Linux/Networking Services
From charlesreid1
Overview
This page will cover a couple of key aspects of networking services on Linux:
- ip address schema
- dhcp server
- dns server
- ntp server
IP Schema
First principle: keep schema easy to change
What types of machines are you providing addresses to? Servers/workstations/printers, but now also phones, conference systems, tablets. many devices also have multiple network interfaces. a default network of 24 bits, 254 usable ip addresses, is not large enough for many situations.
multiple subnets would help to create individual networks for groups of devices (types of services). example: have servers on one subnet, printers on antoher, workstations on yet another.
the broadcast domain should also be limited. With a one-size-fits-all 24 bit network, you have a single subnet, and a single broadcast domain. Every device can communicate with every other device, with no need for routing. However, on large networks, breaking down the broadcast domain can help ensure performance. Organizing sub domains for different services keep those services from being overwhelmed.
To plan IP schema, use the ipcalc utility. This can help you understand the number of IP addresses that will be available for a given schema.
$ apt-get install ipcalc
You give it arguments of the network you are thinking about using:
$ ipcalc 10.10.96.0/22
ipcalc shows Hosts/Net, which is the number of allowable IP addresses that this network would give us.
The utility also shows the subnet mask that would be required, which is 255.255.252.0.
ipv4 vs ipv6
insert obligatory reference to number of IP addresses running out...
ipv6 needs to be ushered in.
HOWEVER, for small, internal networks, there is absolutely no need to complicate your life with ipv6. The namespace for ipv4 running out will only affect the wider internet, and not local nor private network IP spaces.
Unless you are a networking company. Or studying for a certification.
dhcp server
now that we have used ipcalc to decide on a network layout (ip schema, number of addresses, number of bits, subnet mask, etc.), put it into action.
set up dhcp server to configure and serve up IPv4 addresses to machines that want one.
Use the isc-dhcp-server:
$ apt-get install isc-dhcp-server
Now configure the dhcp server by editing its configuration file, located at /etc/dhcp/dhcp.conf
If you have an example, it will be pretty extensive. Or, it might be totally empty. Here is a sample:
default-lease-time 86400;
max-lease-time 86400;
option subnet-mask 255.255.252.0;
option broadcast-address 10.10.99.255;
option domain-name "local.lan";
authoritative;
subnet 10.10.96.0 netmask 255.255.252.0 {
range 10.10.99.100 10.10.99.254;
option routers 10.10.96.1;
option domain-name-servers 10.10.96.1;
}
To go through that a bit slower:
the default lease time and max lease time set the lease times of ip addresses.
The subnet mask and broadcast address options specify what subnet mask the clients will be given, and what broadcast address they'll use.
The subnet mask identifies the network that each connecting node will be a part of. The clients check their IP information after being provided an address. The subnet mask identified here should be shown.
The broadcast address is the address on which all nodes within this subnet are able to receive packets.
The domain-name option applies the domain name to the hostnames of each node that connects to the DHCP server. The authoritative option specifies that this DHCP server should be the primary DHCP server for this subnet.
The following lines about the subnet range, routers, and domain name servers:
subnet 10.10.96.0 netmask 255.255.252.0 {
range 10.10.99.1 10.10.99.254;
option routers 10.10.96.1;
option domain-name-servers 10.10.96.1;
}
these identify network address for the subnet, the subnet mask, the range of IP addresses that will be issued, the default gateway, and the DNS server.
This example shows that the first DHCP-issued address will be at 10.10.99.100 and it will end at 10.10.99.254.
This cuts out a really large number of possible IP addresses. The range we have specified, 10.10.96.0/22, covers the following subnets:
10.10.96.0 10.10.97.0 10.10.98.0 10.10.99.0
so in fact we could hand out IP addresses starting at 10.10.96.1, rather than 10.10.99.100.
Once you have edited this file, you will restart the daemon.
$ systemctl restart isc-dhcp-server
an easier example
This example is easier, as it only configures a network like 10.10.10.0/24 - a 24 bit network:
default-lease-time 86400;
max-lease-time 86400;
option subnet-mask 255.255.255.0;
option broadcast-address 10.10.10.255;
option domain-name "local.lan";
authoritative;
subnet 10.10.10.0 netmask 255.255.255.0 {
range 10.10.10.10 10.10.10.254;
option routers 10.10.96.1;
option domain-name-servers 10.10.96.1;
}
This sets the dhcp range to start at 10.10.10.10 and end at 10.10.10.254. This gives 9 IP addresses that will never be assigned - which is useful if you need to assign static IP addresses to any machines.
Static IP Addresses
To hand out a static IP address lease, place a reservation at the end of /etc/dhcp/dhcpd.conf:
host miami {
hardware ethernet AA:BB:AB:BA:DE:AD:BE:EF
fixed-address 10.10.97.4
}
This will give the host miami with the mac address specified the fixed IP address of 10.10.97.4.
Related
 |
linux networking all the pages for linux networking
Diagnosing network interfaces: Linux/Network Interfaces Connecting to nodes with ssh: Linux/SSH Bridging networks with ssh tunnels: Linux/SSH Linux file server nfs/smb/sshfs: Linux/File Server Samba on linux: Linux/Samba Automounting network shares on linux: Linux/Automount Network Shares Monitoring system resources: Linux/System Monitoring Linux systemd: Linux/Systemd
IP Schema (ipcalc): Linux/IP Schema DHCP Server: Linux/DHCP DNS Server: Linux/DNS NTP Server: Linux/NTP
|