Network verification and Troubleshooting

• Hardware Troubleshooting:
  • lshw –C network
  • ip
    • ip link show
    • ip –s link
• Utilities using ICMP Protocol: to verify connectivity and routes
  • ping
  • nmap
  • traceroute
• Sockets and TCP/UDP: to examine interface statistics and current connections
  • ss
  • netstat

Hostnames vs IP addresses

• Using names instead of IP addresses for convenience on the local host:
• /etc/hostname contains the system hostname
  • In most Debian-based Linux systems, the hostname can be viewed and set using the hostnamectl command
    • sudo hostnamectl set-hostname <new_ hostname>
    • NOTE: Refer to Ubuntu Documentation for preserving hostname on reboot
• /etc/hosts contains a list of IP addresses and their corresponding hostnames
  • The same file is present in other operating systems:
    • c:\windows\system32\drivers\etc\hosts on Windows
    • /etc/hosts on Unix and MacOS

Routing in Linux

• The routing table is kept in memory by the kernel
  • ip route to view the current routing table
• Implicit Routes
  • Sending traffic to the “router” using the router’s MAC address, even if the IP destination is in a remote network
• Static Routes
  • Routes that are explicitly defined in the routing table
  • ip route [add | delete] <route>
  • Netplan YAML files can specify routes
• Dynamic Routes
  • Linux supports all major dynamic routing protocols: OSPF, BGP, RIP
  • See Debian documentation: https://debian-handbook.info/browse/stable/sect.dynamic-routing.html

Firewall

Debian and Ubuntu come with UFW (simplified firewall management utility) by default. UFW profiles are stored in /etc/ufw/applications.d/. You must use root (sudo) or a privileged user to make modifications to the firewall settings.

# UFW utility examples:
ufw allow 22/tcp
ufw allow profile
ufw app list
ufw app info
ufw enable
ufw disable

# UFW utility examples:
ufw allow 22/tcp
ufw allow profile
ufw app list
ufw app info
ufw enable
ufw disable

DHCP

DHCP stands for Dynamic Host Configuration Protocol. A DHCP server can send the following configuration information to clients for automatic configuration:

• IP address and subnet Mask
• DNS servers (optional)
• Default Gateway (optional)
• WINS server (optional)
• PROXY server (optional)
• NTP server (optional)
• X Font server (optional)
• Syslog server (optional)

Please note that it is up to the DHCP client to configure the local settings. The DHCP server has no control over and cannot enforce which one of the provided configurations is used by the client.

DHCP Protocol Operation

1. DHCP client broadcasts a DHCPdiscover packet to the network
2. DHCP server responds with DHCPoffer packet
3. Client sends DHCPrequest to server
4. Server responds with DHCPACK
5. The DHCP client is obligated to maintain communication with the DHCP server and renew its IP address as dictated by the IP address's lease time expiry
6. The DHCP Client can use any of the information provided and will not need to let the server know what part of the configuration it is using

DHCP Server on Ubuntu Server

• Documentation: https://documentation.ubuntu.com/server/explanation/networking/about-dhcp/
• Internet System Consortium maintains an Open Source standard DHCP server for Linux: isc-dhcp-server
  • apt-get install isc-dhcp-server
  • sudo service isc-dhcp-server.service [start|stop|enable|status]
  • sudo systemctl [start|stop|enable|status] isc-dhcp-server.service
• Specify the Interface in /etc/default/isc-dhcp-server
  • Example: INTERFACES=“ens34 ens38”
• Main configuration file: /etc/dhcp/dhcpd.conf
• The DHCP server requires all subnets to be defined in this file, even if the other subnets are not going to be used to provide DHCP service.
• Make sure to allow port 67/UDP through the firewall: sudo ufw allow 67/udp

Example configuration file:

default-lease-time 600;
max-lease-time 7200;    # Global declarations apply to all subnets

subnet 10.1.1.0 netmask 255.255.255.0 {
  range 10.1.1.3 10.1.1.254;  # IP Range available to be assigned to clients       
  option domain-name-servers 10.1.1.1, 8.8.8.8;     # DNS Servers
  option routers 10.1.1.1;
  option domain-search  “testdomain.mytld";
}
subnet 192.168.0.0 netmask 255.255.0.0 {   # a known network, but not used by
}                                          #   the DHCP server

host printer {
  hardware ethernet 00:16:d3:b7:8f:86;  # Example of a reserved IP address
  fixed-address 10.1.1.100;             #   filtered by MAC Address
}

host web-server {
  hardware ethernet 00:17:a4:c2:44:22;
  fixed-address 10.1.1.200;
}

default-lease-time 600;
max-lease-time 7200;    # Global declarations apply to all subnets

subnet 10.1.1.0 netmask 255.255.255.0 {
  range 10.1.1.3 10.1.1.254;  # IP Range available to be assigned to clients       
  option domain-name-servers 10.1.1.1, 8.8.8.8;     # DNS Servers
  option routers 10.1.1.1;
  option domain-search  “testdomain.mytld";
}
subnet 192.168.0.0 netmask 255.255.0.0 {   # a known network, but not used by
}                                          #   the DHCP server

host printer {
  hardware ethernet 00:16:d3:b7:8f:86;  # Example of a reserved IP address
  fixed-address 10.1.1.100;             #   filtered by MAC Address
}

host web-server {
  hardware ethernet 00:17:a4:c2:44:22;
  fixed-address 10.1.1.200;
}

Interesting Files, Utilities, and Commands

• ufw
• netstat
• ss
• nmap
• ethtool (legacy utilities)
• ping
• traceroute
• iptables (back-end firewall and packet routing system)
• hostnamectl
• /etc/hostname
• /etc/hosts
• /etc/ufw/applications.d
• /etc/default/isc-dhcp-server
• /etc/dhcp/dhcpd.conf