We will first explore configuring a router. Initially, you will manually configure IP address information on your system and then properly configure the system to bring up its interfaces automatically. From there, we'll move on to extend your system to act as a router for your own network, including DHCP for dynamically configuring client systems.
After that you will configure DNS. You will set up your internal DNS server to resolve external hostnames, and host DNS records for your own domain.
Next you will configure IPv6. Starting with a brief introduction to IPv6, you'll configure a tunnel to provide IPv6 connectivity, implement firewalling using iptables6, and provide IPv6 addresses to the rest of your network.
Next you will look at remote access and explore methods for remotely interacting with your new network using OpenSSH and OpenVPN.
Finally you will explore Web Servers; here you will set up web servers hosting PHP code, using both the Apache HTTPD server and NGINX.
About the Author
Gregory Boyce is a technologist with nearly 20 years' experience using and managing Linux systems. When he's not at work or spending time with his wife and two daughters, he plays around with new technologies. Gregory has spent the last 15 years working at Akamai Technologies, where he has worked in roles ranging from Network Operations, Internal IT, Information Security, Software Testing, and Professional Services. Currently, he heads up the Linux OS team that manages Akamai's custom Linux operating system, which runs on their massively distributed customer-facing network.
In this video, we will configure the network within Linux.
In this video, we will configure IPV4 in both the servers.
In this video, we will configure IPv4 permanently in Ubuntu as well as in centOS.
We will see how to connect two networks, here we will configure 3 servers and interchange the data.
Connecting two local networks is useful, but these days it's more common to want to connect a local network to the Internet.
You now have a router that provides Internet access to all systems behind it, but the systems behind it need to be manually configured with IP addresses while avoiding conflicts.
In this section, we're going to go a bit deeper into configuring a secure firewall for your network.
Sometimes, you want to forward a port to a system behind the firewall instead of having the service run on the firewall itself.
What if we want to have multiple private networks behind the route?
We cannot visit web pages by requesting them by IP address; rather we will ping them by their domain name. This problem is solved using a recursive DNS server to resolve the hostnames into IP addresses.
Set up your own recursive nameserver, which will help cut down on the round trips between you and your resolver.
With the use of Dynamic DNS, you can leverage your DNS server to address your local systems by name.
It works the same way as setting up a DNS server for an internal hostname, just with a few additional parts that we'll want to make sure are in a good state.
Bind/named can handle the synchronization internally, through the use of zone transfer (AXFR) requests or incremental zone transfer (IXFR) requests secured with the same type of HMAC keys utilized by the DHCP server to send updates to the DNS server.
In addition to their hosting/transit services, they also host http://tunnelbroker.net, another free IPv6 tunnel provider, and http://ipv6.he.net/certification, a training and certificate site for learning about IPv6 networking.
This tool is the IPv6 version of the iptables command we've already used, and it operates in almost the same manner.
IPv6 has ability to obtain a large number of public IP addresses for your local networks rather than using NAT.
All Linux distributions offer the ability to install a Secure Shell (SSH) server.
If you are connecting from another Unix system, such as Linux or Mac OS X, you can launch a terminal and use the SSH command-line tool from OpenSSH.
In this section we will see ability of Openssh to forward ports from the remote system to your local system or vice versa
If you're looking to access webpages through an SSH proxy, you may find that the —L option is a bit too limiting, since you need to specify each individual web server that you're forwarding and give each one its own local port.
OpenVPN is a full SSL VPN solution that allows you to connect two networks at layer 2 or 3 via a TCP or UDP tunnel.
Installing Apache with TLS is easier than ever, although the specific process can vary from distribution to distribution due to differences in configuration layout.
Apache2 offers a variety of Multi-Processing Modules (MPM) for defining how the daemon will handle scaling.
PHP is a very common programming language to use on Apache webserver, largely due to its ease of use.
PHP code can certainly be secure, it often appeals to new developers who have not yet learned secure coding practices.
NGINX works well as a lightweight, fast, multithreaded offering.
Using this approach can limit what content runs through the processor.
Packt has been committed to developer learning since 2004. A lot has changed in software since then - but Packt has remained responsive to these changes, continuing to look forward at the trends and tools defining the way we work and live. And how to put them to work.
With an extensive library of content - more than 4000 books and video courses -Packt's mission is to help developers stay relevant in a rapidly changing world. From new web frameworks and programming languages, to cutting edge data analytics, and DevOps, Packt takes software professionals in every field to what's important to them now.
From skills that will help you to develop and future proof your career to immediate solutions to every day tech challenges, Packt is a go-to resource to make you a better, smarter developer.
Packt Udemy courses continue this tradition, bringing you comprehensive yet concise video courses straight from the experts.