Expire
          .                                      604800 )             ; Negative Cache TTL
                    
       	    @                    IN             NS           linuxproject.com.
           linuxproject.com.            IN             A            192.168.10.100
                                        IN            AAAA          fe80::be77:37ff:fe7d:dc2e                                                          
               galaxy                   IN             A            192.168.10.101
                                        IN            AAAA          fe80::be77:37ff:fe7d:dc2c
                mail                    IN             A            192.168.10.102
                                        IN            AAAA          fe80::be77:37ff:fe7d:dc2b
               group                    IN             A            192.168.10.103
                                        IN            AAAA          fe80::be77:37ff:fe7d:dc2a
                www                     IN            CNAME         linuxproject.com.


Step 12: Open the reverse lookup table in the zone
Command:

            sudo nano /etc/bind/db.rev

Step 13: Configure the reverse lookup table
Command:

                                               $TTL                 604800
                                                 @         IN         SOA                 linuxproject.com.       
     root.linuxproject.com. (
              .                                   11                ; Serial
              .                               604800                ; Refresh
              .                                86400                ; Retry
              .                              2419200                ; Expire
              .                               604800 )              ; Negative Cache TTL
                                                 
                                     IN               NS              linuxproject.com.
             100                     IN               PTR             linuxproject.com.
             101                     IN               PTR             galaxy.linuxproject.com.
  

Step 14: Open the resolv.conf file
Command:

             sudo nano /etc/resolv.conf

Step 15: Edit the resolv.conf file
Command:

             search linuxproject.com
             nameserver 192.168.10.2

Step 16: Restart the Bind9 server
Command:

             sudo /etc/init.d/bind9 restart


WEB SERVER:

edit

A web server is a server placed in the network to primarily handle the HTTP requests made by hosts of the network. It helps to connect the network hosts to the World Wide Web. It is a network component which takes all the resolved requests from DNS as inputs, fetches the requested page or request and replies back with an appropriate reply.

Step 1: Install Apache Web server
Command:

             sudo apt-get install apache2

Step 2: Open the index.html page, which is the webpage of Web server
Command:

             sudo nano /var/www/html/index.html

Step 3: Edit the index.html
Command:

             Remove the page provided by user and 
             Write your page as you want to display

Step4: Open the interfaces
Command:

            sudo nano /etc/network/interfaces

Step 5: Edit the interfaces and change the IP address to static
Command:

            auto lo
            iface lo inet loopback
            auto eth0
            iface eth0 inet static
            address 192.168.10.100
            netmask 255.255.255.0
            network 192.168.10.0
            broadcast 192.168.10.255
            gateway 192.168.10.1

Step 6: Open the hosts
Command:

            sudo nano /etc/hosts

Step 7: Edit the hostnames in the hosts
Command:

            127.0.0.1 localhost
            127.0.1.1 linuxproject.com

Step 8: Restart the Web server
Command:

            sudo /etc/init.d/apache2 restart 

FIREWALL:

edit

A system that controls traffic coming in or going out of the network. It acts as a barrier to the unwanted traffic flowing through it. We can block a network, a particular host, or certain sections of communications such as FTP, telnet, TCP, UDP, ICMP, etc.

Step 1: Install UFW firewall
Command:

            sudo ufw enable

Step 2: Check the status
Command:

            sudo ufw status 

Step 3: Change status to active
Command:

            sudo ufw enable

Step 4: Configure UFW for port 80/tcp
Command:

            sudo ufw allow 80/tcp

Step 5: Configure UFW for port 22/tcp
Command:

            sudo ufw allow 22/tcp


BACKUP SERVER:

edit

Step 1: Log into the Web server and generate a pair of authentication keys
Command:

            sudo ssh-keygen -t -rsa

Step 2: Using ssh create a directory ~/.ssh on the host machine
Command:

            sudo chamu@192.168.85.10 mkdir –p .ssh

Step 3: Now append Web server’s public key to the host
Command:

            cat .ssh/id_rsa.pub | ssh chamu@192.168.85.10 ‘cat >> .ssh/authorized_keys’

Step 4: Now we have to compress the file, which is needed to be backed up
Command:

            sudo tar –cvpzf minutebackup.tar.gz /var/www/html/index.html

Step 5: Open crontab file
Command:

            sudo crontab -e

Step 6: Using cron jobs we will schedule the backup for every minute
Command:

            *****sudo tar –cvzpf /home/chamu/backupfolder/minutevbackup.tar.gz /var/www/html/index.html
            *****sudo scp /home/chamu/backupfolder/minutevbackup.tar.gz chamu@192.168.x.x:


MAIL SERVER:

edit

Mail server is a network component which helps to also send e-mails to other domains other than our own. If mail server would not had been there in the network, we might just be able to send e-mails to people with our domain name. Through a mail server, a mail could be send out to everyone via internet. This service is very useful for communication within and outside your domain network.

Step 1: Update the Ubuntu OS with packages
Command:

            sudo apt-get update
            sudo apt-get update -–fix-missing

Step 2: Install all the packages along with Postfix and Dovecot which are required
Command:

            sudo apt-get install bind9 dnsutils apache2 php5 postfix dovecot-common dovecot-imapd dovecot-pop3d squirrelmail mailutils

Step 3: Change the directory to /etc/bind and open named.conf.local file
Command:

            sudo nano named.conf.local 

Step 4: Add zones to the named.conf.local file
Command:

            zone “linux.com” {
                    type master;
                    file  “/etc/bind/db.linux”;
                    };
            zone “0.168.192.in-addr.arpa” {
                    type master;
                    file “/etc/bind/db.192”;
                    };

Step 5: Copy content of file db.local to db.linux
Command:

            cp db.local db.linux

Step 6: Copy content of db.127 to db.192
Command:

            cp db.127 db.192

Step 7: Open db.linux file
Command:

            nano db.linux

Step 8: Edit db.linux file
Command:

            Change localhost. to ns.linux.com.
            Change root.localhost. to root.linux.com.
            Add 
               @         IN        NS        ns.linux.com.
               @	  IN	    A	      192.168.0.1
               ns	  IN	    A	      192.168.0.1
                         IN	   MX 10      mail.linux.com.
              www	  IN	   CNAME	  ns
              mail	  IN	   CNAME	  ns

Step 9: Open db.192 file
Command:

             nano db.192

Step 10: Edit db.192 file
Command:

             Change localhost. to ns.linux.com.
             Change root.localhost. to root.linux.com.
             Change 1.0.0 to 1

Step 11: Disconnect net and restart bind
Command:

             invoke-rc.d bind9 restart

Step 12: Do a nslookup for mail we created
Command:

             nslookup mail.linux.com

Step 13: Dig that mail
Command:

             dig mail.linux.com

Step 14: change the directory to /etc/apache2/sites-available/
Command:

             cd /etc/apache2/sites-available/

Step 15: Copy content in 000-default.conf to mail.conf
Command:

             cp 000-default.conf mail.conf

Step 16: Open mail.conf file
Command:

             sudo nano mail.conf

Step 17: Edit mail.conf file
Command:

             Add ServerName mail.linux.com
             Change DocumentRoot to /usr/share/squirrelmail

Step 18: Ensite the mail
Command:

             a2ensite mail

Step 19: Restart apache
Command:

             invoke-rc.d apache2 restart

Step 20: Reconfiguring postfix
Command:

             dpkg-reconfigure postfix

Step 21: Open apache.conf file in /etc/squirrelmail/
Command:

             sudo nano /etc/squirrelmail/apache.conf

Step 22: Edit apache.conf file
Command:

             Uncomment the DocumentRoot and ServerName
             Also change ServerName to mail.linux.com

Step 23: Open dovecot.conf file in /etc/dovecot/
Command:

             sudo nano /etc/dovecot/dovecot.conf

Step 24: Edit dovecot.conf file
Command:

             Protocols = imap pop3
             #disable-plaintext_auth = no
             mail_location = mbox:~/mail: INBOX=/var/mail/%u
             mail_location = maildir:~/Maildir

Step 25: Kill all the processes
Command:

             killall named
             killall apache2
             killall dovecot

Step 26: Set the static IP address for the server
Command:

             ifconfig eth0 192.168.0.1 netmask 255.255.255.0
             ifconfig eth0 up

Step 27: Restart bind, apache, postfix and dovecot
Command:

             invoke-rc.d bind9 restart
             invoke-rc.d apache2 restart
             invoke-rc.d postfix restart
             invoke-rc.d dovecot restart	

Step 28: Addusers
Command:

             adduser linux1
             adduser linux2

NFS (NETWORK FILE SYSTEM):

edit

It is a file system protocol which is of distributed type. A client can share or access files over the network such as it is stored locally. Thus, a client will be able to have access to every file available in its network only like it has been saved by itself. This protocol improves the interactive capabilities for the host and the entire network.

Step 1: Install the NFS server
Command:

             sudo apt-get install nfs-kernel-server	

Step 2: Create directory which we need to share with client
Command:

             sudo mkdir /home/prashi/sharedir

Step 3: Providing permissions for client to access the NFS share (i.e., mkdir public to all)
Command:

             sudo chmod 777 /sharedir

Step 4: Open the user file
Command:

             sudo chmod 777 /home/prashi

Step 5: Open the export file having network address
Command:

             sudo nano /etc/exports

Step 6: Edit export file
Command:

             Write the following command
             /home/prashi/sharedir	192.168.85.0/10

Step 7: Do an exportfs command
Command:

             exportfs

Step 8: At client end, make directory test to share the file of the server
Command:

             mkdir test

Step 9: Making the test directory read and write
Command:

             ls –a test

Step 10: Mounting the servers directory on to test
Command:

             sudo mount –t nfs 192.168.85.135 /home/prashi/sharedir test


NTP (NETWORK TIME PROTOCOL):

edit

Step 1: Install ntp and ntpdate
Command:

             sudo apt-get install ntp ntpdate

Step 2: Show the status of configured peers
Command:

             ntpq –c lpeer

Step 3: Open ntp.conf file in /etc/
Command:

             sudo nano /etc/ntp.conf

Step 4: Edit ntp.conf file
Command:

             Change broadcast address 192.168.10.255	

Step 5: Restart ntp server
Command:

             sudo /etc/init.d/ntp/restart

Step 6: Show the status of configured peers and broadcast address should be added
Command:

             ntpq –c lpeer

Step 7: Open client in new virtual machine and install ntp and ntpdate
Command:

             sudo apt-get install ntp ntpdate

Step 8: Show the status of configured peers
Command:

             ntpq –c lpeer

Step 9: Open ntp.conf file in /etc/
Command:

             sudo nano /etc/ntp.conf

Step 10: Edit ntp.conf file
Command:

             Add server 192.168.85.136	

Step 11: Restart ntp server
Command:

             sudo /etc/init.d/ntp/restart

Step 12: Show the status of configured peers and server IP address should be added
Command:

             ntpq –c lpeer

VPN (VIRTUAL PRIVATE NETWORK):

edit

VPN (Virtual Private Network)- Point to Point Tunneling Protocol (PPTP)

Step 1: Install pptpd package
Command:

             sudo apt-get install pptpd

Step 2 : Open pptpd.conf file
Command:

             sudo nano /etc/pptpd.conf

Step 3: Open pptpd-options
Command:

             sudo /etc/ppp/pptpd-options
             ms-dns 192.168.10.2

Step 4: Add details as specified below for authentication
Command:

             sudo nano /etc/ppp/chap-secrets

TESTING:

edit

• Connect all network components to a switch
• Do an –ifconfig –on client
• Client gets an IP address from DHCP server; within network range and subnet mask
• Client makes a HTTP request
• Request send to DNS for resolution
• DNS resolves the request, sends back a reply to client with associated IP/Hostname
• Subsequent HTTP request made to web server
• Web server fetches and replies back to client with associated HTTP page

REFERENCES:

edit

[1] https://www.youtube.com/watch?v=hFe81mkO_uY
[2] http://mirrors.bieringer.de/Linux+IPv6-HOWTO/hints-daemons-isc-dhcp.html
[3] https://www.youtube.com/watch?v=DuVNclBfykw
[4] https://www.digitalocean.com/community/tutorials/how-to-set-up-ssh-keys--2
[5] https://www.digitalocean.com/community/tutorials/how-to-setup-a-firewall-with-ufw-on-an-ubuntu-and-debian-cloud-server
[6] https://help.ubuntu.com/community/SettingUpNFSHowTo
[7] https://help.ubuntu.com/community/BackupYourSystem
[8] https://help.ubuntu.com/12.04/serverguide/firewall.html
[9] https://vpnreviewer.com/how-to-install-vpn-server-pptp-debian-ubuntu-linux-vps
[10] http://whatismyipaddress.com/mail-server