Saturday, August 23, 2008

Network Definitions:

  • IPv4: Most of the Internet servers and personal computers use Internet Protocol version 4 (IPv4). This uses 32 bits to assign a network address as defined by the four octets of an IP address up to 255.255.255.255. Which is the representation of four 8 bit numbers thus totaling 32 bits.
  • IPv6: Internet Protocol version 6 (IPv6) uses a 128 bit address and thus billions and billions of potential addresses. The protocol has also been upgraded to include new quality of service features and security. Currently Linux supports IPv6 but IPv4 is used when connecting your computer to the internet.
  • TCP/IP: (Transmission Control Protocol/Internet Protocol) uses a client - server model for communications. The protocol defines the data packets transmitted (packet header, data section), data integrity verification (error detection bytes), connection and acknowledgement protocol, and re-transmission.
  • TCP/IP time to live (TTL): This is a counting mechanism to determine how long a packet is valid before it reaches its destination. Each time a TCP/IP packet passes through a router it will decrement its TTL count. When the count reaches zero the packet is dropped by the router. This ensures that errant routing and looping aimless packets will not flood the network.
  • MAC Address: (media access control) is the network card address used for communication between other network devices on the subnet. This info is not routable. The ARP table maps TCP/IP address (global internet) to the local hardware on the local network. Use the command /sbin/ifconfig to view both the IP address and the MAC address. The MAC address uniquely identifies each node of a network and is used by the Ethernet protocol.
  • Full Duplex: Allows the simultaneous sending and receiving of packets. Most modern modems support full duplex.
  • Half Duplex: Allows the sending and receiving of packets in one direction at a time only.
  • OSI 7 Layer Model: The ISO (International Standards Organization) has defined the OSI (Open Systems Interconnection) model for current networking protocols.
    OSI Layer Description Linux Networking Use
    7 Application Layer.
    The top layer for communications applications like email and the web.    		 telnet, web browser, sendmail
    6 Presentation Layer.
    Syntax and format of data transfer.    		 SMTP, http
    5 Session Layer.
    4 Transport Layer.
    Connection, acknowledgement and data packet transmission.    		 TCP
    UDP
    3 Network Layer. IP
    ARP
    2 Data Link Layer.
    Error control, timing    		 Ethernet
    1 Physical Layer.
    Electrical characteristics of signal and NIC    		 Ethernet
  • Network Hub: Hardware to connect network devices together. The devices will all be on the same network and/or subnet. All network traffic is shared and can be sniffed by any other node connected to the same hub.
  • Network Switch: Like a hub but creates a private link between any two connected nodes when a network connection is established. This reduces the amount of network collisions and thus improves speed. Broadcast messages are still sent to all nodes.

Posted by at No comments:

Configuring Linux For Network Multicast:

Regular network exchanges of data are peer to peer unicast transactions. An HTTP request to a web server (TCP/IP), email SNMP (TCP/IP), DNS (UDP), FTP (TCP/IP), ... are all peer to peer unicast transactions. If one wants to transmit a video, audio or data stream to multiple nodes with one transmission stream instead of multiple individual peer to peer connections, one for each node, one may use multicasting to reduce network load. Note that multicast and a network broadcast are different. Multicast messages are only "heard" by the nodes on the network that have "joined the multicast group" which are those that are interested in the information.

The Linux kernel is Level-2 Multicast-Compliant. It meets all requirements to send, receive and act as a router for multicast datagrams. For a process to receive multicast datagrams it has to request the kernel to join the multicast group and bind the port receiving the datagrams. When a process is no longer interested in the multicast group, a request is made to the kernel to leave the group. It is the kernel/host which joins the multicast group and not the process. Kernel configuration requires "CONFIG_IP_MULTICAST=y". In order for the Linux kernel to support multicast routing, set the following in the kernel config:

  • CONFIG_IP_MULTICAST=y
  • CONFIG_IP_ROUTER=y
  • CONFIG_IP_MROUTE=y
  • CONFIG_NET_IPIP=y

The default Red Hat / Fedora kernels are compiled to support multicast.

See the YoLinux tutorial on optimization and rebuilding the Linux kernal.

Note that on multihomed systems (more than one IP address/network card), only one device can be configured to handle multicast.

Class D networks with a range of IP addresses from 224.0.0.0 to 239.255.255.255 (See Network Classes above) have typically been reserved for multicast.

Usefull commands:

Command Description
cat /proc/net/igmp List multicast group to which the host is subscribed. Use "Internet Group Management Protocol".
(See /usr/src/linux/net/core/igmp.c)
cat /proc/net/dev_mcast List multicast interfaces.
(See /usr/src/linux/net/core/dev_mcast.c)
ping 224.0.0.1 All hosts configured for multicast will respond with their IP addresses
ping 224.0.0.2 All routers configured for multicast will respond
ping 224.0.0.3 All PIM routers configured for multicast will respond
ping 224.0.0.4 All DVMRP routers configured for multicast will respond
ping 224.0.0.5 All OSPF routers configured for multicast will respond

Multicast transmissions are achieved through proper routing, router configuration (if communicating through subnets) and programatically with the use of the following "C" function library calls:

Function Call Description
setsockopt() Pass information to the Kernel.
getsockopt() Retrieve information broadcast using multicast.
For more on multicast programming see: Multicast Howto.

The multicast application will specify the multicast loopback interface, TTL (network time to live), network interface and the multicast group to add or drop.

Add route to support multicast:
  • route add 224.0.0.0 netmask 240.0.0.0 dev eth0
Note that if adding a route to forward packets through a router, that the router MUST be configured to forward multicast packets. Many routers do not support forwarding of multicast packets or have a default configuration which does not. The internet by default does not forward multicast packets.

Posted by at No comments:

Network Monitoring Tools:

  • tcpdump - dump traffic on a network. See discussion below.
    Command line option Description
    -c Exit after receiving count packets.
    -C Specify size of output dump files.
    -i Specify interface if multiple exist. Lowest used by default. i.e. eth0
    -w file-name Write the raw packets to file rather than parsing and printing them out.
    They can later be printed with the -r option.
    -n Improve speed by not performing DNS lookups. Report IP addresses.
    -t Don't print a timestamp on each dump line.

    Filter expressions:
    primitive Description
    host host-name If host has multiple IP's, all will be checked.
    net network-number Network number.
    net network-number mask mask Network number and netmask specified.
    port port-number Port number specified.
    tcp Sniff TCP packets.
    udp Sniff UDP packets.
    icmp Sniff icmp packets.

    Examples:

    • tcpdump tcp port 80 and host server-1
    • tcpdump ip host server-1 and not server-2
  • iptraf - Interactive Colorful IP LAN Monitor
  • nmap - Network exploration tool and security scanner
    • List pingable nodes on network: nmap -sP 192.168.0.0/24
      Scans network for IP addresses 192.168.0.0 to 192.168.0.255 using ping.
  • Ethereal - Network protocol analyzer. Examine data from a live network.
    RPM's required:
    • ethereal-0.8.15-2.i386.rpm - Red Hat 7.1 Powertools CD RPM
    • ucd-snmp-4.2-12.i386.rpm - Red Hat 7.1 binary CD 1
    • ucd-snmp-utils-4.2-12.i386.rpm - Red Hat 7.1 binary CD 1
    • Also: gtk+, glib, glibc, XFree86-libs-4.0.3-5 (base install)
    There is an error in the ethereal package because it does not show the snmp libraries as a dependancies, but you can deduce this from the errors that you get if the ucd-snmp libraries are not installed.
  • EtherApe - Graphical network monitor for Unix modeled after etherman. This is a great network discovery program with cool graphics. (Red Hat Powertools CD 7.1)
  • Gkrellm - Network and system monitor. Good for monitoring your workstation. (Red Hat Powertools CD)
  • IPTraf - ncurses-based IP LAN monitor. (Red Hat Powertools CD)
  • Cheops - Network discovery, location, diagnosis and management. Cheops can identify all of the computers that are on your network, their IP address, their DNS name, the operating system they are running. Cheops can run a port scan on any system on your network. (Red Hat Powertools CD)
  • ntop - Shows network usage in a way similar to what top does for processes. Monitors how much data is being sent and received on your network. (Red Hat Powertools CD)
  • MRTG - Multi Router Traffic Grapher - Monitor network traffic load using SNMP and generate an HTML/GIF report. (See sample output)
  • dnsad - IP traffic capture. Export to Cisco Netflow for network analysis reporting.
  • scotty - Obtain status and configuration information about your network. Supports SNMP, ICMP, DNS, HTTP, SUN RPC, NTP, & UDP. (Red Hat Powertools CD)
  • Big Brother - Monitoring ans services availablility.
  • OpenNMS.org - Network Management using SNMP.
  • Nagios - host, service and network monitoring
  • Angel network monitor

Using tcpdump to monitor the network:

[root]# ifconfig eth0 promisc          - Put nic into promiscuous mode to sniff traffic.
[root]# tcpdump -n host not XXX.XXX.XXX.XXX | more    - Sniff net but ignore IP which is your remote session.
[root]# ifconfig eth0 -promisc         - Pull nic out of promiscuous mode.
Posted by at No comments:

Usefull Linux networking commands:

  • /etc/rc.d/init.d/network start - command to start, restart or stop the network
  • netstat - Display connections, routing tables, stats etc
    • List externally connected processes: netstat -punta
    • List all connected processes: netstat -nap
    • Show network statistics: netstat -s
    • Kernel interface table info: netstat -a -i eth0
  • ping - send ICMP ECHO_REQUEST packets to network hosts. Use Cntl-C to stop ping.
  • traceroute - print the route packets take to network host
    • traceroute IP-address-of-server
    • traceroute domain-name-of-server
  • mtr - a network diagnostic tool introduced in Fedora - Like traceroute except it gives more network quality and network diagnostic info. Leave running to get real time stats. Reports best and worst round trip times in milliseconds.
    • mtr IP-address-of-server
    • mtr domain-name-of-server
  • whois - Lookup a domain name in the internic whois database.
  • finger - Display information on a system user. i.e. finger user@host Uses $HOME/.plan and $HOME/.project user files. Often used by game developers. See http://finger.planetquake.com/
  • iptables - IP firewall administration (Linux kernel 2.6/2.4) See YoLinux firewall/gateway configuration.
  • ipchains - IP firewall administration (Linux kernel 2.2) See YoLinux firewall/gateway configuration.
  • socklist - Display list of open sockets, type, port, process id and the name of the process. Kill with fuser or kill.
  • host - Give a host name and the command will return IP address. Unlike nslookup, the host command will use both /etc/hosts as well as DNS.
    Example: host domain-name-of-server
  • nslookup - Give a host name and the command will return IP address. Also see Testing your DNS (YoLinux Tutorial) Note that nslookup does not use the /etc/hosts file.
Posted by at No comments:

Booting Linux in Less Than 40 Seconds

Have you ever dreamt about booting Linux in less than one minute? Now this dream can come true: in less than 40 seconds after pressing the power button, you will have a perfect fully-functional operating system, exactly as you left the last session. Even better than you thought, right? Now you could say: "Crazy boy - I don't believe you!" Well then, check it out for yourself.

Amazing, huh? I bet you want it too. It's very simple, and it's all about one word: hibernate.

What's that?

The hibernation process writes the contents of RAM into the swap partition before powering off the system. Later the system can be restored to the state it was in when hibernation was invoked, so that programs can continue executing as if nothing happened. As I showed in the video, restoring from hibernation is much faster than a hard reboot.

Let's begin

First of all, you need a swap partition: create it if you don't have one yet. It should be at least as big as your RAM - so if it's too small, increase it. To create a swap partition, you can use applications like parted, fdisk, cfdisk (shell programs), or gparted (a GUI program). Once you have created or modified the swap partition, you have to set and activate it:

# mkswap /dev/devX
# swapon /dev/devX

Patching the kernel

Now it's time to patch the kernel: this patch will add hibernation functionalities to the system. Download the patch for your kernel version from:

http://www.tuxonice.net/downloads/.

If you can't find a patch for your version, then it's time to update the kernel ;-) . Don't worry about the minor version, by the way: for example, if your kernel version is 2.6.23.13 (as mine is), the closest you'll find is a patch for 2.6.23.9. Don't even think of downgrading your kernel! Download the patch for 2.6.23.9 and apply to 2.6.23.13: it will work just fine.

Once you have downloaded it, apply it:

cd /usr/src/linux-2.6.xx.xx bzcat /path/to/patch | patch -p1

where 2.6.xx.xx is the kernel version to patch. Then configure it and add the hibernation features:

Power management options ---> [*] Power Management support [*] Hibernation (aka 'suspend to disk') <*> Enhanced Hibernation (TuxOnIce) (NEW) ---> <*> File Allocator <*> Swap Allocator <*> Compression support <*> Userspace User Interface support [ ] Allow Keep Image Mode [*] Replace swsusp by default < > Cluster support ---> [*] Checksum pageset2 (25) Default waiting time for emergency boot messages < > Test pageflags

Make sure to have the DMA Engine support enabled: it will really improve the hibernation speed:

Device Drivers ---> DMA Engine support ---> [*] Support for DMA engines

Also enable LZF compression algorithm: it will compress data and make hibernation faster:

Cryptographic API ---> <*> LZF compression algorithm

Now compile and install it as usual.

Updating the bootloader

The next step is modify the boot loader. You have to add "resume=swap:/dev/devX resume2=swap:/dev/devX" (where devX is your swap partition) to the append section. If you have Lilo, modify /etc/lilo.conf as the example:

image = /boot/vmlinuz root = /dev/hda6 label = Slackware append = "fb=no resume=swap:/dev/hda8 resume2=swap:/dev/hda8"

now update the boot sector:

# lilo -v

If you have Grub, modify /boot/grub/menu.lst as below:

title Slackware root (hd0,5) kernel /boot/vmlinuz root=/dev/hda6 fb=no resume=swap:/dev/hda8 resume2=swap:/dev/hda8 ro quiet splash boot

Reboot

Now it's time to reboot into your new kernel. If everything is fine, during the boot or into the dmesg output you could see lines like these:

TuxOnIce 3.0-rc3, with support for checksumming, usm, compression, swap storage, file storage, userui. TuxOnIce: Normal swapspace found.

If not, check if you have set up the swap partition:

$ free|grep Swap Swap: 497972 115020 382952

If the results are a series of zeroes, you've forgotten to set up the swap space. Create and activate it, then reboot and check again.

Installing the hibernation script

Now you need to install the hibernate script. Download it from:

http://www.tuxonice.net/downloads/,

decompress it and install it: $ tar -xzvf hibernate-script-x.xx.tar.gz $ cd hibernate-script-x.xx # ./install.sh

Modifying the hibernate files

Once your installation is in place, you need to modify some files. Open and modify /etc/hibernate/hibernate.conf as below:

TryMethod suspend2.conf TryMethod disk.conf TryMethod ram.conf

Open and modify /etc/hibernate/suspend2.conf as below:

UseSuspend2 yes Reboot no EnableEscape yes DefaultConsoleLevel 1 Compressor lzf Encryptor none ImageSizeLimit 0 SuspendDevice swap:/dev/devX PowerdownMethod 5 FullSpeedCPU yes Include common.conf where devX is your swap partition.

Check the DMA Engine

Check if the DMA Engine is enabled for your hard drive:

# hdparm /dev/hda|grep dma using_dma = 1 (on)

'hda', of course, should be your hard disk device. If you don't see this, enable it:

# hdparm -d1 /dev/hda Automate it by adding these lines to your rc.local (/etc/rc.d/rc.local or /etc/rc.local): # Enabling DMA Engine echo "Enabling DMA Engine on /dev/hda" hdparm -d1 /dev/hda

It's time to freeze!

It's time to try the hibernation process:

# hibernate -n

With the -n option, it will only simulate the hibernation process. If the process succeeds, you can now test the real thing:

# hibernate

For these test runs, though, I'd advise you to use the -r1 option. That won't make the system halt - it'll simply reboot. So:

# hibernate -r1

If hibernation works correctly, the system should come up exactly as you left it the last time. If something doesn't work (e.g. the sound system, or the LAN connection), you should add some modules to /etc/hibernate/blacklisted-modules, for example the audio modules, the graphic card modules and the ethernet card modules:

ipw2100 nvidia snd_maestro3

In this example, you're "black-listing" the NVIDIA graphic driver, the ipw2100 wireless card, and the Maestro audio card.

If you have any other problem, you should visit the project web page:

http://www.tuxonice.net/

Conclusion

In conclusion, depending on your CPU and hard drive performance, less than a minute from a powered-down state to a running Linux system is a reasonable expectation. Enjoy!

By Alessandro Franci

Born in 1988, Alessandro lives in Bologna, Italy. While a Computer Science student at the Universita' di Bologna, he was the 1st Prize winner in year 2007 of the 4th edition of The Research Language Competition, held by the Italian Research Council. He is Linux-addicted, especially about services and the network world: he created and currently manages Web and Mail services at the-root.org. In the summer of 2005 he worked in a DB software house as developer; in 2006, he taught a Linux OS basics class at his High School. Starting in 2007, he has worked as a consultant in private and business venues.


Posted by at No comments:
Labels:
Subscribe to: Posts (Atom)