se-vsem-vsem" (v seti). 128.8.255.255 Seti delyatsya na klassy: Klass A. "Ogromnye" seti. Adresa etih setej lezhat v promezhutke: 1 - 126. Maska seti: 255.0.0.0 Soderzhit do 16387064 adresov (256*256*256). Adresa hostov v etih setyah vida: 125.*.*.* Klass B. "Srednie" seti. Adresa etih setej lezhat v promezhutke: 128.0 - 191.255 Maska seti: 255.255.0.0 Soderzhit do 64516 adresov (256*256). Adresa hostov v etih setyah vida: 136.12.*.* Klass C. "Malen'kie" seti. Adresa setej lezhat v intervale: 192.0.0 - 255.254.255 Maska seti: 255.255.255.0 Soderzhit 254 adresa. Adresa hostov v etih setyah vida: 195.136.12.* Klass D. "Multicast-seti" (gruppovaya adresaciya) (v stadii razrabotki) Adresa setej lezhat v intervale: 224-239 Klass E. "|ksperimental'nye" 240-250 Adresa 0, 127, 255 - special'nye i dlya obychnyh IP ne ispol'zuetsya &dD2.1. Private Address Space&d@ Esli vasha set' budet ispol'zovat'sya tol'ko vnutri organizacii, i mashiny ne budut imet' neposredstvennogo vyhoda v internet, to adresa dlya nee mozhno brat' "s potolka". V dokumente RFC 1597 "Address Allocation for Private Internets" March 1994: The Internet Assigned Numbers Authority (IANA) zarezerviroval tri bloka IP adresov dlya ispol'zovaniya vo vnutrennih setyah: 10.0.0.0 - 10.255.255.255 Klass A 172.16.0.0 - 172.31.255.255 Klass B 192.168.0.0 - 192.168.255.255 Klass C Routery bol'shinstva ISP eti adresa ne marshrutiziruyut, chto dobavlyaet im(adresam) bezopasnosti. &dD2. Ob®yavlyaem IP-adres na nash ethernet'nyj kontroller&d@. Konfiguraciya seti na UNIX-mashine obychno delaetsya avtomaticheski pri nachal'noj zagruzke. Vkratce ee mozhno opisat' tak: Opredelenie treh odnotipnyh kart v Linux (1*ISA, 2*PnP): /etc/conf.modules alias eth0 ne alias eth1 ne alias eth2 ne options ne io=0x220,irq=5 Ob®yavlyaem, chto nash IP-adres 198.8.2.1 i on podnyat na ethernet'nuyu kartu po imeni elx70 . V sluchae Motorol'y tak na- zyvaetsya ethernet, torchashchij iz glavnoj sistemnoj platy - platy s processorom. ifconfig e1x70 198.8.2.1 up Ob®yavlyaem, chto nash vtoroj kontroller s imenem m3760 (nizhnyaya plata) imeet IP-adres 198.8.3.1 ifconfig m3760 198.8.3.1 up &dD3. Marshrutizaciya lokal'noj seti&d@. Ob®yavlyaem, chto mashiny s adresami vida 198.8.2.* *=1,...,254 si- dyat na nashem verhnem lokal'nom segmente ethernet, i razgovari- vat' s nimi nado napryamuyu, cherez verhnij ethernet, sootvetstvu- yushchij nashemu adresu 198.8.2.1 - t.e. - elx70. A s mashinami, ime- yushchimi adresa vida 198.8.3.* - cherez nizhnij ethernet - s adresom 198.8.3.1 route add net 198.8.2.0 198.8.2.1 netmask 255.255.255.0 0 route add net 198.8.3.0 198.8.3.1 netmask 255.255.255.0 0 Setevye pakety dlya IP-adresov, kotorye ne lezhat v nashej lokal'- noj seti, perepravlyat' na mashinu s setevym adresom 198.8.2.107 - a uzh ona sama budet razbirat'sya, chto s nimi delat', i kak dostavit' ih do konkretnyh adresatov. route add default 198.8.2.107 1 Poslednij argument komandy route - metrika. Ee mozhno interpre- tirovat' kak "rasstoyanie" do "togo" gateway'ya, ili "skol'ko pe- resadok mezhdu gateway'yami pridetsya sdelat' IP-paketu po doroge tuda. Poskol'ku IP-adresa 198.8.2.1 i 198.8.3.1 sootvetstvuyut nashim sobstvennyj platam ethernet, to i metrika (rasstoyanie) do nih 0. 198.8.2.107 - drugaya mashina - "rasstoyanie do nee" 1. Smotrim, chto u nas poluchilos' netstat -rn # raspechatat' tablicu marshrutizacii ping -s fedfond # "prozvonit'" uzly seti ping -s fedfond-gate ping -s 198.8.2.107 netstat -i # statistika o rabote setevyh interfejsov Nastala pora ob®yasnit', chto takoe lo0 i localhost. |to tak na- zyvaemyj Loop-back interfejs. On imitiruet setevoj interfejs lokal'no, ne vyhodya za granicy nashego komp'yutera. Loop-back in- terfejsu sootvetstvuet zarezervirovannyj za nim IP-adres 127.0.0.1 &dD4.&d@ Konfigurirovanie TCP/IP na Motorole 922. Pridumajte setevoe imya vashego komp'yutera. Pust' vy reshili, chto vash komp'yuter dolzhen nazyvat'sya fedfond, i imet' IP-adres 198.8.2.1 . Odnako ne zabyvajte, chto u Motoroly DVA ethern net-kontrollera, i KAZHDYJ iz nih DOLZHEN imet' svoj UNIKALXNYJ IP-adres. My reshaem, chto vtoroj nash ethernet budet imet' IP-adres 198.8.3.1, nu i etomu adresu mozhno naznachit' vpolne chelovecheskoe imya, naprimer "fedfond-gate". VNIMANIE: esli vy vnimatel'no rassmotrite soderzhanie fajla /etc/inet/rc.inet, osobenno stroku vida /usr/sbin/ifconfig e1x70 `uname -n`-gate $net_mask up to pojmete, chto vtoroj ethernet dolzhen nazyvat'sya imenno fedfond-gate , i nikak inache. Itak, chtoby ustanovit' setevoe imya i IP-adresa nashego host'a 1. komandoj sysadm ustanovite "nodename" . VNIMANIE: imenno nodename (imya uzla) a ne systemname (imya operacionnoj sistemy) 2. V fajl /etc/hosts vstav'te strochki, privyazyvayushchie IP-adresa k imeni fedfond i, VNIMANIE!, fedfond-gate 198.8.2.1 fedfond 198.8.3.1 fedfond-gate 3. Perezagruzites'. &dDKonfigurirovanie 2-go ethernet v Linux&d@ Pervyj-to ethernet konfiguritsya s razdachi - slozhnost' poyavitsya, kogda my zahotim uvidet' vtoroj. Naprimer mozhno v /etc/rc.d/rc.local postavit' takie komandy: # podgruzka dravera s dekovskim chipom 2140 insmod /lib/modules/2.0.18/de4x5.o io=0 # vydelenie IP # staticheskij routing na vtoruyu setku ifconfig eth1 10.232.172.1 route add -net 10.232.172.0 gw 10.232.172.1 netmask 255.255.255.0 Esli draver 2-go ethernet'a vkompilirovan v yadro, to aktivizirovat' ego mozhno tak: v fajl /etc/lilo.conf vpisat' append="ether=0,0,eth0 ether=0,0,eth1" # esli srabotaet autoprobe # v sluchae yavnogo zadaniya parametrov kart append="ether=10,0x300,0xe800,eth0 ether=12,0x280,eth1" Vklyuchit' routing: echo 1 > /proc/sys/net/ipv4/ip_forward &dDKak uznat' hardware adres ethernet'noj karty&d@ Esli mashiny normal'no skonfigurirovany dlya TCP/IP, to dostatochno popingovat' ih yavno ili po broadkastu, zatem arp -a ping [-s] 123.456.789.255 arp -a Pochti vsegda mozhno razobrat' mashinu, i posmotret' adres, napechatannyj na samoj plate. Linux: Adres pechataetsya pri zagruzke yadra. Esli karta skonfigurirovana, to adres soobshchaet komanda ifconfig Sun: Adres pechataetsya boot-monitorom pri starte Hardware adres ethernet'a na Sun mozhno proizvol'no menyat' nahodyas' v boot-monitore, ili komandoj ifconfig podrobnosti sm. v Sun NVRAM & hostid FAQ ” ../TXT/faqsunnvram.txt HP-UX: Adres mozhno uznat' komandoj lanscan. Na rabochih stanciyah adres mozhno uznat' eshche i iz boot-monitora PDC. &dD5. Prikladnye interfejsy&d@. CHtoby pisat' programmy, rabotayushchie s set'yu, programmist dolzhen pol'zovat'sya kakim-libo naborom sistemnyh vyzovov i funkcij. Ot BSD-Unix'a v zhizn' voshel poluchivshij bol'shuyu populyarnost' API Berkeley-sockets. AT&T System V porodila TLI (Transport Level Interface) - postroennyj na tehnologii "potokov" (streams). SVR4 podderzhivaet i to, i drugoe. Podderzhku soketov obespechivaet demon inetd (Internet Super Server), podderzhku TLI obespechivaet demon listen (Network Listener). &dD6.&d@ Konfiguraciya TLI Demon listen upravlyaetsya special'noj bazoj dannyh, v kotoruyu neobhodimo vpisat' IP-adres nashego host'a. Delaetsya eto "odin raz v zhizni". IP-adres zadaetsya v hitroj shestnadcaterichnoj za- pisi. Itak, esli nashi IP-adresa 198.8.2.1 i 198.8.3.1, ih shestnadca- terichnaya zapis' C6080201, C6080301 , to my dolzhny edinovremenno vypolnit' tri komandy: nlsadmin -i tcp nlsadmin -l '\x00020acec60802010000000000000000' tcp nlsadmin -l '\x00020acec60803010000000000000000' tcp "volshebnoe ^^^^^^^^shestnadcat' nulej slovo 0ace" | | syuda vpisyvaetsya nash fakticheskij IP-adres &dD7.&d@ Konfiguraciya BSD soketov. Dlya etogo nichego delat' ne nado. Vrochem, v dal'nejshem, vozmozhno, vam pridetsya etim zanimat'sya. Nastrojki inetd lezhat v fajlah: /etc/inetd.conf nazvanie setevogo --> imya obsluzhivayushchej servisa programmy /etc/services nomer porta --> nazvanie setevogo servisa Sostoyanie tekushchih soedinenij mozhno posmotret' komandoj: netstat (ili netstat -ta - esli u vas Linux) &dDEshche neskol'ko protokolov&d@ ARP - Address Resolution Protocol Protokol nizkogo urovnya. Podderzhivaetsya na urovne yadra i/ili dravera setevoj platy. Dlya opredeleniya, kakoj ethernet'nyj adres imeet mashina, esli izvesten ee IP-adres. Rabotaet po principu broadcast: "ej, vse, vse, vse: IP-takoj_to - otzovis'", i on odin otzyvaetsya. arp -a # raspechatat' izvestnye nam IP-adresa i ih eth-adresa RARP - Reverse Address Resolution Protocol. Dlya opoveshcheniya bezdiskovyh klientov, kakoj u nih IP-adres. Na servere zapuskaetsya demon rarpd. U nego est' fajl-tablica: ether-adres -> IP-adres. Po zaprosu-broadcast'u bezdiskovogo klienta vida: "ej, vse,vse,vse, moj eth-adres takoj-to. Kak menya zovut?" rarpd soobshchaet emu, kakoj u nego IP (a drugoj de- mon bootparamd soobshchaet emu dopolnitel'nuyu informaciyu - gde emu brat' svoyu kornevuyu fajlovuyu sistemu, naprimer). Dlya obmena informaciej o routinge (marshrutizacii) ispol'zuyutsya protokoly RIP, BGP, EGP, ICMP. RIP - Routing Information Protocol Vnutrennij protokol routinga (vnutri avtonomnoj sistemy). Ego podderzhivayut demony routed i/ili gated. BGP - Border Gateway Protocol EGP - External Gateway Protocol Routing mezhdu avtonomnymi sistemami. Ih podderzhivaet demon gated ICMP - Internet Control Message Protocol peredaet soobshcheniya ob oshibkah v TCP/IP (naprimer "port unreachable"), ispol'zuetsya programmami ping, traceroute, mozhet peredavat' soobshchenie o neracional'nom routinge tipa "redirect": "voobshche-to mozhno napravlyat' pakety cherez menya, odnako est' i bo- lee korotkij put'". Dlya obmena informaciej o simvolicheskih imenah host'ov, pol'zovatelej, grupah pol'zovatelej i pr. ispol'zuyutsya protokoly DNS i NIS/YP DNS - Domain Name System. Pozvolyaet ispol'zovat' simvolicheskie imena hostov pomimo cifro- vyh IP-nomerov, i organizovyvat' "derevyannuyu" strukturu naime- novaniya domenov (tipa pc101.fedfond.msk.su , ftp.sco.com i t.p.) Server DNS - host, na kotorom zapushchen demon bind, i hra- nyatsya imena hostov v zone(domene). Na ostal'nyh hostah dlya op- redeleniya IP-adresa po imeni ispol'zuyutsya bibliotechnye funkcii biblioteki "resolver" - gethostbyname, gethostbyaddr, kotorye obrashchayutsya po seti k blizhajshemu serveru DNS, i vyyasnyayut u nego IP-adres mashiny po ee imeni (domain-name). NIS/YP - Network Information System (ispol'zuetsya tak zhe nazvanie, prishedshee ot firmy Sun - Yellow Pages). Pozvolyaet hranit' na odnom NIS-servere (s demonom ypserv) informaciyu, edinuyu dlya vsej lokal'noj seti: imena hostov, imena i prava pol'zovatelej, grupp pol'zovatelej, nazvanie ih domashnih katalogov, simvolicheskie imena portov i t.d. i t.p. Eshche raz ob otlichiyah DNS ot NIS/YP: DNS - sistema "global'naya" - dejstvuet v ramkah vsego Interneta, no soderzhit TOLXKO imena hostov. NIS/YP - soderzhit pomimo imen hostov neskol'ko drugih informacionnyh baz, no zato podderzhivaetsya tol'ko v ramkah seti odnoj organizacii. &dDKonfigurirovanie TCP/IP na skoruyu ruku&d@ V bol'shinstve unix-ov imeetsya prostaya menyushnaya utilita pozvolyayushchaya skonfigurirovat' osnovnye parametry komp'yutera: Imya hosta, IP adres i parametry seti, DNS servera HP/UX: /etc/set_parms initial Linux Slackware: net_config Solaris: /etc/??? . &dDOrganizaciya TCP/IP po posledovatel'nym liniyam&d@ Protokol TCP/IP ne obyazatel'no trebuet nalichiya ethern net'noj seti. Vpolne dopustimy i drugie fizicheskie nositeli, naprimer: Posledovatel'nye linii s podklyucheniem cherez porty RS-232, Skorostnye linii s podklyucheniem cherez parallel'nye porty, ili skorostnye sinhronnye porty (naprimer 485, V.435). |ti vozmozhnosti obespechivayutsya specializirovannymi realizaciyami protokola IP: dlya podklyucheniya cherez RS-232 SLIP - Serial Line IP - samaya pervaya realizaciya TCP/IP "dlya bednyh", shiroko ispol'zuetsya do sih por. CSLIP - Compressed SLIP - modifikaciya protokola SLIP. Szhatiyu podvergayutsya zagolovki IP-paketov. VNIMANIE: no ne sami dannye! V standartnom IP-pakete IP-zagolovki so sluzhebnoj informaciej zanimayut poryadka 40 bajt. V CSLIP'e eti zagolovki uzhimayutsya do 3 bajt. Pri peresyl- ke bol'shogo chisla melkih paketov poluchaetsya sushchestven- nyj vyigrysh v skorosti. Esli pakety krupnye, to vyigry- sha ne budet nikakogo. PPP - Point-to-Point Protocol Eshche odna, sovremennaya realizaciya TCP "dlya bednyh". YAv- lyaetsya standartnym dlya SVR4. Bolee universalen. Pozvo- lyaet takzhe organizovat' peredachu po posledovatel'noj linii protokola IPX. Podderzhivaet rezhimy emulyacii slip i cslip - dlya sovmestimosti. dlya podklyucheniya cherez Centronix-parallel'nyj port PLIP - Parallel Line IP - nekotorye skazhut - ekzotika. Nichut' ne byvalo. Ves'ma rasprostranennaya veshch'. Vot kogda TCP/IP po SCSI-shine - eto da, eto - ekzotika. Kstati, RFC 1149 opisyvaet peredachu paketov IP golubinoj pochtoj. &dDTCP/IP po sputnikovoj svyazi&d@. Teoreticheskih trudnostej organizaciya svyazi TCP/IP cherez sputnikovuyu antennu net - vse vyglyadit takzhe, kak pri modemnoj svyazi po telefonu. Tehnologiya primerno sleduyushchaya: s antenny vyhodit vysokochastotnyj signal, signal progonyaetsya skvoz' sputnikovyj modem, iz modema vyhodit potok dannyh po formatu High Speed Interface - zavesti v komp'yuter ego mozhno cherez skorostnoj port, naprimer V.435 (logicheski on vedet sebya priblizitel'no kak obychnyj posledovatel'nyj port), i so storony hosta - podnimaetsya protokol PPP. Estestvenno, na "tom konce" predpolagaetsya ta zhe shema podklyucheniya. +-------------------+ +-----------------+ ( | protokol port| dannye |port sputnikovyj| signal ( >< |Host PPP V.435|========|V.435 modem | ~~~~~~ ( | -TCP/IP-> | | | ~~~~~~ /\ +-------------------+ +-----------------+ Antenna Vmesto Hosta so skorostnym portom, modem mozhno podklyuchit' k specializirovannomu ustrojstvu - "Routeru", vnutri kotorogo "zashit" protokol TCP/IP (PPP, Ether), i imeyutsya porty Ethernet, i High Speed Interface. Dostatochno populyarny dlya takih celej routery "Cisco router", "NetBlaser". +-------------------+ +-----------------+ ( | protokol port| dannye |port sputnikovyj| signal ( >< |Router PPP V.435|========|V.435 modem | ~~~~~~ ( | -TCP/IP-> | | | ~~~~~~ /\ +-------+-----------+ +-----------------+ Antenna | ... -Ethernet------ ... &dDSkorost', kotoruyu mozhno poluchit'&d@. Skorost' glavnym obrazom zavisit ot tipa i kachestva linii svya- zi, ispol'zuemyh modemov, i tipa porta, v kotoryj etot modem votknut. Prakticheskie ogranicheniya na skorost': Skorost' dannyh mezhdu modemami V32bis/V42 po gorodskomu telefo- nu, ili mezhdugorodnej linii "Iskra" do 16800 bit/sek. Real'no ~ 12000 bit/s. Nalichie vstroennogo protokola V42 szhatiya dannyh pozvolyaet podnyat' real'nuyu (zamerennuyu uzhe ne mezhdu modemami, a mezhdu portami) skorost' peredachi neszhatyh dannyh v 2-4 raza, t.e. do 38400-57600 bit/s Maksimal'naya skorost' priema/peredachi dannyh na posledovatel'nom portu RS-232 zavisit ot nalichiya v onom mikroshem UART (Universal Asyncronous Receiver-Transmitter) 16450 - 19200 bit/s. 16550 - 19200 bit/s. (otsutstvie bukovki "A" - fatal'no) 16550A - 38400 bit/s. 16550A do 115200 bit/s. (Esli operacionnaya sistema "tyanet") (v chastnosti - Solaris, Unixware - net, FreeBSD, Netblaser, Cisco router - da) V itoge real'naya skorost' peresylki dannyh: Telefon/"Iskra", V32bis/V42 - 19200 bit/s. Vydelennaya 2-h provodka, V32bis/V42 - 38400 bit/s. Vydelennaya 4-h provodka, RAID,????? - 115200 bit/s. Fizicheskaya 4-h provodka<=4km, ????? do 1 Mbit/s. Optovolokno <=?km, ????? ?? 2 Mbit/s. Antenna. Sputnikovyj modem. Port V.435. PPP 64, 128, 256 Kbit/s &dD * Konfigurirovanie SLIP/CSLIP * &d@. Dlya etogo soedinyaem dva host'a nul'modemnym kabelem cherez posledovatel'nye porty, i zapuskaem fonom programmu slattach, perevodyashchuyu porty v rezhim peredachi protokola TCP/IP. Estestvenno, chto SLIP nado zapuskat' s oboih koncov, prichem "odinakovyj". SVR4, slip slattach /dev/comport NASH-IP-ADRES IH-IP-ADRES 19200 & # perevodit port /dev/comport v rezhim "slip" na skorosti 19200 # i ustanavlivaet IP-adres na slip-interfejs SVR4, cslip slattach -c /dev/comport NASH-IP-ADRES IH-IP-ADRES 38400 & # perevodit port /dev/comport v rezhim "Compressed-slip" # na skorosti 38400 # i ustanavlivaet IP-adres na C-slip-interfejs slattach -e /dev/comport NASH-IP-ADRES IH-IP-ADRES 38400 & # perevodit port v rezhim slip ili cslip, # avtomaticheski opredelyaya, kakoj imenno protokol zapushchen # "na tom konce", i ustanavlivaet so svoej storony takoj zhe Linux, SLIP. Teper' SLIP v Linux zaryazhaetsya komandoj DIP, s konfiguracionnym fajlom: /usr/sbin/dip config-file-name --------------------------------------------------------------- # pryamoj konnekt nul'modemnym kabelem main: get $local 193.232.171.22 get $remote 193.232.171.19 port /dev/modem speed 9600 mode SLIP exit --------------------------------------------------------------- # slip s telefonnoj dozvonkoj --------------------------------------------------------------- main: get $local uwalt.hacktic.nl get $remote xs4all.hacktic.nl port /dev/modem speed 38400 send ATQ0V1E1X4\r wait OK 2 dial p555-1234 login: sleep 2 wait ogin: 20 send MYLOGIN\n wait ssword: 20 send MYPASSWD\n # We are now logged in. wait SOMETEXT 15 get $mtu 296 # Ensure "route add -net default xs4all.hacktic.nl" will be done default mode SLIP --------------------------------------------------------------- Na oboih koncah imet' simmetrichnye fajly i zapustit' dip'y Linux, CSLIP. # sperva perevodim port v rezhim "cslip" slattach -p cslip /dev/modem & ifconfig cs0 NASH-IP-ADRES pointopoint IH-IP-ADRES route add IH-IP-ADRES route add default gw IH-IP-ADRES Linux, PLIP. ifconfig plip1 NASH-IP-ADRES pointopoint IH-IP-ADRES route add IH-IP-ADRES route add default gw IH-IP-ADRES Ustanovka SLIP po telefonnoj linii cherez modem. Nado zastavit' nash modem sozvonit'sya s "tem" modemom. Posle etogo my poluchaem prozrachnoe soedinenie mezhdu posledovatel'nymi portami, po kotoromu i "podnimaem" SLIP, sm. predydushchie punkty. ( stty 19200 ; echo atdp9120123 ) < /dev/modem > /dev/modem sleep 55 Vydaem na modem komandu atdp - nabrat' telefonnyj nomer, i zhdem 55 sekund. Nadeyus', modemam hvatit etogo vremeni, chtoby "snyu- hat'sya". Vosstanovlenie svyazi v sluchae obryva. Kak uznat', chto svyaz' porvalas'? Ping'anut' "tot" konec linka. Prezhde, chem nabirat' modemom nomer dlya novoj dozvonki, neobhodimo "snyat'" slip s nashego posledovatel'nogo porta (poskol'ku v rezhime slip on funkcioniruet ne kak posledovatel'nyj port, a kak kanal peredachi TCP/IP). Kak snyat' slip? Kil'nut' slattach. while true # V vechnom cikle do sleep 60 # Podozhdat' minutku if ping 107.65.8.254 | grep 'is alive' ; then echo Ok > /dev/null # Esli IH-IP-ADRES otzyvaetsya else # Inache zarubaem slattach slip_pid=`ps -ef | grep slattach | cut -c1-6` kill -9 $slip_pid # nabiraem tamoshnij telefonnyj nomer (stty 19200; echo atdp9120123) < /dev/modem > /dev/modem sleep 55 # podnimaem slattach slattach -e /dev/modem 195.8.2.3 107.65.8.254 19200 & fi done &dD * PPP * &d@ &dDMOTOROLA: PPP&d@ /etc/inet/ppphosts - perechislyaet ppp-hosty Pravila dozvonki i soedineniya s etimi hostami opisyvayutsya standartnymi opisaniyami iz UUCP Ubedit'sya, chto podderzhka ppp prisutstvuet v konfiguracionnom fajle /etc/strcf Ubedit'sya, chto pri zagruzke zapuskaetsya komanda slink Neposredstvennoe ppp-soedinenie aktiviziruetsya pri obrashchenii ("po trebovaniyu"). Podrobnosti iskat' v man ppp man pppd man ppphosts &dDLinux&d@ Vse delaetsya komandoj pppd. V komplekt pppd vhodit komandochka chat, v argumentah zhe pppd zadayutsya IP-adresa, telefonnye nomera, inicializaciya modema, chat-ovyj dialog s mashinoj provajdera. Primer: (Pochti iz zhizni) yavno zadaem nash IP=123.456.789.12 pppd connect 'chat -v ABORT "NO DIALTONE" ABORT BUSY "" ATZ OK \ atdp9386933 Username: ppmoshkow Passwd: mypasswd mode ;' \ crtscts defaultroute modem noipdefault -detach mru 1500 \ 123.456.789.12:194.85.105.1 /dev/modem 38400 Primer: vzyat' adresa zadannye serverom pppd connect 'chat -v ABORT "NO DIALTONE" ABORT BUSY "" ATZ OK \ atdp9386933 Username: ppmoshkow Passwd: mypasswd mode ;' \ crtscts defaultroute modem noipdefault -detach mru 1500 \ 0.0.0.0: /dev/modem 38400 &dDWindows 95&d@ Postavit' dopoolnitel'nyj paket iz MS Plus - "Network dialup script editor" Podklyuchit' cherez nego skript: --------------------------------------------------------------- proc main waitfor "login:" until 5 transmit $USERID, raw transmit "^M" waitfor "Password:" transmit "password^M" waitfor "modem" until 5 endproc --------------------------------------------------------------- V zvonil'noj forme vpisat' logname, password ne vpisyvat', ibo vse ravno on zabyvaetsya pri kazhdom perezapuske. &dDHP-UX 10.20&d@ Na rabochih stanciyah pod HP-UX/10.20 rodnogo ppp NET. Tol'ko slip. Mozhno sftpit' free-varnyj paket iij-ppp http://www.verinet.com/~barthold/ftp/iij-ppp0.94beta2.hpux10.tar.gz ” http://www.verinet.com/~barthold/ftp/iij-ppp0.94beta2.hpux10.tar.gz Dokumentaciya po konfiguracii i installyacii prilagaetsya k paketu. Na serverah i rabochih stanciyah SLIP nazvan "ppl" i vklyuchen v standartnyj paket "LAN/9000 Link" product. . &dDSetevaya fajlovaya sistema NFS&d@ - Network File System. Standartnoj setevoj fajlovoj sistemoj dlya UNIX'a yavlyaetsya NFS. Lyubaya Unix-mashina umeet montirovat' po protokolu NFS udalennye fajlovye sistemy i ispol'zovat' ih kak svoi sobstvennye, a tak zhe mozhet vydelyat' svoi katalogi dlya drugih mashin. Vyglyadit eto primerno tak: mount -F nfs udalennaq.mashina:/katalog_tam /katalog ili, esli u vas BSD ili Linux mount -o rsize=8192,wsize=8192 mashina:/katalog_tam /katalog ls -al /katalog Hotya NFS byl kogda-to razrabotan dlya Unix'a, imeetsya realizaciya NFS dlya MSDOS-ovskih PC. |ti pakety prinyato nazyvat' svodnym imenem PC/NFS (Ne putat' s nazvaniem "PC-NFS" - eto realizaciya PC/NFS ot firmy "Sun Select"). T.e. PC'yuk, na kotorom zapushchen NFS dlya PC, mozhet montirovat' v kachestve setevyh diskov katalogi Unix'ovskoj mashiny, kotorye ona vydelyaet v NFS. - Fakticheski, PC/NFS daet dlya PC te zhe samye vozmozhnosti, chto i Netware - udalennyj setevoj disk i udalennyj setevoj printer. Raznica lish' v tom, chto Unix-host, pomimo pozvoleniya NFS-eniya sebya, v sostoyanii zanimat'sya i svoimi sobstvennymi zadachami, a server Netware nichem krome obsluzhivaniya svoih klientov, izobrazhaya dlya nih disk s ethernet'om, zanimat'sya ne prisposoblen, no rabotaet bystree raza v 1.5-2. Nu i zanimayut NFS-nye rezidenty poryadka 100 Kb operativnoj pamyati, v to vremya kak Netwar'nye - poryadka 50. &dD2.&d@ Ocenochnye skorosti paketov PC/NFS razlichnyh proizvo- ditelej: 486dx2/66, adapter wd8013 16 bit: Paket: chtenie Kb/sek zapis' NFS for PC PC-NFS 4.0 220 120 PC-NFS 5.0(**) 220 120 Pathway 350 170 PCTCP 3.0 350 200 TSOFT (*) 200 100 XFS (*) 500 50 Chameleon NFS(**) 2-e mesto po rezul'tatam testov Unix for PC Linux/NFS(*) 400 350 FreeBSD/NFS(*) 900 300 Unixware/NFS 400 300 Prochie Netware 3.11 500 600 NW Lite 400 500 WFW (Samba) 150 150 Lantastic ? ? (*) - uslovno-besplatnye ili besplatnye pakety (**) - zashchishchen ot nelicenzirovannogo kopirovaniya Dlya sravneniya: skorost' chteniya/zapisi NFS mezhdu dvumya SUN SPARCstation i/ili IBM/RS6000 900/400 Kb/sek &dD3. Dlya togo, chtoby Unix-mashina sluzhila NFS serverom&d@ Na nej dolzhny byt' zapushcheny sleduyushchie demony: rpc.portmap - demon portov RPC (Remote Procedure Call) (poskol'ku NFS ispol'zuet RPC) (Na Motorole ne trebuetsya.) mountd - obsluzhivanie komand montirovaniya (on reshaet - razreshit'/ ne razreshit') nfsd - neposredstvennoe obsluzhivanie protokola NFS biod - keshirovanie NFS-chtenij na kliente (tol'ko v SunOS) pcnfsd - provodit dopolnitel'nuyu "avtorizaciyu" pol'zo- vatelej na PC/NFS klientah. Poskol'ku MSDOS ne zanimaetsya uchetom i registraciej pol'zova- telya, pcnfsd sam sprashivaet u PC-ishnogo user'a ego imya i parol'. (ne obyazatelen, no zhelatelen) Obychno vse eti demony zapuskayutsya na urovne vypolneniya 3. Pos- motrite, s bol'shoj veroyatnost'yu vy obnaruzhite na svoej mashine fajl s nazvaniem napodobie: /etc/rc3.d/S22nfs - prednaznachen dlya zapuska NFS-servera Dolzhno byt' ukazano, kakie imenno katalogi, razreshaetsya "vi- det'" po NFS, i kakim imenno mashinam eto razreshaetsya. |ti katalogi ukazyvayutsya v fajle /etc/dfs/dfstab i eksportiruyutsya yavnoj komandoj shareall ili share (esli u vas SVR4) ili v fajle /etc/exports i eksportiruyutsya yavno komandoj exportfs -a (esli u vas kakoj libo drugoj UNIX) &dD4.&d@ Aktivizaciya NFS. Obychno, na mashine so svezheustanovlennym Unix'om NFS server ne aktivizirovan. CHtoby on zapustilsya, sistemnyj administrator dolzhen obespechit' vypolnenie uslovij perechislennyh v predydushchem punkte. Dlya etogo dostatochno: &dDMotorola 922&d@ Posle zagruzki perehodit' na uroven' vypolneniya 3. V fajle /etc/inittab ispravit' stroku is:2:initdefault: na stroku is:3:initdefault: Zapuskat' pcnfsd - demona "avtorizacii" PCNFS'nyh pol'zovatelej V fajl /etc/rc3.d/S22nfs vstavit' komandu zapuska demona: /usr/lib/nfs/pcnfsd Iz menyu sysadm v network_services / remote_files / local_recources / share / nfs zadat' katalogi, kotorye vy raz- reshaete "razdavat'" po NFS. Naprimer, proeksportirujte katalog /home CHtoby ispravleniya v /etc/inittab podejstvovali, perezagruzite unix komandoj shutdown -y -g0 -i6 &dDLinux&d@ V fajle /etc/rc.d/rc.inet2 raskommentirujte stroki, zapuskayushchie demonov rpc.portmap rpc.nfsd rpc.mountd rpc.ugidd V fajl /etc/exports vstav'te stroku / (rw) Perezagruzites' &dDSun Solaris 1.1&d@. V fajl /etc/exports vstav'te stroki... /home /usr Perezagruzites' &dDSun Solaris 2.3&d@. V fajle /etc/dfs/dfstab vstav'te stroki dlya eksportiruemyh faj- lovyh sistem. (Format ukazan v kommentariyah v etom fajle) Perezagruzites' &dD5.&d@ ESHCHE ODNA SETEVAYA FAJLOVAYA SISTEMA. RFS. DFS. RFS - Remote File Sharing. Tozhe setevaya fajlovaya sistema. NFS - porozhdenie BSD Unix'a, RFS - System V Unix'a. Naznachenie takoe zhe, kak i u NFS. Kakih libo preimushchestv po sravneniyu s NFS ne imeet. YArko vyrazhennyh nedostatkov, pozhaluj, tozhe. Znachitel'no menee rasprostranena, chem NFS. Ne imeet automounter'a. Klientov RFS for MSDOS PC net. Zato RFS podderzhivaet zahvat i blokirovku fajlov, i special'nye fajly. Aktivizirovat' RFS vryad li imeet smysl. Dejstvitel'no, zachem nam vtoroj General'nyj sekretar'? DFS - Distributed File System. Tozhe setevaya fajlovaya sistema. Vot i vse, chto ya mogu pro nee skazat'. . &dDKonfigurirovanie automount-demona&d@ Avto-montirovshchik - demon, zapushchennyj na NFS-kliente. |tot demon montiruet udalennye katalogi "PO TREBOVANIYU" - t.e., kogda k nim proishodit obrashchenie. Esli k avtomaticheski smontirovannomu katalogu dolgo ne bylo obrashchenij, avtomontirovshchik ego avtomaticheski otmontiruet. Avto-montirovanie podderzhivaetsya demonom automountd. |tot demon zapuskaetsya pri nachal'noj zagruzke operacionnoj sistemy. Zapuskaetsya on v komandnom fajle /etc/rc2.d/S20nfs.client automountd # esli vse karty budut brat'sya iz NIS ili automountd -m -f /etc/auto.master # brat' tol'ko lokal'nye # karty Upravlyaetsya automountd neskol'kimi "kartami" - fajlami s opisa- niem kogo i kuda nado montirovat'. V prostejshem sluchae nuzhno imet' tri fajla: /etc/auto_master - golovnoj konfiguracionnyj fajl Ssylaetsya na: /etc/auto_direct - ukazyvaet, kakie katalogi kuda montirovat' /etc/auto_home - zadaet pravila montirovaniya domashnih katalogov pol'zovatelej, raspolozhennyh na udalennyh mashinah. /etc/auto_master :--------------------------------------------- # # Master map for automounter # /net -hosts # zadaet: kornevoj katalog komp'yutera po imeni imyarek montiro- # vat' na katalog /net/imyarek # /- /etc/auto_direct /home /etc/auto_home /etc/auto_direct :--------------------------------------------- # # /usr/informix -ro,soft classic00:/usr/informix /usr/local -rw,soft classic00:/usr/local # # Smontirovat' s pervogo otkliknuvshegosya servera. # /usr/share/man -ro,soft classic00:/usr/share/man \ -ro,soft sun21:/usr/share/man \ -ro,soft sun22:/usr/share/man /etc/auto_home :--------------------------------------------- moshkow s08:/udd/moshkow leo classic00:/export/home/leo # a luchshe napisat' tak: * classic00:/export/home/& * sun21:/export/home/& Kazhdyj pol'zovatel' polxzowatelx na etoj mashine dolzhen byt' za- regestrirovan s domashnim katalogom /home/polxzowatelx . &dDDNS - Domain Name Service&d@ &dDKonfigurirovanie DNS-klienta&d@ &dDUkazyvaem nash dns-server&d@ /etc/resolv.conf : search moshkow.pp.ru sosed.msk.ru nameserver 127.0.0.1 ;nameserver 194.8.2.1 &dDPoryadok prosmotra informacii o imenah hostov zadaetsya v &d@ /etc/host.conf : (Linux, BSD) order bind, hosts, nis multi on /etc/nsswitch.conf : (V Solaris, HP-UX) . . . hosts: files bind nis . . . &dDImya domena nashego hosta&d@ (Ne vsegda, no chasto) /etc/defaultdomain : moshkow.pp.ru &dDKak posmotret' zony DNS&d@ nslookup -ty=ns msk.ru zzz=msk.ru ; named-xfer -z $zzz -f filename ns.$zzz egrep '^[a-z]' filename | egrep -v A | grep NS| cut -f1 | sort -u| wc ili shodit' v RIPE: ftp://ftp.ripe.net/ripe/hostcount ” ftp://ftp.ripe.net/ripe/hostcount ftp://ftp.ripe.net/ripe/dbase ” ftp://ftp.ripe.net/ripe/dbase &dDRezul'tat na fevral' 1997:&d@ ru 1400 msk.ru 217 spb.ru 490 ras.ru 20 msu.su 19 rssi.ru 42 &dD * Konfigurirovanie DNS-servera * &d@ Dlya etogo nuzhno sozdat' nachal'nyj konfig-fajl named.boot i v kataloge /var/named slozhit' fajly s opisaniem nashih zon &dDPrimer zapolneniya fajlov&d@ Moya zona moshkow.pp.ru delegiruetsya iz pp.ru (a znachit - v RIPN) Revers-zona 173.233.193.in-addr.arpa delegiruetsya u hozyaina zony 233.193.in-addr.arpa (a znachit - v RIPN) /etc/named.boot ; config-fajl vashego DNS /var/named/moshkow.pp.ru ; opisanie vashej zony /var/named/193.233.173.0 ; opisanie revers-dns dlya toj zhe zony /var/named/root.cache ; nuzhno imet'. U vseh standartnyj /var/named/127.0.0.1 ; nuzhno imet'. U vseh standartnyj Esli vasha lokal'naya set' ne podklyuchena k Internet, vse ravno polezno imet' v nej DNS server dlya vnutrennih nuzhd. CHtob on ne porozhdal 1.5 minutnyh tajmautov pri obrashchenii k zavedomo "vneshnim" nedostizhimym hostam, prosto sdelajte fajl /var/named/root.cache pustym. Zavedennye vami dns zony nado zaregistrirovat' v "vyshestoyashchej" zone, chtob oni delegirovali ee vam. Revers-dns'nuyu zonu tozhe neobhodimo registrirovat' - delegirovat' vam ee obyazan tot, kto vydal vashi IP-adresa. /var/named/moshkow.pp.ru: ======================== @ IN SOA ns.moshkow.pp.ru. moshkow.ipsun.ras.ru. ( 1997093001 ; serial 28800 ;8 Refresh kak chasto secondary proveryaet obnovleniya 7200 ;2 Retry kak chasto secondary tykaetsya posle "neprohoda" 6048000;70d Expire skol'ko zapis' zhivet na secondary 864000);10d Minimum skol'ko zapis' zhivet v keshe IN NS ns.moshkow.pp.ru. IN NS nss.ras.ru. IN MX 10 mail.moshkow.pp.ru. IN MX 50 mail.ras.ru. ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ns IN A 193.233.173.111 nss IN A 193.233.172.8 proxy CNAME t111 mail CNAME t111 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; t01 IN A 193.233.173.1 t02 IN A 193.233.173.2 . . . t254 IN A 193.233.173.254 t255 IN A 193.233.173.255 /var/named/193.233.173.0 : ======================== @ IN SOA ns.moshkow.pp.ru. moshkow.ipsun.ras.ru. ( 1997093001 ; serial 28800 ; refresh ( 8 hours) 7200 ; retry ( 2 hours) 6048000 ; expire (70 days ) 864000 ) ; minimum (10 days ) IN NS ns.moshkow.pp.ru. IN NS nss.ras.ru. IN MX 10 mail.moshkow.pp.ru. IN MX 50 mail.ras.ru. ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; 1 IN PTR t01.moshkow.pp.ru. 2 IN PTR t02.moshkow.pp.ru. . . . 255 IN PTR t255.moshkow.pp.ru. /var/named/root.cache ----------------------------------------- ; ftp://ftp.rs.internic.net/domain/named.root ; . 3600000 IN NS A.ROOT-SERVERS.NET. A.ROOT-SERVERS.NET. 3600000 A 198.41.0.4 . 3600000 NS B.ROOT-SERVERS.NET. B.ROOT-SERVERS.NET. 3600000 A 128.9.0.107 . 3600000 NS C.ROOT-SERVERS.NET. C.ROOT-SERVERS.NET. 3600000 A 192.33.4.12 . 3600000 NS D.ROOT-SERVERS.NET. D.ROOT-SERVERS.NET. 3600000 A 128.8.10.90 . 3600000 NS E.ROOT-SERVERS.NET. E.ROOT-SERVERS.NET. 3600000 A 192.203.230.10 . 3600000 NS F.ROOT-SERVERS.NET. F.ROOT-SERVERS.NET. 3600000 A 192.5.5.241 . 3600000 NS G.ROOT-SERVERS.NET. G.ROOT-SERVERS.NET. 3600000 A 192.112.36.4 . 3600000 NS H.ROOT-SERVERS.NET. H.ROOT-SERVERS.NET. 3600000 A 128.63.2.53 . 3600000 NS I.ROOT-SERVERS.NET. I.ROOT-SERVERS.NET. 3600000 A 192.36.148.17 /var/named/127.0.0.0 -------------------------- @ IN SOA localhost. root.localhost. ( 1997071201 ; Serial 36000 ; Refresh 3600 ; Retry 3600000 ; Expire 36000 ) ; Minimun IN NS localhost. 1 IN PTR localhost. =========== I NAKONEC /etc/named.boot directory /var/named ; ” /var/named cache . root.cache ; ” root.cache primary 0.0.127.in-addr.arpa 127.0.0.0 ; ” 127.0.0.0 ; forwarders 193.124.148.65 193.124.23.4 primary moshkow.pp.ru moshkow.pp.ru ; ” moshkow.pp.ru primary 173.233.193.in-addr.arpa 193.233.173.0 ; ” 193.233.173.0 ; secondary moshkow.orc.ru 193.124.148.81 second/moshkow.orc.ru &dDDopolnitel'naya informaciya&d@ $INCLUDE /var/named/header @ $INCLUDE /var/named/fedfond-hosts-spisok @ &dDPoyasneniya:&d@ &dDPervaya stroka soderzhit: &d@ imya zony s obyazatel'noj tochkoj v konce predopredelennye polya IN i SOA imya servera, na kotorom soderzhitsya zavedomo pravil'naya informaciya o zone, s obyazatel'noj tochkoj na konce. Pri neobhodimosti razmeshcheniya vtorichnyh serverov my budem brat' informaciyu o zone imenno s etogo servera. pochtovyj adres otvetstvennogo za server, v kotorom znak @ zamenen na . a esli trebuetsya ispol'zovat' . v levoj chasti adresa, ona dolzhna byt' prefiksirovana dvumya znakami \ Imenno po etomu adresu budet otpravleno soobshchenie v sluchae uspeshnogo delegirovaniya zony. Adres v privedennom primere budet vyglyadet' kak andrei.arkhipov@elvis.ru otkryvayushchaya kruglaya skobka Na sleduyushchih 5 strokah opisyvayutsya vazhnye dlya zony parametry: &dDSerial&d@ Opredelyaet poryadkovyj nomer redakcii fajla s opisaniem zony. |to chislo dolzhno izmenyat'sya tol'ko v storonu uvelicheniya i izmenyat'sya ono dolzhno pri kazhdom vnesenii izmeneniya v fajl opisaniya zony. Rekomenduemyj format: &dDYYYYMMDDNN&d@ gde YYYY - god, MM - mesyac, DD - den', NN - poryadkovyj nomer vneseniya izmeneniya v ukazannyj den'. &dDRefresh&d@ Kazhdye "refresh" sekund vtorichnye servera proveryayut osnovnoj na predmet uvelicheniya znacheniya "serial", i esli eto proizoshlo obnovlyayut u sebya zonu. Rekomenduemoe znachenie: 86400, chto sostavlyaet 24 chasa. &dDRetry&d@ Esli osnovnoj server byl nedostupen, vtorichnyj budet proizvodit' povtornye popytki kazhdye "retry" sekund. Rekomenduemoe znachenie: 7200, chto sostavlyaet 2 chasa. &dDExpire&d@ Esli v techenie "expire" sekund vtorichnyj server ne smog soedinit'sya s osnovnym i obnovit' informaciyu o zone, on schitaet sebya nesposobnym davat' otvety na zaprosy o zone. Rekomenduemoe znachenie: 2592000, chto sostavlyaet 30 sutok. &dDMinimum TTL&d@ Znachenie po umolchaniyu dlya vremeni, v techenie kotorogo server derzhit zapis' v keshe. Rekomenduemoe znachenie: 345600, chto sostavlyaet 4 sutok. Dalee idet opisanie vseh serverov zony, prichem server ukazannyj v pervoj stroke (v zapisi SOA) obyazatel'no dolzhen prisutstvovat' v etom spiske, a esli neobhodimo razmeshchenie vtorichnyh serverov na mashih AO Relkom (ns.spb.su i/ili ns.ussr.eu.net), to i oni dolzhny prisutstvovat' v spiske, a takzhe v zayavke. V privedennom primere utverzhdaetsya, chto zona prisutstvuet na serverah ns.elvis.ru i ns2.elvis.ru i trebuetsya razmeshchenie vtorichnyh serverov na ns.spb.su i ns.ussr.eu.net Obratite vnimanie, chto vse imena serverov zakanchivayutsya tochkoj. ===================================== EOF =========================== [ Article crossposted from comp.protocols.tcp-ip.domains ] [ Author was Craig Richmond - division (craig@ecel.uwa.edu.au) ] [ Posted on 3 Aug 1993 10:53:51 GMT ] Setting up a basic DNS server for a domain Revision 1.1.1 Craig Richmond craig@ecel.uwa.edu.au 3rd August 1993 About this document I have written this file because it seems that the same questions seem to pop up time and time again and when I had to install DNS from scratch the first time, we found very little to help us. This document covers setting up a Domain Name Server with authority over your domain and using a few of the more useful but less well known (hopefully this document will take care of that) features of nslookup to get information about the DNS and to work out why yours isn't working. If you are using a Sun Workstation and you want t