LINUX AND OPEN SOURCE SOFTWARE

Chapter 7.
NETWORKING AND REMOTE
ACCESS

1-1
 Main contents
➢ Networking
▪ Basics and requirements
▪ Networking with TCP/IP
▪ IPv6
▪ Network Organization
▪ Network configuration (Wired and Wireless)
➢ Remote Access
▪ Setting up a SSH server
▪ Using SSH tools
▪ Virtual Network Computing (VNC)

1-2
 Hardware

➢ Network interface cards

▪ Wired
▪ Wireless
➢ Network cables
▪ UTP/STP/Fiber
➢ Network devices:
▪ Hub/Switch/Router/Bridge

1-3
 Initializing New Network Hardware
➢ Unless support for a particular NIC is built in to your
kernel (in /dev), Linux must be told to load a specific
kernel module to support your NIC.
▪ More than100 such modules are located in the
/lib/modules/5.X.XX-XX/kernel/net directory (where X.XX-XX
is your version of the kernel).
➢ Using modprobe to manually load kernel modules

sudo modprobe <options> <module name>

dmesg

E.g. sudo modprobe 8139too.o

tells the Linux kernel to load the 8139too.o kernel module to support the eth0 network device
of a RealTek NIC
1-4
 TCP/IP Addressing: IPv4
➢ IP Address Classes
Class Range Network Address Host Address
A 0-127 xxx xxx.xxx.xxx
B 128-191 xxx.xxx xxx.xxx
C 192-223 xxx.xxx.xxx xxx

1-5
 TCP/IP Addressing: IPv4
➢ IP Address Classes

1-6
 TCP/IP Addressing: IPv6

• IPv4 is based on 32-bit numbering, which limits the

number of available IP addresses to about 4.1 billion.
▪ Not enough IPv4 addresses are available for the number of
devices that need IP addresses. This problem, noticed in the
1990s, is only one of the problems with IPv4.
• IPv6 uses 128-bit numbering that can theoretically allow
• 340,282,366,920,938,463,463,374,607,431,768,211,456 IP
addresses
• 4 digits can be used to represent 16 binary digits, like this:
 TCP/IP Addressing: IPv6

➢ E.g
• F734:0000:0000:0000:3458:79B2:D07B:4620
• 2002:0000:0000:0000:0000:0000:0A00:0001
(2002::10.0.0.1 or 2002::A00:1)
➢ Special-use addresses
• ::1/128 is the loopback address
• ::/128 is the unspecified address
• ::/0 is the default unicast route address.
• ff00::/8 are multicast addresses.
Localhost or loopback interface
1-8
 TCP/IP Addressing
➢ Net & Subnet
➢ Net & Subnet mask

IP

Routing operation inside a router:

Routing prefix = (IP Address) AND (Net/Subnet mask)
=> If Routing prefix (IP Source)  Routing prefix (IP Dest.): route to another
network.
1-9
 TCP/IP Addressing
➢ Port
▪ ports help TCP/IP distinguish services so that data can get to the
correct application
▪ Check file /etc/services
ftp 21/tcp
http 80/tcp http # WorldWideWeb HTTP
pop3 110/tcp pop-3 # POP version 3

▪ Note that these ports are not set in stone, and you can set up
your server to respond to different ports.
• E.g. , change SSH port in /etc/ssh/sshd_config to port 2224 (after
restarting service sudo service ssh restart)

1-10
 TCP/IP Addressing
➢ Broadcast, Unicast, and Multicast Addressing

1-11
 Network checking
➢ Localhost (or Loopback) interface
▪ ip address show
~$ ip address show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
group default
qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever

1-12
 Network checking
➢ Localhost (or Loopback) interface
▪ ifconfig
~$ ifconfig
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:270 errors:0 dropped:0 overruns:0 frame:0
TX packets:270 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:20748 (20.7 KB) TX bytes:20748 (20.7 KB

1-13
 Network checking
➢ Configuring the Loopback Interface Manually

Edit the file /etc/hosts

127.0.0.1 localhost
127.0.1.1 seymour
# The following lines are desirable for IPv6 capable hosts
::1 localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters

1-14
 Checking connection
➢ Using commands
▪ ping
$ping -c 3 localhost
PING localhost (127.0.0.1) 56(84) bytes of data.
64 bytes from localhost (127.0.0.1): icmp_seq=1 ttl=64 time=0.047 ms
64 bytes from localhost (127.0.0.1): icmp_seq=2 ttl=64 time=0.060 ms
64 bytes from localhost (127.0.0.1): icmp_seq=3 ttl=64 time=0.045 ms
--- localhost ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2030ms
rtt min/avg/max/mdev = 0.045/0.050/0.060/0.010 ms

1-15
 Checking connection
➢ Using commands
▪ traceroute
$traceroute google.com
traceroute to google.com (74.125.225.99), 30 hops max, 60 byte packets
1 Cisco02420 (192.168.1.1) 0.149 ms 0.181 ms 0.304 ms
2 10.2.0.1 (10.2.0.1) 3.190 ms 3.227 ms 3.217 ms
3 65.201.51.216.sta.southslope.net (216.51.201.65) 3.397 ms 3.611 ms 3.720 ms
4 ss-dsl-sec1.nl.southslope.net (167.142.151.30) 3.622 ms 3.637 ms 3.649 ms
5 167.142.50.13 (167.142.50.13) 6.660 ms 6.665 ms 6.678 ms
6 ins-dc2-et-8-4.desm.netins.net (167.142.67.17) 6.599 ms 6.503 ms 7.482 ms
7 ins-db3-te-0-7-0-0.desm.netins.net (167.142.67.182) 7.845 ms 5.145 ms 5.131 ms

1-16
 Checking connection
➢ Using commands
▪ $mtr google.com (combine ping and traceroute)

1-17
 Using network configuration tools
➢ Using GUI
▪ Network Manager

➢ Command line
▪ ifconfig
▪ ip/ip route
▪ route
▪ netstat

1-18
 Using network configuration tools
➢ ifconfig
ifconfig [network device] options

Use Option Example

Create alias [network device] ifconfig eth0:0 _ :[number] 10.10.10.10
Change IP address ifconfig eth0 10.10.10.12
Change the netmask netmask [netmask] ifconfig eth0 netmask 255.255.255
Change the broadcast broadcast [address] ifconfig eth0 broadcast 10.10.10.255
Take interface down down ifconfig eth0 down
Bring interface up up (add IP address) ifconfig eth0 up (ifconfig eth0 10.10.10.10)
Set NIC promiscuous [-]promisc ifconfig eth0 promisc mode on [off]
[ifconfig eth0 -promisc]
Set multicasting mode [-]allmulti ifconfig eth0 _ on [off] allmulti [ifconfig
eth0 -allmulti]
Enable or disable [-]pointopoint [address] ifconfig _ point-to-point address
eth0 _ pointopoint 10.10.10.20 [ifconfig eth0 pointopoint _
10.10.10.20]
1-19
 Using network configuration tools
➢ ip / ip route ip [options] object
▪ In preparing for this edition, ifconfig still worked well on our
testing system, but it was no longer installed by default. It is
losing favor as ip sees more use.

To assign an IP address to a specific ~$ sudo ip addr add 192.168.2.9 dev eth1

interface
To remove an assigned IP address, ~$ sudo ip addr del 192.168.2.9 dev eth1
Enable a network interface ~$ sudo ip link set eth1 up
To disable a network interface, ~$ sudo ip link set eth1 down
Check the routing table ~$ sudo ip route show
To add a static route, ~$ sudo ip route add 10.10.30.0/24 via
192.168.50.100 dev eth0
Remove a static route ~$ sudo ip route del 10.10.30.0/24
To add a default gateway ~$ sudo ip route add default via 192.168.36.100
1-20
 Using network configuration tools
➢ route
route [option] add | del
route -n

E.g.
route add -net 127.0.0.0 netmask 255.0.0.0 dev lo
adds the normal loopback entry, using netmask 255.0.0.0 and associated with the
"lo" device
route add -net 192.56.76.0 netmask 255.255.255.0 dev eth0
adds a route to the local network 192.56.76.x via "eth0". The word "dev" can be
omitted here.

route del default

deletes the current default route, which is labeled "default" or 0.0.0.0 in the
destination field of the current routing table.

route add default gw mango-gw

adds a default route (which will be used if no other route matches). All packets
using this route will be gatewayed through "mango-gw".
1-21
 Network Status
➢ netstat: is used to display the status of your network.
netstat [option]

Option Output
-g Displays the multicast groups configured
-i Displays the interfaces configured by ifconfig
-s Lists a summary of activity for each protocol
-v Gives verbose output, listing both active and inactive sockets
-c Updates output every second (good for testing and
troubleshooting)
-e Gives verbose output for active connections only
-C Displays information from the route cache and is good for looking
at past connections

1-22
 Network Configuration Files

File Content
/etc/hosts A listing of addresses, hostnames, and aliases
/etc/services Network service and port connections
/etc/nsswitch.conf Linux network information service configuration
/etc/resolv.conf Domain Name System (DNS) domain (search) settings
/etc/host.conf Network information search order (by default, /etc/hosts
and then DNS)

Starting with 17.10, Ubuntu made another big switch away from
resolvconf to netplan. Instead of using /etc/network/interfaces,
you now find network configuration in /etc/netplan/*.yaml files.
• Using netplan follows pages 353-355 in textbook

1-23
Network Configuration Files

Graphical changing DNS servers

1-24
 Dynamic Host Configuration Protocol
➢ Client: /etc/dhcp/dhclient.conf
➢ Server: /etc/dhcp/dhcpd.conf

1-25
 Wireless Networking

iwconfig Sets the network name, encryption, transmission rate, and

other features of a wireless network interface

iwlist Displays information about a wireless interface, such as rate,

power level, or frequency used

iwpriv Sets optional features of a wireless network interface, such as

roaming

iwspy Shows wireless statistics of a number of nodes

1-26
Wireless Networking

1-27
 Practice
➢ Check route to facebook.com
➢ Change ip address of the Ethernet interface
➢ Scan wireless network
➢…

1-28
Remote Access

1-29
 Remote Access
➢ Setting up an SSH server
➢ SSH tools
➢ Virtual network computing (VNC)

1-30
 Setting Up SSH server
➢ If SSH is not installed already, install the OpenSSH
server by adding the openssh-server package
➢ Configure the server
/etc/ssh/sshd_config
➢ Configure the client
/etc/ssh/ssh_config
➢ Two different versions of SSH exist: SSH1 and SSH2. The latter is
newer and more secure, comes with more features, and is the
default in Ubuntu.

https://devconnected.com/how-to-install-and-enable-ssh-server-on-
ubuntu-20-04/
1-31
 SSH Tools
➢ ssh: Secure Shell command that connects to other machines
ssh -p <port> <username>@<ip_address>
$ssh -p 22 minh@127.0.0.1
▪ sshd: the server daemon accepts incoming SSH connections
▪ $ssh-keygen –t dsa: create key for for remote user login
▪ After the key is generated, change the directory to .ssh (cd ~/.ssh), which is a
hidden directory where your key is stored and that keeps a list of safe SSH
hosts.

➢ scp: copy files between machines

scp <source file> <ip_address>:subdir/<dest_file>

1-32
 SSH Tools

➢ ftp/sftp: Secure File transfer prototocal

sftp <ip_address>

1-33
 VNC
➢ Settings → Sharing

Local Remote 1-34

Practice

1-35