= Sysadmin essentials: Introduction to network management
:Author: Seth Kenlon
:Email:
[email protected]
One of the sysadmin's most important domains is the network.
While understanding everything there is to know about networking is a big topic, there's much to learn from your own humble Linux computer's networking stack.
Learning basic networking commands can help you understand how a device knows what network to connect to, how to find a shared printer or a file share — or the biggest network of all, the Internet.
This article covers the basics of network management using open source.
== What is a network?
In computing, a network is a collection of two or more computers that can communicate.
In order for networking to fascilitate communication between devices, the machines on the network must be able to find each other.
The systems responsible for making this possible are TCP and IP.
=== Transmission Control Protocol (TCP)
Communication requires a means of transport for messages between them, and computers communicate using digital signals carried over Ethernet cables or radio waves or microwaves.
The specifications for this are formally defined as the
https://tools.ietf.org/html/rfc793[TCP protocol].
== IP for addressing
Computers on a network identify themselves and each other with IP addresses, such as 10.0.0.1 or 192.168.0.8.
These are also generally mapped to hostnames, such as `laptop` and `desktop` or `darkstar` or `enterprise` or whatever name you give each machine.
The specifications for this are formally defined as the
https://tools.ietf.org/html/rfc791[IP protocol].
== Minimal networking
The most simple network possible is a single-node network.
This might seem like it's cheating, but in fact it's a valid network in the sense that a computer needs to know how to address itself.
Each computer considers itself as the `localhost` node, with an internal-only IP address of 127.0.0.1.
You can verify this with the `ping` command:
[source,bash]
----
$ ping -c 1 localhost
PING localhost (127.0.0.1) 56(84) bytes of data.
64 bytes from localhost (127.0.0.1): icmp_seq=1 ttl=64 time=0.031 ms
----
The `localhost` designation is defined in the `/etc/hosts` file:
[source,bash]
----
$ cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
----
Having an internal IP address is significant because there are important services, such as the CUPS print server and the
https://opensource.com/article/20/11/cockpit-server-management[Cockpit], that provide their interfaces over TCP/IP connections.
== Creating a basic network
While a single-node network is useful for some tasks, a network _usually_ refers to more than one computer.
Linux and the TCP/IP stack does a lot of work to make networking simple, but when automated settings aren't good enough, it's up to the sysadmin to understand how to create network configurations.
To begin with, start simple and try creating a two-computer network.
To eliminate automatic settings so you can get used to building a network yourself, try using a specially wired Ethernet cable called a _crossover cable_.
A crossover cable connects transmit signals coming from one computer to the appropriate receptors on another computer.
image: crossover.png
With no router between the computers, all network management must be done manually on each machine, making this a good introductory exercise for networking basics.
Using a crossover cable to connect two computers together, you eliminate any external network controller to offer guidance, so neither computer does anything to create or join a network.
In this simple setup, you are the ultimate networking authority.
To create a network, you first must assign an IP address to each computer.
The block reserved for self-assigned IP addresses is 169.254.x.x.
=== View your network interfaces on Linux
To create a network, you need network interfaces.
The Ethernet port is usually designated with the term `eth` plus a number starting with 0, but some devices get reported with different terms.
You can discover the interfaces on a computer with the `ip` command:
[source,bash]
----
$ ip address show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 ...
link/loopback 00:00:00:00:00:00 brd ...
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> ...
link/ether dc:a6:32:be:a3:e1 brd ...
3: wlan0: <BROADCAST,MULTICAST> ...
link/ether dc:a6:32:be:a3:e2 brd ...
----
In this case, `eth0` turns out to be the correct interface name.
However, in some cases you'll see `en0` or `enp0s1` or similar, so it's important to always verify a device name before using it.
=== Assign a static IP address on Linux
Normally, an IP address is assigned dynamically from a dedicated DHCP server or a router running an embedded DHCP server.
It's the job of the DHCP server to broadcast offers for addresses over its network.
When a computer gets connected to a network, it requests an address.
The DHCP server assigns it one, and registers which device on the network, identified by its Media Access Control (MAC) address, has been assigned which address.
That's how computers know how to find one another across a network.
In the case of this simple network, however, there is no DHCP server handing out IP addresses or registering devices, so you must create an IP address yourself.
To assign an IP address to a computer, use the `ip` command:
[source,bash]
----
$ sudo ip address add 169.254.0.1 dev eth0
----
And again on the other computer, this time incrementing the IP address by 1:
[source,bash]
----
$ sudo ip address add 169.254.0.2 dev eth0
----
Now each computer has a means of transport (the crossover cable) and a way to be found on the network (a unique IP address).
The problem is, neither computers know they're a member of a network.
=== Setting up a network route on Linux
Normally, an external router defines the paths that network traffic must take in order to get from point A to point B.
This is called a _routing table_, and it's essentially a "city map" for your network.
For the simple network you've created, no routing table yet exists.
You can verify this with the `route` command on either or both computers:
[source,bash]
----
$ route
Kernel IP routing table
Destination | Gateway | Genmask | Flags|Metric|Ref | Use | Iface
$
----
Alternatively, you can use the `ip` command:
[source,bash]
----
$ ip route
$
----
Either way, there's no meaningful output because there is currently no route defined.
But you can add a route with the `ip` command:
[source,bash]
----
$ sudo ip route \
add 169.254.0.0/24 \
dev eth0 \
proto static
----
This command adds a route to an address range starting from 169.254.0.0 and ending at 169.254.0.255 over the `eth0` interface.
It sets the routing protocol to `static` to indicate that the route was created by you, the administrator, as an intentional override for any dynamic routing.
Verify your routing table with the `route` command:
[source,bash]
----
$ route
Kernel IP routing table
Destination | Gateway | Genmask | ... | Iface
link-local | 0.0.0.0 | 255.255.255.0 | ... | eth0
----
Or use the `ip` command for a different view:
[source,bash]
----
$ ip route
169.254.0.0/24 dev eth0 proto static scope link
----
=== Ping your neighbor
Your network now has:
* A means of transport
* A means of addressing
* A network route
With those components in place, each computer can reach hosts beyond just `localhost`.
Test it out with `ping`.
For example, from the computer assigned the address 169.254.0.1:
[source,bash]
----
$ ping -c1 169.254.0.2
64 bytes from 169.254.0.2: icmp_seq=1 ttl=64 time=0.233 ms
--- 169.254.0.2 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.244/0.244/0.244/0.000 ms
----
You can also view the neighbors you've interacted with:
[source,bash]
----
$ ip neighbour
169.254.0.2 dev eth0 lladdr e8:6a:64:ac:ef:7c STALE
----
== The network switch
While it's great for surprisingly fast file transfers, there aren't many other needs for two-node hard-wired networks.
That's where hardware like a network _switch_ comes in.
A network switch allows several ethernet cables to be attached to it, and it distributes messages indiscriminantly from the computer sending it to all computers listening on the switch.
All computers ignore the message, except for the one with an IP address that matches the intended recipient.
This makes for a relatively noisy network, but it's an easy way to physically connect a group of computers.
On most modern general-purpose networks, a physical switch for physical cables isn't practical or desired, and so a WiFi access point is used instead, but the same principles apply.
== Router
In practice, local networks connect many devices, and the number is growing as more devices become network-aware.
When you connect a network to the Internet (a network of inter-connected networks), and that number goes up by orders of magnitude.
It's impractical to manually configure a network, and so common tasks are assigned to specific nodes on the network, and each computer runs a daemon to populate network settings received from authoratitive servers on the network.
In a large network, each task is usually assigned to a separate dedicated server to ensure focus and resiliency.
These tasks include:
* DHCP server to assign and track IP addresses to devices joining the network
*
https://opensource.com/article/17/4/build-your-own-name-server[DNS server] to convert registered domain names like redhat.com to IP addresses like 209.132.183.105)
*
https://www.redhat.com/sysadmin/secure-linux-network-firewall-cmd[Firewall] to protect your network from unwanted incoming traffic or forbidden outgoing traffic
* Router to efficiently direct traffic on the network, serve as a gateway to other neworks (such as the Internet), and to perform Network Address Translation (NAT)
Thanks to open source projects like VyOS, you can even
https://opensource.com/article/20/1/open-source-networking[run your own open source router] built out of commodity hardware.
== More networking
The more networking schemes you implement in your lab, the better you understand all the issues that can arise in the real world.
Sometimes the issues are borne of individual computers and devices, other times it's hardware and infrastructure, and still other times it's non-optimal design.
Practise setting up different network topographies, either with virtual machines or real hardware (or both), and get know the open source tools of the trade.
Networking is a big topic, but networks are everywhere.
Invest in learning it now and it'll pay dividends, one way or another, sooner than later.
