Perform the procedures in this section to configure ACSLS HA Ethernet interfaces.
Linux Bonding provides a mechanism for building redundant network interfaces to guard against failures with NICs, cables, switches or other networking hardware. When configuring Bonding on your Linux host, combine two or more physical network interfaces into a single Bond. The following examples illustrate the creation of Node to Node and NFS Bonding. If the NetworkManager service is running, you can use the nmcli command to display the state of the system's physical network interfaces. This will help you recognize the device names for each interface. You will use these device names to create the IP addresses and then add them to the networking manager. Run the nmcli device status command to view the Ethernet ports: # nmcli device status DEVICE TYPE STATE CONNECTION eno1 ethernet disconnected -- eno2 ethernet disconnected -- eno3 ethernet disconnected -- eno4 ethernet disconnected -- ens2f0 ethernet disconnected -- ens2f1 ethernet disconnected -- ens2f2 ethernet disconnected -- ens2f3 ethernet disconnected --From the output above, note the four ports on each Network Interface Controller (NIC):
In the steps below, you build and assign the following network connections on each Node using the nmcli interface. Assign a name for each connection to identify its function.
The following steps illustrate the process used to build the library connections and bonds.
Command examples: # nmcli connection add type ethernet con-name acslslibcon1 ifname eno2 ip4 10.196.0.40/24 autoconnect yes # nmcli connection up acslslibcon1
Command examples: # nmcli connection add type ethernet con-name acslslibcon2 ifname ens2f2 ip4 10.196.1.40/24 autoconnect yes # nmcli connection up acslslibcon2
Command examples: # nmcli connection add type bond con-name bond1N2N ifname bond1N2N mode balance-rr ip4 192.168.84.1/24 autoconnect yes # nmcli connection add type bond-slave con-name bond1N2N-con1 ifname eno4 master bond1N2N # nmcli connection add type bond-slave con-name bond1N2N-con2 ifname ens2f0 master bond1N2N # nmcli connection up bond1N2N
Command examples: # nmcli connection add type bond con-name bond2NFS ifname bond2NFS mode balance-rr ip4 10.0.0.25/24 autoconnect yes # nmcli connection add type bond-slave con-name bond2NFS-con1 ifname eno3 master bond2NFS # nmcli connection add type bond-slave con-name bond2NFS-con2 ifname ens2f1 master bond2NFS # nmcli connection up bond2NFS
The ACSLS HA Logical Host IP address for the ACSLS Client interface is not created at this time. It is created automatically when the user runs the Setup.py command in ACSLS HA. Setup.py will prompt the user for the device to be used. At that time, the user will select ens2f3. For now, no connection will be built and assigned for ens2f3 on either node. You can now run the nmcli device status command on Node 1 to view the connections that you have made. Command examples: # nmcli device status DEVICE TYPE STATE CONNECTION bond1N2N bond connected bond2NFS bond connected bond2NFS eno1 ethernet connected publicAdmin eno2 ethernet connected acslslibcon1 eno3 ethernet connected bond2NFS-con1 eno4 ethernet connected bond1N2N-con1 ens2f0 ethernet connected bond1N2N-con2 ens2f1 ethernet connected bond2NFS-con2 ens2f2 ethernet connected acslslibcon2 ens2f3 ethernet disconnected --
Command examples: # nmcli connection add type ethernet con-name acslslibcon1 ifname eno2 ip4 10.196.0.50/24 autoconnect yes # nmcli connection up acslslibcon1
Command examples: # nmcli connection add type ethernet con-name acslslibcon2 ifname ens2f2 ip4 10.196.1.50/24 autoconnect yes # nmcli connection up acslslibcon2
Command examples: # nmcli connection add type bond con-name bond1N2N ifname bond1N2N mode balance-rr ip4 192.168.84.2/24 autoconnect yes # nmcli connection add type bond-slave con-name bond1N2N-con1 ifname eno4 master bond1N2N # nmcli connection add type bond-slave con-name bond1N2N-con2 ifname ens2f0 master bond1N2N # nmcli connection up bond1N2N
Command examples: # nmcli connection add type bond con-name bond2NFS ifname bond2NFS mode balance-rr ip4 10.0.0.35/24 autoconnect yes # nmcli connection add type bond-slave con-name bond2NFS-con1 ifname eno3 master bond2NFS # nmcli connection add type bond-slave con-name bond2NFS-con2 ifname ens2f1 master bond2NFS # nmcli connection up bond2NFS You can now run the nmcli device status command on Node 2 to view the connections you have made. # nmcli device status DEVICE TYPE STATE CONNECTION bond1N2N bond connected bond1N2N bond2NFS bond connected bond2NFS eno1 ethernet connected publicAdmin eno2 ethernet connected acslslibcon1 eno3 ethernet connected bond2NFS-con1 eno4 ethernet connected bond1N2N-con1 ens2f0 ethernet connected bond1N2N-con2 ens2f1 ethernet connected bond2NFS-con2 ens2f2 ethernet connected acslslibcon2 ens2f3 ethernet disconnected --
The ACSLS HA Logical Host IP address for the ACSLS Client interface is not created at this time. It is created when the user runs the setup.py command in ACSLS HA. Setup.py will prompt the user for the device to be used. At that time, the user will select ens2f3. For now, no connection will be built and assigned for ens2f3 on either node.
The following files configure the system so that host names can be resolved. This is required when one will ssh to a host name eg. venus.megacorp.com or point an email client to smtp.megacorp.com. The system must be able to resolve the host names to IP addresses so that the network connection can be made.
Note that device configuration information can be found in the autogenerated file /etc/udev/rules.d/70-persistent-net.rules Files which hold the Linux system network configuration:
The following GUI tools edit the system configuration files. There is no difference in the configuration developed with the GUI tools and that developed by editing system configuration files directly. TCP/IP ethernet configuration:
Computers may be assigned a static IP address or assigned one dynamically. Typically a server will require a static IP while a workstation will use DHCP (dynamic IP assignment). The Linux server requires a static IP so that those who wish to use its resources can find the system consitently. It is more easily found if the IP address does not change and is static. This is not important for the Linux client workstation and thus it is easier to use an automated Dynamic Host Configuration Protocol (DHCP) for IP address assignment. Static IP address assignment:Choose one of the following methods:
Any other commands you may want to add to the system boot sequence can be added to the end of the file /etc/rc.d/rc.local The commands netcfg and netconfig make permanent changes to system network configuration files located in /etc/sysconfig/network-scripts/, so that this information is retained and used upon system boot. The IANA has allocated IP addresses in the range of 192.168.0.0 to 192.168.255.255 for private networks. [Potential Pitfall]: You assign an IP address and the network connection still does not work?
Helpful tools: ip [ OPTIONS ] OBJECT COMMAND or ip OBJECT COMMAND where:
ifconfig interface [aftype] options | address ... where:
File: /etc/network/interfaces Static IP example: auto lo iface lo inet loopback auto eth0 iface eth0 inet static address 208.88.34.106 netmask 255.255.255.248 broadcast 208.88.34.111 network 208.88.34.104 gateway 208.88.34.110Dynamic IP (DHCP) example: auto lo iface lo inet loopback auto eth0 iface eth0 inet dhcp auto eth1 iface eth1 inet dhcp auto eth2 iface eth2 inet dhcp auto ath0 iface ath0 inet dhcp auto wlan0 iface wlan0 inet dhcp Interfaces:
Also see "man interfaces" Ubuntu GUI Network Tools:
The Red Hat configuration tools store the configuration information in the file
/etc/sysconfig/network.
To disable DHCP change BOOTPROTO=dhcp to BOOTPROTO=none In order for updated information in any of these files to take effect, one must issue the command: service network restart (or: /etc/init.d/network restart) The Linux OS manages outbound and inbound IP (Internet Protocol) traffic. Inbound traffic is captured based on ARP and IP address configuration. Outbound traffic is managed by routes. Routing determines the path these packets take so that they are sent to their destinations. This is required for all IP traffic, local and remote, including when multiple network interfaces are available. Routes are held by the kernel routing table. Direct routing table entries occur when the source and destination hosts are on the same physical network and packets are sent directly from the source to the destination. Indirect routing table entries occur when the source and destination hosts are on different physical networks. The destination host must be reached through one or more IP gateways. The first gateway is the only one which is known by the host system. Default routing defines a gateway to use when the direct network route and the indirect host routes are not defined for a given IP address. Static routes: IP uses a routing table to determine where packets should be sent. First the packet is examined to see if its' destination is for the local or remote network. If it is to be sent to a remote network, the routing table is consulted to determine the path. If there is no information in the routing table then the packet is sent to the default gateway. Static routes are set with the route command and with the configuration file:
See command: /etc/sysconfig/network-scripts/ifup-routes eth0 Dynamic routes: RIP (Routing Information Protocol) is used to define dynamic routes. If multiple routes are possible, RIP will choose the shortest route. (Fewest hops between routers not physical distance.) Routers use RIP to broadcast the routing table over UDP port 520. The routers would then add new or improved routes to their routing tables. Man pages:
Routers and Routing:Routing software can be run on Linux so that it will act as a router. Older packages such as routed and gated are no longer supported. Quagga, a fork of GNU "Zebra", has replaced them. Quagga is a routing software suite, providing implementations of OSPFv2, OSPFv3, RIP v1 and v2, RIPng and BGP-4 for Linux platforms. Installation: RH/CentOS: yum install quagga Quagga Man Pages:
Assign more than one IP address to one ethernet card: ifconfig eth0 XXX.XXX.XXX.XXX netmask 255.255.255.0 broadcast XXX.XXX.XXX.255 ifconfig eth0:0 192.168.10.12 netmask 255.255.255.0 broadcast 192.168.10.255 ifconfig eth0:1 192.168.10.14 netmask 255.255.255.0 broadcast 192.168.10.255 route add -host XXX.XXX.XXX.XXX dev eth0 route add -host 192.168.10.12 dev eth0 route add -host 192.168.10.14 dev eth0 In this example 0 and 1 are aliases in addition to the regular eth0. The result of the ifconfig command: eth0 Link encap:Ethernet HWaddr 00:10:4C:25:7A:3F inet addr:XXX.XXX.XXX.XXX Bcast:XXX.XXX.XXX.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:14218 errors:0 dropped:0 overruns:0 frame:0 TX packets:1362 errors:0 dropped:0 overruns:0 carrier:0 collisions:1 txqueuelen:100 Interrupt:5 Base address:0xe400 eth0:0 Link encap:Ethernet HWaddr 00:10:4C:25:7A:3F inet addr:192.168.10.12 Bcast:192.168.10.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 Interrupt:5 Base address:0xe400 eth0:1 Link encap:Ethernet HWaddr 00:10:4C:25:7A:3F inet addr:192.168.10.14 Bcast:192.168.10.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 Interrupt:5 Base address:0xe400Config file: /etc/sysconfig/network-scripts/ifcfg-eth0:0 DEVICE=eth0:0 ONBOOT=yes BOOTPROTO=static BROADCAST=192.168.10.255 IPADDR=192.168.10.12 NETMASK=255.255.255.0 NETWORK=192.168.10.0 ONBOOT=yesAliases can also be shut down independently. i.e.: ifdown eth0:0 The option during kernel compile is: CONFIG_IP_ALIAS=y (Enabled by default in Redhat) Note: The Apache web server can be configured so that different IP addresses can be assigned to specific domains being hosted. See Apache configuration and "configuring an IP based virtual host" in the YoLinux Web site configuration tutorial.
DHCP Linux Client: get connection info: /sbin/pump -i eth0 --status
This is a three step process:
The hostname may be changed at runtime using the command: sysctl -w kernel.hostname="superserver" Note that hostnames may only contain alphanumeric characters, minus signs ("-"), and periods ("."). They must begin with an alphabetic character and end with an alphanumeric character.
Change the host name using GUI tool: /usr/sbin/system-config-network Hostname entries are made in two places:
Select the "DNS" tab.
Select the "Devices" tab + "Edit" + the "General" tab. Commands for starting and stopping TCP/IP network services on a Network Interface Card (NIC):
files in /etc/sysconfig/network-scripts/ GUI Interface control/configuration:
Subnetting is a methodology used to divide a network into multiple logical networks (subnets). Subnets are often defined for geographical or location reasons. Subnet masks are defined to reflect the number of computer systems and the IP addresses of the systems on the subnet.
Example 192=128+64 Some addresses are reserved and outside this scope. Loopback (127.0.0.1), reserved class C 192.168.XXX.XXX, reserved class B 172.31.XXX.XXX and reserved class A 10.XXX.XXX.XXX. Subnet Example: Your ISP assigns you a subnet mask of 255.255.255.248 for your office.
Links: The concept of network classes is a little obsolete as subnets are now used to define smaller networks using CIDR (Classless Inter-Domain Routing) as detailed above. These subnets may be part of a class A, B, C, etc network. For historical reference the network classes are defined as follows:
The bridge configuration will merge two (or several) networks into one single network topology. IpTables firewall rules can be used to filter traffic. A router configuration can support multicast and basic IP routing using the "route" command. IP masquerading (NAT) can be used to connect private local area networks (LAN) to the internet or load balance servers.
All methods will result in a proc file value of "1". Test: cat /proc/sys/net/ipv4/ip_forward The TCP Man page - Linux Programmer's Manual and /usr/src/linux/Documentation/proc.txt (Kernel 2.2 RH 7.0-) cover /proc/sys/net/ipv4/* file descriptions. Also see: (YoLinux tutorials) Manual method: This does not alter the permanent configuration and will only configure support until the next reboot.
The easy way: Red Hat versions 6.2 and later, ship with Kudzu, a device detection program which runs during system initialization. (/etc/rc.d/init.d/kudzu) This can detect a newly installed NIC and load the appropriate driver. Then use /usr/sbin/netconfig to configure the IP address and network settings. The configuration will be stored so that it will be utilized upon system boot. Systems with two NIC cards: Typically two cards are used when connecting to two networks. In this case the device must be defined using one of three methods:
This is usually not necessary because most ethernet adapters can auto-negotiate link speed and duplex setting.
Man Pages:
Man Pages:
The network listening daemons listen and respond to all network socket connections made on the TCP/IP ports assigned to it. The ports are defined by the file /etc/services. When a connection is made, the listener will attempt to invoke the assigned program and pipe the data to it. This simplified matters by allowing the assigned program to read from stdin instead of making its own sockets connection. The listener handles the network socket connection. Two network listening and management daemons have been used in Red Hat Linux distributions:
Entries in this file consist of a single line made up of the following fields: service socket-type protocol wait user server cmdline
Sample File: /etc/inetd.conf #echo stream tcp nowait root internal #echo dgram udp wait root internal ftp stream tcp nowait root /usr/sbin/tcpd in.ftpd -l -a #pop-3 stream tcp nowait root /usr/sbin/tcpd ipop3d #swat stream tcp nowait.400 root /usr/sbin/swat swat A line may be commented out by using a '#' as the first character in the line. This will turn the service off. The maximum length of a line is 1022 characters.
The inet daemon must be restarted to pick up
the changes made to the file: For more information see the man pages "inetd" and "inetd.conf". Xinetd has access control mechanisms, logging capabilities, the ability to make services available based on time, and can place limits on the number of servers that can be started, redirect services to different ports and network interfaces (NIC) or even to a different server, chroot a service etc... and thus a worthy upgrade from inetd.Use the command chkconfig --list to view all system services and their state. It will also list all network services controlled by xinetd and their respective state under the title "xinetd based services". (Works for xinetd (RH7.0+) but not inetd) The xinetd network daemon uses PAM also called network wrappers which invoke the /etc/hosts.allow and /etc/hosts.deny files. Configuration file: /etc/xinetd.conf which in turn uses configuration files found in the directory /etc/xinetd.d/. To turn a network service on or off:
The file contains entries of the form: service service-name { attribute assignment-operator value value ... ... { Where:
Then restart the daemon: /etc/rc.d/init.d/xinetd restart Example from man page: Limit telnet sessions to 8 Mbytes of memory and a total 20 CPU seconds for child processes. service telnet { socket_type = stream wait = no nice = 10 user = root server = /usr/etc/in.telnetd rlimit_as = 8M rlimit_cpu = 20 }[Pitfall] Red Hat 7.1 with updates as of 07/06/2001 required that I restart the xinetd services before FTP would work properly even though xinetd had started without failure during the boot sequence. I have no explanation as to why this occurs or how to fix it other than to restart xinetd: /etc/rc.d/init.d/xinetd restart. Man Pages:
For more info see: Most of the original Unix remote commands have been superceded by secure shell equivalents. Instead of telnet, rsh or rlogin, one should use the encrypted connection ssh.
The "rwho" command is used to display users logged into computers on your LAN. By default, Red Hat Linux has the network interface to the rwhod disabled. Thus if one issues the command "rwho", you will only see who is logged into the system you are logged into and not remote systems on the network. This is a safe approach for internet servers as it reduces the exposure of a service which could be exploited by hackers. If you wish to use rwhod on a local private and firewall protected network, here is how:
Allow broadcast capabilities. Edit /etc/init.d/rwhod Start service:
Man pages:
Rpcbind or portmapper are required to manage RPC (Remote Procedure Call) requests from services like NFS (file sharing services), NIS (Network Information Services) and SAMBA. rpcbind is newer and used on RHEL 6,7 / Ubuntu 10.04, 12.04, 14.04 and later systems while portmapper was used on RHEL5 or prior systems. Rpcbind and portmapper are both server based services which manages RPC program number requests and returns universal addresses. The rpc service tells rpcbind the address on which it is listening and the RPC program numbers it will serve. Clients first contact rpcbind to lookup where its request should be sent. An RPC server makes available a collection of procedures (programs) that a client system may call and then receive the returned results. The list of services available is listed in /etc/rpc on the server. The message communication is in a machine independent form called XDR (External Data Representation format).
Man Pages:
Pluggable Authentication Modules for Linux (TCP Wrappers) This system allows or denies network access. One can reject or allow specific IP addresses or subnets to access your system. File: /etc/hosts.allow in.ftpd:208.188.34.105This specifically allows the given IP address to ftp to your system. One can also specify an entire domain. i.e. .name-of-domain.com Note the beginning ".". File: /etc/hosts.deny ALL:ALLThis generally denies any access. See the pam man page. File: /etc/inetd.conf ftp stream tcp nowait root /usr/sbin/tcpd in.ftpd -l -aThe inet daemon accepts the incoming network stream and assigns it to the PAM TCP wrapper, /usr/sbin/tcpd, which accepts or denies the network connection as defined by /etc/hosts.allow and /etc/hosts.deny and then passes it along to ftp. This is logged to /var/log/secure Advanced PAM: More specific access can be assigned and controlled by controlling the level of authentication required for access. Files reflect the inet service name. Rules and modules are stacked to achieve the level of security desired. See the files in /etc/pam.d/... (some systems use /etc/pam.conf) The format: service type control module-path module-arguments
Modules:
After re-configuration, restart the inet daemon: killall -HUP inetd For more info see:
ICMP is the network protocol used by the ping and traceroute commands. ICMP redirect packets are sent from the router to the host to inform the host of a better route. To enable ICMP redirect, add the following line to /etc/sysctl.conf : net.ipv4.conf.all.accept_redirects = 1Add the following to the file: /etc/rc.d/rc.local for f in /proc/sys/net/ipv4/conf/*/accept_redirects do echo 1 > $f doneCommand to view Kernel IP routing cache: /sbin/route -Cn NOTE: This may leave you vulnerable to hackers as attackers may alter your routes.
The following firewall rules will drop ICMP requests. Ipchains: ipchains -A output -p icmp -d 0/0 -j DENY OR drop all incoming pings: echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_all This is sometimes necessary to look invisible to DOS (Denial Of Service) attackers who use ping to watch your machine and launch an attack when it's presence is detected Install:
The Linux Kernel is capable of controlling bandwidth peaks, traffic prioritization and scheduling and if necessary, dropping excess traffic, all using the traffic control command "tc" to manage a set of queues (default queue: pfifo_fast). Bandwidth control is called traffic shaping. This is often done to avoid exceeding the bandwidth when sending traffic to a particular device such as a wireless modem during peak network bursts. Traffic prioritization includes reordering network packets so that certain traffic is guarenteed to be sent by a given time. Packet dropping can be performed on ingress and egress packets to achieve a desired bandwidth. Examples: limit data rate to 4 Mbps so that data rate does not exceed the capability of a wireless networking device:
TCNG:
The goals of tcng are provide a network configuration language. Tcng takes input from a script to be parsed and actions delegated to lower level components and to eventual kernel module directives.
Install:
Using tcpdump to monitor the network:[root]# ifconfig eth0 promisc - Put nic into promiscuous mode to sniff traffic. [root]# tcpdump -n host not XXX.XXX.XXX.XXX | more - Sniff net but ignore IP which is your remote session. [root]# ifconfig eth0 -promisc - Pull nic out of promiscuous mode.SNORT: Monitor the network, performing real-time traffic analysis and packet logging on IP networks for the detection of an attack or probe.
Ethernet hosts use the Address Resolution Protocol (ARP) to convert a 32-bit internet IP addresses into a 48-bit Ethernet MAC address used by network hardware. (See: RFC 826) ARP broadcasts are sent to all hosts on the subnet by the data transmitting host to see who replies. The broadcast is ignored by all except the intended receiver which recognizes the IP address as its own. The MAC addresses are remembered (ARP cache) for future network communications. Computers on the subnet typically keep a cache of ARP responses (typically 20 min but can store permanent information for diskless nodes). ARP broadcasts are passed on by hubs and switches but are blocked by routers. Reverse ARP (See: RFC 903) is a bootstrap protocol which allows a client to broadcast requesting a server to reply with its IP address. View ARP tables:
Set/Configure ARP tables:
Man pages:ARP is something that simply works. No Linux system configuration is necessary. It's all part of the ethernet and IP protocol. The aforementioned information is just part of the Linux culture of full visibility into what is going on. Transmission Control Protocol (TCP) is a network transport Internet Protocol (IP) typically used for its bi-directional communications reliability. TCP is a protocol which first establishes a connection and then transmits data over that connection. Replies of acknowledgement are sent to each end of the connection to communicate the fact that the transmitted data was valid to determine if the data should be re-sent. The TCP header is 24 bytes of information including the source and destination port, the packet sequence information, checksum and various flags indicating the purpose of the packet. TCP is a streaming protocol where a numbered set of packets are sent over the network and available to the system in-order. This makes TCP appropriate for file transfer and web content delivery. User Datagram Protocol (UDP) is a protocol which supports a single packet of data with no response, verification or acknowledgement. A checksum is included in the UDP packet header but the protocol does not arrange for retransmission upon error. It is a faster communications method as it does not require the overhead of a connection, reliability or packet order. Each packet is independent of the other and typically used for data no larger than the maximum UDP packet size of 64 Kb (65507 bytes) for the 8 byte header and data, but typically much smaller. TCP:
UDP:
Regular network exchanges of data are peer to peer unicast transactions. An HTTP request to a web server (TCP/IP), email SNMP (TCP/IP), DNS (UDP), FTP (TCP/IP), ... are all peer to peer unicast transactions. If one wants to transmit a video, audio or data stream to multiple nodes with one transmission stream instead of multiple individual peer to peer connections, one for each node, one may use multicasting to reduce network load. Note that multicast and a network broadcast are different and that multicast is a UDP broadcast only. Multicast messages are only "heard" by the nodes on the network that have "joined the multicast group" which are those that are interested in the information. The Linux kernel is Level-2 Multicast-Compliant. It meets all requirements to send, receive and act as a router for multicast datagrams. For a process to receive multicast datagrams it has to request the kernel to join the multicast group and bind the port receiving the datagrams. When a process is no longer interested in the multicast group, a request is made to the kernel to leave the group. It is the kernel/host which joins the multicast group and not the process. Kernel configuration requires "CONFIG_IP_MULTICAST=y". In order for the Linux kernel to support multicast routing, set the following in the kernel config:
The default Red Hat / Fedora kernels are compiled to support multicast. See the YoLinux tutorial on optimization and rebuilding the Linux kernel. Note that on multihomed systems (more than one IP address/network card), only one device can be configured to handle multicast. Class D networks with a range of IP addresses from 224.0.0.0 to 239.255.255.255 (See Network Classes above) have typically been reserved for multicast. Useful commands:
Multicast transmissions are achieved through proper routing, router configuration (if communicating through subnets) and programatically with the use of the following "C" function library calls:
The multicast application will specify the multicast group, loopback interface, TTL (network time to live or router hops), network interface and the multicast group to add or drop. Add route to support multicast:
Linux can be configured to forward packets and act as a simple router between two networks. The prior section on "Enable Forwarding" shows how Linux can be configured to forward regular TCP and UDP packets. This does not include multicast packets. Multicasting begins with an application requesting multicast group membership. It is this request that tells a muliticast router to enable forwarding on the interface that the request arrived on -- no request, no routing. The request must be processed by a multicasting router. Multicast packets can be forwarded and routed by running multicast routing software on the system.
Linux can support Internet Protocol (IP) protocol over serial device interfaces. Over long distances this is typically supported using a modem over telephone lines (POTS: Plain Old Telephone Service) or satellite communications. This is the most common form of IP over serial line and is the most common technique used by telephone dial-up ISPs. The following tutorials use a Hayes command set compatible modem. PPTP: Point-to-Point Tunneling ProtocolDevices:
Example:
Point to point serial links (rather than broadcast networks line ethernet), can also be supported over parallel printer ports. An IP network at 10 to 20 kBps over parallel printer ports lp0 or lp1 are much faster than serial. Linux supports mode 0 PLIP transferring half bytes of data at a time. Requires "NULL Printer" or "Turbo Laplink" printer connection. See kernel source drivers/net/Space.c.
See the YoLinux tutorial on integrating Linux into a Microsoft network.
Test Internet Bandwidth: More Networking Man Pages:
Advertisements
|