Data Networking/Fall 2013/Group14

The Guys
Rishabh

Subhash

Sanjay

Tejas

Motivation
This project has given us a hands on experience to understands the concepts of Linux which in today's world is the most widely used operating system. Linux is secure, the processing speed is faster as compared to other systems and smart enough to cater the needs of an organization. This project has helped us to implement Linux on a practical level by virtue of the basic protocols and commands that we went through during lab sessions and from other sources.

Understanding the Concepts
DHCP:

DHCP stands for Dynamic Host Configuration Protocol.

For normal computer users, it is ignored how a computer gets an IP address automatically without the need of a system administrator. This is the basic functionality of a DHCP server i.e. assigning the IP addresses to the hosts. It also gathers the information regarding IP address, the DNS servers it will use, the DNS servers to use, amongst other critical details that a computer needs for it to access the Internet. To put this in normal language, it is a protocol that delivers the hosts their IP addresses, DNS servers, Gateway IP addresses and their subnet masks.

There are different ways DHCP server can provide essesntial configuration details to its clients. These are as follows:

1.) Automatically allocating a client a permanent IP address.

2.)Dynamically allocating an IP address for a finite amount of time or until the host releases its IP address.

Typically in a practical environment, 2nd option is used.

DNS:

DNS stands for Domain Name System.

DNS in one of the most important components in the internet hierarchy. Without DNS we will be having the difficulty in finding the resources in the internet and in the same way anybody will be unable to find us. This is because the DNS is like the phone book in the internet. It translates the domain names like www.facebook.com to its corresponding IP address and translating the IP addresses to their corresponding domain names. Any end system which wants to connect to other end system needs to know its IP address or domain name, this can be obtained from the DNS server.

DNS saves us from remembering the IP addresses of all our sites and also allows sites to link other sites by names. Finding hosts by name allows IP addresses to change over time, allowing sites to grow, change location, or reconfigure. DNS performs functions more than the ones given above, understanding its basic structure, functioning and operations is very important for for all modern-day IT professionals.

WebServer:

WebServer is like a computer that stores websites in the internet and delivered pages to the hosts up on request.This service is referred to as web hosting. Every web server has a unique address, called an Internet Protocol address, that tells other computers connected to the Internet where to find the server on the vast network.

When host clicks on a link to a website, the host's browser sends out a request to the link,s IP address. This request includes return information and functions like a postal letter sent across town, but in this case the information is transferred across a network. The communication passes through several computers on the way to link, each routing it closer to its ultimate destination.When the request reaches its destination, the web server that hosts the website sends the page in HTML code to the requesting computer's IP address. This return communication travels back through the network. The computer receives the code and the user's browser interprets the code and displays the page for the user in graphic form. In this way a web server functions

Firewall:

Firewalls provide protection against outside attackers by shielding the computer or network from malicious or unnecessary Internet traffic.Firewalls can be configured to block data from certain locations while allowing the relevant and necessary data through. They are very important for the users who always rely on DSL or Cable modems as these are very vulnerable to attacks.

Typically firewalls can be implemented in 2 different ways. They are as followsː

1.) Hardware- these are called as network firewalls which are external devices positioned between computer or network and your cable or DSL modem. Hardware-based firewalls are particularly useful for protecting multiple computers but also offer a high degree of protection for a single computer. Hardware based firewalls have the advantage because they are seperate devices running their own operating systems providing an additional line of defense against attacks.

2.) Software- this kind is all implemented in a operating system and it has no hardware components in it. Some operating systems have inbuilt firewall implemented in them.Because of the risks associated with downloading software from the Internet onto an unprotected computer, it is best to install such kind of firewall. Although relying on a software firewall alone does provide some protection, having the firewall on the same computer as the information that is being protected may hinder the firewall's ability to catch malicious traffic before it enters the end system.

Backupː

Backup-as the name suggests is nothing but piggybacking the data or any other information which is useful. The backup used in this project is done on the web server. The data and all the configurations present on the web server, since they are very essential, they are backed up to another server. The data that a server is containing is synced with another system at a predefined interval of time and at a predefined date. The backup used in the server in this project is backed up everyday.

The Requirements
1. Operating System: Ubuntu 12.04/13.04

2. DNS server: bind9

3. DHCP Server: DHCP version 3.0

4. WebSerevr server: Apache Version 2.0

Steps To Perform The Project
Web Server:

1.)Web server (Apache2.0) is installed in the machine using command line parameters.

2.)Web Server is tested using a browser.

3.)The web page is edited using the HTML commands in the filesystem drive that is located in Ubuntu.

4.)Static IP address is assigned to the server by changing the configuration of the Eth0 interface of the machine.

5.)IP tables are used to setup a firewall for the web server and its functionality is checked by connecting two machines using LAN cable.

6.)Next, a scheduled back up is programmed in the server so that a backup file is transferred to a host at a predefined time everyday. This is done by using the 'rsync' commands and 'cron' file.

DHCP:

1.)DHCP server is installed in Ubuntu using command line parameters.

2.)The installed server is then configured for internal subnets and range for for IP addresses are assigned.

3.)The installed configuration is tested on a client by connecting them using a LAN cable and verifying the IP address received by the client from the DHCP server.

4.)Next, for IP V6 configuration, installation of DHCPV6 compliant DHCP server is done

5.)Then the IPV6 addresses and search path are configured in the server using the command line.

6.)And then the server is tested on a client for assigning IPV6 addresses.

DNS:

1.) Bind9 server is installed using the command line parameters.

2.)The reverse and forward zones are created for the installed server in the bind9 directory.

3.)The configuration for the IPV4 and IPV6 is are done in the forward and reverse zone files.

4.)The hostname is successfully resolved in its corrosponding IP address and vice-versa.

Integrating Different EndSyetems
All the end systems that are configured as shown above needs to be connected together to test the functionality of the project. Another end system apart from those mentioned above is used to act as client. Client has no configuration to be done. This is just used for testing the network.

Now, all these devices needs to be connected to each other using a switch. For this purpose, all the devices are assigned IP at the time of configuration such that they are in the same sub net. These devices are connected to the switch using LAN cables connected to different ports of the switch. The client in the network is used to access the predefined web page address or domain name through the network. If everything goes on as expected, the client should receive an IP address dynamically and should have access to the web server i.e. the web page.

Testing
Testing the project is done after connecting the end systems in the network using a switch. The end system that is running as client is used to test the network functionality. When connected to the switch, the client should receive an IP address which is assigned by the DHCP server. In this way the working of DHCP server is tested.

After that, the client is used to ping test the DNS server by typing in the domain name of the web site and the client should receive the web page from the server. If the page is displayed, this means that the web server is properly configured. The working of DNS can be tested by using the command 'nslookup' and searching the domain name of one of the entry in the DNS server. If the nslookup returned the IP address of the domain name entered, the DNS is configured correctly.

Now, the firewall in the web server needs to be enabled and one of the protocol needs to be blocked. Now the client is used to access the web server using the protocol. Then if the client receives an error message saying the port is unreachable then the firewall is up and running. In the same way, the IP filtering is configured in the web server and the IP address that needs to be filtered is given as the client's IP. Then the same process is repeated and the client should receive the same error message.

If all the above steps are properly followed and the results are same as mentioned, then the configuration of the network is correct.

Problems Faced During the Project
There are many problems that are faced during the projectː

1.)wlan0 and eth0 ports were switched off by the system itself. Which needed manual network restart. This is done using the command:      Sudo service network-manager restart       Ifconfig eth0 up      Ifconfig wlan0 up 2.)Static IP for eth0 was not set and needed to be manually set. This is done using the command: Eth0 ipaddress subnetmask up 3.)The reverse query for the DNS server was not working. Needed to reconfigure the IP6.arpa reverse zone file. 4.)The static IP address for IPV4 and IPV6 could not be simultaneously set.

Future Prospects
1.)We could implement a secondary DNS server in the network so that if the first DNS server fails, then all the queries directed towards the first DNS server will be forwarded towards backup server and will be successfully resolved. 2.)We would implement NIS which is a central directory of user and group information which acts as a global user client list. 3.)Routers can be added to the present configuration to see the communication between two different hosts on two different subnets, which is a real life scenarios.