In This Chapter

Chapter 2

Linux Networking

How To Configure Your NIC’s IP Address

How To Activate / Shutdown Your NIC

How To Change Your Default Gateway

How Configure Two Gateways

How To Delete A Route

How To View Your Current Routing Table

How To Change The Duplex Setting Of Your NIC

How To Convert Your Linux Server Into A Router

Configuring Your /etc/hosts File

(c) Peter Harrison, www.linuxhomenetworking.com

= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =

This chapter covers how to configure your Linux box’s networking features.

How To Configure Your NIC’s IP Address

Determining Your IP Address

Most modern PCs come with an ethernet port. When Linux is installed, this device is called “eth0“. You can determine the IP address of this device with the “ifconfig” command.

[root@bigboy tmp]# ifconfig -a

eth0 Link encap:Ethernet HWaddr 00:08:C7:10:74:A8
BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
Interrupt:11 Base address:0×1820

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:787 errors:0 dropped:0 overruns:0 frame:0
TX packets:787 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:82644 (80.7 Kb) TX bytes:82644 (80.7 Kb)

wlan0 Link encap:Ethernet HWaddr 00:06:25:09:6A:B5
inet addr:192.168.1.100 Bcast:192.168.1.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:47379 errors:0 dropped:0 overruns:0 frame:0
TX packets:107900 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:4676853 (4.4 Mb) TX bytes:43209032 (41.2 Mb)
Interrupt:11 Memory:c887a000-c887b000

wlan0:0 Link encap:Ethernet HWaddr 00:06:25:09:6A:B5
inet addr:192.168.1.99 Bcast:192.168.1.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:11 Memory:c887a000-c887b000

[root@bigboy tmp]#

In this example, eth0 has no IP address as this box is using wireless interface wlan0 as it’s main NIC. Interface wlan0 has an IP address of 192.168.1.100 and a subnet mask of 255.255.255.0

You can see that this command gives good information on the interrupts used by each card. This can also be found in less detail in the file /proc/interrupts

Changing Your IP Address

If you wanted, you could give this eth0 interface an IP address using the ifconfig command.

[root@bigboy tmp]# ifconfig eth0 10.0.0.1 netmask 255.255.255.0 up

The “up” at the end of the command activates the interface. To make this permanent each time you boot up you’ll have to add this command in your /etc/rc.d/rc.local file.

Linux also makes life a little easier with interface configuration files located in the /etc/sysconfig/network-scripts directory. Interface eth0 has a file called ifcfg-eth0, eth1 uses ifcfg-eth1 … etc. You can place your IP address information in these files which are then used to auto-configure your NICs when Linux boots. Here are two samples for interface eth0, one assumes the interface has a fixed IP address, the other assumes it requires an IP address assignment using DHCP.

network-scripts File Formats 

As you can see eth0 will be activated on booting as the parameter ONBOOT has the value “yes” and not “no”. You can read more about netmasks and DHCP on the introduction to networking chapter.

The default RedHat/Fedora installation will include the “broadcast” and “network” options in the network-scripts file. These are usually optional.

Once you change the values in the configuration files for the NIC you’ll have to deactivate and activate it for the modifications to take effect. The ifdown and ifup commands can be used to do this.

[root@bigboy network-scripts]# ifdown eth0

[root@bigboy network-scripts]# ifup eth0

How DHCP Affects The DNS Server You Use

Your DHCP server not only supplies the IP address your Linux box should use, but also the desired DNS servers. Make sure your /etc/resolv.conf file has the “servers” configuration lines commented out to prevent any conflicts.

Multiple IP Addresses On A Single NIC

In the previous “determining your IP address” section you may have noticed that there were two wireless interfaces. One’s named wlan0 and the other wlan0:0. Interface wlan0:0 is actually a “child” of interface wlan0, a virtual sub-interface also known as an “IP alias”. IP aliasing is one of the most common ways of creating multiple IP addresses associated with a single NIC. Aliases have the name format “parent-interface-name:X“, where  “X” is the sub-interface number of your choice.

The process for creating an IP alias is very similar to the steps outlined for the real interface in the previous “changing your IP address” section. The example below is for the wlan0:0 sub-interface.

o        First ensure the “parent” real interface exists

o        Verify that no other IP aliases with the same name exists with the name you plan to use. In this we want to create interface wlan0:0

o        Create the virtual interface with the ifconfig command

[root@bigboy tmp]# ifconfig wlan0:0 192.168.1.99 \

                       netmask 255.255.255.0 up

o        You should also create a /etc/sysconfig/network-scripts/ifcfg-wlan0:0 file so that the aliases will all be managed automatically with the ifup and ifdown commands. Here is a sample:

DEVICE=wlan0:0

ONBOOT=yes

BOOTPROTO=static

IPADDR=192.168.1.99

NETMASK=255.255.255.0

IP Address Assignment For A Direct DSL Connection

If you are using a DSL connection with fixed or “static” IP addresses, then the configuration steps are the same as those outlined above. You plug your ethernet interface into the DSL modem, configure it with the IP address, subnet mask, broadcast address and gateway information provided by your ISP and you should have connectivity once you restart your interface. Remember that you may also need to configure your DNS server correctly.

If you are using a DSL connection with a DHCP or “dynamic” IP address assignment, then the process is different. Your ISP will provide you with a PPPoE “username” and “password” which will allow your computer to login transparently to the Internet each time it boots up. Fedora Linux installs the rp-pppoe RPM software package required to support this.

Downloading and installing RPMs isn’t hard. If you need a refresher, the chapter on RPMs covers how to do this in detail. When searching for the file, remember that the PPPoE RPM’s filename usually starts with the word “rp-pppoe” followed by a version number like this: rp-pppoe-3.5-8.i386.rpm.

After installing the RPM, you’ll need to go through a number of steps to complete the connection. The PPPOE configuration will create a software based virtual interface named ppp0 that will use the physical Internet interface eth0 for connectivity. Here’s what you need to do:

o        Make a backup copy of your ifcfg-eth0 file.

[root@bigboy tmp]#

[root@bigboy tmp]# cd /etc/sysconfig/network-scripts/

[root@bigboy network-scripts]# ls ifcfg-eth0

ifcfg-eth0

[root@bigboy network-scripts]# cp ifcfg-eth0 DISABLED.ifcfg-eth0

o        Edit your ifcfg-eth0 file to have no IP information and also to be deactivated on boot time.

DEVICE=eth0

ONBOOT=no

o        Shutdown your eth0 interface.

[root@bigboy network-scripts]# ifdown eth0

[root@bigboy network-scripts]#

o        Run the adsl-setup configuration script

[root@bigboy network-scripts]# adsl-setup

o        It will prompt you for your ISP username, the interface to be used (eth0) and whether you want to the connection to stay up indefinitely. We’ll use defaults wherever possible.

Welcome to the ADSL client setup.  First, I will run some checks on

your system to make sure the PPPoE client is installed properly…

LOGIN NAME

Enter your Login Name (default root): bigboy-login@isp

INTERFACE

Enter the Ethernet interface connected to the ADSL modem

For Solaris, this is likely to be something like /dev/hme0.

For Linux, it will be ethX, where ‘X’ is a number.

(default eth0):

Do you want the link to come up on demand, or stay up continuously?

If you want it to come up on demand, enter the idle time in seconds

after which the link should be dropped.  If you want the link to

stay up permanently, enter ‘no’ (two letters, lower-case.)

NOTE: Demand-activated links do not interact well with dynamic IP

addresses.  You may have some problems with demand-activated links.

Enter the demand value (default no):

o        It will then prompt you for your DNS server information. This step will edit your /etc/resolv.conf file. If you’re running BIND on your server in a caching DNS mode then you may want to leave this option blank. If you want your ISP to automatically provide the IP address of its DNS server then enter the word “server”.

DNS

Please enter the IP address of your ISP’s primary DNS server.

If your ISP claims that ‘the server will provide dynamic DNS addresses’, enter ’server’ (all lower-case) here.

If you just press enter, I will assume you know what you are

doing and not modify your DNS setup.

Enter the DNS information here:

o        The script will then prompt you for your ISP password

PASSWORD

Please enter your Password:

Please re-enter your Password:

o        Then it will ask whether you want regular users (not superuser “root“) to be able to activate/deactivate the new ppp0 interface. This may be required if non “root” members of your family or home office need to get access to the Internet.

USERCTRL

Please enter ‘yes’ (two letters, lower-case.) if you want to allow

normal user to start or stop DSL connection (default yes):

o        The rp-pppoe package has two sample ipchains firewall scripts located in the /etc/ppp directory named firewall-standalone and firewall-masq. They are very basic and don’t cover rules to make your Linux box a web server, DNS server nor mail server. I’d recommend selecting “none” and using a variant of the basic script samples in the firewall chapter, or the more comprehensive one found in the Appendix.

FIREWALLING

Please choose the firewall rules to use.  Note that these rules are

very basic.  You are strongly encouraged to use a more sophisticated

firewall setup; however, these will provide basic security.  If you

are running any servers on your machine, you must choose ‘NONE’ and

set up firewalling yourself. Otherwise, the firewall rules will deny

access to all standard servers like Web, e-mail, ftp, etc.  If you

are using SSH, the rules will block outgoing SSH connections which

allocate a privileged source port.

The firewall choices are:

0 – NONE: This script will not set any firewall rules.  You are responsible

          for ensuring the security of your machine.  You are STRONGLY

          recommended to use some kind of firewall rules.

1 – STANDALONE: Appropriate for a basic stand-alone web-surfing workstation

2 – MASQUERADE: Appropriate for a machine acting as an Internet gateway

                for a LAN

Choose a type of firewall (0-2): 0

o        You’ll then be asked whether you want the connection to be activated upon booting. Most people would say “yes”.

Start this connection at boot time

Do you want to start this connection at boot time?

Please enter no or yes (default no):yes

o        Just before exiting, you’ll get a summary of the parameters you entered and the relevant configuration files will be updated to reflect your choices when you accept them.

** Summary of what you entered **

Ethernet Interface: eth0

User name:          bigboy-login@isp

Activate-on-demand: No

DNS:                Do not adjust

Firewalling:        NONE

User Control:       yes

Accept these settings and adjust configuration files (y/n)? y

Adjusting /etc/sysconfig/network-scripts/ifcfg-ppp0

Adjusting /etc/ppp/chap-secrets and /etc/ppp/pap-secrets

  (But first backing it up to /etc/ppp/chap-secrets.bak)

  (But first backing it up to /etc/ppp/pap-secrets.bak)

o        At the very end it will tell you the commands to use to activate /deactivate your new ppp0 interface and to get a status of the interface’s condition.

Congratulations, it should be all set up!

Type ‘/sbin/ifup ppp0′ to bring up your xDSL link and ‘/sbin/ifdown ppp0′to bring it down.

Type ‘/sbin/adsl-status /etc/sysconfig/network-scripts/ifcfg-ppp0′

to see the link status.

The above example recommends using the adsl-status command with the name of the PPPoE interface configuration file. This command defaults to show information for interface ppp0 and therefore listing the ifcfg-ppp0 filename won’t be necessary in most home enviornments.

Some Important Files Created By adsl-setup

The adsl-setup script creates three files that will be of interest to you. The first is the ifcfg-ppp0 file with interface’s link layer connection parameters

[root@bigboy network-scripts]# more ifcfg-ppp0

USERCTL=yes

BOOTPROTO=dialup

NAME=DSLppp0

DEVICE=ppp0

TYPE=xDSL

ONBOOT=yes

PIDFILE=/var/run/pppoe-adsl.pid

FIREWALL=NONE

PING=.

PPPOE_TIMEOUT=20

LCP_FAILURE=3

LCP_INTERVAL=80

CLAMPMSS=1412

CONNECT_POLL=6

CONNECT_TIMEOUT=60

DEFROUTE=yes

SYNCHRONOUS=no

ETH=eth0

PROVIDER=DSLppp0

USER= bigboy-login@isp

PEERDNS=no

[root@bigboy network-scripts]#

>        The others are the duplicate /etc/ppp/pap-secrets and /etc/ppp/chap-secrets files with the username and password needed to login to your ISP.

[root@bigboy network-scripts]# more /etc/ppp/pap-secrets

# Secrets for authentication using PAP

# client        server  secret                  IP addresses

“bigboy-login@isp” *       ”password”

[root@bigboy network-scripts]#

Simple Troubleshooting

>        You can run the adsl-status command to determine the condition of your connection. In this case the package has been installed but the interface hasn’t been activated.

[root@bigboy tmp]# adsl-status

Note: You have enabled demand-connection; adsl-status may be inaccurate.

adsl-status: Link is attached to ppp0, but ppp0 is down

[root@bigboy tmp]#

>        After activation, the interface appears to work correctly.

[root@bigboy tmp]# ifup ppp0

[root@bigboy tmp]#  adsl-status

adsl-status: Link is up and running on interface ppp0

ppp0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1462 inet

...

...

...

[root@bigboy tmp]#

>        For further troubleshooting information you can visit the website of rp-ppoe at Roaring Penguin (www.roaringpenguin.com). There are some good tips there on how to avoid problems with VPN clients.

IP Address Assignment For A Cable Modem Connection

Cable modems use DHCP to get their IP addresses so you can configure your server’s ethernet interface accordingly.

How To Activate / Shutdown Your NIC

The ifup and ifdown commands can be used respectively to activate and deactivate a NIC interface. You must have an ifcfg file in the /etc/sysconfig/network-scripts directory these commands to work. Here is an example for interface eth0:

[root@bigboy tmp]# ifdown eth0

[root@bigboy tmp]# ifup eth0

How To Change Your Default Gateway

This can be done with a simple command. This example uses a newly installed wireless interface called wlan0, most PCs would be using the standard ethernet interface eth0.

[root@bigboy tmp]# route add default gw 192.168.1.1 wlan0

In this case, make sure that the router / firewall with IP address 192.168.1.1 is connected to the same network as interface wlan0 !

Once done, you’ll need to update your /etc/sysconfig/network file to reflect the change. This file is used to configure your default gateway each time Linux boots.

NETWORKING=yes
HOSTNAME=bigboy
GATEWAY=192.168.1.1

Some people don’t bother with this step and just place the “route add” command in the file /etc/rc.d/rc.local

How Configure Two Gateways

Some networks may have multiple router / firewalls providing connectivity. Here’s a typical scenario:

>        You have one router providing access to the Internet which you’d like to have as your default gateway (See the default gateway example above)

>        You also have another router providing access to your corporate network using addresses in the range 10.0.0.0 to 10.255.255.255. Let’s assume that this router has an IP address of 192.168.1.254

The Linux box used in this example uses interface wlan0 for its Internet connectivity. You may be most likely using interface eth0, please adjust your steps accordingly.

Add the new route as follows:

route add -net 10.0.0.0 netmask 255.0.0.0 gw 192.168.1.254 wlan0

The file etc/sysconfig/static-routes will also have to updated so that the route is reinstated when you reboot. Here is a sample.

wlan0 net 10.0.0.0 netmask 255.0.0.0 gw 192.168.1.254

Some people don’t bother with this step and just place the “route add” command in the file /etc/rc.d/rc.local. A more complicated /etc/sysconfig/static-routes file is located in a following section.

How To Delete A Route

Here’s how to delete the routes added in the previous section.

route del -net 10.0.0.0 netmask 255.0.0.0 gw 192.168.1.254 wlan0

The file etc/sysconfig/static-routes will also have to be updated so that when you reboot the server will not reinsert the route. Delete the line that reads:

wlan0 net 10.0.0.0 netmask 255.0.0.0 gw 192.168.1.254

How To View Your Current Routing Table

The netstat -nr command will provide the contents of the touting table. Networks with a gateway of 0.0.0.0 are usually directly connected to the interface. As no gateway is needed to reach your own directly connected interface then an address of 0.0.0.0 seems appropriate.

>        In this example there are two gateways, the default and one to 255.255.255.255 which is usually added on DHCP servers. Server bigboy is a DHCP server in this case.

[root@bigboy tmp]# netstat -nr
Kernel IP routing table
Destination     Gateway     Genmask         Flags MSS Window irtt Iface
255.255.255.255 0.0.0.0     255.255.255.255 UH    40  0      0    wlan0
192.168.1.0     0.0.0.0     255.255.255.0   U     40  0      0    wlan0
127.0.0.0       0.0.0.0     255.0.0.0       U     40  0      0    lo
0.0.0.0         192.168.1.1 0.0.0.0         UG    40  0      0    wlan0
[root@bigboy tmp]#

>        In this example, there are multiple gateways handling traffic destined for different networks on different interfaces.

[root@bigboy tmp]# netstat -nr
Kernel IP routing table
Destination   Gateway       Genmask         Flags MSS Window irtt Iface
172.16.68.64  172.16.69.193 255.255.255.224 UG    40  0      0    eth1
172.16.11.96  172.16.69.193 255.255.255.224 UG    40  0      0    eth1
172.16.68.32  172.16.69.193 255.255.255.224 UG    40  0      0    eth1
172.16.67.0   172.16.67.135 255.255.255.224 UG    40  0      0    eth0
172.16.69.192 0.0.0.0       255.255.255.192 U     40  0      0    eth1
172.16.67.128 0.0.0.0       255.255.255.128 U     40  0      0    eth0
172.160.0     172.16.67.135 255.255.0.0     UG    40  0      0    eth0
172.16.0.0    172.16.67.131 255.240.0.0     UG    40  0      0    eth0
127.0.0.0     0.0.0.0       255.0.0.0       U     40  0      0    lo
0.0.0.0       172.16.69.193 0.0.0.0         UG    40  0      0    eth1
[root@bigboy tmp]#

>        Here is what the static routes file looks like for this multi-homed (Multiple NICs) server

[root@bigboy tmp]# more /etc/sysconfig/static-routes
eth0 net 172.16.0.0   netmask 255.240.0.0     gw 172.16.67.131
eth0 net 172.160.0    netmask 255.255.0.0     gw 172.16.67.135
eth0 net 172.16.67.0  netmask 255.255.255.224 gw 172.16.67.135
eth1 net 172.16.68.64 netmask 255.255.255.224 gw 172.16.69.193
eth1 net 172.16.68.32 netmask 255.255.255.224 gw 172.16.69.193
eth1 net 172.16.11.96 netmask 255.255.255.224 gw 172.16.69.193
[root@bigboy tmp]#

How To Change The Duplex Setting Of Your NIC

There is no better Linux investment than the purchase of a fully Linux compatible NIC card. Most Linux vendors will have a list of compatible hardware on their websites, read this carefully before you start hooking up you machine to the network. If you can’t find any of the desired models in your local computer store, then a model in the same family or series should be sufficient. Most cards will work, but only the fully compatible ones will provide you with error free, consistent throughput.

My experience has been that Ethernet NICs built into motherboards (onboard NICs) frequently don’t negotiate port speed and duplex correctly. An onboard NIC may be adequate for a home system, but you should invest in a compatible card when using Linux in a SOHO environment.

You can manage the duplex and speed settings of your NIC with the mii-tool command. It is best to use this command with compatible hardware.

In the example below, we can see the output of the command verbose “-v” mode. In this case, negotiation was OK, with the NIC selecting 100Mbps, full duplex mode (FD).

[root@bigboy tmp]# mii-tool -v

eth1: negotiated 100baseTx-FD, link ok

  product info: vendor 00:10:18, model 33 rev 2

  basic mode:   autonegotiation enabled

  basic status: autonegotiation complete, link ok

  capabilities: 100baseTx-FD 100baseTx-HD 10baseT-FD 10baseT-HD

  advertising:  100baseTx-FD 100baseTx-HD 10baseT-FD 10baseT-HD

  link partner: 100baseTx-FD 100baseTx-HD 10baseT-FD 10baseT-HD flow-control

[root@bigboy tmp]#

You can set your NIC to force itself to a particular speed and duplex by using the “-F” switch with any of the following options: 100baseTx-FD, 100baseTx-HD, 10baseT-FD, or 10baseT-HD. Remember that you could lose all network connectivity to your server if you force your NIC to a particular speed/duplex that doesn’t match that of your switch.

[root@bigboy tmp]# mii-tool -F 100baseTx-FD eth0

I have seen where NICs appear to work with failed negotiation, but this is usually accompanied by many “collision” type errors being seen on the NIC when using the ifconfig -a command and only marginal performance. The causes for this could include an incompatible NIC, incorrect settings on your switch port or a bad cable.

How To Convert Your Linux Server Into A Router

Configuring IP Forwarding

For your Linux server to become a router, you have to enable packet forwarding. In simple terms packet forwarding lets packets flow through the Linux box from one network to another.

The configuration parameter to activate this is found in the file /etc/sysctl.conf. Remove the “#” from the line related to packet forwarding.

Before

# Disables packet forwarding
#net.ipv4.ip_forward=1

After

# Enables packet forwarding
net.ipv4.ip_forward=1

This will only enable it when you reboot at which time Linux will create a file in one of the subdirectories of the special RAM memory based /proc filesystem. To activate the feature immediately you have to create a single lined text file called /proc/sys/net/ipv4/ip_forward and it only contain the value “1″. Here is how it’s done:

[root@bigboy tmp] echo 1 > /proc/sys/net/ipv4/ip_forward

Configuring Proxy ARP

If a server needs to send a packet to another device on the same network, it sends out an ARP request to the network asking for the MAC address of the other device.

If the same server needs to send a packet to another device on a remote network the process is different. The server first takes a look at its routing table to find out the IP address of the best router on its network which will be able to relay the packet to the destination. The server then sends an ARP request for the MAC address that matches the router’s IP address. It then sends the packet to the router using the routet’s MAC address, but a destination IP address of the remote server.

If there is no suitable router on its network, the server will then send out an ARP request for the MAC address of the remote server. Some routers can be configured to answer these types of ARP requests for remote networks. This feature is called “proxy ARP”. There are some disadvantages with this. One of the most common problems occurs if two routers are on the network configured for proxy ARP. In this scenario there is the possibility that either one will answer the local server’s ARP request for the MAC address of the remote server. If one of the routers has an incorrect routing table entry for the remote network, then there is the risk that traffic to the remote server will occasionally get lost. In other words you can lose routing control.

Note: It is for this and other reasons that it is generally not a good idea to configure proxy ARP on a router. It is also good to always configure a default gateway on your server and use separate routing entries via other routers for all networks your default gateway may not know about.

If you need to enable proxy ARP on a Linux server the /proc filesystem comes into play again. Proxy ARP is handled by files in the /proc/sys/net/ipv4/conf/ directory. This directory then has sub-directories corresponding to each functioning NIC card on your server. Each subdirectory then has a file called proxy_arp. If the value within this file is “0″, then proxy ARP on the interface is disabled; if the value is “1″ then it is enabled.

You can use the “echo” command to insert the correct values into each file. The example below activates proxy ARP for interfaces eth0 and wlan0.

[root@bigboy tmp] echo 1 > /proc/sys/net/ipv4/conf/eth1/proxy_arp

[root@bigboy tmp] echo 1 > /proc/sys/net/ipv4/conf/wlan0/proxy_arp

The following command will enable it for all interfaces.

[root@bigboy tmp] echo 1 > /proc/sys/net/ipv4/conf/all/proxy_arp

(You can determine your network interface names with the ifconfig -a command)

There is no purpose built configuration file to force Linux to do proxy ARP on booting. The best way to do this is put the commands above in your /etc/rc.d/rc.local file

echo 1 > /proc/sys/net/ipv4/conf/eth1/proxy_arp

echo 1 > /proc/sys/net/ipv4/conf/wlan0/proxy_arp

Configuring Your /etc/hosts File

The /etc/hosts file is just a list of IP addresses and their corresponding server names. Your server will typically check this file before referencing DNS, if the name is found with a corresponding IP address then DNS won’t be queried at all. Unfortunately, if the IP address for that host changes, you’ll have to update file. For ease of management, it is best to limit entries in this file to just the loopback interface, and also the server’s own host name and use the centralized DNS server handle the rest.

192.168.1.101  smallfry

In the example above server “smallfry” has an IP address of 192.168.1.101. You can access 192.168.1.101 using the “ping”, “telnet” or any other network aware program by referring to it as “smallfry” Here is an example using the “ping” to see if “smallfry” is alive and well on the network.

[root@bigboy tmp]# ping smallfry

PING zero (192.168.1.101) 56(84) bytes of data.

64 bytes from smallfry (192.168.1.101): icmp_seq=0 ttl=64 time=0.197 ms

64 bytes from smallfry (192.168.1.101): icmp_seq=1 ttl=64 time=0.047 ms

— smallfry ping statistics —

2 packets transmitted, 2 received, 0% packet loss, time 2017ms

rtt min/avg/max/mdev = 0.034/0.092/0.197/0.074 ms, pipe 2

[root@bigboy tmp]#

You can also add “aliases” to the end of the line which will allow you to refer to the server using other names. Here we have set it up so that “smallfry” can also be accessed using the names “tiny” and “littleguy”.

192.168.1.101  smallfry  tiny  littleguy

You should never have an IP address more than once in this file as Linux will only use the values in the first entry it finds.

192.168.1.101  smallfry    # (Wrong)

192.168.1.101  tiny        # (Wrong)

192.168.1.101  littleguy   # (Wrong)

The Loopback Interface’s Localhost Entry

Usually the very first entry in /etc/hosts defines the IP address of the server’s virtual loopback interface. This is usually mapped to the name localhost.localdomain (the universal name used when a server refers to itself) and localhost (the shortened “alias” name). By default, Fedora inserts the hostname of the server between the 127.0.0.1 and the localhost entries like this:

127.0.0.1     bigboy    localhost.localdomain    localhost

When the server is connected to the Internet this first entry after the 127.0.0.1 needs to be the fully qualified domain name (FQDN) of the server. For example, bigboy.mysite.com, like this:

127.0.0.1     bigboy.my-site.com    localhost.localdomain    localhost

Some programs such as Sendmail are very sensitive to this and if they detect what they feel is an incorrect FQDN they will default to using the name “localhost.localdomain” when communicating with another server on the network. This can cause confusion, as the other server also feels it is “localhost.localdomain”.

Note: You MUST always have a localhost and localhost.localdomain entry mapping to 127.0.0.1 for Linux to work properly.