Data Networking/Fall 2015/ACEP

Team
1.Ankit Chourasia 2.Prashanth Reddy Edunuri 3.Elveera Linda Menezes 4.Venkata Pratapa

MOTIVATION:
Linux is the most significant part or driving power behind IT industry. It is running almost everywhere, on PCs, Servers, Routers, and Smartphones, etc. Linux is an Open Source and which creates a feel like independence to work and enhance our skills and obviously it develops interest in us. It helps us to become passionate for passive learning and passively acquire self-sufficiency. The world is looking for Linux professionals. There are demand, high salaries and many opportunities for Linux professionals. We are doing this project, to get acquainted with the most versatile and collaborative OS, which has features like superior design & performance, extremely scalable, Multi-Platform, True Multi-user, True Multi-tasking, Multi-threading and security.

DHCP (DYNAMIC HOST CONFIGURATION PROTOCOL):
The protocol is used to allocate IP addresses to various hosts connected in a network. It automatically assigns IP addresses to all the hosts in the network of a specified range within the network, a proper subnet mask, gateway, and DNS server of the network.

For IPv4: Step 1: Install DHCP server Command: sudo apt-get install isc-dhcp-server

Step 2: Now set the static IP address of the DHCP server Command: sudo nano /etc/network/interfaces

Step 3: Change lo to either eth0 or wlan0 and loopback to static or else keep both of them Command:

Edit the interfaces to make the changes as following. auto lo         iface lo inet loopback auto eth0 iface lo inet static address 192.168.10.3 netmask 255.255.255.0 gateway 192.168.10.1 network 192.168.10.0 broadcast 192.168.10.255 dns-domain-nameserver 192.168.10.2 dns-domain-search linuxproject.com

Step 4: Restart the network Command:

sudo nano /etc/init.d/networking restart

Step 5: Configure the DHCP server Command: sudo nano /etc/dhcp/dhcp.conf

Step 6: Edit the dhcp.conf file and make the following changes Command:

ddns-update-style none; option domain-name-servers 192.168.10.254; option domain-name “linuxproject.com”; default-lease-time 600; max-lease-time 7200; authoritative; subnet 192.168.10.0 netmask 255.255.255.0 {         range 192.169.10.100 192.168.10.120; option routers 192.168.10.1; option broadcast-address 192.168.10.255; }

Step 7: Open the resolv.conf file Command:

sudo nano /etc/resolv.conf

Step 8: Edit the resolv.conf Command:

nameserver 192.168.10.254

Step 9: Restart the DHCP server Command:

sudo service isc-dhcp-server restart

For IPv6: Step 1: Install radvd to build IPv6 DHCP server Command:

sudo apt-get install radvd

Step 2: Open radvd.conf file Command:

sudo nano /etc/radvd.conf

Step 3: Edit the radvd.conf file and make following changes Command:

Interfaces eth0 {         AdvSentAdvert on; AdvManagedFlag on; AdvOtherConfigFlag on; Prefix 2001:db8:0:1::/64 {         AdvAutonomous off; };         };

Step 4: Open dhcpd.conf file Command: sudo nano /etc/dhcp/dhcpd.conf

Step 5: Edit dhcpd.conf file and make following changes Command: default-lease-time 600; max-lease-time 7200; log-facility local7; subnet6 2001:db8:0:1::/64 {         range6 2001:db8:0:1::129 2001:db8:0:1::254; }

DNS (DOMAIN NAME SYSTEM):
Domain Name System is used to translate IP address to hostname and also hostname to IP address. Rather than implementing centralized architecture for DNS, which creates a possibility of single point of failure, DNS is implemented in hierarchy. At the top of hierarchy are the root DNS servers, then comes the Top Level Domain (TLDs) and then authoritative DNS servers.

Step 1: Install bind9 Command:

sudo apt-get install bind9

Step 2: Open the interfaces. Command:

sudo nano /etc/networks/interfaces

Step 3: Edit the interfaces and configure static IP address for the DNS server Command:

auto lo          iface lo inet loopback auto eth0 iface eth0 inet static address 192.168.10.2 netmask 255.255.255.0 network 192.168.10.0 broadcast 192.168.10.255 gateway 192.168.10.1

Step 4: Reboot the virtual machine Command: sudo init 6

Step 5: Open the named.conf.options Command:

sudo nano /etc/bind/named.conf.options

Step 6: Remove the comments from the forwarders Command: Remove *//* sign to uncomment and add forwarders. For examples use Google’s public DNS IPs. 8.8.8.8 and 8.8.4.4

Step 7: Configure the named.conf.options Command:

forwarders {          192.168.10.1;           };

Step 8: Open the named.conf.local Command:

sudo nano /etc/bind/named.conf.local

Step 9: Configure zones in the named.conf.local file Command:

// For Forward zone zone “linuxproject.com” {          type master allow-transfer {192.168.10.11;}; file “/etc/bind/zone/db.linuxproject.com”; };

zone “linuxproject.com” {          type slave; masters {192.168.10.2;}; file “/etc/bind/zone/db.linuxproject.com”; };

//For Reverse zone zone “10.168.192.in-addr.arpa” {          type master; allow-transfer {192.168.10.11;}; file “/etc/bind/zone/db.rev”; };          zone “10.168.192.in-addr.arpa” {          type slave; masters{192.168.10.2;}; file “/etc/bind/zone/db.rev”; };          #For IPv6 zone "0.0.0.0.0.0.0.0.0.0.0.0.0.8.e.f.ipv6.arpa" { type master; notify no; file "/etc/bind/db.ipv6"; };

Step 10: Open the forward lookup table in the zone Command:

sudo nano /etc/bind/db.linuxproject.com

Step 11: Configure the forward lookup table Command:

$TTL               604800 @        IN          SOA                 linuxproject.com. root.linuxproject.com. (      	   .                                          12               ; Serial           .                                      604800               ; Refresh           .                                       86400               ; Retry           .                                     2419200               ; Expire           .                                      604800 )             ; Negative Cache TTL @                   IN             NS           linuxproject.com. linuxproject.com. IN            A            192.168.10.100 IN           AAAA          fe80::be77:37ff:fe7d:dc2e galaxy                  IN             A            192.168.10.101 IN           AAAA          fe80::be77:37ff:fe7d:dc2c mail                   IN             A            192.168.10.102 IN           AAAA          fe80::be77:37ff:fe7d:dc2b group                   IN             A            192.168.10.103 IN           AAAA          fe80::be77:37ff:fe7d:dc2a www                    IN            CNAME         linuxproject.com.

Step 12: Open the reverse lookup table in the zone Command: sudo nano /etc/bind/db.rev

Step 13: Configure the reverse lookup table Command:

$TTL                604800 @        IN         SOA                 linuxproject.com. root.linuxproject.com. (              .                                   11                ; Serial               .                               604800                ; Refresh               .                                86400                ; Retry               .                              2419200                ; Expire               .                               604800 )              ; Negative Cache TTL IN              NS              linuxproject.com. 100                    IN               PTR             linuxproject.com. 101                    IN               PTR             galaxy.linuxproject.com.

Step 14: Open the resolv.conf file Command:

sudo nano /etc/resolv.conf

Step 15: Edit the resolv.conf file Command:

search linuxproject.com nameserver 192.168.10.2

Step 16: Restart the Bind9 server Command:

sudo /etc/init.d/bind9 restart

WEB SERVER:
A web server is a server placed in the network to primarily handle the HTTP requests made by hosts of the network. It helps to connect the network hosts to the World Wide Web. It is a network component which takes all the resolved requests from DNS as inputs, fetches the requested page or request and replies back with an appropriate reply.

Step 1: Install Apache Web server Command:

sudo apt-get install apache2

Step 2: Open the index.html page, which is the webpage of Web server Command:

sudo nano /var/www/html/index.html

Step 3: Edit the index.html Command:

Remove the page provided by user and Write your page as you want to display

Step4: Open the interfaces Command:

sudo nano /etc/network/interfaces

Step 5: Edit the interfaces and change the IP address to static Command:

auto lo            iface lo inet loopback auto eth0 iface eth0 inet static address 192.168.10.100 netmask 255.255.255.0 network 192.168.10.0 broadcast 192.168.10.255 gateway 192.168.10.1

Step 6: Open the hosts Command:

sudo nano /etc/hosts

Step 7: Edit the hostnames in the hosts Command:

127.0.0.1 localhost 127.0.1.1 linuxproject.com

Step 8: Restart the Web server Command:

sudo /etc/init.d/apache2 restart

FIREWALL:
A system that controls traffic coming in or going out of the network. It acts as a barrier to the unwanted traffic flowing through it. We can block a network, a particular host, or certain sections of communications such as FTP, telnet, TCP, UDP, ICMP, etc.

Step 1: Install UFW firewall Command:

sudo ufw enable

Step 2: Check the status Command: sudo ufw status

Step 3: Change status to active Command:

sudo ufw enable

Step 4: Configure UFW for port 80/tcp Command: sudo ufw allow 80/tcp

Step 5: Configure UFW for port 22/tcp Command:

sudo ufw allow 22/tcp

BACKUP SERVER:
Step 1: Log into the Web server and generate a pair of authentication keys Command:

sudo ssh-keygen -t -rsa

Step 2: Using ssh create a directory ~/.ssh on the host machine Command:

sudo chamu@192.168.85.10 mkdir –p .ssh

Step 3: Now append Web server’s public key to the host Command:

cat .ssh/id_rsa.pub | ssh chamu@192.168.85.10 ‘cat >> .ssh/authorized_keys’

Step 4: Now we have to compress the file, which is needed to be backed up Command:

sudo tar –cvpzf minutebackup.tar.gz /var/www/html/index.html

Step 5: Open crontab file Command:

sudo crontab -e

Step 6: Using cron jobs we will schedule the backup for every minute Command:

*****sudo tar –cvzpf /home/chamu/backupfolder/minutevbackup.tar.gz /var/www/html/index.html *****sudo scp /home/chamu/backupfolder/minutevbackup.tar.gz chamu@192.168.x.x:

MAIL SERVER:
Mail server is a network component which helps to also send e-mails to other domains other than our own. If mail server would not had been there in the network, we might just be able to send e-mails to people with our domain name. Through a mail server, a mail could be send out to everyone via internet. This service is very useful for communication within and outside your domain network.

Step 1: Update the Ubuntu OS with packages Command:

sudo apt-get update sudo apt-get update -–fix-missing Step 2: Install all the packages along with Postfix and Dovecot which are required Command:

sudo apt-get install bind9 dnsutils apache2 php5 postfix dovecot-common dovecot-imapd dovecot-pop3d squirrelmail mailutils

Step 3: Change the directory to /etc/bind and open named.conf.local file Command:

sudo nano named.conf.local

Step 4: Add zones to the named.conf.local file Command:

zone “linux.com” { type master; file “/etc/bind/db.linux”; };

zone “0.168.192.in-addr.arpa” { type master; file “/etc/bind/db.192”; };

Step 5: Copy content of file db.local to db.linux Command:

cp db.local db.linux

Step 6: Copy content of db.127 to db.192 Command:

cp db.127 db.192

Step 7: Open db.linux file Command:

nano db.linux

Step 8: Edit db.linux file Command:

Change localhost. to ns.linux.com. Change root.localhost. to root.linux.com. Add @        IN        NS        ns.linux.com. @	 IN	    A	      192.168.0.1 ns	 IN	    A	      192.168.0.1 IN	  MX 10      mail.linux.com. www	 IN	   CNAME	  ns               mail	  IN	   CNAME	  ns

Step 9: Open db.192 file Command:

nano db.192

Step 10: Edit db.192 file Command:

Change localhost. to ns.linux.com. Change root.localhost. to root.linux.com. Change 1.0.0 to 1

Step 11: Disconnect net and restart bind Command:

invoke-rc.d bind9 restart

Step 12: Do a nslookup for mail we created Command:

nslookup mail.linux.com

Step 13: Dig that mail Command:

dig mail.linux.com

Step 14: change the directory to /etc/apache2/sites-available/ Command:

cd /etc/apache2/sites-available/

Step 15: Copy content in 000-default.conf to mail.conf Command: cp 000-default.conf mail.conf

Step 16: Open mail.conf file Command: sudo nano mail.conf

Step 17: Edit mail.conf file Command:

Add ServerName mail.linux.com Change DocumentRoot to /usr/share/squirrelmail Step 18: Ensite the mail Command:

a2ensite mail

Step 19: Restart apache Command: invoke-rc.d apache2 restart

Step 20: Reconfiguring postfix Command: dpkg-reconfigure postfix

Step 21: Open apache.conf file in /etc/squirrelmail/ Command: sudo nano /etc/squirrelmail/apache.conf

Step 22: Edit apache.conf file Command: Uncomment the DocumentRoot and ServerName Also change ServerName to mail.linux.com

Step 23: Open dovecot.conf file in /etc/dovecot/ Command:

sudo nano /etc/dovecot/dovecot.conf

Step 24: Edit dovecot.conf file Command: Protocols = imap pop3 #disable-plaintext_auth = no             mail_location = mbox:~/mail: INBOX=/var/mail/%u mail_location = maildir:~/Maildir

Step 25: Kill all the processes Command:

killall named killall apache2 killall dovecot

Step 26: Set the static IP address for the server Command: ifconfig eth0 192.168.0.1 netmask 255.255.255.0 ifconfig eth0 up

Step 27: Restart bind, apache, postfix and dovecot Command: invoke-rc.d bind9 restart invoke-rc.d apache2 restart invoke-rc.d postfix restart invoke-rc.d dovecot restart

Step 28: Addusers Command: adduser linux1 adduser linux2

NFS (NETWORK FILE SYSTEM):
It is a file system protocol which is of distributed type. A client can share or access files over the network such as it is stored locally. Thus, a client will be able to have access to every file available in its network only like it has been saved by itself. This protocol improves the interactive capabilities for the host and the entire network.

Step 1: Install the NFS server Command: sudo apt-get install nfs-kernel-server

Step 2: Create directory which we need to share with client Command: sudo mkdir /home/prashi/sharedir

Step 3: Providing permissions for client to access the NFS share (i.e., mkdir public to all) Command: sudo chmod 777 /sharedir

Step 4: Open the user file Command: sudo chmod 777 /home/prashi

Step 5: Open the export file having network address Command: sudo nano /etc/exports

Step 6: Edit export file Command: Write the following command /home/prashi/sharedir	192.168.85.0/10

Step 7: Do an exportfs command Command:

exportfs

Step 8: At client end, make directory test to share the file of the server Command: mkdir test

Step 9: Making the test directory read and write Command:

ls –a test

Step 10: Mounting the servers directory on to test Command: sudo mount –t nfs 192.168.85.135 /home/prashi/sharedir test

NTP (NETWORK TIME PROTOCOL):
Step 1: Install ntp and ntpdate Command: sudo apt-get install ntp ntpdate

Step 2: Show the status of configured peers Command: ntpq –c lpeer

Step 3: Open ntp.conf file in /etc/ Command: sudo nano /etc/ntp.conf

Step 4: Edit ntp.conf file Command: Change broadcast address 192.168.10.255

Step 5: Restart ntp server Command: sudo /etc/init.d/ntp/restart

Step 6: Show the status of configured peers and broadcast address should be added Command: ntpq –c lpeer

Step 7: Open client in new virtual machine and install ntp and ntpdate Command: sudo apt-get install ntp ntpdate

Step 8: Show the status of configured peers Command: ntpq –c lpeer

Step 9: Open ntp.conf file in /etc/ Command:

sudo nano /etc/ntp.conf

Step 10: Edit ntp.conf file Command:

Add server 192.168.85.136

Step 11: Restart ntp server Command:

sudo /etc/init.d/ntp/restart

Step 12: Show the status of configured peers and server IP address should be added Command: ntpq –c lpeer

VPN (VIRTUAL PRIVATE NETWORK):
VPN (Virtual Private Network)- Point to Point Tunneling Protocol (PPTP)

Step 1: Install pptpd package Command:

sudo apt-get install pptpd

Step 2 : Open pptpd.conf file Command:

sudo nano /etc/pptpd.conf

Step 3: Open pptpd-options Command:

sudo /etc/ppp/pptpd-options ms-dns 192.168.10.2

Step 4: Add details as specified below for authentication Command:

sudo nano /etc/ppp/chap-secrets

TESTING:
•	Connect all network components to a switch •	Do an –ifconfig –on client •	Client gets an IP address from DHCP server; within network range and subnet mask •	Client makes a HTTP request •	Request send to DNS for resolution •	DNS resolves the request, sends back a reply to client with associated IP/Hostname •	Subsequent HTTP request made to web server •	Web server fetches and replies back to client with associated HTTP page

REFERENCES:
[1] https://www.youtube.com/watch?v=hFe81mkO_uY [2] http://mirrors.bieringer.de/Linux+IPv6-HOWTO/hints-daemons-isc-dhcp.html [3] https://www.youtube.com/watch?v=DuVNclBfykw [4] https://www.digitalocean.com/community/tutorials/how-to-set-up-ssh-keys--2 [5] https://www.digitalocean.com/community/tutorials/how-to-setup-a-firewall-with-ufw-on-an-ubuntu-and-debian-cloud-server [6] https://help.ubuntu.com/community/SettingUpNFSHowTo [7] https://help.ubuntu.com/community/BackupYourSystem [8] https://help.ubuntu.com/12.04/serverguide/firewall.html [9] https://vpnreviewer.com/how-to-install-vpn-server-pptp-debian-ubuntu-linux-vps [10] http://whatismyipaddress.com/mail-server