Networking Hardware and

Configuration. Configuring
DNS
Networking Hardware and
Configuration. Configuring
DNS
• Configure network interfaces using command-line and graphical utilities
• Configuring DNS
• Set up a simple DHCP server
• Manage networked printing services
Configuring Linux Networking
• Learn more about
• Networking protocols
• Network configuration
Understanding Network Devices
in Linux
• Linux networking devices
• Not shown in /dev directory
• Do not “exist” on system until appropriate device driver installed in kernel
• Networking device
• Named channel over which network traffic can pass
• Device drivers for networking are kernel modules
• Kernel modules can be loaded or unloaded while Linux is running
• /dev/eth0
• First Ethernet card installed on system
• Media Access Control (MAC) address
• Unique address assigned by Ethernet card manufacturer
Understanding Network Devices
in Linux
• To obtain MAC address
• Host (switch) broadcasts message to entire network segment using Address
Resolution Protocol (ARP)
• Host with IP address responds directly to computer that sent ARP request
with MAC address
• Source host stores MAC address and IP address
• arp command
• Display ARP cache
• Mapping of IP addresses to hardware addresses
• Used mainly for troubleshooting network connectivity
• Refreshed frequently
Configuring Networking with Command-line
Utilities
• ifconfig command
• Set up network configuration in Linux kernel
• Parameters include:
• Network interface
• IP address assigned to interface
• Network mask
• Syntax
• ifconfig device ip_address netmask address broadcast address
• $ ifconfig eth0
• Packet
• Unit of data that network card transmits
• Broadcast address sends packet to all computers on same part of network
• Maximum transmission unit (MTU)
• Maximum size of packet interface supports
Configuring Networking with Command-line
Utilities
• View status of interface: ifconfig eth0
• Stop Ethernet interface: ifconfig eth0 down
• Start Ethernet interface: ifconfig eth0 up
• Routing table tells networking software where to send packets that are not part of local network
• A real example of configuring an Ethernet card at the command line might look like this:
• # ifconfig eth0 192.168 . 100.1 netmask 255.255.255.0 broadcast 192. 168.100.255
• route command
• View or configure routing table within kernel
• Executed at boot time when networking initialized
• Output information for addresses
• 192.168.100.0 (eth0 IP address)
• 127.0.0.0
• Other
Configuring Networking with Command-line
Utilities (continued)
Configuring Networking with Command-line
Utilities
• Route command output
• Destination – Ref
• Gateway – Use
• Genmask – Iface
• Flags
• Add route example:
• route add -net 192.168.100.0 netmask 255.255.255.0 dev eth0
• This command adds a default gateway route,
• # route add default gw 192.168.100.5
Configuring Networking with Command-line
Utilities
• service command
• Start or stop networking
• Relies on script /etc/rc.d/init.d/network
• /etc/sysconfig/networking/devices configuration directory
• Contains file for each network device
• ifcfg-eth0 file
• Used by /etc/rc.d/init.d/network script
• As it executes ifconfig and route commands
• To change the IP address or other networking parameters for your computer,
• you can simply change the information in /etc/sysconfig/network-scripts/ifcfg-eth0
• and then execute this command:
# service network restart
Configuring Networking with Command-line
Utilities
• ifup and ifdown scripts manage single interface, rather than all
network interfaces
• (instead of the service command)
• Better than using ifconfig command directly
• Looks at parameters and associated functionality needed to cleanly manage interface
• Example:
• # ./ifup eth0
• # ./ifdown eth0
• Some systems have two or more physical network devices
Configuring Networking with Command-line
Utilities
• IP forwarding
• Allows packets to be passed between network interfaces
• Required for any router
• To enable:
• # echo 1 > /proc/sys/net/ipv4/ip_forward
• Linux includes graphical utilities that set up and manage networking
Configuring Networking Using Graphical Tools
• system-config-network program
• Included with Red Hat Linux and Fedora
• Devices tab
• List of each Linux networking device
• Name and type of hardware driver
Configuring the DNS Resolver
• DNS
• Used to convert host and domain names into IP addresses
• Implemented by server that supports DNS
• Reverse DNS converts IP address to domain name
• Resolving
• Process of converting domain name to IP address or vice versa
• Resolver
• Client part of DNS
• Makes requests to DNS server
• Test by pinging another system using host name instead of IP address
• Configured by file /etc/resolv.conf
• Contains IP address of one or more DNS servers preceded by keyword nameserver
• Can include up to three DNS servers
Configuring the DNS Resolver
• Keyword
• Word to which program reading configuration file attaches special meaning
• Utilities for researching DNS problems:
• dnsquery – whois
• nslookup – host
• dig
• /etc/hosts file stores IP addresses and corresponding domain names
in text file on host
Configuring the DNS Resolver
• /etc/hosts file
• By default contains only host name localhost and own host’s name
• On small network:
• Create hosts file that contains each host and IP address of host
• Avoid need for DNS server
• Can have nonlocal domain names resolved by request to DNS server
• Configuring DNS resolver graphically uses system-config-network to
set up resolver
Configuring the DNS Resolver
Dynamic Routing with Routing Protocols
• Static routing
• Uses preconfigured routing table
• Not good choice for:
• Larger networks
• Unreliable connections
• Dynamic routing uses specialized routing protocol to build and modify
routing tables automatically
Dynamic Routing with Routing Protocols
•
Dynamic Routing with Routing Protocols
• Routing protocols divided into two categories
• Interior: designed for routing packets among networks under your control
• Exterior: designed for routing packets between networks controlled by
different organizations
• All routing protocols designed to exchange information among
routers
• Routing Information Protocol (RIP)
• Interior routing protocol
• Oldest routing protocol still in common use
• Implemented in Linux using routed daemon
• Easy to configure and run
• Choice of most network administrators
Dynamic Routing with Routing Protocols
• Open Shortest Path First (OSPF) protocol
• Interior routing protocol
• Designed to work effectively even in very large networks
• Uses technique called flooding
• router running OSPF periodlically floods the network with everything it knows about its
neighboring hosts.
• Other OSPF routers see information coming from other routers and use this data to intelligently
construct a "chart" inside the router that defines the best way to reach the various networks.
• Few Linux network administrators use it
• Implemented using gated daemon
• Border Gateway Protocol (BGP)
• Designed for routing between major national networks
• Supported by gated daemon
Configuring a DHCP Server
• DHCP server installed by default on many Linux systems
• /etc/dhcpd.conf file
• Configuration for DHCP
• Instructs DHCP server which IP address ranges are available for DHCP clients
• Once you have the DHCP server configured, you can start it using the standard script in
/etc/rc.d/init.d
• or run this command:
• # service dhcpd start
• When client requests IP address :
• DHCP server leases address to client for specified time
• At end of lease client must request new IP address
• Whole arrangement transparent to user on client host
• DHCP client can run on any operating system
Networked Printing Services
• Linux includes network printing capabilities
Using Traditional Linux Printing: LPRng
• Traditional Linux printing system
• Based on BSD version of UNIX
• Allows multiple users to print files at same
time to:
• Local printer
• Networked printers
• Print queues
• System administrator must define printers
• Printer definitions describe type of printer and features to be used
Using Traditional Linux Printing: LPRng
• Printing file in LPRng system
• Application submits file to be printed (print job)
• Print job processed by print filter converts information from Linux application
into formatting codes to produce desired output
• Printing utility stores print job in print spool directory
• Default directory /var/spool/lpd
• Lpd print server program keeps track of all print jobs in all print queues on
system
• Correlation between print queue and physical printer not always one to one
• Linux print filter
• Same as printer driver in other operating systems
• Converts documents or images into format that printer can use
Using Traditional Linux Printing: LPRng
Using Traditional Linux Printing: LPRng
• Page description language
• Special set of codes
• Determine graphic elements, text font, and everything else about what appears on printed
page
• Most widely used:
• PostScript
• Printer Control Language (PCL)
• Magic filter
• Can convert documents for many different printers
• Convenient to support hundreds of printers
• Doesn’t allow Linux to use specialized features of each printer
• Script /usr/share/printconf/util/mf_wrapper
• Main print filter in Red Hat Linux and Fedora
• Starts magicfilter-t program
• Uses several other programs in conversion process
Using Traditional Linux Printing: LPRng
• Configuring local printer definitions
• Each LPRng printer definition created as print queue entry in /etc/printcap
configuration file
• Uses complex format
• Must provide appropriate Linux device name
• Parallel ports use device name lp followed by device number
• Serial ports use name ttyS followed by device number
Printing Remotely Using LPRng
• Define printer on system that refers to remote computer and print
queue on remote system
• Key options in configuration file
• rm remote system specified
• rp remote print queue specified
• Once print job has been sent to remote system using lpd, user has no
direct control over it
Understanding the Common UNIX Printing
System (CUPS)
• Provides new architecture for Linux printing
• Users browse network to find and print to networked printers and
other devices
• System administrators manage printer definitions and print jobs
across network
• Installed by default in Red Hat Linux and Fedora
• cupsd
• Main print server daemon
Understanding the Common UNIX Printing
System (CUPS)
• cupsd print server daemon
• Uses HTTP protocol
• Manages printers using web browser interface
• CUPS architecture uses network port 631
• Start CUPS user interface
• http//localhost:631/
• /etc/cups/cupsd.conf file specifies setting for each active server
option
Understanding the Common UNIX Printing
System (CUPS)
Understanding the Common UNIX Printing
System (CUPS)
• Many printers are configured using PostScript Printer Description
(PPD) file
• Manufacturers can easily create text-based configuration file
• Permits printer to be graphically configured using standard utilities
• CUPS class
• Group of printers to which user can submit print job
• First available printer within used to print job
Managing Printing
• Printing policy
• Brief statement of rules describing:
• How printing resources can be used
• How printers should be managed
• lpc utility controls LPRng or CUPS printing
• Alternatives printing system
• Maps print command to different programs
• Based on which printing system in use
Managing Printing
• Alternatives command
• lpr command and lpc command
• Symbolic links
• Using lpc
• Prevent new print jobs from being accepted by print queue
• Prevent print jobs from being sent to printer
• Cancel print job currently being printed
• See status of any printer
• lpq utility lists each print job in print queue with status information
• lprm command deletes print job from queue
• Graphical print management utilities
• Print Manager
Configuring Linux Mail
Servers
Configuring a Mail Server

• Identify key elements in the Linux e-mail architecture

• Describe how MTAs and MUAs are used in the Linux mail system
• Configure a mail server in YaST
Introduction to the Linux Mail System
• E-mail predates the Internet
• Today, e-mail is the most widely used Internet service
• OpenSUSE includes sophisticated e-mail programs
• Such as Evolution and Kmail
• In Linux environment, e-mail is modular
• A separate program is used to manage each function
Introduction to the Linux Mail System

Figure 12-1 The Linux e-mail architecture

© Cengage Learning 2013
Introduction to the Linux Mail System
• Two main types of programs typically used on a Linux e-mail server:
• Mail transfer agent (MTA)
• A program for receiving and delivering messages via Simple Mail Transfer Protocol
• In Linux, the MTA is often Postfix or sendmail
• Mail user agent (MUA)
• An e-mail program that enables users to access their mailboxes for reading and sending
electronic messages
• Examples: Evolution, KMail, command-line utility mail
• Simple Mail Transfer Protocol (SMTP)
• TCP/IP protocol that defines how e-mail is sent across the network
• Postfix
• Default MTA in openSUSE
Introduction to the Linux Mail System
• When MTA receives the message from MUA:
• It determines whether the message is intended for a recipient on local
domain or a recipient on another domain
• If it’s on the local domain (example.com):
• MTA saves the message in local machine’s message store until the recipient reads it
• For a recipient on another domain:
• MTA sends the message via SMTP to a remote MTA
Mail Transfer Agents
• MTA
• Actual mail server
• Responsible for:
• Receiving e-mails from local users
• Forwarding them to a local message store or a remote MTA
• Messages are transferred from the local message store to users via mail delivery agent (MDA)
• Protocols which can be used for the transfer:
• Post Office Protocol (POP3)
• Internet Message Access Protocol (IMAP)
• Process of an MTA sending messages not belonging to local domain to a remote MTA isn’t
automatic
• Your domain’s DNS settings must be configured correctly
• MTA needs to be able to establish a connection with the remote MTA
Sendmail
• Sendmail
• Most widely used MTA on UNIX/Linux systems
• Not the preferred MTA on openSUSE Linux systems
• Postfix
• Preferred MTA
• Ease of configuration, reliability, and security
• In most organizations, employees need to send e-mail to many other domains
• You can edit Sendmail configuration file to:
• Change the MTA behavior to allow multiple domains
• Set rules, such as message filters
• Sendmail is a large program compared with other mail programs
• It performs all MTA functions
Qmail
• Written by Dan Bernstein
• A fast, modular MTA
• Lightweight, secure, and reliable
• Designed with security and ease of use in mind
• Easier to configure
• Such as allowing multiple domains
• Multiple modules handle qmail’s MTA functions
• Each no bigger than 30 KB
Postfix
• Developed by Wietse Venema
• Default MTA package on openSUSE Linux systems
• Designed as a modular MTA
• Easier to configure, and more reliable and secure than sendmail
• Its modular design enhances security
• Each module has its own set of permissions to follow the guideline of least
privileges
Mail User Agents
• MUA
• An e-mail program that enables users to send and read messages stored in their mailboxes
• In the Linux e-mail system:
• Each user has a local mailbox
• Local MTAs send messages to users’ mailboxes
• MUA doesn’t actually receive messages
• It allows users to read messages that have already been placed in mailboxes
• MUAs can store messages in one of two ways
• Method 1
• Messages are stored on users’ computers
• Frees up space on the server
• Method 2
• Messages are stored on the mail server
• Users can access them from any computer on the local domain
Mail Server Configuration
• Configuration procedures differ depending on the Linux distribution
• With openSUSE Linux, you can use a mail server configuration utility
in YaST Control Center to perform configuration tasks, including:
• Enable virus scanning
• Define the type of network connection MTA uses to determine how e-mail is
delivered
• Configure an outbound mail server that’s used if you have a dial-up
connection or aren’t connected to the Internet
Mail Server Configuration
• Define masquerade name for outgoing e-mail
• Useful for companies that prefer using a more professional name than actual mail server
name
• Configure incoming mail options, such as:
• Firewall settings
• Root mailbox account
• Whether to accept mail from remote servers
• Local alias accounts
• Virtual domains
The Mail Server Configuration Wizard
• Root user can start Mail Server Configuration Wizard
• yast2 mail command is used to start wizard
• Following sections describe the steps in wizard
General Settings
• Can use General Settings window to specify network connection type
• Determines how MTA delivers messages
• Default option is “Permanent”
• Selecting this option allows Postfix (the MTA) to send messages in real time as they’re
created
General Settings
• Dial-up option
• For Linux machines that connect to the Internet via a dial-up connection
• Forces users to queue outbound mail server manually when they’re ready to send or
receive messages
• Example:
• To e-mail a user on a remote computer, you must use sendmail -q command after sending
your message
• “No connection” option
• For Linux machines that don’t have access to the Internet
• Users with this option can e-mail each other only on local machines
• Can also use General Settings window to enable virus scanning with
AMaViS program
• AMaViS stands for A Mail Virus Scanner
Outgoing Mail
• Outgoing Mail window is used to configure dial-up connections by:
• Adding your ISP’s SMTP server, such as smtp.provider.com
• Clicking Authentication button to enter authentication credentials
• MTAs can send messages to remote MTAs
• If your mail server is connected to the Internet, you can leave outgoing mail server entry
blank
• When you send e-mails, your full computer name is used in the name field
• Example:
• john@linux-001.example.com
• Most companies prefer to have the organization name displayed
• To do this:
• Click the Masquerading button
• Set a display name for each user on the network
Outgoing Mail
Incoming Mail
• Accept remote SMTP connections option
• This check box is disabled if:
• If your computer isn’t directly connected to the Internet
• You have a dial-up connection
• Select this option if:
• If you’re connected to the Internet directly
• If you select this option, you must configure firewall settings
• Need to select Open Port in Firewall check box
Incoming Mail
Incoming Mail
• Downloading section
• If a company hosts e-mail on a server that isn’t connected directly to its
networks:
• Enter remote server’s credentials in Downloading section
• Protocols that can be used to transfer e-mail from a remote MTA:
• POP3—Post Office Protocol 3 (POP3)
• IMAP—Internet Message Access Protocol (IMAP)
• “Forward root’s mail to” text box
• Root user account has full access to all Linux machines on a network
• Logging in to mail server as a regular user with limited permissions is
recommended
• You can redirect system e-mails to your regular user account by entering your
username in “Forward root’s mail to” text box
Incoming Mail
• Delivery Mode drop-down list
• Options
• Directly
• Through procmail
• To Cyrus IMAP Server
• Aliases button
• Used for redirecting e-mail to a different local user or a list of local users
• Virtual domains button
• Used to create an alias for your domain name
• If you selected masquerading option in Outgoing Mail window:
• You should configure a domain alias
• Activity 12-2: Configuring a Mail Server
• Configure a mail server to send e-mail from a user on one computer to a user on another
computer