Transcript Lecture 8

CS 245
Lecture 8:
Networking
Servers
John Hurley
Cal State LA
Networking
• Goal: provide network services like FTP, database server,
webserver, etc
• network ports
– logical connections, by which info flows in and out
– multiple programs sending and receiving info via network at same time
• network servers - listening at pre-defined ports waiting for
connections
- wait for a request, perform some action and send a response
back.
• network clients - users access network services using client
programs
- e.g. Netscape, Eudora and UNIX ftp command.
• network protocols - specify how network clients and servers
communicate.
- define small "language" which both understand.
Well known Ports
• port numbers are 16 bit numbers, about
65,000 different ports
• ports 0-256 Internet services, ports 2561024 network services
• /etc/services - port numbers for well known
services.
Network Servers
• two methods to start network servers
– executed as a normal program (startup files)
servers are always running, waiting for a
connection on port
– inetd daemon listens at a number of ports
when request arrives it starts appropriate network
server. Configuration file /etc/inetd.conf is port to
server table
Typical Servers
• Web servers: Apache, Tomcat, many others
• Database servers: MySQL Server, etc.
• FTP servers
Network Clients
• Program that uses services provided by a server
• Must know how to connect to a network server, pass
requests to the server and then receive replies.
• telnet jupiter 25 will connect to port 25 of machine
jupiter
• Web browsers are client programs
TCP/IP Basics
•
The internet received that name because it is a network of networks. Yet, every
machine on the internet has the potential to reach any of the others using a
unique address or name.
• hostname- every machine/host on the Internet has a name
- fully qualified domain name (FQDN)
- host.site.domain.country e.g. jasper.cqu.edu.au
• IP addresses - each network interface on the network also has a unique IP
address.
- IP v4: 32 bit numbers
- written in dotted decimal form, e.g. 132.22.42.1 (0-255)
-this system is not sufficient for the number of addresses expected to be in use
in a few years (internet of things!)
-IP v6: 128 bit numbers
–
•
gradually being introduced parallel to existing IP v4 addresses
Network Mask
– Class A - 255.0.0.0
– Class B - 255.255.0.0
– Class C - 255.255.255.0
TCP/IP Basics
Wikipedia
TCP/IP Basics
Wikipedia
Network Classes
• During the development of the TCP/IP protocol stack IP addresses
were divided into classes
• There are three main address classes, A, B and C.
• If setting up a network to connect to the internet, must be
allocated addresses from central controlling organization
• If your network will not be connected to the Internet, you can
choose from a range of addresses which have been set aside for
private use. Known as private or non routed on the internet)
Network Classes
Clas Network Portion Hosts Allowed Per
s
Network
16,000,000+
255.0.0.0
128.0-191.255
(10000000.0000000010111111.11111111)
(calstatela.edu)
65,536
255.255.0.0
192.0.0223.255.255
255
255.255.255.0
A*
1.-127.0
127
(yahoo.com)
B
64*
256
C
32*2
56*2
56
Standard
Subnet Mask
(00000001-01111111)
(11000000.0.011011111.255.255)
Private addresses
•
•
•
Multiple client devices can appear to share IP addresses: either because they are
part of a shared hosting web server environment or because an IPv4 network
address translator (NAT) or proxy server acts as an intermediary agent on behalf of
its customers, in which case the real originating IP addresses might be hidden from
the server receiving a request. A common practice is to have a NAT hide a large
number of IP addresses in a private network. Only the "outside" interface(s) of the
NAT need to have Internet-routable addresses.[19]
Most commonly, the NAT device maps TCP or UDP port numbers on the side of the
larger, public network to individual private addresses on the masqueraded
network.
In small home networks, NAT functions are usually implemented in a residential
gateway device, typically one marketed as a "router". In this scenario, the
computers connected to the router would have private IP addresses and the router
would have a public address to communicate on the Internet. This type of router
allows several computers to share one public IP address.
Wikipedia
Subnetting
• Subnetting allows you to break up the classful address ranges into multiple
subnetworks.
• Subnets work by moving the dividing line between the network address bits
and the host address bits.
• Example: A University has the class B network address 138.77.0.0 with
netmask of 255.255.0.0 This allows approximately 65000 hosts on this one
network.
• You can break the class B network down into smaller subnetworks. For
example breaking the 1 class B network, down to 253 class C size networks,
each containing up to 254 hosts.
• You change the netmask, to 255.255.255.0. This is saying that it should use
the first 3 bytes of the IP address, as the network address, and only 1 byte
for the host address. So the following subnetworks then become valid:
• 138.77.1.0/255.255.255.0 138.77.2.0/255.255.255.0 138.77.3.0/255.255.
255.0 ..... 138.77.254.0/255.255.255.0
Configuring the interfaces
• Ifconfig (Windows ipconfig) command - interface
config
– used to configure the networking interfaces with an IP
address, netmask, and so on
• initialisation script for starting and configuring
interfaces
– /etc/init.d/network
Name Resolution
• /etc/hosts
• # IP_address hostname aliases
127.0.0.1 = localhost
• Domain Name Servers
• DNS - a collection of inter-communicating
nameservers.
• Primary nameserver
– knowledge of all the immediate sub-domains of
domain.
– authoritative information of Internet entities within
domain.
Name Resolution
1. /etc/resolv.conf When performing a name resolution
most UNIX machines will check their /etc/hosts first
and then check with their name server. How does the
machine know where its domain name server is. The
answer is in the /etc/resolv.conf file.
Network Management Tools
•
ping
–
–
•
nslookup (in Fedora, need to install bind-utils)
–
–
–
–
•
Is used to validate or test IP network connectivity between two hosts
or between one host and many hosts
reports time for round trip request and response
Is used to do name server lookups on DNS servers.
Can be used to pull information out of a DNS server, like:
Hostname/IP address
Description of hosts
whois (in Fedora, need to install)
–
more info on domains
Network Management Tools
•
traceroute (need to install in Fedora)
– Allows you to trace the path of a packet between two hosts
– Excellent for diagnosing connectivity problems between
two systems that are separated by many different networks
– Will provide also, the return trip time taken between each
router along the way to the destination. Can give
indication of any possible bottlenecks between the source
and destination hosts.
– request and response routes are not fully predictable and
may change. There is no guarantee that the route returned
is the same one the next request will take, but it is a good
guess
PATH
•
•
•
•
Consider the script factorial, which I placed in
/home/godzilla/shellprog/. To run it, I need to use a relative
path. If I am currently in /home/godzilla/shellprog, the path is
just ./, so that I type ./factorial 5. From anywhere else, the
relative path is more complex.
The system PATH is a list of directory locations where the OS
searches for executables.
echo $PATH will show the current PATH
dnf install will put executables, or links to them, in locations
that are already on the PATH.
PATH
There are many methods to add a location to the PATH.
• To add a location so that an individual user can use shell scripts
in bash, edit ~/.bash_profile (eg /home/godzilla/.bash_profile).
This is a hidden file, so you need to use ls -a to see it in the
directory.
• You should see a line similar to this:
PATH=$PATH:$HOME/.local/bin:$HOME/bin
• $HOME is a variable that holds the identity of the user's home
directory, eg /home/godzilla/
• Add a semicolon and the path you need, eg
:$HOME/shellprog
Always add your directory after the system directories
• Log out and log back in
More on Shell Scripts
match a regex and send the output to a file:
#!/bin/bash
if [ "$3" ]
then
cat $1 | grep $2 > $3
else
echo "Usage: selecttofile file regex destination"
fi
More on Shell Scripts
match two regexes and send the output to a file:
#!/bin/bash
if [ "$4" ]
then
cat $1 | grep $2 | grep $3 > $4
else
echo "Usage: selecttofile file regex regex destination"
fi
Monitor System Usage
Consider this program, designed to use a lot of CPU time:
public class CpuUser{
public static void main(String[] args){
long l = 0L;
while(l < Long.MAX_VALUE){
long l2 = 0L;
while(l2 < Long.MAX_VALUE){
l2 += 1;
}
l += 1;
}
}
}
Monitor System Usage
Also this one, designed to use RAM:
public class RamUser{
public static void main(String[] args){
Integer[] spaceTaker = new Integer[5000000];
for(int counter = 0; counter < spaceTaker.length; counter++) spaceTaker[counter] = counter;
try{Thread.sleep(900000);} // sleep for 15 minues
catch(Exception e){}
}
}
htop: Monitor System Usage
Linux has a built in utility for monitoring system
resource usage called top; there is also an
improved version called htop.
– You may have to install htop using sudo dnf
– Run it using sudo so you can see all user's processes
– Htop makes it easy to see the cpu and memory usage
of different processes, and to kill them if necessary
– It also makes it easy to reassign priorities for various
jobs
Monitor System Usage
htop: Monitor System Usage
htop columns:
• PID: A process’s process ID number.
• USER: The process’s owner.
• PR: The process’s priority. The lower the number, the higher the priority.
• NI: The nice value of the process, which affects its priority.
• VIRT: How much virtual memory the process is using.
• RES: How much physical RAM the process is using, measured in kilobytes.
• SHR: How much shared memory the process is using.
• S: The current status of the process (zombied, sleeping, running,
uninterruptedly sleeping, or traced).
• %CPU: The percentage of the processor time used by the process.
• %MEM: The percentage of physical RAM used by the process.
• TIME+: How much processor time the process has used.
• COMMAND: The name of the command that started the process.
https://chanmannlim.wordpress.com/2013/04/26/htop-columns-description/
Htop Tree View (F5)
Install Apache Web Server
Apache Web Server is the most widely used web server
• Open source
• Usually running in Linux or UNIX, but there are versions for
other Oss
To install the basic functionality of Apache in Fedora:
sudo dnf install httpd
You can also look up how to install functionality to support
Java servlets, etc.
to start up:
sudo systemctl start httpd.service
or
sudo service httpd start
Install Apache Web Server
Verify that the install and startup worked by entering
your VM's ip address in a browser on your client
machine. You should see this test page:
Install Apache Web Server
Creating a home page in Apache:
• Navigate to /var/www/html. This will require sudo.
This directory is the root of your website; create any additional
directory structure you need within html.
• Use a separate directory *inside html* for css.
• Recall that web servers automatically serve index.html or
index.htm if no file name is provided.
• The file owner for index.html should be root. Use sudo if
necessary to accomplish this.
• Note that the URL for your home page will *not* include the
/var/www/html. The server is set up to "map" urls into this
directory. If your ip address is 123.456.789.12, the URL of your
index.html is just http://123.456.789.12
• See Digital Ocean's documentation if you want to get a domain
name and/or use TLS (SSL) (both very cheap)
Install MySQL/MariaDB
Fedora uses a "free as in free speech" fork of MySQL called MariaDB. Here is how to get started
with it:
• install:
sudo dnf install -y mysql-server mysql
• start server:
sudo systemctl start mariadb
• start client (the first time):
sudo mysql
• create a database:
CREATE DATABASE demo;
• use the database:
USE demo;
• create a table:
CREATE TABLE monsters(id int PRIMARY KEY, name varchar(30), home varchar(30));
• insert records:
MariaDB [demo]> INSERT INTO monsters VALUES(1, "Godzilla", "Tokyo");
Query OK, 1 row affected (0.00 sec)
MariaDB [demo]> INSERT INTO monsters VALUES(2, "Jersey Devil", "Trenton");
Query OK, 1 row affected (0.00 sec)
MariaDB [demo]> INSERT INTO monsters VALUES(3, "Dracula", "Transylvania City");
Query OK, 1 row affected (0.00 sec)
Install MySQL/MariaDB
• create new user and grant SELECT privileges:
CREATE USER 'boogieman'@'localhost' IDENTIFIED BY 'iamunderthebedrightnow';
GRANT SELECT ON demo.monsters TO 'boogieman'@'%';
• log out and log back in as boogieman:
MariaDB [(none)]> exit
[godzilla@fedora-1gb-sfo1-01 code]$ mysql -u boogieman -p
Enter password:
• user can choose db and SELECT but not do anything else:
USE demo;
MariaDB [demo]> SELECT * FROM monsters;
+----+--------------+-------------------+
| id | name
| home
|
+----+--------------+-------------------+
| 1 | Godzilla | Tokyo
|
| 2 | Jersey Devil | Trenton
|
| 3 | Dracula | Transylvania City |
+----+--------------+-------------------+
3 rows in set (0.00 sec)
MariaDB [demo]> DELETE FROM monsters;
ERROR 1142 (42000): DELETE command denied to user 'boogieman'@'localhost' for table
'monsters'