Principles of Network and System Administration PDF
Preview Principles of Network and System Administration
Principles of Network and System Administration Second Edition Mark Burgess Oslo University College, Norway Principles of Network and System Administration Second Edition Principles of Network and System Administration Second Edition Mark Burgess Oslo University College, Norway Secondeditioncopyright(cid:1)c 2004 JohnWiley&SonsLtd,TheAtrium,SouthernGate, Chichester, WestSussexPO198SQ,England Telephone(+44)1243779777 Email(forordersandcustomerserviceenquiries):[email protected] VisitourHomePageonwww.wileyeurope.comorwww.wiley.com Firsteditioncopyright(cid:1)c 2000JohnWiley&SonsLtd Coverpainting:Man+Air+Space,1915(oiloncanvas)byLyubov’SergeenaPopova (1889-1924)StateRussianMuseum,StPetersburg,Russia/BridgemanArtGallery AllRightsReserved.Nopartofthispublicationmaybereproduced,storedinaretrievalsystemor transmittedinanyformorbyanymeans,electronic,mechanical,photocopying,recording,scanning orotherwise,exceptunderthetermsoftheCopyright,DesignsandPatentsAct1988orunderthe termsofalicenceissuedbytheCopyrightLicensingAgencyLtd,90TottenhamCourtRoad,London W1T4LP,UK,withoutthepermissioninwritingofthePublisher,withtheexceptionofanymaterial suppliedspecificallyforthepurposeofbeingenteredandexecutedonacomputersystemfor exclusiveusebythepurchaseofthepublication.RequeststothePublishershouldbeaddressedto thePermissionsDepartment,JohnWiley&SonsLtd,TheAtrium,SouthernGate,Chichester,West SussexPO198SQ,England,[email protected],orfaxedto(+44)1243770620. Thispublicationisdesignedtoprovideaccurateandauthoritativeinformationinregardtothesubject mattercovered.ItissoldontheunderstandingthatthePublisherisnotengagedinrendering professionalservices.Ifprofessionaladviceorotherexpertassistanceisrequired,theservicesofa competentprofessionalshouldbesought. OtherWileyEditorialOffices JohnWiley&SonsInc.,111RiverStreet,Hoboken,NJ07030,USA Jossey-Bass,989MarketStreet,SanFrancisco,CA94103-1741,USA Wiley-VCHVerlagGmbH,Boschstr.12,D-69469Weinheim,Germany JohnWiley&SonsAustraliaLtd,33ParkRoad,Milton,Queensland4064,Australia JohnWiley&Sons(Asia)PteLtd,2ClementiLoop#02-01,JinXingDistripark,Singapore129809 JohnWiley&SonsCanadaLtd,22WorcesterRoad,Etobicoke,Ontario,CanadaM9W1L1 Wileyalsopublishesitsbooksinavarietyofelectronicformats.Somecontentthatappears inprintmaynotbeavailableinelectronicbooks. LibraryofCongressCataloging-in-PublicationData Burgess,Mark,1966– Principlesofnetworkandsystemadministration/MarkBurgess.–2nded. p.cm. ISBN0-470-86807-4(Paper:alk.paper) 1. Computernetworks–Management. 2. Computersystems. I. Title. TK5105.5.B8632003 (cid:2) 005.43–dc22 2003019766 BritishLibraryCataloguinginPublicationData AcataloguerecordforthisbookisavailablefromtheBritishLibrary ISBN0-470-86807-4 Typesetin10/12ptBookmanbyLaserwordsPrivateLimited,Chennai,India PrintedandboundinGreatBritainbyBiddlesLtd,GuildfordandKing’sLynn Thisbookisprintedonacid-freepaperresponsiblymanufacturedfromsustainableforestry inwhichatleasttwotreesareplantedforeachoneusedforpaperproduction. Contents Prefacetosecondedition xi 1 Introduction 1 1.1 What is network and system administration? . . . . . . . . . . . . 1 1.2 Applying technology in an environment . . . . . . . . . . . . . . . 2 1.3 The human role in systems. . . . . . . . . . . . . . . . . . . . . . . 2 1.4 Ethical issues . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 1.5 Is system administration a discipline? . . . . . . . . . . . . . . . . 3 1.6 The challenges of system administration . . . . . . . . . . . . . . . 4 1.7 Common practice and good practice . . . . . . . . . . . . . . . . . 5 1.8 Bugs and emergent phenomena . . . . . . . . . . . . . . . . . . . . 6 1.9 The meta principles of system administration . . . . . . . . . . . . 6 1.10 Knowledge is a jigsaw puzzle . . . . . . . . . . . . . . . . . . . . . . 7 1.11 To the student . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8 1.12 Some road-maps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 2 System components 11 2.1 What is ‘the system’? . . . . . . . . . . . . . . . . . . . . . . . . . . 11 2.2 Handling hardware . . . . . . . . . . . . . . . . . . . . . . . . . . . 13 2.3 Operating systems . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16 2.4 Filesystems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25 2.5 Processes and job control . . . . . . . . . . . . . . . . . . . . . . . . 43 2.6 Networks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46 2.7 IPv4 networks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55 2.8 Address space in IPv4 . . . . . . . . . . . . . . . . . . . . . . . . . . 63 2.9 IPv6 networks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 68 3 Networked communities 75 3.1 Communities and enterprises . . . . . . . . . . . . . . . . . . . . . 75 3.2 Policy blueprints . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 76 3.3 System uniformity . . . . . . . . . . . . . . . . . . . . . . . . . . . . 77 3.4 User behavior: socio-anthropology . . . . . . . . . . . . . . . . . . 78 3.5 Clients, servers and delegation . . . . . . . . . . . . . . . . . . . . 78 3.6 Host identities and name services . . . . . . . . . . . . . . . . . . . 80 vi CONTENTS 3.7 Common network sharing models . . . . . . . . . . . . . . . . . . . 82 3.8 Local network orientation and analysis . . . . . . . . . . . . . . . . 86 4 Host management 109 4.1 Global view, local action . . . . . . . . . . . . . . . . . . . . . . . . 109 4.2 Physical considerations of server room . . . . . . . . . . . . . . . . 109 4.3 Computer startup and shutdown . . . . . . . . . . . . . . . . . . . 111 4.4 Configuring and personalizing workstations . . . . . . . . . . . . . 114 4.5 Installing a Unix disk . . . . . . . . . . . . . . . . . . . . . . . . . . 121 4.6 Installation of the operating system . . . . . . . . . . . . . . . . . . 124 4.7 Software installation . . . . . . . . . . . . . . . . . . . . . . . . . . 131 4.8 Kernel customization . . . . . . . . . . . . . . . . . . . . . . . . . . 140 5 User management 147 5.1 Issues . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 147 5.2 User registration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 147 5.3 Account policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 153 5.4 Login environment . . . . . . . . . . . . . . . . . . . . . . . . . . . . 154 5.5 User support services . . . . . . . . . . . . . . . . . . . . . . . . . . 161 5.6 Controlling user resources . . . . . . . . . . . . . . . . . . . . . . . 163 5.7 Online user services . . . . . . . . . . . . . . . . . . . . . . . . . . . 168 5.8 User well-being . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 171 5.9 Ethical conduct of administrators and users . . . . . . . . . . . . 173 5.10 Computer usage policy . . . . . . . . . . . . . . . . . . . . . . . . . 186 6 Models of network and system administration 195 6.1 Information models and directory services . . . . . . . . . . . . . . 196 6.2 System infrastructure organization . . . . . . . . . . . . . . . . . . 201 6.3 Network administration models . . . . . . . . . . . . . . . . . . . . 207 6.4 Network management technologies . . . . . . . . . . . . . . . . . . 213 6.5 Creating infrastructure . . . . . . . . . . . . . . . . . . . . . . . . . 219 6.6 System maintenance models . . . . . . . . . . . . . . . . . . . . . . 223 6.7 Competition, immunity and convergence . . . . . . . . . . . . . . . 225 6.8 Policy and configuration automation . . . . . . . . . . . . . . . . . 227 6.9 Integrating multiple OSs . . . . . . . . . . . . . . . . . . . . . . . . 228 6.10 A model checklist . . . . . . . . . . . . . . . . . . . . . . . . . . . . 231 7 Configuration and maintenance 235 7.1 System configuration policy . . . . . . . . . . . . . . . . . . . . . . 236 7.2 Methods: controlling causes and symptoms . . . . . . . . . . . . . 237 7.3 Change management . . . . . . . . . . . . . . . . . . . . . . . . . . 239 7.4 Declarative languages . . . . . . . . . . . . . . . . . . . . . . . . . . 240 7.5 Policy configuration and its ethical usage . . . . . . . . . . . . . . 240 7.6 Common assumptions: clock synchronization . . . . . . . . . . . . 241 7.7 Human–computer job scheduling . . . . . . . . . . . . . . . . . . . 242 7.8 Automation of host configuration . . . . . . . . . . . . . . . . . . . 248 7.9 Preventative host maintenance . . . . . . . . . . . . . . . . . . . . 252 CONTENTS vii 7.10 SNMP tools . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 255 7.11 Cfengine . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 258 7.12 Database configuration management . . . . . . . . . . . . . . . . . 268 8 Diagnostics, fault and change management 281 8.1 Fault tolerance and propagation . . . . . . . . . . . . . . . . . . . . 281 8.2 Networks and small worlds . . . . . . . . . . . . . . . . . . . . . . . 283 8.3 Causality and dependency . . . . . . . . . . . . . . . . . . . . . . . 285 8.4 Defining the system . . . . . . . . . . . . . . . . . . . . . . . . . . . 287 8.5 Faults . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 288 8.6 Cause trees . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 297 8.7 Probabilistic fault trees . . . . . . . . . . . . . . . . . . . . . . . . . 299 8.8 Change management revisited . . . . . . . . . . . . . . . . . . . . . 303 8.9 Game-theoretical strategy selection . . . . . . . . . . . . . . . . . . 304 8.10 Monitoring . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 313 8.11 System performance tuning . . . . . . . . . . . . . . . . . . . . . . 314 8.12 Principles of quality assurance . . . . . . . . . . . . . . . . . . . . 324 9 Application-level services 331 9.1 Application-level services . . . . . . . . . . . . . . . . . . . . . . . . 331 9.2 Proxies and agents. . . . . . . . . . . . . . . . . . . . . . . . . . . . 332 9.3 Installing a new service . . . . . . . . . . . . . . . . . . . . . . . . . 333 9.4 Summoning daemons . . . . . . . . . . . . . . . . . . . . . . . . . . 333 9.5 Setting up the DNS nameservice . . . . . . . . . . . . . . . . . . . 337 9.6 Setting up a WWW server . . . . . . . . . . . . . . . . . . . . . . . . 353 9.7 E-mail configuration. . . . . . . . . . . . . . . . . . . . . . . . . . . 365 9.8 OpenLDAP directory service . . . . . . . . . . . . . . . . . . . . . . 373 9.9 Mounting NFS disks . . . . . . . . . . . . . . . . . . . . . . . . . . . 374 9.10 Samba . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 378 9.11 The printer service . . . . . . . . . . . . . . . . . . . . . . . . . . . . 379 9.12 Java web and enterprise services . . . . . . . . . . . . . . . . . . . 382 10 Network-level services 391 10.1 The Internet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 391 10.2 A recap of networking concepts . . . . . . . . . . . . . . . . . . . . 392 10.3 Getting traffic to its destination . . . . . . . . . . . . . . . . . . . . 393 10.4 Alternative network transport technologies . . . . . . . . . . . . . 397 10.5 Alternative network connection technologies . . . . . . . . . . . . 400 10.6 IP routing and forwarding . . . . . . . . . . . . . . . . . . . . . . . 401 10.7 Multi-Protocol Label Switching (MPLS) . . . . . . . . . . . . . . . . 407 10.8 Quality of Service . . . . . . . . . . . . . . . . . . . . . . . . . . . . 408 10.9 Competition or cooperation for service? . . . . . . . . . . . . . . . 413 10.10 Service Level Agreements . . . . . . . . . . . . . . . . . . . . . . . . 415 11 Principles of security 423 11.1 Four independent issues . . . . . . . . . . . . . . . . . . . . . . . . 424 11.2 Physical security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 426
Description:The list of books you might like
