Pokrewne
- Strona Główna
- Radiation Protection A Guide for Scientists, Regulators and Physicians Jacob Shapiro
- Sams' Teach Yourself Linux In 24 Hours
- The Career Survival Guide Dealing with Office Politics Brian OConnell
- Teach yourself linux in 24 hours
- CorelDRAW 11 and Corel RAVE 2 User Guide
- (ebook computers) Visual C .NET Developers Guide
- Novell Netware 5 Advanced Admin Instructor guide
- Corel PHOTO PAINT 11 User Guide
- w strone milosci montgomery
- Cussler Clive, Perry Thomas Przygoda Fargo 05 Piaty kodeks Majow
- zanotowane.pl
- doc.pisz.pl
- pdf.pisz.pl
- wrobelek.opx.pl
[ Pobierz całość w formacie PDF ]
.For instance, the ifcon g command will take arguments that set the IRQ line andDMA channel. 5.11.The Future 102Another change to come soon is the additional mtu ag to the route command whichwill set the Maximum Transmission Unit for a particular route.This route-speci c MTUoverrides the MTU speci ed for the interface.You will typically use this option for routesthrough a gateway, where the link between the gateway and the destination host requires avery low MTU.For instance, assume host wanderer is connected to vlager through a SLIPlink.When sending data from vstout to wanderer, the networking layer on wandererwould would use packets of up to 1500 bytes, because packets are sent across the Ethernet.The SLIP link, on the other hand, is operated with an MTU of 296, so the network layeron vlager would have to break up the IP packets into smaller fragments that t into 296bytes.If instead, you would have con gured the route on vstout to use a MTU of 296 rightfrom the start, this relatively expensive fragmentation could be avoided:route add wanderer gw vlager mtu 296Note that the mtu option also allows you to selectively undo the e ects of the `SubnetsAre Local' Policy SNARL.This policy is a kernel con guration option and is describedin chapter 3. Chapter 6Name Service and ResolverCon guratonAs discussed in chapter 2, TCP IP networking may rely on di erent schemes to convertnames into addresses.The simplest way, which takes no advantage of the way the namespace has been split up into zones is a host table stored in etc hosts.This is useful only forsmall LANs that are run by one single administrator, and otherwise have no IP tra c withthe outside world.The format of the hosts le has already been described in chapter 5.Alternatively, you may use BIND the Berkeley Internet Name Domain Service forresolving host names to IP addresses.Con guring BIND may be a real chore, but onceyou've done it, changes in the network topology are easily made.On Linux, as on manyother un?xish systems, name service is provided through a program called named.Atstartup, it loads a set of master les into its cache, and waits for queries from remote orlocal user processes.There are di erent ways to set up BIND, and not all require you torun a name server on every host.This chapter can do little more but give a rough sketch of how to operate a name server.If you plan to use BIND in an enviroment with more than just a small LAN and probablyan Internet uplink, you should get a good book on BIND, for instance Cricket Liu's DNSand BIND" see AlbitzLiu92.For current information, you may also want to check therelease notes contained in the BIND sources.There's also a newsgroup for DNS questionscalled comp.protocols.tcp-ip.domains.103 6.1.The Resolver Library 1046.1 The Resolver LibraryWhen talking of the resolver", we do not mean any special application, but rather refer tothe resolver library, a collection of functions that can be found in the standard C library.The central routines are gethostbyname 2 and gethostbyaddr 2 which look up all IP ad-dresses belonging to a host, and vice versa.They may be con gured to simply look up theinformation in hosts, query a number of name servers, or use the hosts database of NISNetwork Information Service.Other applications, like smail, may include di erent driversfor any of these, and need special care.6.1.1 The host.conf FileThe central le that controls your resolver setup is host.conf.It resides in etc and tells theresolver which services to use, and in what order.Options in host.conf must occur on separate lines.Fields may be separated by whitespace spaces or tabs.A hash sign introduces a comment that extends to the nextnewline.The following options are available:order This determines the order in which the resolving services are tried.Valid op-tions are bind for querying the name server, hosts for lookups in etc hosts,and nis for NIS lookups.Any or all of them may be speci ed.The order inwhich they appear on the line detemines the order in which the respectiveservices are tried.multi Takes on or o as options.This detemines if a host in etc hosts is allowedto have several IP addresses, which is usually referred to as being multi-homed".This ag has no e ect on DNS or NIS queries.nospoof As explained in the previous chapter, DNS allows you to nd the hostnamebelonging to an IP address by using the in-addr.arpa domain.Attemptsby name servers to supply a false hostname are called spoo ng".To guardagainst this, the resolver may be con gured to check if the original IP addressis in fact associated with the hostname obtained.If not, the name is rejectedand an error returned.This behavior is turned on by setting nospoof on.alert This option takes on or o as arguments.If it is turned on, any spoofattempts see above will cause the resolver to log a message to the syslogfacility. 6.1.The Resolver Library 105trim This option takes a domain name as an argument, which will be removedfrom hostnames before lookup.This is useful for hosts entries, where youmight only want to specify hostnames without local domain.A lookup ofa host with the local domain name appended will have this removed, thusallowing the lookup in etc hosts to succeed.trim options accumulate, making it possible to consider your host as beinglocal to several domains.A sample le for vlager is shown below:etc host.confWe have named running, but no NIS yetorder bind hostsAllow multiple addrsmulti onGuard against spoof attemptsnospoof onTrim local domain not really necessary.trim vbrew.com.6.1.2 Resolver Environment VariablesThe settings from host.conf may be overridden using a number of environment variables.These areRESOLV HOST CONFThis speci es a le to be read instead of etc host.conf.RESOLV SERV ORDEROverrides the order option given in host.conf.Services are given as hosts,bind, and nis, separated by a space, comma, colon, or semicolon.RESOLV SPOOF CHECKDetermines the measures taken against spoo ng.It is completely disabled byo.The values warn and warn o enable spoof checking, but turn loggingon and o , respectively.A value of * turns on spoof checks, but leaves thelogging facility as de ned in host.conf.RESOLV MULTI A value of on or o may be used to override the multi options from tthost.conf.RESOLV OVERRIDE TRIM DOMAINSThis environment speci es a list of trim domains which override those givenin host.conf. 6.1.The Resolver Library 106RESOLV ADD TRIM DOMAINSThis environment speci es a list of trim domains which are added to thosegiven in host.conf.6.1.3 Con guring Name Server Lookups | resolv.confWhen con guring the resolver library to use the BIND name service for host lookups, youalso have to tell it which name servers to use.There is a separate le for this, calledresolv.conf.If this le does not exist or is empty, the resolver assumes the name server ison your local host.If you run a name server on your local host, you have to set it up separately, as will beexplained in the following section.If your are on a local network and have the opportunityto use an existing nameserver, this should always be preferred.The most important option in resolv.conf is nameserver, which gives the IP address ofa name server to use.If you speci y several name servers by giving the nameserver optionseveral times, they are tried in the order given.You should therefore put the most reliableserver rst.Currently, up to three name servers are supported.If no nameserver option is given, the resolver attempts to connect to the name serveron the local host [ Pobierz całość w formacie PDF ]
zanotowane.pl doc.pisz.pl pdf.pisz.pl agnieszka90.opx.pl
.For instance, the ifcon g command will take arguments that set the IRQ line andDMA channel. 5.11.The Future 102Another change to come soon is the additional mtu ag to the route command whichwill set the Maximum Transmission Unit for a particular route.This route-speci c MTUoverrides the MTU speci ed for the interface.You will typically use this option for routesthrough a gateway, where the link between the gateway and the destination host requires avery low MTU.For instance, assume host wanderer is connected to vlager through a SLIPlink.When sending data from vstout to wanderer, the networking layer on wandererwould would use packets of up to 1500 bytes, because packets are sent across the Ethernet.The SLIP link, on the other hand, is operated with an MTU of 296, so the network layeron vlager would have to break up the IP packets into smaller fragments that t into 296bytes.If instead, you would have con gured the route on vstout to use a MTU of 296 rightfrom the start, this relatively expensive fragmentation could be avoided:route add wanderer gw vlager mtu 296Note that the mtu option also allows you to selectively undo the e ects of the `SubnetsAre Local' Policy SNARL.This policy is a kernel con guration option and is describedin chapter 3. Chapter 6Name Service and ResolverCon guratonAs discussed in chapter 2, TCP IP networking may rely on di erent schemes to convertnames into addresses.The simplest way, which takes no advantage of the way the namespace has been split up into zones is a host table stored in etc hosts.This is useful only forsmall LANs that are run by one single administrator, and otherwise have no IP tra c withthe outside world.The format of the hosts le has already been described in chapter 5.Alternatively, you may use BIND the Berkeley Internet Name Domain Service forresolving host names to IP addresses.Con guring BIND may be a real chore, but onceyou've done it, changes in the network topology are easily made.On Linux, as on manyother un?xish systems, name service is provided through a program called named.Atstartup, it loads a set of master les into its cache, and waits for queries from remote orlocal user processes.There are di erent ways to set up BIND, and not all require you torun a name server on every host.This chapter can do little more but give a rough sketch of how to operate a name server.If you plan to use BIND in an enviroment with more than just a small LAN and probablyan Internet uplink, you should get a good book on BIND, for instance Cricket Liu's DNSand BIND" see AlbitzLiu92.For current information, you may also want to check therelease notes contained in the BIND sources.There's also a newsgroup for DNS questionscalled comp.protocols.tcp-ip.domains.103 6.1.The Resolver Library 1046.1 The Resolver LibraryWhen talking of the resolver", we do not mean any special application, but rather refer tothe resolver library, a collection of functions that can be found in the standard C library.The central routines are gethostbyname 2 and gethostbyaddr 2 which look up all IP ad-dresses belonging to a host, and vice versa.They may be con gured to simply look up theinformation in hosts, query a number of name servers, or use the hosts database of NISNetwork Information Service.Other applications, like smail, may include di erent driversfor any of these, and need special care.6.1.1 The host.conf FileThe central le that controls your resolver setup is host.conf.It resides in etc and tells theresolver which services to use, and in what order.Options in host.conf must occur on separate lines.Fields may be separated by whitespace spaces or tabs.A hash sign introduces a comment that extends to the nextnewline.The following options are available:order This determines the order in which the resolving services are tried.Valid op-tions are bind for querying the name server, hosts for lookups in etc hosts,and nis for NIS lookups.Any or all of them may be speci ed.The order inwhich they appear on the line detemines the order in which the respectiveservices are tried.multi Takes on or o as options.This detemines if a host in etc hosts is allowedto have several IP addresses, which is usually referred to as being multi-homed".This ag has no e ect on DNS or NIS queries.nospoof As explained in the previous chapter, DNS allows you to nd the hostnamebelonging to an IP address by using the in-addr.arpa domain.Attemptsby name servers to supply a false hostname are called spoo ng".To guardagainst this, the resolver may be con gured to check if the original IP addressis in fact associated with the hostname obtained.If not, the name is rejectedand an error returned.This behavior is turned on by setting nospoof on.alert This option takes on or o as arguments.If it is turned on, any spoofattempts see above will cause the resolver to log a message to the syslogfacility. 6.1.The Resolver Library 105trim This option takes a domain name as an argument, which will be removedfrom hostnames before lookup.This is useful for hosts entries, where youmight only want to specify hostnames without local domain.A lookup ofa host with the local domain name appended will have this removed, thusallowing the lookup in etc hosts to succeed.trim options accumulate, making it possible to consider your host as beinglocal to several domains.A sample le for vlager is shown below:etc host.confWe have named running, but no NIS yetorder bind hostsAllow multiple addrsmulti onGuard against spoof attemptsnospoof onTrim local domain not really necessary.trim vbrew.com.6.1.2 Resolver Environment VariablesThe settings from host.conf may be overridden using a number of environment variables.These areRESOLV HOST CONFThis speci es a le to be read instead of etc host.conf.RESOLV SERV ORDEROverrides the order option given in host.conf.Services are given as hosts,bind, and nis, separated by a space, comma, colon, or semicolon.RESOLV SPOOF CHECKDetermines the measures taken against spoo ng.It is completely disabled byo.The values warn and warn o enable spoof checking, but turn loggingon and o , respectively.A value of * turns on spoof checks, but leaves thelogging facility as de ned in host.conf.RESOLV MULTI A value of on or o may be used to override the multi options from tthost.conf.RESOLV OVERRIDE TRIM DOMAINSThis environment speci es a list of trim domains which override those givenin host.conf. 6.1.The Resolver Library 106RESOLV ADD TRIM DOMAINSThis environment speci es a list of trim domains which are added to thosegiven in host.conf.6.1.3 Con guring Name Server Lookups | resolv.confWhen con guring the resolver library to use the BIND name service for host lookups, youalso have to tell it which name servers to use.There is a separate le for this, calledresolv.conf.If this le does not exist or is empty, the resolver assumes the name server ison your local host.If you run a name server on your local host, you have to set it up separately, as will beexplained in the following section.If your are on a local network and have the opportunityto use an existing nameserver, this should always be preferred.The most important option in resolv.conf is nameserver, which gives the IP address ofa name server to use.If you speci y several name servers by giving the nameserver optionseveral times, they are tried in the order given.You should therefore put the most reliableserver rst.Currently, up to three name servers are supported.If no nameserver option is given, the resolver attempts to connect to the name serveron the local host [ Pobierz całość w formacie PDF ]