Data Networking/Spring 2014/Group3
Murugappan Arunachalam Annamalai
Mohammed Shahid Abdul Bashir
This project helps to learn how networking is done in real scenario. Linux being the free, open-source operating system provides the best means to create our own stuffs. In theory we learnt and understood what are the required protocol and how they work but in this project we configure and implement our own servers, and in other works we make the protocols work.
Understanding the Protocol
1. HTTP (Web server): HTTP-port 80: When we write URL in browser, our browser knows which server to contact and what file to ask for; this is where HTTP comes to play. The sequence of events are: •Client connects to host, •Server accepts connection, •Client request a file, •Server sends a response
2. DNS (DNS server: DNS uses a client/server network architecture. DNS servers are the computers designated to store DNS database records (names and addresses), while clients include devices of end users.The DNS organizes its servers into a hierarchy.
3. DHCP server: Dynamic Host Configuration Protocol, a protocol that assigns dynamic IP addresses to devices on a network. DHCP is a client-server protocol wherein a server shares its resources and client establishes a connection with the server to use the resources.
4. FTP server: FTP allows you to transfer files between two computers on the Internet. FTP is a simple network protocol based on Internet Protocol. An FTP client program initiates a connection to a remote computer running FTP server software. After the connection is established, the client can choose to send and/or receive copies of files. To connect to an FTP server, a client requires a username and password as set by the administrator of the server.
In this project we implement DNS for a start-up company in the Boston. We have to create a domain name for the start-up. Implementing IPv4 and IPv6 address for the organization. Configure DNS name servers to handle queries for the domain. Configuring Master DNS server as well as a Slave DNS server,where the Slave DNS will automatically update with Master DNS server.
Build a DHCP server for the company. A full range of IP addresses that can be leased from a particular DHCP server. Using IPv4 and IPv6 addresses in the implementation of DHCP. A group of IP address in the scope that are excluded from leasing. A means for assigning a permanent IP address to a particular client, server, or hardware device. Reservations are typically made for servers or hardware devices that need a static IP address.The amount of time that a client may use an IP address before the client must re-lease the IP address or request another one.
Build a web server in for the company, so the clients will be able access it and secure the network from external networks attacks.
Systematically create a backup of every days work from the current server to a different server at 12:00 am.
Add-ons like VPN, NIS, NFS, NTP, Mail server,FTP can also be implemented.
For Web Server: Apache2
For DNS Server: bind9
For DHCP: The isc-dhcp-server
For Backup: rsync and cron
For Mail server: postfix courier-imap squirrel mail
For Ftp: vsstpd
For VPN: openvpn
Steps to perform the setup / installation
Web Server Installation
1. The apache2 package is installed in the web server. The web page was edited accordingly.
2. The security was implemented by making folders and permission changes to the config files of the web server.
1. In the master DNS bind9 package is installed using the apt-get install command.
2. The bind configuration files are added in /etc/bind; and this provides a SOA for the local domain.
3. The forward and reverse zones entries for the domain is edited in /etc/bind/named.conf.local file. So the queries for the domain Heisenberg.com are handled by these files.
4. New records can be added in these file, both IPV4 and IPV6 records are added.
5. Slave DNS is implemented in the same manner as Master by installing bind9. The named.conf.local file is edited by allowing automatic trans of fles from the master to slave. The file are stored in /var/lib/bind/ location.
1.The DHCP is installed in the Ubuntu using the command apt-get install isc-dhcp-server.
2. The DHCP server will server DHCP requests at a specific interface. The Interface can be configured. It is configured to be eth0.
3.The file /etc/dhcp/dhcpd.conf is edited. The network, subnet, broadcast and the range of IP addresses which the DHCP server should supply is specified.
4.The IP address is made static by editing the file /etc/network/interfaces.
1. The firewall can be setup for the web server using the Iptables which are pre installed in the Linux machine.
2. Iptables firewall is used to manage packet filtering and NAT rules. Iptables comes with all Linux distributions. 3. Two chains are being used to set the firewall for the Web server – Input Chain to filter the incoming packets and the Output chain to filter the outgoing packets.
4. Initially the Iptables will be empty and consist of no rules
List Of Addons Implemented:
4. Mail Server
1. The Client is used check the functionality of the DHCP. The Client is a end-host. The DHCP is another end host. When both are connected to a Switch using an ethernet cable, the client should be able to get an IP address from the DHCP. This functionality was tested and the DHCP was found to be suppplying an IP address to the client from its configured pool oof IP addresses.
2.The client types the IP address or domain name of the webserver in its browser, and the webpage of the webserver should be displayed. This functionality was tested and found to be working.This shows that the webserver is configured.
3.The functionality of the DNS is tested by using the client to make a nslookup query of one of the domain-name in the records of the DNS server. After the domain name is resolved, if the resolving nameserver IP address is displayed IP address of the DNS server, then the DNS is configured properly.
4. The firewall is configured using the IP tables. The ip tables of the server is initially configured to accept all the requests. We checked if we could ping the server and it was able to ping. The ip tables was then configured to reject all ping. Then the ping test was done and it was not possible to ping.
5. The mail server was configured in the Webserver. Two users were created in the Mail server. User1 was logged in and a mail was sent from one user1 to user2. User1 was logged out and User2 was logged in. The mail was received by user2. This shows that the mail server was properly configured.
1. More addons can be implemented like VLAN, a end system acting as a router to represent a real time network.
2. Security can be tightened by implementing alerts to the network admin, whenever a user attempts to perform an action as the root user.
3. Implementation of LDAP