[Chapter 4] 4.7 netconfig
172.16.12.2
Enter gateway address:
172.16.12.1
Enter netmask:
255.255.255.0
Will you access a nameserver:
Yes
Name Server:
172.16.12.1
## This completes your network setup. ##
## Hold on to the remaining information for future reference.##
Broadcast address:
172.16.12.255
Mail server:
172.16.12.1
Mail relay:
172.16.12.1
Print server:
172.16.12.3
NFS server:
172.16.1.2
Previous: 4.6 Informing the
Users
TCP/IP Network
Administration
Next: 4.8 Summary
4.6 Informing the Users
Book Index
4.8 Summary
[ Library Home | DNS & BIND | TCP/IP | sendmail | sendmail Reference | Firewalls | Practical Security ]

fact that RIP is used on subnet 172.16.12.0:
Hostname:
peanut
IP address:
172.16.12.2
Subnet mask:
file:///C|/mynapster/Downloads/warez/tcpip/ch04_06.htm (1 of 4) [2001-10-15 09:17:58]
Please purchase PDF Split-Merge on www.verypdf.com to remove this watermark.
[Chapter 4] 4.6 Informing the Users
255.255.255.0
Default gateway:
172.16.12.1 (almond.nuts.com)
Broadcast address:
172.16.12.255
Domain name:
nuts.com
Name servers:
172.16.12.1 (almond.nuts.com)
172.16.6.8 (pack.plant.nuts.com)
Routing protocol:
Routing Information Protocol (RIP)
Mail server:
172.16.12.1 (almond.nuts.com)
Mail relay:
172.16.12.1 (almond.nuts.com)
Print server:
172.16.12.3 (pecan.nuts.com)
NFS server:
172.16.1.2 (filbert.nuts.com)
A similar sheet prepared for almond (see below) varies slightly from the planning sheet for peanut.

172.16.12.3 (pecan.nuts.com)
NFS server:
172.16.1.2 (filbert.nuts.com)
We use the information from these planning sheets to configure the systems in subsequent chapters.
You may, however, want to format your planning sheets differently. In this book we configure the
system directly. We use the configuration commands ourselves so that we can understand and master
them. In reality many basic configuration tasks are performed by a network configuration script
during the initial operating system installation. You may want to format your planning sheet to be
compatible with the prompts of that script. One such script is netconfig, which is used on Linux
systems.
file:///C|/mynapster/Downloads/warez/tcpip/ch04_06.htm (3 of 4) [2001-10-15 09:17:58]
Please purchase PDF Split-Merge on www.verypdf.com to remove this watermark.
[Chapter 4] 4.6 Informing the Users
Previous: 4.5 Other
Services
TCP/IP Network
Administration
Next: 4.7 netconfig
4.5 Other Services
Book Index
4.7 netconfig
[ Library Home | DNS & BIND | TCP/IP | sendmail | sendmail Reference | Firewalls | Practical Security ]
file:///C|/mynapster/Downloads/warez/tcpip/ch04_06.htm (4 of 4) [2001-10-15 09:17:58]
Please purchase PDF Split-Merge on www.verypdf.com to remove this watermark.
[Chapter 4] 4.5 Other Services
Previous: 4.4 Planning
Naming Service
Chapter 4
Getting Started
Next: 4.6 Informing the

TCP/IP provides the tools you need to create a reliable, flexible electronic mail system. Servers are
one of the tools that improve reliability. It is possible to create a peer-to-peer email network in which
every end system directly sends and receives its own mail. However, relying on every system to
deliver and collect the mail requires that every system be properly administered and consistently up
and running. This isn't practical, because many small systems are offline for large portions of the day.
Most networks use servers so that only a few systems need to be properly configured and operational
for the mail to go through.
The terminology that describes email servers is confusing because all of the server functions usually
occur in one computer, and all of the terms are used interchangeably to refer to that system. In this
text we differentiate between these functions, but we expect you will do all of these tasks on one
UNIX system running sendmail. We use these terms in the following manner:
Mail server
The mail server collects incoming mail for other computers on the network. It supports
interactive logins as well as POP or IMAP so that users can read their mail as they see fit.
Mail relay
A mail relay is a host that forwards mail between internal systems and from internal systems to
remote hosts. Mail relays allow internal systems to have simple mail configurations because
only the relay host needs to have software to handle special mail addressing schemes and
aliases.
Mail gateway
A mail gateway is a system that forwards email between dissimilar systems. You don't need a
gateway to go from one Internet host to another because both systems use SMTP. You do need
a gateway to go from SMTP to X.400 or to a proprietary mailer. In a pure TCP/IP network, this
function is not needed.
The mail server is the most important component of a reliable system because it eliminates reliance on
the user's system. A centrally controlled, professionally operated server collects the mail regardless of
whether or not the end system is operational.
The relay host also contributes to the reliability of the email system. If mail cannot be immediately
delivered by the relay host, it is queued and processed later. An end system also queues mail, but if it
is shut down no attempts can be made to deliver queued mail until the system is back online. The mail

file:///C|/mynapster/Downloads/warez/tcpip/ch04_05.htm (3 of 3) [2001-10-15 09:17:58]
Please purchase PDF Split-Merge on www.verypdf.com to remove this watermark.
file:///C|/mynapster/Downloads/warez/tcpip/ch04_04.htm
Previous: 4.3 Planning
Routing
Chapter 4
Getting Started
Next: 4.5 Other Services

4.4 Planning Naming Service
To make your network user-friendly, you need to provide a service to convert hostnames into IP
addresses. Domain name service (DNS) and the host table, explained in Chapter 3, perform this
function. You should plan to use both.
To configure her computer, a network user needs to know the domain name, her system's hostname,
and the hostname and address of at least one name server. The network administrator provides this
information.
4.4.1 Obtaining a Domain Name
The first item you need for domain name service is a domain name. You can obtain an official domain
name from the InterNIC. Your ISP may be willing to do this for you or to assign you a name within its
domain; however, it is likely that you will have to apply for a domain name yourself. You can
download the application from
/>Pre-select a domain name and have your primary domain name server up and running before you
attempt to register the domain name. Use whois as described in
Chapter 13, Internet Information
Resources , to see if the name you want is in use. Double-check with nslookup as described in
Chapter 8, Configuring DNS Name Service . When you are reasonably sure the domain name is still
available, start your primary name server running. If you don't want to run your own server, ask your
ISP if they offer this service. If they don't, you must either find a new ISP that does, or run the service
yourself.
Having the primary server up and running doesn't mean that your entire domain must be fully

Another thing that dramatically reduces the number of frivolous domain name applications is the $100
registration fee. The registration service charges each domain $50 a year to be maintained in the
registry. The initial $100 fee covers the first two years. Question 9 asks if the InterNIC should send
the bill for the registration fee to you via email or postal mail. Answer with an "E" or a "P". If your
"bean counters" will accept an email bill, go that way. You'll get everything finished more quickly.
The application form is largely self-explanatory, but a few items require some thought. Two things
may be confusing - handles and servers. One is the request for a NIC handle. You have a NIC handle
only if you are registered in the NIC white pages. The white pages (discussed in
Chapter 12) is a
directory of information about users, networks, hosts, and domains. A NIC handle is a record
identifier for this directory. A personal NIC handle for a user entry is composed of the user's initials
and perhaps a number. For example, my initials are cwh and my NIC handle is cwh3. It is unlikely
that you will have a handle unless you have contacted the NIC before. If you don't have a handle, just
leave it blank. The NIC will assign you one.
You're also asked for the names and addresses of your primary and secondary name servers. The
servers listed must be operational and connected to the Internet. [7] Provide the full domain name of
the primary server in response to question 7a; e.g. almond.nuts.com. The primary server is usually a
name server located at your site, but not always. It isn't necessary to provide your own primary server;
and if you aren't directly connected to the Internet, you can't. Even though you are not connected, you
may still want to register your domain name with the NIC if you have email access to the Internet.
file:///C|/mynapster/Downloads/warez/tcpip/ch04_04.htm (2 of 4) [2001-10-15 09:17:59]
Please purchase PDF Split-Merge on www.verypdf.com to remove this watermark.
file:///C|/mynapster/Downloads/warez/tcpip/ch04_04.htm
This allows you to use an email address that clearly identifies your organization. In order to do this,
the online service that receives your email must be able to provide your primary name service. Check
with them before you fill out this form.
[7]
Chapter 8 tells you how to get a name server up and running.
The secondary server should be on a separate physical network from the primary server. Putting it on
a different network guarantees that other sites can look up information about your network, even if

file:///C|/mynapster/Downloads/warez/tcpip/ch04_04.htm (3 of 4) [2001-10-15 09:17:59]
Please purchase PDF Split-Merge on www.verypdf.com to remove this watermark.
file:///C|/mynapster/Downloads/warez/tcpip/ch04_04.htm
●
Use real words that are short, easy to spell, and easy to remember. The point of using
hostnames instead of IP addresses is that they are easier to use. If hostnames are difficult to
spell and remember, they defeat their own purpose.
●
Use theme names. For example, all hosts in a group could be named after human movements:
fall, jump, hop, skip, walk, run, stagger, wiggle, stumble, trip, limp, lurch, hobble, etc. Theme
names are often easier to choose than unrestricted names, and increase the sense of community
among network users.
●
Avoid using project names, personal names, acronyms, numeric names, and technical jargon.
Projects and users change over time. If you name a computer after the person who is currently
using it or the project it is currently assigned to, you will probably have to rename the
computer in the future. Use nicknames to identify the server function of a system, e.g., www,
ftp, ns, etc. Nicknames can easily move between systems if the server function moves. See the
description of CNAME records in Chapter 8 for information on creating nicknames.
The only requirement for a hostname is that it be unique within its domain. But a well-chosen
hostname can save future work and make the user happier.
Name service is the most basic network service, and it is one service that you will certainly run on
your network. There are, however, other services that you should also include in your network
planning process.
Previous: 4.3 Planning
Routing
TCP/IP Network
Administration
Next: 4.5 Other Services
4.3 Planning Routing

Many networks use a combination of both static and dynamic routing. Some systems on the network
use static routing tables, while others run routing protocols and have dynamic tables. While it is often
appropriate for hosts to use static routing tables, gateways usually run routing protocols.
The network administrator is responsible for deciding what type of routing to use and for choosing the
default gateway for each host. Make these decisions before you start to configure your system. Here
are a few guidelines to help you plan routing. If you have:
A network with no gateways to other TCP/IP networks
No special routing configuration is required in this case. The gateways referred to in this
discussion are IP routers that interconnect TCP/IP networks. If you are not interconnecting
TCP/IP networks, you do not need an IP router. Neither a default gateway nor a routing
protocol needs to be specified.
A network with a single gateway
If you have only one gateway, don't run any routing protocols. Specify the single gateway as
file:///C|/mynapster/Downloads/warez/tcpip/ch04_03.htm (1 of 4) [2001-10-15 09:18:00]
Please purchase PDF Split-Merge on www.verypdf.com to remove this watermark.
[Chapter 4] 4.3 Planning Routing
the default gateway in a static routing table.
A network with internal gateways to other subnets and a single gateway to the world
Here there is a real choice. You can statically specify each subnet route and make the gateway
to the world your default route, or you can run a routing protocol. Decide which you want to
do based on the effort involved in maintaining a static table versus the slight overhead of
running a routing protocol on your hosts and networks. If you have more than a few hosts,
running a routing protocol is probably easiest.
A network with multiple gateways to the world
If you have multiple gateways that can reach the same destination, use a routing protocol. This
allows the gateways to adapt to network changes, giving you redundant access to the remote
networks.
Figure 4.1 shows a subnetted network with five gateways identified as A through E. A central subnet
(172.16.1.0) interconnects five other subnets. One of the subnets has a gateway to an external
network. The network administrator would probably choose to run a routing protocol on the central

been set aside for private use, which are the numbers from 64512 to 65535. Select a number and
coordinate your selection with your border gateway peers to avoid any possible conflicts. If you
connect to the Internet through a single ISP, you almost certainly do not need an official ASN. If after
discussions with your service provider you find that you must obtain an official ASN, obtain the
application form at (See the "Internet Registries"
sidebar earlier in this chapter.)
If you submit an application, you're asked to explain why you need a unique autonomous system
number. Unless you are an ISP, probably the only reason to obtain an ASN is that you are a multi-
homed site. A multi-homed site is any site that connects to more than one ISP. Reachability
information for the site may be advertised by both ISPs, confusing the routing policy. Assigning the
site an ASN gives it direct responsibility for setting its own routing policy and advertising its own
reachability information. This doesn't prevent the site from advertising bad routes, but it makes the
advertisement traceable back to one site and ultimately to one technical contact. (Once you submit an
ASN application, you have no one to blame but yourself!)
All of the items we have discussed so far (addressing, subnetting, and routing) are required to
configure the basic physical network on top of which the applications and services run. Now we begin
planning the services that make the network useful and usable.
Previous: 4.2 Basic
Information
TCP/IP Network
Administration
Next: 4.4 Planning Naming
Service
4.2 Basic Information
Book Index
4.4 Planning Naming Service
[ Library Home | DNS & BIND | TCP/IP | sendmail | sendmail Reference | Firewalls | Practical Security ]
file:///C|/mynapster/Downloads/warez/tcpip/ch04_03.htm (4 of 4) [2001-10-15 09:18:00]
Please purchase PDF Split-Merge on www.verypdf.com to remove this watermark.
[Chapter 4] 4.2 Basic Information

Networks connecting to the Internet must obtain official network addresses. An official address is
needed for every system on your network that directly exchanges data with remote Internet hosts. [3]
Obtain the address from your ISP. Your ISP has been delegated authority over a group of network
addresses, and should be able to assign you a network number. If your local ISP doesn't offer this
service, perhaps the ISP's upstream provider does. Ask your local ISP who it receives service from
and ask that organization for an address. If all else fails, you may be forced to go directly to an
Internet registry. The box Internet Registries provides information about the Internet registry services.
file:///C|/mynapster/Downloads/warez/tcpip/ch04_02.htm (1 of 8) [2001-10-15 09:18:01]
Please purchase PDF Split-Merge on www.verypdf.com to remove this watermark.
[Chapter 4] 4.2 Basic Information
The form required for registering an address is available at />number-template.txt. Use the application as a last resort to obtain an address.
[3] Hosts that communicate with the Internet through a firewall or proxy server may not
need official addresses. Check your firewall/proxy server documentation.
The advantages to choosing a network address from RFC 1918 are that you do not have to apply for
an official address and you save address space for those who do need to connect to the Internet. [4]
The advantage to obtaining your address from an Internet registry is that you will not have to change
your address in the future if you do connect to the Internet.
[4] See
Chapter 2, Delivering the Data.
If you do choose an address from RFC 1918 it is still possible to connect to the Internet without
renumbering all of your systems. But it will take some effort. You'll need a network address
translation (NAT) box or a proxy server. NAT is available as a separate piece of hardware or as an
optional piece of software in some routers and firewalls. It works by converting the source address of
datagrams leaving your network from your private address to your official address. Address
translation has several advantages.
●
It conserves IP addresses. Most network connections are between systems on the same
enterprise network. Only a small percentage of systems need to connect to the Internet at any
one time. Therefore far fewer official IP addresses are needed than the total number of systems
on an enterprise network. NAT makes it possible for you to use a large address space from

header. Encryption does not work if the encrypted data includes the source address.
Proxy servers provide many of the same advantages as NAT boxes. In fact, these terms are often used
interchangeably. But there are differences. Proxy servers are application gateways originally created
as part of firewall systems to improve security. Internal systems connect to the outside world through
the proxy server, and external systems respond to the proxy server. Unlike routers, even routers with
network address translation, the external systems do not see a network of internal systems. They see
only one system - the proxy server. All ftp, telnet, and other connections appear to come from one IP
address: the address of the proxy server. Therefore, the difference between NAT boxes and proxy
servers is that NAT uses a pool of IP addresses to differentiate the connection between internal and
external systems. The true proxy server has only one address and therefore must use protocol numbers
and port numbers to differentiate the connections.
Internet Registries
The original network information center was the SRI NIC, sri-nic.arpa. In 1992 the NIC moved to
nic.ddn.mil and became the DDN NIC. Then in April 1993 the registration, directory, and information
services it provided for the Internet moved to the new Internet NIC, internic.net. The InterNIC still
provides these services but it does not do so alone.
Almost every large network has its own network information center. Most of these NICs provide
access to all the RFCs, FYIs, and other TCP/IP documentation. A few provide registration services.
For the Internet to work properly, IP addresses and domain names must be unique. To guarantee this
addressing, authority is carefully delegated. Authority to delegate domains and addresses has been
given to the Internet Resource Registries (IRR). Currently these are: RIPE for Europe, APNIC for
Asia and the Pacific, CA*net for Canada, RNP for Brazil, and InterNIC for the rest of us. More
registries may be created at any time. (See the discussion of generic top-level domains (gTLDs) in
Chapter 3, Network Services.) Additionally large groups of addresses have been delegated to ISPs so
that they can assign them to their customers.
The place to start looking for registry services is your ISP. If it does not provide these services,
contact the InterNIC. You can contact the InterNIC at the postal address:
file:///C|/mynapster/Downloads/warez/tcpip/ch04_02.htm (3 of 8) [2001-10-15 09:18:01]
Please purchase PDF Split-Merge on www.verypdf.com to remove this watermark.
[Chapter 4] 4.2 Basic Information

range.
Groups of addresses
Blocks of addresses are delegated to smaller organizations within the overall organization,
which then assign the individual host addresses.
file:///C|/mynapster/Downloads/warez/tcpip/ch04_02.htm (4 of 8) [2001-10-15 09:18:01]
Please purchase PDF Split-Merge on www.verypdf.com to remove this watermark.