Log In
Or create an account ->
Imperial Library
Home
About
News
Upload
Forum
Help
Login/SignUp
Index
TCP/IP Network Administration, 3rd Edition
Preface
Audience
Organization
Unix Versions
Conventions
We’d Like to Hear from You
Acknowledgments
1. Overview of TCP/IP
TCP/IP and the Internet
TCP/IP Features
Protocol Standards
A Data Communications Model
TCP/IP Protocol Architecture
Network Access Layer
Internet Layer
Internet Protocol
The datagram
Routing datagrams
Fragmenting datagrams
Passing datagrams to the transport layer
Internet Control Message Protocol
Transport Layer
User Datagram Protocol
Transmission Control Protocol
Application Layer
Summary
2. Delivering the Data
Addressing, Routing, and Multiplexing
The IP Address
Address Structure
Subnets
The Natural Mask
CIDR Blocks and Route Aggregation
IPv6
Internet Routing Architecture
The Routing Table
Address Resolution
Protocols, Ports, and Sockets
Protocol Numbers
Port Numbers
Sockets
Summary
3. Network Services
Names and Addresses
The Host Table
DNS
The Domain Hierarchy
Creating Domains and Subdomains
Domain Names
BIND, Resolvers, and named
Network Information Service
Mail Services
Simple Mail Transfer Protocol
Post Office Protocol
Internet Message Access Protocol
Multipurpose Internet Mail Extensions
File and Print Servers
File Sharing
Print Services
Configuration Servers
Reverse Address Resolution Protocol
Dynamic Host Configuration Protocol
How DHCP works
Summary
4. Getting Started
Connected and Non-Connected Networks
Basic Information
Obtaining an IP Address
Obtaining an official network address
Obtaining an IN-ADDR.ARPA domain
Assigning Host Addresses
Defining the Subnet Mask
Planning Routing
Obtaining an autonomous system number
Registering in a Routing Database
Planning Naming Service
Obtaining a Domain Name
Registering a Domain
Choosing a Hostname
Other Services
File Servers
Print Servers
Planning Your Mail System
Informing the Users
Summary
5. Basic Configuration
Kernel Configuration
Using Dynamically Loadable Modules
Recompiling the Kernel
Linux Kernel Configuration
The BSD Kernel Configuration File
TCP/IP in the BSD Kernel
The options statement
The pseudo-device statement
The device statement
Startup Files
Startup Runlevels
Understanding /etc/inittab
The Internet Daemon
The Extended Internet Daemon
Summary
6. Configuring the Interface
The ifconfig Command
The Interface Name
Checking the Interface with ifconfig
Assigning an Address
Assigning a Subnet Mask
Setting the Broadcast Address
The Other Command Options
Enabling and disabling the interface
ARP
Promiscuous mode
Metric
Maximum transmission unit
Point-to-point
Putting ifconfig in the startup scripts
TCP/IP Over a Serial Line
The Serial Protocols
Installing PPP
The PPP Daemon
Dial-Up PPP
chat
PPP Daemon Security
PPP Server Configuration
Solaris PPP
Troubleshooting Serial Connections
Summary
7. Configuring Routing
Common Routing Configurations
The Minimal Routing Table
Building a Static Routing Table
Adding Static Routes
Installing static routes at startup
Interior Routing Protocols
Routing Information Protocol
Running RIP with routed
RIP Version 2
Open Shortest Path First
Exterior Routing Protocols
Exterior Gateway Protocol
Border Gateway Protocol
Choosing a Routing Protocol
Gateway Routing Daemon
gated’s Preference Value
Configuring gated
Sample gated.conf Configurations
A host configuration
Interior gateway configurations
Exterior gateway configuration
Testing the Configuration
Running gated at startup
Summary
8. Configuring DNS
BIND: Unix Name Service
BIND Configurations
Configuring the Resolver
The Resolver Configuration File
A resolver-only configuration
Configuring named
The named.conf File
A caching-only server configuration
Master and slave server configurations
Standard Resource Records
Zone File Directives
The $TTL directive
The $ORIGIN directive
The $INCLUDE directive
The $GENERATE directive
The Cache Initialization File
The named.local File
The Reverse Zone File
The Forward-Mapping Zone File
Controlling the named Process
Using nslookup
Summary
9. Local Network Services
The Network File System
NFS Daemons
Sharing Unix Filesystems
The share command
The /etc/exports file
The exportfs command
Mounting Remote Filesystems
The mount command
The vfstab and fstab files
NFS Automounter
Sharing Unix Printers
Line Printer Daemon
The printcap file
Using LPD
Line Printer Service
Using Samba to Share Resources with Windows
Configuring a Samba Server
The smb.conf homes section
Sharing directories through Samba
Sharing printers through Samba
NetBIOS Name Service
Network Information Service
The nsswitch.conf file
NIS+
DHCP
dhcpd.conf
Managing Distributed Servers
rcp
rdist
Post Office Servers
POP Server
IMAP Server
Summary
10. sendmail
sendmail’s Function
Running sendmail as a Daemon
sendmail Aliases
Personal Mail Forwarding
The sendmail.cf File
Locating a Sample sendmail.cf File
Building a sendmail.cf with m4 macros
General sendmail.cf Structure
sendmail.cf Configuration Language
The Version Level Command
The Define Macro Command
Conditionals
Defining Classes
Setting Options
Defining Trusted Users
Defining Mail Precedence
Defining Mail Headers
Defining Mailers
Some common mailer definitions
Rewriting the Mail Address
Pattern Matching
Transforming the Address
Transforming with a database
The Set Ruleset Command
Modifying a sendmail.cf File
Modifying Local Information
Modifying Options
Testing sendmail.cf
Testing Rewrite Rules
Using Key Files in sendmail
Summary
11. Configuring Apache
Installing Apache Software
Using the Red Hat Package Manager
Downloading Apache
Configuring the Apache Server
Configuring Apache on Solaris
Understanding an httpd.conf File
Loading Dynamic Shared Objects
Basic Configuration Directives
Managing the Swarm
Defining Where Things Are Stored
Creating a Fancy Index
Defining File Types
Performance Tuning Directives
Logging Configuration Directives
Defining the log file format
Using conditional logging
Proxy Servers and Caching
Multi-Homed Server Options
Defining Virtual Hosts
Web Server Security
The CGI and SSI Threat
Controlling Server Options
Directory-Level Configuration Controls
Defining Access Controls
Requiring user authentication
Improved user authentication
Setting file-level access controls
Setting document-level access controls
Using Encryption
Managing Your Web Server
Monitoring Your Server
Summary
12. Network Security
Security Planning
Assessing the Threat
Distributed Control
Use subnets to distribute control
Use the network to distribute information
Writing a Security Policy
User Authentication
The Shadow Password File
Choosing a Password
One-Time Passwords
OPIE
Secure the r Commands
Secure Shell
Application Security
Remove Unnecessary Software
Keep Software Updated
Security Monitoring
Know Your System
Looking for Trouble
Checking files
Checking login activity
Automated Monitoring
Access Control
wrapper
tcpd access control files
Defining an optional shell command
Optional access control language extensions
Controlling Access with xinetd
Encryption
When Is Symmetric Encryption Useful?
Public-Key Encryption Tools
stunnel
Firewalls
Functions of the Firewall
Filtering Traffic with iptables
Defining iptables filter rules
Sample iptables commands
Words to the Wise
Summary
13. Troubleshooting TCP/IP
Approaching a Problem
Troubleshooting Hints
Diagnostic Tools
Testing Basic Connectivity
The ping Command
Troubleshooting Network Access
Troubleshooting with the ifconfig Command
Troubleshooting with the arp Command
ARP problem case study
Checking the Interface with netstat
Subdividing an Ethernet
Network Hardware Problems
Checking Routing
Tracing Routes
Locating an Administrator
Checking Name Service
Some Systems Work, Others Don’t
The Data Is Here and the Server Can’t Find It!
Cache Corruption
The zone table section
The Cache & Data section
The Hints section
dig: An Alternative to nslookup
Analyzing Protocol Problems
Packet Filters
Modifying analyzer output
Protocol Case Study
Summary
A. PPP Tools
Dial-Up IP
The dip Script File
A sample dip script
The PPP Daemon
Signal Processing
chat
B. A gated Reference
The gated Command
Signal Processing
The gated Configuration Language
Directive Statements
Trace Statements
Options Statements
Interface Statements
Definition Statements
Protocol Statements
The ospf Statement
The rip Statement
The isis Statement
The bgp Statement
The egp Statement
The smux Statement
The redirect Statement
The icmp Statement
The routerdiscovery Statement
The routerdiscovery client statement
The kernel Statement
static Statements
Control Statements
The import Statement
The export Statement
Aggregate Statements
C. A named Reference
The named Command
Signal Processing
named.conf Configuration Commands
The key Statement
The acl Statement
The trusted-keys Statement
The server Statement
The BIND 9 server statement
The options Statement
The BIND 9 options statement
The logging Statement
The BIND 9 logging statement
The zone Statement
The BIND 9 zone statement
The controls Statement
The BIND 9 controls statement
BIND 9 view Statement
Zone File Records
Standard Resource Records
Start of Authority record
Name Server record
Address record
Mail Exchanger record
Canonical Name record
Domain Name Pointer record
Responsible Person record
Text record
Host Information record
Well-Known Services record
Server Selection record
D. A dhcpd Reference
Compiling dhcpd
The dhcpd Command
The dhcpd.conf Configuration File
Topology Statements
Configuration Parameters
DHCP Options
Commonly used options
Other options
E. A sendmail Reference
Compiling sendmail
The sendmail Command
m4 sendmail Macros
define
FEATURE
OSTYPE
DOMAIN
MAILER
More sendmail.cf
sendmail Macros
sendmail Classes
sendmail Options
sendmail Mailer Flags
The sendmail K Command
Sample script
F. Solaris httpd.conf File
G. RFC Excerpts
IP Datagram Header
TCP Segment Header
ICMP Parameter Problem Message Header
Retrieving RFCs
Retrieving RFCs by Mail
Index
About the Author
Colophon
← Prev
Back
Next →
← Prev
Back
Next →