N etwork f ile s ystem
Download
1 / 17

N etwork F ile S ystem - PowerPoint PPT Presentation


  • 75 Views
  • Uploaded on

N etwork F ile S ystem. Types of Services. Infrastructure DHCP, DNS, NIS, AD, TIME Intranet SSH, NFS, SAMBA Internet MAIL, WEB, FTP, CUPS. Components of a Service. /. etc. usr. var. sysconfig. log. init.d. bin. sbin. lib. NFS Overview.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about ' N etwork F ile S ystem ' - orenda


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
N etwork f ile s ystem

NetworkFile System


Types of services
Types of Services

  • Infrastructure

    • DHCP, DNS, NIS, AD, TIME

  • Intranet

    • SSH, NFS, SAMBA

  • Internet

    • MAIL, WEB, FTP, CUPS


Components of a service
Components of a Service

/

etc

usr

var

sysconfig

log

init.d

bin

sbin

lib


Nfs overview
NFS Overview

  • The portmap packageNFS is designed around the Remote Procedure Call API and utilizes the portmap daemon for its operation.

  • The nfs-utils package has five components:

    • rpc.nfsdPrimary NFS component. Handles all NFS requests, and provides the main engine for NFS to work.

    • rpc.mountdHandles permission evaluation before allowing the client to mount an export.

    • rpc.quotadInterfaces with the quota manager to ensure that client file system quotas are preserved.

    • rpc.statdMonitors UDP and TCP traffic during NFS operation. It reports crashes and reboots to the lock manager.

    • rpc.lockdManages file-locking requests, and on crashed systems, this component provides lock recovery.


Nfs overview1
NFS Overview

  • Client-Server OperationsAn NFS server, serving files and directories to remote clients, can be a client at the same time as it is serving.

    • NFS v3,4 is capable of running over both UDP and TCP

    • rpc.lockd and rpc.statd run on both the server and the client

Implements NSM (Network Status Monitor)

RPC protocol and provides reboot notification

so locking p g can be updated when the NFS server crashes

Starts the NFS lock manager on kernels.

Locking prevents more than one user accessing

and modifying a file at the same time.


Installing and configuring
Installing and Configuring

  • Packages Required:

    • portmap

    • nfs-utils

  • Configuration file: /etc/exports

  • Syntax:absolute-pathname host-specifier(options,options…)


Configuration
Configuration

  • Host Specifiers

    • hostname

    • ip address

    • network address (cidr or netmast notation)

    • relative domain names

  • Options (to the mount command)

    • rw, ro

    • root_squash, no_root_squash

    • hard, soft

    • sync, async


Configuration1
Configuration

  • The exportfs commanddynamically updates export information in the server

  • Options:

    -a exports all entries in the exports file

    -r re-export all entries

    -o specifies permission options

    -v verbose mode


Client side nfs
Client-side NFS

  • showmount –e nfs-server

    Displays the exports available from the server

  • showmount –a nfs-server

    Displays the mounted exports from the server

  • mount [–t nfs] [-o options] nfs-server:mntpoint

    • Default mount options:

      • rw

      • hard

      • udp

      • auto

      • sync

      • nouser


Tcp wrappers configuration
tcp_wrappers Configuration

  • Three stages of access checking

    • Is access explicitly permitted?

    • Otherwise, is access explicitly denied?

    • Otherwise, by default, permit access!

  • Configuration stored in two files:

    • Permissions in /etc/hosts.allow

    • Denials is /etc/hosts.deny

  • Basic syntax:daemon_list: client_list [:options]


Daemon specification
Daemon Specification

  • Daemon name:

    • Applications pass name of their executable

    • Multiple services can be specified – comma delimited

    • Use wildcard ALL to matdh all daemons

    • Limitations exist for certain daemons e.g. portmap

  • Advanced syntax:[email protected]: client_list …

    for use on a multihomed system where host is anip address


Client specification
Client Specification

  • Host specification

    • by IP address (192.168.0.1, 10.0.0.)

    • by name (www.redhat.com, .example.com) performs a reverse lookup every time client connects

    • by netmask (192.168.0.0/255.255.255.0) netmask must be in long format.

    • by network name (@mynetwork) as obtained form /etc/networks or NIS


Advanced client syntax
Advanced Client Syntax

  • Wildcards

    • ALL, LOCAL

    • KNOWN, UNKNOWN, PARANOID

  • EXCEPT operator

    • Can be used for client and server list

    • Can be nested/etc//hosts.allow sshd: ALL EXCEPT .cracker.org EXCEPT trusted.cracker.org/etc/hosts.deny sshd: ALL


Tcp wrappers example
tcp_wrappers Example

  • Consider the following example for the machine: 192.168.0.254 on a class C network:

    # /etc/hosts.allowvsftpd: 192.168.0.in.telnetd, portmap: 192.168.0.8

    # /etc/hosts.denyALL: .cracker.org EXCEPT trusted.cracker.orgvsftpd, portmap: ALLsshd: 192.168.0. EXCEPT 192.168.0.4


Project diagram 1
Project Diagram 1

172.30.4.0/24

Roter

Router/Firewall

NoPar

Internet

192.168.X.0/24

Roter

Roter

Roter

Server1

Server2

Client1

DNS

DHCP

NFS

Mail

CUPS

SSH


Project diagram 2
Project Diagram 2

172.30.4.0/24

Roter

Router/Firewall

NoPar

Internet

192.168.X.0/24

192.168.Y.0/24

Roter

Roter

Roter

Roter

Server

Mail

DNS

Server

HTTP

FTP

Client

Server

NFS

SSH

DHCP


Project diagram 3
Project Diagram 3

172.30.4.0/24

Roter

Router/Firewall

NoPar

Internet

Roter

Server

CUPS

DNS

Roter

Router/Firewall

Roter

Roter

Server2

SSH

DNS

Server1

DHCP

NFS


ad