Linux Hands-On Lab - Testing DNS Resolution, Monitoring Network Access and Network Filesystems

📝Introduction

In this lab, we will utilize the nmcli utility to configure our DNS resolution in Linux, use the netcat (nc) utility to generate network traffic between two servers and view that traffic's appearance in a tool called iptraf-ng, and we will be working to set up both a Linux Samba fileshare and an NFS fileshare that can then be used by a remote client to store files.

A Linux system administrator is expected to know how to configure a system's DNS settings, monitor the network and implement network fileshares.

These are the objectives of this lab:

• Review current DNS configuration

• Configure your system to use your network's DNS

• Install Client Utilities

• Create the Traffic Log File

• Set Up a Samba Share

• Set Up the NFS Share

📝Log in to the AWS Management Console

Using your credentials, make sure you're using the right Region. In my case, I am using AWS as my cloud provider and chose us-east-1. However, you can choose any cloud provider and create your Linux Servers VMs (I am using a CentOS 7 distro) for this hands-on lab.

📌Note: You must create the AWS Access Key and AWS Secret Access Key and configure the AWS CLI in the terminal to use it.

You can use link1 and link2 for it.

📝Review Current DNS Configuration

1. See if the system can resolve hostnames to IP addresses:

    host www.google.com
   

   📌Note: that the command times out.

2. Check to see what DNS server entries we have in the /etc/resolv.conf file:

    cat /etc/resolv.conf
   

   📌Note: that we do not have any DNS entries listed.

3. Review your network connections:

    nmcli con show
   

   📌Note: In my case, it is called System ens5.

4. Check your default connection name. Review your DNS IP settings:

    nmcli -f ipv4.dns con show "System ens5"
   

   This system does not have any DNS servers configured for use.

   

   📝Configure Your System to Use Your Network's DNS

   1. Modify the system's default connection to use the network's DNS server:

       sudo nmcli con mod "System ens5" ipv4.dns "10.0.0.2"
      

      📌Note: In my case, my DNS server has an IP 10.0.0.2.

   2. Verify the settings using the nmcli command and then check the /etc/resolv.conf file:

       nmcli -f ipv4.dns con show "System ens5"
       cat /etc/resolv.conf
      

   3. We need to reactivate the system's network connection for the change to take effect:

       sudo nmcli con up "System ens5"
      

   4. Verify our settings once more:

       cat /etc/resolv.conf
      

   5. Now, attempt to resolve a hostname to an IP address:

       host www.google.com
      

      Our system should be able to resolve an IP address for the domain name.

      

📝Install Client Utilities

We'll have to install the tools we need and create traffic on port 2525 from server2 to server1. We want to get all network traffic sent to /home/cloud_user/traffic_log.txt.

📌Note - We're going to be root right off, so as soon as we get logged in we'll want to run a quick sudo su in each one.

We've got to install the two packages that we will use to generate and monitor traffic. Let's use YUM to get it done on both servers:

[root@server1]# yum install iptraf-ng nc -y
[root@server2]# yum install iptraf-ng nc -y

📝Create the Traffic Log File

On the first server, let's run iptraf-ng and go under Configure... In the menu, don't forget this isn't a menu we control with a mouse -- it's all keyboard. Make sure Logging is toggled to On. Set the log file path to a specific path /home/<user>/traffic_log.txt. Then go into the IP traffic monitor. In the next menu, select eth0(in my case it isens5). Once we press Enter the logging will start.

📝Listen for Traffic

Let's open a second terminal into server1 and run sudo su right off. Once we're there, we're going to start netcat listening on post 2525 with this:

[root@server1]# nc -l 2525

📝Send Some Traffic

Now, let's start talking. Back in the server2 window we've got open, send netcat traffic to server1 with this (where x.x.x.x is the internal IP of server1 that we'll see on the hands-on lab overview page):

[root@server2]# nc x.x.x.x 2525

We'll just land at a blinking cursor below the prompt, but we can type a message there and press Enter. Once we do, it will show up back in the window we're listening in on server1. A bunch of messages sent from server2 would look like this:

[root@server2]# nc x.x.x.x 2525
New test
Demo test
Testing traffic log

On server1, they would look like this when they arrive:

[root@server1]# nc -l 2525
New test
Demo test
Testing traffic log

That should be enough traffic for what we're doing. On server2, press Ctrl + C to kill the nc command we've got running and flip back over to the terminal we were running iptraf-ng in. Press x to stop the monitoring and get out, then choose Exit from the main menu.

📝Examine the Log

On server1, if we run ls /home/<user> we should see traffic_log.txt listed in the output. Read that to see if it was capturing what we need:

[root@server1]# ls /home/cloud_user/
[root@server1]# less /home/cloud_user/traffic_log.txt

We should see some log entries showing traffic going from server2 to server1 on port 2525.

📝Set Up the Samba Server

1. Log in to the Samba server using the credentials provided:

    ssh <user>@<SAMBA_SERVER_IP_ADDRESS>
   

2. Become root:

    [cloud_user@samba-server]$ sudo -i
   

3. Create the /smb path:

    [root@samba-server]# mkdir /smb
   

4. Make sure the client can write to the path:

    [root@samba-server]# chmod 777 /smb
   

5. Install the Samba packages:

    [root@samba-server]# yum install samba -y
   

6. Open /etc/samba/smb.conf:

    [root@samba-server]# vim /etc/samba/smb.conf
   

7. Add the following section at the bottom:

    [share]
            browsable = yes
            path = /smb
            writable = yes
   

8. Save and exit the file by pressing Escape followed by :wq.

9. Check that our changes saved correctly:

    [root@samba-server]# testparm
   

📝Samba Share User

1. Create the user on the server:

    [root@samba-server]# useradd shareuser
   

2. Give it a password:

    [root@samba-server]# smbpasswd -a shareuser
   

   Enter and confirm a password you'll easily remember (e.g., 123456), as we'll need to reenter it later.

📝Start It Up

1. Start the Samba daemon:

    [root@samba-server]# systemctl start smb
   

   

📝Set Up the Samba Client

1. Open up a new terminal.

2. Log in to the NFS server and become root:

    ssh <user>@<NFS_SERVER_IP_ADDRESS>
    sudo -i
   

3. Install Samba client software:

    [root@nfs-server]# yum install cifs-utils -y
   

   

📝Make a Mount Point

1. Create a place for mounting the share:

    [root@nfs-server]# mkdir /mnt/smb
   

📝Mount the share

1. In the Samba server terminal, get its IP address:

    [root@samba-server]# ip a s
   

2. Copy the private inet address on eth0 (in my case it is ens5) and paste it into a text file, as we'll need it next.

3. In the NFS terminal, run the following command, replacing <SERVER_IP> with the IP you just copied and <SMBPASSWD_PASS> with the password you created earlier:

    [root@nfs-server]# mount -t cifs //<SERVER_IP>/share /mnt/smb -o username=shareuser,password=<SMBPASSWD_PASS>
   

4. Make sure you see it listed when you run:

    [root@nfs-server]# mount
   

   

5. Change directory:

    [root@nfs-server]# cd /mnt/smb
   

6. Create a file:

    [root@nfs-server smb]# touch file
   

7. List the contents:

    [root@nfs-server smb]# ls
   

   

   We should see the new file called file.

📝Set Up the NFS Share

1. Install NFS software on NFS server:

    [root@nfs-server smb]# yum install nfs-utils -y
   

   

2. Create the directory that will be shared out:

    [root@nfs-server smb]# mkdir /nfs
   

3. Open /etc/exports:

    [root@nfs-server smb]# vim /etc/export
   

4. Add the following line:

    /nfs *(rw)
   

5. Save and exit the file by pressing Escape followed by :wq.

6. Edit permissions, to make sure it's going to be writable, on the shared directory:

    [root@nfs-server smb]# chmod 777 /nfs
   

7. Implement what we've configured in /etc/exports:

    [root@nfs-server smb]# exportfs -a
   

8. Start the required services:

    [root@nfs-server smb]# systemctl start {rpcbind,nfs-server,rpc-statd,nfs-idmapd}
   

9. Verify it:

    [root@nfs-server smb]# showmount -e localhost
   

10. Run the following to get the NFS server's IP:

    [root@nfs-server smb]# ip a s
    

11. Copy the inet address on eth0 (in my case it is ens5) and paste it into a text file, as we'll need it shortly.

📝Set Up the NFS Client

1. In the Samba server terminal, install software:

    [root@samba-server]# yum install nfs-utils -y
   

   

2. Create a mount point:

    [root@samba-server]# mkdir /mnt/nfs
   

3. Check to see what's being shared out on the NFS server, replacing <NFS_SERVER_IP> with the IP you copied earlier:

    [root@samba-server]# showmount -e <NFS_SERVER_IP>
   

4. To be able to mount NFS shares, we need start a daemon:

    [root@samba-server]# systemctl start rpcbind
   

📝Mount the NFS Share

1. Mount it, replacing <NFS_SERVER_IP> with the IP you copied earlier:

    [root@samba-server]# mount -t nfs <NFS_SERVER_IP>:/nfs /mnt/nfs
   

2. Make sure you see it listed after running:

    [root@samba-server]# mount
   

   Change directory:

    [root@samba-server]# cd /mnt/nfs
   

3. Create a file:

    [root@samba-server nfs]# touch file
   

4. List the contents:

    [root@samba-server nfs]# ls
   

   We should see the new file, called file.

There are two servers set up that share files back and forth. One is using Samba to share, and the other is using NFS.

📌Note - At the end of each hands-on Lab, always clean up all the resources previously created to avoid being charged if you used a Cloud Provider to provision them.

Congratulations — you have completed this hands-on lab covering the basics of utilizing the nmcli utility to configure our DNS resolution, monitoring the network access and creating network Filesystems in Linux.

Thank you for reading. I hope you understood and learned something helpful from my blog.

Please follow me on CloudDevOpsToLearn and LinkedIn, franciscojblsouza