1,576
edits
Changes
no edit summary
{{Admon/caution|THIS IS AN OLD VERSION OF THE LAB|'''This is an archived version. Do not use this in your OPS235 course.'''}}
=LAB PREPARATION=
==Purpose / Objectives of Lab 6==
[[Image:network.png|thumb|right|150px|Setting up networks is an essential operation for a system administrator. Maintaining network connectivity and securing the network are also essential operations for a system administrator.]]
In this lab, you will learn the basics of networking by using your '''Virtual Machines''' and your '''c7host''' machine. You will first set up a virtual private network among those machines. In addition, you will learn to set up '''network names''' (to associate with server's IP Addresses), '''associate network services with port numbers''' for troubleshooting purposes, and setup '''firewall policies''' via the '''iptables''' command.
[[Image:new_network_dialog.png|right|thumb|250px|Although the private network has been setup via the '''Virtual Machine Manager''', each virtual machine requires to change its own network setting individually (either '''graphically''' or by '''command line''').]]
# On your '''c7host''' machine, run <b>ifconfig</b> and make note of the IP address assigned to the '''virbr1''' (i.e. "Virtual Bridge) interface. This will be the default gateway and DNS server for your VMs.
# Start your '''centos2centos1''' VM and login.
# Within your centos1 VM, click '''Applications''' menu, then select '''System Tools''', and then '''Settings'''.
# In the ''Settings'' Dialog Box, click on the '''Network''' icon.
# In the '''IPv4 Settings''' tab change the method from "Automatic (DHCP)" to '''"Manual"'''.
# In the Addresses section, enter the following information:
#: IP Address: '''192.168.235.1211'''
#: Subnet Mask: '''255.255.255.0'''
#: Default Gateway: The IP address of '''virbr1''' on your centos host.
# When finished, check your settings, and then click the '''Apply''' button.
# Open a terminal and issue the '''ifconfig''' command to confirm the IP ADDRESS settings change.
# Verify that '''centos2centos1'''VM is now connected to the VPN by issuing the following command from your '''c7host''' machine:<br><b><code><span style="color:#3366CC;font-size:1.2em;">ping 192.168.235.1211</span></code></b>
'''Answer Part 2 observations / questions in your lab log book.'''
== Part 3: Backing up Only Recent File Changes ==
This part is a repeat of part2, except we will be demonstrating how to use the '''find''' command to backup recent changes to files. In this case, we will save date/time stamp information in a file, configure to connect '''centos1centos2''' to the network, run the '''find''' command, and prove that the incremental backup worked (showing the files created as a result of the configuration of centos1 to the VPN).
{| width="40%" align="right" cellpadding="10"
|}
# Keep your '''centos2centos1''' VM running (you will need it running later in this lab).# Start the '''centos1centos2''' VM and login# Before we configure centos1 centos2 network configuration, we should create a timestamp file that can be used to see which files have changed as a result of using the GUI tool. Issue the following command:
#: <b><code><span style="color:#3366CC;font-size:1.2em;">date > /tmp/timestamp</span></code></b>
# Run the network configuration tool and enter the following static configuration in the same way that you configured '''centos2centos1'''.#* IP Address: '''192.168.235.1112'''
#* Subnetmask: '''255.255.255.0'''
#* Default Gateway: '''192.168.235.1'''
#: <b>nameserver 192.168.235.1</b>
# Save your editing session.
# Confirm your settings work by doing the following(you might need to do the steps '''3''' and '''4''' a few times before it works; keep checking with the commands below and wait a bit before each attempt):
#: <b><code><span style="color:#3366CC;font-size:1.2em;">ifconfig</span></code></b>
#:<b><code><span style="color:#3366CC;font-size:1.2em;">route -n</span></code></b>
#::NETMASK="255.255.255.0"
#::GATEWAY="192.168.235.1"
#::HWADDR="52:54:00:3f:5c:fa" <-- '''use the DO NOT COPY THIS VALUE! Use MAC address for YOUR interfaceusing:''' <code><span style="color:#3366CC;font-size:1.2em;">ifconfig eth0</span></code>
#::DNS1="192.168.235.1" '''
#::BOOTPROTO="static"
'''Answer Part 4 observations / questions in your lab log book.'''
=INVESTIGATION 2: VIRTUAL NETWORKING ENVIRONMENT TWEAKS AND OTHER USEFUL UTILITIES=
=== Making iptables Policies Persistent ===
It should be noted that all of the commands that we do here with iptables will not be persistent unless you have your configuration. That means if you re-boot, the default iptables configuration will be loaded. When your iptables service starts or at boot time it has to load the rules from the file '''/etc/sysconfig/iptables-config'''.
The final section below teaches you to make your iptables settings permanent.
# Make a backup of the file '''/etc/sysconfig/iptables'''# Examine the file to see how rules are added.# Issue by issuing the command: <br><b><code><span style="color:#3366CC;font-size:1.2em;">iptables-save > /etc/sysconfig/iptables.bk</span></code></b> to save #To make the iptables rules '''persistent''' (i.e. keeps rules when system restarts), you added with issue the iptables command, above: <br><b><code><span style="color:#3366CC;font-size:1.2em;">iptables-save > /etc/sysconfig/iptables</span></code></b># Verify that the file ''''/etc/sysconfig/iptables''' was updated with your new rulesexists.
# Restart your iptables service and test your configuration.
'''Arrange proof of the following on the screen:'''
<ol><li><span style="color:green;font-size:1.5em;">✓</span> '''centos1centos2''' VM:<blockquote><ul><li>Contents of '''/tmp/lab6''' directory.</li></ul><li><span style="color:green;font-size:1.5em;">✓</span> '''centos2''' VM:<ul><li>'''ssh''' from centos2 to the CentOS host</li></ul></blockquote></li></li><li><span style="color:green;font-size:1.5em;">✓</span> '''<u>All</u> VMs''':<blockquote><ul><li>'''ifconfig''' information</li><li>Contents of '''/etc/hosthosts''' file</li></ul></blockquote></li><li><span style="color:green;font-size:1.5em;">✓</span>'''c7host''' machine<blockquote><ul><li>'''arp''' cache information</li><li>Contents of '''/etc/hosthosts''' file</li><li>Proof of backup</li><li>A list of your '''iptables''' rules</li></ul></blockquote></li><li><span style="color:green;font-size:1.5em;">✓</span> '''Lab6''' log-book filled out.</li></ol>
= Preparing for = Practice For Quizzes , Tests, Midterm & Final Exam ==
# What is a port?
