Administration système et réseaux

8/6/2019 Administration systme et rseaux

1/49

Administration systme et rseaux

REPUBLIQUE DU CAMEROUNPAIX TRAVAIL - PATRIE

REPUBLIC OF CAMEROONPEACE WORK FATHERLAND

-= -=-=-=-=-=-=-=-=-=- -= -=-=-=-=-=-=-=-=-=-

UNIVERSITE DE DSCHANG THE UNIVERSITY OF DSCHANG- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

INSTITUT UNIVERSITAIRE DE TECHNOLOGIE

FOTSO VICTOR DE BANDJOUN

B.P. 134 Bandjoun (Cameroun)

SSSSSSSSuuuuuuuuppppppppppppppppoooooooorrrrrrrrtttttttt ddddddddeeeeeeee FFFFFFFFoooooooorrrrrrrrmmmmmmmmaaaaaaaattttttttiiiiiiiioooooooonnnnnnnn

AdministrationAdministrationAdministrationAdministration

Systme et RseauxSystme et RseauxSystme et RseauxSystme et Rseaux1111rererere partiepartiepartiepartie

Licence de Technologie

Copyright E. B. TANYI, Mars 2003


2/49


Copyright E. B. TANYI i

SOMMAIRE:

SOMMAIRE: ...............................................................................................................1

CHAPTER.I:SYSTEM ADMINISTRATION:............................................................ 1

I.1 Notion of system administration: .......................................................................... 1

Fig.1.2: The computer in a complex technological and institutional environnement.. 2

I.2 ROLE OF THE SYSTEM ADMINISTRATOR................................................... 2

I.3 Administering Windows NT Systems:..................................................................3

I.3.1. About Windows NT ......................................................................................3

I.3.2. The windows NT Architecture ...................................................................... 4

I.3.3. implications of the windows NT design........................................................ 6

I.3.4. Windows NT variations :............................................................................... 7

I.3.5. Windows NT administrative tools:................................................................ 7

CHAPTER.II:TRANSMISSION OF INFORMATION:.............................................9

II.1 Introduction: .......................................................................................................... 9

II.2 Addressing, Routing and Multiplexing .................................................................9

I.4 IP ADRESSES................................................................................................. 10

II.3 Sub networks: ...................................................................................................... 16

II.4 Architecture of internet routing:.......................................................................... 18

II.5 The routing table: ................................................................................................ 19

II.6 Resolution of addresses .......................................................................................21

II.7 Protocols, ports and sockets ................................................................................ 21

II.8 Summary: ............................................................................................................ 23

CHAPTER.III:NETWORK SERVICES : .................................................................24

III.1Names and addresses: .........................................................................................24

III.1.1 Tables of machines:..................................................................................... 25

III.1.2 The domain Name service (DNS): .............................................................. 26

III.1.3 the hierarchy of domains ............................................................................. 26

III.1.4 creating domains and sub-domains.............................................................. 27

III.1.5 domain names:............................................................................................. 27

III.1.6 bind, revolver and named: ........................................................................... 27

III.2NIS : Network Information service..................................................................... 28

III.3 Electronic Mail Service................................................................................ 28III.3.1 Simple Mail Transport Protocol............................................................... 29


3/49


Copyright E. B. TANYI ii

III.3.2 Post Office Protocol (POP) ...................................................................... 29

III.3.3 MIME : Multipurpose Internet Mail Extensions ....................................... 31

III.4 Configuration Servers : .................................................................................... 32

III.4.1 RARP: Reverse Address Resolution Protocol............................................ 32

III.4.2 BOOTP : Bootstrap Protocol...................................................................... 33

III.4.3 DHCP: Dynamic Host Configuration Protocol: .........................................34

III.4.4 print servers ................................................................................................ 35

III.4.5 File server ................................................................................................... 35

III.4.6 summary ..................................................................................................... 35

CHAPTER.IVPREPARING INFORMATION FOR CONFIGURATION OF

THE NETWORK:...................................................................................................... 36

IV.1 CONNECTED AND STARD-AOONE NETWORKS:................................ 36IV.2 BASIC INFORMATION:............................................................................... 37

IV.2.1 Obtaining an IP address...............................................................................37

IV.3 ASSIGNING ADDRESSES TO MACHINES:.............................................. 38

IV.4 DEFINING THE NETWORK MASK ........................................................... 38

IV.5 SPECFYING THE BROADCAST ADDRESS.............................................. 41

IV.6 PREPARING THE ROUTING TABLE.......................................................... 41

IV.7 OBTAINING AS AUTONOMOUS SYSTEM NUMBER............................. 42

IV.8 Preparing the domain name service .................................................................42

IV.8.1 Obtaining the domain name......................................................................... 42

IV.8.2 Obtaining a IN-ADDR.ARPA Domain....................................................... 43

IV.8.3 Choosing a machine name:.......................................................................... 43

IV.9 OTHERS SERVICES..................................................................................... 43

IV.9.1 File server........................................................................................................ 43


4/49


Copyright E. B. TANYI 1

CHAPTER.I SYSTEM ADMINISTRATION:

I.1 NOTION OF SYSTEM ADMINISTRATION:

In order to facilitate the use of computer, the modern computer is designed to hide its

technical detail from the ordinary user.

Hardware and software resources in a pyramidal structure which is analogous to

a multi-storey building. The technical details of the machine are hidden I the lower

levels of the structure, while the simple user-oriented aspects of the machine are

placed at the higher levels of the structure.

The concept is illustrated in fig 1.1

FIG1.1 Organization of resources in a modern computer system

For such acomputer to operare in the modern technological and institutional

environnent, expert are required to handle various technical details such as

configuring computers to share resources between many user in a comparater or

unshetion; connecting the computer to the internet; integrating the computer withen

a network; optimising the performance of the computer system and many other tasks.

APPLICATION AND

DATA

COMMUNICATIONSOFTWARE

OPERATING SYSTEMS

HARDWARE

user


5/49



Fig.1.2: The computer in a complex technological and institutional

environnement

The system administrator interacts with the machine at all levesl of the

pyramidal structure. From this perspectitve, system administration is concerned with

the followig skills:

Technical expertise about the hardware and software resources of computer

systems.

Knowledge of networking

Knowledge of the Internet and Internet services.

Diagnosis and solution of operationa problems in computer systems

Interaction with the people who use the computer system in a gwen institution

or cooporation

I.2 ROLEOFTHESYSTEMADMINISTRATOR

Installing and configuring computer systems and networks, updating then and

keeping then running properly ona day-to-day basis.

Reanaging users and user accounts, induding both the computer related aspects

of creating and naintering user account and systems and responding to user requests,

questions and problems.

INTERNET

SystemAdministrator

COMPUTER

Multiple User in

corporations and

Institutions


6/49



Taking case of the periferical dense attached to the various computer systems

(e.g printers, uninterruptable power supplies) as well as adding or removing then as

needed.

Overseeing regular system backups, which can range from performing back-ups

plan to be carried out by others under your supervision.

Ensuring that the systems and networks for which you are resposible are secure

and that valuable or sensitive data is protected from undesidered access.

Monitoring system and network activity in order toquickly detect any problems related to

system security , performance, or general functioning that may arise, and then responding

appropriately to anything you may find.

I.3ADMINISTERING WINDOWS NTSYSTEMS:

Most of the computer networks in Cameroon use the Windows NT. For this reason, it

is necessary to give particular attention to NT systems.

I.3.1. About Windows NT

Windows NT is a 32-bit, microkernel-based, preemptive multitasking operating system

providing compatibility with some programs designed for Windows 3.1 systems and, to a

lesser extent, OS/2 and POSIX-comphart systems.

Its main characteristics include :

A 32-bit operating system. This means that physical memory is addressed using 32-bit

addresses, resulting in a maximum physical address space of 4 GB (2 to 3 GB of which

is available to application programs).

Most modern operating systems use a 32- bit or 64- bit design

Built around a microkernel. The program that serves as the central core of the operating

system is designed to be as small and efficient as possible. Only the most fundamental

and important operating system functions are hardled by the small kernelprogram, most

operating system functions are implemented by semi- independent secondary sub-

systems, all controlled by the micro kernel. Many modern operating system are based

on microkernel architecture.

Preemptive multitasking. The operating system is responsible for deciding which

process gets to run at any given time and when one process must pause in order to let a

different one run. This is contrary to the scheduling method use by both Windows and

MacOS. Cooperative multitasking, such as in Windows, gives a running process

complete control of the system until it voluntarily gives up control. It is designed for a


7/49



singleuser environment such as a Pc, where switching between tasks occurs as the

user desires.

Multiple excution mode. Windows NT provides two different modes under which

processes may execute : user mode and kernel mode. Kernel mode execution allows

complete access to every system resource and all of memory and is limited to the

operating system itself. In contrast, processes executing in user mode can obtain access

to system resources only by making request to the operating system. In this way, the

portions of memory used by the operating system are protected and can only be access

by processes running in kernel mode.

Compatibility with some DOS, Windows 3.1, OS/2 and POSIX programs. Windows

NT provides subsystems for running many 16-bits DOS and Windows programs and

OS/2 programs. The operating system also complies with the posix 1 standard, whichincludes the POSIX application program interface, so POSIX program can be ported

more easily to Windows NT.

The NT acronym is translated as New Technology but what is realy new about

Windows NT is an implementation of real operating system functionality combined with a

well-designed user interface.

I.3.2. The windows NT Architecture

Fig 1.3 illustrates the structure of the Windows NT operating system. It is separated

into two sectors. The upper section contains components which run in user mode and the

lower section contains components which run in kernel mode. The heart of the Windows

NT system consist of the modules running in kernel mode. The kernel mode is sometimes

referred to as executive services or NT executive .

Most interactions with the computer hardware take place via the hardware abstraction

layer(HAL) although some device drivers also directly access the hardware. Isolating

hardware access into a separate module allows most of the windows NT operating system

to remain independent of any particular computer architecture, thereby simplifying its

ability to support multiple computer platforms and multiprocessor systems.

The core of the system is the micro kernel which overseas the workings of all of the other

modules and handles communication between them and the HAL. The other components

of the kernel each have a single specific area of responsibility :

The I/O manager controls most input and output operations.


8/49



The object manager creates, modifies, and deletes system objects : data structure

corresponding to a specific instance of resource (for example a file, a process, or a

port).

WIN16

WOW

NTVDM

WIN32 Subsystem

Security

Subsystem

Login

Procedure

OS/2Subsystem

TrueBlue

Net Use

Xwing

Word 7

rm

POSIXSubsystem

hardware

I/OManager

Cache Mgr

FileSystem

Drivers

Network

DriversDevic8

Drivers

Object Security Process Local Virtualmanager Reference Manager Procedure Memory

Manager Call Manager

Facility

Graphics

Subsystem

Window

Manager

GraphicsDevice

interface

Graphics

Device

Drivers

MicroKernel

Hardware Abstraction Layer

Fig 1.3 The Windows NT Architecture.

User Mode

Kernel Mode

SYSTEM SERVICES


9/49



The process manager create and Narages system processes. However, process

scheling is handled by the MecroKenel.

The local procedure call Facilitty is responsible for commuinicating between

distinct process (interprocess communication)

The virtual memory Manager hangles the allocation and use of the system menory.

The graphics subsystem provides services required for interfactingto graphical

displays. This componemnt became part of the windows NT Kernel with version 4.

(Previoushy, et was part of the win32 subsystem )

I.3.3. implications of the windows NT design

The client server approachpervades the entire windows NT environment , from the

operating system itself to the simpllest tool that it provides.You will need to be

aware of this fact as you learn about administerig Windows NT systems. These are

its most important implications:

Under windowsNT, distinct computer systems are viewed as single-user

systems. Only one user maybe logged in to any user a given systems CPU resources.

Interactively. Many administrative tools are similarly dasigived with single system

assumphoon. There are ways to revedy this deficiency.

The voelular design of windows NT also applees to the administrative and user

facilities that at provides. They tend to be compartment alised into a large number

%tools with limited scopes ef action.

The design model aims at run missing the role of the system administrator.

Once installation and initial configuration is complete, ordinary applications and the

operating system are expected to function according the designs pre-defined

procedures.

Priority is given to the graphical user interface (GUI) this vears that the

primary system administration tools are all GUI-Based . While there era command

line utilities that perform the same function, many administrative tools have 20

command-line equivalent. This makes automatines. System management tasks much

more complex.


10/49



I.3.4. Windows NT variations :

Windows NT is sold in two formats: a server version and a workstation version

wokstation are designed to be can optionally share their resoueces with orther

systems servers are designed to provide resources and services to a collection of

systems ( worktations and possibly other servers) linked togerther by a local area

network They can proviide computing rsources and facilities (e.g database services )

disk space, access to printers ,networking-related services (eg hostname resolution).

Windows NT groups computers into collections known as domains each overseen

by a special server system- the primary domain controllers (also servers)

The same Kernel is used for both versions of the windows NT product. It is

configured.

Differently for the two environments . the important differences are:

The maximum number of processus in a multiprocessor system supported is two

for the workstation version is and 32 for the server .

The workstation version is is limited to 10 simultaneous client (file sharing),

printing, some Internet and web related services.

The server version includes some additional software: several administrative

tools for mane ging domains, the internet information server , various networking

name service faculties, and others.

Some of the subsystems in the server version provide advanced features not

available in the workstation version:

For example fault-tolerant file system and remote booting capabilities for diskless

workstations.

Some parameters related to system performances are set differently in the two

products.

The workstation version costs substantially less than the server version

I.3.5. Windows NT administrative tools:

Windows NT provides four classes of administrative tools:

Control panel applets


11/49



These utilities are accessed via start - >settings control panel or from the

control panel or from the control panel under my computer

Administrative wizards

On server systems, these programs provide automated, step-by-step procedures

for performing common administrative tasks such as adding new user and setting

permissions on files and directories. They are accessed via the

start- > programs- >administrative tools (common)- > administrative wizards

they can also be accessed via the winger command.

Graphical administrative tools

The tools are found on the

Start -> programs -> Administrative tools each is designed to, message a

specify(command) system or domain component or subs tem Command the tools

Some of the functionality in the preceding classes is n duplicated in windows

NT commands may be extend directly into the start -> run .dialog box or via

a command window (you can user one by specifying (you can user one by specifying

command start -> Run))

The derailed administrative tools in each category will be presented in a later

chapter of this course.


12/49



CHAPTER.II TRANSMISSION OF INFORMATION:

II.1 INTRODUCTION:

in this chapter, we explore ways in which information is transmitted through

the different layers of the TCP/IP Internet protocols and the systems connected to the

network. We shall also explore the structure of Internet addresses and how such a

structure enables information to be routed, through the Internet, to their final

destination. We shall also show how the rules of addressing are defined locally to

create subnets. We shall equally present protocol numbers and how these entities are

used to transmit information to applications. These details will enable students to

understand the specific implementation and configuration of networks.

II.2 ADDRESSING,ROUTING AND MULTIPLEXING

to transit information between two machines connected to the Internet, it is necessary

for the information to be transferred across the network to the required machine and

inside the machine to the required process. TCP/IP uses three systems to achieve

this:

Addressing

IP addresses which identify all machines in a unique way and enable information to

be sent to destination.

Routing

The mechanism for transferring information to an intermediate network.

Multiplexing

The protocols and post numbers which enable information to be transmitted to a

required program or process.

To illustrate these concepts, consider the national network show in fig 2.1.


13/49



The network in fig 2.1is an intranet of a company. There are many networks

within the intranet and a connection point to the internet. The system administrator

has the responsibility of managing this Ethernet network from the computer centre.

The machine sales is a workstation. The machine gate is a gateway. The shaded

line in the middle of the diagram represents the Ethernet network of the computer

centre. The circle is the local network which interconnects the different computers

of the company.

In this chapter, we shall consider the meanings of the different numbers and how

they are used to transmit the datagrams.

IP ADRESSES

The internet protocol transmits information between machines in the form of

datagrams. Each datagram is sent to the address specified in the address fields of the

destination machine (fifth word of the datagram heading). This address is a standard

172.16.12.3

Gate

172.16.1.5

Internet

nternet172.16.1.

172.16.12.3

Personnel

172.16.1.5

172.16.12.0

Sales

172.16.12.2

Accounts

172.16.12.2

Fig 2.1 National Network


14/49



IP address coded in 32 bits and containing network and a unique machine within the

network .

An IP address contains a machine part and a network part but the format of

these two parts is not the same in all addresses.

IP addresses are identified in two ways: the class of the address or the address

mask CIDR (Classless Inter Domain Routing).

ADDRESS CLASSES:

There are three classes A,B,C.

Class A: first bit of IP address is 0. the 7 bits which follow identify the

network and the last 24 bits identify the machine. There are less than 128 classes of

type A but each class can contains millions of computers.Class B: first two bit are 10. the first two bits identify the class, the next 14 bits

identify the network and the last 16 bits identify the machine. There are thousands of

class addresses and each of these classes can contains thousands of machines.

Feuille 5-6:

Class c the first three bits are 110. the first three bits identify the class,

the next 21 bits identify the network and the last 8 bits identify the machine. There

are millions of class C addresses but each class can only contain a maximum of 254

machines.

Multicast address - of the first four bits are 1110, it is a multicast address. These

addresses are sometimes referred to class D, but they refer to a group of computers

which share a given program, ( a videoconference program for example) in contrast

to a network of computers.

Reserved Address - of the first four bits are 1111, the address is reversed. These

addresses are sometimes referred to as class E, but they dont refer to physical

networks. No number has yet been assigned to these addresses .

IP addresses are often written in decimal form with 4 decimal numbers, each

between

255 (one octet of information). Since the bits which identify the address are located

in the same byte with the bits which identify the network, we can combine them into


15/49



a single block and present IP addresses as incorporating bytes which address the

network and bytes which

address the machine. From this viewpoint, if the numerical value of the first byte is:

Less than 128, the address is class A . the first byte is the address of the network.

The last three bytes are the address of the machine.

Between 128 and 191, the address isclass B . the first two bytes are the address of

the network, while the last 2 bytes are the address of the machine.

Between 192 and 223, the address is class C. the first three bytes address the

network and the last byte addresses the machine.

Between 223 and 233, the address is multicast. These is no part reserved for the

network. The whole address identifies a group of machines.

Greater than 239, the address is reserved. We can ignore these classes.

An example of a class A address is 10.104.0.19

An example of a class B address is 172.16.12.1

An example of a class C address is 192.168.16.1

The IP address which provides a universal addressing system across all the

networks of the Internet is one of the major strengths of the TCP/IP protocols.

However, the structure of these addresses contains a weakness. The designers of TCP

did not foresee the large scale of the networks, which now form part of the Internet.

Networks were initially used only in very big organization. The designers of TCP/IP

could not imagine the idea of a powerful UNIX system in every office. At that time

32bit addresses were adequate. They were divided into classes to reduce the cost of

processing them through the routers, even if this division into classes severely

reduced the number of machines, which can be addressed. For example, a network

witch one-class B address requires fewer routers than a similar network witch six

classes C addresses because the router only uses a single route for all the addresses.

However the network certainly doesnt have up to 64.000 computers, so a large part

of the address space reserved for such company will never be used.


16/49


17/49


18/49



172.16.26.32 * 255.255.255.224 U 1500

195.4.0.0 129.6.26.62 255.255.0.0 UG 1500

Loop back * 255.0.0.0 U 3584

Default 129.6.26.62 * UG 1500

It is very cumbersome to write addresses and their masks. A more concise

notation has been developed for CIDR addresses. Instead of specifying a machine as

having the address 172.16.26.32 and the mask as 255.255.224.0 we can write172.16.26.32/19. The number 19 refers to the number of bits of the address part of

the IP address. The RFC 1878 grieves a list of the 32 values of CIDR Prfixes. CIDR

is a temporary solution. The long term solution is to replace the existing addressing

system with a new system. In this connection, IETF( Internet Engineering Task

Force) has created a new version of IP addresses. Such a large address space makes it

possible to use a hierarchical address structure which reduces the number of routers.

Other advantages of Ipv6 include:

Enhancement of security in the protocol.

Simplification of headings, which have a fixed size.

New technique for managing the options in the heading.

Ipv6 will take a few years to be implemented In the mean time, the present

generation of TCP/IP will be adequate for all communication within the Internet.

Before ending this discussion on IP addresses, the following points should be noted:

Not all network addresses are usable. Addresses with the first byte greater than

223 cannot be used as machine addresses. Similarly the address zones 0.0.0.0/8 and

127.0.0.0/8 are reserved for specific purposes.

The network 0 represents the default route and network 127 corresponds to the

simplify the routing information that IP has to manage.

The loop back simplifies internet applications by enabling a local machine to be

considered by the software in the same way as distant machines. These special

addresses are used during the configuration of a machine.


19/49



In all network, machine numbers 0 and 255 are reserved. An IP address with all the

bits of the machine part set to 0 identifies the network itself. For example 10.0.0.0

refers to network 10 and 176.10.0.0 refers to network 176.10 these addresses are

used in routing tables to refers to networks. An IP address with all the bits of the

machine part=1, corresponds to a broadcast address. A broadcast address is used for

simultaneous communication with all the machines of the network. The broadcast

address of network 176.16 is 172.16.255.255. A data gram sent to this address will

be sent to all the machines of the network.

IP addresses are often referred to as machine addresses. This is misleading.

Network addresses are assigned to the interfaces of the gateway gate in fig 2.1 has

two addresses: one for each network card. The gateway of other peripheral devices

connected to the network are the same as the address of the network to which thesedevices are connected. For example sales addresses gate as 172.16.12.1 while

external machines communicate with gate using the address 10.104.0.19.

Three types of ways of using addresses coexist. Independent machines are directly

reached through a machine address called unicast. A unicast packet is sent to a

specific machine. Groups of machines can be contacted using a multicast

address(224.0.0.9 for example). Routers, which are located between the source and

destination, recognise the special addresses and route copies of packets to every

member of a multicast group.

IP uses the network part of an address to route the data gram between networks.

The complete address, including the address of the machine is used to send the data

gram reaches its destination.

II.3 SUB NETWORKS:

A network can be partitioned into sub-networks to decentralise the

administrartion of the network. For example , the network of the principal network.

For example a network of the university oe dschang can be organised in such a way

that every faculty has a sub-network which can be managed locally by one person

under the supersion of the principal network administrator.

Form outside the network,all the sub-network have the same network address

as the parent network , but locally each sub-network has a separate network address.

A sub-network is defined by charging the masic of IP address. For example ,

consider a nework with address 172.16.0.0/16. The mask of the sub-network

associated with this network 255.255.255.0 . The most frequencetly used subnet


20/49



mask extends the network post of the IP address by one byte (255.255.255.0) . All

the bits of the first three bytes are 1. Only the bites of the last byte are 0. the first two

bytes define the initial network, the third byte defines the subnet , and the fourth

byte defines the machines connewsted to the sub-network.

Many sub-network administrators prefer byte-oriented masks becaused they are

easy to understand when expressed in decimal format. However, this approach is 17

limited and does not enable the full power of this system to be utilised . the mask of a

subnet is bit-oriented . We can divide 172.16.0.0/16 into 16 sub-nets using the mask

255.255.240.0, for example 172.16.0.0./20. The 4 most significatnt bits of the third

byte era the address of the subnet. The 12 renaining bits (4 bits of the third byte and

8 bits s of the 4th

byte) are the address of the machine . This creates 16 subnets each

with more then 4000 machine address. The table below shaws the subnet address andthe machines produces by applying the subnet masks

Network address First Class Last Class

172.16.0. 0 172.16. 0.1 172.16. 15.254

172.16. 16.0 172.16. 16.1 172.16. 31.254

172.16. 32.0 172.16. 32.1 172.16. 47.254

172.16. 48.0 172.16. 48.1 172.16. 63.254

172.16. 64.0 172.16. 64.1 172.16. 79.254

172.16. 80.0 172.16. 80.1 172.16. 95.254

172.16. 96.0 172.16. 96.1 172.16. 111.254

172.16. 112.0 172.16. 112.1 172.16. 127.254

172.16. 128.0 172.16. 128.1 172.16. 143.254

172.16. 144.0 172.16. 144.1 172.16. 159.254

172.16. 160.0 172.16. 160.1 172.16. 175.254

172.16. 176.0 172.16. 176.1 172.16. 191.254

172.16. 192.0 172.16. 192.1 172.16. 207.254

172.16. 0.208 172.16. 208.1 172.16. 223.254

172.16.224.0 172.16. 224.1 172.16. 229.254

172.16.240.0 172.16. 240.1 172.16. 254.254

Tables of the kind are already pre-calculated and avalable in RFC 1878.


21/49



Organisations have been discouraged from creating sub-nets from class c addresses,

since, this will further reduce the number of machines (a class c address holds less

than 255 machines), The mask 255.255.255.192 divides a class C address into 4

subnets of 64 machines. The problem is that subsnet addresses with all OS or all 1'S

are not usable, wich leaves only subnets. Futhermore, since machine adresses with all

O'S or all 1'S are not usable these two subnets can only have 62 machines each this

reduces the adress space of a class C adress from 254 to 124. the fear of creating

subnets from a class c address is not longer justified. Initially, RFC stated that

network addresses containing all zeros or all ones could not be used. However, RFC

1812, (Requirements for IP version 4 routers) announces that theses subnets are legal

and can be processed by all roiuters. Some old routers do not allow the use of these

network adresses, updating the router sofware or harware enables these adresses tobe used in total security.

Class c subnets are ued when small networks are necessary for equipement

such as servers of terminals and router controllers. In some cases, a subnet can be

used to create a link between two routers. In this case, only 2 machines adressed are

requiered, on for each router the mask 255.255.255.252 applied to a class C address

creates 64 subnets each containing 64 machines. In some special cases, this approch

can be justify.

II.4 ARCHITECTURE OF INTERNET ROUTING:

The initial of the internet was based on a hierarchy gateways centred on the

APARNET. In this structure, routing information about all network was sent to the

central gateways. the central gateways processed and interchanged information using

GGP(Gateway to gateway Protocol). The processed routing information was then

sent to external gateways.Routing information was centralised by the central

gateways.

The centalised approch didnot facilitate the expansion of the internet. A new

model was developped, based on the set of equal and automatous gateways called

routing domains.These gateways interchange information 20 using the BGP (Border

Gateway Protocol). This is a decentralised system. Every gatew


22/49



NFS created the RA(Routing Arbiter) servers. A server is the placed at each

NAP(Network Access Point) . The server gives access to database, the

RADB(Router Arbiter database). Internet service providers can intorogatethis

database to validate the information supplied by an automatous system, the RADB is

only a port of the IRR(Internet Routing Registrery).

Creating an efficient routing architecture remains a major ambition of the

Internet. however this evolves, routing information will be used by IP to take the

necessary routing decisions.

II.5 THE ROUTING TABLE:

Gateways route data betwen networks, but all the periphecal devices,

machines and gateways withen network must make deciseons about routing. For

many machines the deciseons are simple:

- Of the destination machine is part of the local network, the data is sent to the

destination machine.

-

Of destination machine is part of a distant network, the data is sent to a local

gateway

After having detrminated the destination network, IP searches for network in the

routing table. the packets routing table. the table can be constructed by the the

network administrator or by the routing protocols. You can display the contents of

the routing table by using netstat -nr. The option -r tells netstat to display the routing

table while the option -n displays the information in numeric form. On a solaris

sytem, the following fields are displayed by the netstat command:

Destnation= network or machine at the destination

Gateway= gateway ta rech final destination

Flags:

U: the route is activated and operationnal

h: a specific route to a particular machine

G: the route uses a gateway


23/49



D : this route has been added dynamically after an ICMP message(a

redirected message ) Ref=the number of times that the route has been referenced to

establish a connection.

Use = number of packets transmitted by this route

Interface = the rase of the network interface used by this route

Consider a n example

% netstat nr

routing table:

Destination Gateway Flags Ref Use Interface

127.0.0.1 127.0.01 UH 1 298 1o 0Default 172.16.12.1 UG 2 50360

172.16.12.0 172.16.12.2 U 40 111379 1e 0

172.16.2.0 172.16.12.3 UG 4 1179

172.16.1.0 172.16.12.3 UG 10 1113

172.16.3.0 172.16.12.3 UG 2 1379

172.16.4.0 172.16.12.3 UG 4 1119

The first entry in the routing table corresponds to the loopback route for the

localmachine. You can deduce from this example that the machine sales is directly

connected to network 172.16.12.0 since no external gateway is specifiied for ths

network. That is to say that the entry 172.16.12.0 doesnot contoun the option G.

consequently, sales is directly connected to this network.

All the gateways in a routing table are found on networks which are directly

connected te the local system. In the abore example, the gateway addresses always

start wich 172.16.12 because this in the only network to which sales is connected.

The routung problem is further illustrated by fig2.3. the IP layer of each machine and

gateway connected to our imaginary network is replaced by a piece of the routing

table, shouring the destination networks and the gateways used in reaching them.

When a machine (172.16.12.2) sends data to another machine (172.16.1.2), it first

determines that 172.16.1.2 is the official address of the local network and applies the

mask of the subnet(the network 172.16.0.0 is divided into subnets and use the mask

255.255.255.0). After applying this mask, IP knows that the address of the


24/49



destination network is 172.16.1.0 the routing table of the source machine shows that

data for address 172.16.1.0 must be sent to gateway 172.16.12.3. This gateway can

then send data by using its network interface 172.16.1.5. Note that 172.16.12.1 is the

gateway for both 172.16.12.2 and 172.16.12.3. But since 172.16.1.2 cannot reach the

network 172.16.12.0 directly, it uses another route.

II.6 RESOLUTION OF ADDRESSES

An IP address directs datagrams to a physical network but when data crosses the

network it must be in a format consistent with the protocols of the physical layer.

The physical layer doesnt understand IP addresses. The IP address must be

translated to a machine address, which is very often the ethernet address. The

address resolution protocol(ARP) does the conversion.

The command arp displays the arp table.

% arp sales

sales(172.16.12.2 at 8:0:20:0:e:c8)

the gestion a of the arp command displays aU the contents of the arp table.(arp -a ).

II.7 PROTOCOLS, PORTS AND SOCKETS

As data crosses the layers of TCP/IP, a mechanism is required to ensure that the

data is sent to the right protocols in the transport and Internet layers. The data is

Application

Transport

Destination gateway

172.16.1.0172.16.12.0

default

172.16.12.3172.16.12.2

172.16.12.1

Network

172.16.12.2

Application

Transport

Destination gateway

172.16.1.0default

172.16.1.2172.16.1.5

Network

172.16.1.2

Destination gateway

172.16.1.0

172.16.12.0

default

172.16.1.5

172.16.12.3

172.16.12.1

Network

172.16.12.3 172.16.1.5

172.16.12.0 172.16.1.0


25/49



transmitted in a multiplexed form and must be demultiplexed before being sent to the

various applications. IP uses protocol numbers to identify the appropriate transport

protocols and the transport use port numbers to identify the applications.

Protocol numbers

The protocol number is a byte situated on the third word of heading of the

datagram. It identifies the protocol, in the layer below, to which the datagram must

be sent.

In a Unix system, protocol numbers are defined in the file /etc /protocols file.

# Internet (IP) protocols

ip 0 IP # Internet Protocolicmp 1 ICMP # Internet Control Message Protocol

ggp 3 GGP # Gateway Gateway Protocol

tcp 6 TCP # Transmission Control Protocol

egp 8 EGP # Exterior Gateway Protocol

pup 12 PUP Parc Universal Protocol

udp 17 UDP User Datagram Protocol

hmp 20 HMP Host Monitoring protocol

Port Numbers

Port numbers are stored in the file /etc/services. An example of the contents

of this file:

tcpmux 1/tcp

echo 7/tcp

echo 7/udp

discard 9/tcp

discard 9/udp

systat 11/tcp

daytime 13/tcp

daytime 13/udp

netstat 15/tcp

chargen 19/tcp

chargen 19/udp


26/49



ftp-data 20/tcp

ftp 21/tcp

telnet 23/tcp

smtp 25/tcp

Inspite of its size, the file /etc/services does not contain the post numbers of

all applications, for example, it RPC (Remote Procedure Call).

Sockets

These are dynamically assigned port numbers. It is a mechanism which allows

multiple users to access the save application

II.8 SUMMARY:

This chapter has explained how information is transmitted through the Internet,

from an application in a local machine to another application in a distant machine

TCP/IP uses a unique address to identify each machine, which is connected to the

Internet. It uses protocol and port number to identify protocols and application,

which are required to process the data as it moves from the source to the destination.

Routing tables enable datagrams to be directed through the maze of gateways, to

their final destination. Rioting tables always contain a default route.

Once data reaches the destination network, the IP address is converted to a machine

address (Ethernet address) by the ARP (address Resolution Protocol) to transfer the

data to the machine.


27/49



CHAPTER.III NETWORK SERVICES :

Some network services supply services which are very essential to client

machines. Unlike Internetaplications, these services are not directly accessible touses, but are used by machines which are connected to network to simplify their

installation,configuration and operation.

The functions perfomed by thse servers are varied:

- domain name server to convert Ipaddress to macine names.

- Configuration servers which simplify the instalklation of TCO/ip and

the installation of machines mail service.

- Electronic mail service

- File servers

- Print servers

Tcp/IP servers chould not be configurated with file servers on a Micro-computer. All

unix machines connected to a network can be servers and clients at the same rank

(peer ). The network does not depend on one or more servers.

III.1 NAMES AND ADDRESSES:

Jon Postel ,in his refence document RFC 791, Internet Protocol , defines

names addresses and routes as follows:

A name indites what we looking for .

An address indicate where it is found.

A route indicated how to access it.

Every machine (network interface) connected to a TCP/IP network has a unique

IP . A name (hostname) can be assigned to any machine or equipment which has an

IP address.Names are machine oriented. Names and user-oriented. In most cases

machines names and ip addresses can be used interchangably. For example, a user

who wishes to connect to the machine with IP address 172.16.12.2 can type to telnet

172.16.12.2 Or To telnet calls .htec.com . Whether the command is issued with a

name or IP address, the network connected is always with te IP address before

making the connection. There are two methds used in tranlating names to addresses.


28/49



The oldest method is based of machines. A more recent method is based on a

dDistributed DataBase of names and address. This is the DNS (Domain Name

Service)

III.1.1 Tables of machines:

A table of machines is the text file which associtaed names of machines to ip

adresses. on many UNIX systems, this file corresponds to /etc/hosts.

This file on the machine "sales" could contain the following entries:

172.16.12.2 sales.htec.com sales

127.0.0.1 localhost

172.16.12.4 accounts.htec.com accounts

172.16.12.3 gate.htec.com gate loghost172.16.12.3 personnnal.htec.com pacane

172.16.1.2 research.htec.com research

The name of machine 172.16.12.2 is "sales.htec.com"the alias of machine is

"sales

the second entry of the file assigns the address 127.0.0.1 to the machine localhost.

Address 127 of a class A address is reserved for the loopback network. Machine

address 127.0.0.0 is a special address of a local machine. This is a mechanism which

enables the machine to communicate with itself as well as with distant machines.

Although machine tables have been replaced by DNS, it is still widely used for many

reasons:

Most systems have a short table containing only the names of the most iportant

machines of the local network. this table is used when DNS is not functioning, for

eaxample during booting of a machine. Even if we use DNS it is advisable to create a

short /etc/hosts file containing the entries of the machine, the localt host, the

gateways and the servers of the network.

Sites which use NIS use the table of machines as input to the database of NIS

machines

Small networks which are not connected to the internet use sometimes use machine

tables. If the network only has a few machines do not communicate with via TCP/IP

with distant machines then it is sufficient to use machine tables.


29/49



The machine tables have been superpected by the DNS for two reasons : lack of a

capacity for extension and automatic update. tables which were manually updated

could not be communicated to all the machines withen the internet.

III.1.2The domain Name service (DNS):

The DNS overcomes all the deficiencies of the system of machine tables:

- it is easily extendable

- all new information about a machine is automatically transmitted to every part of

the network

DNS is a decentralised database. Of a DNS server receives a request about a

domain which it doesnt know about, it transmits the request to a server which has

authority over that domain. When the distant sever responds, the local server keepsthe information (in a cache) for future use. The next time the local server receives a

request about the domain, it uses the information in the cache to respond directly.

In addition to replacing machine tables, DNS also replaces an older system of

name service. The older system is also called name service. Both servers are found

in file /etc/service. The old version uses port number 42 for the UDP protocol and it

has the name nameserver or name. The newer version uses port number 53 for

UDP and has the name domain. The presence of these two systems in the same file

is a potential source of configuration for many uses.

III.1.3 the hierarchy of domains

The DNS is a hierarchical system, organised like an inverted tree. The roots of

the tree are the domains of the highest level. Some of these domains are

.com

.edu

.gov

.net

.int

.org

several proposals have been made to increase the number of top-level domains. One

proposal is to create more organisations to manage domains. At the moment, only

InterNIC manages all domains. The most important domain .com already has so


30/49



many sub-domains that it will soon be difficult to manage the databases containing

this domain. At the present, the registration of domain costs 50 dollar per annum.

Some domains which have been proposed include:

firm(businesses and enterprises)

store ( enterprises selling articles)

web ( organisations specialised in the web)

info ( services pronding information).

III.1.4creating domains and sub-domains

The NIC (network information center) is the competent authority for

allocation of domains. If you need to create a domain below one of the highest-level

domains you must apply to NIC. Once the authorisation is granted, you can createother domains(sub-domains) below your domain.

For example, if the network in chapter 2 is in company dealing with high technology,

we can apply to NIC for a domain name HTEC and create sub-domain sales,

accounts, personnel and several others.

III.1.5 domain names:

A domain name reflects the hierarchy of the domains. The name starts with the

most specific domain(machine name) and ends with the most generic domain. An

example is sales.htec.com.

III.1.6 bind, revolver and named:

The DNS, implemented on most unit system is based on the program

bind(Berkeley Internet Name Domain). The program is organised in two parts: a

resolver and a name server.

The resolver is the program which creates requests. It asks questions. The name

server is the process which processes the request to answer the question asked by the

resolver.

Bind is executed in the form of a process call named.

Name servers are classified according to their configuration. The are three

categories:

Primary server

This is the server which has all the information about a domain. This server is a

file created by the system administrator. There should only be one primary server for

each domain.


31/49



Secondary server

Tecondary server transfer all the database about a domain from the primary

server. The file containing the database of the primary server is called the Zone file.

Copying this file to a secondary server is called transferring the zone file. A

secondary server ensures that it contains up-to-date information about domain by

transferring the zone file periodically. Secondary server also have authority over

their domain.

Cache servers

This server store the response obtained from other servers and use the

information when necessary.

When you add a new machine to the network, you modify the database of the

primary server. The modified Information is atomically transmitted to other serversby complete transfer of the zone files or by response caches.

III.2 NIS:NETWORK INFORMATION SERVICE

NIS is a system of databases of administration developed by sun Microsystems. It

provides centralised control and automatic dissemination of important system

administration files. NIS can be used at the same time as the DNS.

NIS provides information about the local network. It is not designed to be used

globally on the Internet.

III.3 ELECTRONIC MAIL SERVICE

electronic mail is the most widely used Internet Service. The service uses many

protocols, the most important of which include:

- SMP (Simple Mail Transfer Protocol)

- POP (Post Office Protocol)

- MIME ( Multipurpose Internet Mail Extersions)

Another protocol, IMAP (Interactive Mail Access Protocol) has been designed to

replace POP. IMAP is described in RFC 1176 has functionalities such as the search

are not found in POP.


32/49



III.3.1 Simple Mail Transport Protocol

SMTP is the protocol which transports electronic mail across the internet and across

your local network. It is described in RFC 821 . it functions by connecting to TCP.

The standard port number assigned to SMTP is 25. some of the simplest commands

of SMTP are shown below.

Command Syntaxe Function

Hello HELO < sender

machine>

Identify SMTP

From MAIL from:

Sender address

Recipient RCPT TO : < recipientaddress>

Destination address

Data DATA Beginning of message

Reset RSET Cancel message

Verify VRFY Verification of name of

user

Expand EXPN Expand mailing list

Help HELP Demand on line helpQuit QUIT End of SMTP session

SMTP is so simple that you can use it directly by sending a telnet command to port

25 :

% telnet gate.htec.com 25

connected to gate.htec.com

helo sales.htec.com

mail from: < [email protected]>

The system is facily simple. A TCP connection is opered, the connecting

system is identified, and a dialog ensues unite the message is transmitted.

SMTP provides a system of direct transmission between the sender and recipient

machines. This is unusual, most electronic mail protocols use a save-and-resend

system in which the mail is saved and resent. This is the case with UUCP and X.400

which transmit messages to their destination step by step.

III.3.2Post Office Protocol (POP)


33/49



Two versions of POP are widely user POP2 and POP3. POP2 is defined in

RFC 937 and POP3 is defined in RFC 1725.

Version 2 of this protocol uses port number 109 while

Version 3 uses port number number 110.

The two protocols are incompatible and have different commands, but they

perform the login name and password of the user are correct and the move the users

mail from the server to the local mail reader.

POP2 and POP3 commands can also be issued from a telnet.

POP2 commands are shown below.

Commands Syntaxes Functions

Folder

Read

Retrieve

Save

Delete

Failed

Quit

FOLD destination

file

READ [n]

RETR

ACKS

ACKD

NACK

QUIT

Destination file for e-mail

Read e-mail, starting with

the message [n]

Recuperation of message

Save message and quit

Delete message and quit

Quit without saving

End of session

POP3 commands are completely different.

Commands Functions

USER

(username)

PASS

Account name of the user

Password


34/49



(password)

STAT

RETR n

DELE n

LAST

RSET

QUIT

Number of messages and size of messages which have not

been read

Recuperate the message n

Delete n

Give the name of the last message accessed

Cancel the suppression of all messages. The first message

becomes the active message.

End of session

III.3.3MIME : Multipurpose Internet Mail Extensions

MIME extends the definition of the contents of electronic mail. The structure

of a message which is transmitted by SMTP is defined in RFC822. (Standard for the

format of ARPA Internet text Messages). This document defines standard headings

which must be included in the e-mail.

MIME extends RFC822 in two directions:

Type of Data RFC822 specifies that only ASCII text coded in 7 bits can be

used while this is sufficient for the English language, it is insufficient for other

languages which have a more extensive character set

Complexity of messages RFC822 gives no details about the body of the

message. It only concentrates on the headings.

MIME addresses these short-comings by defining coding techniques for transmitting

various types of messages and a structure which allows the body of the message to

contain several different objects. RFC1521 defines seven types of objects which can

be included in an E-mail:

Text

Application (binary data)

Image ( graphical images)


35/49



Vido

Audio

Multiport (data containing several independent sections)

Message (encapsulated message such as file extension)

III.4 CONFIGURATION SERVERS :

The powerful features which make TCP/IP flexible and practical also tend to

increase its complexity. TCP/IP is not easy to configure. It is necessary to supply

information about machines, addresses, and routing. It is designed to be independent

of any hardware or network technology. Configuration servers enable the network

administrator to control the configuration of TCP/IP from a central machine. Thefrees the user from the more obscure part of the configuration.

There are three configuration protocols:

o RARP

o BOOTP

o DHCP

o

RARP: Reverse Address Resolution Protocol

RARP is defined in RFC903. It is a protocol which converts the physical

address. It is the reverse of ARP (Address Resolution Protocol). The user sends a

broadcast by using the the broadcast services of the network.

The packet sent to all the machines of the machines of the network contains the

physical address of the client and requests whether any system within the network

know the IP address associated with the physical address. The RARP server responds

with a packet containing the IP address. The client knows its physical address since it

is included in the Ethernet card. For example, the super-user can type: # ifconfig leo

To respond to a RARP request, the server must transform the machine name

foud in /etc/ethers to an IP address. This is done using DNS or BY consulting the file

/etc/hosts.

An example of the contents of /etc/ethers:

2: 60:8c:48:84:49 apollo

0:0:c0:a1:5e:10 plato


36/49



0:80:c7:aa:a8:04 aristotte

an example of the contents of /etc/hosts

Apollo 172.16.3.10

Plato 172.16.3.16

Aristote 172.16.3.4

BOOTP : Bootstrap Protocol

this protocol is define in RFC 951and RFC 1532. it is an alternative to RARP. When

BOOTP is used, RARP is no longer necessary. However, BOOTP is a more

comprehensive protocol than RARP. It supplies more configuration information.

The client sends a broadcast containing a single packet called BOOTREQUESTwhich must specify the physical address of the client. The client sends the broadcast

using the address 255.255.255.255 which is a special address called reduced

broadcast address. The client waits for the reply of the server. If after a reasonable

delay, there is no response, the client sends the packet BOOTREPLY.BOOTP which

uses two official port numbers. The UDP port number 67 is used for the server and

number 68 is used for the client. This is unusual. Most protocols use a standard port

number for the client, to ensire that each pair of client-server port numbers identifies

a unique connection for the exchange of information.

However, a BOOTP client is always ready to send a broadcast. The client

may not even know its IP address. Even of the client generates a part for the

BOOTREQUEST packet the response of the server addressed to the part and the IP

address of the client will not be read by a client which does not know its IP address.

This is why BOOTP send the response to all the machines using a specific part

number. A broadcast send to UDP part 68 is read by all the machines, ever a

machines which does not know its IP address. The machine determines whether it is

the recipient of this message by comparing the physical address included in the

message with its own address.


37/49


38/49



Static addresses assigned by DHCP to BooTP clients.

Dynamic addresses assigned to all DHCP clients.

print servers

A print server enables printers to be shared by all the users of a network. It has

several advantages:

It requires fewer printer.

Reduced maintenance cost.

Accessed to special printers(color and high-speed printers are very expensive).

The are two ways of sharing printers. One way is to use the file-sharing facilities of the

network. One other approach is to use the unix command LPR and print server lpd.

File server

File sharing is different from the transfer of files. A client can read a file saved in

a remote server, modify it, and save the modified file on the server without

transferring the file across the network. The user accesses files stored on a distant

server as if the files were stored locally.

File sharing was not part of TCP/IP protocols. It was added to manage machines

without hard disks. There are 3 protocols for file sharing: RFS(remote File System),

AFS(Andrew File System) and NFS(Network File System). NFS is the most widelyused system.

summary

TCP provides a variety of services which simplify the installation, configuration

and use of the network. These services include Domain Name Service(DNS); e-mail

services provided by protocols such as SMTP, POP and MIME; server configuration

service provided by protocols such as RARP,BOOTP and DHCP; pointer-sharing

facilities; and file-sharing facilities.


39/49



CHAPTER.IV PREPARING INFORMATION FOR

CONFIGURATION OF THE NETWORK:

Before configuring the TCP/IP layer of a machine the system Administrator

must have various types of Information:

Address of the default Gateway if the machine dialogs with other TCP/IP machines

which are not part of the local network.

Domain name server

to transform machine names into IP addresses

Subnet Mask

To communicate correctly, all the machines of the network must use thee samesubnet mask.

Broadcast address

To avoid broadcasting problems, the broadcast address of all the computers in a

network must be the same.

If you create a new TCP/IP network, you must take number of important

decisions. Will the network be connected to Internet? If so, what type of connection

will be made? how will the address of network be chosen? How will the domain

name be registered? How will the machine name be chosen?

IV.1 4.1CONNECTEDANDSTARD-AOONENETWORKS:

a connected network is directly linked to the Internet has complete access to all other

network which are connected to the Internet.

A stard-alone network is not directly connected to the internet and can only access

the internet intermittently. An example of such is a TCP/IP network which accesses

the external world through a gateway of America Online (AOL). The users of the

network can send electronic mail to machines using commands such as RLOGIN.

A large number of machines are not connected to the Internet. TCP/IP is used to

communicate with the different networks of a organisation. When such corporate

networks use TCP/IP applications, especially the web, for their internal

communication, these network are referred to as Intranets. One of the most

fundamental reasons for not connecting to the Internet is the security.


40/49



Before deciding on the type of connection, a compromise must be made between cost

of connection and advantages derived from the connection.

i. Many companies only use e-mail or the web to give information about their

products. Full Internet access is not necessary in such cases. In such aces, it is

sufficient to connect a server to an internet service provider.

ii. Some organisations such as Universities and research institutions consider Internet

access as an absolute necessity.

iii. You can have the two types of connection

A private network install behind a firewall and a small connected network which

supplies information to external clients and a proxy(mandatory server ) to internal

users.

IV.2 4.2BASICINFORMATION:The interface between TCP/IP and the physical network requires an IP address,

and may eventually require a broadcast address and subnet mask.

IV.2.1 Obtaining an IP address

if the network is connected to the Internet, the IP address of every machine must be

unique in the whole Internet. Of the network is not connected, the address of a

machine only needs to be unique locally choose addresses from those proposed in

RFC 1918, address allocation for private networks. the address of these networks

are :

- Class A , 10.0.0.0 ( prefix 10/ 8 and a 24 bits address)

- Class B, from 172.31.0.0. (Prefix 172.16/ 12 and a 20 bit address)

- Class C, from 192.168.0.0 to 192.168.255.0 (prefix 192.168/16 and 16 bit

address)

To connect a network to the Internet, it is necessary to have the addresses of official

networks. These can be obtained from Internet service providers, or from CAMTEL

(in the context of Cameroon). Of the problem is not solved at the rational level, a

request is addressed to InterNIC through an application form obtained from the

address.

ftp://rs.internic.net/templates/internet-number-template.txt of you choose from RFC

1918, it is possible to connect to the Internet without having to assign new addresses

to the machines. This requires a NAT(Network Address Translation) or a proxy

server. The NAT is available in the of an additional element or software on some

routers and firewalls.


41/49


42/49



Ethernet network, referred to as maximal deameter, is 2500 metres. Of you have to

cover very long distances, you can use routers to link several Ethernet cables. Each

cable must not a separate Ethernet network.

ii) Interconnection of different network technologies. IP router can be

used to connect incompatible

Network technologies. Fig 4.1 illustrates the principle. A token ring network

172.16.1.0 is connected to two Ethernet networks 172.16.6.0 and 172.16.12.0

172.16.6.0

A

B

C

D172.16.9.0 172.16.1.0172.16.3.0

172.16.12.0

E

Internet


43/49



Fig. 4.1 Routing and Subnet work

iii) Filtering of traffic

Local traffic remains in the subnet work. Only traffic destined for other networks

crosses the gateway.

Organisational considerations include:

i) Simplifying network administration by delegating the management ofaddresses, maintenance and other responsibilities to other people.

ii) Conformity with the structure of an organisation. An organisation may require

its departments to be independent in the way they manage their networks.

iii) Isolating Internet traffic. Some organisations require their local traffic to be

isolated in a network is only accessible internally.

iv) Anticipating potential problems.

A part of the network may be used for research and experimental activities which

may make that part of the network unstable. In such cases, it is better to convert that

part of the network into a subnet work

After partitioning the network into subnets, the network administrator defines the

subnet mask. For example, our imaginary network has the mask 255.255.255.0. 8

bits are used to identify the subnet work, which creates 256 subnets. The network

administrator decides that this mask allows many subnets to be created and that each

subnet has enough machines (253 machines for each subnet).

Once the mask has been defined, it must be communicated to all the machines. There

are two ways to do this : manually by configuring the network interface and or

automatically by using routing protocols. Older routing protocols cannot store the

masks in their routing tables. Never routing protocols and operating systems are

designed to solve this problem. Masks of variable length can even be used. There are

referred to as VLSM


44/49



(Variable length subnet Mask). Fro example, the network 192.168.5.0/24 can be

divided into three subnet containing110, 50 and 60 machines be using subnet masks

255.255.255.128 is applies on the big subnet while the two smalls networks use the

mask 255.255.255.128.

IV.5 SPECFYING THE BROADCAST ADDRESS

The standard broascast address is obtained by setting all the bits of the machine part

of the address to 1. The network 172.16.12.0 has the broadcast address

172.16.12.255.

Some version of UNIX use incorrect broadcast addresses. UNIX BSD 4.2 uses a

broadcast address in which all the bits of the machine part are 0 and it is no possible

to change this. This problem does not exist in BSD 4.3 and more recent versions.Some other systems position the broadcastaddress adt the using value. Of you have

such a system, you must change the address.

IV.6 PREPARINGTHEROUTINGTABLE

There are two way to construct the routing table:

i) Static routing by a routing table prepared by the work administrator. This

approach is used when the number of gateway is limited.

ii) Dynamic routing using routing protocols. This approach is used when there are

many gatewaysin a network or when more than one gateway can reach a specific

destination .

The following considerations are a useful guide to preparing routing table:

i) Of the network has no gateway to other networks, no configuration of routing is

requered.

ii) Of the network has single gateway, dont use protocol software. Define the

single gateway as the default route.

iii) Of the network has internal gateways to sub-networks and a single gateway to

the external world, you can configure each subnet statically and make the external

gateway the default route or use a routing protocol.

iv) Of the network has many external gateways, then it is essential to use a routing

protocol.


45/49



Fig 4.1 Show a network which is sub-divided into subnets interlinked by five gateway

A, B, C, D and E. A central subnet(172.16.1.0) interconnects 5 others subnets. One

of the subnet contain a gateway to the external world. The network administrator can

choose to configure 172.16.1.0 by a routing protocol. The same approach may be

applie on 172.16.1.0. Dynamic routing is appropriate for these subnets because they

contain several gateways. Without dynamic routing, the network administrator will

have to update the routing table each time a new subnetwork is added to the system.

On the other hand, the network administrator will probably choose to configure the

other subnetworks(172.16.3.0, 172.16.6.0, 172.16.9.0) narually. All of thse subnets

have only one gateway each to reach other destinations. All subnet added to the

system are accessible through the same gateway.

IN fig4.1, the local network is connected to an external network and this imposes theuse of the BGP(Border Gateway Protocol) as the routing protocol. This forces the

gateway E to use BGP to exchange routes whith other external networks.

IV.7 OBTAINING AS AUTONOMOUS SYSTEM NUMBER

BGP imposes a unique identification number on gateways. However , mask

system do not need suck a unique identification 0. Only networks with multiple

connections to several service provides reachy require this option.

IV.8 PREPARING THE DOMAIN NAME SERVICE

To configure a machine, the user of a network must know the domain name, the

name of this machine and and the name and address of the domain name server. This

information is provided by the network administrator.

IV.8.1Obtaining the domain name

The domain name can be obtained from the offucial Internet Organisation in

your country (CAMTEL) or by sending a request to the address.

FTP;// rs.internic.net/templete/domain-templete.txt

You must pre-select a domain name and have a domain name server which works

before sending a request to INTERNIC. The commands whois verifies that this name

is not already used. The command nslookup is also useful for such verification. Once

you are sure that the domain name is avalable, run the primary server and use

nslookup to verify that the server responds to querirs about it. The application form

for a domain name, obtained from the address given above, shoild be completed and


46/49



sent by mail to [email protected] . A registration fec of 100 dollars is paid, to

reduce the number of domain names from people who donot really need them .

To register the domain name, you are asked to supply the names and IP addresses of

your primlary and secondary servers. The servers must be operationel and corrected

to the Internet. The secondary server must be situated on a different physical network

from the primary server.

IV.8.2Obtaining a IN-ADDR.ARPA Domain

The in-addr.arpa domain is an inverse domlain which converts domain names, you

must equally apply for an in-addr.arpa doamin.

IV.8.3Choosing a machine name:

Once you have a domain name, you must assign machine names within this

domain. The network administrator has the freedom to assign names, but the

following guidelines should be followed:

i. Use simple and short names

ii. Chooses machines names base on a theme.For example the name of stars, planets,

scientists.

iii. Dont use the name of projects, personal names, abreviations or technical terms.

The only thing which is really obligatory about the name of a machine is that it

should be unique within the domain

IV.9 OTHERS SERVICES

The applications are used in most network:

File servers, printer servers, and mail servers. Users must be provided with the

information which enables them to configure these servers correctly.

IV.9.1 4-9-1 File server

At the very least, a user must know the name of the machines containing the file

server. The command showmount can then be used to know which file system are

imported by the the machines. For example, a file server may contain a UNIX

manual. The users must be informed that trhey should not install these pages on their

local disks and they must be shown how to use the manual.

Print Servers


47/49



Whether printers are share using lp, lpd or NFS, the information required to

configure the client machines to access the printers is the same:

The name of the machine and the ip address of the print server as well as the name of

the printer.

Preparing the electronic Mail system

TCP/IP provides the necessary tools to create a reliable and flexible electronic mail

system. Mail servers are a tool for improving the reliability of the mail service. The

mail servers receives all the mail sent to the computers of a network. It facilitates

distant connections and the use of the protocols POP and IMAP. This enablers users

to read their mail.

Informing the users

All the configurations informations assembled during the preparation of the networkmust be communicated to the user. There are several ways of communicating such

information. NIS,NFS and configuration servers are possibilities. NIS support

databases which have a lot of information about the configuration of networks. NFS

can alowconfiguration files to be sent from a server to the client machine.

Configuration servers such as DHCP and BOOTP can supply all the parameters

which allow a TCP/IP system to be configured properly.

An example of preparation for network configuration

It is often necessary for the network administrator to create a document which

communicates configuration information to users. Such a document is presented

below for the workstation sales, in the national network of chapter 2.

Machine name

Sales

Ip address

172.16.12.2

Subnet mask

255.255.255.0

default gateway

172.16.12.1 (gate.htec.com)

broadcast address

172.16.12.255

domain name

htec.com


48/49



Name servers


172.16.6.8 (stocks.factory.htec.com)

routing protocol

RIP: Routing Information Protocol

Mail server


relay of electronic mail


print server

172.16.12.3 (personnel.htec.com)

NFS server172.16.1.2 (research.htec.com)

A similar document prepared for gate is presented below:

Machine name

Gate (172.16.12.1)

Gway(10.104.0.19)

Ip address

172.16.12.1

10.104.0.19

Subnet mask

255.255.255.0

default mask (10.104.0.19)

domain name

htec.com

Domain name servers


172.16.6.8 (stock.factory.htec.com)

Routing protocols

RIP: Routing information protocol (172.16.12.1)

BGP: Border Gateway Protocol (10.104.0.19)

Print server

172.16.12.3 (personnel.htec.com)

NFS server


49/49


172.16.1.2 (research.htec.com)

Note that the machine Gate has two network cards. All gateways have more than 1

network card and each card has to be configured separately. Each card has an address

and may have a separate name, a subnet mask and a routing protocol.

Netconfig

When installing LINUX, you are asked a series of questions. When asked if you

want to configure the network, answer yes to start netconfig. This program can be

strated by the super-user, from the command line.

The first two questions asked by netconfig concern the name of the machine and the

domain name. In the third place, you are asked if the machine will be configured to

use only loopback.

Answer no if the machine is connected to the internet or any part of a network.Only machines which use TCP/IP on machines which are not connected to a

network have to type no in response to this question.

Suummary

Preparatory to the configuration of a network, the network administration prepares

basic information which enables users to configure their machines correctly. This

information is varied and includes machines names, IP addresses, routing

information, domain names and servers such as print, file and e-mail. The

information is compiled into a document which is communicated to every user.

Documents

Administration système et réseaux