LINUX Routers: A Primer for Network Administrators
Editorial Reviews
Book Description
Introduction Router configuration has long been an arcane art possessed by the few(and the lucky at least in the eyes of the interested yet unchosen). One reason for this is that routers were expensive, and requiredspecialized training. They were also found only in small numbers inlarger companies. Unix, while not quite as inaccessible in terms ofcost, has also frequently been considered a black art for the few. Linux, of course, has turned all of this on its ear and delivered aGNU operating system to themasses. There used to be only a few big-city bookstores that had adecent selection of Unix books. Now every mall bookstore has aUnix/Linux section. Routers, although not quite ubiquitous, are also much more prevalentin recent times too. The explosive growth of the Internet hasevery business, large and small, scrambling to get connected.Even completely nontechnical organizations POP their email fromtheir ISP over a dial-up link several times a day. And peopleuse more networked computers in general nowadays. People evenhave routers in their homes, perhaps to provide Internet connectivityvia a cable modem to multiple computers in the home. Interestingly (but not surprisingly), Linux delivers a router platformaccessible by the many, almost as easily as it has resurrected the word"Unix." Although what folks think of as "traditional" routers arespecial-purpose hardware running embedded real-time operating systems,there has always been a group using Unix-based operating systems runningon general-purpose hardware. Linux has helped expand this groupimmensely by providing a full-featured and robust TCP/IP stack andhundreds of device drivers-all of which run on commonly availablecomputing hardware. Another important factor is the GNU/Linux community'sbasic tenet of sharing ideas and knowledge instead of hoarding them. The truly amazing part is that all of this is available without expensivelicensing costs or nondisclosure agreements. With these good tools andsome know-how, anyone can build an inexpensive, stable router platformcapable of performing a variety of functions within any organization. If you're asking yourself, What's a router? , do not despair! Thisbook will cover most topics in enough depth and with enoughreferences that you will not be left stumped. If it fails to do this,please let me know. Traditionally, a router is defined as a layer 3switch. That is, it looks at the layer 3 packet headers and decideswhere to forward them. (Layer 3 refers to the OSI "network" layer.)For TCP/IP networks, the router examines the IP headers to determine thedestination IP address of the packet and the TTL (Time To Live), among otherthings. In this strict definition, the type of packet TCP, UDP, ICMP,etc. is immaterial. However, as routers accumulate functionality,they can now take into account the layer 4 (transport layer) headers (aswell as those above layer 4 and below layer 2) when deciding what to do with apacket. Some other things that routers do: Transfer traffic between two different types of physical networks. An example of this is forwarding packets from Ethernet to Frame Relay and vice versa, as is done by a WAN router. Restrict the flow of traffic to/from certain addresses or networks. This is commonly known as packet filtering . Often the router will examine more than just the IP headers to make filtering decisions. TCP and UDP headers and other layer 4+ packet fields are fair game. Rewrite source addresses so that traffic appears to originate from an address other than that of the original sender. Under Linux, this is accomplished through masquerading and network address translation (or NAT ). The task includes unmasquerading replies flowing in the other direction. Act as a BOOTP or DHCP server issuing IP addresses and other configuration parameters for workstations on your network. Throughout this book we will use Linux routers to perform these tasks and much more. The focus of this book is admittedly not on academic definitions, but onhow to accomplish (or at least get started on) a certain task. You mayfind that knowing the correct technical definition for something is notthe same as successfully configuring and administering it in a productionenvironment. If you're just getting started as a network administrator,be confident that a lot of technical know-how can be learned only throughexperience (a.k.a. "the hard way"). Do not be intimidated by the lackof a formal body of knowledge; just admit it to yourself when you don'tknow the answer and strive to figure it out. From Whence Linux? The progress on operating-systems implementation, in my opinion, has beenquite dramatic during the 1990s thanks to Linux. If you are interestedin the "early" history of Linux, the Ur-history, and can stomachdiscussions of OS design, you should check out the following: http://www.educ.umu.se/ A bjorn/mhonarc-files/obsolete/ This isa thread that features a heated exchange between Linus Torvalds and AndyTanenbaum, a well-established researcher,professor, father of MINIX, and author ofseveral (good) OS-design books. (I read somewhere that Linus Torvaldsisn't particularly proud of the bravado he displayed in these messages. I find the characteristic of being passionate about something and then later beingable to admit having been caught up in the heat of themoment, and to rise above it, to be magnanimous indeed.) http://www.educ.umu.se/ A bjorn/linux/misc/linux-history.html This is a collection ofLinux-relevant postings made tocomp.os.minix about building an OS. The way I understand the early history of Linux, it boils down to this:Linus Torvalds had an Intel 80386-based PC andsome free time. He set out to write an operating system that wouldcapitalize on the new features of this processor, ignoring backwardcompatibility with the 8088 and the 80286. (Other PC operating systemsof that era were struggling with some design trade-offs that were imposedby the limitations of the 386's predecessors. In all fairness, theydid this to maintain backward compatibility with software written to runon those systems.) Another incentive for writing his own OS from scratch was to takeadvantage of the large body of excellent "free" software beingdeveloped by the Free Software Foundation. This is the (first) connection between Linux andRichard Stallman, who founded the GNUproject in 1984 and has lent both philosophy and code to the effort. The system software which Linus used for his new kernel is commonlyknown as the GNU toolset. These tools implement most of what iscommonly thought of as standard "Unix" systemtools. Remember, "GNU's Not Unix." This collectionof software had the tremendous advantage of being available insource-code form and being delivered with a license that allowed earlyLinux developers to modify that source and redistribute it. In the early 1990s, the Internet made the transition from anacademic/scientific tool to the most powerful communicationsmedium ever available to the general public. The ability tocommunicate, collaborate, share, discuss, and debate has never beforebeen available to such a large percentage of the world's population. Whythe sentimentality about the Internet? If Linus Torvalds conceivedLinux, and it spent a while in the "womb" of academia, then theInternet is its home where it will play, grow, and mature. But Linuxhas become more than a user of the Internet; it has become part of it,and thus is now being used to propagate itself. Why a Linux Router? At this point, you may be thinking that this is all well and good andapropos in some sort of cosmic sense the child has grown up to takecare of the parent, etc., and so on-but what makes a Linux router anybetter or different than other routers? As with most interestingquestions, the answer is: "It depends." Primarily, it depends upon whatyour definition of "better" is. Linux routers are inexpensive. For about $500 plus a meagerly equipped PC, you have a WAN router capable of running several different protocols at T1 (1.5Mbps) speeds and higher. For a bit more, you can route multiple T3s. License costs are typically nil. Ongoing hardware maintenance costs are nil to minimal. Linux runs on an amazing variety of hardware platforms, from the latest low-cost commodity gear to systems that haven't been manufactured in a decade. Linux routers are flexible. Try running a copy of Apache (the world's most popular HTTP daemon) on a "traditional" router, or integrating a "traditional" router into your in-house-developed security infrastructure. At best, you will pay your router vendors handsomely for the privilege of letting them port your code to their systems. Otherwise, you're probably out of luck. Linux routers are stable. Whereas the TCP/IP implementation of many others has been reviewed by, at most, a few hundred capable programmers, Linux's TCP/IP stack has been reviewed by literally thousands. (It even has its own book; see TCP/IP and Linux Protocol Implementation in the Bibliography.) And because Linux is a "labor of love" for most of its contributors, its quality is based on pride and technical excellence, not hampered by deadlines and office politics. Linux routers are easy to administer. If you can navigate a shell (you can pick the shell of your choice), you have already completed level one of your router training. With other solutions, you need to learn a new command environment and set of tools. Linux is the same whether it's acting as a web server, workstation, or router. Linux routers are based on proven, widely available technology. Because the system hardware and adapters are being produced for such an enormous market, costs are low and time-to-market cycles are as short as possible. Linux routers provide investment protection beyond that of their "traditional" counterparts. If you've worked in computer support for any length of time, you've probably experienced a vendor's discontinuing a product line, phasing out support for a particular version, failing to add features that you desperately need, or simply not responding to bug reports. With Linux, there is no vendor who can stron...
Book Info
A hands-on guide to implementing Linux-based routers, walking through a series of production routing scenarios and offering detailed advice on configuration, problem avoidance, and troubleshooting.
LINUX Routers: A Primer for Network Administrators
LINUX Routers: A Primer for Network Administrators,Tony Mancill,Prentice Hall PTR,0130090263,Computer Books: General,Computers,Computers - Communications / Networking,Linux,Networking - Routers,Operating Systems - Linux,Operating Systems - UNIX,Routers (Computer networks),Unix (Operating System),Computers / Operating Systems / Linux
Fun Book:
Recommended Books