up previous next contents
Next: Managing Print Services Up: Overview Previous: Overview   Contents

What is TCP/IP?

  1. Transport Communication Protocol / Internet Protocol
  2. TCP/IP is a "communications protocol"
    1. An agreement to speak a language
    2. The definition of the language
    Sample TCP/IP address
    1. 200.210.220.5
  3. Name Services
    1. "When I type www.sco.com, how does my computer find SCO's computer?"
    2. DNS and good old /etc/hosts
  4. User-Level Commands
    1. telnet, ftp, ping
    2. Remote commands: rlogin, rcp, rsh

IP Address Structure (Courtesy of TCP/IP Network Administration, O'Reilly & Associates)

B. TCP/IP Addresses

A sequence of four numbers separated by decimals: 200.210.220.5 Each number is stored in one byte (8 bits). Numbers can range from 0 to 255. IP Addresses belong to one of three classes: Class A - first byte is less than 128 Class A addresses 0 and 127 are used for special purposes. Class B - first byte ranges from 128 to 191 Class C - first byte ranges from 192 to 223 (When the first byte is greater than 223, the address is reserved.) IP addresses contain a network part and a host part. Broadcast Address - used to simultaneously address every host on a network.

IP Datagram Format (Courtesy of TCP/IP Network Administration, O'Reilly & Associates)

DNS Name Space (Courtesy of DNS & BIND, O'Reilly & Associates)

C. Datagrams

Data is sent from one host to another in packages called "datagrams". A datagram consists of (1) a header and (2) your data. A datagram header contains a lot of information about where the data came from, where it's going to, and the size of the data portion of the datagram. The datagram data follows the header, and contains the actual data you were transmitting.

D. Name Services / Naming Services

Name services are used to convert names that are easy for humans to remember into numbers (IP addresses) that are easy for computers to deal with. /etc/hosts Approach Each machine has it's own /etc/hosts file Easy to configure in small sites Becomes very difficult as sites get larger or connect to Internet Try to use this when connecting to the Internet, and you may need to maintain the name/address of every computer system on the Internet! DNS - Domain Name Service Used on the Internet More difficult to configure, but a necessity for larger sites and the Internet. Consists of DNS clients and servers.

Routing (Courtesy of Connecting to the Internet, O'Reilly & Associates)

E. Routing

When multiple networks connect, data must be routed from one network to the next. UNIX systems can perform routing functions, or you can buy special-purpose devices called routers to serve this purpose. IP makes routing decisions based on the network part of the specified address. You can display the routing table contents with the netstat -nr command.

F. User-Level Commands

ftp Transfer files to/from a remote host. ping Send test packets to a remote host; usually used to see if a remote host or network is "alive". rlogin Login to a remote host. Keep the same emulation, and possibly log in without using a password (requires user equivalence to be configured). telnet Login to a remote host. rcp Copy a file to/from the localhost from/to a remote host. rsh Run a shell on a remote host.

G. Administration Commands

Below are listed the commands used to troubleshoot simple TCP/IP networks that use the /etc/hosts file to provide name services.

arp Address Resolution Protocol. View/analyze the mapping between TCP/IP and Ethernet addresses. ifconfig Interface configuration; use this tool to manually configure and analyze network interfaces. netstat View and analyze network statistics. ping Send test packets to a remote host; usually used to see if a remote host or network is "alive". traceroute Trace the route (the path taken by IP packets) between a local computer and a remote computer.

Additional commands are used to configure and troubleshoot DNS networks.

H. Network Adapters and Network Interface Cards (NIC's)

A network adapter is any device that can allow a computer system to communicate with other computer systems using communication protocols such as TCP/IP. These can include: A network interface card (NIC) A modem A network interface card (NIC) is usually a piece of hardware that is installed in your computer for the purpose of communicating over a network, using the appropriate network wiring and protocols.

A Network Interface Card (NIC) (Courtesy of 3Com)

I. Other TCP/IP Terms and Definitions

Local Area Network (LAN) A group of computers in close geographic proximity, connected by a computer network. Wide Area Network (WAN) A group of computers that are geographically distant from each other, yet still connected by a network. Domain Name A name assigned to a logical collection of computers, such as "sco.com", "engrg.ford.com", or "whitehouse.gov". Name Service / Naming Service A name-mapping service that converts human-friendly names like "www.sco.com" into computer-friendly numbers like "200.210.220.1". DNS Domain Name Service. A distributed, hierarchical system for resolving host names into IP addresses. NIC Driver A piece of software that allows a network interface card to function properly with the UNIX operating system.

The OpenServer 5 Network Configuration Manager.

2. Configuring TCP/IP Networking on a SCO OpenServer 5 Computer System

Proper installation of TCP/IP networking software includes the installation of:

Networking hardware Network drivers Network protocols

Before installing the SCO TCP/IP software, you should prepare several checklists to make sure you have all of the information you'll need.

A. Pre-Installation Checklist

The following checklists will help you prepare for the installation of a NIC and configuration of the TCP/IP software.

i. Hardware Checklist

Depending on the type of network card you install, you may need some or all of the following information:

Interrupt vector (IRQ) Base I/O Address DMA Base RAM Address RAM Size Bus Type - ISA, EISA, MCA, or PCI

SCO Installation Checklist (SCO OpenServer Handbook)

ii. NIC Driver Checklist

SCO Open Server 5 includes drivers for many common NIC's. If the driver for your NIC is included with the system, no work is required for you in this area.

If SCO does not include a driver for your NIC, you must obtain one from your NIC hardware vendor. After obtaining the driver, you must then install it.

iii. TCP/IP Parameters Checklist

Before beginning the configuration, you must know the following TCP/IP parameters:

IP Address: Network Mask: Broadcast Address: System Name: Domain Name: TCP Connections:

B. Adding the TCP/IP Protocol to a Network Adapter

This section assumes that the TCP/IP communication software is already installed on your computer system, and the NIC has been detected, but the TCP/IP protocol has not been added to the adapter.

To add the TCP/IP protocol to an existing network adapter, follow these steps:

1. Log into the system as the root user. 2. Type scoadmin to start the SCOAdmin shell. Then select Networks, then Network Configuration Manager. 3. In the window labeled "Current networking configuration:", highlight the NIC you want to configure. 4. Select Protocol from the pull-down menu, then Add New. 5. Fill-in the questions on the pop-up form with the answers from your TCP/IP Parameters Checklist. 6. After configuring the system so the TCP/IP protocol is now enabled on your computer, you should test the connection with the ping command by trying to ping another computer on your network. (Note that under certain circumstances it may be necessary to rebuild the kernel on your workstation and reboot your system before testing the configuration with ping.) 7. After the ping test works in the previous step, you should configure the /etc/hosts file on your system to include the names of the other computer systems on your network. Configuring the /etc/hosts file is discussed in the next section.

The /etc/hosts File

# # Internet host table # 127.0.0.1 localhost 200.210.220.5 bigbird.acme.com bigbird 200.210.220.6 bert.acme.com bert 200.210.220.7 ernie.acme.com ernie

3. Configuring the /etc/hosts File

A. The /etc/hosts file

In a basic TCP/IP configuration, the /etc/hosts file is used to convert computer names humans can understand (like bigbird, bert, ernie) into TCP/IP addresses that computers understand (like 200.210.220.5, 200.210.220.6, 200.210.220.7).

/etc/hosts:

A plain text file. One record of information for every computer on your network. Two (or more) columns of information per record: Column 1 is the TCP/IP address of the computer (200.210.220.5). Column 2 is the "fully-qualified domain name" of the computer ("bigbird.acme.com"). All additional columns define "aliases" for the full name in Column 2 ("bigbird"). Columns may be separated by any number of blanks or tabs. Can be modified with an editor or with scoadmin. This is the most simple form of "name services" on a Unix system. It's okay for small networks, but becomes cumbersome as the network gets large. (This file must be configured on every Unix system.)

B. What is the "localhost" entry in the /etc/hosts file?

The "localhost" entry:

Always uses the address 127.0.0.1 The "loopback" address of the local host. Lets the host address itself the same way it addresses remote computers. Simplifies the process of writing software, because it uses the same addressing scheme. May also used during some troubleshooting.

The "r" Commands

# rlogin bigbird

# rcp bigbird:/user/monster/cookie_recipe /tmp

# rsh bigbird "man ls"

Format of /etc/hosts.equiv

grover allow password free access from any user on the system named grover to this system. -grover denies password-free access from any user on the system named grover to accounts on this system. grover -cookie denies password-free access to the user named cookie, if he attempts to access this computer from the computer named grover. grover +bert allows the user bert to access any account (except root) on this computer system, without supplying a password. + bert allows the user named ernie to access any account (except root) on your system without supplying a password, no matter where they log in from.

4. Configuring User Equivalence / Trusted Access

A. Discussion

It is possible to configure systems so that no name/password is required to run commands on a remote system. Powerful and convenient. A great time saver. A potential security risk (especially if connected to the Internet).

B. How to Configure a System to Allow User Equivalence

1. Log into the system as the root user. 2. Create a file named /etc/hosts.equiv. Enter the names of all remote computer systems that you want to grant access to. Enter only one system name per line. This allows all users - except root - to run remote commands on your system. 3. Optional: To allow remote root users to also perform this function, create a file named /.rhosts. Enter the name of remote systems who should be allowed password-free access to the root account. Enter one system name per line. Then issue this command so only root can read/write the file:

chmod 600 /.rhosts.

C. Other Issues

Each user can create their own .rhosts file by placing it in their home directory ( /.rhosts). When a "normal" remote user attempts to use an "r" command, the /etc/hosts.equiv file is searched first, followed by a user's  /.rhosts file. The first explicit match determines whether or not password-free access is granted. Therefore, the /etc/hosts.equiv file can override the  /.rhosts file. When a root user attempts an "r" command, the /etc/hosts.equiv is not consulted.

D. Commands Requiring Trusted Access

rcp rsh rlogin

5. User-Level TCP/IP Commands

A. ping

The ping command is used to debug a connection to a remote computer. It is most-often used to see if a remote computer system is "alive" (running and responding to TCP/IP requests).

ping

ping bigbird Sends a continuous series of "ping" packet to the computer system named "bigbird".

ping -c1 bigbird Sends one "ping" packet to the computer system named "bigbird".

ping -f bigbird "Flood" option. Sends packets as fast as they come back, or 100 packets per second, whichever is faster. Used to stress-test systems and networks. Only allowed by privileged users.

"telnet" Command Mode

When using telnet, hitting the ^] key sequence takes you into telnet command mode. Here are some of the following commands that can be issued during command mode:

quit Close any open TELNET session and exit the telnet utility. status Show the current status of the telnet utility. !ls -al Run the ls -al command on your local computer.

B. telnet

The telnet command is used to log in to a remote computer system using the TELNET communications protocol. This protocol is supported not only by Unix computers, but also mainframes, minicomputers, as well as routers, print servers, and other communication devices. As an example, it is possible to telnet into Cisco routers and various print servers to configure them.

telnet

telnet bigbird Attempts to log into the computer named "bigbird".

telnet sosco.sco.com Attempts to log into the computer named "sosco.sco.com".

telnet bigbird 25 Attempts to log into the computer named "bigbird" on port 25. Port 25 corresponds to the default port for SMTP communications. This might be used to troubleshoot problems with SMTP mail.

Commands Available During an FTP Session

This is a listing of several commands you can use while you're connected to a remote site in an FTP session:

get, mget Retrieve files from the remote host put, mput Send files to the remote host ascii Transmit files/data in ASCII (text) format binary Transmit files in binary format (pictures, sound files, executables) cd Change directory ls List files and directories

C. ftp

The ftp command (file transfer protocol) is used to transfer files to/from a remote computer system.

ftp

ftp bigbird Attempts to establish an FTP connection to the computer named "bigbird".

ftp ftp.sco.com Attempts to establish an FTP connection to the computer named "ftp.sco.com".

ftp -i bigbird Turns off interactive prompting when you're transferring multiple files to/from bigbird using the mget or mput commands.

If you don't use this option, you'll have to answer yes/no for each file when trying to transfer multiple files at once (which can be cumbersome and time-consuming for long file transfers).

D. rcp

The rcp command lets you copy files to/from remote computers over a TCP/IP network.

User equivalence must be configured. Does not prompt for usernames or passwords.

rcp

rcp bigbird:/etc/passwd /tmp Copy the /etc/passwd file from the computer named "bigbird" to the /tmp directory on the local system.

rcp /etc/passwd bigbird:/tmp Copy the /etc/passwd file from the local computer to the /tmp directory of the remote computer named "bigbird".

E. rlogin

The rlogin command is similar to the telnet command, but differs from telnet in at least two important ways:

rlogin logs you in with your current effective UID (user ID) rlogin maintains your terminal type (telnet emulates a vt100 terminal)

To use rlogin, user equivalence must be configured.

rlogin

rlogin bigbird Attempts a login to the computer named "bigbird". If user equivalence is configured on bigbird, you may be logged in without using a password.

F. rsh

The rsh command connects to a remote computer system an executes a specified command.

User equivalence must be configured. Does not prompt for usernames or passwords. If no command is specified, rsh will log you into the remote system using rlogin.

rsh

rsh bigbird man ls Attempts to run the command "man ls" on a remote computer named "bigbird".

rsh bigbird cat cookie.recipe » recipes.file Appends the remote file cookie.recipe from the machine called bigbird to the file called recipes.file on the local machine.

rsh bigbird cat cookie.recipe "»" recipes.file Appends the remote file cookie.recipe from the machine called bigbird to the file called recipes.file, which is also on bigbird.

6. Commands for Administering/Troubleshooting Basic TCP/IP

There are only a handful of commands used to troubleshoot basic TCP/IP problems. Listed in their probable order of use, these commands are:

ping test basic network connectivity ifconfig interface configuration netstat network statistics traceroute trace the network route from one computer to another arp address resolution protocol

A. ping

The ping command is used to debug a connection to a remote computer. It is often used to see if a remote computer system is "alive" (running and responding to TCP/IP requests).

ping

ping bigbird Sends a continuous series of "ping" packet to the computer system named "bigbird".

ping -c1 bigbird Sends one "ping" packet to the computer system named "bigbird".

ping -f bigbird "Flood" option. Sends packets as fast as they come back, or 100 packets per second, whichever is faster. Used to stress-test systems and networks. Only allowed by privileged users.

B. ifconfig

The ifconfig command is used configure and examine network interfaces on a Unix computer.

Used to determine TCP/IP address of NIC. Used to determine netmask of NIC. Used to "re-start" the protocol on the NIC. Used in the startup script to assign the TCP/IP address to the NIC.

ifconfig

ifconfig -a Display configuration information for all network interfaces.

"netstat -i" Output

# netstat -i

Name Mtu Network Address Ipkts Ierrs Opkts Oerrs Coll lo0 16384 loopback localhost 545 0 545 0 0 net0 1500 200.210.220 missiondata1 17592 0 11194 0 209

Collision Rate

collision rate (

= (209 / 11194) * 100 = 1.87

According to most textbooks, the collision rate should not exceed 5-10

C. netstat

The netstat command is used to examine network statistics on a Unix computer.

netstat

netstat -i Display network statistics, including input/output packets, input/output errors, and collisions.

netstat -rn Display the network routing table.

Tracing Various Routes on the Internet

# traceroute www.sco.com traceroute to www.external.sco.com (209.67.28.227): 1-30 hops, 38 byte packets 1 gator (192.107.41.4) 2.72 ms 1.41 ms 2.25 ms 2 531.Hssi3-0.GW1.IND1.ALTER.NET (157.130.96.41) 170 ms 61.0 ms 83.5 ms 3 128.Hssi3-0.CR2.KCY1.Alter.Net (137.39.68.66) 589 ms (ttl=251!) 158 ms (tt l=251!) 200 ms (ttl=251!) 4 126.ATM10-0-0.CR2.EWR1.Alter.Net (137.39.59.89) 186 ms (ttl=249!) 236 ms ( ttl=249!) 207 ms (ttl=249!) 5 * * * 6 uunet-px.jcnj-02-h9-0-0.core.exodus.net (209.1.169.37) 128 ms (ttl=248!) * 144 ms (ttl=248!) 7 vlan920.rsm-j8-b.lan.exodus.net (209.67.17.198) 50.9 ms (ttl=246!) 55.3 ms (ttl=247!) 63.7 ms (ttl=246!) 8 njroutee0.sco.com (209.67.27.86) 75.2 ms (ttl=246!) 61.3 ms (ttl=246!) 57 .8 ms (ttl=246!) 9 virtualwebnj.sco.com (209.67.28.227) 87.2 ms (ttl=245!) * 116 ms (ttl=245 !)

# traceroute www.kroger.com traceroute to www.kroger.com (208.10.41.4): 1-30 hops, 38 byte packets 1 gator (192.107.41.4) 3.19 ms 1.51 ms 1.23 ms 2 531.Hssi3-0.GW1.IND1.ALTER.NET (157.130.96.41) 93.2 ms 123 ms 85.9 ms 3 121.ATM2-0.XR2.CHI4.ALTER.NET (146.188.208.166) 110 ms 144 ms 99.8 ms 4 194.ATM1-0-0.BR1.CHI1.ALTER.NET (146.188.208.5) 134 ms 154 ms 159 ms 5 gw14-chi-8-0.sprintlink.net (137.39.250.6) 271 ms 263 ms 157 ms 6 sl-gw7-chi-0-0.sprintlink.net (144.228.50.11) 132 ms 241 ms 180 ms 7 sl-kroger-1-0-384k.sprintlink.net (144.228.151.34) 205 ms 142 ms 93.6 ms 8 208.10.41.4 (208.10.41.4) 73.9 ms 66.3 ms 50.0 ms

D. traceroute

The traceroute command is used to determine the route (or path) taken when TCP/IP packets are sent from one computer system to another over a network.

traceroute

traceroute www.sco.com Trace the route that packets take when communicating to the remote host "www.sco.com".

According to the text "TCP/IP Network Administration (O'Reilly & Associates) ", the most important things in the output of the traceroute command are:

1. Did the packet get to it's remote destination? 2. If not, where did it stop?

E. arp

The arp command is used to log in to a remote computer system.

Displays the IP address and Ethernet address of each NIC on the network. Specific Ethernet addresses are assigned to each vendor. Good for finding two systems that have been assigned the same TCP/IP address.

arp

arp -a Display all ARP entries in the ARP table.

7. Files, Services, and Processes for TCP/IP Networking

The following is a list of the primary files used for TCP/IP networking. Keep in mind that in a basic TCP/IP configuration, very few of these files (outside of the /etc/hosts file) are ever really modified.

/etc/hosts A mapping between TCP/IP addresses and host names. /etc/hosts.equiv Defines hosts granted "trusted access" to the local system. /.rhosts Defines trusted access for root users on remote systems. /etc/inetd.conf The configuration file for the "internet daemon" inetd. /etc/services Defines the port numbers for the internet services on this system. As an example, telnet is almost always defined on port 23, and ftp on port 21. /etc/protocols Protocols defined on this host. /etc/ftpusers Define the users who are not allowed to transfer files to/from this host using ftp. /etc/gateways Used for routing; the most common use is to define an active default route.

Common TCP/IP error messages and their meaning

"unknown host" The remote host name cannot be resolved by the name service (in this case the name service is "/etc/hosts"). The hostname may be typed incorrectly. The hostname is not in /etc/hosts. Something wrong with network between your system and the remote system (less likely). Try using the TCP/IP numerical address instead of the name. "network unreachable" Your local system does not have a route to the remote system. Check the address or name you typed in. Make sure the routing protocol is running (if you're using one). Check the routing table. Check the gateway you use to get to the remote site. May be able to use traceroute to see where the route is failing. "no answer""connection timed out" The remote system did not respond. Your local system has a route to the remote system, but it receives no response from the remote system to any packets that it sends. The remote system may be down. A gateway may be down. Something may be wrong with the network connection between the local host and the remote host you're trying to reach.

8. Troubleshooting Basic TCP/IP Problems

A. Common TCP/IP problems

Some of the most common TCP/IP-related problems on basic networks (those that use the /etc/hosts name service) are:

Duplicate TCP/IP addresses used on the same network. Mistakes/differences in the /etc/hosts files. Faulty network cabling. Failing (or failed) network cards. Failed communication lines or other communication hardware.

Commands to run when something is wrong

> ping elvis elvis is alive

> netstat -i Name Mtu Network Address Ipkts Ierrs Opkts Oerrs Coll lo0 16384 loopback localhost 1433 0 1433 0 0 net0 1500 200.210.220 missiondata1.mi 175200 109 109073 0 148

> ifconfig -a lo0: flags=4049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384 inet 127.0.0.1 netmask ff000000 perf. params: recv size: 4096; send size: 8192; full-size frames: 1 net0: flags=4043<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 200.210.220.1 netmask ffffff00 broadcast 200.210.220.255 perf. params: recv size: 24576; send size: 24576; full-size frames: 1 ether 00:60:08:a9:d9:69

B. TCP/IP Troubleshooting Tips

i) Check the /etc/hosts file for errors. ii) Verify TCP/IP software operation with the ping command: (1) Try to ping the local system (2) Try to ping a remote system iii) Use netstat to analyze network traffic: (1) netstat -i (look for high collision rates, Ierrs, or Oerrs) (2) netstat -a | more (look for phantom connections) (3) netstat -nr (check the gateway/routing table) iv) Check NIC configuration with ifconfig (1) ifconfig -a (look for "UP" and "RUNNING") v) Make sure inetd is running.

> netstat -i Name Mtu Network Address Ipkts Ierrs Opkts Oerrs Coll lo0 16384 loopback localhost 1433 0 1433 0 0 net0 1500 200.210.220 missiondata1.mi 175200 109 109073 0 148

C. Interpreting netstat -i output

i) Make sure the card is sending and receiving packets. Ipkts and Opkts should be nonzero. ii) If Ipkts and Ierrs are both zero, the connection to the network may be bad, the network card may be bad, or there may be an interrupt vector conflict. iii) If Ipkts is zero, but Ierrs is nonzero, the network cabling or card may be bad, another nost on the network may be generating bad packets, or the network may be incorrectly terminated. iv) If Opkts is zero and Oerrs is nonzero, there may be a conflict of I/O addresses on the system. If both are zero, the conflict may be in shared memory addresses. v) If Coll is high ( greater than 5

9. Configuring an Anonymous FTP Server

(The following information is re-printed from the SCO on-line documentation.)

Networking with TCP/IP - Final Exam

1. Show the proper /etc/hosts entry for a computer named "server1.missiondata.com", whose TCP/IP address is 200.210.220.1. It's alias is server1.

2. You're trying to ping a remote workstation, but you get the following error message: "no answer". This can mean:

a. The remote computer is ignoring you.

b. You didn't pay your last phone bill, and BellSouth disconnected your service.

c. The remote computer may be down.

d. You typed in the wrong host name.

3. You're trying to ping a remote workstation when you get the following error message: "unknown host". This can mean:

a. The two computers have never met before.

b. You typed the wrong name or TCP/IP address.

c. The remote computer is down.

d. The name you typed is correct, but the name is not in the /etc/hosts file.

4. What's wrong with the following output:

> netstat -i Name Mtu Network Address Ipkts Ierrs Opkts Oerrs Coll lo0 16384 loopback localhost 1433 0 1433 0 0 net0 1500 200.210.220 store001 175200 0 109073 0 9673

5. What's wrong with this output:

> ifconfig -a

lo0: flags=4049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384 inet 127.0.0.1 netmask ff000000 perf. params: recv size: 4096; send size: 8192; full-size frames: 1 net0: flags=4043<DOWN,BROADCAST,CRAWLING,MULTICAST> mtu 1500 inet 200.210.220.1 netmask ffffff00 broadcast 200.210.220.255 perf. params: recv size: 24576; send size: 24576; full-size frames: 1 ether 00:60:08:a9:d9:69


up previous next contents
Next: Managing Print Services Up: Overview Previous: Overview   Contents