13,420
edits
Changes
no edit summary
[[Category:OPS235]]
{{Admon/caution|Draft Lab|This lab has NOT been released for regular distribution. When the lab is ready to be released, this caution banner will disappear.}}
= Configuring a Network Using Virtual Machines =
==Overview==
* In this lab, you will learn the basics of networking by using your Virtual Machines and your f16host f17host machine.
* In addition, you will learn to associate network services with port numbers, and learn how to backup files by date/time.
==Required Materials (Bring to All Labs)==
* '''Fedora 16 17 LIVE CD''' - You can burn this onto a CD-R in the Open Lab* '''Fedora 16 x_64 17 x86_64 Installation DVD''' - You can burn this onto a DVD-R in the Open Lab (or burn image onto a DVD+R if you are using the Freedom Toaster).* '''SATA Hard Disk''' (in removable disk tray)* '''USB Memory Stick''' (minimum 64M)* '''Lab Logbook (Lab5 Reference Sheet)''' (to make notes and observations).
==Prerequisites==
== Lab Preparation ==
{{Admon/important | Live disc installations and system-config-network | The '''fedora1''' VM was installed from Live CD. It is missing the GUI Network Configuration tool we will be using. Use the command <code>yum install system-config-network</code> to install it.}}
{{Admon/important | Backup your VMs before proceeding | Stop all of your VMs and backup your VM disk images. Do not start the VMs until told to start them.}}
== Configuring a Network Using Virtual Machines ==
=== Investigation 1: How do you create a new virtual network. ===
{{Admon/note | Use the f16host f17host | Complete the following steps on your '''f16hostf17host''' computer system.}}
Before configuring our network we want to turn off dynamic network configuration for our Virtual Machines by turning off the "default" virtual network.
# On your '''f16hostf17host''' machine start Virtual Machine Manager
# In the Virtual Machine Manager dialog box, Select '''Edit'''-> '''Connection Details'''.
# In the '''Hosts''' Details dialog box, select the '''Virtual Networks''' tab
'''Answer the Investigation 1 observations / questions in your lab log book.'''
=== Investigation 2: How do you configure a static network using <code>system-config-network</code>. ===
# To configure a new interface on fedora2 go to '''Applications'''->'''Other'''->'''Network Connections'''.
# Make certain there are no '''"Wired"''' connections (even if you have to click on the connection name and click the '''Delete''' button.
# Change Create a new wired connection, with the "Connection Name" at the top to read '''eth1'''
# Click on the '''Add''' button, and select the '''IPv4 Settings''' tab.
# Change the method from "Automatic (DHCP)" to '''"Manual"'''.
#: Subnet Mask '''255.255.255.0'''
#: Default Gateway '''192.168.235.1''' (The IP address of <code>virbr1</code> on your fedora host.)
# Click on the '''DNS''' tab field and add '''192.168.235.1''' as the primary DNS server.
# Click '''Save''' to Finish, and exit the Network Connections dialog box.
# Your network connection may connect (view the Network Manager applet in the gnome panel at the top of the screen). If there is no connection after a few minutes, you should be able to right-click on the applet and click "eth1" to connect.
'''Answer the Investigation 2 observations / questions in your lab log book.'''
=== Investigation 3: What files does the <code>system-config-network</code> GUI tool change?. ===
<li>View the <code>/root/netcfg.lst</code> file. What does it contain?</li>
<li>Create a new directory called: <code>/tmp/lab6</code></li>
<li>Issue the following commandcommands:
<ul>
<li><code>mkdir -p /tmp/lab6</code></li>
<li><code>find /etc -newer /tmp/timestamp -exec cp {} /tmp/lab6 \;</code></li>
</ul>
'''Answer the Investigation 3 observations / questions in your lab log book.'''
=== Investigation 4: How do I configure the network without a GUI tool? ===
#* List the contents of the directory and you should see 2 different types of files, network config scripts and network configuration files.
#* look for the config file for your original interface, it should be named <code>ifcfg-eth0</code>
#* Copy that file to <code>ifcfg-eth1eth<b>N</b></code> or whatever name matches where <b>N</b> relates to your current eth interfacenumber (we will use <b>eth1</b> as an example).
#* Edit the new file for you interface and give it the following settings:
#**DEVICE="eth1" <-- '''or the interface name YOU have '''
#**NM_CONTROLLED="yes"
#**IPV6INIT="no"
# Save the file and then restart the network connection by issuing the commands: <code>ifdown eth1</code> and then <code>ifup eth1</code><br /><br ><b>NOTE: </b>If there are errors, check that the hardware address in the config file matches the hardware address of the device its configuring<br /><br />
# Verify your configuration as you did before.
# Finally the kickstart file used to install this VM did not set the hostname. Edit the file <code>/etc/sysconfig/network</code> and set the hostname to <code>fedora3</code>
::1 localhost6.localdomain6 localhost6 fedora1
192.168.235.1 f16hostf17host
192.168.235.11 fedora1
192.168.235.12 fedora2
=== Investigation 8: How do I view and configure the IPTABLES firewall? -- Basic Function/Configuration ===
{{Admon/note | Use the f17host | Complete the following steps on your '''f17host''' computer system.}}
{{Admon/note | | [http://en.wikipedia.org/wiki/Iptables Iptables] is the built-in firewall for LINUX. While this program can be controlled by different GUI's, we are going to investigate the powerful command line interface for this program to choose what data is allowed into, out of and through our computer.
'''FORWARD''' – LINUX PC's are often used as routers or gateways for other PC's. This means that data may have to be passed through this LINUX box, but the data is not intended for the LINUX PC nor is it being sent by the LINUX PC. Even though the data will go into this PC and it will exit this PC, the INPUT and OUTPUT chains do not apply here. Because the PC is acting as a router it does not actually send or receive data, it FORWARDS data from one machine to another. When this process happens, the data is checked against the FORWARD chain to see if it is allowed through. If it is the router will forward the data to it's destination. If not, the packet is dropped.}}
{{Admon/important | Non-Persistent Changes to your Host System | Complete this lab on your host system (f13hostf16host).
It should be noted that all of the commands that we do here with iptables will not be persistent unless you have your configuration. That means if you re-boot, the default iptables configuration will be loaded.}}
<li value="9">'''Make a backup of the file <code>/etc/sysconfig/iptables</code>'''</li>
<li>Examine the file to see how rules are added.</li>
<li>Issue the command: <code>service iptables -save> /etc/sysconfig/iptables</code> to save the rules you added with the iptables command, above.</li>
<li>Verify that the file <code>/etc/sysconfig/iptables</code> was updated with your new rules.</li>
<li>Restart your iptables service and test your configuration. </li>
'''Answer the Investigation 8 observations / questions in your lab log book.'''
== New Configuration ==
