TCPIP

TCP/IP is often used as a synonym for the infrastructure that the Internet uses. To access Internet you need for instance a Ethernet or a Wireless interface:

The command ifconfig shows its status and requires su privilege.

Actually there should be at least two interfaces:

eth0 is the Ethernet interface of your network card

lo is the local loopback, it is just software that lets programs talking to each other as would they be on different machines. Software that makes use of that is therefore easy to use over the net.

Sometimes it is difficult to know what device driver the kernel has used for TCP/IP. After having emerge ethtool type ethtool -i eth0 to know.

TCP/IP packets

Ethernet packet

The TCP/IP uses data packets (size a couple of hundred Bytes) that are transmitted, from the sender to the receiver. Usually Ethernet is used, however a well known alternative is WLAN. Sender and receiver have to be uniquely be identified, this is done by the 6 byte MAC address of the network cards.

IP packet

Network cards can be broken or exchanged. Using the MAC address is therefore not suitable. So a 4 Byte IP address is assigned to the computers network interface. Therefore the sender is including inside the Ethernet packet the IP address. Since the sender uses Ethernet as it is, the MAC address is still used as the address of “a” receiver. However the sender normally does not put the MAC address of the final receiver in the data packet, since numerous Ethernet routers are probably between sender and receiver and the MAC address of the final receiver is unknown anyway. Therefore the sender uses the MAC address of the next router. The command arp -a shows what the sender knows about the router. Behind arp is a protocol that finds out those things by doing broadcast messages. The router passes then the packet to the next router until it receives hopefully the final receiver.

Very basic summarizing: The IP packet is stuffed into the Ethernet package and the software behind is called IP (Internet Protocol)

The next problems are:

  1. The sender wants to send more data than fits into a single package.

  2. The sender wants to send the data not just to a computer, it wants to address a running program (service, process).

Therefore 16 bit wide port numbers are introduced and the additional created data including the 16 bit sender and the 16 bit receiver port number is put into the IP packet. Port numbers and services are defined /etc/services. Observing this file will show UDP and TCP after the port number. If UDP data is stuffed into the IP packet then a UDP/IP packed is on the net and when TCP data is stuffed into the IP packed then a TCP/IP packet is on the net.

UDP/IP packet

UDP/IP is simpler and faster than TCP/IP and is mainly used when the required data fits into a Ethernet packet (minus IP and UDP overhead). There is always a possibility that a packet gets lost on the way to the receiver. UDP does not provide detection and recovery of such lost telegrams. If it is important that all packages arrive, then the service using this UDP port has to take care. e.g. Introduction of a protocol where the receiver has to send acknowledges.

TCP/IP packet

TCP/IP does all the missing things, it can split larges files in small packages and send them over the web and on the other side it puts all together and takes care about packages not arrived. Since it does all the magics, it is slower than UDP.

Clients and Servers

Communication between two computers is not just there up and running. One side has to initiate the communication (client) and the other one has to react (server). The protocols on top of TCP/IP (TCP/IP is a synonym because some protocols use UDP/IP) have a client part (e.g. Firefox web browser) and a server part (e.g. Web server Apache2). For a running service a client and a server program is required. Services can use single ports (as Telnet =23) or can use more than one port (as FTP 20 for the data transmission and 21 for the control). See /etc/services.

Where clients are often started by human beings sitting in front of the computers, servers mostly have to be started during the boot process. To not start all servers and use a lot of resources for just being ready, a Internet service daemon as xined can be installed. This daemon waits and starts the servers on request.

To see whats up type

netstat -a

IPv6

The explosion of Internet users around the world has caused a shortage on available IP addresses! This is one of the reason why your Internet provider probably wants some money for the static address that he would have to give to you permanently, and this is also a reason why the 4 Byte IPv4 runs out of addresses and IPv6 will introduced. IPv6 will not have 6 bytes, it will get 8 bytes since 6 means version 6. Having 8 byte should make it nearly impossible to run out of IP addresses again, since this results in billions of IP addresses per square millimeter on the surface of our planet.

IPv6 will be quite different, the first 4 bytes build a prefix and is provided by the Internet provider, the second 4 Bytes form a Device_ID, this allows to address individual devices directly from the Internet, no address translation by a router is required.http://[2001:0db8:00000:0000:08d3:8a2e:0070:7344]:8080/ is an example to address a web site using IPv6 on port 8080. An alternative to write the address is possible to skip preceding zeros: http://[2001:db8:::8d3:8a2e::7344]:8080/

To introduce IPv6 smoothly, IPv4 can run in parallel. The PC will run a IPv4 and IPv6 network stack in parallel.

Gentoo Linux has the ipv6 useflag to enable support for it.

Setting up the TCP/IP connection

This is done using the /etc/conf.d/net file. This file defines interfaces but also the modules used. It can therefore map modules to interfaces.

Example are:

  1. Various implementations of DHCP servers exist. So a specific DHCP server implementation can be mapped to a specific Ethernet interface.

  2. There are to implementations for the wireless operation: iwconfig and wpa_supplicant.

For laptops and other PC's that find themselves in various locations with and without Ethernet, WLAN, the package netplug (alternative is ifplugd) can be installed.

It is enough to emerge netplug, since this is handled by the net scripts of gentoo.

For Laptops it is probably better to use NetworkManager and its GUI front end for KDE KnetworkManager.

IP addresses and DHCP

IP addresses can be assigned statically, dynamically or randomly as by Zeroconf uses.

Dynamic IP addresses

Dynamically is more flexible however there must be a DHCP server on the network always be turned on and the attached devices must have a DHCP client configured. Luckily, in the age of RJ45 connections is is common to have a Ethernet router that can act as DHCP server, WLAN access point, and firewall toward the Internet.

The DHCP client has to search for the DHCP server to ask for a valid IP address. A DHCP client daemon that runs in background is dhcpcd.

Note emerge dhcpcd is recommended by gentoo.

Maybe you are not always attached to a network, dhcpd would the try to get an IP address and would be trying for a while before it gets up with an error message. To avoid this, you could us either a static address or make a shorter timeout. Set in /etc/conf.d/net

dhcpcd_eth0="-t  5"

This set the time to 5 seconds. The file /etc/conf.d/net is read by a script but the dhcpd client can more directly be configured using /etc/dhcpd.conf

As alternative, there is an other DHCP client available (the networkmanager uses this as default, but newer versions of it, have a useflag to select dhcpcd). To get this one

emerge dhcp. The configuration files are /etc/dhcp/dhcp.conf and /etc/dhcp/dhclient.conf.

Static DHCP

Some DHCP server support static DHCP, this is as DHCP but the MAC address of your PC is known and therefore the DHCP server assigns all the time the same IP address. This makes live easier when your PC acts as a server see:DNS (Domain Name System)

Static IP addresses

If you run a server than having different IP addresses would make the clients to fail. Therefore a fix IP addresses might be the simple way out.

Add the following two lines in netmask notation to /etc/conf.d/net

        config_eth0=( "192.168.1.3 netmask 255.255.255.0" )
routes_eth0=( "default via 192.168.1.1" )

or in CIDR notation

        config_eth0=( "192.168.1.3/24" )
routes_eth0=( "default via 192.168.1.1" )

The first line is the static address of the server PC and the second line is the gateway the device that connects your LAN to the Internet.

The above assumes the following configuration, check that your ADSL router has this address.

192.168.1.1 ADSL router is default gateway and DNS (link to Internet)

192.168.1.2 first computer

192.168.1.3 second computer

255.255.255.0 subnet mask

Zeroconf

Avahi http://avahi.org/is a free implementation of Zeroconf.

Other names are Bonjour from Apple (or earlier rendezvous).

With Zeroconf a system name as raspberrypi.local can be taken instead its numeric IP address. .local is important since it is assumed that this is and stays inside the local network.

For Gentoo Linux checkhttps://wiki.gentoo.org/wiki/Avahi

rc-update add avahi-daemon default

rc-service avahi-daemon start

ping -c 3 <hostname>.local

Zeroconf usually tests and then picks unused IP-addresses between 169.254.1.0 and 169.254.254.255.

Test the IP addresses

I your web browser type in 192.168.1.1 as address and login to the ADSL router, to check the dhcp tables and the space for static addresses.

Remember to start as root, when it does not let you select an network interface.

When the dhcp client got successfully an IP address, then it overwrites the file /etc/resolv.conf. Therefore check the date of this file!

Sometimes you see something as : 192.168.0.0/24 and you wonder what is 24?

24 is the netmask 255.255.255.0 there are 8+8+8=24 bits in the subnet mask.

To see if a DHCP server is around emerge dhcping. To test if 192.168.1.1 has a alive DHCP server by providing your IP and MAC address, type

dhcping -c 192.168.1.3 -h 00:13:d4:f6:aa:9b -s 192.168.1.1

Got answer from: 192.168.1.1

DNS

Working with IP numbers might be good for the computer but are not that what a human being remembers easily, something as https://www.gentoo.org/ can easily be remembered. Additionally IP addresses can be dynamically assigned, so when you login on the Internet you probably get not the same IP address assigned from your Internet provider than before. In fact, if you always want to get the same IP address then you probably have to pay your Internet provider to get a static address.

Since IP addresses as well as domain names have to be unique on the network there assignments has to be coordinated and who is servers as below show who has reserved them: http://www.networksolutions.com/whois/index.jsp

The reservation of those names is coordinated by http://www.icann.org/.

Now what is needed is a big table that converts all IP numbers in text addresses. The table would be far too big and the access to slow, so the Domain Name System is the solution, you basically ask a computer that has a DNS server installed for the corresponding IP number of https://www.gentoo.org/. If this computer knows it, than it returns it to you, if not it will ask an alternative computer or your computer ask an alternative DNS server. Finally and hopefully you will get from somewhere the answer. The big table is therefore slitted allover the world wide net and gets updated by remembering requests.

Fine, but nobody will know the names of your computers and devices in your local area network (LAN). You probably have a Internet router (ADSL, or whatever) that gets a single IP address of your service provider. Your router is a DHCP server and assigns IP addresses as 192.168.1.30 to your first computer. Addresses in this range are not be sent over the Internet (Wide Area Network WAN). To avoid communicating via IP numbers to your LAN devices. There are two solutions:

  1. The /etc/hosts holds a list of computer names and their IP addresses. This is a fixed table and might get in conflict if your DHCP server in your router assigns different addresses. Fortunately many routers acting as DHCP servers allow Static DHCP, so always the same IP address is assigned to each MAC address known and therefore also the computer names have always the same IP addresses.

  2. The second solution sounds cleaner. One of your computers has to have a local DNS server. Unfortunately this is not that easy:

  1. This computer would have to run all the time.

  2. DHCP and DNS are not on the same machines (unfortunately Internet routers do not support DNS "yet"?). When DHCP assigns new numbers the DNS server would have to be noticed to update its DNS table.

Due to to the simplicity I recommend the first solution.

To test if name resolving works ping to a name:

ping -c 3 www.gentoo.org

If not successful check if /etc/resolv.conf (that gets updated via dhcpd server) holds something as

nameserver 192.168.1.1

This causes the computer to ask the ADSL router to help out resolving the names.

When having DHCP then the dhcpc client writes the /etc/resolv.conf, but when having static IP adresses you might have to put

      dns_servers_eth0=( “192.168.1.1” )

in /etc/resolv.conf

To resolve the IP addresses there are 3 files involved /etc/host.conf that tells how, /etc/hosts that holds the LAN devices and /etc/resolv.conf that holds the DNS server IP addresses, the latter will be updated by the DHCP client.

A computer can be identified by

<computername>.<domain name>

where <domain name> can have multiple parts

<computername>.<first part>.<second part>

Dynamic DNS

Your Internet router gets an IP address assigned from your Internet provider. However you can not relay on the fact that this will be always the same (since you might have no static IP). If you want to have your computer being accessed from the outside you have to face that fact, that this IP addresses is unknown.

There is a way to have an URL (Uniform Resource Locator or URI Uniform Resource Identifier) without having a static IP address. This is called Dynamic DNS and it is highly probable that your Internet router supports it.

Using Dynamic DNS, each time your router gets a new address your router sends this new assigned IP address to a Dynamic DNS provider. A common protocol used for that. The Dynamic DNS provider updates and maintains a list containing your URL and your dynamically assigned IP address. If somebody types in your URL he will end up at your Dynamic DNS provider and will receive your newly assigned IP address. This explains why there are some restriction in the choice of URL names.

There are different Dynamic DNS provider:

  1. https://www.changeip.com/dns.php is free

  2. https://www.noip.com/remote-access has a free option that needs to be reactivated every 30 days

  3. http://dyn.com/remote-access/ that was once free, but now costs

OpenNIC

Since the assignments of names to IP addresses done by http://www.icann.org/ did not make everybody happy, alternatives have been created:

https://www.opennicproject.org/.

OpenNIC (NIC = Network Information Center) can be considered to be a parallel Internet, this makes obviously not everybody happy. Having OpenNIC installed you should find new url's as .oss, .geek, .ing, .free, .bbs, .gopher.

To test if it works, check https://www.opennicproject.org/ for some NIC DNS servers IP addresses. Then modify /etc/resolv.conf to have something as:

nameserver 85.126.4.170
nameserver 192.168.1.1

Do not restart you network, since this file would probably get rewritten, and the modification would be lost. Then try to open in a web server: http://www.opennic.glue or ping -c3 www.opennic.glue

OpenNIC and Static IP

Just add the OpenNIC nameservers to the nameservers in the /etc/conf.d/net

dns_servers_eth0=( “<ip from open nic> 192.168.1.1”) 

Now restart eth0

/etc/init.d/net.eth0 restart

OpenNIC and dhcp

Adding those name servers to /etc/resolv.conf and will not satisfy since they will be overwritten after next boot by dhcpcd.

However dhcpcd offers the feature to add the content of /etc/resolv.conf.head to /etc/resolv.conf :

echo "nameserver <ip from open nic>" >> /etc/resolv.conf.head

Then try to open in a web server:

http://www.opennic.glue/ or ping -c3 www.opennic.glue

Other but more complicated solutions would be emerge openresolve or even install a local nameserver as bind.

DNS name server

To get a DNS name server emerge bind.

https://wiki.gentoo.org/wiki/BIND

Network tools

emerge gnome-nettool to observe details about your net.

There is a firefox plug-in HostIP.info that shows where IP addresses are.

emerge wireshark to have a network analyzer

Networkmanager

Laptops with WLAN are used in all kind of places. Then this is probably the way to go https://wiki.archlinux.org/index.php/NetworkManager

Network manager uses gnome keyring to remember all the different passwords. If the keyring has an own password (not just using the login password) then this password must be entered. The keyring files might be deleted to restart collecting passwords from scratch.

When using network manager the gentoo scripts /etc/init.d/net.eth0 is no longer required and should be deactivated (otherwise too many managers create a mess):

rc-update del net.eth0 or rc-update del net.enp2s0

and add

      RC_PLUG_SERVICES="!net.eth*"

to /etc/conf.d/rc to

Network manager relies on a dhcp client. It takes per default dhcp, but in the versions above 7 there is a useflag to get dhcpcd instead, that is in line with gentoo defaults. If you choose dhcpd as dhcp client, set the dhcpd useflag.

The following line makes sense to put into /etc/conf.d/net :

dhcpcd_eth0=-t 5”

This line makes that the start script gives up after 5 seconds to wait for a wired dhcp server.

If you want to stick with dhcp as dhcp client, emerge dhcp and check the configuration files: /etc/dhcp/dhcp.conf and /etc/dhcp/dhclient.conf.

After having made the choice of the dhcp client emerge networkmanager

Then start it: /etc/init.d/NetworkManager start

and rc-update add NetworkManager default

When the PC requests a IP address via DHCP and the environmental variable HOSTNAME is not set or is localhost then the DHCP server delivers an HOSTNAME that will not be changed by the hostname in /etc/config.d/hostname. To still define at PC level the host name it can be set in the /etc/dhcp/dhcpd.conf:

hostname athlon

Or if there is none or just an empty /etc/dhcp/dhcpd.conf it is better to avoid a redundant definitions and create a link:

ln -s /etc/config.d/hostname /etc/dhcp/dhcpd.conf

This works, however networkmanager is not the standard way for gentoo and has some conflicts with the boot scripts. In fact per default the boot scripts try to get an IP address via the dhcpcd ebuild (not the dhcp ebuild). If no cabled network is present they fail and networkmanager using dhcp takes place and probably finds the WLAN and is successful.

The drawback is that NetworkManager starts a connection after you have logged in. So it is not a tool for server applications.

cnetworkmanager

For console but also for troubleshoot emerge cnetworkmanager. To see what access points are around: cnetworkmanager -a

To connect depends on how the access point is configured, the following commends might be used:

cnetworkmanager -C<SSID> --wpa-pass=<password>

cnetworkmanager -C<SSID> --wpa-psk-hex=<hex password>

cnetworkmanager -C<SSID> --unprotect

nm-applet

For Gnome and LXDE do emerge nm-applet to get a gui.

For xfce4 emerge xfce4-xfapplet-plugin, so xfce4 can use the gnome nm-applet, then do emerge nm-applet. The nm-applet is not manually selectable. You must start it in the root console nm-applet, after that it should be saved with the session and come alive at next reboot. To be sure add it to the list of Application Autostart (Settings > Session and Startup)

Wicd

wicd is an alternative to networkmanager http://wicd.sourceforge.net/ (if you use kde set the wicd useflag), emerge wicd and start it as wicd-client

Server configuration

It is recommended to have a static IP address for the server, so all others can add it to its /etc/hosts and can access the server using its name. The command hostname should pop up the name of the host that is defined in /etc/conf.d/hostname. Optionally a domainname giving your network a name might be desired that can be seen by typing domainname. To get a domain name add lines as follows to /etc/conf.d/net:

dns_domain_lo="<mynet>"
nis_domain_lo="<mynet>"

The network interface lo gets the domain assigned.


Linurs Servernest startpage