Skip to main content

LFCS: Networking (25%)

This section covers Linux networking, hostname resolution, time synchronization, OpenSSH, packet filtering, routing, bridges, and load balancing.

1. Configure IPv4/IPv6 Networking & Hostname Resolution

Learn

  • Assign IP addresses (static & dynamic).
  • Configure hostnames and DNS resolution.
  • Understand /etc/hosts, /etc/resolv.conf, and hostnamectl.

Commands

# View network interfaces
ip addr show
ip link show

# Configure static IP (example)
sudo nmcli con mod eth0 ipv4.addresses 192.168.1.100/24
sudo nmcli con mod eth0 ipv4.gateway 192.168.1.1
sudo nmcli con mod eth0 ipv4.dns 8.8.8.8
sudo nmcli con mod eth0 ipv4.method manual
sudo nmcli con up eth0

# Set hostname
hostnamectl set-hostname myhost
hostnamectl status

# DNS check
cat /etc/resolv.conf
ping google.com

Exercises

  1. Assign a static IP to an interface and verify connectivity.
  2. Change the hostname and update /etc/hosts accordingly.

2. Time Synchronization

Learn

  • Sync system time using chrony or ntpd.
  • Check and update time zone.

Commands

# Check current time
timedatectl

# Set time zone
timedatectl set-timezone Europe/Paris

# Sync time using chrony
sudo systemctl start chronyd
chronyc tracking
chronyc sources

Exercises

  1. Configure NTP synchronization with a public server.
  2. Verify time sync status.

3. Monitor & Troubleshoot Networking

Learn

  • Use tools to check connectivity and troubleshoot issues.

Commands

ping <host>
traceroute <host>
ss -tulnp  # check listening ports
netstat -rn  # routing table
curl -I http://example.com

Exercises

  1. Ping a remote host and check for packet loss.
  2. Check which service is listening on port 80.

4. OpenSSH Configuration

Learn

  • Configure SSH server and client.
  • Manage keys and permissions.

Commands

# Start and enable SSH server
sudo systemctl start sshd
sudo systemctl enable sshd

# Connect to remote server
ssh user@remote_host

# Generate keys
ssh-keygen -t rsa -b 4096
ssh-copy-id user@remote_host

Exercises

  1. Configure SSH to listen on a non-default port.
  2. Set up key-based authentication.

5. Packet Filtering, Port Redirection, NAT

Learn

  • Configure firewall using iptables or firewalld.
  • Perform NAT and port forwarding.

Commands

# Check firewall status
sudo firewall-cmd --state

# Allow port 22
sudo firewall-cmd --add-port=22/tcp --permanent
sudo firewall-cmd --reload

# Example NAT rule
sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

Exercises

  1. Open a specific port on the firewall.
  2. Configure port forwarding for SSH.

6. Static Routing

Learn

  • Add static routes for traffic control.

Commands

# Add a static route
sudo ip route add 192.168.2.0/24 via 192.168.1.1 dev eth0

# Show routes
ip route show

Exercises

  1. Add a static route to reach a remote network.
  2. Verify connectivity via the static route.

7. Bridge & Bonding Devices

Learn

  • Network bridging (e.g., for VMs).
  • Bonding for link aggregation.

Commands

# Create bridge
sudo nmcli con add type bridge con-name br0 ifname br0
sudo nmcli con add type bridge-slave con-name eth0-br0 ifname eth0 master br0

# Bonding example
sudo nmcli con add type bond con-name bond0 ifname bond0 mode active-backup
sudo nmcli con add type bond-slave con-name eth1-bond0 ifname eth1 master bond0

Exercises

  1. Create a network bridge and attach an interface.
  2. Configure a bonded interface with two NICs.

8. Reverse Proxies & Load Balancers

Learn

  • Basics of reverse proxy (e.g., Nginx) and load balancing.

Commands

# Nginx reverse proxy example
sudo nano /etc/nginx/conf.d/reverse.conf
# server { listen 80; location / { proxy_pass http://backend:8080; } }
sudo systemctl reload nginx

Exercises

  1. Configure Nginx to proxy requests to a backend server.
  2. Set up basic round-robin load balancing using Nginx.
Back to top