AN121 G 14

Unit 14 TCP/IP Networking
Copyright IBM Corporation 2009 Course materials may not be reproduced in whole or in part without the prior written permission of IBM.
5.2
Unit objectives
IBM Power Systems
After completing this unit, you should be able to: Define TCP/IP layering terminology Describe the TCP/IP startup flow on AIX Configure Virtual LANs Describe IP addressing Configure TCP/IP basic functions on AIX
IP configuration, routing, aliasing
Explain how Ports and Sockets are used Use standard TCP/IP facilities to:
Log in to another system Transfer files Run commands
Configure NFS Set up VNC
Copyright IBM Corporation 2009
What is TCP/IP?
IBM Power Systems
- Transmission Control Protocol/Internet Protocol - Set of protocols (rules) which define how computers (hosts) communicate on a network - Designed for Heterogeneous systems - Supports different network types - Made up of Open Standards
- Request for comments (RFCs)
- Protocol of the Internet, defined in 5 layers
TCP/IP layering
IBM Power Systems
OSI 7 layer model Application Presentation Session Transport Application
TCP/IP layer model SNMP FTP DNS DHCP VNC SSH SMTP NFS LDAP MAIL TCP
Reliable delivery to correct program
Common network devices

- Layer 7 switch
Transport
UDP
Unreliable delivery to correct program
- Firewall
Network
Internet Network interface Physical
IP IPsec ICMP
- Router - Layer 3 switch
Data Link
LAN
(Ethernet, FDDI, ....)
WAN
(ATM, Leased lines, ....)
- Switch - Bridge - NIC
Medium (connectors, cabling, distance)
Physical
Examples: 1000Base-TX/SX/LX IEEE 802.11x
Examples: SONET T/ E -carrier links xDSL
- NIC - Repeater
TCP/IP start-up flow

IBM Power Systems
Partition Activation Run time init /sbin/rc.boot calls cfgmgr /etc/rc.tcpip /etc/rc.nfs Login Process /etc/inittab Process /etc/rc.net Starts TCP/IP subsystems syslogd snmpd sendmail portmap Inetd /etc/inetd.conf
Ethernet adapters
IBM Power Systems
Many types supported on AIX

Traditional copper (TX). Single-mode and multi-mode fiber (SX, LX, SR, LR)
Each adapter (entX) has two interfaces (enX and etX).

enX interface, uses the standard DIX ethernet frame format
Originally designed by Digital, Intel and Xerox
etX interface, uses IEEE802.3 frame format, (same as DIX except Type field is replaced by Length)
Interface en0 and et0 Layer three logical devices
Adapter Card ent0 Layer 1 and 2 physical device
MAC Address
IP addresses are assigned to the interfaces. In this case, en0.
## lsdev -Cl ent0 lsdev -Cl ent0 ent0 Available 01-08 10/100/1000 Base-TX PCI-X Adapter ent0 Available 01-08 10/100/1000 Base-TX PCI-X Adapter ## lscfg -v -l ent0 |grep Network lscfg -v -l ent0 |grep Network Network Address.............001125BF9018 Network Address.............001125BF9018 ## lsdev -Cc if lsdev -Cc if en0 Available 01-08 Standard Ethernet Network Interface en0 Available 01-08 Standard Ethernet Network Interface et0 Defined et0 Defined 01-08 IEEE 802.3 Ethernet Network Interface 01-08 IEEE 802.3 Ethernet Network Interface
Virtual LAN
IBM Power Systems
VLANs divide physical networks into logical networks.

To form smaller more manageable sub-networks Provide greater flexibility Aides performance and security through isolation Ports in a VLAN share broadcast traffic and belong to the same broadcast domain.
The industry standard VLAN protocol is IEEE 802.1Q.

Broadcast domain
VLAN 1 Building 1 Trunk Building 2 VLAN 2 Copyright IBM Corporation 2009
IEEE 802.1Q VLAN tagging (1 of 2)

IBM Power Systems
VLANs are created by assigning a VLAN ID (VID) to switch ports By default, all switch ports are assigned a default VLAN ID, referred to as a PVID (Port VLAN ID) When an untagged packet enters a port it will be automatically tagged with the ports PVID.
The packet can only travel to a destination port which belongs to the same VLAN group. Ports can belong to multiple VLAN groups. Packets can either leave the switch port tagged or untagged.
IEEE 802.1Q VLAN tagging (2 of 2)

IBM Power Systems
Packets can also be tagged by the operating system, in this case from AIX.
This is useful if you want to create multiple networks from a single Ethernet adapter.
Network ent0 ent1 ent2 ent3 VLAN 1 VLAN 2 VLAN 3 network A network B network C
A host tagged packets, if permitted, are unaffected by the PVID setting.
VLAN group example

IBM Power Systems
VLAN 100 is used by the finance group. VLAN 200 is used by the sales group.
Trunk Link
Trunk Link
AIX VLAN tagging

IBM Power Systems
To assign a VLAN ID in AIX, a VLAN adapter must be created.

Go to smit addvlan, and select a base Ethernet adapter.
Available Network Adapters Available Network Adapters Move cursor to desired item and press Enter. Use arrow keys to scroll. Move cursor to desired item and press Enter. Use arrow keys to scroll. ent1 Available 09-08 2-Port 10/100/1000 Base-TX PCI-X Adapter (1410890) ent1 Available 09-08 2-Port 10/100/1000 Base-TX PCI-X Adapter (1410890) ent0 Available 01-08 10/100/1000 Base-TX PCI-X Adapter (14106902) ent0 Available 01-08 10/100/1000 Base-TX PCI-X Adapter (14106902) Add AA VLAN Add VLAN VLAN Base Adapter VLAN Base Adapter ** VLAN Tag ID VLAN Tag ID VLAN Priority VLAN Priority
[Entry Fields] [Entry Fields] ent1 ent1 [33] [33] [] []
+# +# +# +#
## lsdev -Cc adapter lsdev -Cc adapter Packets which get ent0 Available 01-08 10/100/1000 Base-TX PCI-X Adapter (14106902) ent0 Available 01-08 10/100/1000 Base-TX PCI-X Adapter (14106902) ent1 Available 09-08 2-Port 10/100/1000 Base-TX sent from adapter ent1 Available 09-08 2-Port 10/100/1000 Base-TX PCI-X Adapter (14108902) PCI-X Adapter (14108902) ent2 Available VLAN ent2, are sent ent2 Available VLAN
tagged (33) out of ent1.

IP and subnet addressing (1 of 2)

IBM Power Systems
Each host on a network has an assigned unique IP address and associated subnet mask.
32 bits, divided into four octets
10000001
129 . .
00100001
33 . .
10010111
151 . .
00000111
7
11111111
255
11111111
255
00000000
0
00000000
0
/16
Network identification
Host identification
The network address = 129.33.0.0 (129.33/16) The broadcast address = 129.33.255.255 The first host on the network = 129.33.0.1 The last host on the network = 129.33.255.254
Every TCP/IP host contains a special address called the loopback which is assigned an address of 127.0.0.1.
IP and subnet addressing (1 of 2)

IBM Power Systems
Network addresses by default are divided into classes:

Class A B C Default subnet mask 255.0.0.0 (/8) 255.255.0.0 (/16) 255.255.255.0 (/24) Range 1-127 128-191 192-223 No. of networks 128 16384 2.1 Million No. of hosts 16.7 million 65534 254
Network assignment is managed by the IANA (Internet Assigned Numbers Authority) through ISPs.
Network addresses are generally, either broken up and assigned to physical networks (subnetting), or aggregated together (supernetting). This is achieved by manipulating the subnet mask.
Subnetting example
IBM Power Systems
Company bigbucks.com has acquired the class B network address of 129.33.0.0. They need to spilt the address range so they can have up to 128 physical networks and up to 510 hosts per network.
10000001
129 . .
00100001
33 . .
0000000 0
0 . .
00000000
0
11111111
255
11111111
255
1111111 0
254
Assigned by this organization to the network
00000000
0
Host identification
/23
The number of possible physical (sub) networks is: 2^7 = 128.
The number of hosts per network is: (2^9)-2 = 510.
Supernetting example
IBM Power Systems
Company losechange.com has acquired four class C network addresses: 222.180.108.0 through to 222.180.111.0. However, they would like to aggregate these networks together to form one global network.
11111100
222 . .
10110100
180 . .
011011 00
108 . .
00000000
0
11111111
255
11111111
255
111111 00
252
00000000
0
Host identification
/22
One class C network Network address = 222.180.108.0/22
The number of hosts (2^10)-2 = 1022
How is TCP/IP configured on AIX? (1 of 2)

IBM Power Systems
There are many ways. However, in most cases you start with smit mktcpip. A one stop shop for
TCP/IP config on AIX. To Delete existing configuration data, please use Further Configuration menus To Delete existing configuration data, please use Further Configuration menus Minimum Configuration && Startup Minimum Configuration Startup Type or select values in entry fields. Type or select values in entry fields. Press Enter AFTER making all desired changes. Press Enter AFTER making all desired changes. ** HOSTNAME HOSTNAME ** Internet ADDRESS (dotted decimal) Internet ADDRESS (dotted decimal) Network MASK (dotted decimal) Network MASK (dotted decimal) ** Network INTERFACE Network INTERFACE NAMESERVER NAMESERVER Internet ADDRESS (dotted decimal) Internet ADDRESS (dotted decimal) DOMAIN Name DOMAIN Name Default Gateway Default Gateway Address (dotted decimal or symbolic name) Address (dotted decimal or symbolic name) Cost Cost Do Active Dead Gateway Detection? Do Active Dead Gateway Detection? Your CABLE Type Your CABLE Type START Now START Now [Entry Fields] [Entry Fields] [waldorf] [waldorf] [10.47.1.18] [10.47.1.18] [255.255.0.0] [255.255.0.0] en0 en0 [10.47.1.33] [10.47.1.33] [lpar.co.uk] [lpar.co.uk] [10.47.0.1] [10.47.0.1] [0] [0] no no N/A N/A no no ## ++ ++ ++
How is TCP/IP configured on AIX? (2 of 2)

IBM Power Systems
smit tcpip should only be used for the first adapter. In a multihomed host, subsequent adapters should be configured with smit chinet.
Change // Show aa Standard Ethernet Interface Change Show Standard Ethernet Interface Network Interface Name Network Interface Name INTERNET ADDRESS (dotted decimal) INTERNET ADDRESS (dotted decimal) Network MASK (hexadecimal or dotted decimal) Network MASK (hexadecimal or dotted decimal) Current STATE Current STATE Use Address Resolution Protocol (ARP)? Use Address Resolution Protocol (ARP)? BROADCAST ADDRESS (dotted decimal) BROADCAST ADDRESS (dotted decimal) Interface Specific Network Options Interface Specific Network Options ('NULL' will unset the option) ('NULL' will unset the option) rfc1323 rfc1323 tcp_mssdflt tcp_mssdflt tcp_nodelay tcp_nodelay tcp_recvspace tcp_recvspace tcp_sendspace tcp_sendspace Apply change to DATABASE only Apply change to DATABASE only [Entry Fields] [Entry Fields] en1 en1 [192.168.0.1] [192.168.0.1] [255.255.255.0] [255.255.255.0] up up yes yes [] [] [] [] [] [] [] [] [] [] [] [] no no
++ ++
++
Command line TCP/IP configuration

IBM Power Systems
There are two ways to configure network resources:

AIX ODM (chdev or SMIT) Directly, using BSD UNIX commands: hostname, ifconfig, route (valid until reboot)
Setting the hostname

ODM: # chdev l inet0 a hostname=sys1 Directly: # hostname sys1
Adding an IP address to an adapter

ODM: # chdev -l en0 -a netaddr=192.168.0.1 a \ netmask=255.255.255.0 -a state=up Directly: # ifconfig en0 192.168.0.1 255.255.255.0 up
If the direct method is used, place the commands at the end of:
/etc/rc.net or /etc/bsdnet (if inet0 bootup_option=yes)
Verifying network interfaces

IBM Power Systems
netstat
# netstat -in # netstat -in Name Mtu Network Name Mtu Network en0 1500 link#2 en0 1500 link#2 en0 1500 10.47 en0 1500 10.47 lo0 16896 link#1 lo0 16896 link#1 lo0 16896 127 lo0 16896 127 lo0 16896 ::1 lo0 16896 ::1 Address Address ea.48.f0.0.b0.3 ea.48.f0.0.b0.3 10.47.1.23 10.47.1.23 localhost localhost ZoneID ZoneID Ipkts Ierrs Ipkts Ierrs 3359653 0 3359653 0 3359653 0 3359653 0 1201 0 1201 0 1201 0 1201 0 0 1201 0 0 1201 0 Opkts Oerrs Coll Opkts Oerrs Coll 238778 0 0 238778 0 0 238778 0 0 238778 0 0 1214 0 0 1214 0 0 1214 0 0 1214 0 0 1214 0 0 1214 0 0
ifconfig
# ifconfig -a # ifconfig -a en0: en0: flags=1e080863,480<UP,BROADCAST,NOTRAILERS,RUNNING,SIMPLEX,MULTICAST,GROUPRT,64BIT,CHECK flags=1e080863,480<UP,BROADCAST,NOTRAILERS,RUNNING,SIMPLEX,MULTICAST,GROUPRT,64BIT,CHECK SUM_OFFLOAD(ACTIVE),CHAIN> SUM_OFFLOAD(ACTIVE),CHAIN> inet 10.47.1.23 netmask 0xffff0000 broadcast 10.47.255.255 inet 10.47.1.23 netmask 0xffff0000 broadcast 10.47.255.255 tcp_sendspace 262144 tcp_recvspace 262144 rfc1323 1 tcp_sendspace 262144 tcp_recvspace 262144 rfc1323 1 lo0: flags=e08084b<UP,BROADCAST,LOOPBACK,RUNNING,SIMPLEX,MULTICAST,GROUPRT,64BIT> lo0: flags=e08084b<UP,BROADCAST,LOOPBACK,RUNNING,SIMPLEX,MULTICAST,GROUPRT,64BIT> inet 127.0.0.1 netmask 0xff000000 broadcast 127.255.255.255 inet 127.0.0.1 netmask 0xff000000 broadcast 127.255.255.255 inet6 ::1/0 inet6 ::1/0 tcp_sendspace 131072 tcp_recvspace 131072 rfc1323 1 tcp_sendspace 131072 tcp_recvspace 131072 rfc1323 1
Name resolution
IBM Power Systems
Name resolution can be achieved through several mechanisms: local hosts file, DNS, NIS, and LDAP. Local /etc/hosts file:
127.0.0.1 127.0.0.1 10.10.1.1 10.10.1.1 10.10.1.2 10.10.1.2 10.10.1.3 10.10.1.3 loopback localhost loopback localhost system1 nimserver system1 nimserver system2 system2 system3 system3
The default name resolution order is:

bind (DNS), NIS=auth, local
To change the default order to local then bind:

Append to /etc/netsvc.conf
hosts = local, bind
Set environment variable NSORDER in /etc/environment

NSORDER=local,bind Change is effective at next login or process start NSORDER overrides /etc/netsvc.conf
Routing implementation (1 of 2)
IBM Power Systems
subnet mask 255.255.0.0 (/16) 9.19.99.20
9.19.99.17
sys17
sys1
9.19.98.1 9.19.99.11 sys11 sys11e 9.19.98.11
sys5
9.19.98.5
subnet mask 255.255.255.0 (/24)
Internet
sys20 sys20e 152.64.10.1

default router
sys13
9.19.99.13
sys10
9.19.98.10
destination address
deliver via gateway

9.19.99.11 9.19.99.11 9.19.99.20
Host Route 9.19.98.1 Network Route 9.19.98/24 Default Route default

Routing implementation (2 of 2)
IBM Power Systems
Route syntax: route [add/delete/change] [destination] [gateway]

Add a default gateway
## route add 00 9.19.99.20 route add 9.19.99.20
Add a host or network route

## route add 9.19.98.1 9.19.99.11 route add 9.19.98.1 9.19.99.11 ## route add net 9.19.98 9.19.99.11 route add net 9.19.98 9.19.99.11
Delete a host route

## route delete 9.19.98.1 9.19.99.11 route delete 9.19.98.1 9.19.99.11
Empty or flush the routing table

## route -f route -f
Configure an AIX host as a router

## no o ipforwarding=1 no o ipforwarding=1
Multipath routing
IBM Power Systems
AIX will allow you to add multiple routes to the same destination. It is known as MPR (multipath routing).
This is for load balancing and high availability.
1 Host 10.47.1.18 Backup Default Router2 10.47.0.254 2 Primary Default Router1 10.47.0.1 Host 10.47.1.18 Primary Default Router2 10.47.0.254 Primary Default Router1 10.47.0.1
# route add 0 10.47.0.1 weight 1 active_dgd # route add 0 10.47.0.254 weight 10 active_dgd # route add 0 10.47.0.1 weight 1 active_dgd # route add 0 10.47.0.254 weight 1 active_dgd
Additional configuration, IP aliasing

IBM Power Systems
IP aliasing is a popular function which allows multiple IP addresses to be assigned to a single IP interface. This technology is popular with clustering technologies, such as PowerHA (HACMP).
## netstat -in -I en1 || grep v link netstat -in -I en1 grep v link Name Mtu Address Name Mtu Network Network Address en1 1500 192.168.0 en1 1500 192.168.0 192.168.0.1 192.168.0.1
ZoneID ZoneID
Ipkts Ierrs Ipkts Ierrs 00 00
Opkts Oerrs Opkts Oerrs 66 00
## ifconfig en1 alias 172.31.0.1 255.255.0.0 ifconfig en1 alias 172.31.0.1 255.255.0.0 ## ifconfig en1 alias 10.47.33.33 255.255.0.0 ifconfig en1 alias 10.47.33.33 255.255.0.0 ## netstat -in -I en1 || grep v link netstat -in -I en1 grep v link Name Mtu Address Name Mtu Network Network Address en1 1500 192.168.0 en1 1500 192.168.0 192.168.0.1 192.168.0.1 en1 172.31.0.1 en1 1500 172.31 1500 172.31 172.31.0.1 en1 10.47.33.33 en1 1500 10 1500 10 10.47.33.33 ZoneID ZoneID Ipkts Ierrs Ipkts Ierrs 00 00 00 00 00 00 Opkts Oerrs Opkts Oerrs 77 00 77 00 88 00
Testing for remote connectivity

IBM Power Systems
## ping sys1 ping sys1 PING sys1: (192.108.14.2): 56 data bytes PING sys1: (192.108.14.2): 56 data bytes 64 bytes from 192.108.14.2: icmp_seq=0 ttl=255 time=0 ms 64 bytes from 192.108.14.2: icmp_seq=0 ttl=255 time=0 ms 64 bytes from 192.108.14.2: icmp_seq=1 ttl=255 time=0 ms 64 bytes from 192.108.14.2: icmp_seq=1 ttl=255 time=0 ms ^C ^C ----seraph PING Statistics-------seraph PING Statistics---22 packets transmitted, 22 packets received, 0% packet loss packets transmitted, packets received, 0% packet loss ## traceroute sys1 traceroute sys1 trying to get source for sys1 trying to get source for sys1 source should be 10.47.1.31 source should be 10.47.1.31 traceroute to seraph (192.108.14.2) from 10.47.1.31 (10.47.1.31), 30 hops max traceroute to seraph (192.108.14.2) from 10.47.1.31 (10.47.1.31), 30 hops max outgoing MTU == 1500 outgoing MTU 1500 11 merovingian.lpar.co.uk (10.47.1.30) 11 ms 00 ms 00 ms merovingian.lpar.co.uk (10.47.1.30) ms ms ms 22 7.7.7.1 (7.7.7.1) 00 ms 00 ms 00 ms 7.7.7.1 (7.7.7.1) ms ms ms 33 sys1 (192.108.14.2) 00 ms 00 ms 00 ms sys1 (192.108.14.2) ms ms ms
Note: Sometimes the protocols used by ping (icmp) and traceroute (udp) are blocked by firewalls or IPSec filters.
Ports and sockets

IBM Power Systems
A port identifies the application on the host. Server side ports are well-known and fixed. Client side ports are dynamic > 1023. A Socket is a combination of IP address, protocol, and port number. A pair of sockets define a unique application network connection. TCP and UDP both implement ports independent of each other.
## grep "^ftp grep "^ftp ftp ftp ftp ftp "" /etc/services /etc/services 21/tcp 21/tcp 21/udp 21/udp ## File Transfer [Control] File Transfer [Control] ## File Transfer [Control] File Transfer [Control] Socket connection resulting from the ftp communication
Stored in /etc/services
Every client connection uses a new port
neo:/ ## ftp trinity neo:/ ftp trinity neo:/ ## netstat -a |grep trinity neo:/ netstat -a |grep trinity tcp 00 00 neo.57413 trinity.ftp tcp neo.57413 trinity.ftp ESTABLISHED ESTABLISHED
inetd daemon
IBM Power Systems
Known as the super server daemon Loads a network program based upon request
Example network programs
ftp, tftp, login, telnet, shell, exec, bootp, time.
To enable or disable a network program, comment or uncomment the appropriate line, and refresh the inetd daemon. Example: disable ftp
vi /etc/inetd.conf, locate and comment out ftp line vi /etc/inetd.conf, locate and comment out ftp line #ftp #ftp telnet telnet shell shell stream tcp6 stream tcp6 stream tcp6 stream tcp6 stream tcp6 stream tcp6 nowait root nowait root nowait root nowait root nowait root nowait root /usr/sbin/ftpd /usr/sbin/ftpd /usr/sbin/telnetd /usr/sbin/telnetd /usr/sbin/rshd /usr/sbin/rshd ftpd ftpd telnetd -a telnetd -a rshd rshd
refresh s inetd refresh s inetd 0513-095 The request for subsystem refresh was completed successfully. 0513-095 The request for subsystem refresh was completed successfully.
Remote UNIX commands

IBM Power Systems
Logging into a UNIX box remotely

## rsh trinity -l root rsh trinity -l root ## rlogin trinity -l root rlogin trinity -l root ## telnet trinity telnet trinity ## ssh root@trinity ssh root@trinity
Running commands remotely on a UNIX box

## rsh trinity -l root date rsh trinity -l root date ## rexec trinity date rexec trinity date ## ssh root@trinity date ssh root@trinity date
By default, all data, including passwords, are transferred across the network in clear text (exception ssh)
There are several types of ssh software available for AIX.
OpenSSH is contained on the AIX Expansion Pack.
Transferring files over a network (1 of 2)

IBM Power Systems
ftp
## ftp waldorf ftp waldorf Connected to waldorf.lpar.co.uk. Connected to waldorf.lpar.co.uk. 220 waldorf.lpar.co.uk FTP server (Version 4.2 Thu Apr 17 02:03:14 CDT 2008) 220 waldorf.lpar.co.uk FTP server (Version 4.2 Thu Apr 17 02:03:14 CDT 2008) ready. ready. Name (waldorf:root): Name (waldorf:root): 331 Password required for root. 331 Password required for root. Password: Password: ftp> prompt ftp> prompt Interactive mode off. Interactive mode off. AIX 6.1 has new ftp> mput file* ftp> mput file* secure option (-s) which 200 PORT command successful. 200 PORT command successful. uses TLS 150 Opening data connection for file1. 150 Opening data connection for file1. 226 Transfer complete. 226 Transfer complete. 200 PORT command successful. 200 PORT command successful. 150 Opening data connection for file2. 150 Opening data connection for file2. 226 Transfer complete. 226 Transfer complete. 200 PORT command successful. 200 PORT command successful. 150 Opening data connection for file3. 150 Opening data connection for file3. 226 Transfer complete. 226 Transfer complete. ftp> bye ftp> bye 221 Goodbye. 221 Goodbye.
Transferring files over a network (2 of 2)

IBM Power Systems
rcp, scp and tar

## rcp files* waldorf:/tmp/files rcp files* waldorf:/tmp/files ## scp file* root@waldorf:/tmp/files scp file* root@waldorf:/tmp/files ### Using tar and rsh (or ssh) to transfer files over aa network ### ### Using tar and rsh (or ssh) to transfer files over network ### ## tar cf -- /tmp/files || rsh waldorf cd /backup && tar xBfp tar cf /tmp/files rsh waldorf cd /backup && tar xBfp ### Using ftp and dd to test network performance ### ### Using ftp and dd to test network performance ### ftp> put "|dd if=/dev/zero bs=1M count=100" /dev/null ftp> put "|dd if=/dev/zero bs=1M count=100" /dev/null 200 PORT command successful. 200 PORT command successful. 150 Opening data connection for /dev/null. 150 Opening data connection for /dev/null. 100+0 records in. 100+0 records in. 100+0 records out. 100+0 records out. 226 Transfer complete. 226 Transfer complete. 104857600 bytes sent in 1.36 seconds (7.529e+04 Kbytes/s) 104857600 bytes sent in 1.36 seconds (7.529e+04 Kbytes/s) local: |dd if=/dev/zero bs=1M count=100 remote: /dev/null local: |dd if=/dev/zero bs=1M count=100 remote: /dev/null
Network File System

IBM Power Systems
File sharing between heterogeneous systems in a TCP/IP network Transparent access to remote files and directories Based on a client/server model Filesets:
Server: Client: bos.net.nfs.server bos.net.nfs.client
/home /data client1 client2 /data
/data
nfs_server
/home
NFS server configuration (1 of 2)

IBM Power Systems
Server configuration
Starting NFS (now and at system restart)
/usr/sbin/mknfs B
# lssrc g nfs # lssrc g nfs
biod biod nfsd nfsd rpc.mountd rpc.mountd rpc.statd rpc.statd rpc.lockd rpc.lockd nfs nfs nfs nfs nfs nfs nfs nfs nfs nfs 352444 352444 221328 221328 315524 315524 364738 364738 258262 258262 active active active active active active active active active active
Stopping NFS (now)

/usr/sbin/rmnfs N
# lssrc g nfs # lssrc g nfs
biod biod nfsd nfsd rpc.mountd rpc.mountd rpc.statd rpc.statd rpc.lockd rpc.lockd nfs nfs nfs nfs nfs nfs nfs nfs nfs nfs inoperative inoperative inoperative inoperative inoperative inoperative inoperative inoperative inoperative inoperative
NFS server configuration (2 of 2)

IBM Power Systems
To export directories:
# vi /etc/exports # vi /etc/exports /home /home /usr/man -ro /usr/man -ro /data -root=kenny:kyle,access=kenny:kyle:eric,rw=kenny:kyle /data -root=kenny:kyle,access=kenny:kyle:eric,rw=kenny:kyle
# exportfs -va # exportfs -va Exported /usr/man Exported /usr/man Exported /data Exported /data Exported /home Exported /home
/etc/xtab
rpc.mountd
Manual NFS client mounting

IBM Power Systems
The showmount command can be used to query the directories exported by the NFS server.
kenny:/ # showmount -e nfs_server kenny:/ # showmount -e nfs_server export list for nfs_server: export list for nfs_server: /usr/man (everyone) /usr/man (everyone) /data kenny,kyle,eric /data kenny,kyle,eric /home (everyone) /home (everyone)
Mounting an NFS server directory

# mkdir /data_client_mnt # mkdir /data_client_mnt # mount nfs_server:/data /data_client_mnt # mount nfs_server:/data /data_client_mnt
## df /data df /data Filesystem 512-blocks Filesystem 512-blocks Free %Used Free %Used nfs_server:/data 278528 212920 nfs_server:/data 278528 212920 24% 24% Iused %Iused Mounted on Iused %Iused Mounted on 1317 6% /data_client_mnt 1317 6% /data_client_mnt
Predefined mounts can also be defined using smit mknfsmnt.

Predefined NFS client mounting

IBM Power Systems
smit mknfsmnt
Add aa File System for Mounting Add File System for Mounting ** Pathname of mount point Pathname of mount point ** Pathname of remote directory Pathname of remote directory ** Host where remote directory resides Host where remote directory resides ** Security method Security method ** Mount now, add entry to /etc/filesystems or both? Mount now, add entry to /etc/filesystems or both? ** /etc/filesystems entry will mount the directory /etc/filesystems entry will mount the directory on system restart. on system restart. ** Mode for this NFS file system Mode for this NFS file system ** Attempt mount in foreground or background Attempt mount in foreground or background ** Mount file system soft or hard Mount file system soft or hard Note: Many options removed for clarity. Note: Many options removed for clarity. [/data_client_mnt] [/data_client_mnt] [/data] [/data] [nfs_server] [nfs_server] [sys] [sys] Both Both no no read-write read-write background background hard hard // ++ ++ ++ ++ ++
/etc/filesystems
/data_client_mnt: /data_client_mnt: dev dev vfs vfs nodename nodename mount mount options options account account == "/data" "/data" == nfs nfs == nfs_server nfs_server == false false == bg,hard,intr,sec=sys bg,hard,intr,sec=sys == false false
Virtual Network Computing

IBM Power Systems
VNC is a free graphical desktop sharing system which uses the RFB protocol to remotely control another computer. It is popular in both UNIX and Windows systems.
VNC viewer
eg. UltraVNC realVNC tightVNC
VNC traffic
VNC AIX Server
Can also be tunnelled over an ssh connection for improved security
VNC configuration
IBM Power Systems
In order to set up a VNC server on AIX, install vnc and zlib from the AIX Toolbox for Linux Applications. Start a vnc session by typing:
vncserver :<port number>
## vncserver :33 vncserver :33 New 'X' desktop is neo:33 New 'X' desktop is neo:33 Starting applications specified in //.vnc/xstartup Starting applications specified in //.vnc/xstartup Log file is //.vnc/neo:33.log Log file is //.vnc/neo:33.log
Note: The TCP/IP port started is actually 5933. The 59 is implied and is not required to connect.
To access the AIX desktop VNC session from

UNIX, type: # vncview neo:33 PC VNC viewer
Also, access can be done through a web browser over http http://neo:5833
Checkpoint
IBM Power Systems
1. What are the following used for? /etc/rc.tcpip _____________________________________________ ssh _____________________________________________ VNC _____________________________________________ /etc/services ______________________________________________ 2. What is multipath routing and why should we use it? ______________________________________________ ______________________________________________ ______________________________________________ 3. How can we disable the FTP protocol on AIX?
Checkpoint solutions
IBM Power Systems
1. What are the following used for? /etc/rc.tcpip starts TCP/IP daemons (sendmail, inetd, etc.) ssh to login or run command on a remote machine (securely) VNC to use a remote graphical display on a local desktop machine /etc/services to store server side ports of TCP/IP applications 2. What is multipath routing and why should we use it?
Multipath routing allows us to specify multiple paths to hosts and gateways for load balancing and high availability Comment out the ftp line in /etc/inetd.conf and refresh the inetd daemon.
3. How can we disable the FTP protocol on AIX?
Exercise 14
IBM Power Systems
TCP/IP implementation
Unit summary
IBM Power Systems
Having completed this unit, you should be able to: Define TCP/IP layering terminology Describe the TCP/IP startup flow on AIX Describe IP addressing Configure TCP/IP basic functions on AIX
IP configuration, routing, Aliasing
Explain how Ports and Sockets are used Use standard TCP/IP facilities to:
Log in to another system Transfer files Run commands
Configure NFS Set up VNC

AN121 G 14

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

AN121 G 14

Uploaded by

Copyright:

Available Formats

Unit 14 TCP/IP Networking

Configure NFS Set up VNC

Copyright IBM Corporation 2009

- Protocol of the Internet, defined in 5 layers

Copyright IBM Corporation 2009

OSI 7 layer model Application Presentation Session Transport Application

Common network devices

Internet Network interface Physical

- Router - Layer 3 switch

- Switch - Bridge - NIC

Medium (connectors, cabling, distance)

Examples: 1000Base-TX/SX/LX IEEE 802.11x

Examples: SONET T/ E -carrier links xDSL

Copyright IBM Corporation 2009

TCP/IP start-up flow

Copyright IBM Corporation 2009

Many types supported on AIX

Each adapter (entX) has two interfaces (enX and etX).

VLANs divide physical networks into logical networks.

The industry standard VLAN protocol is IEEE 802.1Q.

VLAN 1 Building 1 Trunk Building 2 VLAN 2 Copyright IBM Corporation 2009

IEEE 802.1Q VLAN tagging (1 of 2)

IEEE 802.1Q VLAN tagging (2 of 2)

A host tagged packets, if permitted, are unaffected by the PVID setting.

Copyright IBM Corporation 2009

VLAN group example

Copyright IBM Corporation 2009

AIX VLAN tagging

To assign a VLAN ID in AIX, a VLAN adapter must be created.

[Entry Fields] [Entry Fields] ent1 ent1 [33] [33] [] []

tagged (33) out of ent1.

IP and subnet addressing (1 of 2)

IP and subnet addressing (1 of 2)

Network addresses by default are divided into classes:

Copyright IBM Corporation 2009

The number of possible physical (sub) networks is: 2^7 = 128.

The number of hosts per network is: (2^9)-2 = 510.

Copyright IBM Corporation 2009

One class C network Network address = 222.180.108.0/22

The number of hosts (2^10)-2 = 1022

Copyright IBM Corporation 2009

How is TCP/IP configured on AIX? (1 of 2)

Copyright IBM Corporation 2009

How is TCP/IP configured on AIX? (2 of 2)

Copyright IBM Corporation 2009

Command line TCP/IP configuration

There are two ways to configure network resources:

Setting the hostname

Adding an IP address to an adapter

Verifying network interfaces

Copyright IBM Corporation 2009

The default name resolution order is:

To change the default order to local then bind:

Set environment variable NSORDER in /etc/environment

subnet mask 255.255.0.0 (/16) 9.19.99.20

subnet mask 255.255.255.0 (/24)

sys20 sys20e 152.64.10.1

deliver via gateway

Host Route 9.19.98.1 Network Route 9.19.98/24 Default Route default

Route syntax: route [add/delete/change] [destination] [gateway]

Add a host or network route

Delete a host route