Network Configuration

Материал из Home wiki
Версия от 22:37, 30 августа 2018; KOleg (обсуждение | вклад) (Новая страница: «This page explains how to set your systems IP address, hostname, DNS servers and other network settings. It covers both Linux and other Unix variants. : See i…»)
(разн.) ← Предыдущая | Текущая версия (разн.) | Следующая → (разн.)
Перейти к навигации Перейти к поиску

This page explains how to set your systems IP address, hostname, DNS servers and other network settings. It covers both Linux and other Unix variants.

See introduction to Linux networking

Ошибка: неверное или отсутствующее изображение

Файл:Interface icon.png Network Interfaces

To view the interfaces that are currently active on your system, click on the Network Interfaces icon on the main page of the module. This will take you to the page shown in Figure 16-1, which lists interfaces on your system in two categories. At the top under Interfaces Active Now are those that are currently enabled and have an IP address assigned. All loopback, Ethernet and PPP interfaces will be shown, although not all will be editable using Webmin. At the bottom under Interfaces Activated at Boot Time are those which have been configured to be activated at boot. The two lists will not necessarily be the same, as some types of interface (such as PPP) are not activated at boot time and so will not appear in the second list.

The steps to follow to change the IP address, active status or other details of an interface are:

  1. If the interface appears under both Interfaces Active Now and Interfaces Activated at Boot Time (as most editable ones do), click on its name in the lower list. This will take you to a form for editing its settings, shown in Figure 16-2.
  2. To assign a different address, enter it into the IP Address field. Or select the From DHCP option if you want the address to be dynamically assigned by a DHCP server on your network.
  3. If necessary, change the Netmask field. If it or IP address is changed, you will also need to set the Broadcast address field based on the new netmask and IP.
  4. When editing an active interface, the MTU and *Hardware address* fields will be available. You should leave the MTU alone unless you really know what you are doing, as changing it could reduce network performance or cut your system off from the network altogether. The hardware address should only be changed if you want to give your network card a different Ethernet address, which is rarely necessary.
  5. If editing a boot-time interface, make sure the *Activate at boot?* field is set to Yes so that the interface is brought up when the system starts. If editing an active interface, make sure the Status field is set to Up so that it can be used immediately.
  6. When done editing a boot-time interface, click the *Save and Apply* button to save your changes for use at bootup time, and to make them immediately active. If you are editing an active interface, just click Save to activate your changes.

After changing any of your system's IP addresses, be sure to update any host address entries associated with them as well. See the Editing host addresses section below for details on how to do this. You may also need to update records in your DNS server as well.

An active interface can be shut down by clicking the Delete button on its editing form instead. Similarly, a boot-time interface can be removed (for example if you have removed a network card) so that it will not be activated at startup by clicking the Delete button on its form.

Adding a network interface

There are two situations in which you might want to add a new network interface - if your system has just had a network card installed, or if you are adding an additional virtual IP address to an existing interface. In the latter case, the new virtual interface is not associated with its own separate network card, but instead adds an additional IP address to an existing Ethernet card. Virtual addresses are often used on systems hosting multiple websites, so that each site can have its own IP address.

Before an interface for a new network card can be configured, you must make sure that it is recognized by the Linux kernel and the appropriate kernel module loaded. There is no support in Webmin for doing this at the moment, but most distributions include a graphical tool for loading kernel modules, or a configuration file in /etc that specifies which modules to load. Once the interface is recognized, the steps to configure it are:

  1. On the main page of the module, click the Add a new interface link under Interfaces Activate at Boot Time. This will take you to the creation form, which is similar to the editing form in Figure 16-2.
  2. Enter the interface name (such as eth1 or tr0) into the Name field. This must correspond to whatever name has been assigned by the kernel.
  3. In the IP Address field, either enter an address or select the From DHCP option for it to be dynamically assigned.
  4. Enter the netmask for the network the interface is on into the Netmask field, such as 255.255.255.0.
  5. Set the Broadcast field based on the address and netmask. For example, if the IP was 10.1.2.3 and the netmask was 255.0.0.0 then the broadcast address would be 10.255.255.255.
  6. If you want the interface to be brought up at boot time, set the Activate at boot? field to Yes.
  7. Finally, click the Create button. Assuming there are no errors in your input, you will be returned to the list of interfaces.
  8. To make the interface active now, click on its name from the Interfaces Activate at Boot Time list. Then on the editing form, click the Save and Apply button. If any error occurs during activation (such as the interface not being recognized by the kernel) Webmin display an error message.

A virtual interface adds an additional IP address to an existing real interface. Virtual interfaces have names like eth0:1, where eth0 is the name of the real interface and _1_ is the virtual number. To add one, the steps to follow are:

  1. On the main page of the module, click on the real interface that you want to add a virtual address for, under *Interfaces Activate at Boot Time*.
  2. On the editing form, click the Add virtual interface link. This will take you to a creation form, similar to Figure 16-2.
  3. In the Name field, enter a number for the virtual interface. This must not be used by any existing virtual interface on the same real network card.
  4. Fill in the IP Address field with the address that you want to assign to the virtual interface.
  5. The Netmask and Broadcast fields should be set to the same addresses as the real interface. They would only be different if the virtual interface was on a different IP network that was sharing the same LAN as the network for the real interface.
  6. Assuming you want the virtual interface to be created at boot time, set the Activate at boot? field to Yes.
  7. Hit the Create button. As long as there are no errors in your input, you will be return to the list of interfaces. Your new virtual interface will appear under its real parent in the Interfaces Activate at Boot Time section.
  8. To activate the virtual interface immediately, click on its name and on the editing form click the Save and Apply button.

Файл:Protocols icon.png Routing and Gateways

Any system attached to a large network needs to know the address of a default gateway, as explained in the introduction. In some cases, the system itself may be a gateway as well - perhaps forwarding data between a local area network and a dialup or broadband connection. In this case, it must be configured to forward incoming packets that are destined for some other address.

In some cases, traffic destined for certain networks may have to be sent via another router instead of the default gateway. Or if the more than one IP network shares the same LAN, traffic for any of those networks must be sent using the correct interface. If either of these are the case on your network, static or local routes need to be configured so that the system knows where to send packets for certain destinations.

To change the default gateway used by your system or enable packet forwarding, the steps to follow are:

  1. On the Network Configuration module's main page, click the Routing and Gateways icon. This will take you to a form for configuring routing, which is unfortunately slightly different on each Linux distributions due to differences in the underlying configuration files.
  2. Enter the IP address of the default gateway into the *Default router* field.
  3. Enter the name of the network interface that must be used to reach the default router into the Default route device field. On some Linux distributions this field is optional, meaning that the system will work it out automatically. On others, there is a Gateway field next to the Default router input.
  4. To enable routing, set the Act as router? field to Yes.
  5. On Redhat, Mandrake, MSC and Turbo Linux, you can set up static routing using the Static routes table. For each static route, you must enter one row containing the following information : In the Interface column, enter the interface that will be used to reach the router, such as eth0. In the Network column, enter the address of the remote network, such as 192.168.5.0. In the Netmask column, enter the network's netmask, such as 255.255.255.0. In the Gateway column, enter the IP address of a router that knows how to forward data to the network, such as 192.168.4.1.
  6. On those same distributions, you can set up routing to additional IP networks on connected LANs using the Local routes table. For each route, you must enter one row containing the following details : In the Interface column, enter the name of the interface that the LAN is connected to, such as eth1. In the Network column, enter the address of the additional IP network, such as 192.168.3.0.
  7. Click the Save button when done. Any changes will not be activated immediately - instead, they will only take effect when your system is next booted.

If your system's primary network connection is via PPP dialup, then the default gateway will be assigned automatically when you connect and removed when you disconnect. Therefore there is no need to set it up using this form.

Gear icon.png Hostname and DNS Client

Every Unix system has a hostname, which appears in the login prompt, system logs, outgoing email and on every Webmin page. Normally the hostname is the same as or part of the DNS name for the system's IP address, but this does not have to be the case, especially if the system is not connected to a network or only connects occasionally via dialup. However, for permanently connected systems the hostname should be the hosts fully qualified DNS name (like server1.foo.com), or just the first part (like server1). Anything else is likely to cause confusion and possibly network problems.

When a Linux system is first set up, you get to choose the hostname as part of the distribution's installation process. However, it can be changed at any time, either using Webmin, a GUI tool provided by the distribution, or the hostname command. To make the change in Webmin, the steps to follow are:

  1. On the main page of the Network Configuration module, click the DNS Client icon. This will take you to the form for editing the hostname and DNS options shown in Figure 16-3.
  2. Enter the new hostname (composed of letters, numbers, underscores and dots) into the Hostname field.
  3. Click the Save button to have it immediately changed. Your browser will be returned to the module's main page.
  4. Change the host address for your old hostname to the new one, as explained in the Editing host addresses section below.
  5. If you are running a DNS server, don't forget to update the entry for your system there as well.

As explained in the introduction to this chapter, in order to lookup hostnames and IP addresses your system will almost certainly need to know the addresses of DNS servers on the network. To change the system's DNS settings, follow these steps:

  1. Click on the DNS Client icon on the main page of the module, which will take you to the form shown in Figure 16-3.
  2. Enter the addresses of up to three servers into the DNS servers field. If the first is not available, your system will try the second or finally the third. Most networks will have at least a primary and secondary DNS server to increase reliability in case one fails.
  3. The Resolution order field can be used to control where your system will look when resolving hostnames and IP addresses. Generally the defaults are reasonable, with Hosts (the /etc/hosts file) listed first and DNS later. However, if you are using NIS for hostname resolution you will need to make sure it is selected somewhere in the order.
  4. In the Search domains field, enter any domain names that you want your system to automatically append to resolved hostnames. For example, if foo.com was listed and you ran the command telnet server1 then the IP address for server1.foo.com would be looked up.
  5. When done, click the Save button. Any changes will take effect immediately in all programs running on your system.

If your system's only network connection is via dialup, the DNS servers may be assigned automatically by your ISP depending on your PPP configuration.

Файл:Address icon.png Host Addresses

Host addresses are mappings between an IP address and one or more hostnames that are stored in the /etc/hosts file on your system. Because they are stored locally, they can be looked up at any time, even when a DNS server is not accessible. On a small network with only a few systems, you may choose not to run a DNS server at all, but instead keep the addresses of every system in the hosts file on each system. In fact, this is what was done in the early days of the Internet before DNS was developed.

To view the addresses on your system, click the Host Addresses icon on the module's main page. There will always be an entry for localhost, and probably one for your system's hostname as well. If your system's IP address or hostname has been changed, the host addresses list will probably not reflect the change, which could cause problems. To change a host address, the steps to follow are:

  1. Click on its IP address from the list, which will take you to an editing form.
  2. Enter the new address into the IP Address field.
  3. Enter any hostnames into the Hostnames field. It is always a good idea to enter both the short and long forms of any hostname, such as server1.foo.com and server1 so that both can be used.
  4. Click the Save button, and if there are no errors in the form your browser will return to the list of hosts and addresses.

You can add extra host addresses by clicking the *Add a new host address* link above or below the link and filling in the same form. There are no restrictions on the same hostname being associated with two different IP addresses, or the same IP address appearing twice in the list.

Файл:IPAddress icon.png IPv6 Host Addresses

The IPv6 Host Address section is available if in the module's configuration [File listing IPv6 hosts and addresses] contains a valid file.

Module access control

As Webmin Users explains, it is possible to limit the features of this module that a particular Webmin user or group can access. For example, you may want to allow a user to only edit the host addresses list, or only be able to view settings instead of editing them. To do this, create or edit a Webmin user who has access to the module, and then follow these steps:

  1. In the Webmin Users module, click on Network Configuration next to the name of the user or group that you want to restrict. This will bring up the module access control form.
  2. Change the Can edit module configuration? field to No, so that they user cannot configure the module to edit a host addresses file other than /etc/hosts.
  3. The Can edit network interfaces? field determines which interfaces the user can see and edit. Setting it to Yes allows editing of all of them, while choosing No prevents the Network Interfaces page from being accessed at all. If View only is chosen, all interfaces will be visible but the user will not be able to change any of their attributes. If Only interfaces is chosen, only those whose names (separated by spaces) are entered into the field next to it will be editable. All others will be only viewable.
  4. If the Can edit routing and gateways? field is set to Yes, the user will be able to set up the default router and static routes as normal. If No is chosen, the Routing and Gateways page will not be accessible at all, or if View only is chosen the current settings will be visible but not changeable.
  5. Similarly, the Can edit DNS client settings? and *Can edit host addresses?* fields can be set to Yes, View only and No to control access to the DNS Client and Host Addresses pages respectively.
  6. When you are done making selections, click the Save button to have the new restrictions immediately activated.

Be very careful giving an un-trusted user the rights to edit any network configuration in this module, as he may be able to figure out a way to gain root access or disrupt other users by changing routes, host addresses or interface settings.

Other operating systems

The Network Configuration module is also available on several other operating systems, with fairly similar options to Linux. Due to the different features supported by network configuration files on other versions of Unix, in some sections the user interface is quite different. The supported systems and the variations between them and Linux are:

Sun Solaris and SCO UnixWare
  • When editing a boot-time network interface, all that can be changed is the IP address.
  • The boot-time settings for the loopback interface cannot be edited at all. Both operating systems always enable it at boot with the IP address 127.0.0.1.
  • On the Routing and Gateways page, multiple default routers can be entered. There is no need to specify a default route device though, as it is always worked out automatically.
FreeBSD and NetBSD
  • There is no option to use DHCP to automatically assign an address for an interface at boot time.
  • On the Routing and Gateways page, there is no default route device field. However, there is an additional Start route discovery daemon? option.
  • The hardware address of an active interface cannot be changed.
  • When creating a virtual interface, the netmask must be entered as 255.255.255.255.
OpenBSD
  • On the Routing and Gateways page, there is no default route device field. However, there is an additional *Start route discovery daemon?* option.
  • The hardware address of an active interface cannot be changed.