Linux Networking: Difference between revisions

From CompleteNoobs
Jump to navigation Jump to search
imported>AwesomO
(Created page with "=Linux Networking= Linux networking is an essential aspect of system administration and daily operations, as it enables communication between systems and provides access to various network resources. ==Network configuration and troubleshooting== ===Configuring network interfaces=== On Ubuntu, the network configuration is usually handled by the netplan utility, which generates configuration files for the system's network manager (e.g., NetworkManager or systemd-netwo...")
 
 
Line 230: Line 230:
===SSH===
===SSH===


    SSH: To connect to a remote server using SSH, you need to have the OpenSSH client installed on your local machine and the OpenSSH server installed on the remote machine. In Ubuntu, you can install them using the following commands:
[[SSH_and_How_to_Use_It|Main ssh and sshd page can be found here - '''SSH and How to Use It''']]
 
:    SSH: To connect to a remote server using SSH, you need to have the OpenSSH client installed on your local machine and the OpenSSH server installed on the remote machine. In Ubuntu, you can install them using the following commands:


<pre>
<pre>

Latest revision as of 20:07, 27 April 2023

Linux Networking

Linux networking is an essential aspect of system administration and daily operations, as it enables communication between systems and provides access to various network resources.

Network configuration and troubleshooting

Configuring network interfaces

On Ubuntu, the network configuration is usually handled by the netplan utility, which generates configuration files for the system's network manager (e.g., NetworkManager or systemd-networkd) based on YAML configuration files. These files are typically located in /etc/netplan/.

To configure a static IP address, follow these steps:

  • a. List available network interfaces:

ip link show

  • b. Create or edit the netplan configuration file (e.g., /etc/netplan/01-netcfg.yaml):

sudo $EDITOR /etc/netplan/01-netcfg.yaml

  • c. Add the following configuration, replacing INTERFACE_NAME with the appropriate interface name (e.g., eth0 or enp0s3) and adjusting the IP addresses and gateway as needed:
network:
  version: 2
  renderer: networkd
  ethernets:
    INTERFACE_NAME:
      dhcp4: no
      addresses:
        - 192.168.1.100/24
      gateway4: 192.168.1.1
      nameservers:
          addresses: [8.8.8.8, 8.8.4.4]

/etc/netplan/01-netcfg.yaml line-by-line explanation:

network:: This is the root element of the configuration file. It defines the start of the network configuration.
version: 2: This specifies the configuration format version. Netplan uses version 2 by default.
renderer: networkd: This sets the backend renderer that Netplan will use to generate the configuration files. networkd is a system service provided by systemd for managing networks. The other common renderer is NetworkManager, which is a more user-friendly network management tool.
ethernets:: This is a key representing a dictionary of Ethernet devices. Each entry in the dictionary corresponds to a single network interface.
INTERFACE_NAME:: This is a placeholder for the actual network interface name (e.g., eth0, enp0s3). Replace it with the name of the network interface you want to configure.
dhcp4: no: This disables DHCPv4 for the network interface. When set to "no," the interface will not request an IP address automatically from a DHCP server. Instead, you will have to set a static IP address.
addresses:: This key represents a list of IP addresses to assign to the network interface.
- 192.168.1.100/24: This is the static IP address assigned to the network interface. The /24 notation represents the subnet mask, which is equivalent to 255.255.255.0.
gateway4: 192.168.1.1: This sets the IPv4 gateway (default route) for the network interface. This is the address of the router that connects the local network to other networks, such as the internet.
nameservers:: This key represents the DNS configuration for the network interface.
addresses: [8.8.8.8, 8.8.4.4]: This is a list of DNS server addresses that the system will use for domain name resolution. In this example, Google's public DNS servers (8.8.8.8 and 8.8.4.4) are used.

This configuration sets up a network interface with a static IP address, disables DHCP, configures the gateway and DNS servers, and uses networkd as the renderer.

  • d. Apply the changes:

sudo netplan apply

Troubleshooting network issues

To diagnose connectivity issues, use the ping, traceroute, and nslookup or dig commands:

a. Check if you can reach a specific IP address:

ping 8.8.8.8

b. Check if you can resolve a domain name:

nslookup example.com

or

dig example.com

c. Trace the network path to a destination:

traceroute example.com

If you have connectivity issues, you can try to restart the networking service or the specific network interface:

Restart the networking service:

sudo systemctl restart networking

Restart a specific network interface:

Replace INTERFACE_NAME with the appropriate interface name.

sudo ip link set INTERFACE_NAME down
sudo ip link set INTERFACE_NAME up

Network protocols and services

TCP/IP

TCP/IP (Transmission Control Protocol/Internet Protocol) is the foundation of the internet and the most commonly used protocol suite for networking. It consists of multiple protocols that facilitate communication between devices on a network.

TCP: A connection-oriented protocol that ensures reliable and ordered delivery of data packets between devices on a network. It establishes a connection, maintains the data flow, and closes the connection once data transmission is complete.

IP: A connectionless protocol responsible for addressing and routing data packets across networks. It encapsulates data into packets and sends them to their destination based on the IP addresses of the source and destination devices.

DHCP (Dynamic Host Configuration Protocol)

DHCP is a network protocol that automatically assigns IP addresses and other network configuration parameters to devices on a network. It helps to automate IP address allocation, reducing the need for manual configuration.

Example: To install and configure a DHCP server on Ubuntu, follow these steps:

Install the DHCP server package:
sudo apt update
sudo apt install isc-dhcp-server
Configure the DHCP server by editing its configuration file:

sudo $EDITOR /etc/dhcp/dhcpd.conf

Add the following example configuration to the file (adjust the values according to your network requirements):
subnet 192.168.1.0 netmask 255.255.255.0 {
  range 192.168.1.100 192.168.1.200;
  option domain-name-servers 8.8.8.8, 8.8.4.4;
  option routers 192.168.1.1;
  option subnet-mask 255.255.255.0;
  default-lease-time 600;
  max-lease-time 7200;
}

/etc/dhcp/dhcpd.conf :Explanation

subnet 192.168.1.0 netmask 255.255.255.0 {: This line defines the subnet (192.168.1.0) and its netmask (255.255.255.0). The netmask denotes that the first three octets (192.168.1) are the network part, and the last octet is for host addresses.
range 192.168.1.100 192.168.1.200;: This line specifies the range of IP addresses (from 192.168.1.100 to 192.168.1.200) that the DHCP server can assign to devices on the network.
option domain-name-servers 8.8.8.8, 8.8.4.4;: This line sets the DNS servers (8.8.8.8 and 8.8.4.4, which are Google's public DNS servers) that the DHCP server will provide to the devices on the network.
option routers 192.168.1.1;: This line specifies the default gateway (192.168.1.1) that the DHCP server will provide to devices on the network for routing traffic outside the local subnet.
option subnet-mask 255.255.255.0;: This line sets the subnet mask (255.255.255.0) that the DHCP server will provide to devices on the network.
default-lease-time 600;: This line defines the default lease time (600 seconds, or 10 minutes) for the IP addresses assigned by the DHCP server. The lease time is the duration for which a device holds an IP address before it needs to be renewed.
max-lease-time 7200;: This line sets the maximum lease time (7200 seconds, or 2 hours) for the IP addresses assigned by the DHCP server. If a device requests a lease time longer than the maximum lease time, the server will assign it the maximum lease time instead.
}: This line marks the end of the configuration block for the specified subnet.
Restart the DHCP server to apply the changes:

sudo systemctl restart isc-dhcp-server

DNS (Domain Name System)

DNS is a system that translates human-friendly domain names (e.g., www.example.com) into IP addresses (e.g., 192.0.2.1) that computers can understand. It acts as a phone book for the internet, allowing users to access websites and resources using domain names instead of IP addresses.

Example: To configure a DNS server on Ubuntu using BIND9, follow these steps:

Install the BIND9 package:
sudo apt update
sudo apt install bind9
Configure the DNS server by editing its configuration file:

sudo $EDITOR /etc/bind/named.conf.options

Add the following example configuration to the file (you can replace the forwarders with the DNS servers of your choice):
options {
  directory "/var/cache/bind";

  recursion yes;
  allow-query { any; };

  forwarders {
    8.8.8.8;
    8.8.4.4;
  };
};

/etc/bind/named.conf.options explanation of each line:

options {: This line marks the beginning of the options block, which contains various settings for the DNS server.
directory "/var/cache/bind";: This line sets the working directory for the BIND server to "/var/cache/bind", which is where the server will store its cache and other working files.
recursion yes;: This line enables recursive queries on the DNS server. Recursive queries allow the server to forward queries to other DNS servers if it doesn't have the requested information in its cache or zone files.
allow-query { any; };: This line sets the allowed sources for DNS queries. In this case, the server is configured to accept queries from any IP address.
forwarders {: This line marks the beginning of the forwarders block, which contains a list of DNS servers to which the BIND server will forward queries it cannot answer.
8.8.8.8;: This line specifies one of the forwarder DNS servers (8.8.8.8), which is one of Google's public DNS servers.
8.8.4.4;: This line specifies another forwarder DNS server (8.8.4.4), which is another one of Google's public DNS servers.
};: This line marks the end of the forwarders block.
};: This line marks the end of the options block.
Restart the BIND9 service to apply the changes:

sudo systemctl restart bind9

Now, your Ubuntu system is configured to use BIND9 as its local DNS server, forwarding DNS queries to the specified forwarders.

Remote access and management (SSH, SCP, SFTP)

SSH (Secure Shell) is a protocol used to securely access and manage remote Linux systems over an unsecured network. It encrypts all data transmitted between the client and server, ensuring the confidentiality and integrity of the data. SSH can be used for executing commands, managing files, and launching applications on remote systems.

SSH

Main ssh and sshd page can be found here - SSH and How to Use It

SSH: To connect to a remote server using SSH, you need to have the OpenSSH client installed on your local machine and the OpenSSH server installed on the remote machine. In Ubuntu, you can install them using the following commands:
sudo apt-get update
sudo apt-get install openssh-client

On the remote machine:

sudo apt-get update
sudo apt-get install openssh-server

To connect to the remote server, use the following command:

ssh username@remote_host

Replace "username" with the remote user's username and "remote_host" with the remote server's IP address or hostname.

SCP (Secure Copy)

SCP (Secure Copy): SCP is a file transfer protocol that uses SSH for secure data transfer. It allows you to copy files between local and remote systems or between two remote systems.

To copy a file from the local machine to a remote machine, use the following command:

scp /path/to/local/file username@remote_host:/path/to/remote/directory

To copy a file from a remote machine to the local machine, use the following command:

scp username@remote_host:/path/to/remote/file /path/to/local/directory

SFTP (Secure File Transfer Protocol)

SFTP (Secure File Transfer Protocol): SFTP is another secure file transfer protocol that uses SSH for secure data transfer. Unlike SCP, SFTP provides an interactive command-line interface, similar to FTP, for managing files on the remote system.

To start an SFTP session with a remote server, use the following command:

sftp username@remote_host

Once connected, you can use commands like ls, cd, get, put, and mkdir to navigate and manage files on the remote system. To exit the SFTP session, type exit or bye.

These protocols and tools are essential for securely managing remote Linux systems and transferring files between them.

Network Security and Firewalls: iptables and ufw

Network security is crucial to protect your Linux system from malicious traffic and unauthorized access. Firewalls act as a barrier between your system and the external network, allowing or blocking network traffic based on predefined rules. In this tutorial, we will discuss how to configure and manage firewalls using iptables and ufw.

iptables

iptables is a powerful command-line utility for managing the Linux kernel's netfilter framework. It allows you to create, modify, and manage firewall rules to control incoming and outgoing network traffic.

Installing iptables

iptables comes pre-installed on most Linux distributions, including Ubuntu. You can verify its installation by running:

sudo iptables --version

Basic iptables commands

  • List current rules: sudo iptables -L
  • Flush/Delete all rules: sudo iptables -F
  • Save current rules: sudo iptables-save > /path/to/backup/file
  • Restore saved rules: sudo iptables-restore < /path/to/backup/file

Creating rules

iptables rules are based on chains (INPUT, OUTPUT, and FORWARD) and targets (ACCEPT, DROP, and REJECT).

Allow all incoming SSH traffic:

sudo iptables -A INPUT -p tcp --dport 22 -j ACCEPT

Block all incoming traffic from a specific IP address:

sudo iptables -A INPUT -s <IP_ADDRESS> -j DROP

Allow all outgoing HTTP traffic:

sudo iptables -A OUTPUT -p tcp --dport 80 -j ACCEPT

Block all incoming traffic on a specific port:

sudo iptables -A INPUT -p tcp --dport <PORT_NUMBER> -j DROP


ufw (Uncomplicated Firewall)

ufw is a user-friendly frontend for iptables that simplifies the process of configuring and managing firewalls. It is recommended for beginners and users who prefer a straightforward approach to firewall management.

Installing ufw

On Ubuntu, ufw comes pre-installed. You can verify its installation by running:

sudo ufw version

Enabling and disabling ufw

Enable ufw: sudo ufw enable
Disable ufw: sudo ufw disable

Basic ufw commands

Check ufw status and rules: sudo ufw status
Reset ufw to default settings: sudo ufw reset

Creating rules

Allow incoming SSH traffic: sudo ufw allow ssh
Block incoming traffic from a specific IP address: sudo ufw deny from <IP_ADDRESS>
Allow outgoing HTTP traffic: sudo ufw allow out http
Block incoming traffic on a specific port: sudo ufw deny in <PORT_NUMBER>

In summary, network security and firewalls play a crucial role in protecting your Linux system. iptables and ufw are two powerful tools that can help you configure and manage firewalls to safeguard your system from unauthorized access and malicious traffic.