Article directory
1. Familiar with the laboratory operating environment
1 - Login
Login account
You can log in to your personal account through the graphical interface and commands.
- Graphical interface: Current user
logout, switch users. If there is no user name among the alternative users, clicknot listedand then enter the user name and password to log in. - Command: Use
su your_usernamethe method, press Enter and enter the password to switch.
change Password
- Steps
Enter kpasswdthe command, then enter old password, and then press Enter and enter the same thing twice new passwordto change the password successfully.
- Experience
There are other commands to change passwords in Linux passwd.
The difference between Kpasswd and passwd:
- kpasswd is the password provided by Kerberos, and passwd is the Linux system password.
- Use passwd to change both the Linux password and the Kerberos password (depending on how the PAM module is configured), while kpasswd only changes the Kerberos password.
2 - Familiar with Linux environment
There are many commands provided to users in Linux, which can be roughly divided into the following categories. I have compiled a mind map, as follows.
In addition, you can also go to Novice Tutorial—Linux Command Encyclopedia to view more Linux commands!
3 - Remote login
Use the format
ssh username@ipto remotely log in to the host as username.
If you cannot connect using ssh, there are many possible reasons. The following are the possible reasons why I guess the IP corresponds to the host:
- No network (use
pingcommand to view) sshService is not running- ssh port (22) is not open
4 - Using Git
Git is a distributed version control tool used for agile and efficient project management and collaborative development. Below I will introduce Gitthe simple usage process.
.gitignoreThe file is used to define which files do not need to be handed over to Git management. The file name is fixed and cannot be modified.
2. Network delay
Total delay = sending delay + propagation delay + processing delay + queuing delay.
- <1> Sending delay
It is the time required for the host or router to send a data frame, that is, the time required from the first bit of the data frame to the last bit of the frame.发送时延 = 数据帧长度(b) / 信道带宽(b/s)
- <2> Propagation delay
It is the time it takes for electromagnetic waves to propagate a certain distance in the channel.传播时延 = 信道长度(m) / 电磁波在信道上的传播速率(m/s)
- <3> Processing delay
When a host or router receives a packet, it takes a certain amount of time to process it, such as analyzing the header of the packet, extracting the data part from the packet, making errors or finding appropriate routes, etc.
- <4> Queuing delay
When packets are transmitted through the network, they have to pass through many routers. But after the packet enters the router, it must be queued in the input queue and wait for processing. After the router determines the forwarding interface, it must be queued in the output queue to wait for forwarding.
D p r o p = ( 1000 ∗ 8 ) / ( 1 ∗ 1024 ∗ 1024 ) ≈ 0.0076 s = 7.6 m s D_{prop} = (1000*8) /( 1*1024*1024) \approx 0.0076s = 7.6ms Dprop=(1000∗8)/(1∗1024∗1024)≈0.0076s=7.6ms
D p r o c = 1 m s D_{proc} = 1ms Dproc=1ms
D q u e u e = 5 m s D_{queue} = 5ms Dqueue=5ms
D t r a n s = ( 2000 ∗ 1 0 3 ) / ( 2 ∗ 1 0 8 ) = 0.01 s = 10 m s D_{trans} = (2000*10^3)/(2*10^8) = 0.01s = 10ms Dtrans=(2000∗103)/(2∗108)=0 . 0 1 sec=10ms
D n o d a l = 2 ∗ ( D p r o p + D p r o c + D q u e u e + D t r a n s ) = 47.2 m s D_{nodal} = 2*(D_{prop}+D_{proc} +D_{queue}+D_{trans} )=47.2ms Dnodal=2∗(Dprop+Dproc+Dqueue+Dtrans)=47.2ms
3. Network applications
Web(C / S 模式):edge browser, Chrome browser
Chat software: QQ, Wechat
video software: Tencent Video, iQiYi
game: Honor of Kings
4. HTTP
- Yes.Response Time: Tue, 07 Mar 2008 12:39:45.
- Last-Modified: Sat, 10 Dec2005 18:27:46
- Accept-Bytes: 3874B
<!doc- Yes.According to the keyword Connection:Keep-Alive.
5. Network Port
HTTP:80
HTTPS: 443
SSH: 22
TELNET: 23
FTP: 21
DNS: 53
6.TCP Protocol
The main differences between GBN and SR
| the difference | GBN | SR |
|---|---|---|
| buffer | All out-of-order packets within the receiver window are discarded, so there is no need to have a buffer to store out-of-order packets within the receiver window. | To avoid retransmitting many unnecessary data packets, the receiving end needs to buffer out-of-order data packets. |
| implementation complexity | The GBN protocol adopts a cumulative confirmation method. Because the receiver receives packets in order, any packets that arrive in error will be discarded by the receiver. | The SR protocol avoids the GBN protocol retransmitting the correct data packets arriving at the receiver at the expense of simultaneously setting the sender window and the receiver window size to be the same. |
| network efficiency | When the product of window size and bandwidth latency is large, one packet in error may cause GBN to resend a large number of packets | Many packets in the correct order do not need to be retransmitted in this process. |
7. Laboratory system
1 - LDAP
LDAP (Lightweight Directory Access Protocol) is a communication protocol that defines how to access directory services [5].
The client TCP/IPconnects to the server via or other connection-oriented transport service and asks it; the server provides an answer or a pointer to a location (which can be another LDAP server) where the client can get more information.
2 - Kerberos
Kerberos is an identity authentication system based on encrypted tickets developed by MIT [6]. It mainly consists of three parts: KDC (Key Distribution Center), client and server. Among them, KDC includes three parts: database, authentication server (AS: Authentication Server) and ticket issuance server (TGS). :Ticket Granting Server).
3 - Ansible
Ansible is an efficient cluster management tool [7]. It adopts ssha mechanism that eliminates the need to install any special software on the controlled host. You only need to set up the control host to remotely configure and manage the controlled cluster. It is easy to use, powerful and easy to expand.
From my personal understanding, Ansible
rsyncis somewhat similar to a distribution tool and can distribute files between multiple clusters.
8. Linux operating environment and Nginx
1 - Install Ubuntu22.04.3LTS version
First, go to the Ubuntu official websiteiso and click Go to the Ubuntu official website to download the image file of this version .
Afterwards, use VMware to create a virtual machine using the image.
After the installation is successful, you need to pay attention to setting rootthe user's initial password and execute the following command:
sudo passwd
Enter the current user's password, then enter and confirm the new password.
2 - Install Nginx
Nginx 是是一个开源的,支持高性能、高并发的 Web 服务和代理服务软件。
In traditional web projects, the amount of concurrency is small and users use it less. So in the case of low concurrency, users can directly access the tomcat server, and then the tomcat server returns messages to the user.
nginx特点是占有内存少,并发能力强In fact, the concurrency capability of nginx does perform better among web servers of the same type. Users of nginx websites in mainland China include: Baidu, JD.com, Sina, NetEase, Tencent, Taobao, etc.
The following describes how to install NGINX in Ubuntu22.0.4.
- 1. Download nginx from the official website and upload it to Linux through XFTP
This is the official website of nginx. You can click here to download the nginx installation package: nginx official download address . After successful download, you will get such a compressed package.
Upload the compressed package to the /opt/software directory through xshell and XFTP:
- 2. Unzip
Execute the decompression command, decompress nginx to the /opt/module directory, and rename the file to nginx:
tar -xzvf nginx-1.20.2.tar.gz -C /opt/module/
- 3. Install the required software (gcc, openssl, etc.)
Because compiling nginx requires the use of the gcc compiler, we need to install gcc and some other related software. So what software is needed?
First we go to the directory where nginx was just decompressed:
cd /home/jhguo/opt/module/nginx-1.20.2/
We can then detect it with the following command:
./configure
Then install the following required dependencies:
sudo apt-get install gcc -y
sudo apt-get install libpcre3-dev -y
sudo apt-get install zlib1g zlib1g-dev -y
sudo apt-get install openssl libssl-dev -y
- 4.Install nginx
Enter the nginx installation directory and execute the compilation and installation commands
cd /opt/module/nginx
./configure # Check needed module again.
make
make install
At this point, our nginx is installed, 注意,安装成功后,我们的nginx并不是在解压后的目录,而是默认在 /usr/local/nginx 目录下and the next step is to start and stop the nginx server.
3 - Visit nginx default page
Enter the nginx directory:
cd /usr/local/nginx/
Start nginx:
sudo sbin/nginx
nginx默认端口是80,因此要将这个端口开放。
Visit IPto check whether nginx starts successfully.
Access successful on Windows!
Stop nginx:
sudo sbin/nginx -s stop
4 - Mount personal homepage
- 1. Upload the dist directory
Upload the personal homepage file index.html(written before writing the article) to a directory in the Linux system. Here I put it in the /home/jhguo/opt/files/network_app_sec/hw/hw1 directory:
- 2. Modify nginx configuration file nginx.conf
First, go to the conf directory under the nginx directory:
cd /usr/local/nginx/conf/
Edit the nginx.conf file and put the dist directory path after root:
sudo vim nginx.conf
因为监听 1024 以下的端口需要 root 权限,因此我后面将80改为了8080.
Start nginx:
sudo /usr/local/nginx/sbin/nginx
现在,我们就可以通过 主机ip+nginx端口访问我们的个人主页了!
