Linux Network Administrator's Guide, 3rd Edition

Book description

The Linux Network Administrator's Guide, Third Edition dispenses all the practical advice you need to join a network. Along with some hardware considerations, this highly acclaimed guide takes an in-depth look at all of the essential networking software that comes with the operating system--including basic infrastructure (TCP/IP, wireless networking, firewalling) and the most popular services on Linux systems.But as the follow-up to a classic, the third edition of the Linux Network Administrator's Guide does more than just spruce up the basics. It also provides the very latest information on the following cutting-edge services:

  • Wireless hubs
  • OpenLDAP
  • FreeS/WAN
  • IMAP
  • Spam filtering
  • OpenSSH
  • BIND
  • IPv6
Featuring a litany of insider tips and techniques, the Linux Network Administrator's Guide, Third Edition is an invaluable companion for any network administrator interested in integrating Linux into their Windows environmentAuthored by Terry Dawson, Tony Bautts, and Gregor N. Purdy, the Linux Network Administrator's Guide, Third Edition emerged from the Linux Documentation Project (LDP). The LDP's goal is to centralize all of the issues of Linux documentation, ranging from online documentation topics such as installing, using, and running Linux.

Publisher resources

View/Submit Errata

Table of contents

  1. Preface
    1. Purpose and Audience for This Book
    2. Sources of Information
      1. Linux Documentation Project Guides
        1. Books
        2. HOWTO documents
        3. Linux Frequently Asked Questions
      2. Documentation Available via WWW
      3. Documentation Available Commercially
      4. Linux Journal and Linux Magazine
      5. Linux Usenet Newsgroups
      6. Linux Mailing Lists
      7. Linux User Groups
    3. Obtaining Linux
    4. Filesystem Standards
    5. Standard Linux Base
    6. About This Book
      1. The Official Printed Version
    7. Overview
    8. Conventions Used in This Book
    9. Safari Enabled
    10. How to Contact Us
    11. Acknowledgments
  2. 1. Introduction to Networking
    1. 1.1. History
    2. 1.2. TCP/IP Networks
      1. 1.2.1. Introduction to TCP/IP Networks
      2. 1.2.2. Ethernets
      3. 1.2.3. Other Types of Hardware
      4. 1.2.4. The Internet Protocol
      5. 1.2.5. IP over Serial Lines
      6. 1.2.6. The Transmission Control Protocol
      7. 1.2.7. The User Datagram Protocol
      8. 1.2.8. More on Ports
      9. 1.2.9. The Socket Library
    3. 1.3. Linux Networking
      1. 1.3.1. Different Streaks of Development
      2. 1.3.2. Where to Get the Code
    4. 1.4. Maintaining Your System
      1. 1.4.1. System Security
  3. 2. Issues of TCP/IP Networking
    1. 2.1. Networking Interfaces
    2. 2.2. IP Addresses
      1. 2.2.1. Classless Inter-Domain Routing
      2. 2.2.2. Address Resolution
      3. 2.2.3. IP Routing
        1. 2.2.3.1. IP networks
        2. 2.2.3.2. Subnetworks
        3. 2.2.3.3. Gateways
      4. 2.2.4. The Routing Table
      5. 2.2.5. Metric Values
    3. 2.3. The Internet Control Message Protocol
      1. 2.3.1. Resolving Hostnames
  4. 3. Configuring the Serial Hardware
    1. 3.1. Communications Software for Modem Links
      1. 3.1.1. Introduction to Serial Devices
    2. 3.2. Accessing Serial Devices
      1. 3.2.1. The Serial Device Special Files
      2. 3.2.2. Serial Hardware
    3. 3.3. Using the Configuration Utilities
      1. 3.3.1. The setserial Command
      2. 3.3.2. The stty Command
    4. 3.4. Serial Devices and the login: Prompt
      1. 3.4.1. Configuring the mgetty Daemon
  5. 4. Configuring TCP/IP Networking
    1. 4.1. Understanding the /proc Filesystem
      1. 4.1.1. Installing the Tools
      2. 4.1.2. Setting the Hostname
      3. 4.1.3. Assigning IP Addresses
      4. 4.1.4. Using DHCP to Obtain an IP Address
        1. 4.1.4.1. Running a DHCP server
      5. 4.1.5. Creating Subnets
      6. 4.1.6. Writing Hosts and Networks Files
      7. 4.1.7. Interface Configuration for IP
      8. 4.1.8. The Loopback Interface
      9. 4.1.9. Ethernet Interfaces
      10. 4.1.10. Routing Through a Gateway
      11. 4.1.11. Configuring a Gateway
      12. 4.1.12. The Point-to-Point Interface
      13. 4.1.13. The PPP Interface
      14. 4.1.14. IP Alias
      15. 4.1.15. All About ifconfig
      16. 4.1.16. The netstat Command
        1. 4.1.16.1. Displaying the routing table
        2. 4.1.16.2. Displaying interface statistics
        3. 4.1.16.3. Displaying connections
      17. 4.1.17. Testing Connectivity with traceroute
      18. 4.1.18. Checking the ARP Tables
  6. 5. Name Service and Configuration
    1. 5.1. The Resolver Library
      1. 5.1.1. The nsswitch.conf File
      2. 5.1.2. Configuring Nameserver Lookups Using resolv.conf
      3. 5.1.3. Resolver Robustness
    2. 5.2. How DNS Works
      1. 5.2.1. Name Lookups with DNS
      2. 5.2.2. Types of Nameservers
      3. 5.2.3. The DNS Database
      4. 5.2.4. The BIND named.conf File
      5. 5.2.5. The DNS Database Files
      6. 5.2.6. Caching-Only named Configuration
      7. 5.2.7. Writing the Master Files
      8. 5.2.8. Verifying the Nameserver Setup
      9. 5.2.9. Using nslookup
      10. 5.2.10. Other Useful Tools
    3. 5.3. Alternatives to BIND
      1. 5.3.1. Installing djbdns
      2. 5.3.2. Adding Hosts
      3. 5.3.3. Installing an External DNS Cache
  7. 6. The Point-to-Point Protocol
    1. 6.1. PPP on Linux
    2. 6.2. Running pppd
    3. 6.3. Using Options Files
    4. 6.4. Using chat to Automate Dialing
    5. 6.5. IP Configuration Options
      1. 6.5.1. Choosing IP Addresses
      2. 6.5.2. Routing Through a PPP Link
    6. 6.6. Link Control Options
    7. 6.7. General Security Considerations
    8. 6.8. Authentication with PPP
      1. 6.8.1. PAP Versus CHAP
      2. 6.8.2. The CHAP Secrets File
      3. 6.8.3. The PAP Secrets File
    9. 6.9. Debugging Your PPP Setup
    10. 6.10. More Advanced PPP Configurations
      1. 6.10.1. PPP Server
      2. 6.10.2. Demand Dialing
      3. 6.10.3. Persistent Dialing
    11. 6.11. PPPoE Options in Linux
      1. 6.11.1. PPPoE Clients
        1. 6.11.1.1. PPPoE manual client configuration
  8. 7. TCP/IP Firewall
    1. 7.1. Methods of Attack
    2. 7.2. What Is a Firewall?
    3. 7.3. What Is IP Filtering?
    4. 7.4. Netfilter and iptables
      1. 7.4.1. Example iptables Commands
        1. 7.4.1.1. A packet-filtering example
        2. 7.4.1.2. A Masquerading example
        3. 7.4.1.3. A network translation example
    5. 7.5. iptables Concepts
      1. 7.5.1. Packet Flow
      2. 7.5.2. Three Ways We Can Do Filtering
      3. 7.5.3. Tables
      4. 7.5.4. Chains
      5. 7.5.5. Rules
      6. 7.5.6. Matches
      7. 7.5.7. Targets
    6. 7.6. Setting Up Linux for Firewalling
      1. 7.6.1. Loading the Kernel Module
      2. 7.6.2. Backward Compatibility with ipfwadm and ipchains
    7. 7.7. Using iptables
      1. 7.7.1. Getting Help
    8. 7.8. The iptables Subcommands
    9. 7.9. Basic iptables Matches
      1. 7.9.1. Internet Protocol (IPv4) Matches
      2. 7.9.2. Ethernet Media Access Controller (MAC) Match
      3. 7.9.3. Internet Control Message Protocol Match
      4. 7.9.4. User Datagram Protocol Match
      5. 7.9.5. Transmission Control Protocol Match
      6. 7.9.6. A Naive Example
    10. 7.10. A Sample Firewall Configuration
    11. 7.11. References
  9. 8. IP Accounting
    1. 8.1. Configuring the Kernel for IP Accounting
    2. 8.2. Configuring IP Accounting
      1. 8.2.1. Accounting by Address
      2. 8.2.2. Accounting by Service Port
      3. 8.2.3. Accounting of ICMP Packets
      4. 8.2.4. Accounting by Protocol
    3. 8.3. Using IP Accounting Results
      1. 8.3.1. Listing Accounting Data
    4. 8.4. Resetting the Counters
    5. 8.5. Flushing the Rule Set
    6. 8.6. Passive Collection of Accounting Data
  10. 9. IP Masquerade and Network Address Translation
    1. 9.1. Side Effects and Fringe Benefits
    2. 9.2. Configuring the Kernel for IP Masquerade
    3. 9.3. Configuring IP Masquerade
    4. 9.4. Handling Nameserver Lookups
    5. 9.5. More About Network Address Translation
  11. 10. Important Network Features
    1. 10.1. The inetd Super Server
    2. 10.2. The tcpd Access Control Facility
    3. 10.3. The xinetd Alternative
    4. 10.4. The Services and Protocols Files
    5. 10.5. Remote Procedure Call
    6. 10.6. Configuring Remote Login and Execution
      1. 10.6.1. Disabling the r Commands
      2. 10.6.2. Installing and Configuring ssh
        1. 10.6.2.1. The ssh daemon
        2. 10.6.2.2. The ssh client
        3. 10.6.2.3. Using ssh
  12. 11. Administration Issues with Electronic Mail
    1. 11.1. What Is a Mail Message?
    2. 11.2. How Is Mail Delivered?
    3. 11.3. Email Addresses
      1. 11.3.1. RFC 822
      2. 11.3.2. Obsolete Mail Formats
    4. 11.4. How Does Mail Routing Work?
    5. 11.5. Mail Routing on the Internet
  13. 12. sendmail
    1. 12.1. Installing the sendmail Distribution
      1. 12.1.1. Downloading sendmail Source Code
      2. 12.1.2. Compiling sendmail
      3. 12.1.3. Installing the sendmail Binary
    2. 12.2. sendmail Configuration Files
      1. 12.2.1. Comments
      2. 12.2.2. Typically Used sendmail.mc Commands
        1. 12.2.2.1. VERSIONID
        2. 12.2.2.2. OSTYPE
        3. 12.2.2.3. DOMAIN
        4. 12.2.2.4. FEATURE
        5. 12.2.2.5. define
        6. 12.2.2.6. MAILER
        7. 12.2.2.7. LOCAL_*
    3. 12.3. sendmail.cf Configuration Language
      1. 12.3.1. sendmail.cf R and S Commands
      2. 12.3.2. The Left Side
      3. 12.3.3. The Right Side
      4. 12.3.4. A Simple Rule Pattern Example
      5. 12.3.5. A Complete Rewrite Rule Example
    4. 12.4. Creating a sendmail Configuration
      1. 12.4.1. The linux.m4 OSTYPE File
      2. 12.4.2. The generic.m4 DOMAIN File
      3. 12.4.3. Creating a Sample Linux sendmail Configuration
      4. 12.4.4. Building the sendmail.cf File
    5. 12.5. sendmail Databases
      1. 12.5.1. The aliases Database
      2. 12.5.2. The local-host-names File
        1. 12.5.2.1. The bestmx_is_local feature
      3. 12.5.3. The relay-domains File
      4. 12.5.4. The genericstable Database
      5. 12.5.5. The access Database
      6. 12.5.6. Other Databases
        1. 12.5.6.1. The mailertable
        2. 12.5.6.2. The virtusertable
    6. 12.6. Testing Your Configuration
    7. 12.7. Running sendmail
    8. 12.8. Tips and Tricks
      1. 12.8.1. Managing the Mail Spool
      2. 12.8.2. Forcing a Remote Host to Process Its Mail Queue
      3. 12.8.3. Mail Statistics
        1. 12.8.3.1. mailstats
        2. 12.8.3.2. hoststat
    9. 12.9. More Information
  14. 13. Configuring IPv6 Networks
    1. 13.1. The IPv4 Problem and Patchwork Solutions
      1. 13.1.1. CIDR
      2. 13.1.2. NAT
    2. 13.2. IPv6 as a Solution
      1. 13.2.1. IPv6 Addressing
      2. 13.2.2. IPv6 Advantages
      3. 13.2.3. IPv6 Configuration
        1. 13.2.3.1. Kernel and system configuration
        2. 13.2.3.2. Interface configuration
      4. 13.2.4. Establishing an IPv6 Connection via a Tunnel Broker
        1. 13.2.4.1. Building your tunnel
      5. 13.2.5. IPv6-Aware Applications
        1. 13.2.5.1. Apache web server
        2. 13.2.5.2. Configuring Apache v2.0.x for IPv6 support
        3. 13.2.5.3. OpenSSH
      6. 13.2.6. Troubleshooting
  15. 14. Configuring the Apache Web Server
    1. 14.1. Apache HTTPD Server—An Introduction
    2. 14.2. Configuring and Building Apache
      1. 14.2.1. Getting and Compiling the Software
    3. 14.3. Configuration File Options
      1. 14.3.1. Binding Addresses and Ports
      2. 14.3.2. Logging and Path Configuration Options
      3. 14.3.3. Server Identification Strings
      4. 14.3.4. Performance Configuration
      5. 14.3.5. Starting and Stopping Apache with apachectl
    4. 14.4. VirtualHost Configuration Options
      1. 14.4.1. IP-Based Virtual Hosts
      2. 14.4.2. Name-Based Virtual Hosting
    5. 14.5. Apache and OpenSSL
      1. 14.5.1. Generating an SSL Certificate
      2. 14.5.2. Compiling mod_ssl for Apache
      3. 14.5.3. Configuration File Changes
    6. 14.6. Troubleshooting
      1. 14.6.1. Testing the Configuration File with apachectl
      2. 14.6.2. Page Not Found Errors
        1. 14.6.2.1. SSL problems
  16. 15. IMAP
    1. 15.1. IMAP—An Introduction
      1. 15.1.1. IMAP and POP
      2. 15.1.2. Which IMAP to Choose?
        1. 15.1.2.1. Getting an IMAP client
        2. 15.1.2.2. Installing UW-IMAP
        3. 15.1.2.3. IMAP configuration
        4. 15.1.2.4. Advanced UW IMAP configuration options
        5. 15.1.2.5. Using alternate mailbox formats
        6. 15.1.2.6. Configuring IMAP to use OpenSSL
    2. 15.2. Cyrus IMAP
      1. 15.2.1. Getting Cyrus IMAP
      2. 15.2.2. Configuring Cyrus IMAP
      3. 15.2.3. Troubleshooting Cyrus IMAP
  17. 16. Samba
    1. 16.1. Samba—An Introduction
      1. 16.1.1. SMB, CIFS, and Samba
      2. 16.1.2. Obtaining Samba
        1. 16.1.2.1. Building from source
      3. 16.1.3. Getting Started with Samba
        1. 16.1.3.1. Basic configuration options
        2. 16.1.3.2. Configuring Samba user accounts
      4. 16.1.4. Additional Samba Options
        1. 16.1.4.1. Access control
        2. 16.1.4.2. Logging with Samba
        3. 16.1.4.3. Logging with syslog
      5. 16.1.5. Printing with Samba
        1. 16.1.5.1. BSD Printing
        2. 16.1.5.2. Printing with CUPS
      6. 16.1.6. Using SWAT
        1. 16.1.6.1. Enabling SWAT
        2. 16.1.6.2. SWAT and SSL
      7. 16.1.7. Troubleshooting Samba
        1. 16.1.7.1. Configuration file woes
        2. 16.1.7.2. Account problems
  18. 17. OpenLDAP
    1. 17.1. Understanding LDAP
      1. 17.1.1. Data Naming Conventions
    2. 17.2. Obtaining OpenLDAP
      1. 17.2.1. Dependencies
      2. 17.2.2. Compiling OpenLDAP
      3. 17.2.3. Configuring the OpenLDAP Server
      4. 17.2.4. Running OpenLDAP
        1. 17.2.4.1. Adding entries to your directory
      5. 17.2.5. Using OpenLDAP
        1. 17.2.5.1. Adding access control lists (ACLs)
        2. 17.2.5.2. Migrating to LDAP authentication
        3. 17.2.5.3. Client LDAP configurations
      6. 17.2.6. Adding SSL to OpenLDAP
        1. 17.2.6.1. Testing SSL availability
      7. 17.2.7. LDAP GUI Browsers
      8. 17.2.8. Troubleshooting OpenLDAP
  19. 18. Wireless Networking
    1. 18.1. History
    2. 18.2. The Standards
    3. 18.3. 802.11b Security Concerns
      1. 18.3.1. Hardware
        1. 18.3.1.1. 801.11g versus 802.11b on Linux
        2. 18.3.1.2. Chipsets
      2. 18.3.2. Client Configuration
        1. 18.3.2.1. Drivers
        2. 18.3.2.2. Using the Linux Wireless Exension Tools
      3. 18.3.3. Linux Access Point Configuration
        1. 18.3.3.1. Installing the HostAP driver
        2. 18.3.3.2. Obtaining and building the HostAP driver
        3. 18.3.3.3. Configuring HostAP
        4. 18.3.3.4. Additional options
      4. 18.3.4. Troubleshooting
      5. 18.3.5. Bridging Your Networks
  20. A. Example Network: The Virtual Brewery
    1. A.1. Connecting the Virtual Subsidiary Network
  21. Index
  22. About the Authors
  23. Colophon
  24. Copyright

Product information

  • Title: Linux Network Administrator's Guide, 3rd Edition
  • Author(s): Tony Bautts, Terry Dawson, Gregor N. Purdy
  • Release date: February 2005
  • Publisher(s): O'Reilly Media, Inc.
  • ISBN: 9780596005481