Networking with TCP/IPThe basic building block for any network based on Unix hosts is the Transport Control Protocol/Internet Protocol (TCP/IP) suite of three protocols. The suite consists of the Internet Protocol (IP), Transport Control Protocol (TCP), and Universal Datagram Protocol (UDP). IP is the base protocol. The TCP/IP suite is packet-based, which means that data is broken into little chunks on the transmit end for transmission to the receiving end. Breaking data up into manageable packets allows for faster and more accurate transfers. In TCP/IP, all data travels via IP packets, which is why addresses are referred to as IP addresses. It is the lowest level of the suite. TCP is a connection-based protocol. Before data is transmitted between two machines, a connection is established between them. When a connection is made, a stream of data is sent to the IP to be broken into the packets that are then transmitted. At the receiving end, the packets are put back in order and sent to the proper application port. TCP/IP forms the basis of the Internet; without it the Internet would be a very different place indeed, if it even existed! On the other hand, UDP is a connectionless protocol. Applications using this protocol just choose their destination and start sending. UDP is normally used for small amounts of data or on fast and reliable networks. If you are interested in the internals of TCP/IP, see the "Reference" section at the end of this chapter for places to look for more information.
TCP/IP AddressingTo understand networking with Linux, you need to know the basics of TCP/IP addressing. Internet IP addresses (also known as public IP addresses) are different from those used internally on a local area network, or LAN. Internet IP addresses are assigned (for the United States and some other hosts) by the American Registry for Internet Numbers, available at http://www.arin.net/. Entities that need an Internet address apply to this agency to be assigned an address. The agency assigns Internet service providers (ISPs) one or more blocks of IP addresses, which the ISPs can then assign to their subscribers. You will quickly recognize the current form of TCP/IP addressing, known as IPv4 (IP version 4). In this method, a TCP/IP address is expressed of a series of four decimal numbersa 32-bit value expressed in a format known as dotted decimal format, such as 192.168.120.135. Each set of numbers is known as an octet (eight ones and zeros, such as 10000000 to represent 128) and ranges from zero to 255. The first octet usually determines what class the network belongs to. There are three classes of networks. The classes are
No host portion of an IP address can be all zeros or 255s. These addresses are reserved for broadcast addresses. IP addresses with all zeros in the host portion are reserved for network-to-network broadcast addresses. IP addresses with all 255s in the host portion are reserved for local network broadcasts. Broadcast messages are not typically seen by users. These classes are the standard, but a netmask also determines what class your network is in. The netmask determines what part of an IP address represents the network and what part represents the host. Common netmasks for the different classes are
Because of the allocation of IP addresses for Internet hosts, it is now impossible to get a Class A network. It is also nearly impossible to get a Class B network (all the addresses have been given out, but some companies are said to be willing to sell theirs), and Class C network availability is dropping rapidly with the current growth of Internet use worldwide. See the following sidebar.
Using IP Masquerading in UbuntuThree blocks of IP addresses are reserved for use on internal networks and hosts not directly connected to the Internet. The address ranges are from 10.0.0.0 to 10.255.255.255, or 1 Class A network; from 172.16.0.0 to 172.31.255.255, or 16 Class B networks; and from 192.168.0.0 to 192.168.255.255, or 256 Class C networks. Use these IP addresses when building a LAN for your business or home. Which class you choose can depend on the number of hosts on your network. Internet access for your internal network can be provided by a PC running Ubuntu or other broadband or dial-up router. The host or device is connected to the Internet and is used as an Internet gateway to forward information to and from your LAN. The host should also be used as a firewall to protect your network from malicious data and users while functioning as an Internet gateway. A PC used in this fashion typically has at least two network interfaces. One is connected to the Internet with the other connected to the computers on the LAN (via a hub or switch). Some broadband devices also incorporate four or more switching network interfaces. Data is then passed between the LAN and the Internet using network address translation, or NAT, better known in Linux circles as IP masquerading. Note Do not rely on a single point of protection for your LAN, especially if you use wireless networking, provide dial-in services, or allow mobile (laptop or PDA) users internal or external access to your network. Companies, institutions, and individuals relying on a "moat mentality" have often discovered to their dismay that such an approach to security is easily breached. Make sure that your network operation is accompanied by a security policy that stresses multiple levels of secure access, with protection built into every server and workstationsomething easily accomplished when using Linux. PortsMost servers on your network have more than one task. For example, web servers have to serve both standard and secure pages. You might also be running an FTP server on the same host. For this reason, applications are provided ports to use to make "direct" connections for specific software services. These ports help TCP/IP distinguish services so that data can get to the correct application. If you check the file /etc/services, you will see the common ports and their usage. For example, for FTP, HTTP, and Post Office Protocol (email retrieval server), you will see ftp 21/tcp http 80/tcp http # WorldWideWeb HTTP pop3 110/tcp pop-3 # POP version 3 The ports defined in /etc/services in this example are 21 for FTP, 80 for HTTP, and 110 for POP3. Other common port assignments are 25 for simple mail transport protocol (SMTP) and 22 for secure shell (SSH) remote login. Note that these ports are not set in stone, and you can set up your server to respond to different ports. For example, although port 22 is listed in /etc/services as a common default for SSH, the sshd server can be configured to listen on a different port by editing its configuration file /etc/ssh/sshd_config. The default setting (commented out with a pound sign) looks like this: #Port 22 Edit the entry to use a different port, making sure to select an unused port number, such as Port 2224 Save your changes, and then restart the sshd server. (Refer to Chapter 15, "Automating Tasks," to see how to restart a service.) Remote users must now access the host through port 2224, which can be done using ssh's -p (port) option like so: $ ssh -p 2224 remote_host_name_or_IP |