LibCat » Книги » Компьютеры и интернет » ОС и Сети » Olaf Kirch - Linux Network Administrator Guide, Second Edition

Olaf Kirch - Linux Network Administrator Guide, Second Edition

Здесь есть возможность читать онлайн «Olaf Kirch - Linux Network Administrator Guide, Second Edition» весь текст электронной книги совершенно бесплатно (целиком полную версию без сокращений). В некоторых случаях можно слушать аудио, скачать через торрент в формате fb2 и присутствует краткое содержание. Год выпуска: 2000, ISBN: 2000, Жанр: ОС и Сети, на английском языке. Описание произведения, (предисловие) а так же отзывы посетителей доступны на портале библиотеки ЛибКат.

Читать книгу

Название:
Linux Network Administrator Guide, Second Edition
Автор:
Olaf Kirch
Жанр:
ОС и Сети / на английском языке
Год:
2000
ISBN:
1-56592-400-2
Рейтинг книги:
3 / 5. Голосов: 1
Избранное:

Добавить в избранное
Отзывы:
Написать комментарий
Ваша оценка:
- 60
- 1
- 2
- 3
- 4
- 5

Linux Network Administrator Guide, Second Edition: краткое содержание, описание и аннотация

Предлагаем к чтению аннотацию, описание, краткое содержание или предисловие (зависит от того, что написал сам автор книги «Linux Network Administrator Guide, Second Edition»). Если вы не нашли необходимую информацию о книге — напишите в комментариях, мы постараемся отыскать её.

This book was written to provide a single reference for network administration in a Linux environment. Beginners and experienced users alike should find the information they need to cover nearly all important administration activities required to manage a Linux network configuration. The possible range of topics to cover is nearly limitless, so of course it has been impossible to include everything there is to say on all subjects. We've tried to cover the most important and common ones. We've found that beginners to Linux networking, even those with no prior exposure to Unix-like operating systems, have found this book good enough to help them successfully get their Linux network configurations up and running and get them ready to learn more.
There are many books and other sources of information from which you can learn any of the topics covered in this book (with the possible exception of some of the truly Linux-specific features, such as the new Linux firewall interface, which is not well documented elsewhere) in greater depth. We've provided a bibliography for you to use when you are ready to explore more.

Linux Network Administrator Guide, Second Edition — читать онлайн бесплатно полную книгу (весь текст) целиком

Ниже представлен текст книги, разбитый по страницам. Система сохранения места последней прочитанной страницы, позволяет с удобством читать онлайн бесплатно книгу «Linux Network Administrator Guide, Second Edition», без необходимости каждый раз заново искать на чём Вы остановились. Поставьте закладку, и сможете в любой момент перейти на страницу, на которой закончили чтение.

Тёмная тема

Шрифт:

↓

↑

Сбросить

Интервал:

↓

↑

Закладка:

Сделать

Finally, the last field displays the network interface that this route will use.

Displaying Interface Statistics

When invoked with the -i flag, netstat displays statistics for the network interfaces currently configured. If the -a option is also given, it prints all interfaces present in the kernel, not only those that have been configured currently. On vstout , the output from netstat will look like this:

# netstat -i

Kernel Interface table

Iface MTU Met RX-OK RX-ERR RX-DRP RX-OVR TX-OK TX-ERR TX-DRP TX-OVR Flags

lo 0 0 3185 0 0 0 3185 0 0 0 BLRU

eth0 1500 0 972633 17 20 120 628711 217 0 0 BRU

The MTU and Met fields show the current MTU and metric values for that interface. The RX and TX columns show how many packets have been received or transmitted error-free (RX-OK / TX-OK) or damaged (RX-ERR / TX-ERR); how many were dropped (RX-DRP / TX-DRP); and how many were lost because of an overrun (RX-OVR / TX-OVR).

The last column shows the flags that have been set for this interface. These characters are one-character versions of the long flag names that are printed when you display the interface configuration with ifconfig:

B

A broadcast address has been set.

L

This interface is a loopback device.

M

All packets are received (promiscuous mode).

O

ARP is turned off for this interface.

P

This is a point-to-point connection.

R

Interface is running.

U

Interface is up.

Displaying Connections

netstat supports a set of options to display active or passive sockets. The options -t , -u , -w , and -x show active TCP, UDP, RAW, or Unix socket connections. If you provide the -a flag in addition, sockets that are waiting for a connection (i.e., listening) are displayed as well. This display will give you a list of all servers that are currently running on your system.

Invoking netstat -ta on vlager produces this output:

$ netstat -ta

Active Internet Connections Proto Recv-Q Send-Q Local Address Foreign Address (State)

tcp 0 0 *:domain *:* LISTEN

tcp 0 0 *:time *:* LISTEN

tcp 0 0 *:smtp *:* LISTEN

tcp 0 0 vlager:smtp vstout:1040 ESTABLISHED

tcp 0 0 *:telnet *:* LISTEN

tcp 0 0 localhost:1046 vbardolino:telnet ESTABLISHED

tcp 0 0 *:chargen *:* LISTEN

tcp 0 0 *:daytime *:* LISTEN

tcp 0 0 *:discard *:* LISTEN

tcp 0 0 *:echo *:* LISTEN

tcp 0 0 *:shell *:* LISTEN

tcp 0 0 *:login *:* LISTEN

This output shows most servers simply waiting for an incoming connection. However, the fourth line shows an incoming SMTP connection from vstout , and the sixth line tells you there is an outgoing telnet connection to vbardolino . [39] You can tell whether a connection is outgoing from the port numbers. The port number shown for the calling host will always be a simple integer. On the host being called, a well-known service port will be in use for which netstat uses the symbolic name such as smtp, found in /etc/services.

Using the -a flag by itself will display all sockets from all families.

Checking the ARP Tables

On some occasions, it is useful to view or alter the contents of the kernel's ARP tables, for example when you suspect a duplicate Internet address is the cause for some intermittent network problem. The arp tool was made for situations like this. Its command-line options are:

arp [-v] [-t hwtype ] -a [ hostname ] arp [-v] [-t hwtype ] -s hostname hwaddr

arp [-v] -d hostname [ hostname …]

All hostname arguments may be either symbolic hostnames or IP addresses in dotted quad notation.

The first invocation displays the ARP entry for the IP address or host specified, or all hosts known if no hostname is given. For example, invoking arp on vlager may yield:

# arp -a

IP address HW type HW address

172.16.1.3 10Mbps Ethernet 00:00:C0:5A:42:C1

172.16.1.2 10Mbps Ethernet 00:00:C0:90:B3:42

172.16.2.4 10Mbps Ethernet 00:00:C0:04:69:AA

which shows the Ethernet addresses of vlager , vstout and vale .

You can limit the display to the hardware type specified using the -t option. This may be ether , ax25 , or pronet , standing for 10 Mbps Ethernet; AMPR AX.25, and IEEE 802.5 token ring equipment, respectively.

The -s option is used to permanently add hostname 's Ethernet address to the ARP tables. The hwaddr argument specifies the hardware address, which is by default expected to be an Ethernet address specified as six hexadecimal bytes separated by colons. You may also set the hardware address for other types of hardware, using the -t option.

For some reason, ARP queries for the remote host sometimes fail, for instance when its ARP driver is buggy or there is another host in the network that erroneously identifies itself with that host's IP address; this problem requires you to manually add an IP address to the ARP table. Hard-wiring IP addresses in the ARP table is also a (very drastic) measure to protect yourself from hosts on your Ethernet that pose as someone else.

Invoking arp using the -d switch deletes all ARP entries relating to the given host. This switch may be used to force the interface to re-attempt obtaining the Ethernet address for the IP address in question. This is useful when a misconfigured system has broadcasted wrong ARP information (of course, you have to reconfigure the broken host first).

The -s option may also be used to implement proxy ARP. This is a special technique through which a host, say gate , acts as a gateway to another host named fnord by pretending that both addresses refer to the same host, namely gate . It does so by publishing an ARP entry for fnord that points to its own Ethernet interface. Now when a host sends out an ARP query for fnord , gate will return a reply containing its own Ethernet address. The querying host will then send all datagrams to gate , which dutifully forwards them to fnord .

These contortions may be necessary when you want to access fnord from a DOS machine with a broken TCP implementation that doesn't understand routing too well. When you use proxy ARP, it will appear to the DOS machine as if fnord was on the local subnet, so it doesn't have to know about how to route through a gateway.

Another useful application of proxy ARP is when one of your hosts acts as a gateway to some other host only temporarily, for instance, through a dial-up link. In a previous example, we encountered the laptop vlite , which was connected to vlager through a PLIP link from time to time. Of course, this application will work only if the address of the host you want to provide proxy ARP for is on the same IP subnet as your gateway. vstout could proxy ARP for any host on the Brewery subnet ( 172.16.1.0 ), but never for a host on the Winery subnet ( 172.16.2.0 ).

The proper invocation to provide proxy ARP for fnord is given below; of course, the given Ethernet address must be that of gate :