mirror of https://github.com/tLDP/LDP
195 lines
7.2 KiB
XML
195 lines
7.2 KiB
XML
<!-- $Id$ -->
|
|
|
|
<appendix id="ax-example-network">
|
|
<title>An Example Network and Description</title>
|
|
<para>
|
|
</para>
|
|
<section id="example-network-netmap">
|
|
<title>Example Network Map and General Notes</title>
|
|
<para>
|
|
The below network map is a fictional network. This network should
|
|
provide examples of several of the common functions of a linux box in
|
|
networking situations. The hostnames used in the documentation are
|
|
taken from this network map. Where practical, I have tried to simulate
|
|
real-world situations throughout the documentation, to ease the
|
|
practical application of the concepts.
|
|
</para>
|
|
<mediaobject>
|
|
<imageobject>
|
|
<imagedata fileref="images/example-netmap.png" format="PNG"/>
|
|
</imageobject>
|
|
<imageobject>
|
|
<imagedata fileref="images/example-netmap.svg" format="SVG"/>
|
|
</imageobject>
|
|
</mediaobject>
|
|
<para>
|
|
Because this guide focusses on linux networking, I have omitted discussion
|
|
of the ISDN routers and unless relevant, the layer 2 devices (hubs and
|
|
switches). The remaining hosts on the example network can be
|
|
broken into three main categories: single-homed hosts (servers and
|
|
workstations), masquerading (cf. NAT) routers, and public routers.
|
|
For those viewing the above netmap from a security perspective,
|
|
&wan-gw; and &masq-gw; would both run
|
|
packet filters (at least), which turns the network into a traditional
|
|
screened-subnet firewall.
|
|
</para>
|
|
<para>
|
|
The LAN shown above is a common leaf-network scenario for business
|
|
offices. Frequently, there are one or two machines on a public network
|
|
segment, a masquerading firewall, and one or more networks behind the
|
|
masquerading firewall. Please do not consider this example network the
|
|
only way to interconnect devices. The above is one method of designing
|
|
a network--there are many practical issues to weigh in network design.
|
|
I am deliberately skirting the issue of network design here and
|
|
proposing an example network similar to or a superset of a commonly
|
|
found network design.
|
|
</para>
|
|
<para>
|
|
It is rare for a business which is not an ISP to own a class C sized
|
|
network today, but I have nonetheless chosen a class C sized public
|
|
network as our fictitious company's network.
|
|
</para>
|
|
</section>
|
|
<section id="example-network-addressing">
|
|
<title>Example Network Addressing Charts</title>
|
|
<para>
|
|
In addition to the network map above, you may find the following
|
|
network address and host address information handy as you read through
|
|
the various examples and documentation based on this fictional network.
|
|
</para>
|
|
<table id="tb-example-network-networks">
|
|
<title>Example Network; Network Addressing</title>
|
|
<tgroup cols="2" align="center" colsep="1" rowsep="1">
|
|
<thead>
|
|
<row>
|
|
<entry>network address</entry>
|
|
<entry>function</entry>
|
|
</row>
|
|
</thead>
|
|
<tbody>
|
|
<row>
|
|
<entry>205.254.211.0/24</entry>
|
|
<entry>public ISP-allocated network</entry>
|
|
</row>
|
|
<row>
|
|
<entry>192.168.100.0/24</entry>
|
|
<entry>internal server network</entry>
|
|
</row>
|
|
<row>
|
|
<entry>192.168.99.0/24</entry>
|
|
<entry>main office desktop network</entry>
|
|
</row>
|
|
<row>
|
|
<entry>192.168.98.0/24</entry>
|
|
<entry>branch office desktop network</entry>
|
|
</row>
|
|
</tbody>
|
|
</tgroup>
|
|
</table>
|
|
<para>
|
|
Host addressing information is summarized in this table.
|
|
follows.
|
|
</para>
|
|
<table id="tb-example-network-hosts">
|
|
<title>Example Network; Host Addressing</title>
|
|
<tgroup cols="4" align="center" colsep="1" rowsep="1">
|
|
<thead>
|
|
<row>
|
|
<entry>hostname</entry>
|
|
<entry>interface</entry>
|
|
<entry>IP address</entry>
|
|
<entry>MAC address</entry>
|
|
</row>
|
|
</thead>
|
|
<tbody>
|
|
<row>
|
|
<entry>&isolde;</entry>
|
|
<entry>eth0</entry>
|
|
<entry>192.168.100.17/24</entry>
|
|
<entry>00:80:c8:e8:4b:8e</entry>
|
|
</row>
|
|
<row>
|
|
<entry>&tristan;</entry>
|
|
<entry>eth0</entry>
|
|
<entry>192.168.99.35/24</entry>
|
|
<entry>00:80:c8:f8:4a:51</entry>
|
|
</row>
|
|
<row>
|
|
<entry>&morgan;</entry>
|
|
<entry>eth0</entry>
|
|
<entry>192.168.98.82/24</entry>
|
|
<entry>00:80:c8:f8:4a:53</entry>
|
|
</row>
|
|
<row>
|
|
<entry>&masq-gw;</entry>
|
|
<entry>eth0</entry>
|
|
<entry>192.168.100.254/24</entry>
|
|
<entry>00:80:c8:f8:5c:71</entry>
|
|
</row>
|
|
<row>
|
|
<entry>&masq-gw;</entry>
|
|
<entry>eth1</entry>
|
|
<entry>205.254.211.179/24</entry>
|
|
<entry>00:80:c8:f8:5c:72</entry>
|
|
</row>
|
|
<row>
|
|
<entry>&masq-gw;</entry>
|
|
<entry>eth2</entry>
|
|
<entry>192.168.99.254/24</entry>
|
|
<entry>00:80:c8:f8:5c:73</entry>
|
|
</row>
|
|
<row>
|
|
<entry>&masq-gw;</entry>
|
|
<entry>eth3</entry>
|
|
<entry>192.168.100.2/30</entry>
|
|
<entry>00:80:c8:f8:5c:74</entry>
|
|
</row>
|
|
<row>
|
|
<entry>&wan-gw;</entry>
|
|
<entry>eth0</entry>
|
|
<entry>205.254.211.254/24</entry>
|
|
<entry>[ unknown ]</entry>
|
|
</row>
|
|
<row>
|
|
<entry>&wan-gw;</entry>
|
|
<entry>wan0</entry>
|
|
<entry>205.254.209.73/30</entry>
|
|
<entry>[ n/a ]</entry>
|
|
</row>
|
|
<row>
|
|
<entry>&isdn-router;</entry>
|
|
<entry>(Ethernet)</entry>
|
|
<entry>192.168.99.1/24</entry>
|
|
<entry>00:c0:7b:45:6a:39</entry>
|
|
</row>
|
|
<row>
|
|
<entry>&branch-router;</entry>
|
|
<entry>(Ethernet)</entry>
|
|
<entry>192.168.98.254/24</entry>
|
|
<entry>00:c0:7b:37:af:91</entry>
|
|
</row>
|
|
<row>
|
|
<entry>&service-router;</entry>
|
|
<entry>(Ethernet)</entry>
|
|
<entry>192.168.100.1/24</entry>
|
|
<entry>00:c0:7b:7d:00:c8</entry>
|
|
</row>
|
|
</tbody>
|
|
</tgroup>
|
|
</table>
|
|
<para>
|
|
I have referred liberally to this example network throughout this
|
|
documentation. Any example commands in the documentation assume
|
|
the network configuration as shown on this network map.
|
|
</para>
|
|
<para>
|
|
Additionally, hosts which are not part of this (fictional) network but
|
|
appear in the documentation will appear under the names &real-server;
|
|
and &real-client;. This convention exists simply to disambiguate
|
|
real-world examples from the machines in the fictional network.
|
|
</para>
|
|
<para>
|
|
</para>
|
|
</section>
|
|
</appendix>
|