Chapter Four

Network Management
 TCP/IP Networking
 This protocol suite consists of a large collection of protocols.
 TCP/IP, the protocol on which the Internet is built, is actually not a single
protocol but rather an entire suite of related protocols.
 The TCP/IP suite is based on a four-layer model of networking that is
similar to the seven-layer OSI model.
 The lowest layer of the model, the Network Interface layer, corresponds to
the OSI model’s Physical and Data Link layers.
 TCP/IP can run over a wide variety of Network Interface layer protocols,
including Ethernet, as well as other protocols, such as Token Ring and FDDI
(an older standard for fiber-optic networks).
 Cont…

 The Application layer of the TCP/IP model corresponds to the upper three layers of
the OSI model that is, the
 Session,
 Presentation, and
 Application layers
 Many protocols can be used at this level. A few of the most popular are HTTP, FTP,
Telnet, SMTP, DNS, and SNMP.
 The three most important protocols in the TCP/IP suite: IP, TCP, and UDP.
 The Process/Application layer defines protocols for
 node-to-node application communication and also
 controls user-interface specifications.
 The transport (Host-to-Host) layer parallels the functions of the OSI’s Transport
layer, defining protocols for setting up the level of transmission service for
applications.
 The Internet layer corresponds to the OSI’s Network layer, designating the
protocols relating to the logical transmission of packets over the entire network.
 The equivalent of the Data Link and Physical layers of the OSI model, the
Network Interface (Network Access) layer oversees hardware addressing and
defines protocols for the physical transmission of data.
 Protocols in Application layer
 Telnet - allows a user on a remote client machine, called the Telnet client, to access the
resources of another machine, the Telnet server.
Telnet makes client machine appear as though it were a terminal directly attached to the
server.
 File Transfer Protocol (FTP) - is the protocol that actually lets us transfer files, and it
can accomplish this between any two machines using it.
 Usually users are subjected to authentication
 Network File System (NFS) - a protocol specializing in file sharing allowing two
different types of file systems to interoperate.
 Simple Mail Transfer Protocol (SMTP) - uses a spooled, or queued method of mail
delivery.
 POP3 is used to receive mail
 Simple Network Management Protocol (SNMP) -collects and manipulates valuable
network information.
 This protocol stands as a watchdog over the network, quickly notifying managers of
any sudden turn of events.
 Domain Name Service (DNS) – resolves hostnames specifically, Internet names, such
as www.u.edu.et to the IP address 172.16.16.20
 Dynamic Host Configuration Protocol (DHCP) - gives IP addresses to hosts. It
allows easier administration and works well in small-to-even-very large network
environments.
 Transport layer
 Transmission Control Protocol (TCP) - takes large blocks of information
from an application and breaks them into segments.
 It numbers and sequences each segment so that the destination’s TCP
protocol can put the segments back into the order the application
intended.
 Uses three way handshaking and it is connection-oriented Protocol
 User Datagram Protocol (UDP) - does not sequence the segments and
does not care in which order the segments arrive at the destination.
 But after that, UDP sends the segments off and forgets about them.
 It doesn’t follow through, check up on them, or even allow for an
acknowledgment of safe arrival complete abandonment.
 It is connectionless Protocol
 TCP for reliability and UDP for faster transfers.
 Port Numbers

 TCP and UDP must use port numbers to communicate with the upper layers, because
they’re what keeps track of different conversations crossing the network simultaneously.
 These port numbers identify the source and destination application or process in the TCP
segment.
 There are 2^16 = 65536 ports available.
 Well-known ports - The port numbers range from 0 to 1023.
 Registered ports - The port numbers range from 1024 to 49151.
 Registered ports are used by applications or services that need to have consistent port
assignments.
 Dynamic or private ports - The port numbers range from 49152 to
 65535.
 These ports are not assigned to any protocol or service in particular and can be used for
any service or application.
 If a port is closed/blocked, you cannot communicate with the computer by the protocol
using that port.
 Eg. If port 25 is blocked you cannot send mail.
 Firewalls by default block all ports.
 You should know the port numbers of different protocols!!
Cont…
 The Internet Protocol
 Internet Protocol (IP)-essentially is the Internet layer.
 The other protocols found here merely exist to support it.
 It can do this because all the machines on the network have a software,
or logical, address called an IP address.
 IP supports the following services:
 one-to-one (unicast)
 one-to-all (broadcast)
 one-to-several (multicast)

• IP multicast also supports a many-to-many service.

• IP multicast requires support of other protocols (IGMP (Internet Group
Management Protocol), multicast routing)
 Cont…
 Internet Control Message Protocol (ICMP)-works at the Network layer and is
used by IP for many different services.
 ICMP is a management protocol and messaging service provider for IP.
The following are some common events and messages that ICMP relates to:
 Destination Unreachable :If a router can’t send an IP datagram any further,
it uses ICMP to send a message back to the sender, advising it of the
situation.
 Buffer Full :If a router’s memory buffer for receiving incoming datagrams
is full, it will use ICMP to send out this message until the congestion abates.
 Hops: Each IP datagram is allotted a certain number of routers, called hops,
to pass through.
 If it reaches its limit of hops before arriving at its destination, the last router
to receive that datagram deletes it. The executioner router then uses ICMP to
send an obituary message, informing the sending machine of the demise of
its datagram.
 Ping:(Packet Internet Groper) uses ICMP echo messages to check the
physical and logical connectivity of machines on a network.
 Traceroute :Using ICMP timeouts, Traceroute is used to discover the path a
packet takes as it traverses an internetwork.
 Cont…
 Address Resolution Protocol (ARP) -finds the hardware address of
a host from a known IP address.
ARP interrogates the local network by sending out a broadcast asking
the machine with the specified IP address to reply with its hardware
address.
 Reverse Address Resolution Protocol (RARP)-discovers the identity
of the IP address for diskless machines by sending out a packet that
includes its MAC address and a request for the IP address assigned
to that MAC address.
 A designated machine, called a RARP server, responds with the
answer, and the identity crisis is over.
 Cont…
 IP addresses are divided into 5 classes, each of which is designated with the
alphabetic letters A to E.
 Class D addresses are used for multicasting.
 Class E addresses are reserved for testing & some mysterious future use.
The 5 IP classes are split up based on the value in the 1st octet:

The first few bits indicate the class of an address

Cont….
 Class A networks ( /8 )

 Have 8 bit network prefix starting with o, 7 bit network number, followed
by 24 bit host number.
 A maximum of 126 (2 ^7-2) /8 networks can be defined.
 All zeros (00000000) is reserved for default route, & 127 is reserved for the
“loopback” (01111111).
 Each network supports a maximum of 16,777,214(2 ^ 24-2) hosts.
 All zeros “for this network” and all ones for broadcast number in each
network.
 IPV4 address space is 2 ^ 32 = 4,294,967,296 addresses.
 Class A’s individual addresses = 2 ^ 31= 2,147,483,648 which is 50 percent
of IPV4 unicast address space.
Class B networks ( /16 )
 Has 16 bit network prefix starting with 10.
 14 bit network number & 16 bit host number.
 A maximum of 2 ^ 14= 16,384 networks can be defined.
 2 ^ 16-2= 65,534 hosts per network.
 Class B individual addresses= 2 ^ 30 =1,073,741,842 .
 Is 25 percent of the total IPV4 unicast address space.
 Class C networks ( /24 )
 Each network address has a 24 bit network prefix.
 Starts with 110 and 21 bit network number.
 A maximum of 2 ^ 21= 2,097,152 networks can be defined with up to 2
^ 8-2 = 254 hosts per network.
 Class C’s individual addresses is 2 ^ 29 = 536,870,912.
 This represents 12.5 percent of the total IPV4 unicast address spaces.
 Class D address starts with 1110 (for multicast addressing purposes).
 Class E address starts with 1111 (reserved for research and future use).
Dotted decimal notation
• Was devised to make Internet addresses easier for people to read and
write.
• Shorthand for IP addresses.
• Allows humans to avoid binary.
• Represents each byte in decimal separating by dots.
• Four decimal values per 32 bit addresses.
 Sub netting

• Is a procedure for dividing a single class A, B, or C network number into

smaller pieces.
• Invented in 1985.
• Goal is to:
• extend address space, and prevent address exhaustion of IPV4.
• Control the growth of Internet routing tables.
• Avoid or minimize the local network administrators request to other
Internet addresses for every new networks in an organization.
• Instead of the class-ful two-level hierarchy, sub netting supports a three
level hierarchy.
• Two level class-full hierarchy
• Three level subnet hierarchy
 Extended network prefix
• Is composed of the class ful network prefix and the subnet number.
• Internet routers use only the network prefix of destination address.
• Routers in sub netted environment use the extended network prefix to route traffic
between individual subnets.
IP address = 130.5.5.25/24 (24 bit extended network prefix).
10000010.00000101.00000101.00011001
network prefix subnet # host #
10000010.00000101.00000101.00011001
24 bit extended network prefix8 bit host #
Subnet mask
• Identifies how much of the address spaces are used for the network and for the host.
• Accompanies IP addresses. 32 bit binary value.
• Identifies Prefix / suffix boundary.
– 1 bits cover prefix
– 0 bits cover suffix
• 10000010.00000101.00000101.00011001= 130.5.5.25/24
• 11111111.11111111.11111111.00000000 = 255.255.255.0
Subnet mask host #
Default subnet mask for class A = 255.0.0.0
Default subnet mask for class B = 255.255.0.0
Default subnet mask for class C = 255.255.255.0
 Subnet design
 Four key points taken into consideration:
 How many total subnets does the organization need today?
 How many total subnets will the organization need in the future?
 How many hosts are on the organization’s largest subnet today?
 How many hosts will there be on the organization’s largest subnet in the future?
 It is to take the maximum number of subnets required and round up to the nearest power of two.
 To ensure that there are enough host addresses for the organization’s largest subnet.
Subnet example
An organization is assigned a network number 193.1.1.0/24 and it needs to define six subnets. The
largest subnet is required to support 25 hosts. How can you define the extended network prefix, the
subnet mask, the subnets and hosts?
Solution:
For six subnets 2 ^ 3= 8 subnets (2 reserved for future use)
For 25 hosts 2 ^ 5= 32 hosts. But all 0s and 1s host addresses can not be allocated. Therefore, there
are (2 ^ 5)-2= 30 host addresses on each subnet.
As 193.1.1.0/24 is a class C address, its network prefix is /24.
But, it needs to use 8 subnets and need three more bits /27.
193.1.1.0 = 11000001.00000001.00000001.00000000 /24
193.1.1.0 = 11000001.00000001.00000001.00000000 /27 E.N.P.
255.255.255.224= 11111111.11111111.11111111.11100000/27 is
Subnet mask.
 Subnet number definition

 The eight subnets will be numbered 0 through 7.

 The 3 bit binary values for subnet are:
000= 0, 001= 1, 010= 2, 011= 3, 100= 4, 101= 5, 110= 6, and 111= 7.
 The eight subnet numbers can be listed as follows:
Base net: 11000001.00000001.00000001.00000000= 193.1.1.0/24
Subnet#0: 11000001.00000001.00000001.00000000= 193.1.1.0/27
Subnet#1: 11000001.00000001.00000001.00100000= 193.1.1.32/27
Subnet#2: 11000001.00000001.00000001.01000000= 193.1.1.64/27
Subnet#3: 11000001.00000001.00000001.01100000= 193.1.1.96/27
Subnet#4: 11000001.00000001.00000001.10000000=193.1.1.128/27
Subnet#5: 11000001.00000001.00000001.10100000=193.1.1.160/27
Subnet#6: 11000001.00000001.00000001.11000000= 193.1.1.192/27
Subnet#7: 11000001.00000001.00000001.11100000= 193.1.1.224/27
All subnets have to be multiples of subnet # 1 (32 in this case).
 Host addresses for each subnet
• The host number field of IP addresses can’t contain all zero bits and all one bits.
• All zeros identify base network or subnet.
• All ones represent the broadcast address for the subnet.
• In our example, each subnet represents a block of 30 host addresses (2 ^ 5)-2.
• A valid host addresses for subnet # 1 is:
• Host #1: 11000001.00000001.00000001.00100001 = 193.1.1.33/27
• Host #2: 11000001.00000001.00000001.00100010 = 193.1.1.34/27
• Host #3: 11000001.00000001.00000001.00100011 = 193.1.1.35/27
• Host #4: 11000001.00000001.00000001.00100100 = 193.1.1.36/27
• Host #5: 11000001.00000001.00000001.00100101 = 193.1.1.37/27
• Host #6: 11000001.00000001.00000001.00100110 = 193.1.1.38/27
• Host #7: 11000001.00000001.00000001.00100111 = 193.1.1.39/27
–.
–.
–.
• Host#30: 11000001.00000001.00000001.00111110 = 193.1.1.62/27
• All ones: 11000001.00000001.00000001.00111111 = 193.1.1.63/27 is a
broadcast address for subnet # 1, which is always one less than address of
subnet #2.
 Variable Length Subnet Mask (VLSM)

• VLSM is a technique where subnetting is performed several times to allow a network to

be divided into a hierarchy of subnetworks that vary in size,
• This allows an organization to much better match the size of it’s subnetes to the
requirements of it’s networks.
• Consider a company with class C address 201.45.22.0/24, with six subnetworks:
– S1, S2, S3 and S4 have only 10 hosts each.
– S5 has 60 hosts and
– S6 has 100 hosts.
We use VLSM for the different subnets.
• First we borrow one bit for subnet and use the remaining 7 bits for hosts.
• We can create 2 subnets having 126 hosts each :
• 201.45.22.0/25 and
• 201.45.22.128/25
• The first subnet can be used for S6 with 100 hosts.
• Take 201.45.22.128/25 and create 2 subnets each with 62 hosts.
• 201.45.22.128/26 and
• 201.45.22.192/26
• Again we can use 201.45.22.128 for S5 for it’s 60 hosts.
 Cont…

 Take the second subnet 201.45.22.192/26 and

further subnet it into 4 sub subnets each with 14
hosts for S1, S2, S3 and S4.
 201.45.22.192/28
 201.45.22.208/28
 201.45.22.224/28
 201.45.22.240/28
 Classless Inter domain Routing (CIDR

 CIDR is a system of IP addressing and routing that solves the many problems
of classful addressing by eliminating fixed address classes in favor of a
flexible, hierarchical multiple level structure of networks of varying sizes.
 Advantages of CIDR:
 Efficient address space allocation
 Elimination of class imbalances
 Efficient routing entries
 No separate subnetting method.
 Since there are no address classes in CIDR, one can not tell the size of the
network ID of an address from the address alone.
 IN CIDR the length of the network ID (prefix) is indicating by placing it
following a slash after the address.
 This is called CIDR notation or slash notation.
 Example: 184.13.152.0/22. the “22” means this network has 22 bits for the
network ID and 10 bits for host address.
 Its subnet mask is 255.255.252.0 and has a total of 1022 (2 ^ 10 – 2) hosts.
 Cont…

 Example:
 A middle size ISP has assigned an address 71.94.0.0/15, means
15 bits network ID and 17 bits host address.
 It was assigned from a large size ISP
 71.94.0.0/15 equals to half of the address block 71.94.0.0/14,
and a quarter of the block 71.94.0.0/13 and so on.
 71.94.0.0/15 has 131,070 possible host addresses (2^17-2),
equals to 2 class B’s host addresses.
 It is possible to create 2 subnets using 1 bite from the host part
= 71.94.0.0/16 and 71.95.0.0/16, each with 2^16-2 (65534)
host addresses.
 Cont…

• Let us divide 71.95.0.0 into 4 sebnets taking further 2

bits from the host address part resulting:
• 71.95.0.0/18
• 71.95.64.0/18
• 71.95.128.0/18
• 71.95.192.0/18
• Each of these subnets have 2^14-2, (16,382) host
addresses.
• It is also possible to make one subnet further sub
divided.
• 71.95.64.0/23 can create 2^5= 32 subnets each with
2^9-2 (510)hosts. ETC.
 Configuring Linux network

• Some useful commands

– hostname
• Displays the name of the local system
– ifconfig
• Displays information about the network interfaces or configures them
– ping
• Performs a simple network connectivity test
– arp
• Displays or modifies the IP-to-MAC address translation tables
– netstat
• Displays various network usage statistics
– route
• Displays or modifies the static routing tables
– traceroute
• Determines the route to a specified target host
– Nslookup
• Determines IP address-to-hostname and other translations produced by the
Domain Name Service
•
 
 Cont…

• Configuring network interfaces

– Temporary IP assignment
• ifconfig
• studentgstudentServer:-S sudo ifconfig eth0 inet
1D.0.2.1 netmask 255.255.255.D
• studentgstudentseroer : -$ tfconft.g ethD
• ethD Ltnk encap: HHaddr DB : DD : 27 : BD : 46 : 69
• inet addr 1D.0.2.15 Bcast:10.0.2.255
Mask:255.255.255.D
• #ifconfig Io localhost up
– Loop back interface
– If hostname is used, it should be defined in /etc/hosts
• #ifconfig —a
– Shows status of all configured network interfaces
 Cont..

• Configuring network interfaces...

• Static IP assignment configuration
– Add the static method to the inet address family statement for the
appropriate interface in the file /etc/network/interfaces
– Example (contents of /etc/network/interfaces):
• auto eth0
• iface eth0 inet static address 10.0.0.100
• netmask 255.255.255.0
• gateway 10.0.0.1
– Start the interface
• $ sudo ifup eth0
– To disable the interface
• $ sudo ifdown eth0
– Dynamic IP assignment
• Use dhcp instead of static in /etc/network/interfaces and remove the entries below
 Cont…

/etc/hosts
– Used for name resolution
– Should contain at least two entries
• Loopback address
• The address the local system is known
• studentgstudentServer:-S cat /etc/hosts
In Linux, /etc/hosts is a file used by the operating system to translate
hostnames to IP-addresses. It is also called the 'hosts' file.
By adding lines to this file, we can map arbitrary hostnames to arbitrary IP-
addresses, which then we can use for testing websites locally.
• On Linux, you can find the hosts file under /etc/hosts.
• Since it's a plain text file, you can open the hosts file using your preferred
text editor.
• Since the hosts file is a system file, you'll need administrative rights to save
changes.
 Configuring a Linux Box as a Router
• On an IP network, two computers can communicate only if they
belong to the same IP subnet.
• If two computers belong to different IP subnets, they need a router to
connect.
• A router is a special device that not only provides IP forwarding as the
main function but also supports many other IP-based features such as;
packet filtering, voice over IP, IP firewall, etc.
• A router is an expensive device. Configuring it is also a complex task.
• If you have a Linux system and need only IP forwarding, you can use
it. Linux provides a zero-cost solution for IP forwarding.
• LAB setup
• We need a Linux system to configure the IP forwarding. We need two
more systems for testing.
• We will configure these systems in different IP subnets.
• We will use the Linux system to provide connectivity between both IP
subnets
 Cont…

• The following image shows this setup.

 Cont…
 On the Linux system, we need to configure two IP addresses.
 If you have two interfaces, you can configure one IP address on each.
 If you have only one interface, you can configure both IP addresses on it.
 Linux allows you to configure and use multiple IP addresses on the same
interface.
 To configure both IP addresses on the same interface, use the following
steps.
 Start the nmtui utility
 Select Edit a connection on the main screen
 Select the interface on the left pane and use the Edit option to open its
configuration
 Select the Manual method on the IPv4 configuration section
 Assign two IP addresses 192.168.1.1/24 and 172.168.1.1/18. To assign the
second IP address, use the Add button.
 Save the configuration and quit the nmtui utility
 The following image shows the above process.
Cont…
 Configuring a Web Server (Apache)

Apache is the web server that processes

requests and serves web assets and content via
HTTP.
MySQL is the database that stores all your
information in an easily queried format.
PHP is the programming language that works
with apache to help create dynamic web
content.
 Apache Configuration

• Main server configuration stored in

/etc/httpd/conf/httpd.conf
– controls general web server parameters,
regular virtual hosts, and access
defines filenames and mime-types
– Module configuration files stored in
/etc/httpd/conf.d/*
– DocumentRoot default
/var/www/html/
Service Profile: HTTPD
 Domain Name Service (DNS)
• A human legible name is
resolved to its numeric
network device address by
the DNS protocol
Cont.
 Cont..

• Resolves hostnames into IP addresses

(forward lookup)
• Resolves IP addresses into hostnames
(reverse lookup)
• Allows machines to be logically grouped
by name domains
• Provides email routing information
 DNS Message Format
• DNS server stores different types of resource records used to resolve names
• Contain the name, address, and type of record
• Record types are:
• A - an end device address
• NS - an authoritative name server
• CNAME - the canonical name for an alias; used when multiple services
have the single network address but each service has its own entry in
DNS
• MX - mail exchange record; maps a domain name to a list of mail
exchange servers
• Unable to resolve the name using its stored records, contacts other servers
• Server temporarily stores the numbered address that matches the name in
cache memory
• Windows ipconfig /displaydns displays all cached DNS
 Zones, Domains & Delegation
• A domain is a complete sub-tree of the hierarchical namespace
• A zone is the part of the domain managed by a particular server
• Subdomains may be delegated into additional zones
• A zone may directly manage some subdomains
Name Server Hierarchy
• Master name server
– Contains the master copy of data for a zone.
• Slave name server
– Provides a backup to the master name server
– All slave servers maintain synchronization with their master name server
The DNS Server
 Server receives request
 If server doesn't have answer, either asks root server or forwards request
 Response from upstream server may be final answer or referral to
another name server
 Berkeley Internet Name Domain (BIND)

• BIND is the most widely used DNS

server on the Internet
• Ubuntu & Red Hat Enterprise Linux uses
BIND 9
• Provides a stable and reliable
infrastructure on which to base a domain's
name and IP address associations
 Service Profile: DNS
 Type: System V-managed service
 Packages: bind, bind-utils
 Daemons: named, rndc
 Script: named
 Ports: 53 (domain), 953(rndc)
 Configs: /etc/named.conf,
 /var/named/*, /etc/rndc.*
 Related: caching-nameserver, openssl
Configuring BIND
 Default configuration file is /etc/named.conf
 Read by named (BIND daemon) during startup or service named reload
 Text-file specifying directives: zones, options, access control lists, etc.
 Comments can be in C, C++ or shell style
Configuring Mail Transfer Agents (Postfix)

• Typically use an application

called a Mail User Agent
(email client)
• Allows messages to be sent
• Places received messages into
the client's mailbox
• SMTP - Send email from either
a client or a server
• POP - Receive email messages
from an email server
• IMAP - Internet Message
Access Protocol
• Email client provides the
functionality of both protocols
within one application
Cont...
Cont…
• Simple Mail Transfer
Protocol (SMTP)
 transfers mail
 message must be formatted
properly
 SMTP processes must be
running on both the client and
server
 message header must have a
properly formatted recipient
email address and a sender
 uses port 25
Cont..
• Post Office Protocol (POP)
 enables a workstation to retrieve
mail from a mail server
 mail is downloaded from the
server to the client and then
deleted on the server
 uses port 110
 POP does not store messages
 POP3 is desirable for an ISP,
because it alleviates their
responsibility for managing large
amounts of storage for their email
servers
 Cont…

• Simple Mail Transfer Protocol (SMTP)

• Transfers mail reliably and efficiently
• Post Office Protocol (POP)
• Enables a workstation to retrieve mail from a mail server
• With POP, mail is downloaded from the server to the client
and then deleted on the server
• Internet Message Access Protocol (IMAP)
• Another protocol used to retrieves email messages
• Unlike POP, when the user connects to an IMAP-capable
server, copies of the messages are downloaded to the client
application
• Original messages are kept on the server until manually
deleted
 Configuring a Proxy Caches (Squid)
• Squid supports caching of FTP, HTTP, and
other data streams
• Squid will forward SSL requests directly to
origin servers or to one other proxy
• Squid includes advanced features
including access control lists, cache
hierarchies, and HTTP server acceleration
 Dynamic Host Configuration Protocol

 DHCP allows a host to obtain

an IP address dynamically
 DHCP server is contacted
and address requested -
chooses address from a
configured range of
addresses called a pool and
“leases” it to the host for a
set period
 DHCP used for general
purpose hosts such as end
user devices, and static
addressing is used for
network devices such as
gateways, switches, servers
and printers
• Configuration
• DHCP: Dynamic Host
Configuration Protocol,
implemented via dhcpd
• dhcpd provides services to both
DHCP and BOOTP clients
• Configure the server in
/etc/dhcpd.conf
• Sample configuration provided
under /usr/share/doc/dhcp-
<version>/
• There must be at least one subnet
block, and it must correspond with
configured interfaces.
 TCP/IP Troubleshooting: ping, traceroute, ifconfig, netstat,
ipconfig
• Identifying the problem
– Reboot the system and wait until the problem occurs
• Common step
• Most services are activated during the boot process
– Phases in boot process
• Hardware initialization
– Occurs during the Power On Self Test (POST)
– Performs a check to see if all devices can initialize properly
– If there are beeps, consult the server documentation
• Grub loading
– Accesses the boot device and reads the boot loader in MBR
– Has two important components

• Grub boot loader

• Partition table
– If there is an error at this stage, Grub error will be printed and kernel will not be loaded
 
 Cont…

– Phases in boot process...

• Kernel and initrd loading
– Loads the kernel itself and some drivers associated with the kernel
– If unable to load, you will see the message “kernel panic” or “kernel just stops loading”

• Reasons
– If you tried to recompile the kernel and failed
– If one of the parameters passed to Grub is wrong
– Failing kernel module
• Upstart
– Responsible for starting the init process and associated essential
services
– Messages related to Upstart are rarely seen
– If none of the services on the server can be initialized or errors
related to init indicate a problem related to Upstart
– Make sure that /etc/envent.d is readable
 Cont..

• Essential services
– Script execution
• Upstart => /etc/event.d => /etc/init.d => “/etc/runIeveI.d” => /etc/init.d (real services
that it should start)
– If one of the scripts at this stage fails, an error will be seen
– Example services

• service that loads file systems, SSH, ...

• Networking
– Nonessential service but important
– If networking fails, many other services will fail as well
– Started from /etc/init.d/networking
– If network is not working, check /etc/network/interfaces
• Nonessential services
– If one of the services fail, at this stage, the most likely problem is
a configuration error in the service script
 Cont…

• Common problems
• Grub errors
– Grub fails to load
– Errors
• Grub is completely wiped
• Grub error message
• Missing file error
– Solutions
• Reinstall Grub
• Load Grub manually and fix errors
• Helps to see exactly where the problem occurs
– No master boot record
• If no backup of the MBR, restoring requires that you first fix your partition table and then
restore Grub
• Creating backup of MBR
• dd if=/dev/sda of=/boot/mbr backup bs=512 count=1
• Repeat this command after every change you make to the partition table or Grub code
• Restoring MBR from a backup
• dd if=/boot/mbr backup of=/dev/sda bs=512 count=1
 Cont…

• Partition problems
– Two kinds of partition problems
• Complete partition table is lost
• Problem with the file system on a partition
– Complete partition table lost
• To recover a lost partition table, one needs to have
» Rescue CD
• Used to start the server
» gpart
– Used to find exact information about the beginning and end of the
partitions on the server’s hard disk

• gpart /dev/sda
– Once the beginning and end of partitions are found, use fdisk to re-
create the partitions
 Cont…
• Connectivity
– Troubleshooting outgoing connections
– Scenario
• Unable to get to any website
– View network interfaces
• Use ip command to see status of network interfaces
• When the interface is up, there would be an inet line showing the
IP address of the interface
• zp Ow
• I: lo: <LOOPBAEK,UP,LOWBR_UP> mtu 16436 qdisc noqueue state
UNKNOWN link/loopback 08:O0.66:00:60:00 brd BB:00:DO:0D:00.OD
• inet 127.0.0.l/B scope ho9t lo inet6 ::l/128 scope host
• valid_lft forever preferred_lft forever
• 2. etho. MNO-CARRIBR,BROADCAST,MULTIEAST,UP> mtu 1500
state DOWN qlen 1000 link/ether f0.de:fl.ZB:46:d9 brd fI.ff:II:fE:ff:ff