Exercise 4: DHCP

For our 4th exercise, we learned how to configure a linux computer to act as a router and a DHCP server. DHCP or Dynamic Host Configuration Protocol, is a network protocol used to configure devices that are connected to a network, so they can communicate on that network using Internet Protocol.

We first prepared and configured Computer B (connected to a wired connection and will act as the router) and Computer A . We manually assigned a static IP address (192.168.8.254) to the interface connected to Computer A and to Computer B. We needed the subnet, gateway, and subnetmask. (Answer to Question 3) Then, we checked if IP forwarding is enabled in linux kernel in Computer B. It was disabled, so we enabled it for the Computer B to act as a router.

After that, we set the appropriate firewall settings.

(Answer to Question 1.)
iptables -F   -> flushes the selected chain (all the chains in the table if none is given). This is equivalent to deleting all the rules one by one
iptables -P INPUT ACCEPT -> sets the policy for the chain to the target (INPUT).
iptables -P OUTPUT ACCEPT -> sets the policy for the chain to OUTPUT
iptables -P FORWARD ACCEPT -> sets the policy for the chain to FORWARD
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
              -> specifies the packet matching table nat (consulted when a packet that creates a new connection is encountered) , then appends POSTROUTING to the selected chain, sets the name of the interface (eth0), and specifies the MASQUERADE (target of the rule).

To check if the configuration for both computers were successful, we pinged Computer B using Computer A. Then, we copied the contents of Computer B's /etc/resolv.conf file to Computer A's. We successfully accessed a website after those steps.

Now, the challenging part was to automate the configuration of Computer A. We created the configuration file /etc/dhcp/dhcpd.conf in Computer B. We used domain-name, domain-name-servers, subnet-mask, broadcast-address, and routers for the option. (Answer to Question 2)

Then, we ran dhclient command on computer A to request for host configuration information on the server. And to check if Computer B is properly configured, we viewed the leases files which contain the current  IP addresses on lease by the DHCP server.

We also successfully accessed a website after doing the above steps for automation. We did the cleanup after.

References:
Handouts given
Wikipedia
http://linux.die.net/man/8/iptables

Exercise 3: DNS

Domain Name System or DNS is a hierarchical, distributed database that contains mappings of domain names to various types of data. DNS allows us to use friendly names to easily locate computers and other resources on a TCP/IP-based network.  (http://technet.microsoft.com/en-us/network/bb629410.aspx)

When we access a website, the web server checks it with the DNS Resolver, a built-in component in operating systems. It translates the domain name to its IP address and do the domain name-IP mapping on different databases until it is found.

Functions of DNS include caching and redundancy. DNS resolvers store the answers they get from other DNS servers. Those are added in a cache, an internal database. When you access a same website again, it does not need to look up the host again. Caching and redundancy help DNS to respond faster to queries.

Zone File
Zone file is a part of configuring a DNS server. It describes a DNS zone and contains list of all the hosts in the domain and their corresponding IP address. Here are its parts:

• SOA (Start of Authority) - states that this server is authoritative for the specific domain.
• NS (Name Server) - specifies the name server to use to look up a domain
• MX (Mail Exchange) - specifies mail server/s for the domain
• A (A record) - used for linking FQDN to an IP address
• CNAME (Canonical Name) - assigns aliases to existing A records
• PTR - reveres map IP addresses to an FQDN

For our exercise, we just used SOA, NS, A for forward zone file, and SOA, NS, PTR for reverse.

forward zone file

reverse zone file

named.conf.local 

We learned how to make a domain name for an IP address and connect to other computers using their domain names. We used BIND, a DNS software use to configure a DNS server.

I needed some patience to make this work.

pinging

References:

• http://technet.microsoft.com/en-us/network/bb629410.aspx
• http://www.inetdaemon.com/tutorials/internet/dns/servers/caching.shtml
• http://www.hansenonline.net/networking/zonefile.html

Exercise 2: IP Routing

Last Tuesday, June 25, our laboratory topic was all about Internet Protocol and routing. The discussion was okay and I learned many things about IP, but dealing with the exercise was way better because we experienced how IP routing is done.

IP address has two parts: network address/id and host address/id. The hosts and networks depend on the class of IP. Here are they:
A : 0N.H.H.H - for IPv4, it has 2⁷ bits for network and 2²⁴ bits for host
B : 10N.N.H.H - for IPv4, it has 2¹⁴ bits for network and 2¹⁶ bits for host
C : 110N.N.N.H - for IPv4, it has 2²¹ bits for network and 2⁸ bits for host
D : Multicast
E: Experimental

The default Subnet Mask for Classes A,B and C are the following:
A: 255.0.0.0
B: 255.255.0.0
C. 255.255.255.0

After the discussion on IP, we proceeded with routing of computers/IP addresses with the use of Scalable Cisco IOS Simulator for Virtual Networks. As a guide for our exercise, our laboratory instructor taught us how to route two IP addresses. He discussed it step-by-step.

For our exercise, we were tasked to do the routing to three(3) IP addresses/computers. At first, I really did not know how to do it, but upon rereading the handout, I already got the idea.

First, I connected each computer to a router, and connected those three routers through a switch. Then, I configured the three computers.

Configuration for Computer 1

Configuration for Computer 2

Configuration for Computer 3

The next step I did was to configure each router through the console. I connected each router to the other two using the ip route <interface> <netmask> <gateway> command.

To  check and to make sure that the IP routing worked, I pinged the IP addresses of the other two computers connected to a computer.

Pinged IP addresses of Computer 2 and 3 using Computer 1.

Pinged Computer 1 and 3 using Computer 2.

Pinged Computer 1 and 2 using Computer 3.

I was so happy for what I have learned and happier I finished the exercise within the laboratory hours. Kudos! :)