Using Network Configuration Tools
| < Day Day Up > |
| If you add or replace networking hardware after your initial installation, you must configure the new hardware. You can do so using either the command line or the graphical configuration tools. To configure a network client host using the command line, you can use a combination of commands or edit specific files under the /etc/sysconfig directory. To configure the hardware through a graphical interface, you can use Red Hat's graphical tool for X11 called system-config-network or the console-based netconfig command. This section introduces command-line and graphical software tools you can use to configure a network interface and network settings on your Red Hat system. You'll see how to control your NIC and manage how your system interacts with your network. Using the command-line configuration tools can seem difficult if you are new to Linux. For anyone new to networking, the system-config-network graphical tool is the way to go. Both manual and graphical methods require root access to work. If you do not have root access, get it before trying any of these actions. You should not edit any scripts or settings files used by graphical network administration tools on your system. Your changes will be lost the next time the tool, such as system-config-network, is run! Either use a manual approach and write your own network setup script, or stick to using graphical configuration utilities. NOTE The network configuration process described in this section is for client hosts. You cannot perform server network configuration, such as Domain Name System (DNS) and DHCP during installation. (See Chapter 26, "DNS," for more information on configuring DNS; see the "DHCP" section later in this chapter for more information on that item.) Command-Line Network Interface ConfigurationYou can configure a network interface from the command line using the basic Linux networking utilities. You configure your network client hosts with the command line by using commands to change your current settings or by editing a number of system files. Two commands, ifconfig and route, are used for network configuration. The netstat command displays information about the network connections. /sbin/ifconfigifconfig is used to configure your network interface. You can use it to
You can change as many or as few of these options as you'd like with a single command. The basic structure for the command is as follows: /sbin/ifconfig [network device] options Table 17.1 shows a subset of ifconfig options and examples of their uses.
The ifconfig man page shows other options that enable your machine to interface with a number of network types such as AppleTalk, Novell, IPv6, and others. Again, read the man page for details on these network types. NOTE Promiscuous mode causes the NIC to receive all packets on the network. It is often used to sniff a network. Multicasting mode enables the NIC to receive all multicast traffic on the network. If no argument is given, ifconfig displays the status of active interfaces. For example, the output of ifconfig, without arguments and one active and configured NIC, looks similar to this: # /sbin/ifconfig eth0 Link encap:Ethernet HWaddr 00:30:1B:0B:07:0D inet addr:192.168.2.70 Bcast:192.168.2.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:127948 errors:0 dropped:0 overruns:0 frame:0 TX packets:172675 errors:0 dropped:0 overruns:0 carrier:0 collisions:7874 txqueuelen:100 RX bytes:19098389 (18.2 Mb) TX bytes:73768657 (70.3 Mb) Interrupt:11 Base address:0x2000 lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:215214 errors:0 dropped:0 overruns:0 frame:0 TX packets:215214 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:68739080 (65.5 Mb) TX bytes:68739080 (65.5 Mb) The output is easily understood. The inet entry displays the IP address for the interface. UP signifies that the interface is ready for use, BROADCAST denotes that the interface is connected to a network that supports broadcast messaging (ethernet), RUNNING means that the interface is operating, and LOOPBACK shows which device (lo) is the loopback address. The maximum transmission unit (MTU) on eth0 is 1500 bytes. This determines the size of the largest packet that can be transmitted over this interface (and is sometimes "tuned" to other values for performance enhancement). Metric is a number from 0 to 3 that relates to how much information from the interface is placed in the routing table. The lower the number, the smaller the amount of information. The ifconfig command can be used to display information about or control a specific interface using commands as listed in Table 17.1. For example, to deactivate the first Ethernet device on a host, use the ifconfig command, the interface name, and the command down like so: # ifconfig eth0 down You can also configure and activate the device by specifying a hostname or IP address and network information. For example to configure and activate ("bring up") the eth0 interface with a specific IP address, use the ifconfig command like this: # ifconfig eth0 192.168.2.35 netmask 255.255.255.0 up If you have a host defined in your system's /etc/hosts file (see the section "Network Configuration Files" later in this chapter), you can configure and activate the interface according to the defined hostname like this: # ifconfig eth0 trusty.home.org up Read the next section to see how to configure your system to work with your LAN. /sbin/routeThe second command used to configure your network is the route command. route is used to build the routing tables (in memory) implemented for routing packets as well as displaying the routing information. It is used after ifconfig has initialized the interface. route is normally used to set up static routes to other networks via the gateway or to other hosts. The command configuration is like this: /sbin/route [options] [commands] [parameters] To display the routing table, use the route command with no options. The display will look similar to this: # /sbin/route Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 149.112.50.64 * 255.255.255.192 U 0 0 0 eth0 208.59.243.0 * 255.255.255.0 U 0 0 0 eth0 127.0.0.0 * 255.0.0.0 U 0 0 0 lo default 149.112.50.65 0.0.0.0 UG 0 0 0 eth0 In the first column, Destination is the IP address (or, if the host is in /etc/hosts or /etc/networks, the hostname) of the receiving host. The default enTRy is the default gateway for this machine. The Gateway column lists the gateway that the packets must go through to reach their destination. An asterisk (*) means that packets go directly to the host. Genmask is the netmask. The Flags column can have several possible entries. In our example, U verifies that the route is enabled and G specifies that Destination requires the use of a gateway. The MeTRic column displays the distance to the Destination. Some daemons use this to figure the easiest route to the Destination. The Ref column is used by some Unix flavors to convey the references to the route. It isn't used by Linux. The Use column indicates the number of times this entry has been looked up. Finally, the Iface column is the name of the interface for the corresponding entry. Using the -n option to the route command will give the same information substituting IP addresses for names and asterisks (*) and looks like this: # /sbin/route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 149.112.50.64 0.0.0.0 255.255.255.192 U 0 0 0 eth0 208.59.243.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo 0.0.0.0 149.112.50.65 0.0.0.0 UG 0 0 0 eth0 The route command can add to the table using the add option. With the add option, you can specify a host (-host) or a network (-net) as the destination. If no option is used, the route command assumes that you are configuring the host issuing the command. The most common uses for the route command is to add the default gateway for a host, for a host that has lost its routing table, or if the gateway address has changed. For example, to add a gateway with a specific IP address, you could use the following: # /sbin/route add default gw 149.112.50.65 Note that you could use a hostname instead of an IP address if desired. Another common use is to add the network to the routing table right after using the ifconfig command to configure the interface. Assuming that the 208.59.243.0 entry from the previous examples was missing, replace it use the following command: # /sbin/route add -net 208.59.243.0 netmask 255.255.255.0 dev eth0 You also can use /sbin/route to configure a specific host for a direct (point-to-point) connection. For example, say that you have a home network of two computers. One of the computers has a modem through which it connects to your business network. You typically work at the other computer. You can use the route command to establish a connection through specific hosts using the following command: # /sbin/route add -host 198.135.62.25 gw 149.112.50.65 The preceding example makes the computer with the modem the gateway for the computer you are using. This type of command line is useful if you have a gateway or firewall connected to the Internet. There are many additional uses for the route command, such as manipulating the default packet size. See the man page for those uses. /bin/netstatThe netstat command is used to display the status of your network. It has several parameters that can display as much or as little information as you prefer. The services are listed by sockets (application-to-application connections between two computers). You can use netstat to display the information in Table 17.2.
Several other options are available for this command, but they are used less often. As with the /sbin/route command, the man page can give you details about all options and parameters. Network Configuration FilesAs previously stated, seven network configuration files can be modified to make changes to basic network interaction of your system. The files are
After the first six of these files are modified, the changes are active. As with most configuration files, comments can be added with a hash mark (#) preceding the comment. The last file (/etc/sysconfig/network) requires the networking daemons to be restarted before the file is used. All seven of these files have a man page written about them for more information. Adding Hosts to /etc/hostsThe /etc/hosts file is a map of IP to hostnames. If you aren't using DNS or another naming service, and you are connected to a large network, this file can get quite large and can be a real headache to manage. A small /etc/hosts file can look something like this: 127.0.0.1 localhost.localdomain localhost 128.112.50.69 myhost.mydomain.com myhost 128.112.50.169 yourhost.mydomain.com yourhost The first entry is for the loopback entry. The second is for the name of the machine. The third is another machine on the network. If no naming service is in use on the network, the only host that myhost will recognize by name is yourhost. (IP addresses on the network can still be used.) If your network is using a naming service, the last line is not needed and can be deleted. However, if myhost connects to yourhost frequently, it might be good to leave the entry so that myhost doesn't need to consult the naming service each time. This can save time and reduce the strain on the network or the name service server. Edit this file if you need to change your hostname or IP address or if you aren't using a naming service and a host has been added to your network. Service Settings in /etc/servicesThe /etc/services file maps port numbers to services. The first few lines look similar to this (the /etc/services file can be quite long, more than 500 lines): # Each line describes one service, and is of the form: # # service-name port/protocol [aliases ...] [# comment] tcpmux 1/tcp # TCP port service multiplexer tcpmux 1/udp # TCP port service multiplexer rje 5/tcp # Remote Job Entry rje 5/udp # Remote Job Entry echo 7/tcp echo 7/udp discard 9/tcp sink null discard 9/udp sink null systat 11/tcp users Typically, there are two entries for each service because most services can use either TCP or UDP for their transmissions. Usually once /etc/services is initially configured, you will not need to change it. Using /etc/nsswitch.conf After Changing Naming ServicesThis file was initially developed by Sun Microsystems to specify the order that services are accessed on the system. A number of services are listed in the /etc/nsswitch.conf file, but the most commonly modified entry is the hosts entry. A portion of the file can look like this: passwd: files shadow: files group: files #hosts: db files nisplus nis dns hosts: files dns This tells services that they should consult standard Unix/Linux files for passwd, shadow, and group (/etc/passwd, /etc/shadow, /etc/group, respectively) lookups. For host lookups, the system will check /etc/hosts and if there is no entry, it will check DNS. The commented hosts entry lists the possible values for hosts. Only edit this file if your naming service has changed. Setting a Name Server with /etc/resolv.conf/etc/resolv.conf is used by DNS, the domain name service. (DNS is covered in detail in Chapter 26.) The following is an example of resolv.conf: nameserver 192.172.3.8 nameserver 192.172.3.9 search mydomain.com This sets the nameservers and the order of domains for DNS to use. The contents of this file will be set automatically if you use Dynamic Host Configuration Protocol, or DHCP (see the section on "DHCP" later in this chapter). Setting DNS Search Order with /etc/host.confThe /etc/host.conf file lists the order in which your machine will search for hostname resolution. The following is the default /etc/host.conf file: order hosts, bind In this example, the host will check the /etc/hosts file first and then perform a DNS lookup. A couple more options control how the name service is used. The only reason to modify this file is if you use NIS for your name service or you want one of the optional services. The nospoof option can be a good option for system security. It will compare a standard DNS lookup to a reverse lookup (host-to-IP then IP-to-host) and fail if the two don't match. The drawback is that often when proxy services are used, the lookup will fail, so you will want to use this with caution. Examining Host Network Settings in /etc/sysconfig/networkChanges to /etc/sysconfig/network will not take effect until you restart the networking daemons or reboot the system. If you use Fedora's graphical configuration network tools (described in the next section), you should not edit this file. The file might look like this: NETWORKING=yes HOSTNAME=myhost GATEWAY=192.112.50.99 A GATEWAYDEV setting is also available to associate a specific network device (such as eth0 or eth1 and so on). An additional optional entry to /etc/sysconfig/network is for NIS domain machines and would look like this: NISDOMAIN=rebel The network file previously supported a FORWARD_IPV4 value, which determined whether the host forwarded IP packets (usually "yes" for routers). This setting is now saved in /etc/sysctl.conf as a net.ipv4.ip_forward setting, which can be modified if the forwarding changes are required. See the sysctl.conf man page for more information. Using Graphical Configuration ToolsAs mentioned earlier, if you are new to networking or still becoming proficient with the command line, the graphical configuration tool is your best method for configuring new hardware in Fedora. Like most graphical tools, system-config-network allows you to fill in the blanks; press the proper buttons, and the tool will modify the required files and issue the proper commands. Remember, you must be root to run system-config-network. There are two ways to start system-config-network: from the command line of an X11 terminal window with the command system-config-network, using the panel's Run Application menu item, or by clicking the System Setting's Network menu item from a GNOME or KDE desktop panel menu. (In either case, you'll be prompted to enter the root password.) Once started, system-config-network might ask if you would like to create a new device. If you've installed Fedora on a computer with an existing network card, however, the screen shown in Figure 17.1 appears after you start system-config-network. Figure 17.1. Use the initial system-config-network networking screen to begin configuring your network client host.
Click the DNS tab to configure your system's DNS settings, hostname, or DNS search path. Click the Hosts tab, and then either click the New or Edit button (after selecting a host) to create or edit an entry in your system's /etc/hosts file, for example, to add the IP addresses, hostnames, and aliases of hosts on your network see Figure 17.2 for an example of editing a host entry. Figure 17.2. Highlight an existing entry, and then click the Edit button to change /etc/hosts entries in the Hosts tab of the Network Configuration screen.
Click on the Devices tab, and then either click New or select an existing setting and click Edit to automatically or manually set up an Ethernet device. Figure 17.3 shows the Add New Device Type dialog box with all necessary information in place for a static, or fixed IP address assignment. Choose how your card will get its configuration, manually from Dynamic Host Control Protocol (see the next section) or from Bootp. Just fill in the blanks as needed. Figure 17.3. Configure an Ethernet device in the Configure Network Setting screen of the Add New Device Type dialog.
NOTE Bootp is the initial protocol that DHCP was built on, and it has mostly been replaced by DHCP. When you have finished configuring your NIC or editing an IP address or assignment scheme for a NIC, save your changes using the File menu's Save menu item. Note that you can also use the Profile menu (as shown previously in Figure 17.1) to create different network configurations and IP address assignments for your installed NICs. This is handy if you want to create, for example, a different network setup for home or work on a laptop running Fedora. |
| < Day Day Up > |
EAN: 2147483647
Pages: 361