Chapter 5

Network Configuration Basics

Objectives:
 IPv4 vs IPv6 Addressing
Firewall configuration
Network Interface Configuration
Linux Network Troubleshooting
commands
Internet Architecture
Ambo University

• Two computers, anywhere in

the world, following certain
hardware, software, protocol
specifications, can
communicate, reliably even
when not directly connected.

• LANs are no longer scalable

beyond a certain number of
stations or geographic
separation.

2
Internet Addresses
Ambo University

IP Address as a 32-Bit Binary Number

3
IP Address Classes
Ambo University

4
IP Address Classes
Ambo University

5
Hosts for Classes of
IP Addresses
Ambo University

Class A (24 bits for hosts) 224 - 2* = 16,777,214 maximum hosts

Class B (16 bits for hosts) 216 - 2* = 65,534 maximum hosts
Class C (8 bits for hosts) 28 - 2* = 254 maximum hosts
*
Subtracting the network and broadcast reserved address

6
IPv4 Address Classes
Ambo University

Class D Addresses
• A Class D address begins with binary 1110 in the first octet.
• First octet range 224 to 239.
• Class D address can be used to represent a group of hosts called a
host group, or multicast group.

Class E Addresses

• First octet of an IP address begins with 1111

• First octet range 240 to 255.
• Class E addresses are reserved for experimental purposes and should
not be used for addressing hosts or multicast groups.
7
IP Addresses as Decimal Numbers
Ambo University

8
Network IDs and Broadcast Addresses
Ambo University

An IP address such as 176.10.0.0 that has all binary 0s in

the host bit positions is reserved for the network address.

An IP address such as 176.10.255.255 that has all binary 1s

in the host bit positions is reserved for the broadcast
address.

9
Private Addresses
Ambo University

• These addresses are called non-routable addresses.

10
Reserved Address Space
Ambo University

• Network ID
• Broadcast address
• Hosts for classes of IP addresses
• For Example: For the IP Address 192.168.0.1 with Subnet mask 255.255.255.0
– Network ID: 192.168.0.0
– Broadcast Address: 192.168.0.255
– Addresses for Hosts: 192.168.0.1 – 192.168.0.254

11
Subnetworks
Ambo University

To create a subnet address, a network administrator

borrows bits from the original host portion and
designates them as the subnet field.

12
Subnetworks
Ambo University

13
 Subnet Mask
Ambo University

• Determines which part of an IP address is the network field and which

part is the host field
• Follow these steps to determine the subnet mask:
– 1. Express the subnetwork IP address in binary form.
– 2. Replace the network and subnet portion of the address with all
1s.
– 3. Replace the host portion of the address with all 0s.
– 4. Convert the binary expression back to dotted-decimal notation.
• These days classless Inter Domain Routing (CIDR) is used because
subnetting with ordinary Class A, B, C is not adequate.

14
Subnet Mask
Ambo University

Subnet mask in decimal = 255.255.240.0

15
Range of Bits Needed to Create Subnets
Ambo University

16
Subnet Addresses
Ambo University

17
Determining Subnet Mask Size
Ambo University

Class B address with 8 bits borrowed for the subnet

130.5.2.144 (8 bits borrowed for subnetting) routes to subnet
130.5.2.0 rather than just to network 130.5.0.0.

18
Determining Subnet Mask Size
Ambo University

Class C address 197.15.22.131 with a subnet

mask of 255.255.255.224 (3 bits borrowed)

11000101 00001111 00010110 100 00011

Network Field SN Host Field

The address 197.15.22.131 would be on the

subnet 197.15.22.128.

19
Subnetting Example with AND Operation
Ambo University

20
IP Configuration on a Network Diagram
Ambo University

The router connects subnetworks and networks.

21
Subnet Example
Ambo University
Given the Class B address 190.52.0.0

Class B Network Network Host Host

Using /24
subnet... Network Network Subnet Host

Internet routers still “see” this net as 190.52.0.0

190.52.1.2 But internal routers think all

190.52.2.2 these addresses are on different
190.52.3.2 networks, called subnetworks

22
Subnet Example
Ambo University

Network Network Subnet Host

Using the 3rd octet, 190.52.0.0 was divided into:

190.52.1.0 190.52.2.0 190.52.3.0 190.52.4.0
190.52.5.0 190.52.6.0 190.52.7.0 190.52.8.0
190.52.9.0 190.52.10.0 190.52.11.0 190.52.12.0
190.52.13.0 190.52.14.0 190.52.15.0 190.52.16.0
190.52.17.0 190.52.18.0 190.52.19.0 and so on ...

23
 Subnet Example
Ambo University
Network address 190.52.0.0 with /16 network mask
Using Subnets: subnet mask 255.255.255.0 or /24

Network Network Subnet Host

190 52 0 Host Subnets

190 52 1 Host
190 52 2 Host
255
190 52 3 Host Subnets

190 52 Etc. Host 28 - 1

190 52 254 Host

Cannot use last
190 52 255 Host subnet as it
contains broadcast
address 24
 Subnet Example
Ambo University
Subnet 0 (all 0’s subnet) issue: The address of the subnet,
190.52.0.0/24 is the same address as the major network,
190.52.0.0/16.
Network Network Subnet Host

190 52 0 Host Subnets

190 52 1 Host
190 52 Etc. Host
255
190 52 254 Host Subnets
28 - 1
190 52 255 Host
Last subnet (all 1’s subnet) issue: The broadcast address for
the subnet, 190.52.255.255 is the same as the broadcast
address as the major network, 190.52.255.255. 25
Host Subnet Schemes
Ambo University

The number of lost IP addresses with a Class C network

depends on the number of bits borrowed for subnetting.

26
IP addressing crisis
Ambo University

• Address Depletion
• Internet Routing Table Explosion
27
IPv4 Addressing
Ambo University

Subnet Mask
• One solution to the IP address shortage was thought to be the
subnet mask.
• Formalized in 1985 (RFC 950), the subnet mask breaks a single
class A, B or C network in to smaller pieces.

28
Short Term Solutions: IPv4 Enhancements
Ambo University

• CIDR (Classless Inter-Domain Routing) – RFCs 1517,

1518, 1519, 1520
• VLSM (Variable Length Subnet Mask) – RFC 1009
• Private Addressing - RFC 1918
• NAT/PAT (Network Address Translation / Port Address
Translation) – RFC

29
IPv4 versus IPv6
Ambo University

• IP version 6 (IPv6) has been defined and developed.

• IPv6 uses 128 bits rather than the 32 bits currently used in IPv4.
• IPv6 uses hexadecimal numbers to represent the 128 bits.

IPv4

30
Long Term Solution: IPv6 (coming)
Ambo University

• IPv6, or IPng (IP – the Next Generation) uses a 128-bit address

space, yielding
340,282,366,920,938,463,463,374,607,431,768,211,456
possible addresses.
• IPv6 has been slow to arrive
• IPv4 revitalized by new features, making IPv6 a luxury, and not
a desperately needed fix
• IPv6 requires new software; IT staffs must be retrained
• IPv6 will most likely coexist with IPv4 for years to come.
• Some experts believe IPv4 will remain for more than 10 years.

31
Firewall and Its configuration (Linux)
Ambo University
• A firewall helps screen out malicious users, viruses, and
worms that try to access your network from the Internet.
• Firewalls can be hardware or software, and they help
prevent unauthorized access to your local area network
(LAN) from the Internet by blocking incoming network
traffic that is attempting to use a port that is not open.
• A firewall hides information on your LAN from the Internet,
such as computer names, network topology, and network
device types.
• A firewall can also log traffic to and from the LAN.

32
Firewall configuration….
Ambo University
• Firewall can be provided in three forms:
– Hardware firewall
– Server Software Firewall
– Client Software Firewall
• The Linux kernel includes the Netfilter subsystem, which is
used to manipulate or decide the fate of network traffic
headed into or through your server.
• Uncomplicated Firewall (ufw)
– The default firewall configuration tool for Ubuntu is ufw.
– ufw by default is initially disabled.

33
Firewall configuration…
Ambo University
• The following are some examples of how to use ufw:
– First, ufw needs to be enabled. From a terminal prompt
enter:
• sudo ufw enable
– To open a port (ssh in this example):
• sudo ufw allow 22
– Rules can also be added using a numbered format:
• sudo ufw insert 1 allow 80
– Similarly, to close an opened port:
• sudo ufw deny 22
– To remove a rule, use delete followed by the rule:
• sudo ufw delete deny 22
34
Firewall configuration…
Ambo University
• It is also possible to allow access from specific hosts or
networks to a port.
– The following example allows ssh access from host
192.168.0.2 to any ip address on this host:
• sudo ufw allow proto tcp from 192.168.0.2 to any port
22
– Replace 192.168.0.2 with 192.168.0.0/24 to allow ssh
access from the entire subnet.
– ufw can be disabled by:
• sudo ufw disable
– To see the firewall status, enter:
• sudo ufw status

35
Firewall configuration….
Ambo University
– And for more verbose status information use:
• sudo ufw status verbose
– To view the numbered format:
• sudo ufw status numbered

36
Network Interface Configuration (Linux)
Ambo University
• A linux box should have its NIC configured to
communicated on the network.
• This can be supplied by the DHCP Server dynamically or
supplied statically by the administrator
• For providing the static address the file
/etc/network/interfaces needs to edited:
– auto eth0
– iface eth0 inet static
– address 192.168.0.10
– netmask 255.255.255.0
– gateway 192.168.0.1
– network 192.168.0.0
– broadcast 192.168.0.255
37
NIC Configuration….
Ambo University
• The name resolution information needs to be provided on
the /etc/resolv.conf file
– nameserver 192.168.0.5
– nameserver 192.168.0.6
• Finally, the network service has to be started using one of
the following commands:
– service networking restart
– /etc/init.d/networking restart
– ifdown eth0 && ifup eth0

38
Network troubleshooting commands(Linux)
Ambo University
• ifconfig
– ifconfig (interface configurator) command is use to
initialize an interface, assign IP Address to interface
and enable or disable interface on demand.
– With this command you can view IP
Address and Hardware / MAC address assign to
interface and also MTU (Maximum transmission unit)
size.
– Example: ifconfig eth0
• ifconfig with interface (eth0) command only shows
specific interface details like IP Address, MAC
Address etc

39
Network troubleshooting…..
Ambo University
• Enable or Disable Specific Interface
– To enable or disable specific interfaces we use the
following commands respectively.
• ifup eth0 – enables eth0 interface
• ifdown eth0 – disables eth0 interface
• PING Command
– PING (Packet INternet Groper) command is the best
way to test connectivity between two nodes.
– Whether it is Local Area Network (LAN) or Wide Area
Network (WAN).
– Ping use ICMP (Internet Control Message Protocol) to
communicate to other devices.

40
Network troubleshooting…..
Ambo University
– You can ping host name of ip address using below
command.
• ping 192.168.0.1 – tests connectivity of the current
machine to machine 192.168.0.1
• traceroute command
– traceroute is a network troubleshooting utility which
shows number of hops taken to reach destination also
determine packets traveling path.
– Below we are tracing route to global DNS server IP
Address and able to reach destination also shows path
of that packet is traveling

41
Network troubleshooting…..
Ambo University

42
Network troubleshooting…..
Ambo University
• netstat command
– Netstat (Network Statistic) command display connection
info, routing table information etc.
– To displays routing table information use option as -r.

43
Network troubleshooting…
Ambo University
• dig command
– Dig (domain information groper) query DNS related
information like A Record, CNAME, MX Record etc.
– This command mainly use to troubleshoot DNS related
query.

• nslookup command
– nslookup command also use to find out DNS related
query. The following examples shows A Record (IP
Address) of tecmint.com.

44
Network troubleshooting…..
Ambo University
• host command
– host command helps to find name to IP or IP to name
in IPv4 or IPv6 and also query DNS records.

• hostname command
– hostname is to identify in a network.
– Execute hostname command to see the hostname of
your box.
– One can configure hostname on /etc/hostname file.
45