Basics Computer Networking and DNS :)
Basics of Computer Network
In this post, we will understand Switching, routing, Default Gateway, and DNS Configuration on Linux. I have covered this article by asking a few questions to myself.
So let's start understanding of network with the very basic question
"Q. What is the Computer Network? "
In simple words, AWS Doc says "Computer networking refers to interconnected computing devices that can exchange data and share resources."
Let's take an example, suppose we have 2 devices, Device A and Device B. this device can be anything either mobile, VM, or Laptop. When device A wants to communicate with device B, How will it happen? The switch will allow doing so.
Q.So, What is Switch?
The switch is an internetworking device that allows devices to talk to each other within the network. as simple as that.
To connect our devices to the switch we need an interface on each device.
Q.So what is Network Interface?
Network Interface is the point by which a device is connected to another device in the same network or public or private network. Think of the network interface as a point of communication for any device. Devices can have more than one interface. So back to the point Device A and Device B both have interfaces at their end. In Linux to see the list and modify the interface available on the device use ip link
command. Now at this point, we have two devices with the network interface and switch with the network IP address(192.168.11.0). let's assign an IP address to devices A and B's network interface.
Q. How we will do this?
To assign an IP address to the interface we use commands
ip addr add ip_address user interface
eg. ip addr add 192.168.11.3 dev eth0
once a link establishes between them we can transfer packets from Device A to Device B. Now Let's suppose we have another network and we want to establish the connection from one device from one network to another device in the second network.
Q.How to achieve this?
To solve this problem, To establish communication between 2 networks we have a router.
A router is an intelligent Networking device that allows communication between different networks.
Ok till this point you know when we use the switch and router?
Use case :
Before going into more detail about the use case let's understand some very basic terminology.
If you are a Linux user press route
command in your terminal. It'll show you the default routing table for the kernel.
don't worry if you don't know what it's showing.
you will likely get the output shown below
Q.What are Destination and Gateway?
Destination :
when you hit URL in a browser, after resolving(we will see this later, for now just consider its value associated with URL ) the URL, you will get an IP address associated with it, after getting the IP address, you know this IP address lies in the 192.168.1.0 network. So here for the IP address,192.168.1.11 destination will be the network id of that IP i.e 192.168.1.0
but
Q.how does the destination fit in the picture?
when you hit ping 192.168.1.11
in a terminal, the first thing in the kernel routing table will check if there is any entry mentioned for the network id of this IP 192.168.1.11 address.
( Q.Why did we mention network ID instead direct IP address?
Can we go inside the room without entering the home? Obviously NO! similarily you can't reach the host directly without entering its network.)
Q. Now you got it what is the destination Now let's take Gateway, what it's?
Now at this point, we know where to pass the request(or in other words, we know where we have to go?), but we don't know how can we reach there, Getting a path on "How to reach the destination?" Gateway will help us.
Now take a glance at the below image,
Q. What does It mean when the destination is 0.0.0.0?
suppose you want to reach the 156.12.231.2 IP address, here network id of the IP will be 156.12.231.0, but when you see the destination column, there is no entry mention for this network ID. So in this case your request will pass to 192.168.1.1 as Gateway and your gateway may connect to other router or the internet and find that respective network and give you some output.
Q. What does It mean when Gateway is 0.0.0.0?
It's just saying like don't go outside the network, the place which you are looking for is inside your local network. no need to go anywhere, so when the request is looking for a network id of 192.168.1.0 it seems inside the local network.
Use case: Converting one Host as a router and establishing the connection between two Hosts.
Suppose we have three hosts HOST A, HOST B, and HOST C.
Suppose Host A is part of the network whose network ID is 192.168.12.0
Host B is part of a network whose network ID is 192.168.13.0
Between those 2, we have another Host connected to both networks with different interfaces.
In the above picture, you can see
System A has an IP address of 192.168.12.4
System B has an IP address at one interface let's say eth0 192.168.12.1
and on another Interface say eth02 having 192.168.13.1
System C has an IP address of 192.168.13.8
Here we want to establish a connection from Host A to Host C.
How will we do that?
suppose when we try to communicate with Host C like ping 192.168.13.8
from Host A, It'll give you output as Network unreachable. Host A doesn't know where to found the Network of Host C.
So here we have to say Host A explicitly, first go to Host B if you wanna reach network 192.168.13.0 i.e network id of Host C.
How we will say this in the technical term?
We will specify the Destination and Gateway in the routing table. see the below command, we will run this command on Host A
ip route add 192.168.13.0/24 via 192.168.12.1
So at this moment, our Host A knows if it wants to reach Host C, it has to go first 192.168.12.1 after that rest of the remaining process will happen.
Now think of Host C, It also doesn't know where to go if wants to send data to Host A.So we will also mention the route information in the routing table of system C like below.
ip route add 192.168.12.0/24 via 192.168.13.1
Please Remember to add the CIDR value after the network address, or else you will not able to connect with System B.
You can check in the below image I set the route entry without a CIDR block, it leads to making the host flag active for the respective entry. Because of that, I was not able to send traffic 192.168.13.0 network.
Make sure route entries with flags is looks like the below image.
( Q. But what is this flag all about?
It represents 3 values
UGH - The U flag indicates that the route is up. The G flag indicates that the route is to a gateway. The H flag indicates that the destination is a fully qualified host address, rather than a network. )
System A is connected to B, system B is connected to C.
A knows how to reach C and vice versa also true.
Please note here, Now even system A knows where to go to reach Host C though when you try to ping from system A to system C, It will not connect you by default.
why?
In Linux because of security reasons, we can't send data packets from one interface to other.
but Why is it so? Suppose our eth0 is connected to a private network and eth01 is connected to the public network, we always make sure No one should send data from the public interface to the private network directly.
so what to do then?
Linux provides a way to achieve our goal by changing the setting in ip_forward
File.
See what's mentioned in the ip_forward file by the below command.
>> cat /proc/sys/net/ipv4/ip_forward >> 0
Output 0 indicates that IP forwarding from one interface to other is disabled.
Set this to 1 to allow IP forwarding.
>> echo 1 > /proc/sys/net/ipv4/ip_forward
Now if you try to send packets from System A to System C, Voila a connection will be established.
But remember those changes for Host B will be preserved until the next reboot, Every time the system starts ip_forward will be set to 0.
To set the configuration as soon as the system load, we will set net.ipv4.ip_forward=1
in /etc/sysctl.conf
file.
Now, whenever the system starts System B will act as a router.
Let's Understand What DNS is all about?
The full form of DNS is Domain Name System, but what is this?
Let's understand it by example.
Q.when your search ping google.com
in the terminal. what exactly happens there?
We know that in the world of the internet, each server has some IP address, but to connect with those servers it's hard to remember those IP addresses, so computer scientists found a way to map names to IP addresses. Next time when you hit google.com in the browser, remind yourself this "google.com" is somewhere pointing to a certain IP address.
So this process of taking the IP address from the name is known as name resolution. or the process of pointing out to specific IP associated with one particular domain name is known as name resolution.
Now what is DNS, You can think DNS is a kind of directory, which help you to achieve name resolution.
Let's understand Linux where we can find local DNS configuration files.
This file tells whenever someone searches localhost in the browser it will internally search for an IP address 127.0.0.1.
In case when you ping airflow-VirtualBox
It'll internally search for 127.0.1.1 and check if it's open for connection.
In the earlier days whenever you want to search any website, you just add the IP address of that website with whatever name you wanted to give it. but It was a problem when you have many hosts. Let's for example you have 100 hosts then each time you have to update the same /etc/hosts file on each host of 100 hosts.
It's troublesome when the IP address of of one the server were changed, so in that case, you have to manually change the IP address in each file.
Q. So How to deal with this problem?
One better approach makes one server a DNS server, which means storing all entries of the domain name and IP address on one separate server. Whenever any system wants an IP address related to the domain name it will go and refer entries from that server.
sounds cool...
But again there are millions of websites with names and their IP address, It's hard to store domain names and associated IP addresses for us.
So to deal with this problem there is some public DNS service provided by Google and other popular organization, for example, Google's default DNS server IP address is 8.8.8.8 and/or 8.8.4.4.
Let us understand DNS server configuration by example.
Let's take a hypothetical use case, John is a person working in an organization, he is a developer. in his day-to-day task, he works with different servers for different departments.
so at this moment, we know that saving all IP addresses associated with the server locally in /etc/hosts
the file is not always a good idea.
So we have created one server as a DNS server where we will save all the records, If the case in the future if the IP address of the server is changed then we just have to change the IP address in only one place.
But
Q.How john's machine will know where is the DNS server?
We will add an entry in /etc/resolv.conf a
file like below
nameserver ip_address_of_dns_server
Now onward for name resolution, we will use the DNS server.
But One problem is still here...
suppose john has created one test server for himself, now He wants to access that server from his system but instead of remembering the name of the IP address he decided to give it a name to that server, suppose he gave the name "hr-test-server".
(please make sure you understand here john's requirement is when in do ping hr-test-server
only his system can make requests. He doesn't want to add this IP address and name to the DNS server. So the solution is he can add this entry to his local /etc/hosts
file.)
Now when he does ping hr-test-server
he will ping that test server correctly.
Q**.But what if someone from johns organization adds the same entry for hr-test-server in the DNS server?**
Q.Now John's local system has some configuration on his local system and the DNS server also has some configuration. What will happen then?
So when we ping domain_name
the first system will check available entries in /etc/hosts the
file by default. If the domain name is not there It'll go for the DNS server if it is mentioned in /etc/resolv.conf the
file.
Here the system is first checking locally and then goes to the DNS server,
Q.Is it possible to change the order like the first check-in on the DNS server and then locally?
Yes, it is possible. We can achieve that by modifying the order of hosts in /etc/nsswitch.conf the
file. you have to change the order and make DNS first and files second.
So This is how we do some basic DNS configurations.
Thank you.
Subscribe to my newsletter
Read articles from Gaurav directly inside your inbox. Subscribe to the newsletter, and don't miss out.
Written by