OSI model uses seven layers but for simplification:
- The physical layer
- The network layer
- The transport layer
- The application layer
Two methods:
- Wired: Coper or fiber optic
- Wireless: Radio signals. Conected to the access point using an SSID. Protection methods include WPA, WEP, WPA2
This layer controls how data is sent betwrrn connected network devices. Most common method is Internet Protocol (IP).
To connect your Linux system to an IP network you'll need four pieces of information:
- IP Address
- hostname
- default router
- netmask value
Networking layer software embeds the source and destination IP addresses into the data packet.
Two types: IPv4 and IPv6
Uses a unique 32-bit address splited into four 8-but values using a dot. This is called dotted-decimal-notation.
Two sections:
- Network address: Represents a group of IPs on a given address.
- host address: An IP within the Network address.
Uses a unique 128-bit divided into eight groups of four hexadecimal values.
fed1:0000:0000:08fe:0235:ff00:0000:3200
Groups of zeros can be ommited, but only once.
fed1::08fe:0235:ff00:0000:3200
link local address: default network address of fe80:: and the host part of te address is taken from the media access control (MAC).
netmask address is used to designate which bits of the network address can be used as host address.
For example 255.255.255.0 indicates that the three decimal numbers represent the network address and the last one the host.
Since there is not enough IP addresses the idea of using private addresses and NAT saved the day.
On a LAN private addreses are used and then the router using NAT translates the private IP to a public IP.
Private IP ranges:
- 10.0.0.0 to 10.255.255.255
- 172.16.0.0 to 172.31.255.255
- 192.168.0.0 to 192.168.255.255
Also called default gateway is where a device needs to send the pakets in order to comunicate with remote networks.
For a device to communicate in an IP network, it must know three separate pieces of information:
- Its own host address on the network
- The netmask address for the local physical network
- address of a local router used to send packets to remote networks
The Domain Name System asigns a name to hosts on the netwrok. These names are called domains and are mapped to the host address.
This protocol gives the hosts in the network the automatic network configuration which can include:
- IP address
- Netmask
- default gateway
- DNS
If the host reboots it can get a diferent IP from DHCP depending on the configuration.
For servers we may want a static IP, we can do that with DHCP but its better to just give it a fix address. This is called a static host address.
The transport layer helps get the data to the correct application contained on the host.
It does that by using ports. Each app that's running on a ntwork server is assigned its own port number.
Two common protocols:
- Transport Control Protocol TCP: Ensures arrival of paquets but this can slow down a little bit the comunication.
- User Datagram Protocol UDP: Does not ensure arrival of paquets making it faster but not ideal for sensitive data
Another transport layer not used for aplications but for deices to comunicate passing network management information is the Internet Control Message Protocol (ICMP).
This is where the network programs process the data sent across the network and then return a result.
Most network applications behave using the client/server paradigm.
The well-known port numbers are hard to remember. We can use the names defined in /etc/services.
Things to configure in a Linux System:
- The host address
- The network subnet address
- The default router
- The system hostname
- A DNS server address for resolving host names
Ways to configure it:
- Manually editing network configuration files
- Using a graphical tool included with your Linux distribution
- Using command-line tools
Linux systems that use the systemd init method use the systemd-networkd daemon to detect network interfaces and automatically create entries for them in the network configuration files.
Configuration files:
- Debian-based:
/etc/network/interfacesfile - Red Hat-based:
/etc/sysconig/network-scriptsdirectory - OpenSUSE:
/etc/sysconfig/networkfile
On Debian network configuration specifying static makes it a static configuration while adding dhcp makes it retrieve confiuration from the dhcp server. For IPv6 we can use the link local address using auto.
Newer Ubuntu distros use the Netplan tool to manage network settings. Netplan uses YAML in /etc/netplan to define network settings.
On Red Hat-based systems we define network settings in two different files. The first one defines the network and netmask addresses in a file named afterthe network interface name. The second file is the network file which defines the hostname and default gateway.
We can set the hostname on the second file but on other linux systems we do that by modifying /etc/hostname or /etc/HOSTNAME.
On systemd we can use the hostnamectl program.
For DNS server definition systemd generates them using the systemd-resolved and for legacy SysVinit systems this is handled in the /etc/resolv.conf.
We can speed up connections to commonly used hosts by adding the entries on /etc/hosts.
The /etc/nsswitch.conf file defines wether the Linux system checks this file before or after using DNS.
The Network Manager tool provides a graphical interface to define network connections. After modifying values using the tool the config files are changed automatically.
two different types of command-line tools:
- nmtui: Provides a simple text-based menu tool
- nmcli: Provides a text-only command-line tool
nmtui will prompt a pseudo-gui for you to select the configurations you want to make or change.
nmcli is the interface to comunicate with network manager. By default the command siplays the current network devices and their settings.
- ethtool: Displays Ethernet settigs for a network interface
- ifconfig: Displays or sets the IP address and netmask values for a network interface
- iwconfig: Sets the SSID and encryption key for a wireless interface
- route: Sets the default router address
ethtool enp0s3 # This will diplay the card onfigurationWe can employ ethtool to change features such as speed, duplex and more.
We can employ ifconfig to set the IP and the netmask.
sudo ifconfig enp0s3 down 10.0.2.10 netmask 255.255.255.0Without options we can display network interface information.
To activate or deactivate network interfaces we can use ifup or ifdown.
If we want to assign an address to a wireless interface we first need to assign the wireless SSID and encryption key values:
iwconfig wlan0 essid "test" key s:mypassword # the s: allows us to use ASCII chars instead of hexadecimalWe can check the wireless networks detected:
iwlist wlan0 scanWe can set the default route as well as modify entries:
route # shows the routing table
route add default gw 192.168.1.254The ip command can do all of the previous things shown with legacy tools.
ip address show
ip address add 192.168.1.77/24 dev enp0s3
ip route add default via 192.168.1.254 dev enp0s3
ip link set enp0s3 upThe lo in the address show command represents a local loopback interface. The loopback interface is a special virtual network that local programs can use to comunicate with other progrms as if they were across a network.
We can fine-tune networking parameters for a network interface using the /etc/sysctl.conf configuration file.
This file defines kernel parameters that the Linux system uses when interacting with the network interface.
We can disable responding to ICMP messages icm_echo_ignore_broadcasts 1 or disable packet forwarding ip_forward 0.
We need a DHCP client program:
- dhcpcd
- dhclient
- pump
For DHCP server, the config file is: /etc/dhcpd.conf
Bonding allows agregation of multiple interfaces into one virtual network device.
Three types:
- Load balancing
- Aggregation
- Active/Passive
| Mode | Name |
|---|---|
| 0 | balance-rr |
| 1 | active-backup |
| 2 | balance-xor |
| 3 | broadcast |
| 4 | 802.3ad |
| 5 | balance-tlb |
| 6 | balance-alb |
For this aproach we need to load the bonding module:
sudo modprobe bonding
sudo ip link add bond0 type bond mode 4
sudo ip link set eth0 master bond0
sudo ip link set eth1 master bond0We can also use the Linux system as a brindge between two networks using brctl. For that we must set ip_forward to 1 in /etc/sysctl.conf,¡.
We can use ping and ping6 to send ICMP packets.
ping 10.0.2.2
ping -c 10 10.0.2.2 # This limits the number of packets to 10
ping6 -c 4 fe80::cbce%enp0s3 # For IPv6 we must specify the out interface as %INTERFACETwo commands:
tracerouteandtraceroute6: Used to show the hops taken from the local network to the remote host. Uses ICMP with short TTL.tracepathandtracepath6: The same as traceroute but uses UDP.
Sending UDP packets doesn't require root super user.
A common use for the tracepath is in finding maximum transmission unit (MTU) missmatches between the network hops in a path.
MTU is the size of the larget data packet allowed.
We can employ host to get the DNS information of a host. We can also pass an IP address.
We can employ dig to get more information of the resolution and we can also pass the entry type such as a mailserver:
dig linux.org MXnslookup provides an interactive console to make queries to the DNS server.
nslookupWe can employ getent that is used to look for entries in any type of text database on the linux system
getent hosts # this will show the /etc/hosts entries
getent hosts test.com # We can also pass the host nameBy default it lists all open network connections on the system. Employing -u we limit the output to UDP and employing -t we limit the output employing TCP.
We can also use the -l option to list what applications are listening on which network ports.
We can get statistics for the different types of packets the sytem has used on the network by using the -s option.
A program connection to a port is called a socket.
We can link which system processes are using which network sockets that are active:
ss -anpt # Displays both listening and established TCP connections as well as the process they're associated withthe nc can be used to test just about any type of network situation including creating our own client/server testing tool.
nc -l 2000 # we tell the server to listen
nc 192.168.1.77 2000 # from another system we conect to the port