TROUBLESHOOT DHCP

DHCP Stands for the Dynamic Host Configuration protocol and it is used to assign the IP addresses to the network computers dynamically. It saves the lot of time and the administrative efforts of the network administrators by providing the TCP/IP configurations such as IP address, subnet mask, default gateway address, DNS, router, proxy server and the settings to the client computers.

With the DHCP, the process of connecting the new client computer with the server is very easy. Just imagine that if you are assigned a task of provide the IP addresses and other TCP/IP configurations to1000 client computers manually then how lengthy and tiring task it can be. DHCP sever assigns the IP addresses from its predefined fixed pool of the IP addresses.

In the DHCP pool, you can define the range, leased duration and map the IP addresses with the specific computers. The IP addresses allocation can be manual, automatic and dynamic. Sometimes in the computer networks, DHCP failure occur due to several reasons and in this situation the client computer will not be able to connect to the server and get the server resources. The problems may arise at the client end or the DHCP server end.

DHCP Client Troubleshooting

Many Client Computers are unable to get the IP Addressees from the DHCP Server

It can be due to the reason that the IP address of the DHCP server has been changed and the client computers are not able to connect to the DHCP server. Additionally the client computers are located behind the firewall or are connected to the DHCP server through the router. It is also possible that the multiple DHCP servers exist in the same LAN.

The solutions of these problems are to make sure that the DHCP server’s IP address fall in the same range of the IP addresses as the scope it is serving. For a DHCP server to provide the IP address to the remote subnets, the router should act as DHCP relay. Make sure that you are not configuring the multiple DHCP servers on the same LAN with the same scope of the IP addresses as it can cause the conflicts in the IP addresses.

The DHCP client does not have IP addresses configured

It can happen due to the reason that the client computer is unable to connect to the DHCP server and obtain the IP address from it or the DHCP server is unavailable. To resolve this issue, you need to make sure that the client computer has connectivity with the DHCP server and the network cable and network connections are accurate. Then try to ping the DHCP server and make sure that you are getting reply from the server.

DHCP client has automatically assigned IP address to itself

In the Windows 98, XP Professional and the Windows ME sometimes the client computers are unable to connect to the DHCP server so they assign the IP addresses automatically through the IP auto configuration.

DHCP Server Troubleshooting

Sometimes if the multiple client computers are experiencing problems in leasing the IP address from the DHCP server then the problem is most likely with the DHCP server itself. The common problems that can arise in the DHCP server are the following.

DHCP server has been stopped

You need to check the log files and the system event files for details about this problem. These log files will provide the detailed information, causes and the solution of this problem.

One of Two DHCP Server is not serving the client

If this happens and if the server is a domain member then you need to authorize the DHCP server in the Active directory.

DHCP Server’s data is corrupted.

The DHCP server’s data has been corrupted or missing and possibly it generates the JET database errors. You need to use the DHCP data recovery options to recover the lost data and correct any of the generate errors. You can also use the reconcile feature in the DHCP console to verify and reconcile any inconsistencies in the database.

If you specific issue is not mentioned above then you need to visit the Microsoft’s website and review the DHCP troubleshooting articles for more details.

Dell Wireless and Ubuntu Hardy Heron

I have a Dell Inspiron 1520 with the Dell Wireless 1390 WLAN Mini-Card, one that has given many Linux users big headaches.

After trying many different approaches suggested all over the web, and gathering clues in many Ubuntu forum posts, I finally worked out this solution:

First of all you must check if you have the correct card:

lspci -nn | grep 14e4

Result: 05:00.0 Network controller [0280]: Broadcom Corporation BCM94311MCG wlan mini-PCI [14e4:4311 (rev 01)]

Then proceed to the first step:

1. blacklist bcm43xx

echo blacklist bcm43xx | sudo tee -a /etc/modprobe.d/blacklist

2. install ndiswrapper and related files

sudo apt-get install ndiswrapper-common ndiswrapper-utils-1.9 ndisgtk

3. download http://ftp.us.dell.com/network/R174291.exe

this is a ridiculous bit of bloat, but the most complete INF for 43xx devices

4. Unzip the drivers.

5. go into folder DRIVER_US inside the result of what you did above

6. use ndiswrapper to install bcmwl5.inf

System -> Administration -> Windows Wireless Drivers -> Install New Driver -> Select bcmwl5.inf from ~/R151517/DRIVER_US

7. Modify rc.local

gksudo gedit /etc/rc.local

Insert these lines ABOVE “exit 0″ line:

modprobe -r b44
modprobe -r ssb
modprobe -r ndiswrapper
modprobe ndiswrapper
modprobe ssb
modprobe b44

8. Restart or simply paste one by one the following lines:

$ sudo rmmod b44
$ sudo rmmod ssb
$ sudo rmmod ndiswrapper
$ sudo modprobe ndiswrapper
$ sudo modprobe ssb
$ sudo modprobe b44

You should see the WiFi led on and you are good to go.

Easy switching network settings (home & office)

You can easily switch your network settings using the netsh command, instead of installing a lot of unnecessary software. Here are two examples, one for dhcp settings, and one for a static address. You can put it into a .bat file:

netsh interface ip set address "Net" source=dhcp

netsh interface ip set address "Net" static 192.168.0.xx 255.255.255.0 192.168.0.1 1

192.168.0.xx is your ip address, followed by the netmask and gateway. The last 1 is the metric. Optionally you can adjust your DNS values as well using set DNS instead of set address. This command helped me switching easily between my home network settings using dhcp and my office where there is a static address.

SSH login without password

If you want to make a bakup script like the one I showed you yesterday, you may need to set your machines to login remotely without asking for a password everytime. This is done by sharing between them the public rsa keys generated by the openssh server.

Login as the user you will use for the transfer script and run:

ssh-keygen -t rsa

Answer the questions but do not enter a password because otherwise you will still need to to pass it when the script runs. You should then have two new files in ~/.ssh, id_rsa and id_rsa.pub. Open id_rsa.pub with your favorite editor and copy everything (there is only one line actually) into the ~/.ssh/authorized_keys on the second machine (the one in which you need to copy).

Now try to login and if everything was set properly it won’t ask you for a a password anymore.

Simple script to backup virtual machines in linux

Currently I am using a small VMWare Server hosting 4 virtual machines, and i found my self in the position of backing them up. But the virtual machines need to be stopped before you can copy them somewhere else. Using the getstate() output of the vmware-cmd you can find the state of each virtual machine. using the following script you can set a cron job to backup your vitual machine:

#!/bin/sh
PATH="/srv/vmware-server/Contabilitate/Windows XP Professional.vmx"
CMD=$(vmware-cmd "$PATH" getstate)

case $CMD in
"getstate() = on")
vmware-cmd "$PATH" suspend
rsync -avz --stats --progress -e ssh /srv/vmware-server/Contabilitate root@192.168.0.3:/mnt/bak/04
rsync -avz --stats --progress -e ssh /srv/vmware-server/Contabilitate root@192.168.0.9:/var/bak/04
vmware-cmd "$PATH" start
;;
*)
esac

Export CSV from MySql Database via SSH

There is a time when you need to export a specific table from a mysql database. Through SSH this is made very easy using the following command:

echo “select * from table_name;” | mysql -u root -pyourpassword database_name | sed -e ’s/^Mn/r/g’ > /home/exported.csv

Of course you can make a small script that adds the date or other usefull information to the filename:

#!/bin/bash
#This scripts adds date to the exported CSV
NOW=$(date +”%m_%d_%Y_%H_%M_%S”)
echo “select * from table_name;” | mysql -u root -pyourpassword database_name | sed -e ’s/^Mn/r/g’ > /home/exported_$NOW.csv

Save this script as export_csv.sh and make it executable, and that’s it.

VPN for Linux Installation

VPN for Linux
Installation

These steps have been tested on recent versions of RedHat, Fedora, Ubuntu, and Slackware.

1. Obtain the IPSec Group Name and IPSec Password for either on campus use or off campus use by clicking the following link: VPN Account Information.
2. If prompted, enter your SacLink User ID and Password. If you have not created your account or have forgotten your account ID or password, see SacLink Information for details.
3. Obtain the VPN client from the Software Distribution Web Site by clicking the following link: http://software.csus.edu/
4. Click on the Obtain Software link in the left navigation bar.
5. Read and agree to the terms of distribution by clicking the I Agree link at the bottom of the page.
6. Log in using your SacLink username and password.
7. Locate the Cisco VPN Client for your operating system and click the Download link.
8. Click the Download Now button.
9. Save the file to your home directory. The file could take a few minutes to download depending on your connection speed.
10. Once the file is downloaded, close your browser.
11. Open a terminal session. How this is done depends on your distribution of Linux and whether or not you are running X windows.
12. Change directory to where you downloaded the file. If you downloaded the file to your home directory, simply type cd
13. Unpack the file that you have downloaded by typing
tar xvzf vpnclient-linux-4.0.1.A-k9.tar.gz
14. Change directory to the newly unpacked directory
cd vpnclient
15. You need to be the root user (superuser) to run the install script.
Type su and press enter.
16. Enter the root password.
17. To install the client type: ./vpn_install
18. Accept all the default selections by pressing the Enter key.
19. Restart your computer, or type (as root)
/etc/rc.d/init.d/vpnclient_init start
to start the vpn client without restarting.

Configuration

The following instructions assume you are using the vi (vee-eye) text editor. But you can use any text editor, such as emacs or pico (the instructions will vary slightly depending on your choice of editor).

1. Open a terminal session and become root (superuser).
2. Type su and press enter. Enter the root password.
3. Create a User Profile for the VPN Client. The default location of the sample profile is /etc/CiscoSystemsVPNClient/Profiles/.
4. Type cd /etc/CiscoSystemsVPNClient/Profiles/
5. Type ls
6. You must copy the sample.pcf file and rename it. To do so, type
cp sample.pcf oncampus.pcf
(offcampus.pcf for off campus connections).
7. Typevi oncampus.pcf
8. Using the arrow keys on the keyboard, place the cursor after the = sign at the Description prompt.
9. Press the esc key and then the x key, to delete the previous information.
10. Press the esc key and then the i key, to enter the new information.
11. Type Sac State On Campus VPN Connection or Sac State Off Campus VPN Connection at the prompt for the Description.
12. Using the arrow keys on the keyboard, place the cursor after the = sign at the Host prompt.
13. Press the esc key and then the x key, to delete the previous information.
14. Press the esc key and then the i key, to enter the new information.
15. Type vpn.csus.edu at the prompt for Host.
16. Using the arrow keys on the keyboard, place the cursor after the = sign at the GroupName prompt.
17. Press the esc key and then the x key, to delete the previous information.
18. Press the esc key and then the i key, to enter the new information.
19. Type the IPSec Group name you obtained from the VPN Account Information document.
20. Using the arrow keys on the keyboard, place the cursor after the = sign at the Username prompt.
21. Press the esc key and then the x key, to delete the previous information.
22. Press the esc key and then the i key, to enter the new information.
23. Type your SacLink login name at the Username prompt. The file should look like the On Campus or Off Campus sample.
24. Save the new profile by pressing the esc key followed by a colon and letters wq and then press enter (esc :wq enter).

Running the Client

1. Connect to the Internet.
2. Open a terminal session.
3. Type the following:
vpnclient connect profile
(where profile for on campus connections is: oncampus; and for off campus connections is: offcampus ).
4. It will prompt you to enter the group password.
5. It will display your SacLink user name.
6. At the password prompt, type your SacLink password.
7. The VPN services should now be enabled.
8. Connect to the Internet.

CCNA VLan Basic knowledge

Some basic knowledge of LANs, different topologies, and working of Local Area Networks is required to proceed further.

What is a VLAN?

To refresh your memory, a Local Area Network (LAN) is a set of connected devices like computers, hubs, and switches sharing the same pool of logical address space. Normally, a router is required to route packets from one LAN to another LAN. Traditionally, all packets within a LAN are broadcast to all other devices connected to that particular LAN.

As a result, a traditional LAN has several disadvantages as below:

* Usable bandwidth is shared among all the devices connected to the LAN
* ALL devices connected within a LAN can hear ALL the packets irrespective of whether the packet is meant for that device or not. It is possible for some unscrupulous node listening to data packets not meant for that.
* Suppose, your organization has different departments. Using a traditional LAN, when any changes take place within the organization, physical cables and devices need to be moved to reorganize the LAN infrastructure.
* A LAN cannot extend beyond its physical boundary across a WAN as in VLANs.

If you are looking for a simple networked solution for a small office, it may be a good idea to have a traditional LAN setup with a few hubs or switches. However, if you are planning for a large building or campus wide LAN for several individual departments, a VLAN is almost essential.

Virtual LANs (VLANs) can be considered as an intelligent LAN consisting of different physical LAN segments enabling them to communicate with each other as if they were all on the same physical LAN segment.

Benefits of VLAN: Several of the disadvantages of traditional LANs can be eliminated with the implementation of VLANs.

1. Improved Performance: In a traditional LAN, all the hosts within the LAN receive broadcasts, and contend for available bandwidth. As a result, the bandwidth is shared among all the connected devices within the LAN segment. If you are running high-bandwidth consumption applications such as groupware or server forms, a threshold point may easily be reached. After a threshold, the users may find the LAN too slow or un-responsive. With the use of VLAN, you can divide the big LAN into several smaller VLANs. For example, if there are two file servers, each operating at 100Mbps, in a traditional LAN both the servers have to share the LAN bandwidth of 100Mbps. If you put both the servers in separate VLANs, then both have an available bandwidth of 100Mbps each. Here the available bandwidth has been doubled.

2. Functional separation of an institute or a company: It is often required to separate the functional groups within a company or institute. For example, it might be necessary to separate HR department LAN from that of Production LAN. Traditionally, it requires a router to separate two physical LANs. However, you can set up two VLANs, one for Finance, and the other for Production without a router. A switch can route frames from one VLAN to another VLAN. With VLAN's it is easier to place a workgroup together eventhough they are physically in different buildings. In this case Finance VLAN does not forward packets to Production VLAN, providing additional security.

3. Ease of Network Maintenance:

Network maintenance include addition, removal, and changing the network users. With traditional LANs, when ever a User moves, it may be necessary to re-configure the user work station, router, and the servers. Some times, it may also be necessary to lay the cable, or reconfigure hubs and switches. If you are using VLANs, many of these reconfiguration tasks become unnecessary. For example, you can avoid network address configuration on the work station and the corresponding router if you use VLAN. This is because, routing traffic within VLANs doesn't require a router.

However, VLAN's add some administrative complexity, since the administration needs to manage virtual workgroups using VLANs.

4. Reduced Cost

VLANs minimize the network administration by way of reduced maintenance on account of workstation addition/deletion/changes. This in turn reduce the costs associated with LAN maintenance.

5. Security

Using a LAN, all work stations within the LAN get the frames meant for all other work stations within the broadcast domain. Since a VLAN splits the broadcast domain into two or more, it is possible to put work stations sharing sensitive data in one VLAN, and other work station in another VLAN. Of course, if two VLANs are not sufficient, you can split the work stations into as many VLANs as required. VLAN's can also be used to set up firewalls, restrict access, and send any intrusion alerts to the administrator.

CCNA Video - Router as a DHCP Server

CCNA Video - Router as a DHCP Server

Network Simulation with packet tracer

Network Simulation with packet tracer

Net Sim Tutorial

Net Sim Tutorial

CCNA 3 Ch 1 Lab Intro using Packet Tracer 5.0

Packet Tracer 5.0

Packet Tracer 5.0 is the latest version of Cisco Networking Academy’s comprehensive networking technology teaching and learning software. Innovative features of Packet Tracer 5.0, including powerful simulation, visualization, authoring, assessment, and collaboration capabilities, will help students and teachers collaborate, solve problems, and learn concepts in an engaging and dynamic social environment.

Packet Tracer makes both teaching and learning easier - instructors and students can create their own virtual “network worlds” for exploration, experimentation, and explanation of networking concepts and technologies.

* Instructors can demonstrate technologies and configurations using Packet Tracer to teach complex CCNA-level networking concepts, making it extremely useful for lectures, group and individual labs, assessments, troubleshooting and modeling tasks, homework, games, and competitions.
* Students can design, configure and troubleshoot networks using Packet Tracer’s versatile simulation and visualization environment, which also provides the opportunity and flexibility for additional practice outside of the classroom environment.


Packet Tracer supplements classroom equipment and provides students complementary learning opportunities that are not physically possible to create in the classroom or lab. In addition, Packet Tracer supplements the CCNA curricula and Packet Tracer activities are integrated throughout both CCNA Discovery and CCNA Exploration to provide rich networking technology learning experiences.

Packet Tracer 5.0 offers a unique combination of realistic simulation and visualization experiences, complex assessment and activity authoring capabilities, and opportunities for multiuser collaboration and competition, and is available free of charge to all Networking Academy instructors, students, and alumni. Visit the Packet Tracer 5.0 resource page on Academy Connection today to download this free software and explore the new possibilities in networking education.

Packet Tracer Video Tutorial 5

Packet Tracer Video Tutorial 5

Packet Tracer Video Tutorial 4

Packet Tracer Video Tutorial 4

Packet Tracer Video Tutorial 3

Packet Tracer Video Tutorial 3

Common commands you should master when working with the Cisco IOS

The Cisco IOS provides thousands of commands, and configuring it can be challenging. Here are 10 commands you need to know, inside and out, when using the Cisco IOS.
#1: The “?”

It may seem entirely too obvious that you should know how to type ? to ask for help when using the Cisco IOS. However, the Cisco IOS is completely different from other operating systems when it comes to using the question mark (help key). As the IOS is a command-line operating system with thousands of possible commands and parameters, using the ? can save your day.

You can use the command in many ways. First, use it when you don’t know what command to type. For example, type ? at the command line for a list of all possible commands. You can also use ? when you don’t know what a command’s next parameter should be. For example, you might type show ip ? If the router requires no other parameters for the command, the router will offer CR as the only option. Finally, use ? to see all commands that start with a particular letter. For example, show c? will return a list of commands that start with the letter c.
#2: show running-configuration

The show running-config command shows the router, switch, or firewall’s current configuration. The running-configuration is the config that is in the router’s memory. You change this config when you make changes to the router. Keep in mind that config is not saved until you do a copy running-configuration startup-configuration. This command can be abbreviated sh run.
#3: copy running-configuration startup-configuration

This command will save the configuration that is currently being modified (in RAM), also known as the running-configuration, to the nonvolatile RAM (NVRAM). If the power is lost, the NVRAM will preserve this configuration. In other words, if you edit the router’s configuration, don’t use this command and reboot the router–those changes will be lost. This command can be abbreviated copy run start. The copy command can also be used to copy the running or startup configuration from the router to a TFTP server in case something happens to the router.
#4: show interface

The show interface command displays the status of the router’s interfaces. Among other things, this output provides the following:

* Interface status (up/down)
* Protocol status on the interface
* Utilization
* Errors
* MTU

This command is essential for troubleshooting a router or switch. It can also be used by specifying a certain interface, like shint fa0/0.
#5: show ip interface

Even more popular than show interface are show ip interface and show ip interface brief. The show ip interface command provides tons of useful information about the configuration and status of the IP protocol and its services, on all interfaces. The show ip interface brief command provides a quick status of the interfaces on the router, including their IP address, Layer 2 status, and Layer 3 status.
#6: config terminal, enable, interface, and router

Cisco routers have different modes where only certain things can be shown or certain things can be changed. Being able to move between these modes is critical to successfully configuring the router.

For example, when logging in, you start off at the user mode (where the prompt looks like >). From there, you type enable to move to privileged mode (where the prompt looks like #). In privileged mode, you can show anything but not make changes. Next, type config terminal (or config t) to go to global configuration mode (where the prompt looks like router(config)# ). From here, you can change global parameters. To change a parameter on an interface (like the IP address), go to interface configuration mode with the interface command (where the prompt looks like router(config-if)#). Also from the global configuration mode, you can go into router configuration using the router {protocol} command. To exit from a mode, type exit.
#7: no shutdown

The no shutdown command enables an interface (brings it up). This command must be used in interface configuration mode. It is useful for new interfaces and for troubleshooting. When you’re having trouble with an interface, you may want to try a shut and no shut. Of course, to bring the interface down, reverse the command and just say shutdown. This command can be abbreviated no shut.
#8: show ip route

The show ip route command is used to show the router’s routing table. This is the list of all networks that the router can reach, their metric (the router’s preference for them), and how to get there. This command can be abbreviated shipro and can have parameters after it, like shiproospf for all OSPF routers. To clear the routing table of all routes, you do clear ip route *. To clear it of just one route, do clear ip route 1.1.1.1 for clearing out that particular network.
#9: show version

The show version command gives you the router’s configuration register (essentially, the router’s firmware settings for booting up), the last time the router was booted, the version of the IOS, the name of the IOS file, the model of the router, and the router’s amount of RAM and Flash. This command can be abbreviated shver.
#10: debug

The debug command has many options and does not work by itself. It provides detailed debugging output on a certain application, protocol, or service. For example, debug ip route will tell you every time a router is added to or removed from the router.

Creating a Wireless Network -- Part 3 (Troubleshooting)

Step-by-Step: Creating a Wireless Network -- Part 3 (Troubleshooting)
By: Aaron Weiss

August 10, 2006

In Part 2 of “Creating a Wireless Network" we set up and configured your wireless network, beaming data across your home and/or office. But sometimes, things go awry. What if your network seems to slow? Or unreliable? In the conclusion to our series we look at some common factors that can undermine your wireless network and how you might be able to improve its performance.

Weak Signal?

Whether you’ve set up an 802.11b network, a 11g network, or an enhanced network with speeds of 108Mbps or more, experiencing maximum speed depends on signal strength between your wireless router and your wireless computer.

Wireless networks are designed to slow down as the signal degrades, which generally is a good thing – it means your network isn’t simply on or off, but capable of working under a variety of less-than-ideal conditions. But if yours is slowing down unnecessarily, you may have options to improve its speed.

Your signal strength will vary depending upon your wireless computer’s location relative to your wireless router.

In Windows XP (screen above) you can double-click the wireless networking icon in your taskbar to see your signal strength.

Mac OS X users can click the AirPort icon in the toolbar an choose Open Internet Connect from the drop down menu to see a detailed signal strength meter (see screen above).

In practice, you may not see 100 percent signal strength, yet still achieve near maximum network speed. Wireless performance is divided into segments. If your connection seems to hover under 60 percent or so in strength, consider why that may be.

Wireless Router Placement

Often, signal-strength problems are due to the location of your wireless router. Ideally, the more of a "bird's eye view" your wireless router has of your home or office, the stronger the signal will be throughout. Central, open locations on higher floors are ideal.

Of course, in practice, your wireless router needs access to power and, probably, your broadband modem. You may be able to relocate your broadband modem depending where your cable or phone lines enter your home or office, or extend the cabling between your broadband modem and router.

In particular, avoid placing your wireless router in basements or other locations surrounded by thick walls, which will weaken the wireless signal. The same rules apply to the other end of the connection, too — your wireless computer. Obviously, your distance from the router is one factor in signal strength, but within its rated operating range, distance is less important than dense physical obstacles.

Be sure that the antenna(s) on your wireless router are in an upright position. Usually this works best, but if you continue to experience signal strength weakness, try re-orienting the antennas by small amounts.

Unfortunately, all hardware is not created equal. Some models of wireless router simply perform better than others. And different models of wireless add-on cards and built-in wireless reception on portable computers can vary widely. It's not uncommon for one model of portable computer to receive a weaker signal strength than another model or brand right beside it due to lower quality components.

Interference

As our electronic universe becomes increasingly crowded, opportunities for one piece of gear to interfere with another increase. Today's wireless network hardware uses the 2.4GHz frequency range. Two of the most notorious culprits that also emit radiation at 2.4GHz are microwave ovens and many cordless telephones.

The mere presence of two operating devices at 2.4GHz does not automatically guarantee conflict. Wireless network gear slices up its frequency range into 11 smaller channels, and by default tries to find the clearest channel whenever a connection is made. Similarly, newer cordless phones are designed to be friendlier in co-existing with wireless networks. That said, proximity to microwave ovens (in use) and cordless telephones still account for the most common forms of interference with wireless networks.

Another common source of interference is other wireless networks. Again, the hardware tries to avoid conflict, but some handle this better than others, and densely populated areas may simply have crowded airwaves. If your home or office is located in an urban environment and your signal strength seems weaker than it should be, try moving your wireless gear to the center of your space. Staying away from walls or windows where neighboring networks might bleed through could help.

Dropped Connections?

Losing the connection between your wireless computer and your wireless router is the most common failure that can plague your wireless network experience. Sometimes you lose your connection and can't get it back for a random length of time. Other times, you lose your connection for a split second, but it's almost immediately re-established. Even this can cause problems during certain activities, like file transfers.

Dropped connections can be tricky to diagnose because they are really a symptom of another problem. Quite a few problems can express themselves as a lost connection. Let's consider some of the most common causes.

Interference

We talked about how interference can affect your wireless performance. If severe enough, interference could certainly result in dropped connections. I remember a case where an individual sat with his cordless phone right beside his portable computer. He'd be surfing the Web without difficulty and then the phone would ring. After their conversation, their wireless connection was lost. It would spontaneously return 30 seconds or so later. Indeed, the culprit was the cordless phone, an older model, which was blasting interference on the 2.4GHz frequency shared by the wireless network.

Switching to a 900MHz or 5.8GHz cordless phone will often the resolve the conflict. Newer 2.4GHz cordless phones that advertise themselves as "WiFi friendly" will also resolve the problem.

Firmware and Driver Updates

Both your wireless router and wireless card, whether an add-on or built-in to your computer, are driven by software "brains". The brains of your wireless router is known as firmware. The brains of your wireless card is known as a driver.

Manufacturers often update their firmwares and drivers to add features and fix bugs. When you remove your hardware from its box, the firmware and drivers included may already be slightly outdated. Many times, this isn't a problem, because the bugs that do exist are often obscure and affect only certain unusual situations. But you never know.

There is something to be said for the adage, "if it ain't broke, don't fix it." If your wireless network is performing up to your expectations, there's really no need to muck around with updating your firmware and drivers. But if you are having mysterious problems — particularly dropped connections —that's a different story.

Often, updating your firmware and drivers turns out to be just the fix to gaining a stable connection.

Most wireless routers let you update the firmware through the browser-based administration interface. The process involves just a few simple steps:

1. Visit the manufacturer's site for your wireless router.
2. Navigate to the Downloads area and find the firmware for your specific model of wireless router. 3. Download the firmware and save or unpack it onto your computer (follow the manufacturer's instructions). 4. Connect your computer to the router using a wired Ethernet cable, and disable your wireless connection. It's not safe to upgrade your router's firmware over a wireless connection.
5. Open the administration page for your wireless router. Our example is from a ZyXEL brand X-550 router — yours may look different.
6. Open the firmware upgrade administration page and follow the prompts to open the firmware file you downloaded. 7. Once you begin the firmware upgrade process, do nothing. Any interruption in the process, from a lost connection to a power outage, could damage your router. Before doing this at all, be sure to check the manual for your particular model. Procedures may vary.

More often than note, updating the wireless router firmware solves many mysterious network problems. But if it doesn't, the next suspects are the wireless drivers in your computer.

If possible, test other wireless computers in your network. Do they experience the same dropped connections as yours? If not, you may want to update the drivers of your wireless card. Procedures vary widely, so consult the Web site of your portable manufacturer, or the maker of your wireless card, for downloads and instructions to update your drivers.

Duplicate Network Names

Another scenario that may lead to dropped connections occurs when your wireless computer is confused about which wireless access point to connect with.

If your home or office is near others, they may have a wireless network with the same name as yours. This is especially common when people don't change their network names (known as SSID's) when setting up their router. In Part 2, Step 6 of this series we configured the network name.

Suppose you didn't change your wireless network name, so it defaults to the very common "LINKSYS". Your neighbor next door has the same brand of router and didn't change her network name either. If your wireless networks overlap, your computer can see both. Windows XP will not show both as separate available networks — instead, it will show only "LINKSYS."

When you connect to "LINKSYS" Windows will try to connect with the one with a stronger signal. It may be that both your signals are similar, but small fluctuations change which is stronger at any given moment. Windows will start hopping between them, trying to stay with the strongest, and dropping your connection with each transfer.

Assign your wireless network a unique name and avoid the duplicate SSID problem.

802.1X Authentication

In Part 2 of this series, we looked in detail at securing your wireless network, either with WEP or, better, WPA or, better yet, WPA2. Some organizations employ another form of security, known as 802.1X. Unless you are inside a network that uses 802.1X (most likely no), you don't need Windows to attempt 802.1X authentication. When it does so, it may interrupt your connection.

You can disable 802.1X authentication in Windows XP by going into your Control Panel, Network, and opening the Properties page for your wireless connection.

Look for the property tab labeled Authentication — its exact location may vary.

Uncheck 802.1x authentication.

Step-by-Step: Creating a Wireless Network – Part 2

Step-by-Step: Creating a Wireless Network – Part 2

By Aaron Weiss

August 7, 2006

In Part 1 of “Creating a Wireless Network” we considered which equipment you’d need to meet your goals for speed, range, and security. Gear in hand, let’s set up the hardware and walk through a few simple configuration steps to bring your wireless network to life.

For the purpose of this guide, let’s assume you have two pieces of wireless gear: a wireless broadband router and a portable computer with wireless capability. If your portable computer does not have built-in wireless, you may use either a wireless card or USB adapter as described in Part 1. In either case, follow the manufacturer’s instructions for installing the device drivers that came with the hardware.

Step 1: Get To Know Your Wireless Router

Figure 1.

On the rear of a typical wireless router you’ll see several connections (from right to left in Figure 1):

• A power input jack one.
• One or more wired Ethernet jacks (often labeled 1, 2, 3, 4) for computers on your network which don't have wireless ability.
• One Ethernet jack for your broadband connection, often labeled “WAN” or “Internet.”
• A reset button. On most routers you can depress this button for 30+ seconds to restore all configuration settings to their factory defaults.

Depending on the model, some wireless routers will also have a small switch on the back to physically enable or disable the wireless network. You should verify that this switch is set to "on" to use the wireless functionality.

Some costlier routers may also feature two Ethernet inputs for two incoming broadband connections, for users who have both cable and DSL, for example.

Step 2: Determine Your Broadband Type

If you are not connecting your wireless router to a broadband connection, and only intend to use wireless networking for your local network rather than connecting to the Internet, skip this section.

Most people will connect their wireless router to an incoming broadband service. You need to know how your broadband service lets you onto its network, information we'll use in Step 5 to configure your router. There are three common broadband connection methods:

• DHCP aka Dynamic IP : The most common type of broadband connection, especially for cable modem users. Basic network parameters are automatically assigned to your router by the broadband modem.
• PPPoE: An increasingly common connection type, especially for DSL users in some parts of the country. PPPoE requires you to supply a username and password to initiate your broadband connection, information which should have been provided to you when your broadband service was installed or purchased.
• Static IP: Less common for home residential users, somewhat more common for business broadband. Your broadband provider would have supplied you with a set of numeric addresses you need to connect to the network, as they are not assigned automatically.

If you don't know which of the above your broadband service uses, when we setup your router you can try DHCP, since it is fully automatic. Should that fail to connect, you may contact your broadband provider for details.

Step 3: Connect Your Router To a Wired PC For Initial Setup

Figure 2.

Before you place the router in its ideal location, we will first set things up with a temporary wired connection to a computer. Either a desktop PC or portable computer with an Ethernet jack will do, although hooking up to a portable may require less climbing behind or under furniture.

3A. Your router probably included an Ethernet cable in the box. Use this or another Ethernet cable you have to connect the network jack on your computer to one of the local ports on the router – those labeled 1, 2, and so on. It doesn’t matter which, as long as you do not connect the cable to your router’s “WAN”/”Internet” port.

Also connect the Ethernet cable from your broadband modem to the "WAN"/"Internet" port on your router.

Now your router is connected via cable to both your broadband modem and your computer.

3B. It often helps to reboot your broadband modem at this point -- the easiest way is to unplug it from power and plug it back in. Most broadband modems will take a little while to reboot, anywhere from a few seconds to a couple of minutes.

Boot (or reboot) your computer as well.

Step 4: Open Web Browser and Connect to Wireless Router Administration Interface

You manage and configure your wireless router using a Web browser. To connect to your router you need to know its default IP address and connect your browser to http://routeripaddress. For example, if you own a Linksys brand wireless router, its default IP address is 192.168.1.1, and therefore you open your browser to the URL http://192.168.1.1.

Most wireless routers also require you to log in to access configuration pages. Quite likely, your router includes a manual or a "quick setup" guide which details both its default IP address and default login. Some common IP addresses and logins for popular brands include:

Brand	Default Address	Default Username	Default Password
Belkin	192.168.2.1
D-Link	192.168.0.1	admin
Linksys	192.168.1.1	or admin	admin or
Netgear	192.168.0.1	admin	password
SMC	192.168.2.1		smcadmin
Zyxel	192.168.1.1	admin or	1234

Figure 3.

Note that means to leave the field blank. These defaults describe many models in a vendor's lineup, but may not be accurate for certain exceptions or new models released after publication. Again, the documentation included with your router should clearly describe its default IP address and login.

Once connected, you'll see an administration interface similar to that in Figure 3, which was taken from a Zyxel brand wireless router. Your particular router's interface may look different and feature different menus, but many of the most important settings are similar between models and brands. Consult your documentation, of course.

Step 5: Configure Your Broadband Connection

You may recall way back in Step 2 you determined the type of broadband connection you have. Now it's time to setup the router accordingly. On this model, we clicked the "Basic" menu and "WAN" submenu. Again, your model may differ, and newer models may include a guided wizard that takes you through these steps. Users without a broadband connection can likewise skip this step.

Figure 4.

In our case, we have a broadband connection of the DHCP variety, also known as "Dynamic IP" as you see in Figure 4.

PPPoE users should click that button and a prompt will request your login name and password, as supplied by your service provider.

Static IP users will be prompted to supply several numerical addresses, also supplied by your service provider.

It's important to click "Save Settings" (sometimes called "Apply Settings") whenever you make a change.

Test that your router is successfully connected to your broadband. One quick way is to simply open a page to a Web site, such running a search at Google.

If you cannot access the Web, the most common cause is choosing the wrong broadband connection type for your service.

Step 6: Configure Your Wireless Network Basics

If your router is connected to broadband and it's working successfully, we can (finally!) setup the wireless networking configuration. On our sample router we clicked the "Wireless" submenu.

Figure 5.

It sounds simple, but note that the router reports that the wireless radio is on. Without that we would get nowhere. This particular router has a physical switch on the back to enable the wireless function. Other routers will include a checkbox in this administration interface for enabling or disabling all wireless function. Some wireless routers come out-of-the-box with their wireless disabled, others enabled. So it's important to double check.

Assign your wireless network a name, also known as an SSID. Choose a unique name in case there may be neighboring wireless routers nearby.

The visibility status setting is sometimes known on other routers as "hidden" mode. Some people mistakenly believe that hiding your network name is an effective form of security. It is not. You don't need to hide your network name.

Figure 6.

Also note the 802.11 mode setting, typically found on "g" variety wireless routers. Here you can tell the wireless router to connect only to devices which support the faster "g" mode, only the slower "b" mode, or either kind of device. Supporting both modes will make your wireless network more compatible with a variety of users. But if you know that you have only "g" wireless hardware in your network, selecting g-only mode can improve overall wireless performance.

Step 7: Configure Your Wireless Security

Figure 7.

In most circumstances you should employ encryption to protect your wireless network from all manner of attack and interception. Wireless networks located far removed from other people, like rural locations, probably don't run much risk without using wireless security. But we're often better safe than sorry.

Most wireless network users will select one of three common forms of secure encryption: WEP, WPA, or WPA2. As a general rule of thumb, you should only use the older, less secure WEP security when you know your network must support users with only WEP-capable computers. WPA is stronger than WEP and supports a wide variety of computers. WPA2, the newest form of wireless security, is even stronger still, but supports only the newest wireless computers.

7a. If you must use WEP security, try to choose a key length of 128 bits. If your router or wireless computer do not support 128 bit keys, you can try 64 or 40-bit keys, but note that these are even less secure.

Supply a passphrase for your WEP encryption. Later you'll need to use this same passphrase when configuring WEP on your wireless computer connection. Typically you can leave the remaining WEP options unchanged.

Figure 8.

7b. Choose WPA2 encryption if supported by your wireless computers. Our particular router offers a mixed WPA mode which will connect to WPA2 where available or else try WPA. Your router may or may not offer this feature, in which case you may need to select WPA mode if your network users may use hardware which does not support WPA2.

Your "Pre-Shared Key" is your WPA password. It must be longer than 8 characters up to 63. A longer, more difficult to guess key provides stronger security, but you must write it down somewhere safe because all connecting computers must use this password key.

Step 8: Going Wireless

Figure 9.

With the above configurations saved you're now ready to put the "wireless" in "wireless network." Choose the computer you will use to make the wireless connection. If you'll use the same computer you've been using to configure your router with the temporary Ethernet cable, remove that cable now.

If your portable computer is a newer model and includes built-in wireless support, be sure its wireless feature is switched on. On some portable models there is a switch on one side; on other models you enable wireless with a keyboard combination -- check your user manual.

If you've added wireless hardware to a portable computer or a desktop PC, be sure to follow the manufacturer's instructions for installing the appropriate drivers and software. This process varies widely from model to model.

Figure 10.

Both Mac OS X and Windows XP include built-in software for connecting your wireless computer to the wireless network. Windows users may also have installed software provided by the vendor of your wireless hardware which can be used instead of Windows' included software.

8a. Users of Mac OS X enjoy the easiest wireless connection process. Simply click the wireless icon at the top right of your screen and the drop down menu displays a list of available wireless networks. Choose one to join it. If you've secured your wireless network in Step 7, it will show a small lock beside its name, and the Mac will prompt you for the password key you created on the wireless router. (See Figure 9.)

8b. Windows users will see a wireless system icon in the lower right of the screen. You can right-click this icon to pop open a menu from which you select "View Available Wireless Networks." (See Figure 10.)

Figure 11.

Windows will open a summary showing the wireless network you created on your router -- and any other wireless networks your hardware sees in the vicinity!

In Figure 11, Windows sees the one wireless network transmitted from our router. As indicated, it is protected with WPA security.

Click the "Connect" button and Windows will prompt for the password key you created in Step 7.

If you are using your wireless hardware vendor's software rather than Windows', it may look different -- for example, Netgear supplies their own connection software with some models. In Figure 12, we use Netgear's wireless connection software to connect to a 128-bit WEP-protected network.

Whatever wireless connection software you use, the end result should be the same: you're connected!

Figure 12.

You should now be able to access the Internet, if your router is connected to broadband, and share resources among your computers the same as on a wired network.

Your wireless network will perform best with a strong signal. Ideally, find a location for your wireless router which is far from dense obstructions. Where possible, locating your wireless router in a higher location (such as a second story) is preferred to a low location like a basement.

In part three we'll take a closer look at fine tuning your wireless network performance and troubleshooting connection problems.

Creating a Wireless Network - Part 1

It’s no secret by now that wireless networking is quickly replacing tangled messes of cables in many homes and small businesses. No more fishing wires through walls, no more tripping over wires laid across doorways, and no more yelling at Fido or Fluffy when think Ethernet cables are chew toys.

What people love most about wireless networking, though, is the freedom it offers to share files between a computer in your office and one in your lap out on the patio, or to surf the Internet from bed. But with that explosion comes an avalanche of choices and technologies that can quickly become overwhelming. The good news is that putting together a wireless network can be simple. The key is to assess your needs, acquire the right equipment, and proceed through a few basic steps.
Step 1: Determine Your Needs and Set Your Goals

Wireless networking equipment is not all created equal, in part because different users have different needs. Think of a wireless network as having three primary personality traits: speed, range and security. Depending on your situation, you may want a network with all three or you may need a network strong in only one or two.

Consider these hypothetical scenarios:

A typical city dweller. You simply want to surf the Web and check e-mail using your portable computer around your apartment in the city. In this scenario, neither speed nor range need be best in class, but security is important because you are close to neighbors whose computers could pick up your signal.

A typical country dweller. You also just browse Web sites and log in to e-mail but your house is large, you have lots of land, and your neighbors are spread far and wide. You want Internet access from the backyard so range is important, but you may not need the most speed or the strongest security.

A business. You may need it all – speed for moving large documents around your network quickly, good range for providing access to users spread throughout several rooms or floors, and strong security to lock down your communications and prevent sensitive information from being compromised.

As you might expect, there is some correlation between price and performance when it comes to wireless networking equipment. Although prices continue to fall, considering your needs first will not only help you choose the right gear, but perhaps save you some money in the process.
Step 2: Choose Your Speed

Faster is better, right? It can be, and more speed certainly can’t hurt. But, like pumping premium octane fuel into a budget car, buying more wireless speed may mean paying extra for something you don’t really need.

There are two official wireless technologies you will typically find walking into any major name electronics depot: 802.11b and 802.11g. Often these are simply referred to as “b” and “g” respectively.

Packaging for an 802.11g 54Mbps wireless router

Wireless “b” gear is rated to 11Mbps while “g” gear is rated to 54Mbps. You may see these figures promoted on the packaging.

Newer technology is being added to wireless equipment to support even higher speeds such as 108Mbps and, most recently, 300Mbps. But these premium-priced devices are not yet based on official standards, meaning they may be compatible only with specific models from the same vendor, and future compatibility is unknown.

Don’t Be Fooled By Marketing Claims:

- The top speed your wireless network will achieve is half the advertised speed rating. A “b” network tops out at 5.5Mbps, a “g” network at about 27Mbps, and so on. Your real world speeds may be even lower due to wireless interference.

- “Mbps” does not mean “megabytes per second” but rather “megabits per second.” In real world terms, 1Mbps equals approximately a 122 Kilobytes/sec data transfer rate.

- A faster wireless network will not necessarily improve your Internet experience. You will be able to share files between your own computers as fast as your wireless network will allow, but your Internet download speed is limited by your broadband service. Most broadband service available in the U.S. today ranges from 0.5-10Mbps, or faster in some exceptional cases.
Step 3: Know Your Range

A strong wireless signal will let you achieve the fastest speeds your wireless network supports. As the signal weakens due to interference or distance, your speed will slow down accordingly.

The typical advertised range for most wireless network gear is 300 feet. In practice you could achieve significantly less range depending where you use the equipment. Dense obstacles such as walls, steel and trees will reduce your range. Interference from certain cordless phones and microwave ovens can also affect wireless network performance.

Significant improvements in wireless range are now available with higher-priced MIMO technology, which is used in model names including XR, RangeMax, and RangeBooster. These devices use multiple antennas (some hidden inside) to achieve greater range but performance can be unreliable if you mix and match hardware from different vendors.
Step 4: Evaluate Your Security Needs

Wireless network security is a hot topic in the media and for good reason – too often people leave their networks vulnerable. Because wireless data is just that – wireless – there can be ample opportunity for outsiders to sneak onto your network. Their actions may be harmless if they simply ride your Internet connection to check their e-mail, or they could attempt to steal passwords and other sensitive data.

Later we’ll setup wireless security, but first you need to decide how strong your hardware needs to be. The best forms of security rely on encryption so that if someone does intercept your data, they can’t make heads or tails of it. But some encryption is better than others – there are four degrees of encryption security available in wireless hardware today:

1. WEP: The oldest and least secure data encryption. All wireless gear supports WEP, though, so it’s useful when you need at least some kind of encryption to be compatible with older wireless hardware.
2. WPA: A more secure upgrade to WEP. Designed so that many older devices which included only WEP can be upgraded to support WPA.
3. WPA2: A significantly more secure upgrade to either WEP or WPA. Cannot upgrade older hardware to WPA2, but many new wireless devices support WPA2.
4. VPN: Short for “Virtual Private Networking,” this technology is not specifically a form of wireless network security. But you can use VPN on your wireless technology if you want the highest form of security possible. Wireless routers with VPN technology tend to be among the more expensive options.

Typically you’d use WPA (or WEP as a last resort) when your wireless security needs to be compatible with users who may have older wireless hardware. WPA2 support is the best choice when buying all-new wireless hardware, and VPN is more often found in high-security business environments.
Step 5: Choose Your Hardware

It takes two to tango, not only on the dance floor, but with your wireless network. Any wireless network is comprised of at least two devices: a wireless access point, which transmits the signal, and a client (your portable or other computer), which receives the signal.
5a. Wireless Access Point

A wireless broadband routerThe wireless access point transmits the networking data your computers will receive. These days, most wireless access points are actually built-in to "wireless broadband routers," devices that let you share a high-speed Internet connection among several computers and provide security defense. Readily available at major electronics retailers, you can easily identify a broadband router with a wireless access point because it has at least one antenna, although some have two or more.

Some broadband providers, such as Verizon, may include a wireless router with your service — so you might already have one. If not, current prices for routers with wireless access points range from as low as $25 to as high as several hundred depending on features, particularly the big three: speed, range, and security.
5b. Wireless Client

The wireless client is hardware, which “sees” the wireless networking data being transmitted by your access point. Most new portable computers include wireless client hardware already built-in. If you have an older portable computer without wireless support, or a desktop PC, you can add wireless client hardware. You have three choices:
A wireless card (for portable computers). Wireless cards look like credit cards, but slightly larger, often with a bump on one end. These slide into one of the card slots often found on the side of your portable computer. Wireless client card for portable computer
A USB peripheral. USB wireless clients come in a few shapes and sizes. One is a small box with a cable that plugs into one of your USB ports. Another is a “stick” shape which simply protrudes from a USB port. You can use a USB wireless client with most portable or desktop PC’s. Portable computer owners often prefer wireless cards instead because they slip almost completely into the machine. For desktop PC’s, a USB wireless client is the easiest solution to install. USB Wireless client"Stick" style USB wireless client
A PCI card (for desktop PC’s). A PCI wireless client is a circuit board that is installed inside your desktop PC. It will probably have a small antenna that sticks up outside your PC case. Some PC owners prefer a PCI wireless client for its “cleaner” installed look, and a wider range of models with different price/feature points than USB devices. However, installing a PCI card requires some work inside the PC case or else paying extra and hauling your PC to the electronics store. PCI wireless client card

For maximum performance you should choose a wireless router and client which support the same technologies. For example, if you want a “g” network, both devices must support the “g” standard. If you want special non-standard features such as support for 108 or 300Mbps speed and MIMO extended range, consider buying all wireless hardware from the same manufacturer.

In our next installment we set up your new wireless equipment, configure as needed, and fire it up!

Linux Networking Setup Required Information To enable networking, you must configure your network interface card or cards with an IP address and netmask. The kernel must have support for your cards compiled in, either as modular support or direct support. If you don't have kernel support read the sections about the kernel and how to compile it. To set your cards up, do the following. In my example my network is 192.168.1.0, IP=192.168.1.100, broadcast=192.168.1.255, netmask=255.255.255.0, gateway-192.168.1.1, nameserver=192.168.1.10. Determine your machines IP address from your network administrator Your network mask. This determines which portion of the IP address specifies the subnetwork number and which portion specifies the host. Class C (most networks) 255.255.255.0 Class B 255.255.0.0 Your network address which is your IP address bit wise anded with the network mask. Ex: IP: 192.168.1.100 Mask: 255.255.255.0 Net Addr:: 192.168.1.0 Your broadcast address. Used to broadcast packets to every machine on your subnet. Ex: IP: 192.168.1.100 Mask: 255.255.255.0 Net Addr: 192.168.1.255 Your gateway address. The address of the machine that is your gateway to the outside world. In many cases: Ex: IP: 192.168.1.100 Gateway: 192.168.1.1 Your nameserver address. Translates host names into IP addresses. 192.168.1.10

Configuration tools

There are many network configuration tools today. They are:

netconf		A GUI interactive interface available on Redhat 6.1
linuxconf		A GUI interactive interface available on Redhat 6.1 which includes netconf configuration.
netconfig		A GUI step by step interface
ifconfig		A text based program to configure the network interface. Type "man ifconfig" for info.

These programs will modify values in the following files:

• /etc/sysconfig/network - Defines your network and some of its characteristics.
• /etc/HOSTNAME - Shows the host name of this host. IF your name is "myhost" then that is exactly the text this file will contain.
• /etc/resolv.conf - Specifies the domain to be searched for host names to connect to, the nameserver address, and the search order for the nameservers.
• /etc/host.conf - Specifies the order nameservice looks to resolve names.
• /etc/hosts - Shows addresses and names of local hosts.
• /etc/networks - Provides a database of network names with network addresses similar to the /etc/hosts file. This file is not required for operation.
• /etc/sysconfig/network-scripts/ifcfg-eth* - There is a file for each network interface. This file contains the IP address of the interface and many other setup variables.

Analysis Tools

• netstat - Displays information about the systems network connections, including port connections, routing tables, and more. The command "netstar -r" will display the routing table.
• traceroute - This command can be used to determine the network route from your computer to some other computer on your network or the internet. To use it you can type "route IPaddress" of the computer you want to see the route to.
• nslookup - Used to query DNS servers for information about hosts.
• arp - This program lets the user read or modify their arp cache.
• tcpdump - This program allows the user to see TCP traffic on their network.
• dig(1) - Send domain name query packets to name servers for debugging or testing.

Manual Configuration

You can use one of the above tools or configure the network the old fashioned way as follows:

1. First to use networking on any permanent basis you should setup the file /etc/sysconfig/network similar to the example shown below.
2. Assign an ip address with "ifconfig eth0 192.168.1.100 netmask 255.255.255.0 up".
3. Tell your machine that a hub is ready for information with the command "route add -net 192.168.0.0 netmask 255.255.255.0 eth0"
4. To contact hosts outside your network if a machine with IP address 192.168.1.1 is the gateway use the command "route add default gw 192.168.1.1 eth0"
5. If using a dialup connection use the command "route add default ppp0" The word default says if the packet is not for a machine on your local network, send it to the default device.
   

These settings are not permanent, but go away the next time you boot. They are normally set up in the directory /etc/sysconfig/network-scripts. Add the network interface to the file /etc/sysconfig/network-scripts/ifcfg-eth*. For example the file ifcfg-eth0 if for the first ethernet interface, ifcfg-eth1 for the second, ifcfg-lo is for the local interface. An example file from my system is:

DEVICE="eth0"
IPADDR="192.168.1.100"
NETMASK="255.255.0.0"
ONBOOT="yes"
BOOTPROTO="none"
IPXNETNUM_802_2=""
IPXPRIMARY_802_2="no"
IPXACTIVE_802_2="no"
IPXNETNUM_802_3=""
IPXPRIMARY_802_3="no"
IPXACTIVE_802_3="no"
IPXNETNUM_ETHERII=""
IPXPRIMARY_ETHERII="no"
IPXACTIVE_ETHERII="no"
IPXNETNUM_SNAP=""
IPXPRIMARY_SNAP="no"
IPXACTIVE_SNAP="no"

Unless you know what you're doing it is best to use a network configuration tool. I cannot guarantee the accurateness of how to set these files up on your system.

Configuring an interface for multiple IP addresses

If you want to configure your network card to act as more than one IP address, issue the following command:

ifconfig dummy 192.168.1.102 netmask 255.255.255.0

This uses the dummy system interface capability supported in the kernel to setup another virtual interface which operates at IP address 192.168.1.102. Substitute the IP address that you want your virtual interface to be with an appropriate netmask for your network. To disable this, issue the following command.

ifconfig dummy down

Another way to use multiple IP addresses on one ethernet card is to set up a new file in your /etc/sysconfig/network-scripts directory. Copy your ifcfg-eth0 role to ifcfg-eth0:0. Edit that file and rename the device to "eth0:0" and the IP address to the desired IP address. You may also want to modify BROADCAST, NETWORK, or NETMASK. You can continue adding IP addresses by using :1, :2, etc such as ifcfg-eth0:2.

To make it effective, you must reboot your system or issue the command "/etc/rc.d/init.d/network restart" as root.

Dynamically allocated IP addresses

To get the IP address of a dynamically allocated network interface in a script file enter the following:

dynip=`/sbin/ifconfig | grep -A 4 ppp0 | awk '/inet/ { print $2 } ' | sed -e s/addr://`

Substitute the correct interface that you get your dynamic IP address in for ppp0 in the example above. This script line gets your dynamic IP address for use in a masquerade script. You can use the variable $dynip as in any other configuration. The next time you make a new connection you will need to extract the dynip value again and re-run the masquerade script.

Networking file formats, examples and considerations

Below are listed some more in depth information about the networking files.

• /etc/sysconfig/network
  The /etc/inittab file contains the entry "si::sysinit:/etc/rc.d/rc.sysinit" which causes the system at startup to run the rc.sysinit script. The rc.sysinit file expects to find the file /etc/sysconfig/network if networking is to be enabled.
  The network file looks like this:

  NETWORKING=yes
  FORWARD_IPV4=false
  HOSTNAME=mymachine.mycompany.com
  DOMAINNAME=mycompany.com
  GATEWAY=192.168.1.1
  GATEWAYDEV=eth0

  Where GATEWAYDEV is the network interface card that is attached to the network the gateway machine is on. The GATEWAY is the actual IP address of the gateway machine.
  

• /etc/hosts - Defines local hosts.

  127.0.0.1 localhost localhost.localdomain
  192.168.1.100 mymachine.mycompany.com mymachine
  

• /etc/services - Internet network services list. It associates port numbers with names of services. The file contains three fields which are name, port/protocol, and aliases with an optional comment.
• /etc/protocols - Describes DARPA internet protocols available from the TCP/IP subsystem. Maps protocol ID numbers to protocol names. It includes protocol name, number, and aliases. The protocol file on my system:

  # /etc/protocols:
  # $Id: protocols,v 1.1 1995/02/24 01:09:41 imurdock Exp $
  #
  # Internet (IP) protocols
  #
  # from: @(#)protocols 5.1 (Berkeley) 4/17/89
  #
  # Updated for NetBSD based on RFC 1340, Assigned Numbers (July 1992).
  
  ip 0 IP  # internet protocol, pseudo protocol number
  icmp 1 ICMP  # internet control message protocol
  igmp 2 IGMP  # Internet Group Management
  ggp 3 GGP  # gateway-gateway protocol
  ipencap 4 IP-ENCAP # IP encapsulated in IP (officially ``IP'')
  st 5 ST  # ST datagram mode
  tcp 6 TCP  # transmission control protocol
  egp 8 EGP  # exterior gateway protocol
  pup 12 PUP  # PARC universal packet protocol
  udp 17 UDP  # user datagram protocol
  hmp 20 HMP  # host monitoring protocol
  xns-idp 22 XNS-IDP  # Xerox NS IDP
  rdp 27 RDP  # "reliable datagram" protocol
  iso-tp4 29 ISO-TP4  # ISO Transport Protocol class 4
  xtp 36 XTP  # Xpress Tranfer Protocol
  ddp 37 DDP  # Datagram Delivery Protocol
  idpr-cmtp 39 IDPR-CMTP # IDPR Control Message Transport
  rspf 73 RSPF  #Radio Shortest Path First.
  vmtp 81 VMTP  # Versatile Message Transport
  ospf 89 OSPFIGP  # Open Shortest Path First IGP
  ipip 94 IPIP  # Yet Another IP encapsulation
  encap 98 ENCAP  # Yet Another IP encapsulation
  

• /etc/named.conf - Used for domain name service to configure named. Other files used are dependent on this file. This file is explained further in the DNS section
• /etc/resolv.conf - Specifies the domain to be searched for host names to connect to, the nameserver address, and the search order for the nameservers.

  domain mycompany.com
  search mycompany.com mynet.net
  nameserver 192.168.1.100
  nameserver 192.168.199.1
  nameserver 192.168.1.10
  

  The third line specifies that DNS should be tried on my machine first then use the normal nameserver on the fifth line. The fourth line specifies that my machine is running nameservices on another network which is using interface 192.168.199.1. This assumes the nameserver is set up on my machine which is explained in another section.

• /etc/host.conf - Specifies the order nameservice looks to resolve names. An example file:

   order hosts, bind
   multi on
   nospoof on
  

  The order specifies that when resolving names to first look in the /etc/host file, then use BIND8 (DNS) to resolve the name. The line "multi on" specifies that all valid addresses for a host found in the hosts file should be returned.

The files in /etc/sysconfig/network-scripts control your network interfaces. The network interface file is described above in the section "Manual Configuration". If you want or need more in depth knowledge about how these files are used, you will need to read the document "How Linux Works CTDP Guide" or "The CTDP Linux Startup Manual". Otherwise you will need to analyze the system startup scripts which is no small task.

Older X windows configuration

In Xwindows a working configuration is set up as follows:

NAMES:

hostname: mymachine.mycompany.com

Domain: mycompany.com

Nameservers: 192.168.1.10

HOSTS:

IP - 192.168.1.100

Name - mymachine.mycompany.com

INTERFACES:

Interface - eth0

IP- 192.168.1.100

proto - none

atboot - yes

Netmask: 255.255.255.0

Network: 192.168.1.0

Broadcast: 192.168.1.255

ROUTING:

Default gateway: 192.168.1.1

Default gateway device: eth0

Interface - 192.168.1.100

Network Address - 192.168.1.0

Network gateway 192.168.1.1

Netmask - 255.255.255.0

Routing

Routing table information is used to route incoming and outgoing network diagrams to other machines. On most simple configurations, there are three routes. One for sending packets to your own machine, one for sending packets to other machines on your network and one for sending packets to other machines outside your network through the gateway. Two programs (ifconfig and route) are used to configure these parameters. They are described in more detail in the routing section.