Certification Objective 7.01-Network Configuration


The network is where the power of Red Hat Enterprise Linux really comes alive; however, getting there may not be trivial. As in all other things Linux, it's a learning experience. Many critical network configuration settings are stored in the /etc/sysconfig directory.

In most cases, you'll configure networking when you install RHEL during either exam. However, you may encounter and need to diagnose networking problems, especially during the Troubleshooting portion of either exam.

image from book
Exam Watch

Learn the configuration files in the /etc/sysconfig/network-scripts/ and /etc/sysconfig/ directories. These are crucial to the configuration of Red Hat Enterprise Linux. If you have a configuration to change or repair, it may involve files in one of these directories. If you have a problem on the troubleshooting exam, you may find the solution in these files. Even if there's an existing well-known configuration file such as httpd.conf, you can find additional configuration options in /etc/sysconfig/httpd. Red Hat has consolidated a number of key configuration files in these directories, so expect them to become even more important in the future.

image from book

The configuration file that provides the foundation for others in RHEL 5 networking is /etc/sysconfig/network. It can contain up to six directives, as described in Table 7-1. If you don't see the directives in your /etc/sysconfig/ network file, the situation does not apply. For example, if you don't see the GATEWAYDEV directive, you probably have only one network card on your computer.

Table 7-1: /etc/sysconfig/network Variables

Variable

Description

NETWORKING

Can be yes or no, to configure or not configure networking.

NETWORKING_IPV6

Can be yes or no, to configure networking under IPv6.

NISDOMAIN

If you're connected to an NIS network, this should be set to the name of the NIS domain.

HOSTNAME

Sets the host name of the local computer. If you don't see this directive, it may be set by a DHCP server.

GATEWAY

Sets the IP address for the gateway for your network. If you don't see this directive, it may be set by a DHCP server.

GATEWAYDEV

Sets the network device, such as eth0, that this computer uses to reach a gateway. You won't see this if you have only one network card on your computer.

In most cases, /etc/sysconfig/network contains three directives:

 NETWORKING=yes NETWORKING_IPV6=yes HOSTNAME=yourhostname 

There is no requirement for an NIS domain, and other directives (including the HOSTNAME) may be set by the DHCP server.

The /etc/sysconfig/network-scripts Files

The /etc/sysconfig/network-scripts directory is where Red Hat Enterprise Linux stores and retrieves its networking information. With available Red Hat configuration tools, you don't have to touch these files, but it's good to know they're there. A few representative files are shown in Table 7-2.

Table 7-2: /etc/sysconfig/network-scripts Files

File in /etc/sysconfig/network-scripts

Description

ifcfg-lo

Configures the loopback device, a virtual device that confirms proper installation of TCP/IP.

ifcfg-*

Each installed network adapter, such as eth0, gets its own ifcfg-* script. For example, eth0 gets ifcfg-eth0. This file includes the IP address information required to identify this network adapter on a network.

network-functions

This script contains functions used by other network scripts to bring network interfaces up and down.

ifup-* and ifdown-*

These scripts activate and deactivate their assigned protocols. For example, ifup-ipx brings up the IPX protocol.

On the Job 

Some of the commands in /etc/sysconfig/network-scripts may be hard-linked to files in the /etc/sysconfig/networking/devices and /etc/sysconfig/networking/ profiles/default directories. It's worth your trouble to explore these files as well.

There are several closely related commands in Table 7-3 that can help you manage networking from the command line interface.

Table 7-3: Other Network Configuration Commands

Network Script

Description

ifup and ifdown

These scripts start and stop a network card such as eth0. ifup eth0 activates eth0; ifdown eth0 deactivates this device.

dhclient

dhclient activates a connection to a DHCP server for your network. The function of a DHCP server is to lease IP addresses. Normally activated during the boot process through the applicable ifcfg-* script in the /etc/sysconfig/network-scripts directory.

ifconfig

The main network interface configuration utility. Can return or set the network parameters on a network device.

Setting Up a Network Interface

There are two ways to configure networking. It's fastest if you can use text commands. And Red Hat also provides an effective GUI Network Configuration utility, which writes changes to various configuration files, such as /etc/sysconfig/network. You can also use the text mode version of this tool to add, remove, and edit network interfaces. You can start these utilities with the system-config-network and /usr/sbin/system-config-network-tui commands (system-config-network-tui is not available in /usr/bin or in the PATH for regular users).

On the Job 

With the system-config-* GUI tools, Red Hat has developed a number of utilities that I believe will encourage Microsoft Windows administrators to make the switch to Linux.

There's one more command, system-config-network-cmd, which tells you essentially everything that's configured about your network, in a long list of console directives.

The following exercise illustrates how you can use the Network Configuration utility (see Figure 7-1). It then illustrates how you can monitor and modify your network configuration with various text commands.

image from book
Figure 7-1: Network Configuration utility

Exercise 7-1: Modifying Network Interfaces with system-config-network

image from book
  1. Start the Network Configuration utility. From a GUI terminal, press ALT-F2, and enter system-config-network in the text box that appears. This opens the Network Configuration dialog box.

  2. Select the Devices tab if it isn't already active.

  3. Select the adapter that you want to modify, and then click Edit. If it is an Ethernet adapter, you'll see an Ethernet Device dialog box similar to the one shown in the next illustration.

    image from book

  4. Pay attention to the Allow All Users To Enable And Disable The Device option. If you activate it, you'll change the USERCTL directive in the ifcfg-* script to yes. At this point, you should record your current settings for this interface before proceeding.

  5. Change the IP value (Address) to 192.168.1.11 and the network mask (Subnet Mask) to 255.255.255.0.

    Note that if your computer is on the 192.168.1.0 private network, you should use a different private IP address. It should isolate you from all other hosts on the local network. Test this after step 5 by using the ping command to try to connect to other hosts on your network.

  6. Choose File | Save and wait for the process to complete.

  7. At the command prompt, run ifconfig from a command line interface to check your new IP settings.

  8. Repeat steps 1 to 3 and then reset the values to your previous settings. Run ifconfig again to make sure you've restored your original network configuration.

image from book

Many values are associated with each network interface. At minimum, each network adapter requires a valid, unique IP address as well as an appropriate network mask. The Network Configuration utility provides five convenient tabs you can use to customize each network adapter; you may need to click New or Edit to make the changes suggested here.

  • Devices This tab allows you to add a new network adapter or edit a configured adapter. You can revise the name of the adapter, IP address assignments, static routing, and hardware device information. Different devices are configured in the /etc/sysconfig files described earlier.

  • Hardware This tab lets you modify the IRQ port, memory location, I/O address(es), and DMA channel(s) associated with the adapter. Hardware information is documented in different files in the /proc directory.

  • IPsec This tab supports virtual private network connections.

  • DNS This tab lets you add the addresses of DNS servers available to network adapters on the given network, which is reflected in /etc/resolv.conf.

  • Hosts This tab allows you to modify the name, alias, and IP address assigned to the specified adapter, which is shown in /etc/hosts.

On the Job 

In the past, Linux has had trouble recognizing second network adapters. If you encounter this problem, you may need to specify hardware addresses such as the IRQ port.

In addition, if you choose Profile | New, you can create different network configurations, which can be useful for flexible configurations, such as a laptop with a wireless card and an office docking port.

image from book
Exam Watch

If you want to use the Network Configuration tool during the exam, make sure you know the tool inside-out. Try some experiments. Make some changes, and check the effect on the files I've described.

image from book

ifup/ifdown

Each installed network adapter has a corresponding ifcfg-* file in /etc/sysconfig/network-scripts. You can activate or deactivate that adapter with the ifup and ifdown commands. Either of the following commands will activate the eth0 network adapter:

 ifup ifcfg-eth0 ifup eth0 

ifconfig

The ifconfig command is used to configure and display network devices. Here is some sample output from this command:

 # ifconfig eth0 eth0      Link encap:Ethernet HWaddr 00:50:56:40:1E:6A           inet addr:192.168.30.2 Bcast:192.168.30.255 Mask:255.255.255.0           inet6 addr: fe80::2e0:4cff:fee3:d106/64 Scope:Link           UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1           RX packets:11253 errors:0 dropped:0 overruns:0 frame:0           TX packets:1304 errors:0 dropped:0 overruns:0 carrier:0           collisions:0 txqueuelen:1000           RX bytes:2092656 (1.9 Mb) TX bytes:161329 (157.5 Kb)           Interrupt:10 Base address:0x10a0 

The preceding command requests configuration data for the first Ethernet device on the system, eth0. If you just specify eth0 (or another device), ifconfig displays information about the specified interface only. If you don't specify a device, ifconfig shows all network adapters, including the loopback adapter.

The ifconfig command can also be used to configure network interfaces. For example, you can assign a new IP address for eth0 with the following command:

 # ifconfig eth0 10.11.12.13 

The first parameter, eth0, tells you which interface is being configured. The next argument, 10.11.12.13, indicates the new IP address being assigned to this interface. To make sure your change worked, issue the ifconfig command again (with the name of the adapter device) to view its current settings:

 # ifconfig eth0 eth0      Link encap:Ethernet HWaddr 00:50:56:40:1E:6A           inet addr: 10.11.12.13 Bcast:10.255.255.255 Mask:255.0.0.0           inet6 addr: fe80::2e0:4cff:fee3:d106/64 Scope:Link           UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1           RX packets:11253 errors:0 dropped:0 overruns:0 frame:0           TX packets:1304 errors:0 dropped:0 overruns:0 carrier:0           collisions:0 txqueuelen:1000           RX bytes:2092656 (1.9 Mb) TX bytes:161329 (157.5 Kb)           Interrupt:10 Base address:0x10a0 

The output of this command shows that you've successfully changed the IP address on the eth0 interface. But this may not be enough, as you should realize that the broadcast address may not work with this IP address. For example, you may have configured a private network with the 10.11.12.0 network address.

With the right switch, the ifconfig command can modify a number of other settings for your network adapter. Some of these switches are shown in Table 7-4.

Table 7-4: ifconfig Switches

Parameter

Description

up

Activates the specified adapter.

down

Deactivates the specified adapter.

netmask address

Assigns the address subnet mask.

broadcast address

Assigns the address as the broadcast address. Rarely required, since the default broadcast address is standard for most current networks.

metric N

Allows you to set a metric value of N for the routing table associated with the network adapter.

mtu N

Sets the maximum transmission unit as N, in bytes.

-arp

Deactivates the Address Resolution Protocol, which collects network adapter hardware addresses.

promisc

Activates promiscuous mode. This allows the network adapter to read all packets to all hosts on the LAN. Can be used to analyze the network for problems or to try to decipher messages between other users.

-promisc

Deactivates promiscuous mode.

irq port

Assigns a specific IRQ port.

io_addr address

Assigns a specific I/O address.

netstat -r

The netstat command is used to display a plethora of network connectivity information. The most commonly used option, netstat -r, is used to display local routing tables. Here's a sample netstat -nr output:

 # netstat -nr Kernel routing table Destination Gateway       Genmask         Flags MSS Window irtt Iface 191.72.1.0  *             255.255.255.0   U     40  0         0 eth0 127.0.0.0   *             255.0.0.0       UH    40  0         0 lo default     191.72.1.1    255.255.255.0   UG    40  0         0 eth0 

Did you notice the use of the -n flag? -n tells netstat to display addresses as IP addresses, instead of as host names. This makes it a little easier to see what's going on. One equivalent option is the route -n command.

In many cases, you'll see 0.0.0.0 instead of default; both point to all other network addresses, such as those on the Internet.

The Destination column lists networks by their IP addresses. The default destination is associated with all other IP addresses. The Gateway column indicates gateway addresses. If the destination is on the LAN, no gateway is required, so an asterisk (or 0.0.0.0) is shown in this column. The Genmask column lists the network mask. Networks look for a route appropriate to the destination IP address. The IP address is compared against the destination networks, in order. When the IP address is found to be part of one of these networks, it's sent in that direction. If there is a gateway address, it's sent to the computer with that gateway. The Flags column describes how this is done. Flag descriptions are listed in Table 7-5.

Table 7-5: The netstat Flag Indicates the Route

Flag

Description

G

The route uses a gateway.

U

The network adapter (Iface) is up.

H

Only a single host can be reached via this route.

D

This entry was created by an ICMP redirect message.

M

This entry was modified by an ICMP redirect message.

arp as a Diagnostic Tool

The Address Resolution Protocol associates the hardware address of a network adapter with an IP address. The arp command (in the /sbin directory) displays a table of hardware and IP addresses on the local computer. With arp, you can detect problems such as duplicate addresses on the network, or you can manually add arp entries as required. Here's a sample arp command, showing all arp entries in the local database:

 # arp Address           HWtype  HWaddress           Flags Mask            Iface 192.168.0.121     ether   52:A5:CB:54:52:A2   C                     eth0 192.168.0.113     ether   00:A0:C5:E2:49:02   C                     eth0 

If the arp table is empty, you haven't made any connections to other computers on your network. The Address column lists known IP addresses, usually on the LAN. The HWtype column shows the hardware type of the adapter, while the HWaddress column shows the hardware address of the adapter.

You can use the -H option to limit the output from arp to a specific hardware type, such as ax25, ether, or pronet. The default is ether, which is short for Ethernet.

The arp command can help you with duplicate IP addresses, which can stop a network completely. To remove the offending machine's arp entry from your arp table, use the -d option:

 # arp -d bugsy 

This removes all arp information for the host bugsy. To add an arp entry, use the -s option:

 # arp -s bugsy 00:00:c0:cf:a1:33 

This entry will add the host bugsy with the given hardware address to the arp table. IP addresses won't work in this case.

DHCP Clients

You can set up your computer as a DHCP client. If the system-config-network configuration utility does not work, check the configuration file associated with your network card in the /etc/sysconfig/network-scripts directory. You should not need static IP configuration information, and you should see BOOTPROTO=dhcp.

In any case, if you have a working DHCP server on your network, you can connect your computer to it with the dhclient command.



RHCE Red Hat Certified Engineer Linux Study Guide (Exam RH302)
Linux Patch Management: Keeping Linux Systems Up To Date
ISBN: 0132366754
EAN: 2147483647
Year: 2004
Pages: 227
Authors: Michael Jang

Similar book on Amazon
Linux Quick Fix Notebook
Linux Quick Fix Notebook
Self-Service Linux: Mastering the Art of Problem Determination
Self-Service Linux: Mastering the Art of Problem Determination
RHCSA/RHCE Red Hat Linux Certification Study Guide (Exams EX200 & EX300), 6th Edition (Certification Press)
RHCSA/RHCE Red Hat Linux Certification Study Guide (Exams EX200 & EX300), 6th Edition (Certification Press)
Security Strategies in Linux Platforms and Applications (Information Systems Security & Assurance)
Security Strategies in Linux Platforms and Applications (Information Systems Security & Assurance)

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net