Chapter 5

Installation of
Application Server and
Management
Sys&Net Admin 1
 DHCP
➢Dynamic Host Configuration Protocol (DHCP) is a
standard protocol that allows a server to dynamically
distribute IP addressing and configuration information
to clients on a network.
➢The DHCP server provides the client with at least
this basic information:
❖IP Address
❖Subnet Mask
❖Default Gateway
❖Domain Name Service (DNS)
❖Windows Internet Name Service (WINS) server addresses.

Sys&Net Admin 2
 DHCP
➢DHCP offers the following advantages:
❖Automatic IP address management: DHCP allows
automated and centralized so network professionals can
manage all locations from a single location.
❖Reliable IP address configuration: The IP address
configuration parameters must be exact. Typographical
errors are typically very difficult to troubleshoot and the
use of a DHCP server minimizes such errors.
❖Reduced IP address conflicts: Each connected device
must have an IP address. The use of DHCP ensures that
each IP address is used only once.
❖Efficient change management: The use of DHCP makes
it very simple to change addresses, scopes, or endpoints.
Sys&Net Admin 3
 DHCP
➢IP address allocation mechanisms of DHCP
➢There are three ways that you can configure the DHCP
server:
➢Automatic allocation. This one will automatically assign an
IP per client permanently. The IP address will be designated
for just one device, so if, in the future, many new devices get
connected, the server could run out of IP addresses to give.
➢Dynamic allocation. This is the most common configuration.
The server auto-assigns IP addresses to clients, but there is a
time period. After the time expires, the client needs to ask for
a new IP address again. This will prevent the running out of
IPs.
➢Manual allocation. Manually the network administrator will
assign the IP address to the client.
Sys&Net Admin 4
 DHCP
➢DHCP server keeps a record of all leased IP addresses
and stores them in a file called dhcpd.leases within
/var/lib/dhcp directory ( location of this file may
vary depending on Linux system in use ).
➢Standard DHCP server implementation available in
various Linux distributions is an Open source version
maintained by ISC ( Internet System Consortium ).
➢To Install the DHCP server package:
❖sudo apt-get install isc-dhcp-server

Sys&Net Admin 5
Internet Names and Addresses
➢ Addresses, e.g. 192.100.120.100
➢ Computer usable labels for machines
➢ Conform to structure of the network
➢ Names, e.g. www.DillaUniversity.edu.et
➢ Human usable labels for machines
➢ Conform to organizational structure
➢ How do you map from one to the other?
➢ Domain Name System (DNS)
Sys&Net Admin 6
 DNS
➢The DNS (Domain Name System) is the phonebook of the
Internet. Humans access information online through
domain names.
➢DNS is a fundamental component of networking,
translating human-readable domain names into machine-
readable IP addresses, enabling communication between
computers over the internet.
➢When a user enters a domain name into a web browser or
attempts to establish a connection to a remote server, the
DNS system comes into play to resolve the domain name
into its corresponding IP address.

Sys&Net Admin 7
 DNS
➢There are four DNS servers that are involved in loading a
webpage:
1. DNS RECURSOR
➢A DNS Recursor is like a waiter in a restaurant. It acts like a "front
facing" part of the system to receive orders (normally from browsers)
where the waiter then heads into the back to get what is needed. It's
just a server that receives DNS queries from browsers and returns
information.
2. ROOT NAMESERVER
➢ A root nameserver takes a DNS recursor’s query containing a domain name
and based on the extension of the domain (.com, .org, etc.), directs the DNS
recursor to a top-level domain (TLD) nameserver. The root nameserver
essentially acts like a catalogue that points to more specific locations.
➢There are thirteen types of root nameservers, each with multiple
copies all over the world to provide speedy responses to queries. These
root nameservers are overseen by the nonprofit organization called the
Internet Corporation for Assigned Names and Numbers (ICANN).
Sys&Net Admin 8
 DNS
3. TLD NAMESERVER
➢A TLD nameserver is a server that keeps a record of all the domain
names that share a common domain extension, i.e. the set of
characters that comes after the last dot in a URL. Examples of domain
extensions include .com, .org, etc.
➢TLD servers are divided into two primary groups:
➢Generic top-level domains
➢ These include generic TLDs such as .com, .org, .net, .edu, and .gov.
➢Country code top-level domains
➢ These include country or state-specific TLDs such as .et, .us, .uk, .in, etc.
4. AUTHORITATIVE NAMESERVER
➢The authoritative nameserver is generally the last step in the journey
that goes from a domain name to an IP address. The authoritative
nameserver contains information specific to the domain name it serves
and responds to the request of the recursive resolver, providing the IP
address of that server found in the DNS A record back to the browser.
Sys&Net Admin 9
 DNS

« . » (root)
1

Q server 2
client www.yahoo.com ?
3
www.yahoo.com ?
.com DNS
87.140.2.33 ask Yahoo DNS
A
4
5

6
yahoo.com DNS

Sys&Net Admin 10
 DNS
➢Configuring DNS Servers on Linux:
➢Bind DNS Server: Bind (Berkeley Internet Name Domain) is a
widely used DNS server on Linux.

Sys&Net Admin 11
 Telnet
➢Telnet short for Telecommunication Network is a network
protocol that allows a user to remotely access and control
another computer over the Internet or local area network
(LAN).
➢It enables a user to establish a connection to a remote system
and perform tasks as if they were sitting in front of that
computer.
➢It is a client-server protocol, which means that a client
device initiates the connection to a server device.
➢The client sends commands to the server, and the server
responds with output, allowing the user to interact with the
remote system’s command-line interface.

Sys&Net Admin 12
 Open SSH
➢Open SSH (Secure Shell or Secure Socket Shell) is a
secure network communication protocol that enables
users to securely access remote computers or servers
over an unsecured network.
➢It provides a secure encrypted connection between two
hosts over an insecure network for remote login, file
transfer, and other network services.
➢Also, it supports SCP(Secure Copy Protocol) and
SFTP(SSH File Transfer Protocol) for data transfer.

Sys&Net Admin 13
 FTP
➢FTP(File Transfer Protocol) is a standard network
protocol used to transfer files between a client and a
server over the internet or any other network.
➢These computers may be at the same site or at different
sites thousands of miles apart.
➢FTP is a general protocol that works on UNIX systems
as well as a variety of other (non-UNIX) systems.
➢Setting up an FTP server and client can be useful for
sharing files between computers or for remotely
accessing files on a server.
➢Install FTP server software package such as vsftpd on
Linux.

Sys&Net Admin 14
 NFS and NIS
➢NFS, the Network File System, is the most common method for
providing file sharing services on Linux and Unix networks.
➢It is a distributed file system that enables local access to remote
disks and file systems. It uses a standard client/server
architecture.
➢NFS makes system administration easier because it eliminates
the need to maintain multiple copies of files on several
machines: all NFS clients share a single copy of the file on the
NFS server.
➢NFS also makes life easier for users: instead of logging on to
many different systems and moving files from one system to
another, a user can stay on one system and access all the files
that he or she needs within one consistent file tree.
➢NFS is used for sharing file systems between computers over a
network.
Sys&Net Admin 15
 NFS and NIS
➢Network Information Service (NIS) is a distributed
database that allows to maintain consistent configuration
files throughout the network.
➢NIS servers manage copies of the database files, and NIS
clients request information from the servers instead of
using their own, local copies of these files.

➢NIS is a part of the Network File System (NFS) software

package that includes commands and daemons for NFS,
NIS, and other services. Although NFS and NIS are
installed together as one package, each is independent and
each is configured and administered individually.

Sys&Net Admin 16
 NFS and NIS
➢For example, the /etc/hosts file is managed by NIS. A
few NIS servers manage copies of the information in the
hosts file, and all NIS clients ask these servers for host
address information instead of looking in their own
/etc/hosts file.

➢Once NIS is running, it is no longer necessary to manage

every /etc/hosts file on every machine in the network —
simply updating the NIS servers ensures that all machines
will be able to retrieve the new configuration file
information.
➢NIS is used for centralized authentication and
authorization.
Sys&Net Admin 17
 SAMBA Server
➢Samba is a open-source software suite that provides
seamless interoperability between Windows, Linux, and
Unix operating systems in a networked environment.
➢It allows these systems to share files, printers, and other
resources, making it possible for users on different
platforms to collaborate and access shared resources
transparently.
➢A Samba server offers the following services:
1.File Sharing: Samba allows file sharing between different
operating systems by implementing the Server Message Block
(SMB) protocol.
2.Print Services: Samba provides print services, allowing printers
connected to Linux or Unix servers to be shared with Windows
clients.
Sys&Net Admin 18
 SAMBA Server

3. Authentication and Authorization: Samba allows users to

authenticate against their Windows domain accounts or
local Samba accounts, ensuring secure access to shared
resources based on user permissions and access control lists
(ACLs).
4. Name Resolution: Samba integrates with the Domain
Name System (DNS) and NetBIOS Name Service (NBNS)
to resolve hostnames and provide name resolution services.
5. Integration with Windows Networking: Samba can
participate in Windows networking environments, allowing
it to join Windows domains or workgroups. This
integration enables seamless collaboration between
Windows and non-Windows systems in a mixed network
environment.
Sys&Net Admin 19
 Firewall
➢Firewall is a secure and trusted machine that sits between a
private network and a public network. It is a way to protect
machines from any unwanted traffic from outside.
➢It enables users to control incoming network traffic on host
machines by defining a set of firewall rules.
➢The firewall machine is configured with a set of rules that
determine which network traffic will be allowed to pass and
which will be blocked or refused.
➢A Linux firewall is a solution or service that regulates,
protects, and blocks network traffic as it passes to and from a
Linux-based environment.
➢Most Linux distributions, including Debian, Ubuntu, CentOS,
etc., ship with pre-built firewall services of their own (much
like Microsoft Windows has Windows Defender firewall turned on by default).
Sys&Net Admin 20
 Firewall
➢Firewall uses the concepts of zones and services, that
simplify the traffic management. Network interfaces and
sources can be assigned to a zone. The traffic allowed
depends on the network that computer is connected to and
the security level this network is assigned.
➢Firewalls filter communication based on ports. To allow
network traffic for a service, its ports must be open.
➢There are two types of Linux firewall:
➢A command line or GUI utility
❖Linux firewall utilities sit on top of pre-built firewall services such
as Netfilter, UFW, FirewallD, Iptables, etc. Configure these
manually or install an additional utility that reveals the service’s full
functionalities.

Sys&Net Admin 21
 Firewall
➢A standalone Linux firewall solution
➢These are comprehensive firewall solutions (services and the
configuration interface) that exist independent of Netfilter,
Iptables, etc.
➢They come within a secure, hardened OS that you can install in a
shell of your choice – a bare metal appliance, a public cloud
environment, or a private, virtualized shell. These solutions
usually include network management capabilities like traffic
routing or monitoring.

Sys&Net Admin 22
 Firewall
➢Firewall uses the concepts of zones and services, that
simplify the traffic management. Network interfaces and
sources can be assigned to a zone. The traffic allowed
depends on the network that computer is connected to and
the security level this network is assigned.
➢Firewall services are predefined rules that cover all
necessary settings to allow incoming traffic for a specific
service and they apply within a zone.
➢Firewalls filter communication based on ports. To allow
network traffic for a service, its ports must be open.

Sys&Net Admin 23
 Web Server
➢Web server is a computer where the web content is stored.
➢A web server’s primary role is to serve web pages for a
website. A web page can be rendered from a single HTML
file, or a complex assortment of resources fitted together.
➢One of the most common use cases for web servers is
serving files necessary for rendering a website in a
browser.
➢A common examples of a web server such as Apache or
Nginx on Linux system.

Sys&Net Admin 24
 Thanks

End of Chapter 5
?
Sys&Net Admin 25