n etwork f ile s ystem
Download
Skip this Video
Download Presentation
N etwork F ile S ystem

Loading in 2 Seconds...

play fullscreen
1 / 17

N etwork F ile S ystem - PowerPoint PPT Presentation


  • 75 Views
  • Uploaded on

N etwork F ile S ystem. Types of Services. Infrastructure DHCP, DNS, NIS, AD, TIME Intranet SSH, NFS, SAMBA Internet MAIL, WEB, FTP, CUPS. Components of a Service. /. etc. usr. var. sysconfig. log. init.d. bin. sbin. lib. NFS Overview.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about ' N etwork F ile S ystem ' - orenda


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
types of services
Types of Services
  • Infrastructure
    • DHCP, DNS, NIS, AD, TIME
  • Intranet
    • SSH, NFS, SAMBA
  • Internet
    • MAIL, WEB, FTP, CUPS
components of a service
Components of a Service

/

etc

usr

var

sysconfig

log

init.d

bin

sbin

lib

nfs overview
NFS Overview
  • The portmap packageNFS is designed around the Remote Procedure Call API and utilizes the portmap daemon for its operation.
  • The nfs-utils package has five components:
    • rpc.nfsdPrimary NFS component. Handles all NFS requests, and provides the main engine for NFS to work.
    • rpc.mountdHandles permission evaluation before allowing the client to mount an export.
    • rpc.quotadInterfaces with the quota manager to ensure that client file system quotas are preserved.
    • rpc.statdMonitors UDP and TCP traffic during NFS operation. It reports crashes and reboots to the lock manager.
    • rpc.lockdManages file-locking requests, and on crashed systems, this component provides lock recovery.
nfs overview1
NFS Overview
  • Client-Server OperationsAn NFS server, serving files and directories to remote clients, can be a client at the same time as it is serving.
    • NFS v3,4 is capable of running over both UDP and TCP
    • rpc.lockd and rpc.statd run on both the server and the client

Implements NSM (Network Status Monitor)

RPC protocol and provides reboot notification

so locking p g can be updated when the NFS server crashes

Starts the NFS lock manager on kernels.

Locking prevents more than one user accessing

and modifying a file at the same time.

installing and configuring
Installing and Configuring
  • Packages Required:
    • portmap
    • nfs-utils
  • Configuration file: /etc/exports
  • Syntax:absolute-pathname host-specifier(options,options…)
configuration
Configuration
  • Host Specifiers
    • hostname
    • ip address
    • network address (cidr or netmast notation)
    • relative domain names
  • Options (to the mount command)
    • rw, ro
    • root_squash, no_root_squash
    • hard, soft
    • sync, async
configuration1
Configuration
  • The exportfs commanddynamically updates export information in the server
  • Options:

-a exports all entries in the exports file

-r re-export all entries

-o specifies permission options

-v verbose mode

client side nfs
Client-side NFS
  • showmount –e nfs-server

Displays the exports available from the server

  • showmount –a nfs-server

Displays the mounted exports from the server

  • mount [–t nfs] [-o options] nfs-server:mntpoint
    • Default mount options:
      • rw
      • hard
      • udp
      • auto
      • sync
      • nouser
tcp wrappers configuration
tcp_wrappers Configuration
  • Three stages of access checking
    • Is access explicitly permitted?
    • Otherwise, is access explicitly denied?
    • Otherwise, by default, permit access!
  • Configuration stored in two files:
    • Permissions in /etc/hosts.allow
    • Denials is /etc/hosts.deny
  • Basic syntax:daemon_list: client_list [:options]
daemon specification
Daemon Specification
  • Daemon name:
    • Applications pass name of their executable
    • Multiple services can be specified – comma delimited
    • Use wildcard ALL to matdh all daemons
    • Limitations exist for certain daemons e.g. portmap
  • Advanced syntax:[email protected]: client_list …

for use on a multihomed system where host is anip address

client specification
Client Specification
  • Host specification
    • by IP address (192.168.0.1, 10.0.0.)
    • by name (www.redhat.com, .example.com) performs a reverse lookup every time client connects
    • by netmask (192.168.0.0/255.255.255.0) netmask must be in long format.
    • by network name (@mynetwork) as obtained form /etc/networks or NIS
advanced client syntax
Advanced Client Syntax
  • Wildcards
    • ALL, LOCAL
    • KNOWN, UNKNOWN, PARANOID
  • EXCEPT operator
    • Can be used for client and server list
    • Can be nested/etc//hosts.allow sshd: ALL EXCEPT .cracker.org EXCEPT trusted.cracker.org/etc/hosts.deny sshd: ALL
tcp wrappers example
tcp_wrappers Example
  • Consider the following example for the machine: 192.168.0.254 on a class C network:

# /etc/hosts.allowvsftpd: 192.168.0.in.telnetd, portmap: 192.168.0.8

# /etc/hosts.denyALL: .cracker.org EXCEPT trusted.cracker.orgvsftpd, portmap: ALLsshd: 192.168.0. EXCEPT 192.168.0.4

project diagram 1
Project Diagram 1

172.30.4.0/24

Roter

Router/Firewall

NoPar

Internet

192.168.X.0/24

Roter

Roter

Roter

Server1

Server2

Client1

DNS

DHCP

NFS

Mail

CUPS

SSH

project diagram 2
Project Diagram 2

172.30.4.0/24

Roter

Router/Firewall

NoPar

Internet

192.168.X.0/24

192.168.Y.0/24

Roter

Roter

Roter

Roter

Server

Mail

DNS

Server

HTTP

FTP

Client

Server

NFS

SSH

DHCP

project diagram 3
Project Diagram 3

172.30.4.0/24

Roter

Router/Firewall

NoPar

Internet

Roter

Server

CUPS

DNS

Roter

Router/Firewall

Roter

Roter

Server2

SSH

DNS

Server1

DHCP

NFS

ad