Jump to content

Data Networking/Fall 2013/Group4

From Wikiversity

The Folks

[edit | edit source]

Anand Suresh

Gaurav Parekh

Rushabh Shah

Udit Shah

Motivation

[edit | edit source]

The purpose of this project is to gain a deeper understanding into the working of configured networks which involve multiple network elements and servers. The backbone of this network is being constructed using Ubuntu 12.04 command line packages.

Understanding the Protocol

[edit | edit source]

DHCP stands for Dynamic Host Configuration Protocol which is an application layer protocol. It is used to dynamically assign IP addresses to all the clients in the network. These IP addresses are allocated from a predefined range of IP addresses which is configured in the DHCP server. All the IP addresses are assigned to the clients for a particular lease time which is set while configuring the DHCP server. The DHCP servers are capable of providing both IPv4 (DHCPv4) and IPv6 (DHCPv6) addresses. Also it can dynamically allocate static IP addresses for certain network elements such as DNS and Web Servers as they require a permanent IP address always. To assign unique IP addresses to DHCP clients the DHCP procedure involves 4 stages - DHCP discovery, DHCP offer, DHCP request and DHCP acknowledgment.

DNS stands for Domain Name System which is an application layer protocol. It uses port number 53 and either TCP or UDP as the underlying transport layer protocol. Basic purpose of DNS is to resolve and provide hostname to IP address mapping and vice versa. All the information regarding IP addresses and domain names is stored in a distributed database.

Web Server

[edit | edit source]

Web Server is a server that contains and delivers web pages when requested by network clients. It uses the application layer protocol HTTP, which works on port 80. The web pages contain a base HTML object file along with many other referenced objects. Widely used web servers are Apache and Microsoft's Internet Information Services.

Firewall

[edit | edit source]

Firewall is implemented to secure a private network of Web, DNS, DHCP servers and other clients from unknown intrusion. It can either be hardware or software based and can be configured by the network admin in a manner so as to allow only that traffic which is trusted by the network and reject all other traffic. It basically protects a network from the outside world and can block anything required by the network admin such as ICMP, FTP, HTTP etc.

Backup

[edit | edit source]

A backup server is used to save copies of all the data from a particular server so as to keep the data safe, secure and restorable in case the server crashes or suffers any other problem due to which data loss occurs. Server crashes are very common in any networking organization and hence a backup server is very essential. An efficient way to manage backups is by scheduling them in such a way that the data from a particular server gets backed up in the backup server each day at a predetermined time. Backups are not only used to handle data loss and server crashes but can also be helpful in order to restore particular data saved previously.

The Requirements

[edit | edit source]

Build a DNS server for the start-up company in Boston - Obtain a Domain Name for the start-up, create 5 DNS records and use IPv4 and IPv6 addresses to implement the DNS records, name servers should be configured to handle all the queries for the domain, create reverse domain lookups for IP address to domain name mapping.

Build a DHCP server for the start-up - Capable of leasing IPv4 and IPv6 addresses from a particular assigned pool of IP's with a certain lease time. Should be capable of reserving certain IP's for the DNS and web servers which require static addresses. Also such addresses should be in the exclusion range i.e. not available for lease to other clients.

Build a Web Server with a basic webpage for the start-up to be accessible by all the clients in the network along with a firewall to make this a secured server.

Automatically create a backup of all files from a particular server to a different server everyday at 12:00 am.

Steps to perform the setup / installation

[edit | edit source]
  • On the Linux Box we need to install the DHCP packages by using command 'sudo apt-get install isc-dhcp-server' in terminal.
  • Statically configured the Ethernet (eth0) interface with
 IP - 192.168.10.5
 Netmask - 255.255.255.0
 Broadcast IP - 192.168.10.255
 Gateway IP - 192.168.10.2
  • Restarted the network interfaces using the command 'sudo /etc/init.d/networking restart' and then rebooted the Linux Box using command 'sudo reboot'.
  • Configured the default interface as 'eth0' using command 'sudo /etc/default/isc-dhcp-server'.
  • Entered the 'dhcpd.conf' file using command 'sudo nano /etc/dhcp/dhcpd.conf'.
  • Configured the 'dhcpd.conf' file as follows
 ddns-update-style none;
 default-lease-time 600;
 max-lease-time 7200;
 authoritative;
 log-facility local7;
 option broadcast-address 192.168.10.2;
 option routers 192.168.10.2;
 option domain-name-servers 192.168.10.10;
 option domain-name "gr4.DN.com";
 subnet 192.168.10.0 netmask 255.255.255.0{
 range 192.168.10.3 192.168.10.20;
 }
  • Restart the DHCP server using command 'sudo service isc-dhcp-server-restart'.
  • For the DHCP server to lease out IPs and function properly, we need to set the network adapter in bridged mode which can be done in 'VM Settings/Network Adapter'.

DHCP Client -

  • On the DHCP client we need to enter the network interface using command 'sudo nano /etc/network/interfaces'.
  • Here we need to configure the 'eth0' interface as
 auto eth0
 iface eth0 inet dhcp
  • After configuring we need to restart the network interfaces using command 'sudo /etc/init.d/networking restart' and then reboot the Linux Box using command 'sudo reboot'.
  • We need to install the Ubuntu package 'bind9' using command 'sudo apt-get install bind9' to implement DNS server on the Linux Box.
  • Configure the 'eth0' interface using command 'sudo nano /etc/network/interfaces', with a static IP address and other parameters as follows
 auto eth0
 iface eth0 inet static
         address 192.168.10.10
         netmask 255.255.255.0
         network 192.168.10.0
         broadcast 192.168.10.255
         gateway 192.168.10.2
  • Restart the networking daemon using command 'sudo /etc/init.d/networking restart'
  • Provide a hostname to the DNS Server using command 'sudo nano /etc/hostname'.
  • Provide a domain name for the DNS server using command 'sudo nano/etc/hosts'.
  • We need to edit the files '/etc/bind/named.conf.options' and 'etc/bind/named.conf.local' using commands
 sudo nano /etc/bind/named.conf.options
 sudo nano /etc/binf/named.conf.local
  • Copy the already created forward lookup and reverse lookup files in /etc/bind directory
 sudo cp /etc/bind/db.local  /etc/bind/zones/DN.com.db
 sudo cp /etc/bind/db.127   /etc/bind/zones/10.168.192.in-addr.arpa.db
  • Edit the forward lookup file according to the requirement
 sudo nano /etc/bind/zones/DN.com.db
  • Edit the reverse lookup file according to the requirement
 sudo nano /etc/bind/zones/10.168.192.in-addr.arpa.db
  • Check if the zone files are working properly
 named-checkzone DN.com /etc/bind/zones/DN.com.db  -- for forward lookup zones
 named-checkzone DN.com /etc/bind/zones/10.168.192.in-addr.arpa.db  -- for reverse lookup zones
  • Edit the /etc/resolv.conf file to provide the nameserver details
 nameserver 192.168.10.10
 search DN.com
 domain DN.com
  • Finally restart the 'bind' package using command
 sudo /etc/init.d/bind9 restart

Web Server

[edit | edit source]
  • We use 'Apache2.0 Tomcat' command line package to install the Apache Web Server in our Linux Box using command
 sudo apt-get install apache2
  • This creates a directory '/var/www' which contains the default web page of our web server 'index.html'
  • This web page can be accessed by typing in 'localhost' in the address bar of the web browser.
  • This web page can also be accessed by other clients by typing in the IP address of the web server namely '192.168.10.15'.
  • This displays the default web page 'index.html' configured on our web server.

Firewall

[edit | edit source]
  • Firewall is configured on our web server using 'iptables'
 sudo iptables -L
  • This will list out all the current 'iptable' rules present on the server.
  • To prevent access to the web page, we use the command
 sudo iptables -A INPUT -p tcp --dport 80 -j DROP
  • To prevent access for FTP, we use the command
 sudo iptables -A INPUT -p tcp --dport 21 -j DROP
  • To release the firewall restrictions and allow access to FTP and Web Page, we use the command
 sudo iptables -F

Backup

[edit | edit source]
  • This has been done using 'rsync' and 'tar' which are automated together in a 'crontab' job.
  • 'rsync' is used to backup all the files from a single server to a remote server
 rsync -r /source username@hostname:dest
  • We use 'tar' to zip the files being backed up to the remote server
 tar -cvpzf /folder-in-which-tar-to-be-created/ /path-of-files-to-be-zipped
  • These tasks are configured in a 'crontab' job to schedule daily backups
 crontab -e


Test Plan

[edit | edit source]
  • After configuring the 'eth0' interface and 'dhcpd.conf' file, the DHCP server was fully configured to lease out IPv4 addresses.
  • Used command 'ifconfig' on the DHCP servers terminal to check whether the 'eth0' interface is statically configured with the IP 192.168.10.5 and other defined parameters.
  • Connected the DHCP server and DHCP client devices and used command 'ifconfig' on the DHCP clients terminal to check whether it receives an IPv4 address from the DHCP server within the assigned range.
  • Tried to ping between the DHCP server and client devices to check the network connectivity between them.
  • Tested this above procedure with multiple DHCP clients to check whether DHCP server is assigning IP addresses within the range successfully.
  • After configuring the DNS Server, we check the forward and reverse lookup table sanity.
 named-checkzone DN.com /etc/bind/zones/DN.com.db - for forward lookup
 named-checkzone DN.com /etc/bind/zones/10.168.192.in-addr.arpa.db  - for reverse lookup
  • To check if DNS is resolving hostnames correctly, we use the command
 dig
 nslookup
  • Connected client device to DNS server and on client's terminal we tried to ping hostname of the web server and the hostname was resolved to the IP by the DNS server.
 ping gr4.DN.com

Web Server

[edit | edit source]
  • Opened web browser on web server and typed 'localhost' in the address bar.
  • The default web page of the web server was displayed.
  • Opened web browser on other devices and typed '192.168.10.15' in the address bar.
  • The default web page of the web server was displayed.

Firewall

[edit | edit source]
  • Firewall was enabled on the web-server.
  • The client on the other side is unable to access the hyperlink.
  • The Firewall is disabled, and the client is then able to access the hyperlink.

Backup

[edit | edit source]
  • Create a test file "test.zip" using the Tar command in home folder.
  • Use "crontab -e" to enter the "rsync" job in the cron table.
  • Use rsync -r /home/anand/test.zip gaurav@192.168.10.5:home
  • This job can be executed daily by appending the necessary time values against the above command.

Test Tools

  • 4 computers - DNS Server, DHCP Server (+Backup Server), Web Server(+Firewall), Client.
  • Ubuntu Operating System on all computers.
  • Switch and Cables.

Test Cases

Future Prospects

[edit | edit source]

Expansion

Growth

Improvements

Citations

[edit | edit source]

www.askubuntu.com www.help.ubunutu.com www.yolinux.com