Changes

Jump to: navigation, search

OPS235 Lab 6 - Fedora17

113 bytes removed, 19:53, 3 January 2014
no edit summary
[[Category:OPS235]]{{Admon/caution|DraftLab|This lab has NOT been released for regular distribution. When the lab is ready to be released, this caution banner will disappear.}}
= Configuring a Network Using Virtual Machines =
[[Category:OPS235]][[Category:OPS235 Labs]]
==Overview==
* In this lab, you will learn the basics of networking by using your Virtual Machines and your f16host f17host machine.
* In addition, you will learn to associate network services with port numbers, and learn how to backup files by date/time.
==Required Materials (Bring to All Labs)==
* '''Fedora 16 17 LIVE CD''' - You can burn this onto a CD-R in the Open Lab* '''Fedora 16 x_64 17 x86_64 Installation DVD''' - You can burn this onto a DVD-R in the Open Lab (or burn image onto a DVD+R if you are using the Freedom Toaster).* '''SATA Hard Disk''' (in removable disk tray)* '''USB Memory Stick''' (minimum 64M)* '''Lab Logbook (Lab5 Reference Sheet)''' (to make notes and observations). 
==Prerequisites==
== Lab Preparation ==
{{Admon/important | Update your systems | It is advisable to perform a <code>yum update</code> on your Fedora host and all 3 VM's.}}
{{Admon/important | Live disc installations and system-config-network | The '''fedora1''' VM was installed from Live CD. It is missing the GUI Network Configuration tool we will be using. Use the command <code>yum install system-config-network</code> to install it.}}
{{Admon/important | Backup your VMs before proceeding | Stop all of your VMs and backup your VM disk images. Do not start the VMs until told to start them.}}
 
== Configuring a Network Using Virtual Machines ==
=== Investigation 1: How do you create a new virtual network. ===
{{Admon/note | Use the f16host f17host | Complete the following steps on your '''f16hostf17host''' computer system.}}
Before configuring our network we want to turn off dynamic network configuration for our Virtual Machines by turning off the "default" virtual network.
# On your '''f16hostf17host''' machine start Virtual Machine Manager
# In the Virtual Machine Manager dialog box, Select '''Edit'''-> '''Connection Details'''.
# In the '''Hosts''' Details dialog box, select the '''Virtual Networks''' tab
'''Answer the Investigation 1 observations / questions in your lab log book.'''
 
=== Investigation 2: How do you configure a static network using <code>system-config-network</code>. ===
# To configure a new interface on fedora2 go to '''Applications'''->'''Other'''->'''Network Connections'''.
# Make certain there are no '''"Wired"''' connections (even if you have to click on the connection name and click the '''Delete''' button.
# Change Create a new wired connection, with the "Connection Name" at the top to read '''eth1'''
# Click on the '''Add''' button, and select the '''IPv4 Settings''' tab.
# Change the method from "Automatic (DHCP)" to '''"Manual"'''.
#: Subnet Mask '''255.255.255.0'''
#: Default Gateway '''192.168.235.1''' (The IP address of <code>virbr1</code> on your fedora host.)
# Click on the '''DNS''' tab field and add '''192.168.235.1''' as the primary DNS server.
# Click '''Save''' to Finish, and exit the Network Connections dialog box.
# Your network connection may connect (view the Network Manager applet in the gnome panel at the top of the screen). If there is no connection after a few minutes, you should be able to right-click on the applet and click "eth1" to connect.
# You should be able to use the systemctl command to restart your network.
#'''Restart your network''' on fedora2 by issuing the commands:
#* <code><span style="background-color:yellow">systemctl stop NetworkManager.service</span></code>#*<code><span style="background-color:yellow">systemctl start NetworkManager.service</span></code>
# Verify your new interface by examining the output of <code>ifconfig</code>
# To verify that fedora2 has the correct default gateway configured, enter the command: <code>route -n</code>
'''Answer the Investigation 2 observations / questions in your lab log book.'''
 
=== Investigation 3: What files does the <code>system-config-network</code> GUI tool change?. ===
<li>View the <code>/root/netcfg.lst</code> file. What does it contain?</li>
<li>Create a new directory called: <code>/tmp/lab6</code></li>
<li>Issue the following commandcommands:
<ul>
<li><code>mkdir -p /tmp/lab6</code></li>
<li><code>find /etc -newer /tmp/timestamp -exec cp {} /tmp/lab6 \;</code></li>
</ul>
'''Answer the Investigation 3 observations / questions in your lab log book.'''
 
=== Investigation 4: How do I configure the network without a GUI tool? ===
{{Admon/note | Use fedora3 | Complete this investigation on your fedora3 VM.}}
# Start '''fedora3''' VM and login as root
# Use the command <code>ifconfig</code> to list active interfaces, you should see one with a name of <code><span style="background-color:yellow">eth0</span></code> or a similar name.
# To configure your card with a static address use the following command:
#* <code>ifconfig eth0 192.168.235.13 netmask 255.255.255.0</code>
# To configure a default gateway for that interface enter the command:
#* <code>route add default gw 192.168.235.1</code>
#* Change to the <code>/etc/sysconfig/network-scripts</code> directory on <code>fedora3</code>
#* List the contents of the directory and you should see 2 different types of files, network config scripts and network configuration files.
#* look for the config file for your original interface, it should be named <code><span style="background-color:yellow">ifcfg-eth0</span></code>#* Copy that file to <code>ifcfg-eth<span style="background-color:yellow"b>ifcfg-eth1N</spanb></code> or whatever name matches where <b>N</b> relates to your current eth interfacenumber (we will use <b>eth1</b> as an example).
#* Edit the new file for you interface and give it the following settings:
#**GATEWAY=192.168.235.1#**DNS1=192.168.235.1#**DEVICE=<span style="background-color:yelloweth1">eth1</span> -- '''<-- or the interface name <u>YOU</u> have'''#**BOOTPROTOIPADDR=none"192.168.235.13"#**NETMASK="255.255.255.0"#**TYPEGATEWAY=Ethernet"192.168.235.1"#**HWADDR="52:54:00:3f:5c:fa " <-- '''<--use the HWADDR for <u>YOUR</u> interface'''#**IPADDRDNS1="192.168.235.131" '''#**IPV6INITBOOTPROTO=no"static"#**ONBOOT="yes"#**NM_CONTROLLED="yes"#**USERCTLIPV6INIT="no"# Save the file and then restart the network connection by issuing the commands: <code>ifdown eth1</code> and then <code>NetworkManagerifup eth1</code> service<br /><br ><b>NOTE: </b>If there are errors, check that the hardware address in the config file matches the hardware address of the device its configuring<br /><br />
# Verify your configuration as you did before.
# Finally the kickstart file used to install this VM did not set the hostname. Edit the file <code>/etc/sysconfig/network</code> and set the hostname to <code>fedora3</code>
'''Answer the Investigation 4 observations / questions in your lab log book.'''
 
=== Investigation 5: How do I setup local hostname resolution? ===
::1 localhost6.localdomain6 localhost6 fedora1
192.168.235.1 f13hostf17host
192.168.235.11 fedora1
192.168.235.12 fedora2
=== <span style="background-color:yellow">Investigation 7: How can I see what network services or ports are active on my Fedora system?</span> ===
{{Admon/note | Use All Machines | Complete this investigation on all of your VM's and the Fedora host.}}
=== Investigation 8: How do I view and configure the IPTABLES firewall? -- Basic Function/Configuration ===
 
 
{{Admon/note | Use the f17host | Complete the following steps on your '''f17host''' computer system.}}
 
{{Admon/note | | [http://en.wikipedia.org/wiki/Iptables Iptables] is the built-in firewall for LINUX. While this program can be controlled by different GUI's, we are going to investigate the powerful command line interface for this program to choose what data is allowed into, out of and through our computer.
'''FORWARD''' – LINUX PC's are often used as routers or gateways for other PC's. This means that data may have to be passed through this LINUX box, but the data is not intended for the LINUX PC nor is it being sent by the LINUX PC. Even though the data will go into this PC and it will exit this PC, the INPUT and OUTPUT chains do not apply here. Because the PC is acting as a router it does not actually send or receive data, it FORWARDS data from one machine to another. When this process happens, the data is checked against the FORWARD chain to see if it is allowed through. If it is the router will forward the data to it's destination. If not, the packet is dropped.}}
{{Admon/important | Non-Persistent Changes to your Host System | Complete this lab on your host system (f13hostf16host).
It should be noted that all of the commands that we do here with iptables will not be persistent unless you have your configuration. That means if you re-boot, the default iptables configuration will be loaded.}}
<li value="9">'''Make a backup of the file <code>/etc/sysconfig/iptables</code>'''</li>
<li>Examine the file to see how rules are added.</li>
<li>Issue the command: <code>service iptables -save> /etc/sysconfig/iptables</code> to save the rules you added with the iptables command, above.</li>
<li>Verify that the file <code>/etc/sysconfig/iptables</code> was updated with your new rules.</li>
<li>Restart your iptables service and test your configuration. </li>
'''Answer the Investigation 8 observations / questions in your lab log book.'''
 
== New Configuration ==
Msaul
Administrators
13,420
edits
Retrieved from "https://wiki.cdot.senecapolytechnic.ca/wiki/Special:MobileDiff/82812...103159"

Navigation menu