TCP/IP by Douglas E. Comer

[Originally posted Mar 13, 2012 5:26 AM by Antti Uitto]

Just finished reading a book called “TCP/IP”.

(Original English title: Internetworking with TCP/IP Principles, Protocols and Architectures, Fourth Edition)

Catchy title pretty much tells what the book is about: it aims to give you the basics of how TCP/IP works and what is included.

This certainly is a book to read if you wan to learn about TCP/IP. I would say it is a bit dry read however. At times I found myself thinking that this info is more useful to someone coding software that uses TCP/IP rather than to someone administering networks. However, there was still plenty of useful info for a networker.

This book offers no tips and tricks, it’s all theory.

If you are impatient like me and prefer to learn from examples and configs, then some other material such as those published by Cisco Press may serve you better.

Topics covered

History of the Internet
Internet organizations
LAN and WAN technologies
IP addresses
Internet Protocol and routing
Dynamic routing protocols
Mobile IP
Telnet, Rlogin, FTP, TFTP, SMTP….
Security aspects, Firewalls and IPsec

… and a lot more …

One thing I re-learned from reading this book:
I should not buy tech books translated in my native language (Finnish). The attempts to create Finnish equivalent for some technical terms are at best irritating, but sometimes also confusing. English is the language of technology, computing and Internet and when I read geeky stuff, I will get my books in English from now on.

I am currently reading Carla Schroder’s “Linux Networking Cookbook”. Maybe a word or two about it a bit later.

And “IPv6 theory, protocol and practice” is waiting on the digital bookshelf!

Networking with Linux; what goes where?

[Originally posted Mar 13, 2012 4:38 AM by Antti Uitto]

A modern Linux distribution is an impressive tool for networking. You can rather easily set up a router, firewall or VPN gateway. If you are working with a traditional router, such as Cisco or Juniper or if you have the fabulous Vyatta router at hand, you will have one place where about everything goes: the configuration. You add commands from command line and as you commit and save them, they are stored in the configuration. After next reload, your gateway will come alive with that configuration in it.This is not quite so when working with a Linux gateway. Here too you can give most if not all your commands from CLI and they will be applied either immediately or after reloading the service in question. But mostly they do not survive a boot unless you do something. 

That something you need to do is to write these commands in config files and save them.

In Linux there is, I guess always more than one way of doing any given thing.

Here are the programs I use and the config files where I write their settings. 

What’s your setup like?
– Physical interfaces
– Logical Interfaces (Vlan and Bridge)
– IP addresses/etc/rc.local
– Invoke firewall ( iptables-restore < /path/to/firewall_rules )
– VPN (OpenVPN commands)
– Tunnel interfaces (ip tu add)
– Static routes (ip route add)
– Source routing commands (ip route add & ip rule add) 

Quagga router
– Dynamic routing (RIP, OSPF, BGP)
– When you say “write”, Quagga will write it’s own config in appropriate place

– Iptables firewall rules for filtering and logging
– Network address translation (NAT)

– Connection attempts logged by iptables

So there is a file where the physical and logical interfaces are configured, including their IP’s. There is another place where I like to put my VPN’s, tunnels and all the static routes. If I was to use dynamic routing, I would move all my routes to Quagga and handle them from there. But If there is no need for dynamic routing, then all the statics go to a file mentioned in the list.

I do my best to write accurate and compact descriptions for things that are in these files. It nicer like that when you have to search for something or you want to take a quick look at what is here to be found.

cat /etc/rc.local | grep descr -A 3