Data Networking/Fall 2015/ACEP
Team
1.Ankit Chourasia
2.Prashanth Reddy Edunuri
3.Elveera Linda Menezes
4.Venkata Pratapa
MOTIVATION:
Linux is the most significant part or driving power behind IT industry. It is running almost everywhere, on PCs, Servers, Routers, and Smartphones, etc. Linux is an Open Source and which creates a feel like independence to work and enhance our skills and obviously it develops interest in us. It helps us to become passionate for passive learning and passively acquire self-sufficiency. The world is looking for Linux professionals. There are demand, high salaries and many opportunities for Linux professionals. We are doing this project, to get acquainted with the most versatile and collaborative OS, which has features like superior design & performance, extremely scalable, Multi-Platform, True Multi-user, True Multi-tasking, Multi-threading and security.
DHCP (DYNAMIC HOST CONFIGURATION PROTOCOL):
The protocol is used to allocate IP addresses to various hosts connected in a network. It automatically assigns IP addresses to all the hosts in the network of a specified range within the network, a proper subnet mask, gateway, and DNS server of the network.
For IPv4:
Step 1: Install DHCP server
Command:
sudo apt-get install isc-dhcp-server
Step 2: Now set the static IP address of the DHCP server
Command:
sudo nano /etc/network/interfaces
Step 3: Change lo to either eth0 or wlan0 and loopback to static or else keep both of them
Command:
Edit the interfaces to make the changes as following.
auto lo
iface lo inet loopback
auto eth0
iface lo inet static
address 192.168.10.3
netmask 255.255.255.0
gateway 192.168.10.1
network 192.168.10.0
broadcast 192.168.10.255
dns-domain-nameserver 192.168.10.2
dns-domain-search linuxproject.com
Step 4: Restart the network
Command:
sudo nano /etc/init.d/networking restart
Step 5: Configure the DHCP server
Command:
sudo nano /etc/dhcp/dhcp.conf
Step 6: Edit the dhcp.conf file and make the following changes
Command:
ddns-update-style none;
option domain-name-servers 192.168.10.254;
option domain-name “linuxproject.com”;
default-lease-time 600;
max-lease-time 7200;
authoritative;
subnet 192.168.10.0 netmask 255.255.255.0
{
range 192.169.10.100 192.168.10.120;
option routers 192.168.10.1;
option broadcast-address 192.168.10.255;
}
Step 7: Open the resolv.conf file
Command:
sudo nano /etc/resolv.conf
Step 8: Edit the resolv.conf
Command:
nameserver 192.168.10.254
Step 9: Restart the DHCP server
Command:
sudo service isc-dhcp-server restart
For IPv6:
Step 1: Install radvd to build IPv6 DHCP server
Command:
sudo apt-get install radvd
Step 2: Open radvd.conf file
Command:
sudo nano /etc/radvd.conf
Step 3: Edit the radvd.conf file and make following changes
Command:
Interfaces eth0
{
AdvSentAdvert on;
AdvManagedFlag on;
AdvOtherConfigFlag on;
Prefix 2001:db8:0:1::/64
{
AdvAutonomous off;
};
};
Step 4: Open dhcpd.conf file
Command:
sudo nano /etc/dhcp/dhcpd.conf
Step 5: Edit dhcpd.conf file and make following changes
Command:
default-lease-time 600;
max-lease-time 7200;
log-facility local7;
subnet6 2001:db8:0:1::/64
{
range6 2001:db8:0:1::129 2001:db8:0:1::254;
}
DNS (DOMAIN NAME SYSTEM):
Domain Name System is used to translate IP address to hostname and also hostname to IP address. Rather than implementing centralized architecture for DNS, which creates a possibility of single point of failure, DNS is implemented in hierarchy. At the top of hierarchy are the root DNS servers, then comes the Top Level Domain (TLDs) and then authoritative DNS servers.
Step 1: Install bind9
Command:
sudo apt-get install bind9
Step 2: Open the interfaces.
Command:
sudo nano /etc/networks/interfaces
Step 3: Edit the interfaces and configure static IP address for the DNS server
Command:
auto lo
iface lo inet loopback
auto eth0
iface eth0 inet static
address 192.168.10.2
netmask 255.255.255.0
network 192.168.10.0
broadcast 192.168.10.255
gateway 192.168.10.1
Step 4: Reboot the virtual machine
Command:
sudo init 6
Step 5: Open the named.conf.options
Command:
sudo nano /etc/bind/named.conf.options
Step 6: Remove the comments from the forwarders
Command:
Remove *//* sign to uncomment and add
forwarders. For examples use Google’s
public DNS IPs. 8.8.8.8 and 8.8.4.4
Step 7: Configure the named.conf.options
Command:
forwarders
{
192.168.10.1;
};
Step 8: Open the named.conf.local
Command:
sudo nano /etc/bind/named.conf.local
Step 9: Configure zones in the named.conf.local file
Command:
// For Forward zone
zone “linuxproject.com”
{
type master
allow-transfer {192.168.10.11;};
file “/etc/bind/zone/db.linuxproject.com”;
};
zone “linuxproject.com”
{
type slave;
masters {192.168.10.2;};
file “/etc/bind/zone/db.linuxproject.com”;
};
//For Reverse zone
zone “10.168.192.in-addr.arpa”
{
type master;
allow-transfer {192.168.10.11;};
file “/etc/bind/zone/db.rev”;
};
zone “10.168.192.in-addr.arpa”
{
type slave;
masters{192.168.10.2;};
file “/etc/bind/zone/db.rev”;
};
#For IPv6
zone "0.0.0.0.0.0.0.0.0.0.0.0.0.8.e.f.ipv6.arpa" {
type master;
notify no;
file "/etc/bind/db.ipv6";
};
Step 10: Open the forward lookup table in the zone
Command:
sudo nano /etc/bind/db.linuxproject.com
Step 11: Configure the forward lookup table
Command:
$TTL 604800
@ IN SOA linuxproject.com.
root.linuxproject.com. (
. 12 ; Serial
. 604800 ; Refresh
. 86400 ; Retry
. 2419200 ; Expire
. 604800 ) ; Negative Cache TTL
@ IN NS linuxproject.com.
linuxproject.com. IN A 192.168.10.100
IN AAAA fe80::be77:37ff:fe7d:dc2e
galaxy IN A 192.168.10.101
IN AAAA fe80::be77:37ff:fe7d:dc2c
mail IN A 192.168.10.102
IN AAAA fe80::be77:37ff:fe7d:dc2b
group IN A 192.168.10.103
IN AAAA fe80::be77:37ff:fe7d:dc2a
www IN CNAME linuxproject.com.
Step 12: Open the reverse lookup table in the zone
Command:
sudo nano /etc/bind/db.rev
Step 13: Configure the reverse lookup table
Command:
$TTL 604800
@ IN SOA linuxproject.com.
root.linuxproject.com. (
. 11 ; Serial
. 604800 ; Refresh
. 86400 ; Retry
. 2419200 ; Expire
. 604800 ) ; Negative Cache TTL
IN NS linuxproject.com.
100 IN PTR linuxproject.com.
101 IN PTR galaxy.linuxproject.com.
Step 14: Open the resolv.conf file
Command:
sudo nano /etc/resolv.conf
Step 15: Edit the resolv.conf file
Command:
search linuxproject.com
nameserver 192.168.10.2
Step 16: Restart the Bind9 server
Command:
sudo /etc/init.d/bind9 restart
WEB SERVER:
A web server is a server placed in the network to primarily handle the HTTP requests made by hosts of the network. It helps to connect the network hosts to the World Wide Web. It is a network component which takes all the resolved requests from DNS as inputs, fetches the requested page or request and replies back with an appropriate reply.
Step 1: Install Apache Web server
Command:
sudo apt-get install apache2
Step 2: Open the index.html page, which is the webpage of Web server
Command:
sudo nano /var/www/html/index.html
Step 3: Edit the index.html
Command:
Remove the page provided by user and
Write your page as you want to display
Step4: Open the interfaces
Command:
sudo nano /etc/network/interfaces
Step 5: Edit the interfaces and change the IP address to static
Command:
auto lo
iface lo inet loopback
auto eth0
iface eth0 inet static
address 192.168.10.100
netmask 255.255.255.0
network 192.168.10.0
broadcast 192.168.10.255
gateway 192.168.10.1
Step 6: Open the hosts
Command:
sudo nano /etc/hosts
Step 7: Edit the hostnames in the hosts
Command:
127.0.0.1 localhost
127.0.1.1 linuxproject.com
Step 8: Restart the Web server
Command:
sudo /etc/init.d/apache2 restart
FIREWALL:
A system that controls traffic coming in or going out of the network. It acts as a barrier to the unwanted traffic flowing through it. We can block a network, a particular host, or certain sections of communications such as FTP, telnet, TCP, UDP, ICMP, etc.
Step 1: Install UFW firewall
Command:
sudo ufw enable
Step 2: Check the status
Command:
sudo ufw status
Step 3: Change status to active
Command:
sudo ufw enable
Step 4: Configure UFW for port 80/tcp
Command:
sudo ufw allow 80/tcp
Step 5: Configure UFW for port 22/tcp
Command:
sudo ufw allow 22/tcp
BACKUP SERVER:
Step 1: Log into the Web server and generate a pair of authentication keys
Command:
sudo ssh-keygen -t -rsa
Step 2: Using ssh create a directory ~/.ssh on the host machine
Command:
sudo chamu@192.168.85.10 mkdir –p .ssh
Step 3: Now append Web server’s public key to the host
Command:
cat .ssh/id_rsa.pub | ssh chamu@192.168.85.10 ‘cat >> .ssh/authorized_keys’
Step 4: Now we have to compress the file, which is needed to be backed up
Command:
sudo tar –cvpzf minutebackup.tar.gz /var/www/html/index.html
Step 5: Open crontab file
Command:
sudo crontab -e
Step 6: Using cron jobs we will schedule the backup for every minute
Command:
*****sudo tar –cvzpf /home/chamu/backupfolder/minutevbackup.tar.gz /var/www/html/index.html
*****sudo scp /home/chamu/backupfolder/minutevbackup.tar.gz chamu@192.168.x.x:
MAIL SERVER:
Mail server is a network component which helps to also send e-mails to other domains other than our own. If mail server would not had been there in the network, we might just be able to send e-mails to people with our domain name. Through a mail server, a mail could be send out to everyone via internet. This service is very useful for communication within and outside your domain network.
Step 1: Update the Ubuntu OS with packages
Command:
sudo apt-get update
sudo apt-get update -–fix-missing
Step 2: Install all the packages along with Postfix and Dovecot which are required
Command:
sudo apt-get install bind9 dnsutils apache2 php5 postfix dovecot-common dovecot-imapd dovecot-pop3d squirrelmail mailutils
Step 3: Change the directory to /etc/bind and open named.conf.local file
Command:
sudo nano named.conf.local
Step 4: Add zones to the named.conf.local file
Command:
zone “linux.com” {
type master;
file “/etc/bind/db.linux”;
};
zone “0.168.192.in-addr.arpa” {
type master;
file “/etc/bind/db.192”;
};
Step 5: Copy content of file db.local to db.linux
Command:
cp db.local db.linux
Step 6: Copy content of db.127 to db.192
Command:
cp db.127 db.192
Step 7: Open db.linux file
Command:
nano db.linux
Step 8: Edit db.linux file
Command:
Change localhost. to ns.linux.com.
Change root.localhost. to root.linux.com.
Add
@ IN NS ns.linux.com.
@ IN A 192.168.0.1
ns IN A 192.168.0.1
IN MX 10 mail.linux.com.
www IN CNAME ns
mail IN CNAME ns
Step 9: Open db.192 file
Command:
nano db.192
Step 10: Edit db.192 file
Command:
Change localhost. to ns.linux.com.
Change root.localhost. to root.linux.com.
Change 1.0.0 to 1
Step 11: Disconnect net and restart bind
Command:
invoke-rc.d bind9 restart
Step 12: Do a nslookup for mail we created
Command:
nslookup mail.linux.com
Step 13: Dig that mail
Command:
dig mail.linux.com
Step 14: change the directory to /etc/apache2/sites-available/
Command:
cd /etc/apache2/sites-available/
Step 15: Copy content in 000-default.conf to mail.conf
Command:
cp 000-default.conf mail.conf
Step 16: Open mail.conf file
Command:
sudo nano mail.conf
Step 17: Edit mail.conf file
Command:
Add ServerName mail.linux.com
Change DocumentRoot to /usr/share/squirrelmail
Step 18: Ensite the mail
Command:
a2ensite mail
Step 19: Restart apache
Command:
invoke-rc.d apache2 restart
Step 20: Reconfiguring postfix
Command:
dpkg-reconfigure postfix
Step 21: Open apache.conf file in /etc/squirrelmail/
Command:
sudo nano /etc/squirrelmail/apache.conf
Step 22: Edit apache.conf file
Command:
Uncomment the DocumentRoot and ServerName
Also change ServerName to mail.linux.com
Step 23: Open dovecot.conf file in /etc/dovecot/
Command:
sudo nano /etc/dovecot/dovecot.conf
Step 24: Edit dovecot.conf file
Command:
Protocols = imap pop3
#disable-plaintext_auth = no
mail_location = mbox:~/mail: INBOX=/var/mail/%u
mail_location = maildir:~/Maildir
Step 25: Kill all the processes
Command:
killall named
killall apache2
killall dovecot
Step 26: Set the static IP address for the server
Command:
ifconfig eth0 192.168.0.1 netmask 255.255.255.0
ifconfig eth0 up
Step 27: Restart bind, apache, postfix and dovecot
Command:
invoke-rc.d bind9 restart
invoke-rc.d apache2 restart
invoke-rc.d postfix restart
invoke-rc.d dovecot restart
Step 28: Addusers
Command:
adduser linux1
adduser linux2
NFS (NETWORK FILE SYSTEM):
It is a file system protocol which is of distributed type. A client can share or access files over the network such as it is stored locally. Thus, a client will be able to have access to every file available in its network only like it has been saved by itself. This protocol improves the interactive capabilities for the host and the entire network.
Step 1: Install the NFS server
Command:
sudo apt-get install nfs-kernel-server
Step 2: Create directory which we need to share with client
Command:
sudo mkdir /home/prashi/sharedir
Step 3: Providing permissions for client to access the NFS share (i.e., mkdir public to all)
Command:
sudo chmod 777 /sharedir
Step 4: Open the user file
Command:
sudo chmod 777 /home/prashi
Step 5: Open the export file having network address
Command:
sudo nano /etc/exports
Step 6: Edit export file
Command:
Write the following command
/home/prashi/sharedir 192.168.85.0/10
Step 7: Do an exportfs command
Command:
exportfs
Step 8: At client end, make directory test to share the file of the server
Command:
mkdir test
Step 9: Making the test directory read and write
Command:
ls –a test
Step 10: Mounting the servers directory on to test
Command:
sudo mount –t nfs 192.168.85.135 /home/prashi/sharedir test
NTP (NETWORK TIME PROTOCOL):
Step 1: Install ntp and ntpdate
Command:
sudo apt-get install ntp ntpdate
Step 2: Show the status of configured peers
Command:
ntpq –c lpeer
Step 3: Open ntp.conf file in /etc/
Command:
sudo nano /etc/ntp.conf
Step 4: Edit ntp.conf file
Command:
Change broadcast address 192.168.10.255
Step 5: Restart ntp server
Command:
sudo /etc/init.d/ntp/restart
Step 6: Show the status of configured peers and broadcast address should be added
Command:
ntpq –c lpeer
Step 7: Open client in new virtual machine and install ntp and ntpdate
Command:
sudo apt-get install ntp ntpdate
Step 8: Show the status of configured peers
Command:
ntpq –c lpeer
Step 9: Open ntp.conf file in /etc/
Command:
sudo nano /etc/ntp.conf
Step 10: Edit ntp.conf file
Command:
Add server 192.168.85.136
Step 11: Restart ntp server
Command:
sudo /etc/init.d/ntp/restart
Step 12: Show the status of configured peers and server IP address should be added
Command:
ntpq –c lpeer
VPN (VIRTUAL PRIVATE NETWORK):
VPN (Virtual Private Network)- Point to Point Tunneling Protocol (PPTP)
Step 1: Install pptpd package
Command:
sudo apt-get install pptpd
Step 2 : Open pptpd.conf file
Command:
sudo nano /etc/pptpd.conf
Step 3: Open pptpd-options
Command:
sudo /etc/ppp/pptpd-options
ms-dns 192.168.10.2
Step 4: Add details as specified below for authentication
Command:
sudo nano /etc/ppp/chap-secrets
TESTING:
• Connect all network components to a switch
• Do an –ifconfig –on client
• Client gets an IP address from DHCP server; within network range and subnet mask
• Client makes a HTTP request
• Request send to DNS for resolution
• DNS resolves the request, sends back a reply to client with associated IP/Hostname
• Subsequent HTTP request made to web server
• Web server fetches and replies back to client with associated HTTP page
REFERENCES:
[1] https://www.youtube.com/watch?v=hFe81mkO_uY
[2] http://mirrors.bieringer.de/Linux+IPv6-HOWTO/hints-daemons-isc-dhcp.html
[3] https://www.youtube.com/watch?v=DuVNclBfykw
[4] https://www.digitalocean.com/community/tutorials/how-to-set-up-ssh-keys--2
[5] https://www.digitalocean.com/community/tutorials/how-to-setup-a-firewall-with-ufw-on-an-ubuntu-and-debian-cloud-server
[6] https://help.ubuntu.com/community/SettingUpNFSHowTo
[7] https://help.ubuntu.com/community/BackupYourSystem
[8] https://help.ubuntu.com/12.04/serverguide/firewall.html
[9] https://vpnreviewer.com/how-to-install-vpn-server-pptp-debian-ubuntu-linux-vps
[10] http://whatismyipaddress.com/mail-server