Linux Network Administration

© 2016 Martin Bruchanov, bruchy@gmail.com

Open Systems Interconnection model vs. TCP/IP model

OSI Layer Data Protocols TCP/IP Layer
7. Application Data Data generation (SMTP, NNTP, SSH, Telnet, HTTP) Application
6. Presentation Data Encryption and formatting (JPEG, ASCII, EBDIC, GIF,…)
5. Session Data Sync. & send to ports (RPC, SQL, NFS, NetBIOS)
4. Transport Segments TCP/UDP, message segmentation, message traffic control Transport
3. Network Packets Packets, IP addr., routing, subnet traffic (IPv4/6, ICMP) Network
2. Data Link Frames Frame traffic control, sequencing (ARP, MAC) Network Access
1. Physical bits Cables, hubs, physical medium transmission
People Don't Need Those Stupid Packets Anymore!”

Internet Protocol (IP) Addresses

IPv4 addresses and mask

CIDR Notation: 192.168.1.130/25
IPv4 (32bit): 192.168.1.130 11000000.10101000.00000001.10000010
Mask: 255.255.255.128 11111111.11111111.11111111.10000000
Subnet: ( IP and Mask ) 11000000.10101000.00000001.10000000
Subnet: 192.168.1.128
Usable Host Range: 192.168.1.129--254
Broadcast Address: 192.168.1.255
Use: ipcalc, sipcalc for IP/net calculations.

IPv6 addresses

Reserved IP addresses

Most common ports (/etc/services)

Privilege port < 1024 can be opened only by the root user!

Basic network setup

Wi-Fi Networking

Configuration files of network interface settings

Stored in: /etc/sysconfig/network-scripts/ifcfg-inteface
Static Dynamic Either
BOOTPROTO=none
IPADDR=192.168.0.2
PREFIX0=24
GATEWAY0=192.168.0.1
DEFROUTE=yes
DNS1=8.8.8.8
BOOTPROTO=dhcp DEVICE=eth0
NAME="System eth0"
ONBOOT=yes
UUID=a1b1c122-2...
USERCTL=yes

NetworkManager, nmcli, nmtui

DHCP (Dynamic Host Configuration Protocol)

Network socket of processes

ICMP (Internet Control Message Protocol)

Ethernet Bridge Manipulation

ARP (Address Resolution Protocol)

Routing

Firewall

IPv4/IPv6 packet filtering and NAT – iptables

Dynamic Firewall Manager – firewalld

Traffic monitoring

tcpdump – dump traffic on a network

Remote shells

Secure SHell (SSH)

SSH key handling

Remote desktop

TELNET

Remote file systems

Common Internet Filesystem (CIFS/SaMBa)

Network File System (NFS)

File transfer

File transfer protocol (FTP)

rsync

SCP/SFTP

Network Mapper, net and port scanning

netcat – Concatenate and redirect sockets

bash – network support for shell scripting

Domain Name Service (DNS)

WHOIS service

HTTP(S) (Hypertext Transfer Protocol [SECURE])

OpenSSL

Network Time Protocol (NTP)

Remote Procedure Call (RPC)

Internet daemon, TCP wrappers – inetd, xinetd

Security Enhanced Linux (SELinux)

Show/manipulate traffic control settings

Virtual Private Network (OpenVPN)

E-mail