Notes On TCP/IP (take Ur Time To Read Very Lengthy)

What Is TCP/IP?
TCP/IP is a universal standard suite of protocols used to provide connectivity between networked devices. It is part of the larger OSI model upon which most data communications is based.
One component of TCP/IP is the Internet Protocol (IP) which is responsible for ensuring that data is transferred between two addresses without being corrupted.
For manageability, the data is usually split into multiple pieces or “packets” each with its own error detection bytes in the control section or “header” of the packet. The remote computer then receives the packets and reassembles the data and checks for errors. It then passes the data to the program that expects to receive it.
How does the computer know what program needs the data? Each IP packet also contains a piece of information in its header called the “type” field. This informs the computer receiving the data about the type of transportation mechanism being used.
The two most popular transportation mechanisms used on the Internet are Transmission Control Protocol (TCP) and User Datagram Protocol (UDP).
What is TCP?
TCP opens up a connection between client and server programs running on separate computers so that multiple and/or sporadic streams of data can be sent over an indefinite period of time. TCP keeps track of the packets sent by giving each one a sequence number with the remote server sending back “acknowledgement” packets confirming correct delivery. Programs that use TCP therefore have a means of detecting connection failures and requesting the retransmission of missing packets. TCP is a good example of a “connection oriented” protocol.
What is UDP?
UDP is a connectionless protocol. Data is sent on a “best effort” basis with the machine that sends the data having no means of verifying whether the data was correctly received by the remote machine. UDP is usually used for applications in which the data sent is not mission critical. It is also used when data needs to be broadcast to all available servers on a locally attached network where the creation of dozens of TCP connections for a short burst of data is considered resource hungry.
What are TCP / UDP Ports?
So the data portion of the IP packet contains a TCP or UDP segment sandwiched inside. Only the TCP segment header contains sequence information, but both the UDP and the TCP segment headers track the “port” being used. The source/destination port and the source/destination IP addresses of the client & server computers are then combined to uniquely identify each data flow.
Certain programs are assigned specific ports that are internationally recognized. For example, port 80, is reserved for HTTP web traffic and port 25 is reserved for SMTP email. Ports below 1024 are reserved for privileged system functions, those above 1024 are generally reserved for non system third party applications.
Usually when a connection is made from a client computer requesting data to the server machine that contains the data:
othe client selects a random unused "source" port greater than 1024 and queries the server on the "destination" port specific to the application. If it is an HTTP request, the client will use a source port of say, 1095 and query the server on port 80 (HTTP)
oThe server recognizes the port 80 request as an HTTP request and passes on the data to be handled by the web server software. When the web server software replies to the client, it tells the TCP application to respond back to port 1095 of the client using a source port of port 80.
The client keeps track of all its requests to the server's IP address and will recognize that the reply on port 1095 isn't a request initiation for "Nicelink" (See the Bibliography for a link to a TCP/IP port listing), but a response to the initial port 80 HTTP query.
What is a TTL?
Each IP packet has a Time to Live (TTL) section that keeps track of the number of network devices the packet has passed through to reach its destination. The server sending the packet sets the TTL value and each network device that the packet passes through then reduces this value by “1”. If the TTL value reaches “0”, then the network device will discard the packet.
This mechanism helps to ensure that bad routing on the Internet won’t cause packets to aimlessly loop around the network. TTLs help to reduce the clogging of data circuits with unnecessary traffic.
What is ICMP?
There is another commonly used protocol called the Internet Control Message Protocol (ICMP). It is not strictly a TCP/IP protocol, but TCP/IP based applications use it frequently.
ICMP provides a suite of error, control, and informational messages for use by the operating system. For example, IP packets will occasionally arrive at a server with corrupted data due to any number of reasons including; a bad connection; electrical interference or even misconfiguration. The server will usually detect this by examining the packet and correlating the contents to what it finds in the IP header’s error control section. It will then issue an ICMP reject message to the original sending machine that the data should be resent as the original transmission was corrupted.
ICMP also includes echo and echo reply messages used by the Linux “ping” command to confirm network connectivity. More information on ICMP messages can be found in both the Appendix and the chapter on network troubleshooting.
What Do IP Addresses Look Like?
·All devices connected to the Internet have an Internet Protocol (IP) address. Just like a telephone number, it helps to uniquely identify a user of the system.
·IP addresses are in reality a string of binary digits or "bits". Each bit is either a 1 or a 0. IP addresses have 32 bits in total.
·For ease of use, IP addresses are written in what is called a "dotted decimal" format, four numbers with dots in between. None of the numbers between the dots may be greater than 255. An example of an IP address would be 97.65.25.12.
·The numbers between the dots are frequently referred to as "octets"
·Some groups of IP addresses are reserved for use only in private networks and are not routed over the Internet. These are:
Private IP Addresses
10.0.0.0 - 10.255.255.255
172.16.0.0 - 172.31.255.255
192.168.0.0 - 192.168.255.255

·Home networking equipment / devices usually are configured in the factory with an IP address in the range 192.168.1.1 to 192.168.1.255.
·You can check the Linux networking topics page on how to configure the IP address of your Linux box.
What Is Localhost?
Whether or not your computer has a network interface card it will have a “built in” IP address with which network aware applications can communicate with one another. This IP address is defined as 127.0.0.1 and is frequently referred to as “localhost”
What Is A Subnet Mask?
·Subnet masks are used to tell which part of the IP address represents:
oThe network on which the computer is connected (Network portion)
oThe computer's unique identifier on that network (Host portion)
·A simple analogy would be a phone number, such as (808) 225-2468. The (808) represents the area code, the 225-2468 represents the telephone within that area code.
·Subnet masks allow you to specify how long you want the area code to be (network portion) at the expense of the number of telephones in that are in the area code (Host portion)
·Most home networks use a subnet mask of 255.255.255.0. Each "255" means this octet is for the area code (network portion). So if your server has an IP address of 192.168.1.25 and a subnet mask of 255.255.255.0, then the network portion would be 192.168.1 and the server or host would be device #25 on that network.
·In this example, host #0 (192.168.1.0) is reserved to represent the network itself, and host #255 (192.168.1.255) is reserved for broadcast traffic intended to reach all hosts on the network at the same time. You can then use IP addresses from #1 to #254 on your "private" network.
·If you purchased a DSL service from your Internet service provider (ISP) that gives you fixed IP addresses, then they will most likely provide you with a subnet mask of 255.255.255.248 that defines 8 IP addresses. For example if the ISP provides you with a "public" network address of 97.158.253.24, a subnet mask of 255.255.255.248 and a gateway of 97.158.253.25, then your IP addresses will be:

·97.158.253.24 – Network base address
·97.158.253.25 - Gateway
·97.158.253.26 - Available
·97.158.253.27 - Available
·97.158.253.28 - Available
·97.158.253.29 - Available
·97.158.253.30 - Available
·97.158.253.31 - Broadcast

How Many Addresses Do I Get With My Mask?
The method described in this section only works for subnet masks that start with “255.255.255” which should be sufficient for your home network.
·There are only 7 possible values for the last octet of a subnet mask. These are 0, 192, 128, 224, 240, 248, 252
·You can calculate the number of IP addresses for each of the above values by subtracting the value from 256
·So for example, if you have a subnet mask of 255.255.255.192 then you have 64 IP addresses in your subnet (256 - 192)
What’s The Range Of Addresses On My Network?
If someone gives you an IP address of 97.158.253.28 and a subnet mask of 255.255.255.248, how do you determine the network address and the broadcast address, in other words the boundaries of my network? Here are the steps:
Manual Calculation
oSubtract the last octet of the subnet mask from 256 to give the number of IP addresses in the subnet. (256 - 248) = 8
oDivide the last octet of the IP address by the result of step 1, don't bother with the remainder (28/8 = 3). This will give you the theoretical number of subnets of the same size that are below this IP address.
oMultiply this result by the result of step 1 to get the network address (8 x 3 = 24). Think of it as "This is the third subnet with 8 addresses in it". The Network address is therefore 97.158.253.24
oThe broadcast address is the result of step 3 plus the result of step 1 minus 1. (24 + 8 -1 = 31). Think of it as "The broadcast address is always the network address plus the number of IP addresses in the subnet minus 1". The broadcast address is 97.158.253.31

Let's do this for 192.168.3.56 with a mask of 255.255.255.224
1.256 - 224 = 32
2.56 / 32 = 1
3.32 x 1 = 32. Therefore the network base address is 192.168.3.32
4.32 + 32 - 1 = 63. Therefore the broadcast address is 192.168.3.63

Let's do this for 10.0.0.75 with a mask of 255.255.255.240
1.256 - 240 = 16
2.75 / 16 = 4
3.16 x 4 = 64. Therefore the network base address is 10.0.0.64
4.64 + 16 -1 = 79. Therefore the broadcast address is 10.0.0.79

Note: As a rule of thumb, the last octet of your network base address must be divisible by the “256 minus the last octet of your subnet mask” and leave no remainder. If you are sub-netting a large chunk of IP addresses it’s always a good idea to lay it out on a spreadsheet to make sure there are no overlapping subnets. Once again, this calculation exercise only works with subnet masks that start with “255.255.255”.
Calculation Using A Script
There is a BASH script in the Appendix which will do this for you. Here is a sample of how to use it, just provide the IP address followed by the subnet mask as arguments. It will accept subnet masks in dotted decimal format or "/value" format

[root@bigboy tmp]# ./subnet-calc.sh 216.151.193.92 /28

IP Address : 216.151.193.92
Network Base Address : 216.151.193.80
Broadcast Address : 216.151.193.95

Subnet Mask : 255.255.255.240
Subnet Size : 16 IP Addresses

[root@bigboy tmp]#
What Is Duplex?
·Duplex refers to the ability of a device to transmit and receive data at the same time.
·Full duplex uses separate pairs of wires for transmitting and receiving data so that incoming data flows don't interfere with outgoing data flows.
·Half duplex uses the same pairs of wires for transmitting and receiving data. Devices that want to transmit information have to wait their turn until the "coast is clear" at which point they send the data. Error detection and retransmission mechanisms ensure that data reaches the destination correctly even if it were originally garbled by multiple devices starting to transmit at the same time.
·Data transfer speeds will be low and error levels will be high if you have a device at one end of a cable set to full duplex, and another device at the other end of the cable set to half duplex.
·Most modern network cards can auto-negotiate duplex with the device on the other end of the wire. It is for this reason that duplex settings aren’t usually a problem for Linux servers.
What Is A Hub?
·A hub is a device into which you can connect all devices on a home network so that they can talk together. Hubs physically cross-connect all their ports with one another which causes all traffic sent from a server to the hub to be blurted out to all other servers connected to that hub whether they are the intended recipient or not.
·Hubs have none or very little electronics inside and therefore do not regulate traffic. It is possible for multiple servers to speak at once with all of them receiving garbled messages. When this happens the servers try again, after a random time interval, until the message gets through correctly.
·It is for these reasons that devices that plug into hubs should be set to half duplex.
What Is A Switch?
·A switch is also a device into which you can connect all devices on a home network so that they can talk together. Unlike a hub, traffic sent from Server A to Server B will only be received by Server B. The only exception is broadcast traffic which is blurted out to all the servers simultaneously.
·Switches regulate traffic, thereby eliminating the possibility of message garbling. Switches therefore provide more efficient traffic flow.
·Devices that plug into switches should be set to full duplex to take full advantage of the dedicated bandwidth coming from each switch port.
What Is A LAN?
·A Local Area Network (LAN) is a grouping of ports on a hub, switch or tied to a wireless access point (WAP) that can only communicate with each other.
·It is possible to have LANs that span multiple switches. Simple home switches can be connected in a chain formation to create a LAN with more ports. This is often called “daisy chaining”.
·Pure switches provide no access control between servers connected to the same LAN. This is why network administrators group trusted servers having similar roles on the same LAN. They will also ensure that they don’t mix servers on different IP networks on the same LAN segment. A good rule of thumb is to have only one network per LAN.
·Communication to devices on another LAN requires a router directly connected to both LANs. The router is also capable of filtering traffic passing between the two LANs therefore providing additional security.
·Larger, more expensive switches can be configured to assign only certain ports to pre-specified Virtual LANs or (VLANs) chosen by the network administrator. In this case, the switch houses ports on multiple LANs. A router is still needs to be connected to each VLAN for inter-network communication.
What Is A Router?
·As stated before, switches and hubs usually only have servers connected to them that have been configured as being part of the same network.
·Routers will connect into multiple switches to allow these networks to communicate with one another.
·Routers can also be configured to deny communication between specific servers on different networks. They can also filter traffic based on the TCP port section of each packet. For example, it is possible to deny communication between two servers on different networks that intend to communicate on TCP port 80, and allow all other traffic between them. Routers therefore direct and regulate traffic between separate networks, much like a traffic policeman.
·If you intend to route between networks, then for each network, you must reserve an IP address for a router and make sure that the router is directly connected to the LAN associated with that network.
·In home networks, routers most frequently provide connectivity to the Internet using network address translation or NAT.
What Is A Gateway?
·Another name for a router.
What Is A Route?
·In the broader networking sense, a route refers to the path data takes to traverse from its source to its destination. Each router along the way may also be referred to as a hop.
·Usually when we speak about a route on a Linux box, we are referring to the IP address of the first hop needed to reach the desired destination network. It is assumed that this first hop will know how to automatically relay the packet.
·Routers are designed to exchange routing information dynamically, and can therefore intelligently redirect traffic to bypass failed network links. Home Linux boxes frequently don't run a dynamic routing protocol and therefore rely on "static" routes issued by the system administrator at the command line or in configuration files to determine the next hop to all desired networks.
·The Linux network topics page shows how to add static routes to your Linux box and also how you can convert it into a simple router.
What Is A Default Gateway?
·A default gateway is really a gateway of last resort. Say for example:
oYou have two routers R1 and R2
oR1 is connected to both your SOHO home network (192.168.1.0) and the internet
oR2 is connected to both your SOHO home network (192.168.1.0) and your credit card transaction payment the network (10.46.123.0) which is also connected to other corporate networks with addresses starting with 10.X.X.X
·You could put a route on your SOHO servers that states:
oGo to network 10.0.0.0 255.0.0.0 via router R2
oGo to everything else via router R1. R1 therefore would be considered your default gateway

·For most home networks, your default gateway would be the router / firewall connected to the Internet.
·You can check the Linux networking topics page on how to configure the default gateway on your Linux box.

What Is A NIC?
Your network interface card is frequently called a NIC. Currently, the most common types of NIC used in the home are Ethernet and wireless Ethernet cards.
What Does The “Link” Light On My NIC Indicate?
The link light signifies that the NIC card has successfully detected a device on the other end of the cable. This would indicate that you are using the correct type of cable and that the duplex has been negotiated correctly between the devices at both ends.
What Is A MAC Address?
The media access control address (MAC) can be equated to the serial number of the NIC. Every IP packet is sent out of your NIC wrapped inside an Ethernet frame which uses MAC addresses to direct traffic on your locally attached network.
MAC addresses therefore only have significance on the locally attached network. As the packet hops across the Internet, its source/destination IP address stays the same, but the MAC addresses are reassigned by each router on the way using a process called ARP.
What Is ARP?
The Address Resolution Protocol (ARP) is used to map MAC addresses to network IP addresses. When a server needs to communicate with another server it does the following steps:
·The server first checks its routing table to see which router provides the next hop to the destination network.
·If there is a valid router, let's say with an IP address of 192.168.1.1, the server checks it's ARP table to see whether it has the MAC address of the router's NIC. You could very loosely view this as the server trying to find the Ethernet serial number of the next hop router on the local network, thereby ensuring that the packet is sent to the correct device.
·If there is an ARP entry, the server sends the IP packet to its NIC and tells the NIC to encapsulate the packet in a frame destined for the MAC address of the router.
·If there is no ARP entry, the server will issue an ARP request asking that router 192.168.1.1 respond with its MAC address so that the delivery can be made. Once a reply is received, the packet is sent and the ARP table is subsequently updated with the new MAC address.
·As each router in the path receives the packet, it will pluck the IP packet out of the Ethernet frame, leaving the MAC information behind. It will then inspect the destination IP address in the packet and use its routing table to determine the IP address of the next router on the path to this destination.
·The router will then use the ARP-ing process to get the MAC address of this next hop router. It will then re-encapsulate the packet in an Ethernet frame with the new MAC address and will then send the frame to the next hop router. This relaying process continues until the packet reaches the target computer.
·If the target server is on the same network as the source server, a similar process occurs. The ARP table is queried. If no entry is available, an ARP request is made asking the target server for its MAC address. Once a reply is received, the packet is sent and the ARP table is subsequently updated with the new MAC address.
·The server will not send the data to its intended destination unless it has an entry in its ARP table for the next hop. If it doesn't, the application needing to communicate will issue a timeout or "time exceeded" error.
·As can be expected, the ARP table only contains the MAC addresses of devices on the locally connected network. ARP entries are not permanent and will be erased after a fixed period of time depending on the operating system used.
·The Linux network topics page shows how to see your ARP table and the MAC addresses of your server's NICs.
What Is A DTE?
DTE stands for Digital Terminal Equipment, a terminology originally intended for computer terminals located at remote offices or departments that were directly connected modems. The terminals would have no computing power and only functioned as a screen / keyboard combination for data processing.
Nowadays most PCs have their COM and Ethernet ports configured as if they were going to be connected to a modem or other type of purely networking oriented equipment.
What Is A DCE?
DCE is the acronym for Data Circuit-Terminating Equipment. Modems and other purely networking oriented equipment.
What Is A Straight Through / Crossover Cable?
When a DCE is connected to a DTE, you will need a “straight-through” type cable. DCEs connected to DCEs or DTEs connected to DTEs will always require “crossover” cables. These are the terminologies generally used with Ethernet cables.
The terminologies can be different for cables used to connect serial ports together. When connecting a PC’s COM port (DTE) to a modem (DCE) the “straight-through” cable is frequently called a “modem” cable. When connecting two PCs (DTE) together via their COM ports the “crossover” cable is often referred to as a “null modem” cable.
Unfortunately, some manufacturers configure the Ethernet ports of their networking equipment to be either of the DTE or the DCE type, so confusion can arise when selecting a cable. If you fail to get a “link” light when connecting your Ethernet devices together, try using the other type of cable.
A “straight-through” Ethernet cable is easy to identify. Hold the connectors side by side, pointing in the same direction with the clips facing away from you. The color of the wire in position #1 on connector #1 should be the same as that of position #1 on connector #2. The same would go for positions #2 to #8, ie. the same color for corresponding wires on each end. A cross over cable would have them mixed up.
Here is a good rule of thumb: PC to PC = crossover cable; PC to switch = straight through cable


What Is A Firewall?
Firewalls can be viewed as routers with more enhanced abilities to restrict traffic, not just by port and IP address like routers. Specifically, firewalls can detect malicious attempts to subvert the TCP/IP protocol. A short list of capabilities includes:
·Throttling traffic to a server when too many unfulfilled connections are made to it
·Restricting traffic being sent to obviously bogus IP addresses
·Providing network address translation or NAT
What Is NAT?
Your router / firewall will frequently be configured to give the impression to other devices on the Internet that the servers on your Home network have a valid “public” IP address, and not a “private” IP address. This is called network address translation (NAT) and is often also called IP masquerading in the Linux world. There are many good reasons for this, the two most commonly stated are:
·No one on the Internet knows your true IP address. NAT protects your home PCs by assigning them IP addresses from “private” IP address space that cannot be routed over the internet. This prevents hackers from directly attacking your home systems as packets sent to the “private” IP will never pass over the Internet.
·Hundreds of PCs and servers behind a NAT device can masquerade as a single "public" IP address. This greatly increases the number of devices that can access the Internet without running out of "public" IP addresses.
You can configure NAT to be “one to one” in which you assign multiple IP addresses to the outside “public” interface of your firewall and pair each of these addresses to a corresponding server on the inside network. You can also use “many to one” NAT in which the firewall maps a single IP address to multiple servers on the network.
As a general rule, you won’t be able to access the public NAT IP addresses from servers on your home network. Basic NAT testing will require you to ask a friend to try to connect to your home network from the Internet.
Examples of NAT may be found in the IP masquerade section of the Linux iptables firewall chapter and also in the Cisco PIX firewall chapter.
What Is Port Forwarding With NAT?
In our simple home network, all servers accessing the Internet will appear to have the single “public” IP address of the router / firewall because of “many to one” NAT. As the router / firewall is located at the “border crossing” to the Internet it can easily keep track of all the various outbound connections to the Internet by monitoring:
·The IP addresses and TCP ports used by each home based server and mapping it to
·The TCP ports and IP addresses of the Internet servers with which they want to communicate.
This arrangement works well with a single NAT IP trying to initiate connections to many Internet addresses. The reverse isn’t true. Connections initiated from the Internet to the “public” IP address of the router / firewall face a problem. As there normally has been no prior connection association between the Internet server and any protected server on the home network, the router / firewall has no way of telling which of the many home PCs behind it should receive the relayed data.
Port forwarding is a method of counteracting this. For example, you can configure your router / firewall to forward TCP port 80 (Web/HTTP) traffic destined to the outside NAT IP to be automatically relayed to a specific server on the inside home network
As you may have guessed, port forwarding is one of the most common methods used to host websites at home with DHCP DSL.
What Is DHCP?
According to www.dhcp.org, "The Dynamic Host Configuration Protocol (DHCP) is an Internet protocol for automating the configuration of computers that use TCP/IP. DHCP can be used to automatically assign IP addresses, (and) to deliver TCP/IP stack configuration parameters such as the subnet mask and default router”.
The assignment usually occurs when the DHCP configured machine boots up, or regains connectivity to the network. The DHCP client sends out a query requesting a response from a DHCP server on the locally attached network. The DHCP server then replies to the client PC with its assigned IP address, subnet mask, DNS server and default gateway information.
The assignment of the IP address usually expires after a predetermined period of time, at which point the DHCP client and server renegotiate a new IP address from the server’s predefined pool of addresses. Configuring firewall rules to accommodate access form machines who receive their IP addresses via DHCP is therefore more difficult as the remote IP address will vary from time to time. You’ll probably have to allow access for the entire remote DHCP subnet.
Most home router / firewalls are configured in the factory to be DHCP servers for your home network. You can also make your Linux box into a DHCP server, once it has a fixed IP address.
The most commonly used form of DSL will also assign the outside interface of your router / firewall with a single DHCP provided IP address.
You can check the chapter on Linux networking topics page on how to configure your Linux box to get its IP address via DHCP. You can also check the chapter on Configuring a DHCP Server, to make your Linux box provide the DHCP addresses for the other machines on your network.
What Is DNS?
The domain name system (DNS) is a worldwide server network used to help translate easy to remember domain names like www.linuxhomenetworking.com into an IP address that can be used behind the scenes by your computer. Here step by step description of what happens with a DNS lookup.
·Most home computers will get the IP address of their DNS server via DHCP from their router / firewall.
·Home router / firewall providing DHCP services often provides its own IP address as the DNS name server address for home computers.
·The router / firewall will then redirect the DNS queries from your computer to the DNS name server of your Internet service provider (ISP).
·Your ISP's DNS server will then probably redirect your query to one of the 13 "root" name servers.
·The root server will then redirect your query to one of the Internet's ".com" DNS name servers which will then redirect the query to the "linuxhomenetworking.com" name server.
·The "linuxhomenetworking.com" name server will then respond with the IP address for www.linuxhomenetworking.com
As you can imagine, this process can cause a noticeable delay when you are browsing the web. Each server in the chain will store the most frequent DNS name to IP address lookups in a memory cache which helps to speed up the response. You can make your Linux box into a caching DNS server for your home network too.
How Can I Check The IP Address For A Domain?
If you have the domain, then you can use either the nslookup command or host command to get the associated IP address. nslookup will be removed from future releases of Linux, but can still be used with Windows .

[root@bigboy tmp]# nslookup www.linuxhomenetworking.com
Note: nslookup is deprecated and may be removed from future releases.
Consider using the `dig' or `host' programs instead. Run nslookup with
the `-sil[ent]' option to prevent this message from appearing.
Server: 127.0.0.1
Address: 127.0.0.1#53

Name: www.linuxhomenetworking.com
Address: 216.151.193.92

[root@bigboy tmp]# host www.linuxhomenetworking.com
www.linuxhomenetworking.com has address 216.151.193.92
[root@bigboy tmp]#

You can also use the nslookup and host commands to get the reverse information.

[root@bigboy tmp]# nslookup 216.151.193.92
Note: nslookup is deprecated and may be removed from future releases.
Consider using the `dig' or `host' programs instead. Run nslookup with
the `-sil[ent]' option to prevent this message from appearing.
Server: 127.0.0.1
Address: 127.0.0.1#53

Non-authoritative answer:
92.193.151.216.in-addr.arpa name = extra193-92.elan.net.

Authoritative answers can be found from:
193.151.216.in-addr.arpa nameserver = dns1.elan.net.
193.151.216.in-addr.arpa nameserver = dns2.elan.net.
dns1.elan.net internet address = 216.151.192.1

[root@bigboy tmp]#
[root@bigboy tmp]# host 216.151.193.92
92.193.151.216.in-addr.arpa domain name pointer extra193-92.elan.net.
[root@bigboy tmp]#
How Do I Get My Own DNS Domain Name?
·There are many companies that provide DNS name registration. RegisterFree is the one I use. You can use them to determine whether the name you want is available and you can purchase the domain you want using a credit card with your web browser.
·The registration process will prompt you for your two primary DNS servers. This helps DNS root servers know exactly where to get the information for the IP address for your new website.
·If you don't have the names and/or IP addresses for you primary name servers, don't worry you can do this later, after you follow the steps below.
Static or Dynamic DNS?
oIf you didn't specifically reserve static IP addresses from your ISP, then your router is probably getting its "public" Internet IP address via DHCP from your ISP. In this case you'll want to use a dynamic DNS service.
oIf you bought static IP addresses, then static DNS is the way to go.
What is FTP?
This is one of the most popular applications used to copy files between computers via a network connection. There are a number of commercially available GUI based clients you can load on your PC to do this, such as WSFTP and CuteFTP. You also FTP from the command line as shown in the RPM chapter.
From the remote user's perspective, there are two types of FTP.
Regular FTP
oThis is used primarily to allow specific users to download files to their systems.
oThe remote FTP server will prompt you for a username, at which point the user will be the username you normally use to log into the FTP server. The password will be your regular password for your user account.
Anonymous FTP
oThis is used primarily to allow any remote user to download files to their systems.
oThe remote FTP server will prompt you for a username, at which point the user will type "anonymous". The password is usually your valid email address.

From the systems administrator's perspective, there are another two categories. These are active and passive FTP which is covered in more detail in the FTP Chapter.
It is good to remember that FTP isn't very secure as usernames, passwords and data are sent across the network unencrypted. More secure forms such as SFTP (Secure FTP) and SCP (Secure Copy) are available as a part of the Secure Shell package that is normally installed by default on RedHat.
Where is Linux Help?
Linux help files are accessed using the “man” or manual pages. From the command line you issue the man command followed by the Linux command or file you wish to get information about. If you want to get information on the ssh command, then you’d use the command “man ssh”. If you want to search all the man pages for a keyword, then use the man command with the –k switch.
Here are some examples:
Finding General Information On A Command
Here we get information on the ssh command:

[root@bigboy tmp]# man ssh
SSH(1) BSD General Commands Manual SSH(1)

NAME
ssh - OpenSSH SSH client (remote login program)

SYNOPSIS
ssh [-l login_name] hostname | user@hostname [command]

ssh [-afgknqstvxACNPTX1246] [-b bind_address] [-c cipher_spec]
[-e escape_char] [-i identity_file] [-l login_name] [-m mac_spec]
[-o option] [-p port] [-F configfile] [-L port:host:hostport] [-R
port:host:hostport] [-D port] hostname | user@hostname [command]

DESCRIPTION
ssh (SSH client) is a program for logging into a remote machine
and for executing commands on a remote machine. It is intended to
replace rlogin and rsh, and provide secure encrypted …
…
…
…
[root@bigboy tmp]#

Search For All Instances Of A Word
Here we discover that the search string ssh can be found in the TCL man pages and also in a variety of ssh related pages including ssh, ssh-add and ssh-agent. Using this information you can use the man command, without the –k, to narrow your help search.
[root@bigboy tmp]# man -k ssh
Tcl_DecrRefCount [Tcl_IsShared] (3) - manipulate Tcl objects
Tcl_DuplicateObj [Tcl_IsShared] (3) - manipulate Tcl objects
Tcl_IncrRefCount [Tcl_IsShared] (3) - manipulate Tcl objects
Tcl_InvalidateStringRep [Tcl_IsShared] (3) - manipulate Tcl objects
Tcl_IsShared (3) - manipulate Tcl objects
Tcl_IsShared [Object] (3) - manipulate Tcl objects
Tcl_IsShared [Tcl_DecrRefCount] (3) - manipulate Tcl objects
Tcl_IsShared [Tcl_DuplicateObj] (3) - manipulate Tcl objects
Tcl_IsShared [Tcl_IncrRefCount] (3) - manipulate Tcl objects
Tcl_IsShared [Tcl_InvalidateStringRep] (3) - manipulate Tcl objects
Tcl_IsShared [Tcl_NewObj] (3) - manipulate Tcl objects
Tcl_NewObj [Tcl_IsShared] (3) - manipulate Tcl objects
ssh (1) - OpenSSH SSH client (remote login program)
ssh [slogin] (1) - OpenSSH SSH client (remote login program)
ssh-add (1) - adds RSA or DSA identities to the authentication agent
ssh-agent (1) - authentication agent
ssh-keygen (1) - authentication key generation, management and conversion
ssh-keyscan (1) - gather ssh public keys
ssh-keysign (8) - ssh helper program for hostbased authentication
ssh_config (5) - OpenSSH SSH client configuration files
sshd (8) - OpenSSH SSH daemon
sshd_config (5) - OpenSSH SSH daemon configuration file
[root@bigboy tmp]#