Monitoring And Maintenance Of Internet Services With Hardware And Software Configurations

Page 1

Monitoring And Maintenance Of Internet Services With Hardware And Software Configurations CHAPTER 1 INTRODUCTION 1.1 History In the past, most ISP's were run by the phone company. Now, ISPs can In addition to Internet access via various technologies such as dial-up and DSL, they may provide a combination of services including Internet transit, domain name registration and hosting, web hosting, and collocation. In the fifties and early sixties, prior to the widespread internetworking that led to the Internet, most communication networks were limited by their nature to only allow communications between the stations on the network. ISPs, so that users who traveled abroad could save on long-distance connect charges. Peering arrangements were established between ISPs who agreed to ISPs also formed alliances to network and share their customers with other carry each other's traffic. Prior to ISPs, access to the Internet required an account at a university or government agency and a working knowledge of UNIX. The Internet began accepting commercial traffic in the early 1990s, but commercial users had to honor the peering protocol of swapping data free of charge. The National Science Foundation commissioned four private companies in 1994 to build public Internet access points, and in 1995 the federal government closed its own Internet backbone. The first dial-up ISP, world.std.com, were opened in 1989.


Fig 1.1: Number of Internet Hosts. According to Boardwatch, the number of ISPs increased from about 1,400 in early 1996 to 3,000 at the bigimming of 1997. By mid – 1997 there were an estimated 4,000 ISPs in the United State and Canada. Many of them were small operations that served consmures and small business in local markets by leasing and reselling the Internet services of large ISPs.Earthlink Network Icn. Emerged as one of the largest national ISPs serving consumers, with 320,000 customers[1].

1.2 ISP Industry of Bangladesh In 1998 the Internet Service Providers Association of Bangladesh was organized for the general purpose of improving business conditions of Internet Service Providers operating in Bangladesh by such activities as serving the common business interest of its Members by promoting higher business standards In the early nineties, Bangladesh had access to email via dialup to Bulletin Board Systems (BBS) of a few local providers. The combined Internet users of all the email-only service providers were not more then 500. In June 1996, the Government allowed VSAT's to be operated in the Private Sector, albeit to be provided solely by the Government owned Telephone Operator, BTTB. Only a handful of ISPs were connected within the first year. However, more liberal Government policies were followed in the subsequent years which led to a rapid expansion of this industry, eventually resulting in over 180 registered ISP's by 2005. ISPs are currently


regulated by the Bangladesh Telecommunication Regulatory Commission (BTRC) through the Bangladesh Telecommunications Act. The government has decided to provide internet protocol (IP) telephony licenses to help reduce the costs of international calls substantially and augment legal calls through internet. The Bangladesh Telecommunication Regulatory Commission will provide the IP telephony licenses only to the internet service providers (ISPs) as part of its drive to legalise voice over internet protocol (VoIP) across the country [1].

1.3 ISP In this chapter, the topic about Local Area Network, Wide Area Network, Topology, Internetworking, DSL and Media have been discussed. The brief description of the above mentioned points have been given below.

1.3.1 Local Area Network A local area network (LAN) is usually privately owned and links the device in a single office, building, or campus. Depending on the needs of an organization and the type of technology used, a LAN can be as simple as two PCs and a printer in the someone’s home office; or it can extended throughout a company and include audio and video peripherals. Currently, LAN size is limited in few kilometers. LANs are designed to allow resources to be shared between personal computers or workstation. The resources to be shared can include hardware, software and data [2].

1.3.2 Wide Area Network A wide area network (WAN) provides long-distance transmission of data, voice image over video information over large geographic areas that may comprise a country, continent, or over the whole world. In contest to LANs WANs may utilize public, leased or


private communication equipment, usually in combinations, and can therefore span an unlimited number of miles.

1.3.3 Topology Topology is the geometric arrangement of devices on the network. There are two kinds of topology physical and logical [3].

1.3.4 Internetworking An internetwork is a collection of individual networks, connected by intermediate networking devices, that functions as a single large network. Internetworking refers to the industry, products, and procedures that meet the challenge of creating and administering internetworks [3].

1.3.5 DSL Digital Subscriber Line (DSL) technology is a broadband technology that uses existing twisted-pair telephone lines to transport high-bandwidth data to service subscribers. DSL service is considered broadband, as opposed to the baseband service for typically LANs. Broadband refers to a technique which uses multiple frequencies with in the same physical medium to transmit data. The term xDSL covers a number of similar yet competing forms of DSL technologies: ● Asymmetric DSL (ADSL) ● Symmetric DSL (SDSL) ● High Bit Rata DSL (HDSL) ● ISDN (like) DSL (IDSL) ● Consumer DSL (CDSL), also called DSL-lite or G.lite DSL technology allows the service provider to offer high-speed network services to customers, utilizing installed local loop copper lines. DSL technology allows the local loop


line to be used for normal telephone voice connected and always on connection for instant network connectivity [4].

1.3.6 Media Twisted-pair wire, coaxial cables, or fiber optic cables can connect devices. Some networks do without connecting media altogether, communicating instead via radio waves [4].

1.4 Applications of ISP In a word Internet service provider, a company that provides 1. Access to the Internet. 2. Services to individuals and companies on to the web. 3. It will offer web hosting (web pages stored on its web servers). 4. Access to news group, access to FTTP server and electronic mail. 5. It owns or hires a permanent TCP/IP connection and uses servers permanently.

1.5 Aim of the Internship The main objectives of this internship are as follows: •

To establish and test dial-up connection.

To support client service e.g. troubleshooting, connectivity test etc.

To set up broadband connection.

To establish shared and dedicated Internet connection.

To set up intranet connection.

To configure web server using LINUX.

1.6 Organization of Report In Chapter 2 all types of ISP Hardware have been described. After that different types of networking media and topology have been depicted in Chapter 3. In Chapter 4 connection


and establishment procedures of Local Area Network (LAN) have been elaborately described. In the same chapter switch configuration has also been depicted. The Wide Area Network (WAN) and Configuration of Router have been explained in Chapter 5. At last a depiction has been made on Server Configuration using LINUX in Chapter 6.

CHAPTER 2 ISP HARDWARE 2.1 Introduction An Internet service provider (abbr. ISP, also called Internet access provider or IAP) is a business or organization that sells to consumer’s access to the Internet and related services. This involves one or more servers using the FTP, SMTP, POP3 etc. protocol. ISPs are also called IAPs (Internet Access Providers). But from a conceptual viewpoint, the roles are different. The IAP, being a gate to the Internet, will route all traffic from the Internet subscriber, while the ISP will only be aware of what happens on its servers. The Internet uses can be an individual accessing the net from home, generally using temporary TCP/IP connection (and thus dynamic IP address) via a modem, a terminal adaptor (ISDN) or a permanent connection (thus static IP address) through xDSL, Cable TV, etc. Connection via a mobile phone, whilst generally more expensive is also possible. An organization, a public administration or a company, which uses Internet not only to provide or to look for information but also to collect data for the purpose of its tasks activities (administrative procedures, selling of goods or provision of services, publication directories, small ads, sending out and questionnaires, etc) [5].


Figure 2.1: ISP.


2.2 ISP Hardware Elements •

VSAT

Router

Switch

Hub

Bridge

Cable & Connector

Bandwidth Manager

Servers

SDSL/ADSL

Wireless

Access Server

UPS

2.2.1 VSAT A Very Small Aperture Terminal VSAT is small-sized telecommunication earth station that transmits and receives via satellite. The terminal size is usually 1.2 to 4.2 meter in diameter. VSAT network may transmit and receive voice, data, fax, or video. There are three major signal bands available for VSAT Technology. They are C-band, KU-band and the KAband. VSAT is a collection of outdoor and indoor equipments. Outdoor: •

Antenna

Feed horn

ODU

Low Noise Amplifier (LNA)


Low Noise Block Down converter (LNB)

Block Up Converter (BUC)

Indoor: •

Satellite Modem

Port of ODU

VSAT is the only technology for in depended Internet connection in Bangladesh. All the ISPs of Bangladesh running their service via VSAT [3].

Figure 2.2: a. VSAT Antenna

b. VSAT Modem

2.2.2 Router It is a device that determines the next network and forward packets to the destinations. The router connects at least two networks and determines which way to send each data packet based on routing table. Router are responsible for routing data packet from source to destination within the LAN, and providing connectivity to WAN. A router reads the Layer3 network address information in every packet that it receives and determines. If it is to be forwarded, the router looks in it routing table to find the best route between a sender and a receiver. Router creates or maintains a table of the available routers and uses this information to determine the route for data packet [3].


Figure2.3: Router.

2.2.3 Switch It is a network device that filters, forwards and floods frames based on the MAC destination address of each frame. A switch operates at the data-link layer of the OSI model. A switch has many ports with many network segments connect to them. A switch chooses the ports which the destination device or workstation is connected [3].

Figure 2.4: Switch.

2.2.4 Bridge A bridge is a device that connects and passes frames between two network segments. It operates both physical and data-link layer. As a physical layer device, it regenerates the signal it receivers. As a data-link layer device, the bridge can check the physical (MAC) address contained in the frame [3].

Figure 2.5: Bridge.

2.2.5 Hub Hubs are actually multiport repeaters. IT is normally use to create connections between stations in physical star topology. Hubs can also be used to create multiple levels of hierarchy. Hubs concentrate connections [3].


Figure 2.6: Hub.

2.2.6 Cable and Connector A company can use Cat3, 4, 5 or six all its extended standard cable. Now days Cat 5 cables are most popular. Cat5E also work fine. It is best for any ISP company if they use Cat6 cable for their ISP LAN. The RJ45 end an 8 position that looks like a large phone plug. There is a couple of variations available. The primary variation that needs to pay attention that whether the connector is intended braided or soil wire. For braided/stranded wires, the connector has contacts that actually pierce the wire. For soil wires, the connector has fingers, which pierce the insulation and make contact with the wire by grasping it from both sides. The connector is a weak point in an Ethernet connection, choosing the wrong one will often cause grief leter [3].

Figure 2.7: Cable and Connector.

2.2.7 Bandwidth Manager Proper bandwidth management is mandatory is mandatory requirement for an ISP. Every ISP Company should have a proper planning and management for this purpose. Hardware bandwidth Manager is a special device, which will be used for traffic /bandwidth control only. Some bandwidth manager provides firewall facilities. There are many


bandwidth controllers in the market. ET (Emerging Technology) is the most use hardware bandwidth controller in Bangladeshi ISP. It has software as well as hardware solution [6].

2.2.8 Wireless Wireless has a very large variety of product range. Bangladeshi ISPs are using more than six types of Wireless Equipments. Any company can select Point-to-Point or Point-toMultipoint wireless product. Be clear with they need and then take decision. For example if they need Point-to-Point product they concentrate about frequency, data transfer rate, power supply, outdoor safety and area/distance [6].

2.2.9 xDSL Bangladeshi ISP uses two technology of xDSL group; ADSL and SDSA Some ISP started to using VDSL (Very high-rate Digital Subscriber Line). ADSL: Most Bangladeshi ISP uses “zyxel� ADSL concentrator and CPE for providing Internet access. Connector is ISP End Equipment and CPE is client end equipment. Zyxel has two types of CPE, ADSL router and ADSL modem. Prices are almost same of those equipments. SDSL: Most Bangladeshi ISP use DASAN, Zyxel SDSL Point-to-Point equipment. If any company wishes to use SDSL concentrator, they can choose DASAN [4].

2.2.10 Servers Server selection is most important for each server service. Every company needs to concentrate about following meters before choosing server. Hard Disk: Nowadays all IBE hard disk are speedy enough to handle complex storage requirement. If any company want to more optimum performance they san choose SCASII hard disk. Processor: Most server service demand mid range processor. It today depends on traffic and usages.


RAM: Day-by-day applications are being large which requires big RAM run. So the amount of RAM heavily affects system performance [6].

2.2.11 Access Server Access server is required for dial-up service. There are two major differences between access servers. Internal Modem pool: If any company does not wish to face hassle of external modems, you may choose a complete access server (with internal modem pool). These kinds of access server are always a bit costly. It is think about manageably, there is no other alternative than this type. In a large environment more than 100 phones, this type will be best choice 3Con & US Robotics access server are commonly use in Bangladesh.

Figure 2.8: 3Com Total Control. External Modem: It is a bit cost effective access method for small scale for small scale ISP. Most hazardous part this type is modem management. Cisco 2500 and 2600 provides this facility with an extra module. Lucent Technologies Postmaster is the most popular product in Bangladesh [6].

Figure

2.9:

Lucent

Postmaster.

2.2.12 UPS Choosing a good UPS (Uninterruptible Power Supply) very important. The UPS should be specifically designed for power sensitive equipment and application. A normal OffLine UPS can work well for clone server.


Figure 2.10: UPS. BTTB recently started E1 facility in Bangladesh. So every company needs to consider future planning. If any company wishes to use E1 for dialup, purchase E1 (European Telecom Standard) supported postmaster or access server (recent postmasters and Cisco access servers support this facility) [3].

CHAPTER 3 NETWORKIG MEDIA AND TOPOLOGY 3.1 Introduction In networking media include twisted-pair cable, coaxial cable, and optical fiber cable that provide a conduct from one device to another, a signal traveling along any of these media is directed and contain by the physical limits of the medium. Twisted-pair cable coaxial cable use metallic (copper) conductors that accept and transport signals in the form of electric current. Optical fiber is a glass cable that accepts and transports signals in the form of light. On the other hand wireless media transports electromagnetic wave without using a physical conductor. Network topology defines the structure of the network. One part of the topology definition is the physical topology, which is the actual layout of the wire or media. The other part is the logical topology, which defines how the hosts access the media to send data.

3.2 Twisted-Pair Cable A twisted-pair consists of two conductors, each with its own plastic insulation, twisted together. One of the wires is used to carry signals to the receiver, and other is used to a grounded interface. The receiver uses at the difference betweens two levels. In additional to


the signal send by the sender on the one of the wires, interference and cross talk may affect both wires and create unwanted signals. The receiver at the end operates only difference between these unwanted signals. There are two types of twisted pair cable, unshielded twisted-pair (UTP) cable and shielded twisted-pair (STP) cable.

3.2.1 Unshielded Twisted-Pair (UTP) Cable The most common twisted pair used in communication is called unshielded twistedpair able. UTP is a four-pair wire medium used in a variety of networks. Each of the eight copper wires in the UTP cable is covered by insulating material. In addition, each pair of wires is twisted around each other.

Figure 3.1: UTP cable. UTP cable has many advantages. It is easy to install and is less expensive than other types of networking media. In fact, UTP costs less per meter than any other type of LAN cabling. However, the real advantage is the size. There are some disadvantages of twisted-pair cabling. UTP cable is more prone to electrical noise and interference than other types of networking media, and the distance between signal boosts is shorter for UTP than it is for coaxial and fiber optic cables. Twisted pair cabling was once considered slower at transmitting data than other types of cable. This is no longer true. In fact, today, twisted pair is considered the fastest copper-based media [7].


3.2.2 Shielded Twisted-Pair (STP) Cable STP cable has a metal foil or braided-mesh covering that encases each pair of insulated conductors. It is usually 150-ohm cable. Although metal casing improves the quality of cable by preventing the penetration of noise or crosstalk. The metallic shielding materials in STP need to be grounded at both ends.

Figure 3.2: STP cable. STP cable shares many of the advantages and disadvantages of UTP cable. STP provides more protection from all types of external interference. However, STP is more expensive and difficult to install than UTP [7].

3.3 Coaxial Cable Coaxial cable carries signals of higher frequency ranges than twisted-pair cable, in part because the two media are constructed quite differently. Instead of having two wires, coax has central core conductor of solid or stranded wire (copper) enclosed in an insulating sheath. This second layer or shield also reduces the amount of outside electromagnetic interference. Covering this shield is the cable jacket.

Figure 3.3: Coaxial cable.


For LANs, coaxial cable offers several advantages. It can be run longer distances than shielded twisted pair, STP, unshielded twisted pair, UTP, and screened twisted pair, STP, cable without the need for repeaters. Coaxial cable is less expensive than fiber-optic cable. It has been used for many years for many types of data communication such as cable television. The speed and throughput of coaxial cable is upto10-100 Mbps, and maximum cable length is 500m [7].

3.4 Optical Fiber It is made of glass or plastic and transmits signals in form of light. Light travels in a straight line as long as it is moving through a single uniform substance. If the ray of light travels along one substance to another the ray changes its direction.

Figure 3.4: Optical fiber cable. The core of the optical fiber has to have a large index of reflection than material that surrounds it. The material that surrounds the core of the fiber is called the cladding. The core of the fiber is large enough so that there are many paths that light can take through the fiber, the fiber is called "multimode" fiber. Single-mode fiber has a much smaller core that only allows light rays to travel along one mode inside the fiber. Single mode optical fiber has small core, less dispersion and suited for long distance (up to 3km). Multimode optical fiber has large core than single mode cable, allow greater dispersion and therefore loss of sign,


used for long distance application but shorter than single mode (up to 2km) and uses LEDs for lighting source [7].

3.5 Wireless A wireless network may consist of as few as two devices. - The nodes could simply be desktop workstations or notebook computers. Equipped with wireless NICs, an ‘ad hoc’ network could be established which compares to a peer-to-peer wired network. Both devices act as servers and clients in this environment. Although it does provide connectivity, security is at a minimum along with throughput. Another problem with this type is connectivity. Many times NICs from different manufacturers are not compatible. Three types of wireless transmission are radio wave, microwave and infrared.

3.6 Physical Topology The term physical topology refers to the way in which a network is laid out physically. Two or more device connect to a link; two or more link from a topology.

Figure 3.5: Physical topology.


Bus Topology: In a bus topology one long cable act as a backbone to link all the devices in the network. All the hosts are connected directly to this backbone. Ring Topology: In a ring topology, each device has a dedicated point-to-point connection only with the two devices on either side of it. A signal passed along the ring in one direction from device to device, until it reached it destination. Star Topology: In a star topology, each device has dedicated point-to-point link only to a central controller. The devices are not directly linked one another. Extended Star Topology: An extended star topology links individual stars together by connecting the hubs or switches. Hierarchical Topology: A hierarchical topology is similar to an extended star. However, instead of linking the hubs or switches together, the system is linked to a computer that controls the traffic on the topology. Mesh Topology: In a mash topology, every device has a dedicated point-to-point link to every other device. As seen in the graphic, each host has its own connections to all other hosts. Although the Internet has multiple paths to any one location, it does not adopt the full mesh topology [2].

3.7 Logical Topology


The logical topology of a network determines how the hosts communicate across the medium. The two most common types of logical topologies are broadcast and token passing.

CHAPTER 4 LOCAL AREA NETWORK ESTABLISHMENT 4.1 Introduction LAN design has evolved. Network designers until very recently used hubs and bridges to build networks. Now switches and routers are the key components in LAN design, and the capabilities and performance of these devices continue to improve. Even though each LAN is unique, there are many design aspects that are common to all LANs. For example, most LANs follow the same standards and use the same components. This module presents information on elements of Ethernet LANs and common LAN devices [7].

4.2 LAN Technologies There are three types of common LAN Technologies: •

Ethernet – uses a logical bus topology to control information flow on a liner bus and a physical star or extended star topology for the cables.

Token Ring – uses a logical ring topology to control information flow and a physical star topology.

FDDI – uses a logical ring topology to control information flow and physical dualring topology [7].


Figure 4.1: Common LAN Technologies.

4.3 Ethernet LAN Developments The earliest LAN technologies used either thick Ethernet or thin Ethernet infrastructures. It is important to understand the limitations of these infrastructures. In order to understand the advancements in LAN switching. The addition of hubs or concentrators into the network offered an improvement on thick and thin Ethernet technology. A hub is a Layer 1 device and is sometimes referred to as an Ethernet concentrator or a multiport repeater. Hubs allow better access to the network for more users. Hubs regenerate data signals which allow networks to be extended to greater distances. Ethernet is fundamentally a shared technology where all users on a given LAN segment compete for the same available bandwidth. This situation is analogous to a number of cars that try to access a one-lane road at the same time. Since the road has only one lane, only one car can access it at a time. As hubs were added to the network, more users competed for the same bandwidth.

Figure 4.2: Develop LAN Topology. Collisions are a by-product of Ethernet networks. If two or more devices try to transmit at the same time, a collision occurs. This situation is analogous to two cars that try to merge into a single lane and cause a collision. Traffic is backed up until the collision can be cleared. Excessive collisions in a network result in slow network response times. This


indicates that the network is too congested or has too many users who need to access the network at the same time. Layer 2 devices are more intelligent than Layer 1 devices. Layer 2 devices make forwarding decisionsbased on Media Access Control (MAC) addresses contained within the headers of transmitted data frames. A bridge is a Layer 2 device used to divide, or segment, a network. Bridges collect and selectively pass data frames between two network segments. In order to do this, bridges learn the MAC address of devices on each connected segment.. Bridges do not restrict broadcast traffic. However, they do provide greater traffic control within a network. A switch is also a Layer 2 device and may be referred to as a multiport bridge. Switches make forwarding decisions based on MAC addresses contained within transmitted data frames. Switches learn the MAC addresses of devices connected to each port and this information is entered into a switching table. Switches create a virtual circuit between two connected devices that want to communicate. When the virtual circuit is created, a dedicated communication path is established between the two devices [4].

4.4 Ethernet In The Campus Ethernet is the most widely used LAN technology. Ethernet was first implemented by the Digital, Intel, and Xerox group (DIX). DIX created and implemented the first Ethernet LAN specification, which was used as the basis for the Institute of Electrical and Electronics Engineers (IEEE) 802.3 specification. A network may require an upgrade to one of the faster Ethernet topologies. The new generation of multimedia, imaging, and database products can easily overwhelm a network that operates at traditional Ethernet speeds of 10 and 100 Mbps. Network administrators may choose to provide Gigabit Ethernet from the backbone to the end user. Installation costs for new cables and adapters can make this prohibitive. There are several ways that Ethernet technologies can be used in a campus network:


1. An Ethernet speed of 10 Mbps can be used at the user level to provide good performance. 2. Clients or servers that require more bandwidth can use 100-Mbps Ethernet. Fast Ethernet is used as the link between user and network devices. It can support the combination of all traffic from each Ethernet segment. Fast Ethernet can be used to connect enterprise servers. This will enhance client-server performance across the campus network and help prevent bottlenecks. Fast Ethernet or Gigabit Ethernet should be implemented between backbone devices, based on affordability [4].

4.5 Host Connectivity The function of a NIC is to connect a host device to the network medium. A NIC is a printed circuit board that fits into the expansion slot on the motherboard or peripheral device of a computer.

The NIC is also referred to as a network adapter. On laptop or notebook

computers a NIC is the size of a credit card. NICs are considered Layer 2 devices because each NIC carries a unique code called a MAC address. This address is used to control data communication for the host on the network. More will be learned about the MAC address later. NICs control host access to the medium [4].

4.5.1 Peer-to-Peer Connection When LAN and WAN technologies are used, many computers are interconnected to provide services to their users. To accomplish this, networked computers take on different roles or functions in relation to each other. Some types of applications require computers to function as equal partners.

Figure 4.3: Peer to Peer Environment.


Other types of applications distribute their work so that one computer functions to serve a number of others in an unequal relationship. Two computers generally use request and response protocols to communicate with each other. One computer issues a request for a service, and a second computer receives and responds to that request. The requestor acts like a client and the responder acts like a server. In a peer-to-peer network, networked computers act as equal partners, or peers. As peers, each computer can take on the client function or the server function. Computer A may request for a file from Computer B, which then sends the file to Computer A. Computer A acts like the client and Computer B acts like the server. At a later time, Computers A and B can reverse roles. In a peer-to-peer network, individual users control their own resources. The users may decide to share certain files with other users. The users may also require passwords before they allow others to access their resources. Since individual users make these decisions, there is no central point of control or administration in the network. In addition, individual users must back up their own systems to be able to recover from data loss in case of failures. When a computer acts as a server, the user of that machine may experience reduced performance as the machine serves the requests made by other systems. Peer-to-peer networks are relatively easy to install and operate. No additional equipment is necessary beyond a suitable operating system installed on each computer. Since users control their own resources, no dedicated administrators are needed. As networks grow, peer-to-peer relationships become increasingly difficult to coordinate. A peer-to-peer network works well with ten or fewer computers [4].

4.5.2 Client/Server Connection In a client/server arrangement, network services are located on a dedicated computer called a server. The server responds to the requests of clients. The server is a central


computer that is continuously available to respond to requests from clients for file, print, application, and other services. Most network operating systems adopt the form of a client/server relationship. Typically, desktop computers function as clients and one or more computers with additional processing power, memory, and specialized software function as servers.

Figure 4.4: Client to Server Connection.

Servers are designed to handle requests from many clients simultaneously. Before a client can access the server resources, the client must be identified and be authorized to use the resource. Each client is assigned an account name and password that is verified by an authentication service. The authentication service guards access to the network. With the centralization of user accounts, security, and access control, server-based networks simplify the administration of large networks. The concentration of network resources such as files, printers, and applications on servers also makes it easier to back-up and maintain the data. Resources can be located on specialized, dedicated servers for easier access. Most client/server systems also include ways to enhance the network with new services that extend the usefulness of the network. The centralized functions in a client/server network has substantial advantages and some disadvantages. Although a centralized server enhances security, ease of access, and control, it introduces a single point of failure into the network. Without an operational server,


the network cannot function at all. Servers require a trained, expert staff member to administer and maintain. Server systems also require additional hardware and specialized software that add to the cost [4].

4.6 Connection Media The connector on a NIC may not match the media to which it needs to connect. The AUI connector allows different media to connect when used with the appropriate transceiver. A transceiver is an adapter that converts one type of connection to another. A transceiver will usually convert an AUI to an RJ-45, a coax, or a fiber optic connector. On 10BASE5 Ethernet, or Thicknet, a short cable is used to connect the AUI with a transceiver on the main cable

[4].

4.7 UTP Implementation EIA/TIA specifies an RJ-45 connector for UTP cable. The letters RJ stand for registered jack and the number 45 refers to a specific wiring sequence. The RJ-45 transparent end connector shows eight colored wires. Four of the wires, T1 through T4, carry the voltage and are called tip. The other four wires, R1 through R4, are grounded and are called ring. Tip and ring are terms that originated in the early days of the telephone. Today, these terms refer to the positive and the negative wire in a pair. The wires in the first pair in a cable or a connector are designated as T1 and R1. The second pair is T2 and R2, the third is T3 and R3, and the fourth is T4 and R4. The RJ-45 connector is the male component, which is crimped on the end of the cable. When a male connector is viewed from the front, the pin locations are numbered from 8 on the left to 1 on the right. as seen in

Figure 4.5.

The jack is the female component in a network device, wall outlet, or patch panel as seen in Figure 3.3. Figure 4.6 shows the punch-down connections at the back of the jack where the Ethernet


UTP cable connects.

Figure 4.5: Internal View of RJ-45. For electricity to run between the connector and the jack, the order of the wires must follow T568A or T568B color code found in the EIA/TIA-568-B.1 standard. To determine the EIA/TIA category of cable that should be used to connect a device, refer to the documentation for that device or look for a label on the device near the jack. If there are no labels or documentation available, Category 5E or greater can be used as higher categories in place of lower ones. Then it is determine whether to use a straight-through cable or a crossover cable.

Figure 4.6: Wire Combination of UTP. If the two RJ-45 connectors of a cable are held side by side in the same orientation, the colored wires will be seen in each. If the order of the colored wires is the same at each end, then the cable is a straight-through. In a crossover cable, the RJ-45 connectors on both ends show that some of the wires are connected to different pins on each side of the cable. Figure4.5 shows that pins 1 and 2 on one connector connect to pins 3 and 6 on the other [4].


Figure 4.7: Wire Connection of RJ-45. Straight-through cables are used for the following connections: •

Switch to router

Switch to PC or server

Hub to PC or server

Crossover cables are used for the following connections: •

Switch to switch

Switch to hub

Hub to hub

Router to router

PC to PC

Router to PC

4.8 Cabling Hubs Hubs are actually multiport repeaters. The difference between hubs and repeaters is usually the number of ports that each device provides. A typical repeater usually has two ports. A hub generally has from 4 to 24 ports. Hubs are most commonly used in Ethernet 10BASE-T or 100BASE-T networks. The use of a hub changes the network from a linear bus with each device plugged directly into the wire to a star topology. Data that arrives over the cables to a hub port is electrically


repeated on all the other ports connected to the network segment.

Figure 4.8: Hub Connection. A passive hub serves as a physical connection point only. It does not manipulate or view the traffic that crosses it. It does not boost or clean the signal. A passive hub is used only to share the physical media. A passive hub does not need electrical power. An active hub must be plugged into an electrical outlet because it needs power to amplify a signal before it is sent to the other ports. Intelligent hubs are sometimes called smart hubs. They function like active hubs with microprocessor chips and diagnostic capabilities. Intelligent hubs are more expensive than active hubs. They are also more useful in troubleshooting situations. Devices attached to a hub receive all traffic that travels through the hub. If many devices are attached to the hub, collisions are more likely to occur. A collision occurs when two or more workstations send data over the network wire at the same time. All data are corrupted when this occurs. All devices that are connected to the same network segment are members of the same collision domain. Sometimes hubs are called concentrators since they are central connection points for Ethernet LANs [4].

4.9 Cabling Bridges In many times it is necessary to break up a large LAN into smaller and more easily managed segments. This decreases the amount of traffic on a single LAN and can extend the geographical area past what a single LAN can support. The devices that are used to connect network segments together include bridges, switches, routers, and gateways. Switches and bridges operate at the data link layer of the OSI


model. The function of the bridge is to make intelligent decisions about whether or not to pass signals on to the next segment of a network.

Figure 4.9: Bridge Connection. When a bridge receives a frame on the network, the destination MAC address is looked up in the bridge table to determine whether to filter, flood, or copy the frame onto another segment [4].

4.10 Cabling Switches A switch is sometimes described as a multiport bridge. A typical bridge may have only two ports that link two network segments. A switch can have multiple ports based on the number of network segments that need to be linked. Like bridges, switches learn information about the data packets that are received from computers on the network. Switches use this information to build tables to determine the destination of data that is sent between computers on the network Although there are some similarities between the two, a switch is a more sophisticated device than a bridge. A bridge determines whether the frame should be forwarded to the other network segment based on the destination MAC address. A switch has many ports with many network segments connected to them. A switch chooses the port to which the destination device or workstation is connected. Ethernet switches are popular connectivity solutions because they improve network speed, bandwidth, and performance.


Figure 4.10: Switch Connection. Switching is a technology that alleviates congestion in Ethernet LANs. Switches reduce traffic and increase bandwidth. Switches can easily replace hubs because switches work with the cable infrastructures that are already in place. This improves performance with minimal changes to a network. All switching equipments perform two basic operations. The first operation is called switching data frames. This is the process by which a frame is received on an input medium and then transmitted to an output medium. The second is the maintenance of switching operations where switches build and maintain switching tables and search for loops. Switches operate at much higher speeds than bridges and can support new functionality, such as virtual LANs. An Ethernet switch has many benefits. One benefit is that it allows many users to communicate at the same time through the use of virtual circuits and dedicated network segments in a virtually collision-free environment. This maximizes the bandwidth available on the shared medium. Another benefit is that a switched LAN environment is very cost effective since the hardware and cables in place can be reused [4].

4.11 Configuring The Switch 4.11.1 Verifying The Catalyst Switch Default Configuration When powered up for the first time, a switch has default data in the running configuration file. The default hostname is Switch. No passwords are set on the console or


virtual terminal (vty) lines. A switch may be given an IP address for management purposes. This is configured on the virtual interface, VLAN 1. By default, the switch has no IP address. The switch ports or interfaces are set to auto mode , and all switch ports are in VLAN 1. VLAN 1 is knownas the default management VLAN. The flash directory by default, has a file that contains the IOS image, a file called env_vars, and a subdirectory called html. After the switch is configured, the flash directory will contain a file called config.textas well as a VLAN database. As seen in Figure , the flash directory does not contain a config.text file or a VLAN database file called vlan.dat. The IOS version and the configuration register settings can be verified with the show version command. For small networks, the default configuration may be sufficient. The benefits of better performance with microsegmentation are obtained immediately [4].


Figure 4.11: Default Running Configuration and Default Interface.


Figure 4.12: Default VLAN

4.11.2 Configuring the Catalyst Switch A switch may be preconfigured and only passwords may need to be entered for the User EXEC or Privileged EXEC modes. Switch configuration mode is entered from Privileged EXEC mode. In the CLI, the default Privileged EXEC mode prompt is Switch#. In User EXEC mode the prompt is Switch>. The following steps will ensure that a new configuration will completely overwrite the current configuration: To remove the current VLAN information, delete the VLAN database file called vlan.dat from the flash directory


Erase the back up configuration file called startup-config Restart the switch with the reload command Security, documentation, and management are important for every network device. A switch should be given a hostname, and passwords should be set on the console and vty lines. To allow the switch to be accessible by Telnet and other TCP/IP applications, IP addresses and a default gateway should be set. By default, VLAN 1 is the management VLAN. In a switch-based network, all network devices should be in the management VLAN. This allows a single management workstation to access, configure, and manage all the network devices. The Fast Ethernet switch ports default to auto-speed and auto-duplex. This allows the interfaces to negotiate these settings. Network administrators can manually configure the interface speed and duplex values if necessary. Some network devices can provide a web-based interface for configuration and management purposes. Once a switch is configured with an IP address and gateway, it can be accessed in this way. A web browser can access this service using the IP address and port 80, the default port for http. The HTTP service can be turned on or off, and the port address for the service can be chosen. Any additional software such as an applet can be downloaded to the browser from the switch. Also, the switch can be managed by a browser based graphical user interface (GUI) [4].


Figure 4.13: Switch Hostname, Password, IP Address and Default gateway.

CHAPTER 5 WIDE AREA NETWORK ESTABLISHMENT 5.1 Introduction A WAN is a data communications network that operates beyond the geographic scope of a LAN. One primary difference between a WAN and a LAN is that a company or organization must subscribe to an outside WAN service provider in order to use WAN carrier network services. A WAN uses data links provided by carrier services to access the Internet and connect the locations of an organization to each other, to locations of other organizations, to external services, and to remote users. WANs generally carry a variety of traffic types, such as voice, data, and video. Telephone and data services are the most commonly used WAN services.

5.2 WAN Technologies Devices on the subscriber premises are called customer premises equipment (CPE). The subscriber owns the CPE or leases the CPE from the service provider. A copper or fiber cable connects the CPE to the service provider’s nearest exchange or central office (CO). This cabling is often called the local loop, or "last-mile". A dialed call is connected locally to


other local loops, or non-locally through a trunk to a primary center. It then goes to a sectional center and on to a regional or international carrier center as the call travels to its destination. In order for the local loop to carry data, a device such as a modem is needed to prepare the data for transmission. Devices that put data on the local loop are called data circuit-terminating equipment, or data communications equipment (DCE). The customer devices that pass the data to the DCE are called data terminal equipment (DTE). The DCE primarily provides an interface for the DTE into the communication link on the WAN cloud. The DTE/DCE interface uses various physical layer protocols, such as High-Speed Serial Interface (HSSI) and V.35. These protocols establish the codes and electrical parameters the devices use to communicate with each other [4].

Figure 5.1: WAN Technology.

5.3 WAN Devices WANs are groups of LANs connected together with communications links from a service provider. Because the communications links cannot plug directly into the LAN, it is necessary to identify the various pieces of interfacing equipment. LAN-based computers with data to transmit send data to a router that contains both LAN and WAN interfaces. The router will use the Layer 3 address information to deliver the data on the appropriate WAN interface. Routers are active and intelligent network devices and therefore can participate in network management. Routers manage networks by providing


dynamic control over resources and supporting the tasks and goals for networks. Some of these goals are connectivity, reliable performance, management control, and flexibility.

Figure 5.2: WAN Devices. The communications link needs signals in an appropriate format. For digital lines, a channel service unit (CSU) and a data service unit (DSU) are required. The two are often combined into a single piece of equipment, called the CSU/DSU. The CSU/DSU may also be built into the interface card in the router. A modem is needed if the local loop is analog rather than digital. Modems transmit data over voice-grade telephone lines by modulating and demodulating the signal. The digital signals are superimposed on an analog voice signal that is modulated for transmission [4].

5.4 Router Routers are responsible for routing data packets from source to destination within the LAN, and for providing connectivity to the WAN. Within a LAN environment the router contains broadcasts, provides local address resolution services, such as ARP and RARP, and may segment the network using a subnetwork structure. In order to provide these services the router must be connected to the LAN and WAN [4].

5.4.1 Router User Interface Modes The Cisco IOS software separates the EXEC sessions into two access levels. These levels are user EXEC mode and privileged EXEC mode. The privileged EXEC mode is also known as enable mode. The following are the features of the user EXEC mode and privileged EXEC mode:


•

The user EXEC mode allows only a limited number of basic monitoring commands. This is often referred to as a view only mode. The user EXEC level does not allow any commands that might change the configuration of the router. The user EXEC mode can be identified by the > prompt. The privileged EXEC mode provides access to all router commands. This mode can

be configured to require a password. For added protection, it can also be configured to require a user ID. This allows only authorized users to access the router. Configuration and management commands require that the network administrator be at the privileged EXEC level. Global configuration mode and all other more specific configuration modes can only be reached from the privileged EXEC mode. The privileged EXEC mode can be identified by the # prompt. To access the privileged EXEC level from the user EXEC level, enter the enable command at the > prompt [4].

Figure 5.3: Router Enable Mode.

5.4.2 Configure a Cisco Router Global configuration mode commands are used in a router to apply configuration statements that affect the system as a whole. The following command moves the router into global configuration mode and allows entry of commands from the terminal:


Router#configure terminal Router(config)# The prompt will change to indicate that the router is in global configuration mode [4].

5.4.3 Configuring a Router Name A router should be given a unique name as one of the first configuration tasks. This task is accomplished in global configuration mode with the following command: Router(config)#hostname daffodil Tokyo(config)#

Figure 5.4: Configure Host Name. When the Enter key is pressed, the prompt will change from the default host name, which is Router, to the newly configured host name, which is Daffodil.

5.4.4 Configuring Router Passwords Passwords restrict access to routers. Passwords should always be configured for virtual terminal (vty) lines and the console line. Passwords are also used to control access to privileged EXEC mode so that only authorized users may make changes to the configuration file. The following commands are used to set an optional but recommended password on the console line: Router(config)#line console 0 Router(config-line)#login Router(config-line)#password <password >


Figure 5.5: Configure Password. A password must be set on one or more of the vty lines for users to gain remote access to a router through Telnet. Most Cisco routers support five vty lines numbered 0 through 4. The following commands are used to set a password on vty lines: Router(config)#line vty 0 4 Router(config-line)#login Router(config-line)#password <password > The enable password and enable secret commands are used to restrict access to the privileged EXEC mode. The enable password is only used if the enable secret has not been set. The enable secret command should be used because the enable secret command is encrypted. The enable password command is not encrypted. The following commands are used to set the passwords: Router(config)#enable password <password > Router(config)#enable secret <password >


Sometimes it is undesirable for passwords to be shown in clear text in the output from the show running-config or show startup-config commands. This command is used to encrypt passwords in configuration output: Router(config)#service password-encryption The service password-encryption command applies a weak encryption to all unencrypted passwords. The enable secret <password > command uses a strong MD5 algorithm for encryption [5].

5.4.5 Configuring a Serial Interface To configure a serial interface these steps are global configuration mode is entered, interface mode is entered, the interface address and subnet mask are specified, clock rate is set if a DCE cable is connected. This step is skipped if a DTE cable is connected and the interface is turned on. Each connected serial interface must have an IP address and subnet mask to route packets. Configure the IP address with the following commands: IP Router(config)#interface serial 0/0 Router(config-if)#ip address <ip address > <netmask > In the lab environment, the clockrate setting that will be used is 56000. The commands that are used to set a clock rate and enable a serial interface are as follows: Router(config)#interface serial 0/0 Router(config-if)#clock rate 56000 Router(config-if)#no shutdown

5.5 WAN Standards


WANs use the OSI reference model, but focus mainly on Layer 1 and Layer 2. WAN standards typically describe both physical layer delivery methods and data link layer requirements, including physical addressing, flow control, and encapsulation. WAN standards are defined and managed by a number of recognized authorities. The physical layer protocols describe how to provide electrical, mechanical, operational, and functional connections to the services provided by a communications service provider. Some of the common physical layer standards are listed in Figure. The data link layer protocols define how data is encapsulated for transmission remote sites, and the mechanisms for transferring the resulting frames. A variety of different technologies are used, such as ISDN, Frame Relay or Asynchronous Transfer Mode (ATM). These protocols use the same basic framing mechanism, high-level data link control (HDLC), an ISO standard, or one of its sub-sets or variants [4]. Table 5.1: WAN Standards and WAN Physical Layer Standards


Figure 5.6: WAN Data Link Layer. 5.6 WAN Link Options Circuit switching establishes a dedicated physical connection for voice or data between a sender and receiver. Before communication can start, it is necessary to establish the connection by setting the switches. This is done by the telephone system, using the dialed number. ISDN is used on digital lines as well as on voice-grade lines. To avoid the delays associated with setting up a connection, telephone service providers also offer permanent circuits. These dedicated or leased lines offer higher bandwidth than is available with a switched circuit. Examples of circuit-switched connections include: •

Plain Old Telephone System (POTS)

•

ISDN Basic Rate Interface (BRI) ISDN Primary Rate Interface (PRI) [4].

Figure 5.7: WAN Link Option.

5.7 ISDN


The internal connections, or trunks, of the PSTN have changed from carrying analog frequency-division multiplexed signals, to time-division multiplexed (TDM) digital signals. An obvious next step is to enable the local loop to carry digital signals that result in higher capacity switched connections. Integrated Services Digital Network (ISDN) turns the local loop into a TDM digital connection. The connection uses 64 kbps bearer channels (B) for carrying voice or data and a signaling, delta channel (D) for call set-up and other purposes. Basic Rate Interface (BRI) ISDN is intended for the home and small enterprise and provides two 64 kbps B channels and a 16 kbps D channel. For larger installations, Primary Rate Interface (PRI) ISDN is available. The BRI D channels underutilized, as it has only two B channels to control. Some providers allow the D channel to carry data at low bit rates such as X.25 connections at 9.6 kbps.

Figure 5.8: BRI and PRI. Another common application of ISDN is to provide additional capacity as needed on a leased line connection. The leased line is sized to carry average traffic loads while ISDN is added during peak demand periods. ISDN is also used as a backup in the case of a failure of the leased line. ISDN tariffs are based on a per-B channel basis and are similar to those of analog voice connections. With PRI ISDN, multiple B channels can be connected between two end points. This allows for video conferencing and high bandwidth data connections with no latency or jitter. Multiple connections can become very expensive over long distances [4].


Figure 5.9: WAN with ISDN.

5.8 Leased Line When permanent dedicated connections are required, leased lines are used with capacities ranging up to 2.5 Gbps. A point-to-point link provides a pre-established WAN communications path from the customer premises through the provider network to a remote destination. Point-to-point lines are usually leased from a carrier and are called leased lines. Leased lines are available in different capacities. These dedicated circuits are generally priced based on bandwidth required and distance between the two connected points. Point-to-point links are generally more expensive than shared services such as Frame Relay [4].

Figure 5.10: WAN with a Leased Line.

5.9 X.25 In response to the expense of leased lines, telecommunications providers introduced packet-switched networks using shared lines to reduce costs. The first of these packetswitched networks was standardized as the X.25 group of protocols. X.25 provides a low bit


rate shared variable capacity that may be either switched or permanent. X.25 is a networklayer protocol and subscribers are provided with a network address. Virtual circuits can be established through the network with call request packets to the target address. The resulting SVC is identified by a channel number. Data packets labeled with the channel number are delivered to the corresponding address. Multiple channels can be active on a single connection. Subscribers connect to the X.25 network with either leased lines or dialup connections. X.25 networks can also have pre-established channels between subscribers that provide a PVC. X.25 can be very cost effective because tariffs are based on the amount of data delivered rather than connection time or distance. X.25 technology is no longer widely available as a WAN technology in the US. Frame Relay has replaced X.25 at many service provider locations [4].

Figure 5.11: WAN with X.25.

5.10 Frame Relay With increasing demand for higher bandwidth and lower latency packet switching, communications providers introduced Frame Relay. Although the network layout appears similar to that for X.25, available data rates are commonly up to 4 Mbps, with some providers offering even higher rates. Frame Relay differs from X.25 in several aspects. Most importantly, it is a much simpler protocol that works at the data link layer rather than the network layer.


Most Frame Relay connections are PVCs rather than SVCs. The connection to the network edge is often a leased line but dialup connections are available from some providers using ISDN lines. The ISDN D channel is used to set up an SVC on one or more B channels. Frame Relay tariffs are based on the capacity of the connecting port at the network edge. Additional factors are the agreed capacity and committed information rate (CIR) of the various PVCs through the port. Frame Relay provides permanent shared medium bandwidth connectivity that carries both voice and data traffic. Frame Relay is ideal for connecting enterprise LANs. The router on the LAN needs only a single interface, even when multiple VCs are used. The short-leased line to the Frame Relay network edge allows cost-effective connections between widely scattered LANs [4].

Figure 5.12 Frame Relay.

5.11 DSL Digital Subscriber Line (DSL) technology is a broadband technology that uses existing twisted-pair telephone lines to transport high-bandwidth data to service subscribers. DSL service is considered broadband, as opposed to the baseband service for typical LANs. Broadband refers to a technique which uses multiple frequencies within the same physical medium to transmit data. The term xDSL covers a number of similar yet competing forms of DSL technologies: 1. Asymmetric DSL (ADSL) 2. Symmetric DSL (SDSL) 3. High Bit Rate DSL (HDSL)


4. ISDN (like) DSL (IDSL) 5. Consumer DSL (CDSL) The two basic types of DSL technologies are asymmetric (ADSL) and symmetric (SDSL). All forms of DSL service are categorized as ADSL or SDSL and there are several varieties of each type. Table 5.2: Download and Upload of DSL

The different varieties of DSL provide different bandwidths, with capabilities exceeding those of a T1 or E1 leased line. The transfer rates are dependent on the actual length of the local loop and the type and condition of its cabling. For satisfactory service, the loop must be less than 5.5 kilometers (3.5 miles). Generally, a subscriber cannot choose to connect to the enterprise network directly, but must first connect to an Internet service provider (ISP). From here, an IP connection is made through the Internet to the enterprise. Thus, security risks are incurred. To address security concerns, DSL services provide capabilities for using Virtual Private Network (VPN) connections located at the corporate site [4].

Figure 5.13: DSL Technology

5.12 Cable Modem


Coaxial cable is widely used in urban areas to distribute television signals. Network access is available from some cable television networks. This allows for greater bandwidth than the conventional telephone local loop. Enhanced cable modems enable two-way, highspeed data transmissions using the same coaxial lines that transmit cable television. Some cable service providers are promising data speeds up to 6.5 times that of T1 leased lines. This speed makes cable an attractive medium for transferring large amounts of digital information quickly, including video clips, audio files, and large amounts of data. Information that would take two minutes to download using ISDN BRI can be downloaded in two seconds through a cable modem connection.

Figure 5.14: Cable Modem.

5.13 WAN Design 15.13.1 WAN Communication WANS are considered to be a set of data links connecting routers on LANs. User end stations and servers on LANs exchange data. Routers pass data between networks across the data links. Because of cost and legal reasons, a communications provider or a common carrier normally owns the data links that make up a WAN. The links are made available to


subscribers for a fee and are used to interconnect LANs or connect to remote networks. WAN data transfer speed (bandwidth) is considerably slower than the 100 Mbps that is common on a LAN. The charges for link provision are the major cost element of a WAN and the design must aim to provide maximum bandwidth at acceptable cost. Pressure to provide more service access at higher speeds and management pressure to contain cost, determining the optimal WAN configuration is not an easy task [4].

Figure 5.15: Modern WAN.

5.13.2 Steps in WAN Design Designing a WAN can be a challenging task, but approaching the design in a systematic manner can lead to superior performance at a reduced cost. Many WANs have evolved over time, therefore many of the guidelines discussed here may not have been considered. Every time a modification to an existing WAN is considered, the steps in this module should be followed. WAN modifications may arise from changes such as an expansion in the enterprise the WAN serves, or accommodation of new work practices and business methods. Enterprises install WAN connectivity because there is a need to move data in a timely manner between external branches. In designing the WAN, it is necessary to know what data traffic must be carried, its origin, and its destination. WANs carry a variety of traffic types with varying requirements for bandwidth, latency, and jitter. Table 5.3: Comparing WAN Traffic Types


For each pair of end points and for each traffic type, information is needed on the various traffic characteristics. Determining this may involve extensive studies of and consultation with the network users. The design often involves upgrading, extending, or modifying an existing WAN. Much of the data needed can come from existing network management statistics. Knowing the various end points allows the selection of a topology or layout for the WAN. [4]. Table 5.4: WAN Technology

CHAPTER 6 SERVER CONFIGURATION 6.1 Introduction Here various types of servers configuration and what theirs functions are discussed. They are DNS server, Web server, Mail server, Proxy server, FTP server and DHCP server.

6.2 DNS Server


The Domain name System (DNS) is a distributed Internet directory service. DNS is used mostly to translate between domain names and IP addresses, it also control Internet email delivery. Most Internet services rely on DNS to work, and if DNS fails, most of the service fails, and the total operation stalls. DNS converts machine manes into IP addresses that all machines on the net have. It translates from name to the address and address to name, and some other things. A mapping is simply an association between two things, in this case a machine name, like ftp.linux.org and the machine’s IP address (or address) 199.249.150.4. DNS also contain the other way from the IP number to the machine name; this is called a “reverse mapping”. A DNS server is also known as nameserver (NS). These servers come in three varieties; •

Master (also called primary)

Slave (also called secondary)

Caching [6]

6.2.1 Configuration of Caching only DNS Caching DNS server stores most frequently information to reduce lookup overload of subsequent queries. Setting up a caching DNS server is fairly straightforward and works weather or not the ISP providers are static or dynamic Internet IP address. It works only to translate IP address and name from other name server. All DNS server runs with checking only name server facilities by default [6].

6.2.2 Configuration of Master DNS (Primary) If any company wishes to run e-mail and website for registered domain then it needs to an automotive name server. If they are running a broadband ISP, they are not running their own e-mail and web, they just need authoritative name server. A caching nameserver is used


only as reference and regular nameservers are used

as the authoritative source of

information. Edit “/etc/named.conf� files as follws #/etc/named.conf // generated by named-bootconf.pl options { directory "/var/named"; * If there is a firewall between you and nameservers you want * to talk to, you might need to uncomment the query-source zone "." IN { type hint; file "named.ca"; }; zone "localhost" IN { type master; file "localhost.zone"; allow-update { none; }; }; zone "0.0.127.in-addr.arpa" IN { type master; file "named.local"; }; zone "sufi.com.bd" IN {


type master; file "sufi.com.bd.zone"; allow-update { 203.91.147.4; }; }; zone "147.91.203.in-addr.arpa" IN { type master; file "sufi.com.bd.rev"; allow-update { 203.91.147.4; }; }; [6].

6.2.3 Configuration of Slave DNS (Secondary) Secondary DNS server backups a copy of primary name servers zone files. It can resolve all queries like primary name server. It always transfer newly configured /edited zone files of primary. Install all required packages required for DNS. It needs to configure/etc/named.com file. #etc/named.conf // generated by named-bootconf.pl options { directory "/var/named"; query-source address * port 53; }; zone "." IN { type hint; file "named.ca";


}; zone "sufi.com.bd" IN { type slave; file "sufi.com.bd.zone"; masters { 203.91.147.3 ; }; allow-update { 203.91.147.3; }; }; zone "0.0.127.in-addr.arpa" IN { type slave; masters { 203.91.147.3 ; }; file "named.local"; allow-update { 203.91.147.3; }; }; zone "147.91.203.in-addr.arpa" IN { type slave; masters { 203.91.147.3 ; }; file "sufi.com.bd.rev"; allow-update { 203.91.147.3; }; }; Now restart the name service to reload the configuration [root@nsl src] # killall named [root@nsl src] # service name start [6].

6.3 Web Server


A web server satisfies web browsers query by sending web page. Web servers also support some server side modules, which is required forward advanced operation. Apache is the most popular web server on the Internet. The Apache HTTP Server project is an effort to develop and maintain an open source HTTP server for modern operating systems including UNIX and Windows NT [8].

6.3.1 Configuration of Web Server The main configuration file used by apache is “/etc/http/conf/ httpd.conf”. Some other configuration file is ““/etc/httpd/conf.d/*”” [6].

6.3.2 Configuration of Virtual Host Virtual host means hosting many wavesites in a single server.There are two type of virtual hosting available, “Name Based” and “IP based”. Name based virtual hosting is the most popular hosting because it reduce IP wastes. Virtual hosting works in a very sequential procedure.As explained on the apache website: “When a request arrives, the server will first check if it is using an IP address. That matches the NameVirtualHost. If it is, then it will look at each <VirtualHost> section with a matching IP address and try to find one where ServerName matches the requested hostname. If it finds one, then it uses the configuration for that server. If no matching virtual host is found, then the first listed virtual host that matches the IP address will be used” [6]. NameVirtualHost: This directive specifics the web srver’s IP and port for Virtual web hosting. This is usually web servers IP address. Port number is optional is sometime. NameVirtualhost 202.161.151.3: 80 <VietualHost>: This section in the file tells Apache where it should look for web pages, used on each we site. It contains log location also. It must be satisfied that the IP


address for which each <VirtualHost> section applied. The format of virtual hosting: <VirtualHost 202.161.151.3> Directives for site #1 </VirtualHost> Examples of virtual hosting is given below: #Virtual Host for Default Web <VirtualHost 203.91.147.3> ServerAdmin webmaster@sufi.com.bd DocumentRoot "/var/www/html ServerName www.sufi.com.bd ErrorLog logs/www.sufi.com.bd_log TransferLog logs/www.sufi.com.bd.access </VirtualHost> #Virtual for Mail <VirtualHost 203.91.147.3> ServerAdmin webmaster@sufi.com.bd DocumentRoot "/var/www/html/mail� ServerName mail.sufi.com.bd ErrorLog logs/mail.sufi.com.bd_log TransferLog logs/mail.sufi.com.bd.access </VirtualHost> [6].

6.4 Mail Server Electronics e-mail is the most continent method in today’s communication. It is one of the most important public service for an ISP. Every service provider need to provide facility


for sending and receiving mail for each other. Sendmail is an incredibly powerful mail program. Sendmail is responsible for sending mail to a remote user’s mailbox and receiving mail from them. Mail server mainly uses POP and SMTP service [8]. Configuration Sendmail by.mc Approach /etc/mail/sendmail.cf is the main configuration file of sendmail daemon. There are some other supported configurations files exist in the same directory. The files are combination of three types of architecture. The main configuration and few files are macro files(m4). The “m4” command is generating macros according to “sendmail.me” files. [root@mxlusr] # m4 /etc/mail/sendmail.mc >/etc/mail/sendmail.cf [root@mxlusr] # service sendmail restart When find the server being used to really mail for SPAM email sights. Configuring the /etc/mail/access file will not stop SPAM is coming, only spam flowing through it [9]. Localhos.localdomain

RELAY

localhost

RELAY

127.0.0.1

RELAY

203.91.147.55

RELAY

202.161.151

RELAY

info.com.bd

RELAY

6.5 Proxy Server Proxy Server satisfies web browser’s query by sending requests web page. Proxy does not main operations. First option is to reduce internet bandwidth charge. And the second options is to limit web access to authorized user/pc. Proxy servers can dramatically improve performance for groups of users. This is because it saves the results of all requests for a certain amount of time. A case is considered where both user X and user Y can access the World Wide Web through a proxy server. First user X requests a certain Web page, which is


called Page 1. Sometime later, user Y requests the same page. Instead of forwarding the request to the Web server where Page 1 resides, which can be a time-consuming operation, the proxy server simply returns the Page 1 that it already fetched for user X. Since the proxy server is often on the same network as the user, this is a much faster operation. Real proxy servers support hundreds or thousands of users. Proxy servers can also be used to filter requests. For example, a company may use a proxy server to prevent its employees from accessing a specific set of Web sites. Squid is a high performance proxy-caching server for web clients, supporting, FTP data, gopher and HTTP data objects. Squid handle all requests in a single, non-blocking , I/O-driven process[6]. Configuring Squid Configure it to run each time when systems boots [root@proxy tmp] # rmp -Uvh squid-2.5.STABLE1-2.i368.rmp [root@squid] # chkconfig squid on The main configuration file is “ squid.conf�. This file is heavenly commented. # TAG: http_port #

Usage: port

#

hostname:port

#

1.2.3.4:port

#

The socket addresses where Squid will listen for HTTP client

#

requests. You may specify multiple socket addresses.

#

There are three forms: port alone, hostname with port, and

#

IP address with port. If you specify a hostname or IP

#

address, then Squid binds the socket to that specific

#

address. This replaces the old 'tcp_incoming_address'


#

option. Most likely, you do not need to bind to a specific

#

address, so you can use the port number alone.

#

number listed here. That option will NOT override an IP

#

address, however.

#

You may specify multiple socket addresses on multiple lines.

#

If you run Squid on a dual-homed machine with an internal

#

and an external interface then we recommend you to specify the

#

internal address:port in http_port. This way Squid will only be

#

visible on the internal address.

#Default: http_port 8080 [6]

6.6 FTP Server Nowadays it is essential to keep some important files like CV, Adders book, personal profile in some place that would be available for everywhere in the world. It is possible through the Internet. If any person transfers to large number/size of files over Internet, he needs FTP. FTP is the most convenient for transferring private/public files. Private files can be shared by username and password authentication. All ftp servers by default support this method. If any one wishes to share public files, he needs to autonomous FTP server. Sites that need to exchange files with numerous unknown remote users use autonomous FTP. Configuring vsftpd Vfsed onlyreadsthe contentsof its /etc/vsftpd.comf or /etc/vsftpd/vsftpd.conf configuration file when it starts. By default,VSFTP run as an anonymous FTP server. Any remote user to log into his default FTP directory using a username of “ananoymous” and a password that’s same as their email address .The configuration file’s anonymous_enable


instruction can be command out by using a “#” to disable this feature. By default, VSFTP only allows anonymous FTP downloads to remote users, not uploads from them. Also by default, VSFTP doesn’t allow remote users to create directories on the FTP server and it logs FTP access to the /var/log/vsftpd.log log file. The configuration file is fairly straight forward. Remove/add the “# at the beginning of the line to “activate/deactivate” the feather of each line[2]. ## Example config file /etc/vsftpd.conf # # The default compiled in settings are very paranoid. This sample file # loosens things up a bit, to make the ftp daemon more usable. # # Allow anonymous FTP? # anonymous_enable=YES # # Uncomment this to allow local users to log in. local_enable=YES # Activate directory messages - messages given to remote users when they # go into a certain directory. dirmessage_enable=YES # # Activate logging of uploads/downloads. xferlog_enable=YES # # Make sure PORT transfer connections originate from port 20 (ftp-data). connect_from_port_20=YES # # You may override where the log file goes if you like. The default is shown


# below. xferlog_file=/var/log/vsftpd.log [2].

6.7 DHCP Server The Dynamic Host Configuration Protocol (DHCP) provides a framework for passing configuration information to the host on a TCP/IP network. DHCP consists of two components: a protocol for delivering host-specific configuration parameters and a mechanism for allocation of network address. If any company has 100 computers and they need to assign regular all IP and other parameters manually, it will become nightmare. They can solve it easily with DHCP Server. DHCP can assign those 100 computers automatically. Nowadays DHCP server supports many security features, which allows administrator to assign specific IP address specific host [6]. Installing and configuring DHCPD DHCP server and client are included into RedHat CD ROM .Install the .rmp. Configure to run at boot time. [root @dhcp usr] # rmp-Uvh dhcp-3.0pll-20.i386.rmp [root @dhcp usr] # checkconfig dhcpd on When DHCP starts, it reads the file the file/etc/dhcp/.conf. This file contains configuration of DHCP server. Normally there is find a simple coppy of dhcpd.conf in the “/user/share/doc/dhcp- <version-number>/” directory. Coppy it into /etc fplder as dhcpd.conf. [root @dhcp usr] # cp /usr/share/doc/dhcpversion/dhcpd.conf.sample /etc/dhcpd.conf Here is a quick explation of the “dhcp.conf” file: Most importantly, there must be a “subnet” section for each interface of the server. subnet 192.168.1.0 netmask 255.255.255.0 {


# The range of IP addresses the server will issue to clients range 192.168.1.201 192.168.1.220; # Set time in seconds that a client may keep the IP address default-lease-time 86400; max-lease-time 86400; # Set the NTP server to be used by clients Now restart “dhcpd” daemon to take effect. To restart DHCPD every time change to the conf file. [root@ dhcp usr] # /etc/init.d/dhcpd restart Finally, always remember to set the PC to get its IP address via DHCP. ”/var/log/message” can be seen to find error and exception occurrencnce with DHCP [6].

CHAPTER 7 CONCLUSION In this internship, a network of an ISP(Internet Service Provider) has been set up. An ISP gives us Internet facilities, which help us to communicate with other network in the world. In our country ICT sector growing vast for this, needs of an ISP is more essential to improve this sector. At present Information Technology (IT) is a subject of widespread interest in Bangladesh. A tremendous activity is going on in every sector including ecommerce, e-governance, computer networking, Internet, web browsing, web applications, multimedia product development etc. In this sense the project on ISP has been undertaken. In this project switch and routers have also been configured. And different kinds of application servers have also been configured under LINUX environment. It also has been shown that how can an ISP give the client facilities and distribute services. By doing this internship lot of experiences has been gathered. There many technical problems have been faced and the corresponding solutions of these problems have been made


which extensively improve the knowledge and skill during this project. Finally it has been learned by deploying the networking capabilities using LINUX how a corporate network can be implemented which provides the best security and service.

REFERENCES [1] http://en.wikipedia.org/wiki/History_of_the_Internet [2] Behrouz A. Frouzan “Data Communication and Networking”,Third Edition, Tata McGrawPublishing Company Limited (2004). [3] CGS communication. H # 43, R # 4A, Dhanmondi R/A, Dhaka-1209. [4] www.cisco.netacat.net [5] Abu Jafar Md. Masud Karim, “Internet and Intranet Connections in ISP”, B.Sc. Thesis, Department of Electronics and Telecommunication Engineering, Daffodil International University, June 2007. [6] “Sufi Faruq Ibon Abubakar, “ISP Setup Manual”(First Edution), Sufi & Associates Interworking Series, June 2005. [7] Cisco “CCNA Cource Material” (Student Version 3.1) [8] RedHat 7.3 Documentation provided by RedHat Inc. [9] Top-Down Network Design, Priscilla Oppenheiment,Techmedia. [10] http://linux.about.com


Turn static files into dynamic content formats.

Create a flipbook
Issuu converts static files into: digital portfolios, online yearbooks, online catalogs, digital photo albums and more. Sign up and create your flipbook.