book

TCP/IP Network Administration, 3rd Edition

Name: TCP/IP Network Administration, 3rd Edition
Author: Craig Hunt
ISBN: 9780596002978

by Craig Hunt

April 2002

Intermediate to advanced

746 pages

25h 55m

English

O'Reilly Media, Inc.

Read now

Unlock full access

TCP/IP Network Administration, 3rd Edition
Dedication
Preface
AudienceOrganizationUnix VersionsConventionsWe’d Like to Hear from YouAcknowledgments
1. Overview of TCP/IP
TCP/IP and the InternetTCP/IP FeaturesProtocol StandardsA Data Communications ModelTCP/IP Protocol ArchitectureNetwork Access LayerInternet LayerInternet ProtocolThe datagramRouting datagramsFragmenting datagramsPassing datagrams to the transport layerInternet Control Message ProtocolTransport LayerUser Datagram ProtocolTransmission Control ProtocolApplication LayerSummary
2. Delivering the Data
Addressing, Routing, and MultiplexingThe IP AddressAddress StructureSubnetsThe Natural MaskCIDR Blocks and Route AggregationIPv6Internet Routing ArchitectureThe Routing TableAddress ResolutionProtocols, Ports, and SocketsProtocol NumbersPort NumbersSocketsSummary
3. Network Services
Names and AddressesThe Host TableDNSThe Domain HierarchyCreating Domains and SubdomainsDomain NamesBIND, Resolvers, and namedNetwork Information ServiceMail ServicesSimple Mail Transfer ProtocolPost Office ProtocolInternet Message Access ProtocolMultipurpose Internet Mail ExtensionsFile and Print ServersFile SharingPrint ServicesConfiguration ServersReverse Address Resolution ProtocolDynamic Host Configuration ProtocolHow DHCP worksSummary
4. Getting Started
Connected and Non-Connected NetworksBasic InformationObtaining an IP AddressObtaining an official network addressObtaining an IN-ADDR.ARPA domainAssigning Host AddressesDefining the Subnet MaskPlanning RoutingObtaining an autonomous system numberRegistering in a Routing DatabasePlanning Naming ServiceObtaining a Domain NameRegistering a DomainChoosing a HostnameOther ServicesFile ServersPrint ServersPlanning Your Mail SystemInforming the UsersSummary
5. Basic Configuration
Kernel ConfigurationUsing Dynamically Loadable ModulesRecompiling the KernelLinux Kernel ConfigurationThe BSD Kernel Configuration FileTCP/IP in the BSD KernelThe options statementThe pseudo-device statementThe device statementStartup FilesStartup RunlevelsUnderstanding /etc/inittabThe Internet DaemonThe Extended Internet DaemonSummary
6. Configuring the Interface
The ifconfig CommandThe Interface NameChecking the Interface with ifconfigAssigning an AddressAssigning a Subnet MaskSetting the Broadcast AddressThe Other Command OptionsEnabling and disabling the interfaceARPPromiscuous modeMetricMaximum transmission unitPoint-to-pointPutting ifconfig in the startup scriptsTCP/IP Over a Serial LineThe Serial ProtocolsInstalling PPPThe PPP DaemonDial-Up PPPchatPPP Daemon SecurityPPP Server ConfigurationSolaris PPPTroubleshooting Serial ConnectionsSummary
7. Configuring Routing
Common Routing ConfigurationsThe Minimal Routing TableBuilding a Static Routing TableAdding Static RoutesInstalling static routes at startupInterior Routing ProtocolsRouting Information ProtocolRunning RIP with routedRIP Version 2Open Shortest Path FirstExterior Routing ProtocolsExterior Gateway ProtocolBorder Gateway ProtocolChoosing a Routing ProtocolGateway Routing Daemongated’s Preference ValueConfiguring gatedSample gated.conf ConfigurationsA host configurationInterior gateway configurationsExterior gateway configurationTesting the ConfigurationRunning gated at startupSummary

8. Configuring DNS
BIND: Unix Name ServiceBIND ConfigurationsConfiguring the ResolverThe Resolver Configuration FileA resolver-only configurationConfiguring namedThe named.conf FileA caching-only server configurationMaster and slave server configurationsStandard Resource RecordsZone File DirectivesThe $TTL directiveThe $ORIGIN directiveThe $INCLUDE directiveThe $GENERATE directiveThe Cache Initialization FileThe named.local FileThe Reverse Zone FileThe Forward-Mapping Zone FileControlling the named ProcessUsing nslookupSummary
9. Local Network Services
The Network File SystemNFS DaemonsSharing Unix FilesystemsThe share commandThe /etc/exports fileThe exportfs commandMounting Remote FilesystemsThe mount commandThe vfstab and fstab filesNFS AutomounterSharing Unix PrintersLine Printer DaemonThe printcap fileUsing LPDLine Printer ServiceUsing Samba to Share Resources with WindowsConfiguring a Samba ServerThe smb.conf homes sectionSharing directories through SambaSharing printers through SambaNetBIOS Name ServiceNetwork Information ServiceThe nsswitch.conf fileNIS+DHCPdhcpd.confManaging Distributed ServersrcprdistPost Office ServersPOP ServerIMAP ServerSummary
10. sendmail
sendmail’s FunctionRunning sendmail as a Daemonsendmail AliasesPersonal Mail ForwardingThe sendmail.cf FileLocating a Sample sendmail.cf FileBuilding a sendmail.cf with m4 macrosGeneral sendmail.cf Structuresendmail.cf Configuration LanguageThe Version Level CommandThe Define Macro CommandConditionalsDefining ClassesSetting OptionsDefining Trusted UsersDefining Mail PrecedenceDefining Mail HeadersDefining MailersSome common mailer definitionsRewriting the Mail AddressPattern MatchingTransforming the AddressTransforming with a databaseThe Set Ruleset CommandModifying a sendmail.cf FileModifying Local InformationModifying OptionsTesting sendmail.cfTesting Rewrite RulesUsing Key Files in sendmailSummary
11. Configuring Apache
Installing Apache SoftwareUsing the Red Hat Package ManagerDownloading ApacheConfiguring the Apache ServerConfiguring Apache on SolarisUnderstanding an httpd.conf FileLoading Dynamic Shared ObjectsBasic Configuration DirectivesManaging the SwarmDefining Where Things Are StoredCreating a Fancy IndexDefining File TypesPerformance Tuning DirectivesLogging Configuration DirectivesDefining the log file formatUsing conditional loggingProxy Servers and CachingMulti-Homed Server OptionsDefining Virtual HostsWeb Server SecurityThe CGI and SSI ThreatControlling Server OptionsDirectory-Level Configuration ControlsDefining Access ControlsRequiring user authenticationImproved user authenticationSetting file-level access controlsSetting document-level access controlsUsing EncryptionManaging Your Web ServerMonitoring Your ServerSummary
12. Network Security
Security PlanningAssessing the ThreatDistributed ControlUse subnets to distribute controlUse the network to distribute informationWriting a Security PolicyUser AuthenticationThe Shadow Password FileChoosing a PasswordOne-Time PasswordsOPIESecure the r CommandsSecure ShellApplication SecurityRemove Unnecessary SoftwareKeep Software UpdatedSecurity MonitoringKnow Your SystemLooking for TroubleChecking filesChecking login activityAutomated MonitoringAccess Controlwrappertcpd access control filesDefining an optional shell commandOptional access control language extensionsControlling Access with xinetdEncryptionWhen Is Symmetric Encryption Useful?Public-Key Encryption ToolsstunnelFirewallsFunctions of the FirewallFiltering Traffic with iptablesDefining iptables filter rulesSample iptables commandsWords to the WiseSummary
13. Troubleshooting TCP/IP
Approaching a ProblemTroubleshooting HintsDiagnostic ToolsTesting Basic ConnectivityThe ping CommandTroubleshooting Network AccessTroubleshooting with the ifconfig CommandTroubleshooting with the arp CommandARP problem case studyChecking the Interface with netstatSubdividing an EthernetNetwork Hardware ProblemsChecking RoutingTracing RoutesLocating an AdministratorChecking Name ServiceSome Systems Work, Others Don’tThe Data Is Here and the Server Can’t Find It!Cache CorruptionThe zone table sectionThe Cache & Data sectionThe Hints sectiondig: An Alternative to nslookupAnalyzing Protocol ProblemsPacket FiltersModifying analyzer outputProtocol Case StudySummary
A. PPP Tools
Dial-Up IPThe dip Script FileA sample dip scriptThe PPP DaemonSignal Processingchat
B. A gated Reference
The gated CommandSignal ProcessingThe gated Configuration LanguageDirective StatementsTrace StatementsOptions StatementsInterface StatementsDefinition StatementsProtocol StatementsThe ospf StatementThe rip StatementThe isis StatementThe bgp StatementThe egp StatementThe smux StatementThe redirect StatementThe icmp StatementThe routerdiscovery StatementThe routerdiscovery client statementThe kernel Statementstatic StatementsControl StatementsThe import StatementThe export StatementAggregate Statements
C. A named Reference
The named CommandSignal Processingnamed.conf Configuration CommandsThe key StatementThe acl StatementThe trusted-keys StatementThe server StatementThe BIND 9 server statementThe options StatementThe BIND 9 options statementThe logging StatementThe BIND 9 logging statementThe zone StatementThe BIND 9 zone statementThe controls StatementThe BIND 9 controls statementBIND 9 view StatementZone File RecordsStandard Resource RecordsStart of Authority recordName Server recordAddress recordMail Exchanger recordCanonical Name recordDomain Name Pointer recordResponsible Person recordText recordHost Information recordWell-Known Services recordServer Selection record
D. A dhcpd Reference
Compiling dhcpdThe dhcpd CommandThe dhcpd.conf Configuration FileTopology StatementsConfiguration ParametersDHCP OptionsCommonly used optionsOther options
E. A sendmail Reference
Compiling sendmailThe sendmail Commandm4 sendmail MacrosdefineFEATUREOSTYPEDOMAINMAILERMore sendmail.cfsendmail Macrossendmail Classessendmail Optionssendmail Mailer FlagsThe sendmail K CommandSample script
F. Solaris httpd.conf File
G. RFC Excerpts
IP Datagram HeaderTCP Segment HeaderICMP Parameter Problem Message HeaderRetrieving RFCsRetrieving RFCs by Mail
Index
About the Author
Colophon
Copyright

Content preview from TCP/IP Network Administration, 3rd Edition

Preface

The first edition of TCP/IP Network Administration was written in 1992. In the decade since, many things have changed, yet some things remain the same. TCP/IP is still the preeminent communications protocol for linking together diverse computer systems. It remains the basis of interoperable data communications and global computer networking. The underlying Internet Protocol (IP), Transmission Control Protocol, and User Datagram Protocol (UDP) are remarkably unchanged. But change has come in the way TCP/IP is used and how it is managed.

A clear symbol of this change is the fact that my mother-in-law has a TCP/IP network connection in her home that she uses to exchange electronic mail, compressed graphics, and hypertext documents with other senior citizens. She thinks of this as “just being on the Internet,” but the truth is that her small system contains a functioning TCP/IP protocol stack, manages a dynamically assigned IP address, and handles data types that did not even exist a decade ago.

In 1991, TCP/IP was a tool of sophisticated users. Network administrators managed a limited number of systems and could count on the users for a certain level of technical knowledge. No more. In 2002, the need for highly trained network administrators is greater than ever because the user base is larger, more diverse, and less capable of handling technical problems on its own. This book provides the information needed to become an effective TCP/IP network administrator.

TCP/IP Network Administration ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Read now

Unlock full access

More than 5,000 organizations count on O’Reilly

O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.

Julian F.

Head of Cybersecurity

I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.

Addison B.

Field Engineer

I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.

Amir M.

Data Platform Tech Lead

I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.

Mark W.

Embedded Software Engineer

Network Security, Firewalls, and VPNs, 3rd Edition

Publisher Resources

ISBN: 0596002971Errata Page

Cloud Computing

Data Engineering

Data Science

AI & ML

Programming Languages

Software Architecture

IT/Ops

Security

Design

Business

Soft Skills

TCP/IP Network Administration, 3rd Edition

by Craig Hunt

Preface

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.