Setting Up the DNS Name Resolution

Now you should be able to communicate with the other hosts on the network. However, you wont be able to talk to them unless you know their IP addresses, because you havent set up what DNS servers you should reference to map hostnames to IP addresses. The program that resolves hostnames to IP addresses reads a file called resolv.conf, so you need to put your DNS server IP addresses there. Gen-erally, you need one name server, but you can include up to three, if youd like. Specifying more than one name server is important. If the first one on the list is not responding, your computer tries to resolve against the next one on the list, and so on, until it finds one that is responding. Edit /etc/resolv.confto contain a list of name servers, like this: nameserver 1.2.3.4 nameserver 1.2.3.5 nameserver 1.2.3.6

Making a Local File of Hostname to IP Address Mappings

Linux gives you the ability to store a list of hostnames and their corresponding IP addresses in l While you shouldnt do this with every hostname you ever use, one of the advantages gained b lSo instead of typing ssh foo.xena.eduevery time you want to SSH to that machine, you can just
l

Another useful example occurs if youre monitoring several servers net-work services from a m lfor example, and your DNS server stops responding, then the monitoring software may report th lIn this case it looks as if your whole network fell over, when the real problem is that your DNS s lTo keep this kind of scenario from happening, you should put the host-names and IP addresses
l

The only caveat to keep in mind when putting hosts in /etc/hostsis that if the hostnames IP add lyou should do an nslookupon the host and update your /etc/hostsfile accordingly. lYour /etc/hostsfile should contain IP address to hostname mappings that follow this format lIP_address canonical_hostname aliases lso that the lines look like this: l192.168.1.66 foo.xena.edu foo l192.168.1.76 buffy.xena.edu buffy l152.2.210.81 sunsite.unc.edu sunsite
l

Setting Up Name Service Resolution Order

Now that youve set up your DNS servers and hosts file, you need to tell your Linux server whic lThe place to set up this configuration is in the /etc/nsswitch.conffile. Edit the following line: lhosts: files nisplus dns lThe order of the words files, nisplus, and dnsdetermines which method is checked first. Filesre lthe /etc/nsswitch.conffile contains some other useful settings; for example the following two line lNIS plus service: lpasswd: files nisplus lshadow: files nisplus
l

Starting Up Network Services from xinetd

xinetd is the replacement for inetd. xinetd is started on bootup and lis-tens on ports designated

connections. When a new connection is made, xinetd starts up the corre-sponding network serv lThe way to do this is to edit that services config-uration file. xinetds main configuration file is /e lAt the end of the xinetd.conffile is a line that indicates that all the files in the /etc/ xinetd.dare als
l

So, to disable Telnet, you would look in /etc/xinetd.dfor a file called telnet. The telnetfile is show lEdit the line in the config file that says disable = no, and change that to disable = yes, as it appe etc/xinetd.d/telnet # default: on # description: The telnet server serves telnet sessions; it uses \ # unencrypted username/password pairs for authentication. service telnet { flags = REUSE socket_type = stream wait = no user = root server = /usr/sbin/in.telnetd log_on_failure += USERID disable = yes }
l

An automated tool, called chkconfig, manages what services are started from xinetd and the rcs

Starting Up Network Services from the rc Scripts

Network services that are not started out of xinetd are started out of the rc scripts at boot time. lIf you look in that directory, you should see a file with the name of the service you lwant to stop or start. The script to start the service starts with an S, and the kill script starts with lSo for example, SSH is started from /etc/rc3.d /S55sshd, and killed upon shutdown from /etc/rc
l

Other Important Network Configuration Files in the /etc/sysconfig Directory

l

You can use the files listed in this section to create routes to other hosts, either on your own ne lstatic-routes lIf you want to set up some static routes on your machine, you can do so in the static-routes file. lnetwork-interface net network netmask netmask gw gateway

Iptables

iptables is the current Fedora Core and Enterprise Linux firewall. It supercedes the ipchains fire l This is the file where the iptables rules are stored. lWhen you install Fedora or Enterprise Linux, the installation asks if you would like to enable a h
l

The following is a simplified configuration file. The gist of this configura-tion is that all incoming lThe first line accepts all traffic from the loop-back interface. The second line accepts all incomin l-A INPUT -i lo -j ACCEPT l-A INPUT -p tcp --dport 22 -p tcp -j ACCEPT l-A INPUT -p tcp -s ! 192.168.1.0/24 --dport 1:1024 -j DROP l-A INPUT -p udp -s ! 192.168.1.0/24 --dport 1:1024 -j DROP
l

Network Configuration Files in /etc/sysconfig/network-scripts

You can use the files in this directory to set the parameters for the hardware and software used lThe scripts contained here are used to enable network interfaces and set other network-related lifcfg-networkinterfacename lA few files fall into this specification. Red Hat specifies a separate configuration file for each net lIn a typical Red Hat install, you might have many different network interface config files that all lYou could have ifcfg-eth0for your first Ethernet interface, ifcfg-irlan0for your infrared network po
l

ifup and ifdown

These files are symlinks to /sbin/ifupand /sbin/ifdown. In future releases, these symlinks might b lIn turn, ifupand ifdown call any other necessary scripts from within the network-scripts direc-tory lThese should be the only scripts you call from this directory. You call these scripts with the nam lIf these scripts are called at boot time, then bootis used as the second argument. For instance, lifup eth0 lifdown eth0
l

Managing the init Scripts

This section discusses the following topics: l Managing rc scripts by hand l Managing rc scripts using chkconfig lInit scripts determine which programs start up at boot time. Red Hat and other Unix distributions
l

Usually Red Hat Linux starts up in multiuser mode with networking turned on. These are some l 0 Halt l 1 Single-user mode l 2 Multiuser mode, without networking l 3 Full multiuser mode l 4 Not used l 5 Full multiuser mode (with an X-based login screen) l 6 Reboot lThe system boots into the default runlevel set in /etc/inittab
l

Managing rc Scripts by Hand

If you want to configure which services are started at boot time, you need to edit the rc scripts f lSo, to change the services that are started in the default runlevel, you should edit the scripts fou lWhen you look at a directory listing of the rc directories, notice that the files either start with Sor lThe Sscripts are run in the numerical order listed in their filenames. It should be mentioned that
l

Note that case is important. Scripts that do not start with a capital Sdo not run upon startup. On lThis way you can always put the script back into the startup configuration by capitalizing the ini lWhen the system starts up, it runs through the scripts in the rc directory of the runlevel its start lLooking at the directory listing included in Figure 8-2, you can see that the first few services sta lThat is so because their scripts are named S05kudzu, S06cpuspeed, S08iptables, and S10net
l

Kudzu is called first because it detects new hardware. cpuspeed runs to put into effect lAs you can see, the order in which these services are started makes a lot of sense, an lThe Sscripts are started in this order until they have all been started. When the system lIf you cant find the corresponding Kscript in the startup directory, it is prob-ably locate
l

If you ever need to restart a service thats started from an rc directory, an easy way to lThis procedure enables all the proper steps to be followed (configuration files read, lo l[root@terry rc3.d]# ./S12syslog restart lShutting down kernel logger: [ OK ] lShutting down system logger: [ OK ] lStarting system logger: [ OK ] lStarting kernel logger: [ OK ]
l

Managing rc Scripts Using chkconfig

Fedora Core and Red Hat Enterprise Linux come with a useful tool called chkconfig. lIt is inspired by the chkconfig command included in the IRIX operating system. lType chkconfig --listto see all the services chkconfig knows about, and whether they a lAn abridged exam-ple output is shown in the following listing. The chkconfig output ca lThe first column is the name of the installed service. The next seven columns each re
l

Since xinetd is started on the system whose chkconfig output is excerpted,at the end lThe listing is abridged, since a lot of servicescan be started from xinetd, and theres n lListing 8-11 shows how chkconfig can be an effective tool for handling allyour network
l

To turn a service off or on using chkconfig, use this syntax: lchkconfig -level[0-6](you must choose the runlevel) servicename off|on|reset lSo, to turn off the gpm daemon turned on previously, type: lchkconfig --level 2 gpm off lTo turn on xinetd, type: lchkconfig xinetd on lRun chkconfig --listagain to see if the service you changed has been set to the state you desire
l

Managing the X Window System

X Window system that is used to provide a graphical user interface (GUI) to the opera lConfiguring the X Server with the X Configuration Tool lYou have basically two ways to configure the X server on your Fedora Core or Enterp lThe X Configura-tion tool is a graphical front end to the X configuration file, xorg.conf,
l

Changing the Display Resolution lThe X Configuration tool makes it easy for you to change your display resolu-tion. To change yo l1. On Enterprise Linux 4 choose ApplicationsSystem SettingsDis-play to open the Display lFedora Core 4 choose DesktopSystem SettingsDisplay to open the Display Settings dialog lNOTE:If you are not logged in as root, you will be prompted to enter the root password. l2. Select your desired resolution from the drop-down Resolution list. l3. Click OK to accept your choice, and close the dialog box.
l

NOTE: Any time you make changes to the X server configuration, you must restart the X server

Changing the Display Color Depth

The system display color depth setting determines the number of colors that are shown on the d l1. On Enterprise Linux 4 choose ApplicationsSystem SettingsDis-play to open the Display lDesktopSystem SettingsDisplay to open the Display Settings dia-log box. (Refer to Figure l2. Select your desired color depth from the Color Depth drop-down list. l3. Click OK to accept your choice and close the dialog box.
l

Changing Monitor Type Settings

The Fedora Core or Enterprise installer can usually detect the type of monitor that is connected l1. On Enterprise Linux 4 choose ApplicationsSystem SettingsDis-play to open the Display lDesktopSystem SettingsDisplay to open the Display Settings dia-log box. (Refer to Figure l2. Click the Hardware tab. (See Figure 9-2.) l3. Click the top Configure button (to the right of the monitor type listing) to open the Monitor dia l4. Find the manufacturer of your monitor in the list, and then click the arrow to the left of the ma l5. Click the model number that matches your monitor. l6. Click OK twice to accept your choice, and exit the Display Settings dia-log box.
l

TCP/IP Networking

TCP/IP Explained l Understanding Network Classes l Setting Up a Network Interface Card (NIC) l Understanding Subnetting l Working with Gateways and Routers l Configuring Dynamic Host Configuration Protocol l Configuring the Network Using the Network Configuration Tool l Editing Your Network Configuration
l

TCP/IP Explained

TCP/IP is an acronym for Transmission Control Protocol/Internet Protocol, and refers lIn addition to Transmission Control Protocol and Internet Protocol, this fam-ily also inc l These protocols provide the necessary ser-vices for basic network functionality, and y
l

To be able to send and receive information on the network, each device con-nected to l The address of the network to which the device is connected l The address of the device itself its node or host address lDevices that are physically connected to each other (not separated by routers) lwould have the same network number but different node, or host, numbers. lThis would be typical of an internal network at a company or university. These types o
l

The two unique addresses Ive been talking about are typically called the network laye lThe MAC address is built into the card by the manufacturer and refers to only the lowe lNow that you know a little about addressing, you need to learn how the address, and lThis transfer is accomplished by breaking the information into small pieces of data cal
l

Lets look at the first, sharing resources. If two computers are communicat-ing with ea l When long streams of data are broken into small packets, each packet is sent individ lSince each packet is uniquely addressed and has instructions on how to reassemble i lThe second reason for breaking the data into packets is error correction. Because the lOne way to deal with the corruption is to send a checksum along with the data. A chec
l

The receiving device compares its total to the total transmitted. If these numbers are t lThe receiving device then asks the sender to resend the data. By breaking the data in lIn the description of packets, I mentioned unique addressing and reassem-bly instruct lThe protocol is a set of rules that specifies the format of the package and how it is use
l