Network configuration and tools

Slides: http://www.cs.put.poznan.pl/ksiek/naps/tools/

GNU/Linux network interfaces

A network host is a computer or other device connected to a computer network. A network host may offer information resources, services, and applications to users or other nodes on the network.

A host running Linux can take on one of the following two roles in the network:

  • computer – sends and receives network communication
  • router – sends, receives, and forwards network communication,

Each host is connected to the network with at least one network adapter (a router is usually connected to two or more). It is a component of the host that connects it to the network physically (via some medium: coaxial cable, radio, twisted pair cable–TP). Also known as: network interface controller (NIC), network interface card, network adapter, LAN adapter, or physical network interface.

https://upload.wikimedia.org/wikipedia/commons/thumb/9/9e/Network_card.jpg/330px-Network_card.jpg

Each adapter is associated with specific local networking technology, e.g. Ethernet, FDDI, Token Ring, WLAN, RS232. The technbology specifies what medium is used for connectivity, what protocols and data formats are used to transfer information.

Each network adapter has an associated physical address, also known as a media access control address (MAC), or a hardware address (HWaddr). It is a unique address (usually) assigned by the manufacturer of the network adapter. It is used to communicate with devices within the local network on the low level (OSI Level 2: data link, TCP/IP link layer).

A MAC is a sequence of 6 bytes represented as six groups of two hexadecimal digits spearated by colons (sometimes by hyphens). E.g.: 01:23:45:67:89:ab.

Each network adapter is a single physical interface to the network. Each network adapter can also be one or more logical interfaces. A logical interface is used to connect to a logical (higher level) network, such as the Internet. In Linux each logical interface has an associated IP address. Furthermore, a singe network adapter can have several associated IP addresses and act as several logical interfaces.

Each interface (logical as well as physical) is identified by a name. There are two main naming conventions.

“Classical” convention indicating technology. Examples.

  • eth0 – a physical interface and a single logical interface, adapter no. 0 in Ethernet technology.
  • eth0:1 – a physical interface and a logical interface no. 1 in Ethernet technology.

Typical device name prefixes:

  • lo – loopback
  • eth – ethernet
  • wlan, ath, wifi, radio – wireless adapters
  • firewire, ib – firewire, infiniband
  • dummy – dummy adapter
  • br, tun, tap – (logical) tunnel
  • sit, tnl, ppp, vpn, gre – (logical) VPN adapter

Predictable Network Interface Names:

The classic naming scheme for network interfaces applied by the kernel is to simply assign names beginning with “eth0”, “eth1”, ... to all interfaces as they are probed by the drivers. As the driver probing is generally not predictable for modern technology this means that as soon as multiple network interfaces are available the assignment of the names “eth0”, “eth1” and so on is generally not fixed anymore and it might very well happen that “eth0” on one boot ends up being “eth1” on the next. This can have serious security implications, for example in firewall rules which are coded for certain naming schemes, and which are hence very sensitive to unpredictable changing names.

Starting with v197 systemd/udev will automatically assign predictable, stable network interface names for all local Ethernet, WLAN and WWAN interfaces. This is a departure from the traditional interface naming scheme (“eth0”, “eth1”, “wlan0”, ...), but should fix real problems. (from freedesktop.org)

Typical device names:

  • eno1
  • sls1
  • wwp2s0
  • wlx78e7d1ea46da

ip

The basic tool for network configuration is ip from the iproute2 package.

Help: ip [arguments] help, eg.:

  • ip addr help
  • ip link help

Reading the help:

Usage: ip [ OPTIONS ] OBJECT { COMMAND | help }
       ip [ -force ] -batch filename
where  OBJECT := { link | addr | addrlabel | route | rule | neigh | ntable |
                   tunnel | tuntap | maddr | mroute | mrule | monitor | xfrm |
                   netns | l2tp | tcp_metrics | token }
       OPTIONS := { -V[ersion] | -s[tatistics] | -d[etails] | -r[esolve] |
                    -f[amily] { inet | inet6 | ipx | dnet | bridge | link } |
                    -4 | -6 | -I | -D | -B | -0 |
                    -l[oops] { maximum-addr-flush-attempts } |
                    -o[neline] | -t[imestamp] | -b[atch] [filename] |
                    -rc[vbuf] [size]}

Arguments for ip can be shortened. However, we must be careful doing so, because if there is ambiguity, the command will disambiguate arbitrarily. For example, instead of ip link show we can write ip l sh, but ip l s will not work, because it executes ip link set.

Getting more help: man ip (also works for other commands).

Network adapter configuration

Showing the status of the adapter (device)

  • ip link show – all adapters
  • ip link show dev eth0 – adapter named eth0

Turning an adapter on and off:

  • ip link set dev eth0 up
  • ip link set dev eth0 down

Questions:

  • What adapters are there on your host?
  • Which of the adapters are physical links and which are logical?
  • Which of the adapters are up and which are down?
  • What are the MAC addresses of each of the adapters?
  • What technology are the interfaces operating in?

Ethernet network adapter configuration

ethtool is a different tool that gives us low level (physical layer) information about the adapter.

Information about adapter component:

  • ethtool eth0
  • ethtool -S eth0
  • ethtool -i eth0

Questions:

  • What is the device’s medium?
  • Is the device connected to the medium?
  • What is the maximum speed of the device?
  • Does the device support duplex and auto MDI-X?
  • How many bytes of information did the adapter send and receive?
  • What is a packet? How many packets did the adapter send and receive?
../_images/ethernet_port.png

Identify the physical component associated with the interface (by TP port connection):

  • ethtool -p eth0

Questions:

  • Identify all of your network interfaces.
  • Which socket on the patch panel are your network interfaces identified with?
  • Try disconnecting the cable from the patch panel. Does ethtool show it is conencted? Reconnect it when you’re done.

IP address configuration

Show IP configuration of interfaces:

  • ip addr show – all adapters
  • ip addr show dev eth0 – adapter eth0

Assigning an IP address 10.0.0.1/25 to interface eth0:

  • ip addr add dev eth0 10.0.0.1/25

Warning! IP mask must always be specified. If the IP mask is not specified, it will be set to /32 (which is useless).

Removing an IP address from interface eth0

  • ip addr del dev eth0 10.0.0.1/25

Removing all addresses of adapter eth0:

  • ip addr flush dev eth0

Questions:

  • What IP address is your computer using on each interface?
  • What is the loopback?
  • Assign the address 192.168.1.1/24 to interface p4p1.
  • Assign another address 10.0.0.1/8 to interface p4p1. How many logical interfaces are there?
  • Remove the address 192.168.1.1/24 from p4p1.
  • Remove all addresses from p4p1.

The logistics of setting IP addresses

Within local networks, as well as within own subnetworks an administrator can assign IP addresses arbitrarily. This is done according to proper subnetting rules.

An administrator can assign IP addresses to hosts statically (manually setting IP addresses to individual hosts).

Another method is to assign addresses via the Dynamic Host Configuration Protocol (DHCP):

  • a DHCP client asks a DHCP server for an IP address using a low level protocol (using MAC addresses),
  • it broadcasts a request to locate a DHCP server,
  • once it locates the server, it sends a request for an IP address assignment to the server,
  • the server send back the IP address to the client.

Aa DHCP server can assign temporary addresses, with or without preference for repeated reassignment, and assign addresses statically.

Running a DHCP client:

  • dhclient – all interfaces
  • dhclient eth0 – interface eth0

Starting a DHCP server (may require configuration):

  • dhcpd

Questions:

  • Remove one of your network adapters’ IP address and try obtaining a new one using a DHCP client. What address did you receive?

Looking at network trafic

Sometimes we want to see what’s going on in the network...

wireshark

Questions:

  • Record some network trafic (keeping your network card in promiscuous mode).
  • Why is the structure of messages nested?
  • Record some network traffic while running DHCP client. Find the messages relating to DHCP in the log and trace the protocol.

Connecting computers together

Ethernet over twisted pair uses point-to-point connections. In order to connect many computers together we must use a network hub, a network switching hub (a switch), or a router.

Hub

../_images/hub.png

Multiport signal regenerator. Every frame received by the hub on one port is retransmitted on all other ports.

This can lead to collisions. We say that all computers that are connected to a hub are in the same collision domain. Collisions need to be handled to prevent corruption of data (CSMA/CD protocol). This is very costly, so collisions are best avoided.

Switch

../_images/switch.png

Multiport signal regenerator which selectively retransmits signal.

A switch has a table of MAC addresses. The switch learns MAC addresses by listening to messages passing through it (Transparent Bridging protocol) and uses this information to direct retrasmitions.

Switches prevent collisions, so two computers connected to a switch are in different collision domains. However, they are still connected on a local level and can communicate via MAC addresses: they are in the same broadcast domain.

Router

../_images/router.png

A host that can forward messages between networks.

Two computers connected to the same router are in different networks. They have different broadcast domains and different collision domains.

Is the other computer connected? (ICMP)

  • ping 150.254.130.130 – any interface
  • ping -I eth0 150.254.130.130 – specific interface

Questions:

  • Locate the number of you TP socket at the desk and locate the associated TP socket on the patch panel in the server room.

    • Which switch is you host conencted to?
    • Which port on the switch?
  • Connect interface p4p2 to a different switch (shown by the lab TA).

    • Discuss with your colleagues and assign everybody an IP address (in the same network).
    • (Manually) assign an IP address to p4p2.
    • Try pinging your colleagues’ hosts.
    • Observe the network traffic using wireshark.

Exercise

Subnet configuration:

  1. Given a network address of 10.10.0.0/16 create four equal subnets and assing addresses in each subnet to individual students.
  2. Connect the hosts together using interface p4p1 and a single free switch.
  3. Configure the hosts to properly communicate within subnets.
  4. Check whether the hosts are communicating properly and resolve problems.

Other useful tools

net-tools package:

  • arp
  • hostname
  • ifconfig
  • iptunnel
  • netstat
  • rarp
  • route

iproute2 package (replaces net-tools):

  • ip
  • ss
  • tc

iputils package:

  • arping
  • ping
  • ping6
  • tracepath
  • tracepath6
  • traceroute6
  • traceroute
  • mtr

Installing a package:

  • zypper install PACKAGE (on OpenSUSE)
  • apt-get install PACKAGE (on Debian, Ubuntu, ...)

Survey