`Second Edition
`
`Craig Hunt
`
`Cambridge
`
`+ Kéin
`
`+ Paris
`
`O’REILLY”
`+ Sebastopol
`+ Tokyo
`
`001
`
`AppleInc.
`APL1016
`U.S. Patent No. 8,724,622
`
`Apple Inc.
`APL1016
`U.S. Patent No. 8,724,622
`
`001
`
`
`
`TCP/IP Network Administration, Second Edition
`by Craig Hunt
`
`Copyright © 1998, 1992 Craig Hunt. All rights reserved.
`Printed in the United States of America.
`
`Published by O'Reilly & Associates, Inc., 101 Morris Street, Sebastopol, CA 95472.
`
`Editor: Mike Loukides
`
`Update Editor: Gigi Estabrook
`Production Editor: Nicole Gipson Arigo
`
`Printing History:
`
`August 1992:
`
`First Edition.
`
`March 1993:
`
`Minor corrections.
`
`September 1993: Minor corrections.
`
`January 1994:
`
`Minor corrections.
`
`May 1994:
`
`Minor corrections.
`
`January 1998:
`
`SecondEdition.
`
`Nutshell Handbook and the Nutshell Handbooklogo are registered trademarks and The
`Java™Series is a trademark of O'Reilly & Associates, Inc. The association of a crab and the
`topic of TCP/IP is a trademark of O'Reilly & Associates, Inc.
`
`Manyofthe designations used by manufacturers andsellers to distinguish their products are
`claimed as trademarks. Where those designations appearin this book, and O'Reilly &
`Associates, Inc. was aware of a trademark claim, the designations have been printed in caps
`or initial caps.
`
`While every precaution has beentakenin the preparation of this book, the publisher assumes
`no responsibility for errors or omissions, or for damages resulting from the use of the
`information contained herein.
`
`This bookis printed on acid-free paperwith 85% recycled content, 15% post-consumerwaste.
`O'Reilly & Associates is committed to using paper with the highest recycled content available
`consistent with high quality.
`
`ISBN: 1-56592-322-7
`
`002
`
`002
`
`
`
`lable of Contents
`
`PHOFACE oooecccscecceeces cee ess ees eseeseesesssessesseasssssneanessesstustesusesesssessessersnsintittsesetsvsseaserseesees XE
`
`Le Overview Of TOPSIP oicccicccccecccceccccsssevesseseseevesescscsssssssesvssversuverseversilavsneavseses
`
`TCP/TP and the Internet .......00 cc ccccceeccsscscescscecsaueessaauccsssecsatevsusscevesecessteversserens
`
`A Data Communications Model .........c0cccccccccccccecesererececevssccucssseesecstsesereuttatseeeee
`
`Wrbo
`
`TCP/IP Protocol Architecture oo... cccccccccecssecsersecrsesssessesstteieststetetetee 8
`Network Access Layer .occcccccccceeceneeeeseesereesersresssssctsestsssevststsseitststeseveeeee LD
`Internet Layer oo... cccccssesscsetersstsescrsseccuessssatessestttssessseaereree LL
`Tramsport Layer oo... cece escescestescnsscssescsecstnsetascstavtscsetsstesesnee D7
`Application Layer occ cccceenseseseeesseeeesessestetessssssesitenee QE
`
`22 Delivering the Dat oiccecccccccccccccscessersescsessesiesessietstessessensessiesaeeeeeee 23
`Addressing, Routing, and Multiplexing ......c.c.cccccccccsscseeseesesrerereserrerersveveveee 23
`The TP Address oo... cccececcescseesesvsssessesseseescsvescetsevseersvervevsvetervverviestisvieee 25
`SUDMEES ooo ccc cceeseeesesesesesessseassessseetecsscasscsssavsvarsscatststssstisitesassaee 3
`Internet Routing Architecture ..occccccccescccseesessserteststsssstestsesststsseeise 34
`The Routing Table oo... ceececccessssessscsessesesssstreessevsvsvestevsseusvereeeees 3O
`Address Resolution .....cccccccccccescssescssssessescssescsscrsesvareeceavsvarenvstaterssvesestssertertsveee 39
`Protocols, Ports, and SOcCketS .....ccccccccccceceesecueeecevereeseevssvsssesseesstessievessevssevene 42
`
`003
`
`003
`
`
`
`Table of Contents
`
`Network SOxVICES oicccccccccccccccccccccsevscsecstessesessevesesecsevesstssvitestistrtesteseeeeseeees
`
`Names and Adresses ....cccccccececcceseessesseseutsvsessesssusscsereeccsseveseneeecrevevsversesseens
`
`48
`
`. 49
`
`The Host Table ......ccccccccccccceesesssseestevscesstscsssensesseeens
`
`Domain Name S€rvice
`
`. 50
`vo..ccccccccccccccccsseecsseccssscssuseeensuesensvaeesenseversevscaueesanecsarerss
`
`52
`
`60
`
`Configuration Servers .....c.ccccccecesccesesessesesestesesevevsens
`Bootstrap Protocol ooo cece cccscessseessesesesesccsutsesssecsesssevensessesavesesevessuesvaeeeeees
`File and Print S€rvers
`...cccccccccccccccccsseeseeseesevsstesuceutvatscstecstesatsateatevatesseasneeasens
`
`. 71
`
`73
`
`76
`. 78
`
`GeLING SEATTCD oocceeeccecccccccsscscsessessessssesesesescsseseseevessevsvsstsvsuvavsivissevevseveseees
`
`80
`
`Connected and Non-Connected Networks ......0ccccccceeeeee
`Basic Information ....cccccccesssesesesvsvevsesesssesecavseescscscscsscasspsevscsvevanseetvavsvaveneeeees
`
`. 83
`Planning ROUoo... cceccessesesecnseseseecsrseseseesesessnavscsengesssesessesestescscecensnseenseenes
`91
`Planning Naming Service ..c.ceccceccccecessseseseesscscsscsvseesesteescaesscsvsccavens
`.. 94
`
`. Sl
`
`Informing the Users o....cccccccsssssesesscsessscsesesevscscsesscsescrevessscnvsvevavareuvivaveveverass
`. 102
`
`97
`100
`
`SUMIMALY coe cece cece ceceesestescassseassasseceaesascaesaesasceeesecesestasesiteseeaseieeisesees
`
`104
`
`BASIC CONGFIQUIALION occ cso ceccscccccesssesessesesseeseesestesesssstessessessesereeesevessen
`
`105
`
`Kernel Configuration .....c.cccccccccescssesssssesessessscessseesestvsscevescavsevavsecsernvevsvereeees
`Linux Kernel Configuration ....ccccccccccccsccssecseeseestcscesescsteseeatcstvsnsertenteatens
`The BSD Kernel Configuration File .......cccccccccescseesescessesestsestescstsseresevsvecsees
`The Intermet Daemon o...cccccccccscesssscssssesscsesecessstseeascstsecsscssessssscisevaausevaceas
`
`CONPIQUTING tle TNCKFACE oo ceceeeccccccsccesccsssessessesseervessvsstsssessvesevesseesvece
`The ifconfig Command oicccccccccccccscsssscccssscscsesvscscsravevsvvsvasassevavavavensavevevaveves
`TCP/IP Overa Serial Lime o...cccccccccccescccesecsscccsseesssesccrsevsauevavevsauecneveucerseseeeen
`
`105
`
`106
`
`112
`
`118
`
`121
`
`123
`
`123
`
`137
`140
`
`Installing SLIP wo...
`
`. 153
`162
`
`CONFIQUVING ROUvoeccccccccccccccccescesecsesesesveseeverssestssesesessarees
`
`tet LO4
`
`Common Routing Configurations .....cccccccccecscsceseesseseessesseseescesscrseseavscesensess
`The Minimal Routing Table oo... cccccccccccesccsseceeseesseseesesesereescvetevereesessvaseas
`Building a Static Routing Table oocccccccccccccesecscseessesscseessessesseseserserens
`.. 167
`Interior Routing Protocols .o.ccccccccceeecesenesessensecsssesessessersserseessenserssneneres
`
`164
`
`165
`
`. 173
`
`004
`
`004
`
`
`
`
`
`vii
`
`Exterior Routing Protocols ............000cccccceceeeereeees
`Gateway ROUTING DACMON ooo cc cecccceesssccesssseesseessscevacevenrsesssersviutesensasess
`Configuring gated ooo ccc ccccscccecscccseecssesascsesssscsevsresssurseuscrtssessateateitesauecseen
`L89
`. 200
`
`187
`
`. 184
`
`Configuring DNS NAIMSCrvice o.cccccccccccccccccccsesssssessestssessesvereeresesseeee
`BIND: UNIX NameService ...........
`
`.. 202
`Configuring the Resolver o...c.cccccccccsssesesescsesssssssescssvsesecstesscssscateseavavevavseaees
`Configuring named oie ccc ccescsceceesesssesssesesestscsesesesssesvevevevsnseseststseasaveverees
`Using nslookup woe cccccecsceeeeeseeeeeeeeees
`.. 22]
`
`205
`208
`
`202
`
`Configuring Network SCrVePs o.ccccccccccccccscssseessecsessseesessiesesessessessen
`
`226
`
`The Network File System ....c.cccccececceceseeeesescsecseescsenseseeteeveveans
`.. 226
`Line Printer Da@Mon. oo. cceccccecceecscssscsseseseesecsecrssesseseesscsuenreerrvarensensestersaees
`
`240
`
`Network Information Service .....cccccccccecccccscessesscseesvsscacsavsnescatsavsasvatsavesevseses
`
`. 245
`
`225
`
`A BOOTP Server ioccccccccccccecsessscssecsseesscesceescesscssevssneresttsssrsevseeseees
`DHCP wees
`
`. 258
`Managing Distributed Servers oo... ccccccccsccccsescseesessessescsesscseusceescrsvaveasesease
`. 263
`.. 266
`
`wn 250
`
`10:
`
`SCNAMALL oooooccccccccccccccsccseess
`
`269
`
`. 271
`
`Semdmail’s FUMCHON oo... cceeeeeccesesescsessvessecsecsesecscvevscsevaveveevavarereaevatereasertes
`
`272
`Running sendmail as a Da@MOn oo... cc cccccceeeescsscrscrscrscesevsevereveresseseressees
`273
`sendmail Aliases ........000.-
`. 274
`The semdmail.cf File occ ccccccesceseseseseseststssssesesesesssessescavscscetrecsvetravevavensavens
`
`276
`
`sendmail Configuration ......cccccceccscscsesssscsssesscsesesessceescsesvscsvstescsvstensstiesenavens
`Rewriting the Mail Address occ. ccccccccceeeseesscsescsesesceveucsestseseseesecesveseveceees
`Modifying a sendimail.cf File oo... ccccccccccscsesescecesscsscsescsesestsesvsvsvevsvseevaveveeens
`. 304
`Testing semdmailch occ cccecccescccescseceesesesessvsssevstesvecscssavavsecsevavsrsaververerserees
`
`283
`295
`
`308
`
`Ld:
`
`Troubleshooting TCP/IP ooccccccccccccccsssesssssessesssesssessseessesseenes
`
`318
`
`320
`
`Approaching a Problem ........ccccccccecesecesssssstesssceecsevscsesevsvecscvecererenavsteateaveteees
`Diagnostic TOs oo... cceccesceseseseseseseesestesscrtesvensecsesneaveces
`. 322
`Testing Basic Comnectivity ooo. ccccccscscsccssssssescssvscescssveressseevssesssesvsessavaees
`Troubleshooting Network ACCESS ...ccccccsscssssesesesscseesscscscsescsteevseetteversesteseess
`Checking ROUtINg ...ccccccccccccesecsscseevscsecsversscstsvesesseesen
`Checking Name Service o.ccciccccccccccceesescsesessssstsssestsessesseseecsesssssvevevenevsveves
`
`324
`
`328
`
`335
`
`341
`
`005
`
`005
`
`
`
`
`
` viii Table of Contents
`
`Analyzing Protocol Problems ......cccccscscesesescssescsssesesessssssscavesesvarearesveseeeeveees 349
`Protocol Case Study occcccccccccccccccsssssesesesescsescsvsvsssssaveresusssvsesssssessseavevavaveveees 352
`Simple Network ManagementProtocol
`.......ccccccccsceceesesvssssestecaesesteresceveveveves 356
`SUMUMALY oeccccsccecccecesesescsesesessssnesssesassesesasessusvavscsavausevevavavavsevavasatanavansesvesease 361
`
`12: Network SCCUPIDY ooocecccccccccccccceccsssesssvessesssessivssiessessssssisssivesieesseesssesseeeses 362
`Security Planning oo... cccecccccescesensevesesssescrsstssessssevsersevestvsvesststesseeesceces, 363
`User Authentication ....ccccccccccsccsscrsersessesssessesaccatecsescaceavuievatevitestesteeeeecc. 368
`Application SCULLY ooo. ccscecccsessssesssessesesesesvsucecsescsvaravaversssavsvavaseatatsesacevevsves 384
`SECUrILY MOMILOTING oes ceecesesesesesesseacsessesesessesvscctvavsssssevasavatsavavavavavavsnsaveces 385
`ACCESS COMO] ooo ceccecceccecescescescnserserseesseessecsstsserssstsssesettastrsvttvstisttsseeecee, 393
`ENCryPtiOn oo. ccecesesscseseseseevesensssvssesesusuvscasssessavsvavesnsvsstssversavavaveveseees 396
`Firewalls oo... ccccccccccsccecscscssscsnsescsuesescssssscvessvsvsvaavavavseseatevscssseatsvisstsvavevaveveveces 398
`Words to the Wise oo.cecceecccccsceccscccessensescescesescescssesesevstvssravserevisuevesecteceteseeceeeec. 403
`SUMIMALY oe cccccecccscessscsnscsssesesesevasssasavsssssevsesscavavsceavassevevavavataavavavasenatanseveecenes 404
`
`13. Internet INformMation RCSOUPCES .oocccccccccccccccssssressssssseesrsssessessesssseseee 405
`The World Wide Web oo. cccccccccccssssssssstsesesvevssssrvsvsvesevsvavaversaavavesesvavsrereaveveve 405
`AMONMYMOUS FTP oe. cecccceccccesseeseseseseseeesssssssevsssstsscnevsrnasstrvarsatsvsveavsvsevansens 408
`Finding Files oo... ieee cuaeeeseeeessessaseseecssesessesesauaeecsuesesuestevsutecstseniesensuasss 413
`Retrieving RECS oo... ccccccccsesesesessseseescscscsessescsessvsvscesvscssvevesaeatsnvavsvavsvevseesaveces 417
`Mailing Lists oo... ccc eecccccesesesesssestscsssssssescscsessvsvavevsusvavavevesscavavevevevevevevees 420
`The White Pages ooic.icccccccccccccscesessesssssessesessesesstersuvarssesevsntaseateasereeseeseeseave 423
`SUMIMALY oo ccccscsescesesesesessssestsesssessssvavavsssevtvavassseseavssvevavssvavavavassessvavsvevaviesevecece. 428
`
`Al PPP TOONS oooceecceecccccccsssssssssssssssisessssessesssesssintessusssivisssassessissesvasesssvessesvereeeses 429
`
`Br A BabA RESCTENCE ooeceiceeccescccsecsecvesssessisesssevsississsisssissreseressisseseesssessiecsses 449
`
`Cr A NAME RESCENCE ooo cocceecceccceccessecsesssessesssessesseesvssseesvessteeseesseeseesvee 497
`
`Do A ADCP REPCPENCE ooooeeoccoecceececcccesssesevsssisesissrssssesssessvevaresssessseseresssvessees 519
`
`Er A SONAMALL REPSCVENCE ooo ceococcceeccecsccsscsssessressrestsessisessevssesssseessesssecsseee 532
`
`F; Selected TCP/IP HeAAEPS ooocccccccccccccccocscocsvssssecvsvsvssesereretseveeviviveseececece. 583
`
`TACK ooceecceeccecccescevecsssssessesssesseesssssessisssssessseessiesssivsssssssisssesssisssvissssessesesesesesses 589
`
`006
`
`006
`
`
`
`THIS BOOKIS DUE ON THE LAST DATE
`STAMPED BELOW
`
`BOOKS REQUESTED BY ANOTHER BORROWER
`
`ARE SUBJECT/TO IMMEDIATE RECALL
`
`UCD LIBRAR
`2
`SP aoa
`
`ints UA 20 3
`
`{
`
`MAR 0 7 2010
`
`LIBRARY, UNIVERSITY OF CALIFORNIA, DAVIS
`
`04613-1 (5/02)M
`
`007
`
`007
`
`
`
`THIS BOOK IS DUE ON THE LAST DATE
`STAMPED BELOW
`
`
`
`9
`
`y
`
`
`
`if
`
`micsSob7BYANOTHERBORROWER
`TMA
`RECEIVED WE JUN 3 0 zyyy
`JUN 21 2001
`|ReSy 2uus Kee
`Physical Selences Library
`LIBRARY
`ae a OCT 0 9 2993
`~
`"RECEIVED :
`
`MAY 3 |
`
`JAN 1 8 2008
`DU:
`LIBRARY, UNIVERSITY OF CALIFORNIA, DAVIS
`http:/Aibnte.ucdavis.edu/PatronRenew.him!
`Automated Phone Renewal(24-hour): (530) 752-1132
`D4613 (4/99)M
`
`e
`
`008
`
`008
`
`
`
`THIS BOOK IS DUE ON THE LAST DATE
`STAMPED BELOW
`
`BOOKS REQUESTED BY ANOTHER BORROWER
`ARE SUBJECT TO IMMEDIATE RECALL
`
`
`DUE JAN ~ 6 (9ODUE| TYAN 1 9 2000
`HEB 17 2o0jaes
`eqn 23 1999 att |
`
`UCD LIBRARY
`
`_ ype OCT t 419%||
`UbesTBRyyy rsLou|
`
`sep 12 yah
`we
`
`SEP 49 oy
`\
`
`
`
`.
`
`i¢ Culiu
`: vi
`LIBRARY, UNIVERSITY OF CALIFORNIA, DAVIS
`http./www.lib.ucdavis.edu/access/circweb/patron.-htm!
`Automated Phone Renewal (24--hour). (530) 752-1132
`AUG 1 6 3000TERY
`
`009
`
`009
`
`
`
`010
`
`010
`
`
`