User:Psr2/sandbox

Group Members
1. Praveen Kumar Krishnappa 2. Samprathi Ashwath

3. Rakesh Nittur Ramesh Babu

4. Rakesh Jondhale

Motivation
Linux forms an integral part of the networking industry. It is an open source and freely available operating system which can be altered and improvised. Motivated to combine the different functionalities, we have designed a network consisting of a DHCP server, DNS server, web server and a client. Other features such as firewall, backup, VPN, NFS and NIS are also implemented.

Behavior of the Protocol
DNS (Domain Name Server) The DNS protocol is used by the browser of the client to obtain the IP address of the domain name (URL) of the website which is not cached. In an intranet system, the DNS will be able to resolve only those IP addresses whose host name is stored in its local files. In an internet based system, the DNS can extract the IP address using following processes:

•	Recursive Process

•	Iterative Process

The DNS can perform two functions depending on the query forwarded by the client:

•	Forward DNS Query – Hostname to IP address

•	Reverse DNS Query – IP address to Hostname

DHCP (Dynamic Host Configuration Protocol) The basic function of DHCP is to dynamically assign IP address from a reserved pool of IP addresses. The client which enters the network needs an IP address as well as the configurations in order to communicate with other clients in the network.

The DHCP can assign the IP address to the client in two ways:

•	Dynamic – IP address is assigned automatically

•	Static – The IP address is typed in manually in the client’s computer

Web Server A Web Server is a collection of Web pages. The basic function of the Web server is to deliver Web pages to the client. These web pages comprises of HTML documents which are customizable and can be transferred easily from server to client. In order to communicate between the server and client, a HTTP connection has to be established between them using the Three Way Handshake process. The web server receives the request for HTTP connection from the client on port number 80 and is further directed to an empty port using forking in order to receive other pending requests.

Firewall A firewall can be a software as well as a hardware device. The basic function of the firewall is to protect the system from any unknown intruder as well as block any unknown request, which is not intended for the system. Thus, a firewall acts as a barrier between the client and the web server, preventing any unwanted request to be processed.

NFS (Network File System) Network File System (NFS) is a distributed file system protocol which allows a client to access files over a network in a manner similar to how local storage is accessed. RSA algorithm is used in this implementation where two hosts exchange the public keys between them and only after that both can view specific files in each other’s system. These files are accessible only when the folders are mounted on the host’s computers.

Setup / Installation
Domain Name System (DNS):

1. Change the interface accordingly (eth0 or wlan0) using sudo nano /etc/network/interfaces

2.Change lo to either eth0 or wlan0 and loopback to static.

3.Restart the network using sudo /etc/init.d/networking restart to assign static IP address to the interface.

4. Install BIND using sudo apt-get install bind9.

5.Setting the forwarders to resolve domains outside the network 192.168.0.100

6.Define the entries for forward and lookup zones:sudo nano /etc/bind/named.conf.local

7.Edit the Forward and Reverse Lookup zones

8.Restart the bind9 file in order for changes to be effective using sudo /etc/init.d/bind9 restart

Dynamic Host Configuration Protocol (DHCP):

1. Install the dhcp-server using the sudo apt-get install dhcp3-server command.

2. Change the interface settings and give a static ip address 198.162.0.128 to the dhcp server using sudo nano /etc/network/interfaces command.

3. Edit the file.

4. Assign range of IP address 192.168.0.10 to 192.168.0.49 and set the default lease time, maximum lease time, the network details i.e. broadcast address, netmask, etc.

5. Assign a static IP address of 192.168.0.100 for the DNS server with help of the MAC address of the DNS server.

6. Assign static IP address of 192.168.0.253 for the web server with the help of MAC address of Web server.

7. Restart the DHCP server using sudo service isc-dhcp-server restart command.

Web Server:

•Install apache2 using sudo apt-get install apache2

•check whether the web server is listening on port 80 using netstat -a | more

•Restart the web server using sudo /etc/init.d/apache2 stop

•sudo /etc/init.d/apache2 start

•put a webpage for the server using cd/var/www/html •Edit the homepage using sudo nano index.html

Firewall:

The iptables command is used to manage the netfilters. The UFW i.e. Uncomplicated Firewall is most well suited for firewall which are host based and basically for iptables.

Configuration Steps:

1) Initially, check the status of UFW

2) Enable the UFW if it is disabled

3) Open the port which are to be allowed and similarly close the ports which are needed to be denied.

4) For granting access to specific hosts to some port then allow ssh access from host to any IP address present on the particular hosts.

 PXE Boot

PXE boot is an extension option starting from the BOOTP as well as DHCP. Using PXE boot, thousands of Linux Terminals can be booted from a remote server and some workstations can be worked with a disk less mode.

•configure dhcp service

•Restart the dhcp service

•Configure the tftp service

•configure the vsftp service

•configure the pxe service

•Copy the required file to boot Ubuntu to /tftpboot and you can boot Ubuntu using PXE boot.

 Backup

1.The main server is configured first. Install ssh using sudo apt-get install ssh

2.Generate RSA keys using Ssh-keygen –t rsa

3.copy the rsa public key to other host over ssh using Cat /home/praveen/id_rsa.pub “mkdir –p /root/.ssh && cat >> /root/.ssh/authorized_keys”

4.Install rsyn and copy the public key to virtual server

5.Use Crontab for ssh commands to run periodically

6.Similarly, Configure the backup server by installing ssh and generating RSA keys.

Algorithm
1. Client enters the network

2. DHCP server assigns the client a dynamic IP address from the pool range

3. Client gets connected to the network

4. Client will make a webpage request using the URL of the page

5. The request first goes to the DNS server

6. The DNS server performs forward Lookup and resolves the IP address for the given name

7. Client will be able to access the desired web page using the IP address

Testing
1) DNS


 * The nslookup command can be used to resolve the name psr2.com to an IP address (Forward nslookup)
 * The nslookup command can also be used to resolve the IP address to the host name (Reverse nslookup)

2) DHCP


 * The DHCP server assigns the client a Dynamic IP address from the range when the client enters the network. Check the leased IP addresses on the client.

3) WEB SERVER


 * Open the web browser by entering the host name or IP address.
 * Enter the URL in the browser: www.psr2.com

4) FIREWALL


 * Firewall can be tested by trying to ping the servers which are blocked. If the client is blocked by the firewall, it will not be able to access the web page.

5) BACKUP
 * Check the folder where backup is scheduled to transfer the file. The ls command is used to check whether the files are received or not.

Future Improvements

 * VLANS can be used to support more number of PCs in the network.
 * Enhanced security for the DNS servers