- Table of Contents
- Copyright
- About the Lead Authors
- About the Contributing Authors
- Acknowledgments
- Tell Us What You Think!
- Introduction
- I. Red Hat Linux Installation and User Services
- Chapter 1. Introduction to Red Hat Linux
- Chapter 2. Installation of Your Red Hat System
- Chapter 3. LILO and Other Boot Managers
- Chapter 4. Configuring the X Window System, Version 11
- Chapter 5. Window Managers
- Chapter 6. Connecting to the Internet
- Chapter 7. IRC, ICQ, and Chat Clients
- Chapter 8. Using Multimedia and Graphics Clients
- II. Configuring Services
- Chapter 9. System Startup and Shutdown
- Chapter 10. SMTP and Protocols
- Chapter 11. FTP
- Chapter 12. Apache Server
- Chapter 13. Internet News
- Chapter 14. Domain Name Service and Dynamic Host Configuration Protocol
- Chapter 15. NIS: Network Information Service
- Chapter 16. NFS: Network Filesystem
- Chapter 17. Samba
- III. System Administration and Management
- Chapter 18. Linux Filesystems, Disks, and Other Devices
- Chapter 19. Printing with Linux
- Chapter 20. TCP/IP Network Management
- TCP/IP Basics
- Configuring the Network
- Network Daemons
- TCP/IP Troubleshooting Tools
- Network Security Tools
- Summary
- Chapter 21. Linux System Administration
- Chapter 22. Backup and Restore
- Chapter 23. System Security
- IV. Red Hat Development and Productivity
- Chapter 24. Linux C/C++ Programming Tools
- Chapter 25. Shell Scripting
- Chapter 26. Automating Tasks
- Chapter 27. Configuring and Building Kernels
- Chapter 28. Emulators, Tools, and Window Clients
- V. Appendixes
- A. The Linux Documentation Project
- B. Top Linux Commands and Utilities
- C. The GNU General Public License
- D. Red Hat Linux RPM Package Listings
Configuring the Network
In Red Hat, basic network configuration is generally done at installation time, when configuring the base system, but network interfaces may be added or deleted at any time. As with other UNIX systems, all configuration data is stored in text files in the /etc tree.
An important thing to consider is that Linux, like other UNIX systems, can be reconfigured on-the-fly. In other words, almost any parameter can be changed while the system is operating, without rebooting. This makes it easy to experiment and correct configuration problems. However, if you are new to making permanent configuration changes, it is recommended that you reboot after making any important configuration changes, to ensure the correct configuration will be used when the system reboots.
If you are new to Red Hat Linux and simply want to configure your network to get your system running or to make basic changes to an existing configuration, then the following section is for you. It will quickly outline how to make changes to your network configuration without having to edit individual files. If you want to perform more advanced tasks such as setting up routing functions, ipchains, or IP masquerading, then you may want to skip to the next section. This section will walk you through changing and setting hostnames, IP addresses, the default gateway, DNS, and routes to other networks using linuxconf.
The next section deals with configuring the network by editing the files stored in /etc. NIS is covered in Chapter 15, "NIS: Network Information Service."
Configuration Files
The most important network configuration files in a Linux system follow:
- /etc/sysconfig/network
- /etc/HOSTNAME
- /etc/hosts
- /etc/services
- /etc/host.conf
- /etc/nsswitch.conf
- /etc/resolv.conf
Each is covered in turn. All of these files can be modified while a system is running. Modifications (except for /etc/sysconfig/network) take place immediately, without having to start or stop any daemons. Note that most of these files accept comments beginning with a hash (#) symbol. Each of these files has an entry in section 5 of the UNIX manual, so you can access them with the man command.
Network Setup: /etc/sysconfig/network
The network file contains information that will control how other network-related files and daemons get populated. Here is a sample network file:
NETWORKING=yes FORWARD_IPV4=false HOSTNAME=ltorvalds.tech.access.com DOMAINNAME=tech.access.com GATEWAY=205.185.225.1 GATEWAYDEV=eth0 NISDOMAIN=looneytunes
This file is best edited through the GUI tool linuxconf. This tool requires you to have display access to an X server. If you installed Red Hat Linux 7 and took the defaults, then you will have installed the Gnome desktop. linuxconf can be accessed through the Gnome desktop by clicking on the Gnome starting point (that's the little footprint at the bottom left of your screen that looks like the capital letter "G") and following the sequence of menus (Programs, System, Linuxconf).
Hostname: /etc/HOSTNAME
The /etc/HOSTNAME file contains just one line with the primary name of the host. This file gets its content at boot time from the HOSTNAME line in the /etc/sysconfig/network file. This file is used when booting to set the primary hostname of the system. Here's an example of the /etc/HOSTNAME file:
mycomputer
Using linuxconf, the hostname is found under Networking, Client Tasks, Basic Host Information on the Host Name tab. Figure 20.5 shows the field in which this is done. After making changes click the Accept button followed by the Act/Changes button. Click Quit to exit the program.
)
Figure 20.5 The Host Name + Domain field can be used to change both your computer name and your domain.
Map Between IP Addresses and Hostnames: /etc/hosts
The /etc/hosts file contains the mapping between IP addresses and hostnames, and aliases for hostnames. IP addresses were designed to be easily readable by computers, but it's hard for people to remember them. That's why the /etc/hosts file was created. Here's an example of the /etc/hosts file:
001 127.0.0.1 localhost 002 192.168.1.1 mycomputer 003 192.168.1.2 server 004 192.168.1.3 router 005 192.168.3.45 othercomputer otheralias 006 199.183.24.133 www.redhat.com 007
In this case, othercomputer also has an alias. It can also be referred to as otheralias.
In practice, /etc/hosts usually contains the host's name, the localhost entry, and system aliases that the systems administrator commonly uses, although it is perfectly acceptable to maintain a small table of all available hosts on a small LAN in this file. Other hostnames are usually resolved using the Internet's Domain Name Service (DNS) possibly provided by a local, but more often, a remote server.. The client portion of DNS is configured in the /etc/resolv.conf file.
Map Between Port Numbers and Service Names: /etc/services
The /etc/services file contains the mapping between port numbers and service names. This is used by several system programs. This is the beginning of the default /etc/ services file installed by Red Hat:
tcpmux 1/tcp # TCP port service multiplexer echo 7/tcp echo 7/udp discard 9/tcp sink null discard 9/udp sink null systat 11/tcp users
Note that /etc/services also allows for aliases, which are placed after the port number. In this case, sink and null are aliases for the discard service.
Configure the Name Resolver: /etc/host.conf and /etc/nsswitch.conf
These two files configure the UNIX name resolver library by specifying where the system will find its name information. /etc/host.conf is the file used by version 5 of the libc library, whereas /etc/nsswitch.conf is used by version 6 (also known as glibc). The important thing is that some programs will use one and some will use the other, so it's best to have both files configured correctly.
/etc/host.conf
The /etc/host.conf file specifies the order in which the different name systems (/etc/hosts file, DNS, NIS) will be searched when resolving hostnames. Each line of the /etc/host.conf file should consist of one of the following directives, followed by a parameter:
| Directive | Function |
| order | Indicates the order in which services will be queried. Its parameter may be any combination of lookup methods separated by commas. The lookup methods supported are bind, hosts, and nis; respectively, DNS, /etc/hosts, and NIS. |
| trim | Indicates a domain that will be trimmed of the hostname when doing an IP address-to-hostname translation via DNS. trim may be included several times for several domains. trim doesn't affect /etc/hosts or NIS lookups. You should take care that hosts are listed appropriately (with or without full domain names) in the /etc/hosts file and in the NIS tables. |
| multi | Controls whether a query to the name system will always return only one result, or whether it may return several results. Its parameter may be either on, meaning that several results may be returned when appropriate, or off, meaning that just one result will be returned. Default value is off. |
| nospoof | Controls a security feature to prevent hostname spoofing. If nospoof is on, after every name-to-IP lookup a reverse IP-to-name lookup will be made. If the names don't match, the operation will fail. Valid parameters are on or off. Default value is off. |
| alert | If the nospoof directive is on, alert controls whether spoofing attempts will be logged through the syslog facility Default value is off. |
| reorder | If set to on, all lookups will be reordered so that hosts on the same subnet will be returned first. Default value is off. |
This is the default /etc/host.conf file included with Red Hat:
order hosts,bind
This indicates that lookups will be done first to the /etc/hosts file and then to DNS. If several hosts match, all will be returned. This file is appropriate for most installations, although installations using NIS or where the nospoof behavior is desired will have to modify it.
/etc/nsswitch.conf
The /etc/nsswitch.conf file was originally created by Sun Microsystems to manage the order in which several configuration files are looked for in the system. As such, it includes more functionality than the /etc/host.conf file.
Each line of /etc/nsswitch.conf is either a comment (which starts with a hash sign), or a keyword followed by a colon and a list of methods listed in the order they will be tried. Each keyword is the name to one of the /etc files that can be controlled by /etc/ nsswitch.conf. The keywords that can be included follow:
| Keyword (Filename) | Function |
| aliases | Mail aliases |
| passwd | System users |
| group | User groups |
| shadow | Shadow passwords |
| hosts | Hostnames and IP addresses |
| networks | Network names and numbers |
| protocols | Network protocols |
| services | Port numbers and service names |
| ethers | Ethernet numbers |
| rpc | Remote Procedure Call names and numbers |
| netgroup | Networkwide groups |
The methods that can be included follow:
| Method | Meaning |
| files | Valid for all keywords except netgroup. Look for record in the corresponding /etc file. |
| db | Valid for all keywords except netgroup. Look record up in the corresponding database in the /var/db directory. This is useful for extremely long files, such as passwd files with more than 500 entries. To create these files from the standard /etc files, cd into /var/db and run the make command. |
| compat | Compatibility mode, valid for passwd, group, and shadow files. In this mode, lookups are made first to the corresponding /etc file. If you want to do NIS lookup of the corresponding NIS database, you need to include a line where the first field (username or groupname) is a plus character, followed by an appropriate number of colons (six for /etc/passwd, three for /etc/group, eight for /etc/shadow). For example, in /etc/password, the following line would have to be included at the end: |
| +:*:::::. The asterisk (*) in this string is representative of an account without a password used for programs that run as a user, but there is no way to log on from a prompt as that user. For example, the innd process runs as news and retrieves news and stores it in a directory owned by news but there is no way to log on as the user news. | |
| dns | Valid only for the hosts entry. Lookups are made to the DNS as configured in /etc/resolv.conf. |
| nis | Valid for all files. Lookups are made to the NIS server if NIS is active. |
| [ STATUS=action ] | Controls the actions of the Name Service. STATUS is one of SUCCESS (operation was successful), NOTFOUND (record was not found), UNAVAIL (selected service was unavailable), or TRYAGAIN (service temporarily unavailable, try again). action is one of return (stop lookup and return current status) or continue (continue with next item in this line). For example, a line like hosts: dns nis [NOTFOUND=return] files would result in looking up the host first in DNS and then in NIS. Only if neither of these were available would the /etc/hosts file be used. |
This is a typical /etc/nsswitch.conf configured to use the local files for everything, and adds the ability to do DNS-based hostname queries:
passwd: compat group: compat shadow: compat hosts: files dns networks: files protocols: db files services: db files ethers: db files rpc: db files netgroup: db files
With this configuration, all names except network names will be looked up first in /var/db (for efficiency). If not found there, it will be looked up in the corresponding /etc files. There are quite a few databases that could be looked up via NIS if an appropriate entry exists in the corresponding database.
Configure the DNS Client: /etc/resolv.conf
The /etc/resolv.conf file configures the DNS client. It contains the host's domain name search order and the addresses of the DNS servers. Each line should contain a keyword and one or more parameters separated by spaces. The following keywords are valid:
| Keyword | Meaning |
| nameserver | Its single parameter indicates the IP address of the DNS server. There may be several nameserver lines, each with a single IP address. nameservers will be queried in the order they appear in the file. nameservers after the first one will only be queried if the first nameserver doesn't respond. |
| domain | Its single parameter indicates the host's domain name. This is used by several programs, such as the email system, and is also used when doing a DNS query for a host with no domain name (with no periods, for example). If there's no domain name, the hostname will be used, removing everything before the first dot. |
| search | Its multiple parameters indicate the domain name search order. If a query is made for a host with no domain name, the host will be looked up consecutively in each of the domains indicated by the search keyword. Note that domain and search are mutually exclusive; if both appear, the last one that appears is used. |
| sortlist | Allows sorting the returned domain names in a specific order. Its parameters are specified in network/netmask pairs, allowing for arbitrary sorting orders. |
There is no generic default /etc/resolv.conf file provided with Red Hat. Its contents are built dynamically depending on options given at installation time. This is an example /etc/resolv.conf file:
search my.domain.com other.domain.com nameserver 10.1.1.1 nameserver 10.10.10.1 sortlist 10.1.1.0/255.255.255.0 10.0.0.0/255.0.0.0
This file indicates that unqualified hosts will be searched first as host.my.domain.com and then as host.other.domain.com. The nameserver at IP address 10.1.1.1 will be contacted first. If that server doesn't answer after a timeout, the server at 10.10.10.1 will be contacted. If several hosts are returned, the hosts in the class C network 10.1.1.0 will be returned first, followed by any other hosts in the class A network 10.0.0.0, followed by any other hosts.
Again, if you are not comfortable editing the actual configuration file, you may use linuxconf to edit the file for you. Just bring up linuxconf and select Networking, Client Tasks and click on Name Server Specification (DNS), as shown is Figure 20.6. The default domain is the domain your computer is connected to. The IP of name server 1 is the IP address of the first domain name server in the domain name server search order. You may add up to three of these. Although only one is needed, the more the better. The Search Domain 1 through 6 fields will aid your computer in locating hosts on remote networks. If you are not sure what information to put here, contact your system administrator or the help desk for your Internet service provider.
)
Figure 20.6 Note that only the first two fields are required. The rest are optional.
Host Address, Netmask, and Default Router
Like many other UNIX flavors and Linux distributions, Red Hat configures the network automatically during startup. A few pertinent questions are asked during the installation process to set up initial networking devices. But, for the most part, it is very easy to add devices later on, and the system edits all the needed files for you on-the-fly. While logged in as root the user can use linuxconf to make changes without actually editing the files themselves. This may be the preferable way of making changes to these files for the novice or new user. Figure 20.5, earlier in the chapter, illustrates the first screen the user is shown under the Basic Host Information heading. Once again, the Host Name tab is where you can set your hostname. The tab marked Adaptor 1 is used to configure your ethernet card. The subsequent tabs are for configuring additional ethernet cards. The Adaptor 1 tab is shown in Figure 20.7. You will see there is a button for enabling or disabling the ethernet card. There are buttons for manual, Dhcp, and Bootp configuration modes. Before you go too far, keep in mind that if you are using your computer on a network that uses Dhcp you may click that button and your IP address and network mask will be set for you automatically. There is a field for your Primary Name + Domain, which is the name of your computer and the domain name of the network you are on.
There is also a field for your Aliases. This field is optional. An alias is a nickname you pick for yourself. Put your assigned IP address in the IP Address field. If you selected Dhcp, then once again this is automatically assigned and you need not bother with it. This field contains the IP address assigned to your computer.
The Netmask field is optional and is assigned automatically if you are using the Dhcp mode as well. The Net Device field uniquely identifies your ethernet card to the operating system. Engineers always start counting with the number zero, so if you only have one network card, it will be called eth0 (eth being the abbreviation for your ethernet card and 0 being the first designated device).
)
Figure 20.7 If the Dhcp option is selected, the IP Address and Subnet Mask Information fields can be left blank.
The /etc/init.d/network file contains variables specifying the IP address, netmask, network, broadcast address, and default router. This is an example of the relevant section of the file:
IPADDR=10.1.1.10 NETMASK=255.255.255.0 NETWORK=10.0.1.0 BROADCAST=10.1.1.255 GATEWAY=10.1.1.1
The variable names are self-documenting. The GATEWAY variable specifies the default router.
Configuration Programs
The files detailed in the preceding section serve to configure many general network parameters. Most of these networking options can be modified dynamically just by editing the proper file. linuxconf can be used to do this editing for you. However, linuxconf does not always make the changes dynamically so that changes will take effect immediately. Configuring the host's IP address and routing table dynamically may require special commands.
Configure the Host's Network Interfaces: ifconfig
The /sbin/ifconfig program is used to configure a host's network interfaces. This includes basic configuration such as IP address, netmask and broadcast address, as well as advanced options such as setting the remote address for a point-to-point link (such as a PPP link).
Under Linux, all network interfaces have names composed of the driver name followed by a number. These are some of the network driver names supported by Linux:
| Driver Name | Device Type |
| eth | Ethernet |
| tr | Token Ring |
| ppp | Point-to-Point Protocol |
| slip | Serial Line IP |
| plip | Parallel Line IP |
Interfaces are numbered starting from 0 in the order the kernel finds them, and the devices are created in memory. By default, the Linux kernel will only find one network interface. If you have several network cards, you need to add a line like the following to the /etc/lilo.conf file and then re-run the /sbin/lilo command:
append="ether=IRQ,I/O,eth1 ether=IRQ,/OII,eth2"
This tells the kernel to add two more Ethernet devices--eth1 and eth2--whose cards are at the IRQ and I/O address specified. If you want the kernel to autoprobe the cards' I/O addresses and IRQs, you can use 0 for IRQ and I/O.
Basic Interface Configuration
This is the basic form of the ifconfig command:
ifconfig interface IP-address [netmask netmask] \broadcast broadcast-address
This form of the ifconfig command can only be used by root. The netmask and broadcast parameters are optional. If they are omitted, ifconfig gets their values from the default class for the IP address (see Netmasks and Network Classes in this chapter for more details). They should be included if subnetting is being used.
This command will load the proper network driver and configure the interface.
Enabling and Disabling an Interface
An interface can also be temporarily brought down (deactivated) and brought back up without having to be reconfigured. This is useful for temporarily disabling a server's network connection (such as when reconfiguring a critical service). This is done with the following commands:
ifconfig interface down ifconfig interface up
These forms of the ifconfig command can be used only by root.
Checking Interface Status
If you want to know the status of a network interface, just issue the command ifconfig interface. If you want to know the status of all active interfaces, use ifconfig -a. These versions of the ifconfig command can be used by any user. They show all of the configuration information for an interface, including its IP address, subnet mask, broadcast address, and physical (hardware) address. (The hardware address is set by the network card's manufacturer.) They also display the interface status, such as whether it is up or down and whether it's a loopback interface. They show other information as well: the Maximum Transfer Unit (the size of the largest packet that can be sent through that interface), the network card's I/O address and IRQ number, the number of packets received and sent, and collisions.
You can also check the status of an interface with the ifconfig -a command. This prints out all of the interfaces that are currently active with their parameters. Here's an example of the output of ifconfig -a:
$ /sbin/ifconfig -a
lo Link encap:Local Loopback
inet addr:127.0.0.1 Bcast:127.255.255.255 Mask:255.0.0.0
UP BROADCAST LOOPBACK RUNNING MTU:3584 Metric:1
RX packets:1600 errors:0 dropped:0 overruns:0 frame:0
TX packets:1600 errors:0 dropped:0 overruns:0 carrier:0
Collisions:0
eth0 Link encap:Ethernet HWaddr 00:20:87:3E:F0:61
inet addr:10.0.1.10 Bcast:10.0.1.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:90506 errors:0 dropped:0 overruns:0 frame:0
TX packets:92691 errors:0 dropped:0 overruns:0 carrier:1
Collisions:667
Interrupt:3 Base address:0x310
Network Aliasing--One Interface, Several Addresses
It is sometimes useful for a single network interface to have multiple IP addresses. For example, a server may be running several services, but you may want clients to access different IP addresses for each service to make reconfiguration easier in the future (if you need to split some services off to another server, for example).
Linux, like most other UNIX flavors, provides a feature called network aliasing, which does just what its name implies. To be able to use network aliasing, you must have reconfigured and recompiled your kernel, and enabled the Network Aliasing and IP: Aliasing Support options in the Networking Options configuration section. The options can be either compiled into the kernel or compiled as modules.
Once you are running a kernel with aliasing enabled, creating an alias is as easy as issuing a standard ifconfig command. All you need to do is append a colon and an alias number to the interface name. Here is an example:
ifconfig eth0:0 10.1.1.1 netmask 255.255.255.0 broadcast 10.1.1.255
This creates an alias eth0:0 for Ethernet interface eth0, with the provided parameters.
To automate the creation of an alias each time the host boots, you can add the command to create it to /etc/init.d/network.
Other ifconfig Options
There are other options to ifconfig for some special circumstances:
ifconfig interface local-address pointtopoint remote-address will enable a Point-to-Point interface--one that connects only to a single other host, not to a network. The interface must also be enabled in the remote host, switching the local-address and remote-address parameters.
ifconfig interface local-address tunnel remote-address will create an IPv4 tunnel between two IPv6 networks. IPv4 is the current TCP/IP standard on the Internet. IPv6 is the next-generation IP standard. If there are two IPv6 networks that need to be connected via the Internet, a tunnel that uses the IPv4 protocol must be made.
Manipulating the Routing Table: route
The /sbin/route command manipulates the kernel's routing table. This table is used by the kernel to see what needs to be done to each packet that leaves the host--whether to send it directly to the destination host or to a gateway, and on which network interface to send it.
The general form of the route command follows:
route options command parameters
Viewing the Routing Table
The simplest form of the command (with no options and no command) simply outputs the routing table. This form of the command can be used by any user:
$ /sbin/route Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface localnet * 255.255.255.0 U 0 0 16 eth0 127.0.0.0 * 255.0.0.0 U 0 0 2 lo default router.company. 0.0.0.0 UG 0 0 71 eth0
The output has eight columns:
- The first column (Destination) indicates the route destination. The name is substituted if a corresponding entry exists in either /etc/hosts or /etc/networks. The special name default indicates the default gateway.
- The second column (Gateway) indicates the gateway through which packets to this destination are sent. An asterisk (*) means that packets will be sent directly to the destination host.
- The third column (Genmask) indicates the netmask that applies to this route. The netmask is applied to the value in the Destination column.
-
The fourth column (Flags) can have several values. The most common flags are
U Route is up. This route is enabled.
H Target is a host. This is a static route to a specific host (see Host-Based Static Routes later in this chapter).
G Use a gateway. That packet will not be sent directly to the destination host. The gateway will be used instead.
- The fifth column (Metric) indicates the distance to the target. This is used by some routing daemons to dynamically calculate the best route to get to a target host.
- The sixth column (Ref) isn't used in the Linux kernel. In other UNIX systems it indicates the number of references to this route.
- The seventh column (Use) is the number of times the kernel has performed a lookup for the route.
- The eighth column (Iface) shows the name of the interface through which packets directed to this route will be sent.
There will always be at least one active route--the localhost route, which is set up in the /etc/init.d/network script. There should also be at least one route per network interface, pointing to the network the interface is connected to.
The -n option modifies the display slightly. It doesn't do host or network name lookups, displaying instead numerical addresses:
$ /sbin/route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 10.0.1.0 0.0.0.0 255.255.255.0 U 0 0 16 eth0 127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 2 lo 0.0.0.0 10.0.1.254 0.0.0.0 UG 0 0 71 eth0
In this case, the default destination and the * gateway are replaced by the address 0.0.0.0. This output format is often more useful than the standard output format because there is no ambiguity as to where things are going.
Manipulating the Routing Table
The route command also adds and removes routes from the routing table. This is done via the following commands:
route add|del -net|-host target gw gateway \netmask netmask dev interface
The add or del commands indicate, respectively, whether you want to add or delete a route.
The optional -net or -host options indicate whether you want to operate on a net or a host route. (See the following Host-Based Static Routes section for more information on net or host routes.) Providing it to eliminate any ambiguity is usually best. (For example, the address 10.0.1.0 can be either the network address of a class C network, or the address of a host in a class A or B network.)
The target parameter is the host address or network number of the destination. You would use the keyword default as the target for setting or deleting the default route.
The optional gateway parameter indicates which gateway to use for this route. If omitted, the route command assumes that the host or network is connected directly to this host. It's important to add a route to the local network after configuring an interface with ifconfig:
# /sbin/ifconfig eth0 10.1.1.1 netmask 255.255.255.0 broadcast 10.0.1.255 # /sbin/route add -net 10.1.1.0
As its name implies, the optional netmask parameter sets the netmask for the route, which will be applied to the target address. If omitted, the netmask will be taken either from the default netmask for the IP address or (in the case of routes to local networks) from the interface's netmask. (See Netmasks and Network Classes earlier in this chapter for more information on the default netmask.)
The optional dev parameter sets the interface on which the packets to this destination will be sent. If omitted, the route command checks the current routing table to find which interface has a route to the gateway. If no gateway is provided, it determines which interface can be used to get directly to the target.
Host-Based Static Routes
Although the route command is most often used to manipulate network routes (those that point to a remote network), sometimes it is necessary to add routes to specific hosts. This can be necessary, for example, if a host is connected through a point-to-point link (for example, through a modem or serial cable). See Figure 20.8 for an example.
)
Figure 20.8 Host-based static routes are needed when a host is connected via a point-to-point link.
In this example, host 10.1.1.1 won't know how to get to host 10.2.1.1 without the following route command:
# /sbin/route add -host 10.2.1.1 gw 10.1.1.2
Checking Network Status: netstat
The /bin/netstat command displays the status of all TCP/IP network services. It has several options, depending on the information you want to display.
netstat by itself lists all connected sockets. The -a (all) option lists all open or listening sockets, not just those that have connections. The information listed for each socket includes
- The protocol (tcp or udp).
- Number of bytes currently in the send and receive queues (bytes that the local process hasn't read or that the remote process hasn't acknowledged).
- Addresses of the local and remote hosts. The remote host address is displayed as *:* for sockets that are in LISTEN state.
- Socket state. This can be ESTABLISHED, SYN_SENT, SYN_RECV, FIN_WAIT1, FIN_WAIT2, TIME_WAIT, CLOSED, CLOSE_WAIT, LAST_ACK, LISTEN, CLOSING, or UNKNOWN. In general, the SYN_ states indicate that a connection is in the process of being opened, the _WAIT states indicate the socket is in the process of being closed, ESTABLISHED means the socket is connected, LISTEN means a daemon is waiting for clients to connect, and CLOSED means the socket is unused.
The netstat-e (extended) option lists, in addition to this information, the user currently using the socket.
netstat -r (routes) lists the routing table. It lists the same information as the route command with no parameters.
netstat -i (interfaces) lists the network interfaces and statistics on each interface. It displays the same statistics as the ifconfig argument, but is in table form for easy parsing.
As with the route command, you can also add the -n option to view numeric IP addresses instead of hostnames.
Network Daemons | Next Section
Account Sign In
View your cart