Data Networking/Fall 2015/Harsh297
Introduction
editThis project is an attempt to create a network of devices on Linux (Ubuntu), an open source operating system .The project includes various network components. Below are servers and protocols, which are frequently used in the Internet for efficient and secure communication.
Objective
editIn this project we have implemented DHCP server and client model, DNS Query request on server, access to WEB SERVER , Firewall to restrict specific IP Addresses, VIRTUAL PRIVATE NETWORK(VPN),NETWORK FILE SYSTEM (NFS),NETWORK INFORMATION SERVICE(NIS) and Backup of our DNS SERVER on our LINUX(Ubuntu) System.
Team Members
edit1. Manan Mehta
2. Jagruti Belani
3. Harsh Chheda
Concepts
editDNS Server
editDNS is an application layer protocol. It is often referred as dictionary of Internet consisting of hostnames and their corresponding IP addresses. It resolves a domain name to its IP address and vice-versa. DNS uses both TCP and UDP connections on its port number 53. When a client writes a hostname in the web browser, it makes a request to the DNS server to translate that hostname to its corresponding IP address, which is present in that DNS server. [1]
- First the client will send the query to translate hostname to the local DNS server
- Then the local DNS server sends this request to the root DNS server, then root DNS server takes a look at the domain (ex. .com, .edu) and returns the list of IP addresses for TLD DNS servers responsible for that particular domain to local DNS server.
- Then again local DNS server resend the query to TLD DNS server, here TLD DNS server takes a look at TLD hostname and sends back the IP of authoritative DNS server to the local DNS server
- Then local DNS server sends query to authoritative DNS server, which will now respond with the desired IP address of the hostname typed by the client.
When a client writes a hostname in the web browser, it makes a request to the DNS server to translate that hostname to its corresponding IP address, which is present in that DNS server. [1]
DHCP Server
editDHCP is defined by RFC 1541 along with revisions in RFC 2131. DHCP uses UDP connection and ports 67 and 68. There are 4 handshakes Discover, Offer, Request and Acknowledgement with which DHCP works. It’s a protocol used to lease an IP address to certain client for the desired period of time, which is connected to the network dynamically. [2]
DHCP server’s operation is called as DORA process:
- Client Discover: Initially when client is on it sends IP as 0.0.0.0 255.255.255.255, which is called, Discover request.
- Server Offer: After Discover, DHCP server offers an IP address to the client in Offer.
- Client Request: After Server’s Offer, client makes official Request for IP address to DHCP server. (But the server has already given an IP address to that client, so client request is just sent for a sake of ACK from server)
- Server Acknowledgement: After official request from client, Server Acknowledges the Request from client.
WEB Server
editWeb Server is used to create web pages. Web Server use port 80 to accept HTTP request and port 443 to accept HTTPS request. Apache is a Web Server and here we are using version 2.0. Here we have used HTML language to create the web page.
Firewall
editFirewall is used to guard an internal private network from external public network. To implement firewall, Firewall Configuration (UFW) software is used. Firewall can be hardware or software based. Firewall helps to provide security and privacy. Normally when a client make a request to certain hostname on its web server, it will see a web page if the hostname exists. But if that particular client is denied access to a webpage by using Firewall then after making the request, the client will not be able to browse the web page.
Backup
editBackup is used to take a backup of the files by synchronizing files and directories from one location to another. Backup is used so as to recover files in case of loss . Backup of the DNS Server on our Linux System has been implemented using Secure Shell (SSH).This will encrypt the data during the file transfer.
Configurations
editDNS Configuration
editDHCP Configuration
editWeb Server Configuration
editFirewall Configuration
editBackup Configuration
editNetwork Information Services
editNetwork File System
editVPN
editFuture Scope
edit1. A secondary DNS server can be added by providing Backup to Main DNS Server.
2. Routers can be added to see communication between hosts from different subnets.
3. NFS can be used to mount the entire files from the server to a desired client as a form of backup.
4. NFS can also be used to give desired file preference to the specific client.
5. Port Security can be added to the DHCP Server.