Wikiversity

Data Networking/Fall 2016/Sanket Jabade

< Data Networking‎ | Fall 2016

Data Networking

Linux Project to implement DNS, DHCP, Web Server, Firewall and Backup edit

In this webpage we describe our Linux project based on implementation of networking concepts such as DNS, DHCP, Web Server, Firewall and Backup.

Team Members edit

1) Sanket Jabade
2) Maheshwar Gurav
3) Prajwal Patil
4) Riteshkumar Gupta

Why Linux over other operating systems? edit

Linux is an open source and free operating system widely used in almost all major Telecommunication and IT companies. Anyone can easily modify the source code and use it according to their needs for different applications.

Introduction edit

The main aim of this project is to implement networking concepts using Linux. We tried to implement various networking concepts like DNS, DHCP, Web Server, Backup and a Firewall.
We have used Ubuntu 16.04 LTS for implementation.

Background edit

1) Domain Name System (DNS)
DNS (Domain Name system) is a service similar to a phone-book. It basically translates any host-name to its specific IP address. This service makes it easier for users to access any website via its host-name rather than remembering its IP address. DNS runs over UDP and uses port 53. It uses few additional services along with host-name to IP address translation like host aliasing, mail server aliasing and load distribution.

2) Dynamic Host Configuration Protocol (DHCP)
DHCP (Dynamic Host Configuration Protocol) is a standardized network protocol that dynamically provides various networking parameters such as IP address, subnet mask, default gateway to any host machine who wants to communicate over a network. It basically works on DORA process i.e. D-Discovery, O-Offer, R-Request and A-Acknowledgement.
Step 1: Host machine sends "Discovery" message to request for IP address to all listening DHCP servers.
Step 2: Any DHCP server will then "Offer" an IP address from its pool of addresses.
Step 3: The host will now "Request" this offered IP address from the DHCP server.
Step 4: The DHCP server will finally "Acknowledge" this request and provides the IP address along with other necessary network parameters.

3) Web Server
A web server is a machine or a program that uses HTTP (Hypertext Transfer Protocol) to process requests from users and provides information in the form of web pages over the Internet or the World Wide Web. The users who request for information are called clients and the machines who respond to this request are called Web Servers. This process is called as a client-server model.
There are 4 primary different Web Servers like Apache, IIS, nginx and GWS. We are using Apache web server for project implementation, currently the most popular one in the market.

4) Backup Web Server
The web server is a machine and it may crash anytime due to various reasons like increase in usage or heavy processes running on it. So it is always better to have a backup of everyday's work in some another machine so that data can be recovered easily. Hence we create a backup server to avoid loss of data.

5) Firewall
Firewall is a network security system (either hardware or software based) that manages the incoming and outgoing network traffic based on predefined set of rules. It basically acts as a barrier between a secured internal network and any outside network(either secured or unsecured).

Configuration Steps edit

DHCP Server
 edit

1. Install DHCP Server 

    sudo apt-get install isc-dhcp-server

2. Install the radvd to configure the parameters 

    sudo apt-get install radvd

3. To configure DHCP modify below files 

    sudo nano /etc/network/interfaces

    sudo nano /etc/default/isc-dhcp-server

    sudo nano /etc/dhcp/dhcpd.conf

4. For clients install below package 

    sudo apt-get install wide-dhcpv6-server


DNS server
 edit

Configuring Primary DNS Server 1. Install Bind9 

    sudo apt-get install bind9 bind9utils bind9-doc

2. Configure caching name server (edit named.conf.options file) 

    sudo nano /etc/bind/named.conf.options

  Un-comment the following lines and add below details

<syntaxhighilight lang="text"> 

    forwarders {
      192.168.1.13;
      192.168.1.12;
     };


3. Restart bind9 service 

   sudo systemctl restart bind9

4. Edit named.conf.local file 

   sudo nano /etc/bind/named.conf.local

Define the forward and reverse file as shown below <syntaxhighilight lang="text"> 

   zone "fouroseven.com" {
             type master;
             file "/etc/bind/db.fouroseven.com";
             allow-transfer { 192.168.1.12; };
             also-notify { 192.168.1.12; };
     };
     zone "1.168.192.in-addr.arpa" {
       type master;
       file "/etc/bind/db.192";
       allow-transfer { 192.168.1.12; };
       also-notify { 192.168.1.12; };
     };

</syntaxhighlight>

5. Create forward zone file 

   sudo nano /etc/bind/db.fouroseven.com

Add the following lines <syntaxhighilight lang="text"> 

     $TTL 604800
 @   IN  SOA     master.fouroseven.com. root.fouroseven.com. (
                    10    ;   Serial
                604800    ;   Refresh
                34000     ;   Retry
                241920    ;   Expire
                604800 )  ;   Negative Cache TTL
       IN           A      192.168.1.14
 ;
 @       IN  NS          master.fouroseven.com.
 @       IN  NS          slave.fouroseven.com.
 @       IN  A           192.168.1.14
 master  IN  A           192.168.1.13
 slave   IN  A           192.168.1.12
 www     IN  A           192.168.1.14
 dee     IN  CNAME       www.fouroseven.com.
 why     IN  CNAME       www.fouroseven.com.
 client  IN  A           192.168.1.20

</syntaxhighilight>

Web Server
 edit

1. Install Apache Web Server 

    sudo apt-get install apache2

2. Restart the web server 

    sudo /etc/init.d/apache2 stop

    sudo /etc/init.d/apache2 start

3. Modify or create the web page as per requirement 

    sudo nano /var/www/html/index.html

Firewall
 edit

1. Install IP tables Persistent packages 

   sudo apt-get install -y iptables-persistent

2. Add Net filter persistent startup 

    sudo invoke-rc.d netfilter-persistent save

3. Stop Netfilter Persistent service 

    sudo service netfilter-persistent stop

4. Open the rules.v4 file from /etc/iptables and do the following changes 

    -A INPUT -s 192.168.1.25/255.255.255.0 -p tcp -m tcp --dport 22 -j ACCEPT

    -A INPUT -p tcp -m state --state NEW,ESTABLISHED --dport 80 -j ACCEPT

    -A INPUT -j DROP

    -A FORWARD -j DROP

    -A INPUT -j DROP

5. Start netfilter persistent service 

    sudo service netfilter-persistent start

6. Check status 

    sudo iptables -L

Backup Server
 edit

1. Generate a pair of public keys 

   sudo ssh-keygen -t rsa

2. Create .ssh on host 

    ssh <backupuser>@<IP addr> mkdir -p .ssh

3. Appending the Web server's public key to host 

    cat .ssh/id_rsa.pub | ssh <backupuser>@<IP addr> 'cat >> .ssh/authorized_keys'

4. Compress the backup 

    sudo tar –cvpzf /home/webserver/minbkup.tar.gz /var/www/html/

5. We use crontab to take backup every minute 

    sudo crontab –e

    * * * * * sudo tar -cvpzf /home/webserver/minbkup.tar.gz /var/www/html/

    * * * * * sudo scp /home/webserver/minbkup.tar <backupuser>@<IP addr>:/path of backup server

References edit

Websites
 edit

1) https://www.ostechnix.com/install-and-configure-dns-server-ubuntu-16-04-lts/
2) https://help.ubuntu.com/
3) https://www.digitalocean.com
4) http://askubuntu.com/questions/

Books
 edit

1) Computer Networking- A Top-Down Approach (Fifth Edition)- By James F. Kurose & Keith W. Ross


Retrieved from "https://en.wikiversity.org/w/index.php?title=Data_Networking/Fall_2016/Sanket_Jabade&oldid=2196584"