05. Networking

Arindam BaidyaArindam Baidya
8 min read

Table of contents

DNS

Ping from system A to B.

Want to ping host B as db. But it is not recognizing. Host A is unaware of a host name ‘db’.

Need to tell host A that when I am trying to ping ‘db’, I mean it to ping host B. And we did it by adding an entry to /etc/hosts of A with ip of B referring to db.

We can even fool host A by telling that host B is ‘www.google.com’. Because anything we add in /etc/hosts file, is the ground truth for host A. It will not even verify. We can add as many entry we want.

Every time we reference another host by its name from Host A through a ping command, or the ssh command, or any of the application or tool within the system, it looks into its /etc/hosts file to find out the ip address of that host.

Translating hostname to IP address in this way is known as Name Resolution.

ping is not always be a good command to test DNS resolution. especially when ping is disable on the other host. In that case nslookup, and dig can come in handy.

Within a small network of few systems, we can easily get away with the entries in the /etc/hosts file. But when the network grew, and files of all the system engage with too many entries, managing these become too hard. Because if one of the server’s IP got change, need to modify the entries in all the hosts.

That’s why we decided to move all these entries into a single server that will manage it centrally. We called that our DNS server. Then we point all hosts to look up that server if they are need to resolve a hostname to an IP address instead of its own /etc/hosts file. So how do we do that ?

  • Our DNS server has the IP 192.168.1.100.

  • Every host has a DNS resolution configuration file at /etc/resolve.conf

    We need to add an entry by specifying the address (e.g., 192.168.1.100) of the DNS server (nameserver) in all of our hosts. Now, everytime a host come accross a hostname that it does not know about, it looks it up from the DNS server. If the IP of any of the hosts was to change, simply update the DNS and all host should resolve the new IP address going forward.

  • IP address of the DNS Server used in any system can be check through cat /etc/resolv.conf if already exist.

When we have entries in both /etc/hosts , and /etc/resolve.conf file, it will first check the /etc/hosts file.

But this order can be change. The order is defined by an entry in the file /etc/nsswitch.conf. Here, files means /etc/hosts and dns means /etc/resolve.conf pointing to the dns server, We can reverse this order.

When we don’t have any entries in any file, /etc/hosts, /etc/resolv.conf for any unknown host, then we need to add an entry in /etc/resolv.conf with 8.8.8.8. Here, 8.8.8.8 is the public nameserver available on the internet, hosted by the google that knows about all the website on the internet. It can also be add into DNS server rather adding into individual host to forward all unknown IP to public nameserver.

Domain Names

How IP translate to names that we can remember on the public internet. Separated by dots is to grouping similar things.

  • . is the Root, from where everything starts.

  • .com, .edu, .io, .org are the top level domain. They represent the intend of the website.

  • google is the domain assign to google.

  • www, maps, drive, mail, apps are the sub domain

  • we can further devide each of these into as many sub domains based on our needs

» When we try to reach any of this domain name, say apps.google.com from within a organization. The request first hits the organization’s internal DNS server, It doesn’t know who apps or google is. So it forward the request to the internet. In the internet the IP address of the server serving apps.google.com may be resolved with the help of multiple DNS servers. A root DNS server looks at the request point to a DNS server serving .com. A .com DNS server then looks at the request and forward us to the google. Now google’s server provide us the IP of the server serving the applications.

  • In order to speed up, the organization’s DNS server may choose to cache this IP for a period of time. That way it doesn’t go through the whole process again.

When within the organization, we want to search web by pointing it to web.mycompany.com. For that we need to make an entry in /etc/resolv.conf file with name search which point to the desired domain name append to.

Record Types

IP to host names → A record

IPv6 to hostnames → quad A record (AAAA)

mapping one name to another name → CNAME records

nslookup

Does not consider in the local /etc/hosts file.

DIG

DIG is another another useful tool to test DNS name resolution.

Networking Basics

Connecting two system A and B through a switch, and the switch creates a network so that we can reach one system to another. To connect them with switch we need an interface on each host.

ip link to see the interfaces for the host.

ip addr to see the IP addresses assign to the interfaces

Switch is able to communicate in the same network.

ip addr add 192.168.1.10/24 dev eth0 Assigning the systems with IP address on the same network (Suppose network address is 192.168.1.0) » Now both computers can communicate with each other through the switch. (Can test with ping).

If we want to communicate with another network - Router will help us with it.

route or, ip route To see existing routing configuration on a system*.* It displays the kernel routing table.

ip route add 192.168.2.0/24 via 192.168.1.1 To configure a gateway on a system is required to re reach the host present in another network. Here, the second system’s network address is 192.168.2.0 and gateway is 192.168.1.1.

ip route add 172.217.194.0/24 via 192.168.2.1 To access google network on the internet from system present in 192.168.2.0 network through the gateway 192.168.2.1

ip route add default via 192.168.2.1, or, ip route add 0.0.0.0 via 192.1682.1 There are so many different sites on the different network on the internet. Instead of adding a routing table entry with the same router IP address for each of those networks, we can use the router as a default gateway.

sudo ip link set dev eth0 up Bring up the a interface (e.g., here eth0).

sudo ip r del default To delete the default route using the ip r command.

Note: Changes made using these commands are only valid till a system restart. If we want to persist these changes, we must set them in the /etc/network/interfaces *file.

Troubleshooting

Scenario:

When we are trying to access with a new URL, we getting the connection timeout error. This can be happen due to a variety of reasons.

  • It could be an issue with the local interface not being connected with the network.

  • It could be the host not resolving the IP address of the host name we are trying to connect with.

  • It could be an issue with route to the server.

  • Or could be an issue with the server itself. Maybe the server itself is a connectivity issue, or the software hosts the service isn’t functioning correctly.

step 1: Check the local interface by running command ip link and ensure the primary interface is up. If not up then run sudo ip link set dev <eth0> up

step 2: Check if we can resolve the host name to an IP address. Run an nslookup command against the host name and ensure it is resolving to a valid IP.

  • The nslookup command reaches out to the DNS server, and requests for the IP address of the host name. And if DNS will return the IP address of the server then it is okay.

step 3: Check connectivity by ping the remote server to check we get a response or not. Here we got negetive output. We got 100% packet loss through ping. Ping is often not the best tool to check connectivity because many network would have disabled it.

  • To troubleshoot the issue with the route we run the trace route command.

    traceroute <192.168.2.5> This will show us the number of hops or devices between the source, which is the laptop, and the repo server. It will also show if there is a problem with any of the devices in the network route between the source and destination.

    • The request timed out between the second router and the server which is the issue.

    • Looking at the repo server itself will give us more idea on what the issue could be. So its time to troubleshoot from the other end.

    • netstat -an | grep 80 | grep -i LISTEN by running this command got HTTP process is running on port 80, that means the webserver is up. netstat command can be use to print the information of network connections, routing table, and several other network statistics.

    • By checking ip link got the interface is down which is the root cause of the problem. Now it bring up using ip link set dev <eth0> up

References

KodeKloud

0
Subscribe to my newsletter

Read articles from Arindam Baidya directly inside your inbox. Subscribe to the newsletter, and don't miss out.

ip addressdns resolvernslookupnetworking

Written by

Arindam Baidya
Arindam Baidya