Data Networking/Spring 2015/PABR

Project Team Members

 * 1) Preetam Patil
 * 2) Apurva Sharma
 * 3) Bhaskar Balasubramanyam
 * 4) Renjith Prasad

Overview of the project
Project is to build a DNS Server, DHCP server and a WEB server hosting a web page using Linux. DHCP server will provide IP address to all the devices connected in its network. DNS server will resolve the IP address of the given domain name so that the client computer could start its communication. Web Server will host a HTML page. We have also implement security by adding firewalls at webserver in order to make the system secure and reliable

Requirement of the Project
We need to have a Linux based OS. We need to install bind9 for DNS server ,apache2 for webserver and ISC-DHCP-SERVER for DHCP server.

Domain Name Server (DNS):
Commands used for Implementation of DNS server
 * Implementation of DNS server.

Step 1: For this project the BIND9 DNS server is used. Below command is used to Setting up a Bind DNS server on Ubuntu sudo apt-get install bind9

Step 2: Make changes in named.conf.options and named.conf.local files for the configuration of DNS server: Configuration in named.conf.options file: forwarders { 8.7.8.8;                8.8.4.4;            }; Step 3: Create the forward lookup zone and for the reverse lookup zone in named.conf.local file

Configuration in named.conf.local file: 1)FORWARD look up zones zone "DNlinux.com" {        type master;         file "/etc/bind/db.DNlinux.com";         allow-transfer {192.168.43.3;}; }; 2)REVERSE look up zones zone "43.168.192.in-addr.arpa" { type master; file "/etc/bind/db.192"; allow-transfer {192.168.43.3;}; }; Step 4: Create a Forward lookup zone file: db.DNlinux.com. The forward lookup zone is created in directory /etc/bind/

Configuration in forward lookup zone file db.DNlinux.com: $TTL   86400 @      IN      SOA     DNlinux.com. root.DNlinux.com. (                              2         ; Serial                          604800         ; Refresh                           86400         ; Retry                         2419200         ; Expire                           86400 )       ; Negative Cache TTL @      IN      NS      DNlinux.com. @      IN      A       192.168.43.118 name   IN      A       192.168.43.9 www    IN      CNAME   name Step 5: Create a reverse lookup zone file: db.192. The reverse lookup zone is created in directory /etc/bind/

Configuration in reverse lookup zone file db.192: $TTL   604800 @      IN      SOA     DNlinux.com. root.DNlinux.com. (                              2         ; Serial                          604800         ; Refresh                           86400         ; Retry                         2419200         ; Expire                          604800 )       ; Negative Cache TTL @      IN      NS      DNlinux.com. 118    IN      PTR     DNlinux.com. 9     IN      PTR      mail.DNlinux.com. 9     IN      PTR     www.DNlinux.com.

Dynamic Host Configuration Protocol (DHCP):
Commands used for implementation of DHCP:

Step 1: Install the isc-dhcp-server package sudo apt-get install isc-dhcp-server

Step 2: Edit the Configuration file to configure the DHCP server with information for the Scope, Superscope, Address Pool, Exclusion Range, Reservation and lease.

sudo cp dhcpd.conf dhcpd-backup.conf sudo gedit dhcpd.conf

{ ddns-update-style none; shared-network foo.foo { For Wifi Hot spot A slightly different configuration for an internal subnet. subnet 192.168.43.0 netmask 255.255.255.0 { range 192.168.43.10 192.168.43.150; range 192.168.43.170 192.168.43.220; so 151 to 169 is excluded option domain-name-servers 192.168.43.2, 192.168.43.3; option domain-name "internal.example.org"; option routers 192.168.43.1; option broadcast-address 192.168.43.255; default-lease-time 600; max-lease-time 7200; } For #1115A slightly different configuration for an internal subnet. subnet 192.168.1.0 netmask 255.255.255.0 { range 192.168.1.10 192.168.1.100; option domain-name-servers 192.168.1.1, 8.8.4.4; option domain-name "internal.example.org"; option routers 192.168.1.1; option broadcast-address 192.168.1.255; default-lease-time 600; max-lease-time 7200; } } end of foo.foo host apurva {  hardware ethernet 00:0c:29:2d:04:9b; fixed-address 192.168.43.2; for dns   option domain-name-servers 192.168.43.2, 192.168.43.3; } host apurva-slave {  hardware ethernet 00:0c:29:98:82:29; fixed-address 192.168.43.3;

--for slave dns option domain-name-servers 192.168.43.2, 192.168.43.3; } host renjith-WS {  hardware ethernet 00:0c:29:c3:71:73; fixed-address 192.168.43.118; option domain-name-servers 192.168.43.2, 192.168.43.3; } }

Step 3: Configure the interfaces file to include the interface (eth0) along with the ip address, gateway, dns-nameservers. sudo gedit /etc/network/interfaces Step 4: Add the interface (eth0) to the isc-dhcp-server file sudo gedit /etc/default/isc-dhcp-server Step 5: Start the dhcp service sudo service isc-dhcp-server start

Step 6: – You can check the leased addresses in the /var/lib/dhcp/dhcp-leases file

Web Server
Step 1: Commands used for implementation of Web server:

The command sudo apt-get install apache2 will install the apache2 web server software on the host machine. The apache2 web server comes with a basic html page, which will be your localhost webpage

Step 2: Editing the Webpage

In order to edit the webpage for creating own user interface, the command cd /var/www/html/index.html is used.

Firewall
Firewall is configured using iptables, which is easy to use, and it used iptables for storing its rules. The commands used for configuring and setting rules are: Initially, the firewall is configured so as to accept all connections. For that

sudo iptables – A INPUT –m conntrack -–ctstate ESTABLISHED,RELATED –j ACCEPT command is queried. Sudo iptables –A INPUT –p tcp –dport 22 –j ACCEPT, Sudo iptables –A INPUT –p tcp –dport 80 –j ACCEPT, Sudo iptables –A INPUT –j DROP, Sudo iptables –I INPUT 1 –i lo –j ACCEPT, Sudo Iptables –N port –scan

Future Implementation
1) Increasing the security of the DNS server by providing Digital certificate and access authentications. 2) Increasing the cache rate of the DNS server by implementing the concept of piggybacking. 3) Increase the security at web servers by implementing SSL service. 4) Implementation of the backup server for DHCP. Whenever the primary DHCP server fails we can use the secondary backup server. 5) Implementation of proxy server in order reduce the network traffic and RTT time to load the page. 6) Implementation of IPV6 protocol. IPV6 allows to send larger datagram as compared to IPV4.