Data Networking/Fall 2016/Sanket Jabade

Data Networking

Linux Project to implement DNS, DHCP, Web Server, Firewall and Backup
In this webpage we describe our Linux project based on implementation of networking concepts such as DNS, DHCP, Web Server, Firewall and Backup.

Team Members
1) Sanket Jabade 2) Maheshwar Gurav 3) Prajwal Patil 4) Riteshkumar Gupta

Why Linux over other operating systems?
Linux is an open source and free operating system widely used in almost all major Telecommunication and IT companies. Anyone can easily modify the source code and use it according to their needs for different applications.

Introduction
The main aim of this project is to implement networking concepts using Linux. We tried to implement various networking concepts like DNS, DHCP, Web Server, Backup and a Firewall. We have used Ubuntu 16.04 LTS for implementation.

Background
 1) Domain Name System (DNS)  DNS (Domain Name system) is a service similar to a phone-book. It basically translates any host-name to its specific IP address. This service makes it easier for users to access any website via its host-name rather than remembering its IP address. DNS runs over UDP and uses port 53. It uses few additional services along with host-name to IP address translation like host aliasing, mail server aliasing and load distribution.

 2) Dynamic Host Configuration Protocol (DHCP)  DHCP (Dynamic Host Configuration Protocol) is a standardized network protocol that dynamically provides various networking parameters such as IP address, subnet mask, default gateway to any host machine who wants to communicate over a network. It basically works on DORA process i.e. D-Discovery, O-Offer, R-Request and A-Acknowledgement. Step 1: Host machine sends "Discovery" message to request for IP address to all listening DHCP servers. Step 2: Any DHCP server will then "Offer" an IP address from its pool of addresses. Step 3: The host will now "Request" this offered IP address from the DHCP server. Step 4: The DHCP server will finally "Acknowledge" this request and provides the IP address along with other necessary network parameters.

 3) Web Server  A web server is a machine or a program that uses HTTP (Hypertext Transfer Protocol) to process requests from users and provides information in the form of web pages over the Internet or the World Wide Web. The users who request for information are called clients and the machines who respond to this request are called Web Servers. This process is called as a client-server model. There are 4 primary different Web Servers like Apache, IIS, nginx and GWS. We are using Apache web server for project implementation, currently the most popular one in the market.

 4) Backup Web Server  The web server is a machine and it may crash anytime due to various reasons like increase in usage or heavy processes running on it. So it is always better to have a backup of everyday's work in some another machine so that data can be recovered easily. Hence we create a backup server to avoid loss of data.

 5) Firewall  Firewall is a network security system (either hardware or software based) that manages the incoming and outgoing network traffic based on predefined set of rules. It basically acts as a barrier between a secured internal network and any outside network(either secured or unsecured).

DHCP Server
1. Install DHCP Server

sudo apt-get install isc-dhcp-server

2. Install the radvd to configure the parameters

sudo apt-get install radvd

3. To configure DHCP modify below files

sudo nano /etc/network/interfaces sudo nano /etc/default/isc-dhcp-server sudo nano /etc/dhcp/dhcpd.conf

4. For clients install below package

sudo apt-get install wide-dhcpv6-server

DNS server
Configuring Primary DNS Server 1. Install Bind9

sudo apt-get install bind9 bind9utils bind9-doc

2. Configure caching name server (edit named.conf.options file)

sudo nano /etc/bind/named.conf.options

Un-comment the following lines and add below details forwarders { 192.168.1.13;      192.168.1.12;      };

3. Restart bind9 service

sudo systemctl restart bind9

4. Edit named.conf.local file

sudo nano /etc/bind/named.conf.local

Define the forward and reverse file as shown below zone "fouroseven.com" { type master; file "/etc/bind/db.fouroseven.com"; allow-transfer { 192.168.1.12; }; also-notify { 192.168.1.12; }; };     zone "1.168.192.in-addr.arpa" { type master; file "/etc/bind/db.192"; allow-transfer { 192.168.1.12; }; also-notify { 192.168.1.12; }; };

5. Create forward zone file

sudo nano /etc/bind/db.fouroseven.com

Add the following lines $TTL 604800 @  IN  SOA     master.fouroseven.com. root.fouroseven.com. (                    10    ;   Serial                 604800    ;   Refresh                 34000     ;   Retry                 241920    ;   Expire                 604800 )  ;   Negative Cache TTL IN          A      192.168.1.14 ; @       IN  NS          master.fouroseven.com. @      IN  NS          slave.fouroseven.com. @      IN  A           192.168.1.14 master IN  A           192.168.1.13 slave  IN  A           192.168.1.12 www    IN  A           192.168.1.14 dee    IN  CNAME       www.fouroseven.com. why    IN  CNAME       www.fouroseven.com. client IN  A           192.168.1.20

Web Server
1. Install Apache Web Server

sudo apt-get install apache2

2. Restart the web server

sudo /etc/init.d/apache2 stop sudo /etc/init.d/apache2 start

3. Modify or create the web page as per requirement

sudo nano /var/www/html/index.html

Firewall
1. Install IP tables Persistent packages

sudo apt-get install -y iptables-persistent 2. Add Net filter persistent startup

sudo invoke-rc.d netfilter-persistent save

3. Stop Netfilter Persistent service

sudo service netfilter-persistent stop

4. Open the rules.v4 file from /etc/iptables and do the following changes

-A INPUT -s 192.168.1.25/255.255.255.0 -p tcp -m tcp --dport 22 -j ACCEPT -A INPUT -p tcp -m state --state NEW,ESTABLISHED --dport 80 -j ACCEPT -A INPUT -j DROP -A FORWARD -j DROP -A INPUT -j DROP

5. Start netfilter persistent service

sudo service netfilter-persistent start

6. Check status

sudo iptables -L

Backup Server
1. Generate a pair of public keys

sudo ssh-keygen -t rsa 2. Create .ssh on host

ssh @ mkdir -p .ssh

3. Appending the Web server's public key to host

cat .ssh/id_rsa.pub | ssh @ 'cat >> .ssh/authorized_keys'

4. Compress the backup

sudo tar –cvpzf /home/webserver/minbkup.tar.gz /var/www/html/ 5. We use crontab to take backup every minute

sudo crontab –e * * * * * sudo tar -cvpzf /home/webserver/minbkup.tar.gz /var/www/html/ * * * * * sudo scp /home/webserver/minbkup.tar @:/path of backup server

Websites
1) https://www.ostechnix.com/install-and-configure-dns-server-ubuntu-16-04-lts/ 2) https://help.ubuntu.com/ 3) https://www.digitalocean.com 4) http://askubuntu.com/questions/

Books
1) Computer Networking- A Top-Down Approach (Fifth Edition)- By James F. Kurose & Keith W. Ross