Today's lesson is going to get our network up and running (at last!).
Hopefully by the end of it we'll have all our computer talking to each other
and to the internet.
I've tried to keep any theory and long winded explanations to an absolute
minimum - you've listened to me waffle on for long enough. So for now, I'm
hoping you'll take this lesson on a little faith - things will be explained
in future lessons. Of course if something I've written is confusing or
vague, please ask.
This lesson has been broken up into four phases.
Phase 1 is the information gathering stage - before we can go configuring
machines, we need to know what data to configure them with.
Phase 2 configures our home network so that all of our machines can
communicate with each other by both names and IP addresses.
Phase 3 provides some guidelines for testing our network and troubleshooting
any eventual problems.
Phase 4 adds the final touches to our gateway machine, providing internet
access to our whole network.
###############
## Phase One ##
###############
As they say in DIY circles, measure twice, cut once. The same principle
applies to what we're doing here, only networking involves fewer power tools
(shame really).
As you complete each stage, write down whatever details it asks you to
gather and by the end of Phase One we'll be able to draw a simple diagram of
our network and its details.
# Step One - Names #
First up we need to devise names for all our machines. Choosing a name for
a computer is not difficult. It can be up to 24 characters long, and can
include letters, numbers and a "-" (minus sign) (source - RFC 952). That's
pretty much all there is to it!
# Step Two - IP Addresses #
The purpose of this step is to assign IP addresses to our machines. The
first stage is the choosing of an IP address range. In stage two you select
individual addresses from within that range for each individual machine.
# Step Two - Stage 1 - IP Ranges #
When you connect to the internet via your ISP, your computer is assigned one
IP address. The allocation of this number (also called a public IP or
globally unique IP), is governed by an official body in much the same way
telephone numbers are assigned by the phone company. Correct IP allocation
is fundamental to the functioning of the internet, and for that reason you
shouldn't just go assigning any old random IP addresses to your other
computers.
That as it stands leaves us in a bit of a pickle - our ISP only gives us a
single address, but we have several computers in need of one. Fortunately
the people in charge anticipated this, and reserved several groups of
numbers for use in this situation. We're free to use any of the numbers
within these ranges as we see fit, without having to go through any official
channels or worry about who else is using them. RFC 1918
(http://www.faqs.org/rfcs/) gives a full description of the available
private address ranges, but the two most commonly used are:
10.0.0.0 - 10.255.255.255 with a subnet mask of 255.0.0.0
192.168.0.0 - 192.168.255.255 with a subnet mask of 255.255.0.0
Decide which range to use by flipping a coin. The difference between them is
nothing more than the number of individual IP addresses they provide. If you
choose the 10 range, you can edit the last three octets to create individual
addresses, whereas if you choose the 192.168 range, the last two octets are
yours to play with. Now considering that those two ranges provide
respectively over 16.5 million and more than 65 thousand individual
addresses, either one provides more than enough IPs for our little network!
I usually choose the 10 range. Why? Because it's quicker to type. Once
you've chosen a range, its time to select some individual addresses!
# Step Two - Stage 2 - IP Addresses #
This step involves thinking up individual IP addresses for our computers.
The numbers you choose must come from within the range you selected above.
Nine times out of ten plucking a few numbers out of thin air will give you a
working network, but by following the next four rules, success is no longer
left to chance.
1. The largest number permitted in any octet is 255. Now you know that, go
and watch the Sandra Bullock film "The Net" and have a good laugh.
2. The very first and very last addresses in your chosen range cannot be
assigned to a machine. For us, that means 10.0.0.0, 10.255.255.255,
192.168.0.0 and 192.168.255.255 have big "Don't Touch" signs on them. They
all have a special meaning, and if you use one, that computer won't work.
3. All the computers on your network have to be assigned IPs from the same
range. In other words, you can't assign some computers numbers from the 10
range and others numbers from the 192.168 range.
4. Every computer must have a unique IP address - make sure you don't
accidentally give two machines the same one.
At the end of this step we now have enough information to enable our
computers to communicate with each other. However if we wish to refer to
other computers by name or to access the internet we need more data.
# Step Three - Name Resolution #
It's a dilemma. Humans prefer to use names, but computers only understand
numbers. Fortunately there's a way of reconciling the two via a process
called name resolution. Depending on whether the name belongs to a computer
on the internet or a computer on your LAN the process is slightly different.
In the following two stages we make sure our machines can do both!
# Step Three - Stage 1 - Computers on the Internet #
Finding out the IP address associated with a name belonging to a computer on
the internet is done by querying a DNS server. Logically then for this
process to work, all of our computers need to be told the addresses of one
or more DNS servers. Our task in the first stage of step three is finding
out what these addresses are.
When you signed up with your ISP you might've received some sort of
"information pack" containing various details including DNS server
addresses. If this is the case, use what's been given to you. If you don't
have anything like that, the easiest way to find out which DNS servers to
use is to go on-line, and then write down the addresses listed in the file
/etc/resolv.conf while the computer is connected to the internet. To view
the contents of the file, on the command line, run the command:
cat /etc/resolv.conf
# Step Three - Stage 2 - Computers on our Network #
Because our computers exist on a network that is invisible to the internet,
no DNS servers know anything about the computers on it. One solution is to
install a DNS server locally, but that's way beyond our scope. For us,
there's a much better option available. It's called the hosts file, and is
simply a file that contains a list of the names of all the computers on our
network and their corresponding IP addresses.
The first line in each hosts file is unique to the computer it lives on, so
unfortunately we can't just create one hosts file and copy it to all the
other computers. What we can do however, is create a separate file
containing the IP to address mappings of our network, and simply append this
file to each computer's hosts file. This both preserves the unique line and
saves us some typing.
This is how I've done it for my network. Using a text editor, I created a
file called mynet.txt, added the following lines and saved it. Please note
it's really important to list the IPs first, if you put names first it won't
work.
# mynet.txt ------------------
10.0.0.1 constantinople
10.0.0.101 mushu
10.0.0.102 kokomo
10.0.0.103 sadie
10.0.0.104 tris
10.0.0.105 sooty
10.0.0.106 bob
#-----------------------------
# Step Four - The Gateway #
For a computer to be able to communicate with machines outside the network
it lives on, it needs to know which computer is the "gateway" to the outside
world. The gateway computer is the one with connections to both the internet
and the local network. All you need to complete this step is the IP address
you assigned to the gateway machine on your network. It's important the IP
address you write down is the one YOU assigned to the gateway and not the
one assigned by your ISP.
In my case, it's the computer constantinople, with IP 10.0.0.1
# Summary #
Now we have all the details we need, it's a good idea to draw a small
diagram and collate everything. Doing so could save a lot of heartache
later.
The summary for my network looks like this:
<http://linux.invisiblepixels.org/writings/networkcourse/img/mynet.png>
DNS Servers: 212.142.xxx.xxx
212.142.xxx.yyy
10.0.0.1 constantinople
10.0.0.101 mushu
10.0.0.102 kokomo
10.0.0.103 sadie
10.0.0.104 tris
10.0.0.105 sooty
10.0.0.106 bob
Gateway: 10.0.0.1
###############
## Phase Two ##
###############
Right! What we've all been waiting for. It's time to roll up our sleeves,
dust off our editors and dive in. My suggested course of action is to visit
each of your machines in turn, completing the process outlined.
For the most part the instructions take the form: "Add the line
VARIABLE=<value>". You need to replace <value> with whatever is right for
your setup. At the very end of this phase I've included copies of my files
so you have an idea of what they should look like.
Once these new settings are entered into the relevant files, your computer
will load them every time it boots. With other operating systems, you
normally have to deliberately reboot in order for new settings to take
effect. But this is Linux!! We don't have to put up with any of this reboot
nonsense. So at the end of each group of instructions I've listen a couple
of commands you can issue to activate your changes straight away.
As you follow the instructions, all I ask is that you keep your wits about
you and use a little common sense. With such a wide range of hardware and
software available, no two Linux installs are ever the same. For this reason
I am unable to take you by the hand and present you with keystroke by
keystroke instructions. In a couple of places you need to decide the exact
file to edit or the correct value to enter. I've done my best to guide you,
but ultimately you're the one in the driver's seat. Work this to your
advantage - this is your opportunity to learn! If you're not sure about
something, ask, ask, and ask again.
Because each distro uses different files for storing configuration data, the
rest of Phase Two is presented in different documents, one for each distro.
RedHat and Mandrake users will need to follow "Phase Two - RH/MDK".
Debian users should follow "Phase Two - Debian".
Before we start, a pre-flight check. We'll be editing configuration files,
so make sure you prevent a typing mistake or other mishap from totally
hosing your system by BACKING UP each file BEFORE you edit it. Lesson one
contained a suggested method of doing so.
Let's GO!
Hopefully by the end of it we'll have all our computer talking to each other
and to the internet.
I've tried to keep any theory and long winded explanations to an absolute
minimum - you've listened to me waffle on for long enough. So for now, I'm
hoping you'll take this lesson on a little faith - things will be explained
in future lessons. Of course if something I've written is confusing or
vague, please ask.
This lesson has been broken up into four phases.
Phase 1 is the information gathering stage - before we can go configuring
machines, we need to know what data to configure them with.
Phase 2 configures our home network so that all of our machines can
communicate with each other by both names and IP addresses.
Phase 3 provides some guidelines for testing our network and troubleshooting
any eventual problems.
Phase 4 adds the final touches to our gateway machine, providing internet
access to our whole network.
###############
## Phase One ##
###############
As they say in DIY circles, measure twice, cut once. The same principle
applies to what we're doing here, only networking involves fewer power tools
(shame really).
As you complete each stage, write down whatever details it asks you to
gather and by the end of Phase One we'll be able to draw a simple diagram of
our network and its details.
# Step One - Names #
First up we need to devise names for all our machines. Choosing a name for
a computer is not difficult. It can be up to 24 characters long, and can
include letters, numbers and a "-" (minus sign) (source - RFC 952). That's
pretty much all there is to it!
# Step Two - IP Addresses #
The purpose of this step is to assign IP addresses to our machines. The
first stage is the choosing of an IP address range. In stage two you select
individual addresses from within that range for each individual machine.
# Step Two - Stage 1 - IP Ranges #
When you connect to the internet via your ISP, your computer is assigned one
IP address. The allocation of this number (also called a public IP or
globally unique IP), is governed by an official body in much the same way
telephone numbers are assigned by the phone company. Correct IP allocation
is fundamental to the functioning of the internet, and for that reason you
shouldn't just go assigning any old random IP addresses to your other
computers.
That as it stands leaves us in a bit of a pickle - our ISP only gives us a
single address, but we have several computers in need of one. Fortunately
the people in charge anticipated this, and reserved several groups of
numbers for use in this situation. We're free to use any of the numbers
within these ranges as we see fit, without having to go through any official
channels or worry about who else is using them. RFC 1918
(http://www.faqs.org/rfcs/) gives a full description of the available
private address ranges, but the two most commonly used are:
10.0.0.0 - 10.255.255.255 with a subnet mask of 255.0.0.0
192.168.0.0 - 192.168.255.255 with a subnet mask of 255.255.0.0
Decide which range to use by flipping a coin. The difference between them is
nothing more than the number of individual IP addresses they provide. If you
choose the 10 range, you can edit the last three octets to create individual
addresses, whereas if you choose the 192.168 range, the last two octets are
yours to play with. Now considering that those two ranges provide
respectively over 16.5 million and more than 65 thousand individual
addresses, either one provides more than enough IPs for our little network!
I usually choose the 10 range. Why? Because it's quicker to type. Once
you've chosen a range, its time to select some individual addresses!
# Step Two - Stage 2 - IP Addresses #
This step involves thinking up individual IP addresses for our computers.
The numbers you choose must come from within the range you selected above.
Nine times out of ten plucking a few numbers out of thin air will give you a
working network, but by following the next four rules, success is no longer
left to chance.
1. The largest number permitted in any octet is 255. Now you know that, go
and watch the Sandra Bullock film "The Net" and have a good laugh.
2. The very first and very last addresses in your chosen range cannot be
assigned to a machine. For us, that means 10.0.0.0, 10.255.255.255,
192.168.0.0 and 192.168.255.255 have big "Don't Touch" signs on them. They
all have a special meaning, and if you use one, that computer won't work.
3. All the computers on your network have to be assigned IPs from the same
range. In other words, you can't assign some computers numbers from the 10
range and others numbers from the 192.168 range.
4. Every computer must have a unique IP address - make sure you don't
accidentally give two machines the same one.
At the end of this step we now have enough information to enable our
computers to communicate with each other. However if we wish to refer to
other computers by name or to access the internet we need more data.
# Step Three - Name Resolution #
It's a dilemma. Humans prefer to use names, but computers only understand
numbers. Fortunately there's a way of reconciling the two via a process
called name resolution. Depending on whether the name belongs to a computer
on the internet or a computer on your LAN the process is slightly different.
In the following two stages we make sure our machines can do both!
# Step Three - Stage 1 - Computers on the Internet #
Finding out the IP address associated with a name belonging to a computer on
the internet is done by querying a DNS server. Logically then for this
process to work, all of our computers need to be told the addresses of one
or more DNS servers. Our task in the first stage of step three is finding
out what these addresses are.
When you signed up with your ISP you might've received some sort of
"information pack" containing various details including DNS server
addresses. If this is the case, use what's been given to you. If you don't
have anything like that, the easiest way to find out which DNS servers to
use is to go on-line, and then write down the addresses listed in the file
/etc/resolv.conf while the computer is connected to the internet. To view
the contents of the file, on the command line, run the command:
cat /etc/resolv.conf
# Step Three - Stage 2 - Computers on our Network #
Because our computers exist on a network that is invisible to the internet,
no DNS servers know anything about the computers on it. One solution is to
install a DNS server locally, but that's way beyond our scope. For us,
there's a much better option available. It's called the hosts file, and is
simply a file that contains a list of the names of all the computers on our
network and their corresponding IP addresses.
The first line in each hosts file is unique to the computer it lives on, so
unfortunately we can't just create one hosts file and copy it to all the
other computers. What we can do however, is create a separate file
containing the IP to address mappings of our network, and simply append this
file to each computer's hosts file. This both preserves the unique line and
saves us some typing.
This is how I've done it for my network. Using a text editor, I created a
file called mynet.txt, added the following lines and saved it. Please note
it's really important to list the IPs first, if you put names first it won't
work.
# mynet.txt ------------------
10.0.0.1 constantinople
10.0.0.101 mushu
10.0.0.102 kokomo
10.0.0.103 sadie
10.0.0.104 tris
10.0.0.105 sooty
10.0.0.106 bob
#-----------------------------
# Step Four - The Gateway #
For a computer to be able to communicate with machines outside the network
it lives on, it needs to know which computer is the "gateway" to the outside
world. The gateway computer is the one with connections to both the internet
and the local network. All you need to complete this step is the IP address
you assigned to the gateway machine on your network. It's important the IP
address you write down is the one YOU assigned to the gateway and not the
one assigned by your ISP.
In my case, it's the computer constantinople, with IP 10.0.0.1
# Summary #
Now we have all the details we need, it's a good idea to draw a small
diagram and collate everything. Doing so could save a lot of heartache
later.
The summary for my network looks like this:
<http://linux.invisiblepixels.org/writings/networkcourse/img/mynet.png>
DNS Servers: 212.142.xxx.xxx
212.142.xxx.yyy
10.0.0.1 constantinople
10.0.0.101 mushu
10.0.0.102 kokomo
10.0.0.103 sadie
10.0.0.104 tris
10.0.0.105 sooty
10.0.0.106 bob
Gateway: 10.0.0.1
###############
## Phase Two ##
###############
Right! What we've all been waiting for. It's time to roll up our sleeves,
dust off our editors and dive in. My suggested course of action is to visit
each of your machines in turn, completing the process outlined.
For the most part the instructions take the form: "Add the line
VARIABLE=<value>". You need to replace <value> with whatever is right for
your setup. At the very end of this phase I've included copies of my files
so you have an idea of what they should look like.
Once these new settings are entered into the relevant files, your computer
will load them every time it boots. With other operating systems, you
normally have to deliberately reboot in order for new settings to take
effect. But this is Linux!! We don't have to put up with any of this reboot
nonsense. So at the end of each group of instructions I've listen a couple
of commands you can issue to activate your changes straight away.
As you follow the instructions, all I ask is that you keep your wits about
you and use a little common sense. With such a wide range of hardware and
software available, no two Linux installs are ever the same. For this reason
I am unable to take you by the hand and present you with keystroke by
keystroke instructions. In a couple of places you need to decide the exact
file to edit or the correct value to enter. I've done my best to guide you,
but ultimately you're the one in the driver's seat. Work this to your
advantage - this is your opportunity to learn! If you're not sure about
something, ask, ask, and ask again.
Because each distro uses different files for storing configuration data, the
rest of Phase Two is presented in different documents, one for each distro.
RedHat and Mandrake users will need to follow "Phase Two - RH/MDK".
Debian users should follow "Phase Two - Debian".
Before we start, a pre-flight check. We'll be editing configuration files,
so make sure you prevent a typing mistake or other mishap from totally
hosing your system by BACKING UP each file BEFORE you edit it. Lesson one
contained a suggested method of doing so.
Let's GO!