Unit6 - Subjective Questions

In Linux, devices are treated as files located in the /dev directory. The three main types are:

1. Block Devices:

   • These devices transfer data in blocks (buffered data) of a fixed size.
   • They allow random access to data.
   • Examples: Hard drives (/dev/sda), USB drives, and CD-ROMs.

2. Character Devices:

   • These devices transfer data character by character (unbuffered data) in a stream.
   • They operate serially and do not support random access.
   • Examples: Keyboards, mice, serial ports (/dev/ttyS0), and sound cards.

3. Network Devices:

   • Unlike block and character devices, network devices are not usually represented by file nodes in /dev. They are accessed via the kernel network stack.
   • They transfer data packets between the computer and the network.
   • Examples: Ethernet cards (eth0, enp3s0) and Wi-Fi adapters (wlan0).

Difference between Block and Character Devices:

System administrators use specific commands to identify connected hardware and monitor their status:

1. lspci (List PCI):

   • Displays information about PCI buses and devices connected to them.
   • Usage: lspci -v gives verbose output including kernel driver modules in use for video cards, network adapters, and RAID controllers.

2. lsusb (List USB):

   • Lists all USB busses and the devices connected to them.
   • Usage: lsusb -t shows the physical USB device hierarchy as a tree, useful for debugging USB hub issues.

3. dmesg (Display Message):

   • Prints the message buffer of the kernel ring.
   • It is crucial for troubleshooting because it shows hardware detection messages during boot and subsequent device connection/disconnection events.
   • Usage: dmesg | grep -i error or dmesg | tail to see the most recent hardware events (e.g., inserting a USB drive).

udev is the device manager for the Linux kernel. Its primary roles include:

• Dynamic Device Node Creation: Unlike traditional static /dev directories, udev dynamically creates and removes device nodes in /dev only when hardware is actually connected or disconnected.
• Persistent Naming: It ensures consistent naming for devices (e.g., network interfaces or disk drives) across reboots, regardless of the order in which they are discovered. This is often handled via rules in /etc/udev/rules.d/.
• User-Space Notification: udev listens to kernel 'uevents' and handles user-space actions, such as loading firmware or executing scripts when a device is plugged in (e.g., automatically mounting a USB drive).
• Device Permissions: It manages permissions and ownership of device nodes, allowing non-root users to access specific hardware like audio or video devices.

The TCP/IP model (Transmission Control Protocol/Internet Protocol) is the conceptual model used for modern networking. It consists of four layers:

1. Application Layer:

   • Provides protocols for applications to communicate over the network.
   • Examples: HTTP, FTP, SSH, DNS, SMTP.

2. Transport Layer:

   • Responsible for end-to-end communication and error handling.
   • TCP: Connection-oriented, reliable delivery.
   • UDP: Connectionless, faster but unreliable.

3. Internet Layer:

   • Handles logical addressing (IP addresses) and routing of packets across different networks.
   • Core protocol: IP (IPv4, IPv6), ICMP (Ping).

4. Network Interface (Link) Layer:

   • Handles the physical transmission of data (bits) and physical addressing (MAC addresses).
   • Examples: Ethernet, Wi-Fi drivers, ARP.

Comparison:

• Reliability: TCP is reliable (acknowledgments, retransmissions), while UDP is unreliable (fire-and-forget).
• Connection: TCP is connection-oriented (3-way handshake); UDP is connectionless.
• Order: TCP guarantees order of packets; UDP does not.
• Overhead: TCP has a larger header (20 bytes) and higher latency; UDP has a smaller header (8 bytes) and lower latency.

When to prefer UDP:
System Administrators prefer UDP for real-time services where speed is critical and minor data loss is acceptable. Examples include:

• VoIP (Voice over IP) and Video Streaming: Dropping a frame is better than buffering.
• DNS (Domain Name System): Needs fast queries.
• DHCP: Discovery broadcasts.

To calculate the number of usable hosts for a subnet mask:

1. Total Bits in IPv4 Address: $32$
2. Network Bits: $26$
3. Host Bits:

The formula for total IP addresses is , where is the number of host bits.

However, in every subnet, 2 addresses are reserved:

• Network Address: The first address.
• Broadcast Address: The last address.

Usable Hosts Formula:

Answer: A network supports 62 usable hosts.

Linux is highly versatile and can be configured for various server roles:

1. Web Server (LAMP/LEMP Stack):

   • Hosts websites and web applications.
   • Software: Apache or Nginx (Web Server), MySQL/MariaDB (Database), PHP/Python/Perl (Scripting).
   • Function: Processes HTTP/HTTPS requests and serves HTML content.

2. File Server:

   • Stores and manages files accessible by other computers on the network.
   • Software: Samba (for Windows compatibility) or NFS (Network File System for Linux clients).
   • Function: Centralized storage, backup, and file sharing.

3. DNS Server:

   • Translates domain names (e.g., google.com) into IP addresses.
   • Software: BIND (Berkeley Internet Name Domain) or Unbound.
   • Function: Essential for network name resolution and directory services.

Linux provides tools to configure network interfaces. The modern standard is ip, while ifconfig is deprecated but still widely known.

1. ip command (part of iproute2):

• View IP: ip addr show
• Assign IP: ip addr add 192.168.1.10/24 dev eth0
• Bring Interface Up/Down: ip link set eth0 up
• View Routing Table: ip route show
• Why use it? It is more powerful, handles secondary addresses better, and is the current standard.

2. ifconfig command (part of net-tools):

• View IP: ifconfig
• Assign IP: ifconfig eth0 192.168.1.10 netmask 255.255.255.0
• Bring Interface Up/Down: ifconfig eth0 up
• Status: Deprecated. It does not handle complex routing or multiple addresses per interface as efficiently as ip.

Configuration depends on the distribution, but here are two common methods:

Method 1: Using Netplan (Ubuntu/Debian modern):

1. Edit the YAML configuration file in /etc/netplan/ (e.g., 01-netcfg.yaml).

2. Add the configuration:
   yaml
   network:
   version: 2
   ethernets:
   eth0:
   dhcp4: no
   addresses: [192.168.1.100/24]
   gateway4: 192.168.1.1
   nameservers:
   addresses: [8.8.8.8, 8.8.4.4]

3. Apply changes: sudo netplan apply

Method 2: Using NetworkManager (nmcli):

1. Set IPv4 to manual: nmcli con mod "Wired connection 1" ipv4.method manual
2. Set IP/Mask: nmcli con mod "Wired connection 1" ipv4.addresses 192.168.1.100/24
3. Set Gateway: nmcli con mod "Wired connection 1" ipv4.gateway 192.168.1.1
4. Set DNS: nmcli con mod "Wired connection 1" ipv4.dns "8.8.8.8"
5. Restart connection: nmcli con up "Wired connection 1"

1. /etc/hosts (Static Lookup):

• Purpose: This is a local text file that maps hostnames to IP addresses manually.
• Priority: By default, the system checks this file before querying an external DNS server.
• Usage: Useful for local development or small networks without a DNS server.
• Format: 192.168.1.50 myserver.local

2. /etc/resolv.conf (DNS Resolver Config):

• Purpose: Configures the system's DNS resolver settings.

• Content: Specifies the IP addresses of the Nameservers (DNS servers) the computer should query to resolve domain names.

• Usage: Defines which DNS server to ask (e.g., Google DNS or ISP DNS).

• Format:

  nameserver 8.8.8.8
  nameserver 1.1.1.1
  search mydomain.com

• Note: In modern systems (like systemd-resolved), this file is often a symbolic link and should not be edited manually.

DHCP (Dynamic Host Configuration Protocol) is a network management protocol used to automatically assign IP addresses and other network configuration parameters to devices.

The process is known as DORA:

1. Discovery: The client broadcasts a message (DHCPDISCOVER) on the local subnet to find available DHCP servers. It asks, "Is there a DHCP server available?"
2. Offer: The DHCP server receives the request and broadcasts a DHCPOFFER message containing an available IP address to the client.
3. Request: The client receives the offer and broadcasts a DHCPREQUEST message, formally requesting to lease the offered IP address from the specific server.
4. Acknowledgment: The server sends a DHCPACK packet, confirming the lease and providing additional details like subnet mask, gateway, and DNS. The client can now use the IP.

Virtualization is the process of creating a software-based (virtual) representation of something, such as virtual applications, servers, storage, or networks. It allows multiple operating systems to run simultaneously on a single physical machine.

Hypervisors (Virtual Machine Monitors) manage these VMs. There are two types:

• Type 1 (Bare Metal):

  • Installs directly on the physical hardware without a host Operating System.
  • Performance: Higher efficiency and security.
  • Use Case: Enterprise data centers.
  • Examples: VMware ESXi, Microsoft Hyper-V, Xen.

• Type 2 (Hosted):

  • Runs as an application installed on top of an existing Host OS (like Windows or Linux).
  • Performance: Higher overhead due to the host OS layer.
  • Use Case: Desktop virtualization, testing, development.
  • Examples: Oracle VirtualBox, VMware Workstation.

Cloud Computing is the on-demand delivery of IT resources (computing power, storage, databases) over the Internet with pay-as-you-go pricing.

Primary Service Models:

1. IaaS (Infrastructure as a Service):

   • Provides virtualized computing resources over the internet.
   • The user manages the OS, applications, and middleware; the provider manages the hardware/virtualization.
   • Example: AWS EC2, Google Compute Engine.

2. PaaS (Platform as a Service):

   • Provides a platform allowing customers to develop, run, and manage applications without building the infrastructure.
   • The user manages the data and app; the provider manages the OS and runtime.
   • Example: Heroku, Google App Engine.

3. SaaS (Software as a Service):

   • Software is hosted on the cloud and accessed via a browser.
   • The provider manages everything.
   • Example: Gmail, Dropbox, Salesforce.

Virtual Machines (VMs):

• Architecture: Each VM runs a full Guest Operating System on top of a Hypervisor.
• Size: Heavyweight (gigabytes in size).
• Boot Time: Slow (minutes to boot the OS).
• Isolation: Strong isolation; complete separation from the host.
• Resource Usage: High overhead (CPU/RAM dedicated to Guest OS).

Containers (e.g., Docker):

• Architecture: Containers share the Host Operating System's kernel but package the application and dependencies (libs/bins) in user space.
• Size: Lightweight (megabytes).
• Boot Time: Almost instant (milliseconds/seconds).
• Isolation: Process-level isolation (less secure than VMs but efficient).
• Resource Usage: Low overhead; highly efficient scaling.

A logical troubleshooting workflow follows the network layers from bottom to top:

1. Check Physical/Interface Status:

   • Command: ip link show
   • Action: Ensure the interface (e.g., eth0) is UP. Check cables.

2. Check IP Configuration:

   • Command: ip addr show
   • Action: Verify the server has a valid IP address and Subnet Mask.

3. Check Local Gateway Connectivity:

   • Command: ping -c 4 <gateway_IP>
   • Action: If this fails, the issue is local (switch/router or config).

4. Check Internet Connectivity (IP):

   • Command: ping -c 4 8.8.8.8 (Google DNS)
   • Action: If this succeeds, routing is working. If it fails, check the routing table (ip route).

5. Check DNS Resolution:

   • Command: ping -c 4 google.com or nslookup google.com
   • Action: If pinging IP works but domain name fails, it is a DNS issue. Check /etc/resolv.conf.

6. Check Firewall:

   • Command: iptables -L or ufw status
   • Action: Ensure traffic isn't being dropped by firewall rules.

1. ping:

• Protocol: Uses ICMP (Internet Control Message Protocol) Echo Request and Echo Reply.
• Purpose: Tests the reachability of a host on an IP network and measures the round-trip time (latency).
• Usage: ping google.com tells you if the server is online and how fast the connection is.

2. traceroute (or tracepath):

• Protocol: Uses UDP or ICMP with incrementing TTL (Time To Live) values.
• Purpose: Displays the path (route) packet takes to reach the destination. It lists every router (hop) along the way.
• Usage: traceroute google.com identifies where the connection is breaking. If packets stop at a specific hop, that router is likely the point of failure.

netstat (Network Statistics):

• A traditional tool to display network connections, routing tables, and interface statistics.
• Common Flags:
  • -t: TCP connections.
  • -u: UDP connections.
  • -l: Listening ports.
  • -n: Show numerical addresses (don't resolve hostnames).
  • -p: Show the PID/Program name.
• Example: netstat -tulpn shows all listening ports and the programs using them.

ss (Socket Statistics):

• The modern replacement for netstat. It dumps socket statistics directly from the kernel (faster and more detailed).
• It uses similar flags to netstat.
• Example: ss -ta (Show all TCP sockets) or ss -plunt (Processes, Listening, UDP, Numerical, TCP).

SSH (Secure Shell):

• A cryptographic network protocol for operating network services securely over an unsecured network.
• It provides a secure channel over an unsecured network by using a client-server architecture.
• Standard Port: 22.
• Used for: Remote command-line login, secure file transfer (SCP/SFTP), and port forwarding.

Generating Key Pair for Passwordless Login:

1. Generate Keys: Run ssh-keygen -t rsa on the client machine. This creates a private key (id_rsa) and a public key (id_rsa.pub).
2. Copy Public Key: Transfer the public key to the remote server using: ssh-copy-id user@remote_host.
3. Login: The user can now log in via ssh user@remote_host without typing a password, as the server authenticates the client using the cryptographic keys.

To find the broadcast address:

1. Analyze Subnet Mask:

   • $255.255.255.240$
   • The last octet is 240. In binary: $11110000$.
   • Number of network bits (CIDR) = .
   • Block size = .

2. Determine Subnets:

   • The subnets increment by 16:

3. Find the Network for the Host:

   • Host IP is $192.168.10.50$.
   • 50 falls between 48 and 64.
   • Network Address: $192.168.10.48$.

4. Calculate Broadcast Address:

   • The broadcast address is the last IP in the block, which is one less than the next network address ($64$).
   • .

Answer: The Broadcast Address is $192.168.10.63$.