Data Networking/Fall 2013/Group3

The Folks
People in the project

Kai Xiang

Xinmeng Lu

Yihang Liang

Yahao Wu

Motivation
To create a DNS server, DHCP server and Web server,which have firewall and backup function.By doing this, we can better understand each protocol and properly utilize Ubuntu.

Understanding the Protocol
DNS

In our project, we used bind9 as DNS server. And we mainly used the mapping function of DNS to map domain name to its Ipv4 address or its Ipv6 address. Then we also created the reverse zone to map Ipv4 or Ipv6 address to their domain name. For example, in our project, we create the domain name www.wxl.lan, its Ipv4 address 192.168.54.80 and Ipv6 address fec0:1111:2222:3333:aaaa:bbbb:cccc:1111. Then when we connect to the network, and suppose web server's ip is 192.168.54.80. In this situation, we can also type www.wxl.lan to get to the web instead of its ip address. We better understanded the function of DNS protocol by practice DNS into our project. DNS also use UDP protocol to transform information.

DHCP

We use isc-dhcp-server as our DHCP server. The main task for DHCP server is to assign ip address for each client in the network. When we configure the dhcp, we must assign a static ip for our DNS server, otherwise our DNS function wouldn't be accomplished. And we also have to mention the ip range we use, gateway router, broadcast address,etc. After configuring the DHCP server, our DHCP can assign dynamic ip address for the client in the network, except for DNS server, which should be the same ip address each time the DNS server connect to the network. In this way, we totally understand the function of DHCP, Ipv4 and Ipv6 protocol.

Web

Our browser used HTTP protocol to fetch the content in the web server.

Backup

We used SSH protocol to achieve our backup. Because we need to transform file to a remote machine in an automatic way, so before using ssh we also changed keys of two machine. Under this circumstance, our machine can ssh each other without entry password every time.

The Requirements
The project task is to build a DNS implementation for a start-up company in the city of Boston. And build a DHCP implementation in your company. And set Web Server and firewall. Add-ons will gain more points on this Project. Try to improve and implement new ideas like: configuring VPN, NIS, NFS apart from what is mentioned above.

For DNS Server: Assigned a set of IP addresses that have to be used for this project Aassigned one of the following DNS server from BIND, Posadis and PowerDNS Create any 5 DNS records Use IPv4 and IPv6 addresses in your implementation of records Create reverse domains in in-addr.arpa and ipv6.arpa for the addresses you have been allocated

For DHCP Server: Assigned a set of IP addresses that have to be used for this project Use IPv4 and IPv6 addresses in your implementation of DHCP Dynamic allocation of network addresses The Client-Server Protocol PXE Boot and RARP

For Web Server & Firewall: Use only command line tools and packages Provide all the commands that you have used and also give a brief description in one line Provide the changes you have made to the files/folders for configuring the webserver as well as the Firewall. Also create a basic page to be server Make this page accessible to the clients in your network using a web browser

For Backup: Automate the process of backing up the data The backup file should be zipped and sent to a different server Describe briefly about how you backup automatically and also how file transfer is made Also provide the commands and configurations for sending the zipped file to a different location

Steps to perform the setup / installation
11/15/13

Install BIND9 DNS Server : Start to set DNS Server in BIND9, installation of bind9 using 'apt-get install bind9' Web Server : Start to set Web Server, installation of apache2 using 'apt-get install apache2'

11/19/13

DNS Server : Assign IPv4 address in DNS Server by editing '/etc/bind/named.conf.local' DHCP Server : Start to set DHCP server. Install isc-dhcp-server using 'apt-get install isc-dhcp-server', in which configuration of lease, assigning IP address are included inside the file.

11/20/13

DNS Server : Creat reverse domains in in-addr.arpa Get a domian name Backup : Set ssh Try to use backup tool to complete backup assignment, use 'backuppc' and 'simply backup suit'

11/21/13

DHCP Server : Set address pool Assign IPv4 addresses to others in the subnet by editing '/etc/dhcp/dhcpd.conf', An address pool of '192.168.54.71 to 192.168.54.85' has been created to assign IP   addresses. Lease time is set. 600s for default and 7200s for max-lease-time.

11/22/13

DHCP Server : Assign IPv6 addresses using radvd (editing '/etc/radvd.conf'), after setting IPv6 address of 64 bit prefix could be assigned to others. DNS Server : IPv4 and IPv6 addressing for the organization

11/25/13

Web Server : Set Firewall using ufw Back up : Use RSYNC tool to back up    Check the backup file whether zipped

11/26/13

DHCP Server : Set reservation IP address for a particular client or server, in fact a MAC address bounding approach

11/28/13

DHCP Server : Try to use isc-dhcp-server6 to set more specific IPv6 address

11/29/13

DHCP Server : Try to use wide-dhcpv6-server combined with radvd to set IPv6 address

11/30/13

Add-ons ： Start to work on VPN Add-ons : Start to work on NFS

12/01/13

Add-ons : VPN set done Add-ons : NFS set done Add-ons : Try to set NIS Report start

12/02/13

Report working

12/03/13

Report done

Testing
1.Test the network To see if they can ping successfully.

2.Test DNS Server

Use Command nslookup

Type in domain name to see if it could get the IP address it mapped

Type in IP address to see if it could get the domain name it mapped

3.Test DHCP Server

Connect to network to see if it get IP addresses from DHCP Server’s range pool.

Connect PCs which has reserved IP address in DHCP pool to see if it can get the same IP address every time it get connected.

4.Test Web Server

Open the web browser, type in localhost to see if it can access the website.

5.Test MySQL

Type the command MySQL –uroot –ppassword to login the MySQL Database. Type the command show databases; to see if it can get the table of database.

6.Test Backup

To run the backup.sh and find the backup file from one PC in other PC

7.Test VPN, NFS and etc.

Connect to the VPN Server to see if can get access.

Type the command mount to get the NFS Server exported file; edit the file to see if the server can get the latest edition file.

8.Test Firewall

Before enbale ufw, see if others could access the web server(192.168.54.80), if nothing goes wrong, others should be able to access

the webpage.

Enbale ufw by typing 'enable ufw' on the web server. See if others could access to the webpage. If nothing goes wrong, access should be unsuccessful.

Typing 'ufw allow from 192.168.54.71 to any port 80' See if others except 192.168.54.71 could access the webpage again. If nothing goes wrong, only

192.168.54.71 could access the webpage.

All above is just the basic way of testing, the details and the screen shot are in the report.

Future Prospects
Expansion

Growth

Improvements

We can work on performance portability, so that we can easy implement servers for different PCs in different network. And when comes to a large amount hosts, our server can work as well. In firewall, we can use the iptables to manage the firewall rules instead of ufw. The iptables can define the firewall rules more flexible while it is more complex than ufw. Iptables can set the firewall with status, however others cannot. For GUI, we can use other tools instead of typing command lines for convenient, such as grsync or backuppc. These tools can provide GUI, and complete the backup and set parameters by clicking buttons. We can provide another way to complete the functions which is easier and friendlier to users.