You will need to know and understand the following subsections before you actually try to configure your network. They are fundamental principles that apply regardless of the exact nature of the network you wish to deploy.
Before you start building or configuring your network, you will need some things. The most important of these are:
Note
Your Mandrake Linux distribution comes with networking enabled, therefore it may not be required to recompile the kernel. If you are running well known hardware, you should be just fine. For example: 3COM NIC, NE2000 NIC, or an Intel NIC. However, if you find yourself in the position that you do need to update the kernel, the following information is provided.
Because the kernel you are running now might not yet have support for the network types or cards that you wish to use, you will probably need the kernel source in order to recompile the kernel with the appropriate options.
However, as long as you stay within the mainstream of hardware, there should be no need to recompile your kernel unless there is a very specific feature that you need.
You can always obtain the latest kernel source from the sunsite.unc.edu web site. This is not the official site, but they have LOTS of bandwidth and capacity. The official site is kernel.org but please use the above if you can. Please remember that ftp.kernel.org is seriously overloaded. Use a mirror instead.
Normally, the kernel source will be untarred into the /usr/src/linux directory. For information on how to apply patches and build the kernel, you should read the Kernel-HOWTO. For information on how to configure kernel modules, you should read the Modules mini-HOWTO. Also, the README file found in the kernel sources and the Documentation directory are very informative for the brave reader.
Unless specifically stated otherwise, I recommend you stick with the standard kernel release (the one with the even number as the second digit in the version number). Development release kernels (the ones with the odd second digit) may have structural or other changes that may cause problems working with the other software on your system. If you are uncertain that you could resolve those sorts of problems, in addition to the potential for there being other software errors, then don't use them.
Internet Protocol (IP) addresses are composed of four bytes[3]. The convention is to write addresses in what is called “dotted decimal notation”. In this form, each byte is converted to a decimal number, (0-255), dropping any leading zeroes, unless the number is zero and written with each byte separated by a “.” character. By convention, each host or router interface has an IP address. It is legal for the same IP address to be used on each interface of a single machine in some circumstances, but usually, each interface will have its own address.
Internet Protocol networks are contiguous sequences of IP addresses. All addresses within a network have a number of digits within the address in common. The portion of the address that is common amongst all addresses within the network is called the “network portion” of the address. The remaining digits are called the “host portion”. The number of bits that are shared by all addresses within a network is called the netmask and it is the latter's role to determine which addresses belong to the network it is applied to and which don't. For example, consider the following:
| Host Address | 192.168.110.23 |
|---|---|
| Network Mask | 255.255.255.0 |
| Network Portion | 192.168.110. |
| Host Portion | .23 |
| Network Address | 192.168.110.0 |
| Broadcast Address | 192.168.110.255 |
Any address that is “bitwise anded” with its netmask will reveal the address of the network it belongs to. The network address is therefore always the lowest numbered address within the range of addresses on the network and always has the host portion of the address coded all zeroes.
The broadcast address is a special one which every host on the network listens to, in addition to its own unique address. This address is the one that datagrams are sent to if every host on the network is meant to receive it. Certain types of data like routing information and warning messages are transmitted to the broadcast address so that every host on the network can receive it simultaneously. There are two commonly used standards for what the broadcast address should be. The most widely accepted one is to use the highest possible address on the network as the broadcast address. In the example above, this would be 192.168.110.255. For some reason, other sites have adopted the convention of using the network address as the broadcast address. In practice, it doesn't matter very much which you use, but you must make sure that every host on the network is configured with the same broadcast address.
For administrative reasons, some time early in the development of the IP protocol, some arbitrary groups of addresses were formed into networks and these networks were grouped into what are called classes. These classes provide a number of standard size networks that could be allocated. The ranges allocated are:
| Network Class | Netmask | Network Addresses |
|---|---|---|
| A | 255.0.0.0 | 0.0.0.0 - 127.255.255.255 |
| B | 255.255.0.0 | 128.0.0.0 - 191.255.255.255 |
| C | 255.255.255.0 | 192.0.0.0 - 223.255.255.255 |
| Multicast | 240.0.0.0 | 224.0.0.0 - 239.255.255.255 |
What addresses you should use depends on exactly what it is that you are doing. You may have to use a combination of the following activities to get all the addresses you need:
- Installing a Linux machine on an existing IP network
If you wish to install a Linux machine onto an existing IP network, then you should contact whoever administers the network and ask them for the following information:
You should then configure your Linux network device with those details. You can not make them up and expect your configuration to work.
- Building a brand new network that will never connect to the Internet
If you are building a private network and you never intend that network to be connected to the Internet, then you can choose whatever addresses you like. However, for safety and consistency reasons, there have been some IP network addresses that have been reserved specifically for this purpose. These are specified in RFC1597 and are as follows:
Table 11.1. Reserved Private Network Allocations
Network Class Netmask Network Addresses A 255.0.0.0 10.0.0.0 - 10.255.255.255 B 255.255.0.0 172.16.0.0 - 172.31.255.255 C 255.255.255.0 192.168.0.0 - 192.168.255.255 You should first decide how large you want your network to be, and then choose as many addresses as you require.
Routing is a big topic. It is easily possible to write large volumes of text about it. Most of you will have fairly simple routing requirements, some of you will not. I will cover some basic fundamentals of routing only. If you are interested in more detailed information, then I suggest you refer to the references provided at the start of the document.
Let's start with a definition. What is IP routing? Here is one that I'm using:
“IP routing is the process by which a host with multiple network connections decides where to deliver IP datagrams it has received.”
It might be useful to illustrate this with an example. Imagine a typical office router, it might have a PPP link off the Internet, a number of Ethernet segments feeding the workstations, and another PPP link off to another office. When the router receives a datagram on any of its network connections, routing is the mechanism that it uses to determine which interface it should send the datagram to next. Simple hosts also need to route, all Internet hosts have two network devices, one is the loopback interface described above, and the other is the one it uses to talk to the rest of the network, perhaps an Ethernet, perhaps a PPP or SLIP serial interface.
Ok, so how does routing work? Each host keeps a special list of routing rules, called a routing table. This table contains rows which typically contain at least three fields: the first is a destination address, the second is the name of the interface to which the datagram is to be routed, and the third is optionally the IP address of another machine which will carry the datagram on its next step through the network. With Linux, you can see this table by using the following command:
user% cat /proc/net/route
or by using either one of the following commands:
user% /sbin/route -n user% netstat -r
The routing process is fairly simple: an incoming datagram is received, the destination address (who it is for) is examined and compared with each entry in the table. The entry that best matches that address is selected and the datagram is forwarded to the specified interface. If the gateway field is filled, then the datagram is forwarded to that host via the specified interface. Otherwise, the destination address is assumed to be on the network supported by the interface.
The routing configuration described above is best suited for simple network arrangements where there is only one possible path to a determined destination. When you have a more complex network arrangement, things get a little more complicated. Fortunately for most of you, this won't be an issue.
The big problem with “manual routing” or “static routing” as described, is that if a machine or link fails in your network, then the only way you can direct your datagrams another way, if another way exists, is by manually intervening and executing the appropriate commands. Naturally this is clumsy, slow, impractical and hazard prone. Various techniques have been developed to automatically adjust routing tables in the event of network failures where there are alternate routes. All of these techniques are loosely grouped by the term “dynamic routing protocols”.
You may have heard of some of the more common dynamic routing protocols. The most common are probably RIP (Routing Information Protocol) and OSPF (Open Shortest Path First Protocol). The Routing Information Protocol is very common on small networks such as small-to-medium size corporate networks or building networks. OSPF is more modern and more capable of handling large network configurations and better suited to environments where there is a large number of possible paths through the network. Common implementations of these protocols are: routed - RIP and gated - RIP, OSPF and others. The routed program is normally supplied with your Linux distribution or is included in the “NetKit” package detailed above.
An example of where and how you might use a dynamic routing protocol might look something like Figure 11.1.
We have three routers: A, B and C. Each one supports one Ethernet segment with a Class C IP network (netmask 255.255.255.0). Each router also has a PPP link to each of the other routers. The network forms a triangle.
It should be clear that the routing table at router A could look like:
root# route add -net 192.168.1.0 netmask 255.255.255.0 eth0 root# route add -net 192.168.2.0 netmask 255.255.255.0 ppp0 root# route add -net 192.168.3.0 netmask 255.255.255.0 ppp1
This would work just fine until the link between router A and B should fail. If that link fails, then with the routing entry shown above, hosts on the Ethernet segment of A could not reach hosts on the Ethernet segment on B because their datagram would be directed to router A's ppp0 link, which is broken. They could still continue to talk to hosts on the Ethernet segment of C and hosts on the C's Ethernet segment could still talk to hosts on B's Ethernet segment, because the link between B and C is still intact.
But wait, if A can talk to C and C can still talk to B, why shouldn't A route its datagrams for B via C and let C send them to B? This is exactly the sort of problem that dynamic routing protocols like RIP were designed to solve. If each of the routers A, B and C were running a routing daemon, then their routing tables would be automatically adjusted to reflect the new state of the network should any one of the links in the network fail. To configure such a network is simple. For each router, you only need to do two things. In this case, for router A:
root# route add -net 192.168.1.0 netmask 255.255.255.0 eth0 root# /usr/sbin/routed
The routed routing daemon automatically finds all active network ports when it starts and sends and listens for messages on each of the network devices, to allow it to determine and update the routing table on the host.
This has been a very brief explanation of dynamic routing and where you would use it. If you want more information, then you should refer to the suggested references listed at the top of the document.
The important points relating to dynamic routing are:
You only need to run a dynamic routing protocol daemon when your Linux machine has the possibility of selecting multiple possible routes to a destination. An example of this would be if you plan to use IP masquerading.
The dynamic routing daemon will automatically modify your routing table to adjust to changes in your network.