Résumé
- The comprehensive, one-stop TCP/IP resource guide for every Linux netadmin!
- Applied coverage of the entire protocol stack
- Covers every key TCP/IP application: DNS, DHCP, sendmail, NFS, Samba, and more
- All examples thoroughly tested on four leading Linux distributions
- Includes advanced coverage of firewalls, OSPF, BGP, routing policies, QoS, and more
The authoritative, comprehensive guide to Linux TCP/IP networking!
Linux TCP/IP Network Administration offers a comprehensive tutorial on the fundamentals of Linux TCP/IP networking for new and intermediate-level network administrators, detailed coverage of advanced topics for experienced administrators, and wide-ranging reference material on the entire TCP/IP protocol stack for all Linux professionals.
Long-time Linux netadmin Scott Mann covers the Linux TCP/IP protocol stack from bottom to top, offering practical, up-to-date guidance for implementing, managing, and troubleshooting any TCP/IP network or application. You'll find detailed coverage of all this, and more:
- Routing and routing table management daemons
- Superior techniques for running RIPv2, OSPF, and BGP
- Linux firewall security: effective use of ipchains and iptables
- iproute2: advanced routing policies, traffic control, and QoS
- Implementing, securing, and troubleshooting key network applications
- DNS, NIS, LDAP, DHCP, NFS, sendmail, and Samba
Linux TCP/IP Network Administration includes hundreds of real-world implementation examples and commands tested on five major Linuxdistributions: Red Hat, Caldera, SuSe, and Debian. Whatever your environment, whatever your expertise, there's never been a Linux networking guide this complete, this authoritative, or this useful!
Contents
- Preface
- A Note about Linux Distributions
- Linux Documentation
- Prerequisites
- Typographical Conventions
- Errata and Contacts
- Acknowledgments
- 1: An Introduction to TCP/IP
- Computer Networking
- Network Types
- Network Models
- OSI-RM
- The TCP/IP Network Model
- The Client-Server Model
- Request for Comment
- Institute of Electrical and Electronics Engineers (IEEE)
- The Internet, TCP/IP, and Other Stacks
- Summary
- For Further Reading
- Books
- WWW Resources
- 2: Hardware and Network Interface Layers: Network Access
- Hardware Layer
- Media
- NIC Types
- Network Interface Layer
- Technologies
- Topologies
- Media Access Method
- Switches
- Ethernet
- Linux Network Access Implementation
- Linux Supported NICs
- Linux Ethernet NIC Configuration
- Manually Configuring NICs
- Summary
- For Further Reading
- Books
- WWW and Online Resources
- 3: Between the Network Interface and Internet Layers: Address Resolution Protocol
- ARP, RARP, and the TCP/IP Model
- The Purpose of ARP
- ARP Request/Reply
- The ARP Cache
- Viewing the ARP Cache
- Manipulating the ARP Cache
- The arpwatch Daemon
- A Related Protocol: RARP
- Viewing Network Packets
- Tcpdump
- Ethereal
- Summary
- For Further Reading
- Books
- WWW and Online Resources
- 4: The Internet Layer: IPv4
- The Internet Protocol
- IPv4 Datagram
- IPv4 Helper Protocols
- IPv4 Addressing
- Multicast Addresses
- The Remaining IPv4 Address Space
- The Netmask
- Broadcast Addresses
- Reserved Addresses
- Assignment of Internet Addresses
- Configuring NICs
- ifconfig Syntax
- Setting up an Interface
- ifconfig Flags
- Configuring IP Aliases
- Other ifconfig Options and Details
- Start-up Scripts and NIC Configuration Files
- Red Hat 6.2
- Caldera 2.4
- Debian 2.1
- SuSE 6.4
- Hostname Resolution
- The /etc/hosts File
- Unresolvable Hostnames
- Summary
- What's Next
- For Further Reading
- 5: The Internet Layer: IPv6
- IPv6 Datagram
- Traffic Class
- Flow Label
- Payload Length
- Next Header
- Hop Limit
- Extension Headers
- ICMPv6
- IGMP and IPv6
- IPv6 Addressing
- IPv6 Address Representation
- IPv6 Address Types and Definitions
- Unicast Addresses
- Multicast Addresses
- Anycast Addresses
- Special Addresses
- Experimental Addresses
- NSAP and IPX
- Neighbor Discovery
- The Current State of the Linux IPv6 Implementation
- Summary
- For Further Reading
- Books
- WWW Resources
- 6: The Internet Layer: Routing
- A Simple Routing Example
- Introducing Linux Routing Tables
- Configuring the Linux Router
- A Simple Routing Algorithm
- The Routing Process
- The ping Utility
- An Intermediate Routing Example
- ICMP Redirects
- Multiple Routes
- Some Basic Routing Table Construction Guidelines
- A Note about Hostnames
- A More Complex Routing Example
- Route Aggregation and CIDR
- Multicast Routing
- Linux Multicast Support
- Multicast Applications
- Routing Multicast Packets
- What about IPv6?
- Default Free Routers
- Summary
- For Further Reading
- Books
- WWW Resources
- 7: The Transport Layer
- The Protocols
- Service Ports
- User Datagram Protocol
- Transmission Control Protocol
- The TCP Header
- Initial Connection Three-Way Handshake
- Continuing Communications
- Closing a Connection
- TCP Tunable Kernel Parameters
- TCP Security Issues
- Use of TCP versus UDP
- Summary
- For Further Reading
- 8: The Application Layer
- The Client-Server Model
- Services and Ports
- Indirect Servers: inetd, xinetd, and portmap
- The /etc/inetd.conf Configuration File
- TCP_Wrappers
- Access Control with TCP_Wrappers
- TCP_Wrappers Utility Programs
- TCP_Wrappers Vulnerabilities
- Access Control and the Portmapper
- Implementing Portmapper Access Control
- The portmap Log Entries
- Gracefully Terminating and Recovering the Portmapper
- Portmapper Vulnerabilities
- Replacing inetd with xinetd
- Advantages of xinetd
- Disadvantages of xinetd
- Obtaining xinetd
- The xinetd Configuration File
- The xinetd Daemon
- Which One Should I Use?
- Summary
- For Further Reading
- 9: Troubleshooting and Monitoring
- Troubleshooting Tips
- Splitting the Stack with ping
- Network Monitoring and Troubleshooting Utilities
- Ping
- Traceroute
- ARP Tools
- Ifconfig
- Route
- Netstat
- socklist
- Netcat
- Ethereal
- Iptraf
- Simple Network Management Protocol (SNMP)
- Other Tools
- Summary
- For Further Reading
- 10: Network Applications
- Domain Name Service
- DNS Domain Name Hierarchy
- DNS Server Types and Configuration Files
- BIND Software
- Dynamic Host Configuration Protocol
- Remote Filesystems
- Network File System
- Samba
- Other Remote Filesystems
- Network Information Service
- Lightweight Directory Access Protocol
- Electronic Mail
- X Window System
- Summary
- 11: Introducing Dynamic Routing Table Management
- Autonomous Systems
- Protocol Types
- Distance Vector Protocols
- Link State Protocols
- Path Vector Protocols
- The gated Daemon
- Obtaining, Compiling, and Installing gated
- The gated Daemon
- The /etc/gated.conf Configuration File
- The gdc Helper Utility
- RIP
- RIPv1 and RIPv2
- Configuring gated for RIPv1 and RIPv2
- Router Discovery
- Configuring gated for Router Discovery
- A Routing Example
- Implementing RIP and Router Discovery with gated?
- An Example
- Configuring golden
- Configuring beauregard and tigger
- Configuring foghorn
- Configuring topcat and eeyore
- Configuring the Hosts
- One More Thing
- Troubleshooting with gated
- Summary
- For Further Reading
- Books
- WWW Resources
- 12: OSPF
- OSPF Overview
- OSPF Basics
- OSPF Hierarchies and Other Routing Domains
- Summary of OSPF Terms
- Implementing OSPF with gated
- The ospf Stanza
- Manually Specifying routerid
- Importing and Exporting OSPF Routes
- A Few Other Configuration Notes
- A Flat OSPF Domain Example
- Example Goals
- Configuring golden
- Configuring beauregard and tigger
- Configuring foghorn, eeyore, and topcat
- Configuring the Hosts
- Interlude: Using the ospf_monitor Utility
- Examples Using OSPF Areas
- Building an Area for Route Aggregation
- Implementing Multiple Areas
- The backbone Area
- Areas 0.0.0.1, 0.0.0.2, 0.0.0.3, 0.0.0.4, and 0.0.0.5
- Area 0.0.2.1
- Hosts
- RIP or OSPF?
- GNU Zebra
- Summary
- For Further Reading
- Books
- WWW Resources
- 13: BGP
- BGP Overview
- Update Messages and Attributes
- E-BGP and I-BGP
- BGP Route Selection
- Practical Enhancements to BGP
- Implementing BGP with gated
- gated BGP Syntax
- Implementing BGP
- Summary
- For Further Reading
- 14: ipchains: Address Translation, IP Accounting, and Firewalls
- What is a Firewall?
- Packet Filtering
- Configuring the Kernel for ipchains
- ipchains Overview
- Behavior of a Chain
- Malformed Packets
- Analysis of an Inbound Packet
- Analysis of an Outbound Packet
- The Loopback Interface
- Custom Chains
- Introduction to Using ipchains
- The ipchains Command
- Some Simple Examples
- Packet Fragments
- Accounting
- IP Masquerading
- Adding Custom Chains
- ICMP Rules in a Custom Chain
- Antispoofing Rules
- Rule Ordering Is Important! Saving and Restoring Rules
- Rule Writing and Logging Tips
- Changing Rules
- Building Your Firewall
- Small Internal Network
- Simple Internal Network Using DHCP
- ipchains Isn't Just for Firewalls!
- A Few More Things
- Supplementary Utilities
- Other Examples
- Port Forwarding
- The fwconfig GUI
- Mason
- The Network Mapper (nmap)
- Additional Firewall Software
- Virtual Private Networks and Encrypted Tunnels
- The Next Generation
- Summary
- For Further Reading
- ipchains Documentation
- Masquerading Documentation
- ISP Connectivity-Related Resources
- General Firewall References
- DMZ Resources
- Cryptography References
- General Security References
- 15: Netfilter: Address Translation, IP Accounting, and Firewalls
- Netfilter Overview
- The filter Table
- The nat Table
- The mangle Table
- Netfilter Flowchart
- The iptables Utility
- Flags or Commands of iptables
- Options to iptables
- iptables Extensions
- iptables Actions
- iptables Examples
- Chain Policies
- Some Basic Rules
- Connection Tracking
- NAT Rules
- Using Existing ipchains Rules
- Summary
- For Further Reading
- 16: iproute2 And Other Routing Topics
- Routing and iproute2
- Reconfiguring the Kernel
- iproute2 Commands: ip, rtmon, rtacct, and tc
- The ip and rtmon Commands
- Realms and the rtacct Command
- Routing Policies
- Source IP Address Decisions
- Mark Values
- Masquerading Multiple Addresses
- Route NAT
- Tunneling
- IPv4 Within IPv4 Tunnels
- IPv6 Within IPv4 Tunnels
- Traffic Control
- TOS, Differentiated Services, and Integrated Services
- Queueing Disciplines
- Example Using the tc Command
- The Real Routing Algorithm
- Switching
- Tuning Linux for Routing
- Summary
- For Further Reading
- Books
- WWW Resources
- Index
L'auteur - Scott Mann
Scott Mann currently works for SGI, specializing in Linux systems. Previously, he was in independent consultant providing system, network, and security administration services and education.
Caractéristiques techniques
PAPIER | |
Éditeur(s) | Prentice Hall |
Auteur(s) | Scott Mann |
Parution | 01/10/2001 |
Nb. de pages | 848 |
Format | 17,8 x 23,5 |
Couverture | Broché |
Poids | 1651g |
Intérieur | Noir et Blanc |
EAN13 | 9780130322203 |
Avantages Eyrolles.com
Consultez aussi
- Les meilleures ventes en Graphisme & Photo
- Les meilleures ventes en Informatique
- Les meilleures ventes en Construction
- Les meilleures ventes en Entreprise & Droit
- Les meilleures ventes en Sciences
- Les meilleures ventes en Littérature
- Les meilleures ventes en Arts & Loisirs
- Les meilleures ventes en Vie pratique
- Les meilleures ventes en Voyage et Tourisme
- Les meilleures ventes en BD et Jeunesse
- Informatique Réseaux et télecommunications Ouvrages généraux
- Informatique Réseaux et télecommunications Protocoles et standards DNS
- Informatique Réseaux et télecommunications Protocoles et standards TCP/IP IP
- Informatique Réseaux et télecommunications Conception et architectures réseau
- Informatique Réseaux et télecommunications Administration réseau