This course looks at networking from a design perspective. Topics will include, but not be limited to TCP/IP, DNS, DHCP, BOOTP, firewalls, routers, bridges, switches, wiring, ethernet, web servers, virtual hosting, SNAT/DNAT, and IP sub-netting. The OS for this class will be Linux (Slackware distribution). The class will be a combination of lecture/lab.
In this task, we were given a scenario where there was a need to have 4 sub-networks that had at least 18 computers on each. We had to choose the proper subnet mask that would allow us to create the specified sub-networks, then we had to write a script that actually created them. There were also rules where each subnet could only reach a certain domain.
Here is the task sheet:
And here is the script I created:
#!/usr/bin/bash
### Enable IP Forwarding ###
echo 1 > /proc/sys/net/ipv4/ip_forward
### Take down networking interfafces ###
ifconfig eth0 down
ifconfig eth0:1 down
ifconfig eth0:2 down
ifconfig eth0:3 down
ifconfig eth0:4 down
### Flush iptables ###
iptables -F
iptables -t nat -F
### Setup eth0 ###
ifconfig eth0 192.168.10.55 netmask 255.255.255.0
route add default gw 192.168.10.1
echo nameserver 192.168.10.1 > /etc/resolv.conf
### Setup subnets ###
#Subnet 1: 0-31
ifconfig eth0:1 192.168.55.1 netmask 255.255.255.224 broadcast 192.168.55.31
#Subnet 2: 32-63
ifconfig eth0:2 192.168.55.33 netmask 255.255.255.224 broadcast 192.168.55.63
#Subnet 3: 64-95
ifconfig eth0:3 192.168.55.65 netmask 255.255.255.224 broadcast 192.168.55.95
#Subnet 3: 96-127
ifconfig eth0:3 192.168.55.97 netmask 255.255.255.224 broadcast 192.168.55.127
### iptables POSTROUTING Rules ###
#SNAT: Subnet 1
iptables -t nat -A POSTROUTING -s 192.168.55.0/27 -d 0/0 -j SNAT --to 192.168.10.55
#SNAT: Subnet 2
iptables -t nat -A POSTROUTING -s 192.168.55.32/27 -d 0/0 -j SNAT --to 192.168.10.55
#SNAT: Subnet 3
iptables -t nat -A POSTROUTING -s 192.168.55.64/27 -d 0/0 -j SNAT --to 192.168.10.55
#SNAT: Subnet 4
iptables -t nat -A POSTROUTING -s 192.168.55.96/27 -d 0/0 -j SNAT --to 192.168.10.55
### iptables PREROUTING Rules ###
#Subnet 1: All HTTP traffic -> 208.233.32.23 (caprenter.smccme.edu)
iptables -t nat -A PREROUTING -s 192.168.55.0/27 -d 0/0 -p tcp --dport 80 -j DNAT --to 208.233.32.23
#Subnet 2: All HTTP traffic -> 208.233.32.29 (ctstudents.smccme.edu)
iptables -t nat -A PREROUTING -s 192.168.55.32/27 -d 0/0 -p tcp --dport 80 -j DNAT --to 208.233.32.29
#Subnet 3: All HTTP traffic -> 208.233.32.8 (ctech.smccme.edu)
iptables -t nat -A PREROUTING -s 192.168.55.64/27 -d 0/0 -p tcp --dport 80 -j DNAT --to 208.233.32.8
#Subnet 4: All HTTP traffic -> 208.233.32.203 (www.smccme.edu)
iptables -t nat -A PREROUTING -s 192.168.55.96/27 -d 0/0 -p tcp --dport 80 -j DNAT --to 208.233.32.203
My Documentation is not yet completed, but will be posted here once it's finished...
This course is still ongoing, so I still have a lot to learn, but I like it so far. It is the only course I have taken in the Computer Tech program that I had no prior experience with anything being taught. It is challenging, interesting, and has already given me a deeper understanding of how networks work.