Certification Objective 4.07: Network Configuration

The network is where the power of Red Hat Enterprise Linux really comes alive; however, getting there may not be trivial. As in all other things Linux, it's a learning experience. Most critical settings are stored in the /etc/sysconfig directory.

In most cases, you'll configure networking when you install RHEL 3 during each exam. However, if you have problems, you may need to diagnose networking problems, especially during the troubleshooting exams.

The configuration file that provides the foundation for others in RHEL 3 networking is /etc/sysconfig/network. It can contain up to five variables, as described in Table 4-14. If you don't see the variable in your /etc/sysconfig/network file, the situation does not apply. For example, if you don't see the GATEWAYDEV variable, you probably have only one network card on your computer.

The /etc/sysconfig/network-scripts Files

We'll start our tour in the /etc/sysconfig directory. This is where Red Hat Enterprise Linux stores and retrieves its networking information. With the various Red Hat configuration tools, you don't need to touch these files, but it's good to know they're there. A few representative files are shown in Table 4-15.

There are several closely related commands which can help you manage networking from the command line interface. I describe a few of these commands in Table 4-16.

Setting Up a Network Interface

In this section, I illustrate how you can configure networking on your computer with text commands as well as with the Red Hat GUI Network Configuration utility. Changes are written to various configuration files, including /etc/sysconfig/network, and file and related directories. There is a text mode version of this tool, in which you can modify your system name, as well as add, remove, and edit network interfaces. While you can start it with the redhat-config-network-tui command, it's officially an experimental interface for RHEL 3 and is not nearly as capable as the GUI tool.

I illustrate how you can use the Network Configuration utility (see Figure 4-7) in the following exercise, and then illustrate how you can monitor and modify your network configuration with various text commands.

Figure 4-7: Network Configuration utility

Exercise 4-5: Modifying Network Interfaces with redhat config-network

1. You can start the Network Configuration utility in one of two ways in the GUI. You can click Main Menu | System Settings | Network. Alternatively from a GUI terminal, run redhat-config-network. This opens the Network Configuration dialog box.

2. Select the Devices tab if required.

3. Select the adapter that you wish to modify, and then select Edit. If it is an Ethernet adapter, you'll see an Ethernet Device dialog box similar to the one shown here.

   

4. Pay attention to the 'Allow all users to enable and disable the device' option. If you activate it, you'll change the USERCTL variable in the ifcfg-* script to yes.

   Note

   Record your current settings for this interface before proceeding.

5. Change the IP value to 192.168.1.11 and the network mask to 255.255.255.0.

   Note

   If your computer is on the 192.168.1.0 private network, use a different private IP address. It should isolate you from all other hosts on the local network. Test this after step 5 by using the ping command to try to connect to other hosts on your network.

6. Click File | Save and wait for the process to complete.

7. At the command prompt, run ifconfig to check your new IP settings.

8. Repeat steps 1-3 and then reset the values to your previous settings. Run ifconfig again to make sure you've restored your original network configuration.

Many values are associated with each network interface. At minimum, each network adapter requires a valid, unique IP address, as well as an appropriate network mask. The Network Configuration utility provides five convenient tabs which you can use to customize each network adapter:

• Devices This tab allows you to add a new network adapter or edit a configured adapter. You can revise the name of the adapter, IP address assignments, static routing, and hardware device information. Different devices are configured in the /etc/sysconfig files described earlier.

• Hardware This tab lets you modify the IRQ port, memory location, I/O address(es), and DMA channel(s) associated with the adapter. Hardware information is documented in different files in the /proc directory.

  On The Job

  Linux sometimes has trouble recognizing second network adapters; you may need to specify hardware addresses such as the IRQ port.

• IPsec This tab supports Virtual Private Network connections.

• DNS This tab lets you add the addresses of DNS servers available to network adapters on the given network, which is reflected in /etc/resolv.conf.

• Hosts This tab allows you to modify the name, alias, and IP address assigned to the specified adapter, which is shown in /etc/hosts.

In addition, if you run Profile | New, you can create different network configurations, which can be useful for flexible configurations. For example, if you have a laptop computer and a docking port, your configuration may change depending on whether the laptop is connected to the docking port.

If you want to use this tool, some trial and error is appropriate. Make some changes, and check the effect on the files I've described.

ifup/ifdown

For each installed network adapter, there is a corresponding ifcfg-* file in /etc/sysconfig/network-scripts. You can activate or deactivate that adapter with the ifup and ifdown commands. Either one of the following commands will activate the eth0 network adapter:

ifup ifcfg-eth0 ifup eth0 

ifconfig

The ifconfig command is used to configure and display network devices. Here is some sample output from this command:

# ifconfig eth0 eth0      Link encap:Ethernet  HWaddr 00:50:56:40:1E:6A           inet addr:192.168.30.2  Bcast:192.168.30.255  Mask:255.255.255.0           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1           RX packets:11253 errors:0 dropped:0 overruns:0 frame:0           TX packets:1304 errors:0 dropped:0 overruns:0 carrier:0           collisions:0 txqueuelen:100           RX bytes:2092656 (1.9 Mb)  TX bytes:161329 (157.5 Kb)           Interrupt:10 Base address:0x10a0

The preceding command requests configuration data for the first Ethernet device on the system, eth0. If you just specify eth0 (or another device), ifconfig displays information about only the specified interface. If you don't specify a device, ifconfig shows all network adapters, including the loopback adapter.

The ifconfig command can also be used to configure network interfaces. For example, you can assign a new IP address for eth0 with the following command:

# ifconfig eth0 207.174.142.142

The first parameter, eth0, tells us which interface is being configured. The next argument, 207.174.142.142, indicates the new IP address being assigned to this interface. If we want to make sure our change worked, we issue the ifconfig command again to view its current settings.

# ifconfig eth0 eth0      Link encap:Ethernet  HWaddr 00:50:56:40:1E:6A           inet addr: 207.174.142.142  Bcast:207.174.142.255  Mask:255.255.255.0           UP BROADCAST NOTRAILERS RUNNING MULTICAST  MTU:1500  Metric:1           RX packets:11253 errors:0 dropped:0 overruns:0 frame:0           TX packets:1304 errors:0 dropped:0 overruns:0 carrier:0           collisions:0 txqueuelen:100           RX bytes:2092656 (1.9 Mb)  TX bytes:161329 (157.5 Kb)           Interrupt:10 Base address:0x10a0

Looking at the output of our command, we successfully changed the IP address on the eth0 interface to 207.174.142.142. But this is not enough, as you should realize that the broadcast address doesn't work with this IP address.

With the right switch, the ifconfig command can modify a number of other settings for your network adapter. Some of these switches are shown in Table 4-17.

netstat -r

The netstat command is used to display a plethora of network connectivity information. The most commonly used option, netstat -r, is used to display local routing tables. Here's a sample netstat -r output:

# netstat -nr Kernel routing table Destination     Gateway         Genmask         Flags MSS Window  irtt Iface 191.72.1.0      *               255.255.255.0   U     40  0          0 eth0 127.0.0.0       *               255.0.0.0       UH    40  0          0 lo 0.0.0.0         191.72.1.1      255.255.255.0   UG    40  0          0 eth0

Did you notice we used a -n flag? -n tells netstat to display addresses as IP addresses, instead of as hostnames. This makes it a little easier to see what's going on.

The Destination column lists networks by their IP addresses. The Gateway column indicates gateway addresses. If the destination is on the LAN, no gateway is required, so an asterisk is shown in this column. The Genmask column lists the network mask. Networks look for a route appropriate to the destination IP address. The IP address is compared against the destination networks, in order. When the IP address is found to be part of one of these networks, it's sent in that direction. If there is a gateway address, it's sent to the computer with that gateway. The Flags column describes how this is done. Flag values are listed in Table 4-18.

arp as a Diagnostic Tool

The Address Resolution Protocol associates the hardware address of a network adapter with an IP address. The arp command displays a table of hardware and IP addresses on the local computer. With arp, you can detect problems such as duplicate addresses on the network, or you can manually add arp entries as required. Here's a sample arp command, showing all arp entries in the local database:

# arp Address           HWtype  HWaddress           Flags Mask            Iface 192.168.0.121     ether   52:A5:CB:54:52:A2   C                     eth0 192.168.0.113     ether   00:A0:C5:E2:49:02   C                     eth0

If the arp table is empty, you haven't made any connections to other computers on your network. The address column lists known IP addresses, usually on the LAN. The HW Type column shows the hardware type of the adapter, while the HW Address column shows the hardware address of the adapter.

You can use the -H option to limit the output from arp to a specific hardware type, such as ax25, ether, or pronet. The default is ether, which is short for Ethernet.

The arp command can help you with duplicate IP addresses, which can stop a network completely. To remove the offending machine's arp entry from your arp table, use the -d option:

# arp -d bugsy 

This removes all arp information for the host 'bugsy.' To add an arp entry, use the -s option:

# arp -s bugsy 00:00:c0:cf:a1:33

This entry will add the host bugsy with the given hardware address to the arp table. IP addresses won't work in this case.

DHCP Clients

You can set up your computer as a DHCP client. If the redhat-config-network configuration utility does not work, check the configuration file associated with your network card in the /etc/sysconfig/network-scripts directory. You should not need static IP configuration information, and you should see BOOTPROTO=dhcp.

In any case, if you have a working DHCP server on your network, you can connect your computer to it with the dhclient command.