Linux Exercise: Basic Network Configuration

IP Configuration

1. Look at your current network configuration: hostname, IP addresses, subnet mask, default gateway, DNS domain and DNS servers. Write this down somewhere.

   • # hostname
   • # ip addr
   • # ip route
   • # cat /etc/resolv.conf
2. The ip tool is the new tool to inspect and modify your network configuration, and is installed by default. The LPI exam also requires knowledge of the 'deprecated' tools ifconfig and route. Install these and use them to look at your network configuration as well.

   • # yum provides ifconfig
   • # yum -y install net-tools
   • # ifconfig
   • # route -n
3. Make sure you are logged in via the console. Stop all adapters and stop/disable NetworkManager and network. Use the low-level tools to configure your network with the parameters you recorded earlier. Check if everything works.

   • # ifdown enp0s3
   • # ifdown enp0s8
   • # systemctl stop NetworkManager; systemctl disable NetworkManager
   • # systemctl stop network; systemctl disable network
   • # hostname something
   • # ip addr change dev enp0se 10.0.2.5/24; ip link set enp0s3 up
     --- OR ---
     # ifconfig enp0s3 10.0.2.5 netmask 255.255.255.0 up
   • # ip addr change dev enp0s8 192.168.56.101/24; ip link set enp0s8 up
     --- OR ---
     # ifconfig enp0s8 192.168.56.102 netmask 255.255.255.0 up
   • # ip route add 0.0.0.0/0 via 10.0.2.2
     --- OR ---
     # route add -net default gw 10.0.2.2
   • # vi /etc/resolv.conf
     Verify your DNS domain and DNS servers are still listed here.
   • # ping 8.8.8.8
4. Reboot your system. Check your network configuration again. Which changes were persistent?

   • # reboot
   • # hostname
   • # ip addr
   • # ip route
   • # cat /etc/resolv.conf
5. Manually start a DHCP client on your adapter(s). Did you receive an IP address and other details?

   • # dhclient enp0s3 enp0s8
   • # hostname
   • # ip addr
   • # ip route
   • # cat /etc/resolv.conf
   • # cat /var/lib/dhclient/dhclient.leases
6. Stop the DHCP client

   • # killall dhclient
7. Start NetworkManager and use an interface tool to look at the NetworkManager configuration.

   • # systemctl enable NetworkManager; systemctl start NetworkManager
   • # nmtui
8. Reboot your system. Does the system get its configuration now?

   • # reboot
   • # hostname
   • # ip addr
   • # ip route
   • # cat /etc/resolv.conf

DNS Configuration

1. Find out what the IP address of www.xs4all.nl is.

   • # host www.xs4all.nl
2. Change your /etc/hosts file. Deliberately put in a wrong address for www.xs4all.nl.

   • # vi /etc/hosts

     9.9.9.9 www.xs4all.nl

3. Perform a ping to www.xs4all.nl. Which address is being used?

   • # ping www.xs4all.nl
4. Change your /etc/nsswitch.conf file. Look for the "hosts" line, and change it so that dns is used before files.

   • # vi /etc/nsswitch.conf

     hosts: dns files myhostname

5. Perform another ping to www.xs4all.nl. Which address is used?

   • # ping www.xs4all.nl
6. Restore the /etc/hosts and /etc/nsswitch files to their former configuration.

Network Troubleshooting

1. Use the ethtool to look at the status of your adapters at the link level. Which modes are supported, and which mode is chosen?

   • # ethtool enp0s3
   • # ethtool enp0s8
2. Use ip and ifconfig to look at your adapters at the IP level. Do you see the IP address, subnetmask, MTU and adapter state?

   • # ip addr
   • # ifconfig
3. Look at your route table using route, netstat -r and ip route. What is your default gateway? Is this route active?

   • # route
   • # netstat -r
   • # ip route
4. Perform a ping to 8.8.8.8. Also try a ping -R, traceroute and tracepath to this address.

   • # ping 8.8.8.8
   • # ping -R 8.8.8.8
   • # traceroute 8.8.8.8
   • # tracepath 8.8.8.8
5. Check your /etc/resolv.conf to see which name servers are active.

   • # cat /etc/resolv.conf
6. Use host and dig to perform an IP address lookup of the address www.xs4all.nl. Does this work? Also do a reverse lookup with dig.

   • # host www.xs4all.nl
   • # dig @server www.xs4all.nl a
   • # host 194.109.6.92
   • # dig @server 92.6.109.194.in-addr.arpa ptr
7. Use the netstat -a command to look at all open ports on your system. Only look for TCP and UDP ports, prevent reverse DNS lookups and show the PID of the process that owns these ports.

   • # netstat -anutp
8. Use the nmap command to perform a portscan on your local system. Does this match the output of the previous command?

   • # yum -y install nmap
   • # nmap -sS -T5 127.0.0.1
9. Use the netcat command (nc) to setup a connection to port 25 via loopback. Send an e-mail to root.

   • # yum -y install nmap-ncat
   • # nc localhost 25
   • 220 localhost.localdomain ESMTP Postfix
   • mail from: president@whitehouse.gov
   • 250 2.1.0 Ok
   • rcpt to: tux1
   • 250 2.1.5 Ok
   • data
   • 354 End data with .
   • From: Donald Trump
   • To: Tux the Penguin (1)
   • Subject: It's going to be great!
   • Really!
   • .
   • 250 2.0.0 Ok: queued as 2B78D11CFA4
   • quit
   • 221 2.0.0 Bye
   • # su - tux1
   • $ mail
10. Use tcpdump to view all network traffic. (Note: If you are logged in via SSH, filter out the SSH traffic to make sure you don't dump tcpdump traffic.)

    • # tcpdump -i enp0s8 -ln not port ssh
      In a different window or session, generate some traffic, for instance by performing a ping.

End of exercise