Chapter 3 Networking Primer - part 2
Basics of networking configuration for RHEL6 :
Good reference article : http://www.linuxtopia.org/online_books/rhel6/rhel_6_deployment/rhel_6_deployment_s1-networkscripts-interfaces.html
Classful network
http://en.wikipedia.org/wiki/Classful_network| Class | Address Range | Supports |
| Class A | 1.0.0.1 to 126.255.255.254 | Supports 16 million hosts on each of 127 networks. |
| Class B | 128.1.0.1 to 191.255.255.254 | Supports 65,000 hosts on each of 16,000 networks. |
| Class C | 192.0.1.1 to 223.255.254.254 | Supports 254 hosts on each of 2 million networks. |
| Class D | 224.0.0.0 to 239.255.255.255 | Reserved for multicast groups. |
| Class E | 240.0.0.0 to 254.255.255.254 | Reserved for future use, or Research and Development Purposes. |
Short for Internet Protocol, IP is an address of a computer or other network device on a network using IP or TCP/IP. For example, the number "166.70.10.23" is an example of such an address. These addresses are similar to an addresses used on a house and is what allows data to reach the appropriate destination on a network.
There are five classes of available IP ranges: Class A, Class B, Class C, Class D and Class E, while only A, B, and C are commonly used. Each class allows for a range of valid IP addresses. Below is a listing of these addresses.
Ranges 127.x.x.x are reserved for the loopback or localhost, for example, 127.0.0.1 is the common loopback address. Range 255.255.255.255 broadcasts to all hosts on the local network.
Networking basic commands and usage examples for 'ping', 'ifconfig' 'arp' 'netstat' 'route' 'ping6' and 'dhclient' :
[root@server01 samba-3.5.6]# ifconfig eth0
eth0 Link encap:Ethernet HWaddr 00:0C:29:3A:FF:14
inet addr:192.168.0.12 Bcast:192.168.0.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fe3a:ff14/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:229283 errors:0 dropped:0 overruns:0 frame:0
TX packets:3410 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:14921632 (14.2 MiB) TX bytes:574837 (561.3 KiB)
[root@server01 samba-3.5.6]# ping -c2 127.0.0.1
PING 127.0.0.1 (127.0.0.1) 56(84) bytes of data.
64 bytes from 127.0.0.1: icmp_seq=1 ttl=64 time=0.322 ms
64 bytes from 127.0.0.1: icmp_seq=2 ttl=64 time=0.094 ms
--- 127.0.0.1 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1001ms
rtt min/avg/max/mdev = 0.094/0.208/0.322/0.114 ms
[root@server01 samba-3.5.6]# arp -a
? (192.168.0.3) at 24:77:03:1f:10:14 [ether] on eth0
? (192.168.0.1) at e4:83:99:57:9a:76 [ether] on eth0
[root@server01 samba-3.5.6]# netstat -nap | head
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1675/sshd
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN 1571/cupsd
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 1755/master
tcp 0 0 0.0.0.0:38365 0.0.0.0:* LISTEN 1489/rpc.statd
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 1384/rpcbind
tcp 0 0 192.168.122.1:53 0.0.0.0:* LISTEN 1944/dnsmasq
tcp 1 0 192.168.0.12:56738 184.84.210.27:80 CLOSE_WAIT 2268/clock-applet
tcp 0 52 192.168.0.12:22 192.168.0.3:54219 ESTABLISHED 2307/1
[root@server01 samba-3.5.6]#
[root@server01 samba-3.5.6]# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.0.0 * 255.255.255.0 U 0 0 0 eth0
192.168.122.0 * 255.255.255.0 U 0 0 0 virbr0
link-local * 255.255.0.0 U 1002 0 0 eth0
default 192.168.0.1 0.0.0.0 UG 0 0 0 eth0
[root@server01 samba-3.5.6]#
Re-configuring an interface with 'ifconfig' :
[root@server01 samba-3.5.6]# ifconfig eth0 192.169.0.20 netmask 255.255.255.0
To change it back to the settings in the network confuration files :
[root@server01 ~]# service network restart
Shutting down interface Auto_eth0: Device state: 3 (disconnected)
[ OK ]
Shutting down interface eth0: Error: Device 'eth0' (/org/freedesktop/NetworkManager/Devices/0) disconnecting failed: This device is not active
[FAILED]
Shutting down loopback interface: [ OK ]
Bringing up loopback interface: [ OK ]
Bringing up interface Auto_eth0: Active connection state: activated
Active connection path: /org/freedesktop/NetworkManager/ActiveConnection/1
[ OK ]
Bringing up interface eth0: [ OK ]
[root@server01 ~]#
[root@server01 ~]#
[root@server01 ~]# ifconfig eth0
eth0 Link encap:Ethernet HWaddr 00:0C:29:3A:FF:14
inet addr:192.168.0.12 Bcast:192.168.0.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fe3a:ff14/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:233048 errors:0 dropped:0 overruns:0 frame:0
TX packets:3618 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:15175150 (14.4 MiB) TX bytes:605937 (591.7 KiB)
[root@server01 ~]#
[root@server01 ~]# /etc/init.d/network status
Configured devices:
lo Auto_eth0 eth0
Currently active devices:
lo eth0 virbr0
[root@server01 ~]#
And we tried running apache, and get it to serve other ips, tis not working ?
So ....
[root@server01 ~]# iptables -A INPUT -p tcp --dport 80 -i eth0 -j ACCEPT
[root@server01 ~]#
[root@server01 ~]# iptables -L -n
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:53
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:53
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:67
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:67
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTAB LISHED
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:2 2
REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-ho st-prohibited
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:80
Chain FORWARD (policy ACCEPT)
target prot opt source destination
ACCEPT all -- 0.0.0.0/0 192.168.122.0/24 state RELATED,ESTAB LISHED
ACCEPT all -- 192.168.122.0/24 0.0.0.0/0
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-po rt-unreachable
REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-po rt-unreachable
REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-ho st-prohibited
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
[root@server01 ~]#
Still not working, so try ...
[root@server01 ~]# chcon -R --reference=/var/www/html/ /var/www/html/inst/
[root@server01 ~]#
still no dice , so try to shut-off linux firewall ..
[root@server01 ~]# iptables -F
[root@server01 ~]# iptables -L -n
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
[root@server01 ~]#
So for the record, it was the security context stuff blocking.
[root@server01 ~]# chcon -R --reference=/var/www/html/ /var/www/html/inst/RHEL_6.1_x86_64_Disc_1/
[root@server01 ~]#
# system-config-network
[root@server01 ~]# cat /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE="eth0"
BOOTPROT="static"
# HWADDR="00:0C:29:3A:FF:14"
NM_CONTROLLED="yes"
ONBOOT="yes"
IPV6INIT="no"
TYPE="Ethernet"
NETWORK="192.168.0.0"
NETMASK="255.255.255.0"
IPADDR="192.168.0.12"
GATEWAY="192.168.0.1" (or must be in /etc/sysconfig/network)
Also ...run 'nm-connection-manager' from the cli :
If you save this configuration, a file is written like :
/etc/sysconfig/network-scripts/ifcfg-System_eth0
Four files to be familiar with formatting of , for networking :
1. The hosts file is the static database of hostnames and IP addresses
/etc/hosts
[root@server01 ~]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.0.12 server01
2. The /etc/nsswitch.conf file specifies database search priorities for auth and naming and other services :
[root@server01 ~]# cat /etc/nsswitch.conf
#
# /etc/nsswitch.conf
#
# An example Name Service Switch config file. This file should be
# sorted with the most-used services at the beginning.
#
# The entry '[NOTFOUND=return]' means that the search for an
# entry should stop if the search in the previous entry turned
# up nothing. Note that if the search failed due to some other reason
# (like no NIS server responding) then the search continues with the
# next entry.
#
# Valid entries include:
#
# nisplus Use NIS+ (NIS version 3)
# nis Use NIS (NIS version 2), also called YP
# dns Use DNS (Domain Name Service)
# files Use the local files
# db Use the local database (.db) files
# compat Use NIS on compat mode
# hesiod Use Hesiod for user lookups
# [NOTFOUND=return] Stop searching if not found so far
#
# To use db, put the "db" in front of "files" for entries you want to be
# looked up first in the databases
#
# Example:
#passwd: db files nisplus nis
#shadow: db files nisplus nis
#group: db files nisplus nis
passwd: files
shadow: files
group: files
#hosts: db files nisplus nis dns
hosts: files dns
# Example - obey only what nisplus tells us...
#services: nisplus [NOTFOUND=return] files
#networks: nisplus [NOTFOUND=return] files
#protocols: nisplus [NOTFOUND=return] files
#rpc: nisplus [NOTFOUND=return] files
#ethers: nisplus [NOTFOUND=return] files
#netmasks: nisplus [NOTFOUND=return] files
bootparams: nisplus [NOTFOUND=return] files
ethers: files
netmasks: files
networks: files
protocols: files
rpc: files
services: files
netgroup: nisplus
publickey: nisplus
automount: files nisplus
aliases: files nisplus
3. The file /etc/resolv.conf is the standard file for DNS clients to document where DNS servers are (which ones used in name searches, rather) :
[root@server01 ~]# cat /etc/resolv.conf
# Generated by NetworkManager
search ad.savvis.net
nameserver 24.217.0.5
nameserver 24.217.201.67
4.) The network file defines the HOSTNAME along with some other network configuration settings
[root@server01 ~]# cat /etc/sysconfig/network
NETWORKING=yes
HOSTNAME=server01
GATEWAY=192.168.0.1
GATEWAYDEV=eth0
The network applet can be found in the upper right hand area of the GNOME Desktop :
No comments:
Post a Comment