Linux Networking Cookbook 64
dinotrac writes "Somebody special is coming over for dinner. You're not a chef, but you can cook well enough to get by, so you grab your best cookbook and get to work. That's the idea behind O'Reilly's Linux Networking Cookbook, by Carla Schroder. Carla has gathered a group of networking recipes that a reasonably Linux-savvy reader can use to address network needs like a seasoned sysadmin. If you want to find out how to hook your Linux workstation to a LAN, get another book. If you are reasonably comfortable with Linux, need to set up an LDAP server, configure single sign-on with Samba for a mixed Linux/Windows LAN, set up a VPN, or troubleshoot network problems without some uppity online geek telling you to RTFM, this book may be what you're looking for." Read below for the rest of Dean's review.
One of the great strengths and weaknesses of Linux is that everything you could possibly need to know is already on your computer in the form of man pages, or out on the internet in newsgroups, forums, or a massive autumn's leaf-pile of how-tos. Finding what you need in a form that you can use is sometimes a bigger problem than the problem you're trying to solve.| Linux Networking Cookbook | |
| author | Carla Schroder |
| pages | 638 |
| publisher | O'Reilly |
| rating | 9 |
| reviewer | Dean R. Pannell |
| ISBN | 0596102488 |
| summary | The perfect tool when you need to be a network sysadmin but aren't |
The Linux Networking Cookbook improves on that situation in a couple of ways. First is the author herself. Carla is an experienced System Administrator and a good technical writer. She was one of the early Linuxchix, and has spent years mentoring and otherwise helping new and experienced Linux folk through their assorted dilemmas. The result is a friendly and direct, information-packed and ego-free writing style. Unlike the typical how-to that provides a list of steps that have worked for the author, Carla's discussions fill in the blanks and tell you why she takes the steps that she does.
The Cookbook is organized into an introduction followed by 18 chapters that are complete stand-alone solutions to specific problems.
The obligatory introduction is short and is not required by any of the solutions in the book, but it's worth reading. Its' eleven pages read quickly, but contain, among other things, a good explanation of the difference between bandwidth and latency and a decent overview of the whys and whens of linux-based computers as routers versus mid-range and high-end commercial routers.
Each chapter begins with an introduction of the overall topic, Routing with Linux, for example, followed by a series of short recipes organized as problem-solution-discussion. This format is convenient for diving right into work and takes advantage Carla's mentoring talents.
One problem facing any writer of Linux books is the sheer number of Linux distributions, many of which have their own distinct ways of doing things. The Linux Networking Cookbook provides solutions for both Debian and Fedora Linux. It's an excellent choice when you consider that most Linuxes derive from one of those two bases, including all of the *buntus, Knoppix, Mandriva, PCLinuxOS, CentOS, and many more. The recipes employ generic tools, which makes them easier to transport across distributions, even the SuSEs, which are based on neither Debian nor Red Hat.
For example, before obtaining The Cookbook, I needed to create a self-signed SSL certificate for a PostgreSQL server on an Ubuntu server. I'd done it a few times, but not enough to remember, so I went off to the net. The Ubuntu-themed How-To I found relied on a script called apache2-ssl-certificate. An apache script didn't bother me because I could move the pieces when I was done, or just break open the script and make it do what I wanted done. Ubuntu Feisty, however, had managed to leave the script out of the distribution, so I had to go back to the net to find an alternative approach.
Had I used The Cookboock, my task would have been simpler, though not quite as easy as it should be. Inexplicably for a book that includes network security and SSL-based VPNs, there is no entry for SSL Certificate in the index. A browse through the table of contents turns up a couple of recipes for Creating SSL-Keys for a Syslog-ng Server: one for Debian and one for Fedora. Fortunately, the Table of Contents is short and can be browsed completely in seconds, because those recipes are in the Troubleshooting Networks chapter, which is not intuitively obvious. They appear in that chapter because it contains the recipes for network monitoring, which includes installation of Syslog-ng.
The recipe itself is suitably generic, using the CA.sh script, which is part of openssl, and openssl itself to generate keys and certificates. A quick check of my Ubuntu servers, my Fedora VPS server, and my OpenSuSE workstation found CA.sh on all of them.
My OpenSuSE machine did throw one small curve:
CA.sh on my openSUSE box was located in /usr/lib/ssl/misc, as on the other boxes. However, the book tells us that CA.sh, and a moderately competent Linux user is likely to know that rpm -ql openssl will list all of the files in the openssl package or that rpm-ql openssl | grep CA.sh will spit out the location of the script.
Given the variety of Linux distributions, it is hard to imagine a better approach to take.
The Glossary of Networking Terms in Appendix B deserves special mention. Each term is explained in plain but precise language that goes beyond the cursory definitions so common in glossaries. For example, the explanation for WEP notes that it is very weak protection and urges the reader to use WPA/WPA2 instead.
Sometimes, the extra information can soften a definition's focus, but, overall, the glossary is an outstanding tool for anyone who doesn't spend his or her time knee-deep in subnet definitions, routers, and tcp dumps. The same is true of the book.
As is usual for O'Reilly, updates, errata, and scripts from the book are available on the web.
You can purchase Linux Networking Cookbook from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.
RPM knowledge (Score:3, Insightful)
Re: (Score:1, Insightful)
How annoying is it that every simple task/installation requires you to have to read an online documentation step by step. Other open source projects suffer this same problem. It shouldn't use obscure words to make the programmer sound smart. If it compiles, make a preserved word call
Re: (Score:2, Informative)
Uh, they do.
Look, if it makes you feel any better, Mr. Anonymous Cobol Programmer, you can type 'rpmquery --list openssl'
Re: (Score:1)
Try reading manpages sometime.
Sheesh.
Re: (Score:2)
"go to the next card"
"select the brush tool"
"drag from 5,5 to 10,10"
Those were the days...
Re: (Score:2)
The trouble is that computers have terrible telepathy and intuition - they have very black and white personalities. You have to tell them exactly what to do as they are too stupid to work it out for themselves.
What do you mean by "give"? List the filenames? List the filenames and paths? List the contents? Copy the files to you somehow?
What do you mean by "me"? The user account? The shell? The client computer you are on?
What do you mean b
Re: (Score:1)
Re: (Score:3, Insightful)
Linux is a moving target for competence. Different distributions do things differently and they are all constantly changing. A lot of times I know
Re: (Score:2)
If you are moderately competent, and much more on the lines of the book itself (since it seems it tries to be distribution-agnostic) you wouldn't query the RPM database when `find / -type f -name CA.sh -print`, while certainly slowerly, will find the file 100 times out of 100, no matter what
Re: (Score:2)
OK, we'll get off your lawn :P
Re: (Score:1)
Old fart who still uses -print, even though in every modern implementation it's implied now. :P
Yeah, it works, but on Linux using the package manager is always much quicker and, after all, that's what its there for. Your method is, however, portable to *BSD and other *nixes.
Convenience. Remembering all of the steps and switches to create a certificate can be difficult for someone (l
Re: (Score:2)
Yes. Firstly I wrote it without the "-print", but then, when I was previewing, I saw I said it would work on any unix-like system so I went for the safe side (I really don't know for sure if, say, HP-Ux or AIX will default to print or still do it the old way).
"Yeah, it works, but on Linux using the package manager is always much quicker"
Well, I explicitly said "find" would work surely but slowerly, so I fart a
To Serve Files (Score:4, Funny)
Re: (Score:2)
asshat...
Re: (Score:3, Funny)
Re: (Score:1)
Re: (Score:1)
Re: (Score:1)
"RTFM" (Score:1)
This whole article wreaks of preemptive RTFM snobbery.
Re: (Score:2)
Re: (Score:3, Informative)
Then it goes into using a Linux server for some other services, remote administration, VPNs, Samba and LDAP, Network Monitoring.
Finally it ends with with a chaptor on IPv6, Serial Console management, Linux Dial-Up servers and a chapter on t
Re: (Score:2)
But aren't you doing just that? (Score:5, Insightful)
In essence, you're doing just the 'uppity online geek' is telling you to do. TFM gives you the pieces and expects you to find out how to piece them together, while this just has the convenience of said commands and scripts already pieced together.
Re: (Score:2)
What CA.sh or a moderately competent Linux user kn (Score:5, Funny)
Re: (Score:1)
Re: (Score:1)
Re: (Score:2)
Find or locate have the advantage that they'll work even if the package you're looking for wasn't installed via the package manager. (Assuming you are savvy enough with find to prevent it from scavenging off down unnecessary NFS mounts, massive spool directories, and the like.)
Of course my Solaris years left "grep FOO
Re: (Score:1)
Re:What CA.sh knows (Score:1)
Re: (Score:2)
Re: (Score:1)
Re: (Score:2)
smbmount (Score:1, Offtopic)
I last tried this a few years back, but failed because you had to turn off signing for the DCs...kinda stops Linux being able to connect to valuable resources.
Linux as a data-store in a Windows network is pretty awesome though with samba + lvm once configured well.
Re:smbmount (Score:5, Funny)
I last tried this a few years back, but failed because you had to turn off signing for the DCs...kinda stops Linux being able to connect to valuable resources.
Linux as a data-store in a Windows network is pretty awesome though with samba + lvm once configured well.
Re:smbmount (Score:4, Informative)
Re: (Score:1)
The only problem is that you have to boot up your computers so that they grab the correct IP addresses via DHCP. Or you use static IP addresses to get around that.
Scheeze, I just want to connect a couple computers. It shouldn't be this difficult.
Re: (Score:2)
Re: (Score:2)
client use spnego = yes
in your smb.conf file. That at least works for linux clients on our Win2k3 domain.
"some uppity online geek" (Score:4, Funny)
Re: (Score:2)
It's really sad- because it is one of the things that is really holding Linux back. I've been using Linux as a server platform for over a decade, and have been using Desktop Linux for about t
Re: (Score:2)
Re:"some uppity online geek" (Score:5, Interesting)
I think that the only thing more frustrating than people asking repeatedly-answered questions is people who ask for help on an uncommon issue, then post a little later with, "Nevermind, I fixed it." Maybe if they included how they fixed it, they would save someone else from having to ask the same damned question.
Re: (Score:2)
"I am not your AI interface to the internet."
Re: (Score:2)
I am an uppity geek (Score:3, Funny)
...you insensitive clod.
Locating CA.sh (Score:1)
or, perhaps,
$ locate CA.sh
Re: (Score:1)
Another good one (Score:1)