Linux/Networking Services: Difference between revisions
From charlesreid1
| Line 8: | Line 8: | ||
=IP Schema= | ==IP Schema== | ||
First principle: keep schema easy to change | First principle: keep schema easy to change | ||
| Line 43: | Line 43: | ||
Unless you are a networking company. Or studying for a certification. | Unless you are a networking company. Or studying for a certification. | ||
==dhcp server== | |||
now that we have used ipcalc to decide on a network layout (ip schema, number of addresses, number of bits, subnet mask, etc.), put it into action. | |||
set up dhcp server to configure and serve up IPv4 addresses to machines that want one. | |||
Use the <code>isc-dhcp-server</code>: | |||
<pre> | |||
$ apt-get install isc-dhcp-server | |||
</pre> | |||
Now configure the dhcp server by editing its configuration file, located at <code>/etc/dhcp/dhcp.conf</code> | |||
If you have an example, it will be pretty extensive. Or, it might be totally empty. Here is a sample: | |||
<pre> | |||
default-lease-time 86400; | |||
max-lease-time 86400; | |||
option subnet-mask 255.255.252.0; | |||
option broadcast-address 10.10.99.255; | |||
option domain-name "local.lan"; | |||
authoritative; | |||
subnet 10.10.96.0 netmask 255.255.252.0 { | |||
range 10.10.99.100 10.10.99.254; | |||
option routers 10.10.96.1; | |||
option domain-name-servers 10.10.96.1; | |||
} | |||
</pre> | |||
Once you have edited this file, you will restart the daemon. | |||
=Related= | =Related= | ||
{{LinuxNetworking}} | {{LinuxNetworking}} | ||
Revision as of 04:48, 14 March 2016
Overview
This page will cover a couple of key aspects of networking services on Linux:
- ip address schema
- dhcp server
- dns server
- ntp server
IP Schema
First principle: keep schema easy to change
What types of machines are you providing addresses to? Servers/workstations/printers, but now also phones, conference systems, tablets. many devices also have multiple network interfaces. a default network of 24 bits, 254 usable ip addresses, is not large enough for many situations.
multiple subnets would help to create individual networks for groups of devices (types of services). example: have servers on one subnet, printers on antoher, workstations on yet another.
the broadcast domain should also be limited. With a one-size-fits-all 24 bit network, you have a single subnet, and a single broadcast domain. Every device can communicate with every other device, with no need for routing. However, on large networks, breaking down the broadcast domain can help ensure performance. Organizing sub domains for different services keep those services from being overwhelmed.
To plan IP schema, use the ipcalc utility. This can help you understand the number of IP addresses that will be available for a given schema.
$ apt-get install ipcalc
You give it arguments of the network you are thinking about using:
$ ipcalc 10.10.96.0/22
ipcalc shows Hosts/Net, which is the number of allowable IP addresses that this network would give us.
The utility also shows the subnet mask that would be required, which is 255.255.252.0.
ipv4 vs ipv6
insert obligatory reference to number of IP addresses running out...
ipv6 needs to be ushered in.
HOWEVER, for small, internal networks, there is absolutely no need to complicate your life with ipv6. The namespace for ipv4 running out will only affect the wider internet, and not local nor private network IP spaces.
Unless you are a networking company. Or studying for a certification.
dhcp server
now that we have used ipcalc to decide on a network layout (ip schema, number of addresses, number of bits, subnet mask, etc.), put it into action.
set up dhcp server to configure and serve up IPv4 addresses to machines that want one.
Use the isc-dhcp-server:
$ apt-get install isc-dhcp-server
Now configure the dhcp server by editing its configuration file, located at /etc/dhcp/dhcp.conf
If you have an example, it will be pretty extensive. Or, it might be totally empty. Here is a sample:
default-lease-time 86400;
max-lease-time 86400;
option subnet-mask 255.255.252.0;
option broadcast-address 10.10.99.255;
option domain-name "local.lan";
authoritative;
subnet 10.10.96.0 netmask 255.255.252.0 {
range 10.10.99.100 10.10.99.254;
option routers 10.10.96.1;
option domain-name-servers 10.10.96.1;
}
Once you have edited this file, you will restart the daemon.