Networking Systems Design and Development Lee Chao CRC Press Taylor & Francis Croup Boca Raton London New York CRC Press is an imprint of the Taylor & Francis Croup, an Informa business AN AUERBACH BOOK
Contents Preface Motivation Objectives of the Book Features of the Book Organization of the Book Acknowledgments The Author xi xi xi xii xii xvii xix 1 Linux Networking Overview 1 1.1 Introduction 1 1.2 Overview of Linux Operating Systems 2 1.2.1 Brief History 3 1.2.2 Linux Distributions 4 1.3 Linux Networking 8 1.3.1 Linux Network Architecture 9 1.3.2 Linux Networking Tasks and Network Tools 12 1.4 Book Framework 27 1.5 Summary 29 2 Network Protocols 31 2.1 Introduction 31 2.2 Application Layer Protocols 32 2.3 Transport Layer Protocols 34 2.3.1 Transmission Control Protocol (TCP) 35 2.3.2 User Datagram Protocol (UDP) 39 2.4 Internet Layer Protocols 39 2.4.1 Internet Protocol (IP) 40 2.4.2 Internet Control Message Protocol (ICMP) 42 2.4.3 Address Resolution Protocol (ARP) 43 2.4.4 IP Security (IPSec) 44 2.4.5 Internet Routing Protocols 45 2.5 Network Interface Layer Protocols 46 2.6 Network Protocol Graph 49 2.7 Summary 64 v
vi Contents 3 Network Technologies 71 3.1 Introduction 71 3.2 Network Types 72 3.2.1 Local Area Network 72 3.2.1.1 Ethernet 72 3.2.1.2 Fibre Channel 74 3.2.2 Wide Area Network 76 3.2.3 Internet 79 3.2.4 Wireless Network 81 3.3 Network Media 81 3.3.1 Modulation 81 3.3.2 Multiplexing 82 3.3.3 Twisted-Pair Wire 82 3.3.4 Optical Fiber 83 3.3.5 Wireless Transmission Media 85 3.4 Network Devices 86 3.4.1 Network Interface Cards 86 3.4.2 Network Switches 87 3.4.3 Network Routing Equipment 88 3.6 Summary 100 4 Network Design 103 4.1 Introduction 103 4.2 Network Design 104 4.2.1 Requirement Investigation 104 4.2.2 Logical Network Model 104 4.2.3 IP Addressing and Routing Strategy 106 4.2.4 Security Policy 106 4.2.5 Planning for Physical Implementation 108 4.3 IP Addressing 109 4.3.1 IPv4 IP Addressing 109 4.3.2 Special IP Addresses 112 4.3.3 Private and Public IP Addressing 113 4.3.4 IPv6 Addressing 114 4.3.4.1 Unicast IP Address 116 4.3.4.2 Multicast 117 4.3.4.3 Anycast 118 4.4 Subnets 118 4.4.1 Reasons for Using Subnets 118 4.4.2 Subnet Masks 119 4.4.3 Network Subnetting 121 4.4.4 Classless Inter-Domain Routing (CIDR) 127 4.6 Summary 136 5 Network Services 139 5.1 Introduction 139 5.2 User Accounts 140 5.2.1 Users and Groups 140
Contents vii 5.3 Dynamic Host Configuration Protocol (DHCP) 148 5.3.1 Dynamic IP Address Assignment Process 148 5.3.2 DHCP Configuration 151 5.4 Name Services 158 5.4.1 Naming Hierarchy 159 5.4.2 DNS Server Hierarchy 160 5.4.3 Name Resolution Process 161 5.4.4 DNS Zones 162 5.4.5 Types of DNS Records 162 5.5 Summary 171 6 Routing 173 6.1 Introduction 173 6.2 Connecting Networks with Routers 174 6.3 Routing Table 175 6.4 Updating Routing Table 176 6.5 Route Calculation 178 6.5.1 Link State Routing Algorithm 178 6.5.2 Distance Vector Routing Algorithm 183 6.6 Routing across Networks 188 6.7 Summary 209 7 Linux Network Resource Sharing 211 7.1 Introduction 211 7.2 Network File System (NFS) 212 7.2.1 NSF Technology Overview 212 7.2.2 NFS Configuration 213 7.3 Sharing Network with Windows 220 7.3.1 Samba Features and Applications 220 7.3.2 Configuration ofsamba Services 221 7.4 Remote Access through VPN 226 7.4.1 VPN Technology 227 7.4.1.1 Internet Protocol Security (IPSec) 227 7.4.1.2 Secure Sockets Layer (SSL) VPN 228 7.4.1.3 Point-to-Point Tunneling Protocol (PPTP) 229 7.4.2 VPN Configuration 230 7.5 Network Address Translation (NAT) 239 7.5.1 NAT Technology 239 7.5.2 NAT Application and Configuration 241 7.6 Summary 246 249 8 Internet Services 8.1 Introduction 249 8.2 Web Services 250 8.2.1 Hypertext Transfer Protocol (HTTP) 251 8.2.2 WebServers 251 8.2.3 Web Server Configuration 252
viii Contents 8.3 File Transfer Service 258 8.3.1 FTP Server and Client 258 8.3.2 FTP Connection 259 8.3.3 FTP Commands 259 8.3.4 FTP Configuration 259 8.4 E-Mail Service 264 8.4.1 E-Mail System 264 8.4.2 E-Mail Transfer 265 8.4.3 E-Mail Service Configuration 267 8.5 Summary 285 9 Network Security 287 9.1 Introduction 287 9.2 Security Issues 288 9.2.1 Network Security Policies 288 9.2.2 Intrusion into Computer Systems 289 9.2.3 Intrusion into Networks 289 9.2.4 Computer Viruses 290 9.2.5 Network Security Measures 291 9.3 Security Technologies 292 9.3.1 Intrusion Detection System (IDS) 293 9.3.2 IP Security (IPSec) 294 9.3.3 Remote Authentication Dial In User Service (RADIUS) 296 9.3.4 Secure Shell (SSH) 298 9.3.5 Secure Sockets Layer (SSL) 303 9.3.6 Wi-Fi Protected Access 310 9.4 Network Firewalls 312 9.4.1 Firewall Rules 313 9.4.2 Firewall Types 315 9.4.3 Firewall Architectures 317 9.5 Summary 320 10 Network Resource Management 323 10.1 Introduction 323 10.2 User Account Management 324 10.2.1 User Management 324 10.2.2 Group Management 325 10.2.3 Directory Service Management 326 10.3 Network Device Resource Management 340 10.3.1 Viewing Device Information 340 10.3.2 Device Management Daemons 343 10.3.2.1 Hardware Abstraction Layer (HAL) 343 10.3.2.2 User Device (udev) 345 10.3.3 Kernel Management 348 10.4 Summary 357
Contents ix 11 Wireless Networks 359 11.1 Introduction 359 11.2 Wireless Network Technologies 360 11.2.1 Wi-Fi Technology 360 11.2.2 WiMAX Technology 362 11.2.3 Infrared 363 11.2.4 Bluetooth 363 11.3 Wireless Network Devices 364 11.4 Linux-Compatible Wireless Network Devices 367 11.4.1 Linux Compatibility 368 11.4.2 Wireless Device Chipsets 370 11.4.3 Wireless Device Drivers 371 11.4.4 NDISwrapper 371 11.5 Wireless Network Configuration Tools 372 11.5.1 Viewing Wireless Network Device Information 373 11.5.2 Configuration of Wireless Network Devices 374 11.6 Summary 386 12 Mobile Networks 389 12.1 Introduction 389 12.2 Mobile Linux 390 12.3 Mobile Devices 394 12.4 Mobile Network 395 12.4.1 Mobile Network System 395 12.4.2 First-Generation Mobile Network 398 12.4.3 Second-Generation Mobile Network 400 12.4.4 Third-Generation Mobile Network 406 12.4.4.1 Universal Mobile Telephone Service (UMTS) 409 12.4.4.2 CDMA2000 413 12.4.5 Mobile Network beyond Third Generation 415 12.5 Summary 423 Index 429