ISCSI server ( SAN ) port : 3260

ISCSI server ( SAN ) port : 3260

nternet small computer systme interface. The protocal allow clients [ initiator ] to send SCSI command to SCSI storage devices [ target ] on remote servers. It is storage area network protocol.
Disk partition is exported as LUN via fibre optic channel or iscsi channel.

for iscsi , LAN card required Gpxi support

eg.
4GB space of machine 192.168.122.10 ( target ) shared with 192.168.122.1 (initiator )

================================================================================================
configure the ISCSI server :

1> create partition to share
#cfdisk /dev/sda

2> #partx -a /dev/sda

3> install iscsi package
# yum install scsi-target-utils

4> vim /etc/tgt/target.conf
<target iqn.2015-01.com.skynet:server.target1 >   ------ [ iqn_name(iqn.date_of_creation.any_name):target_name ]
backing-store /dev/sda16
initiator-address 192.168.122.10 --client IP

</target>

:wq

5># service tgtd restart

6># chkconfig tgtd on

Recheck
# tgt-admin -s => show shared partition LUN

================================================================================================
client side settings.

1># yum install iscsi-initiator-utils

2># iscsiadm -m discovery -t st -p 192.168.122.10  => -m (mode), -t(Type), st(send target), -p (portal)
copy the IQN generated by this. iqn.2015-01.com.skynet:server.target1

3># iscsiadm -m node -T iqn.2015-01.com.skynet:server.target1 -p 192.168.122.10 -l  =====> l(login)

[ logs generated in #dmesg ]

Recheck using #fdisk -l

note : during this process new paration is attached as secondary HDD eg sdb

=================================================================================================
create partition on LUN

1> #cfdisk /dev/sdb

2> #partx -a /dev/sdb

3> #mkfs.ext4 /dev/sdb6

4> #mkdir /iscsi

5> #mount /dev/sdb6 /iscis

6> #vim /etc/fstab

/dev/sdb6 /iscsi ext4 defaults,_netdev 0 0

---> netdev ( call booting time network drive )

:wq

7> #mount -a

Recheck #df -hT

===============================================================================================

EXtra :

1> database path or configuration directory
# cd /var/lib/iscsi

2> show target block in configuration file
#tgt-admin --dump

3>initiator name
#vi /etc/iscsi/initiatorname.iscsi

4> Disconnect partition.
#iscsiadm -m node -T iqn.2015-01.com.skynet:server.target1 -p 192.168.122.10 -u ==> u{logout}

5> Delete partition from client machine.
#iscsiadm -m node -T iqn.2015-01.com.skynet:server.target1  -p 192.168.122.10 -o delete

Recheck
#iscsiadm -m node -T iqn.2015-01.com.skynet:server.target1 -p 192.168.122.10
result iscsiadm: No records found.

6> You can install OS on this partition if your LAN card support such technologies.

==============================================================================================







 

SAMBA server (139) [ linux - win/mac/linus sharing ]

SAMBA server (139) [ linux - win/mac/linus sharing ]

===============================================================================================

How to configure SAMBA server

1> yum install samba -y

2> create directory to share
#mkdir /software
#touch /software/nasa.txt

3> change SELinux directory type
#chcon -t samba_share_t /software -R

Recheck
#ls -Zd /software

4> create samba user
#useradd susan
#smbpasswd -a susan
enter password twice

5> #vim /etc/samba/smb.conf

workgroup=SMBGROUP => any name in capitabl

goto last line (shift + G)

[soft]  ====================> any share name
comment=windows software ===> any comment
path=/software
public=yes    ===============> yes/no as per requirement
writable=yes
printable=no
write list= +hr =============>allow only hr group

hosts allow=192.168.0 ========> network to allow access
browseable=yes
hosts deny =192.168.0.1 =======>deny access to IP

valid users=susan

:wq

6> #service smb restart

7> #chkconfig smb on

check configuration file syntax
#testparm

===============================================================================================

client side settings

Linux machine

1> command line
#yum install samba-client
#smbclient //192.168.0.130/soft -U susan => #smbclient //sambeserver_IP/share_name -U samba_user

enter password twice
smb:\>
quit to exit

2> graphical
-place -> connect to server
server type = window share
server = 192.168.0.130
folder = soft [ share name]
username = susan
domain name = SMBGROUP

-enter connect
-enter password

===============================================================================================
Extra
1> remove smb password
#smbpasswd -X susan

2> check connection
#smbstatus

3> samba tree
#smbtree
Or
#smbclient -L //192.168.0.130/soft -N
============================================================================================

client settings for windows machine
=> start -> Run -> \\192.168.0.130
=> enter username and password

==========================================================================================

windows to linux sharing
#smbclient -U kishor //192.168.0.10/d

==========================================================================================

 

NFS server [ linux to linux file sharing ] Port : 2049

3 type of storage
1> DAS ( Direct Attach Storage ) => HDD
2> NAS ( Network Attach Storage ) => NFS, Samba
3> SAN ( Storage Area Network ) => ISCSI, fibreoptic
=================================================


NFS server [ linux to linux file sharing ] Port : 2049
NFS allows a system to share direcotries and files with other machines over a network. By using this user and program can access files on remote system.

eg. share the direcotry /data [ 192.168.0.130] to 192.168.0.2
=================================================
Syntax of /etc/exports file

/path/directory   IP_address op1,op2

op1,2 => rw, ro, sync, async
=================================================
Export command option
#exportfs
a : export / unexport all directores
r : re-export all directories
u : unexport one/more directories
v : be verbose when exporting / unexporting
================================================

server side

1> #yum install nfs-utils

2> create directories to sharing
#mkdir /data
#cd /data
#touch file1 file2 file3

3>vim /etc/exports
/data 192.168.0.2 (rw,sync)

:wq

4>#service nfs restart

5>#chkconfig nfs on

6>re-export all the share content
#exportfs -arv

7>to check all the export data/list
#exportfs

8>to unexports all the sharing
#exportfs -au

=====================================================

client side

1> access shared directory
#cd /net/192.168.0.130 => #cd /net/serverIPaddress => it automatically mount during this command

#cd ls
#cd /data

OR
you can mount the shared directories where you want
#mount -t /nfs 192.168.0.130:/data  /mnt

========================================================

Extra

1> umount the directories
#umount -t nfs /mnt

2>umount all the shared directories
#umount -at nfs

3>permanant mounting
#vim /etc/fstab

192.168.0.130:/data     /mnt nfs defaults 0 0

:wq

#mount -a

Note : rechek using "#df -hT"

=======================================================

 

NTP server : Network time protocol Port : 123

NTP server : Network time protocol Port : 123

OR remote time server

NTP server is used to set same time on client machines. Manually it is not possible to configure same time on multiple machine.
=======================================================================================================
***** server configuration *******

1># yum install ntpdate

2># vim /etc/ntp.conf

Disable the line by putting hash mark "#"

#restrict -6 default kod nomodify notrap nopeer noquery  -----disable IPv6
#restrict -6 ::1

disable old default/redhat entry.
# server 0.rhel.pool.ntp.org
# server 1.rhel.pool.ntp.org
# server 2.rhel.pool.ntp.org

add new server entry.
server 192.168.122.10 ibrust ==========> parameter used to sync time fastly ibrust.
server 127.127.1.0

#keys /etc/ntp/keys -----------> disable key authentication.

:wq


3># /etc/init.d/ntpd restart

4># chkconfig ntpd on

5># iptables -F

6># service iptables save
 
******************client configuration.************************
1> # system-config-date

-> date and time tab
synchronize date and time over the network
-> delete existing old server entry and add new one
-> add button 192.168.122.10 press enter
-> OK
=> advance options
speed up initial synchronisation.
-> OK

[ It will take few moments to fetch time ]


2># /etc/init.d/ntpd restart

3># chkconfig ntpd on

Extra : you can recheck the available ntp connection

#ntpq -p

=======================================================================================================
 

FTP servers port no : 20/21

FTP servers port no : 20/21

the file transfer protocal (ftp) is used as one of the most common means of copying files between servers over the internet. Most of web based download sites use the built in FTP capabilites of web browsers.

Main function of ftp servers id download and upload files.

port no : 20 data send
        21 connection create

2 types of servers

1> local user having password : eg. alex with home directoy /home/alex

2> anonymous user not have any password and direcotry is /var/ftp

==================================================================================================

Required package : vsftpd ( very secure FTP )
conf dir : /etc/vsftpd
Home dir : /var/ftp
log : /var/log/xferlog
conif : /etc/vsftpd/vsftpd.conf
other : /etc/vsftpd/user_list
      /etc/vsftpd/ftpusers

==================================================================================================

configure FTP server :

1> #yum install vsftpd

2> #vim /etc/vsftpd/vsftpd.conf
By default it provide download permisson and login permission to all limited and anonymous users

anonymous_enable = Yes [ allow anonymous FTP ]

local_enable = Yes [ allow limited users ]

write_enable = Yes [ allow write /upload permission ]

anon_upload_enable = Yes [ enable anonymous upload By default off ]

anon_mkdir_write_enable = Yes [ anonymous user create directory by default off ]

dirmessage_enable = Yes 

[ it shows message once enter in pub directory. create ".message" file and put your message. create this file in pub directory ]

ftpd_banner = "welcome " [ show msg on login ]

:wq


3> #service vsftpd restart

4> #chkconfig vsftpd on

========================================================================

Client side

1> graphical access

ftp://192.168.122.10

2> command line access

#yum install ftp

#ftp 192.168.122.10
enter user name : ftp   [ anonymous user ]
enter password :       [ no password for anonymous user ]

ftp > ?   -------go to help
ftp > exit -------quit
ftp > cd download
ftp > get nasa.txt -----------------download file
ftp> mget file1 file2 file3 --------download multiple files
ftp> mget *  ------------------------download all files
ftp> put file1.txt --------------upload file
ftp> mput file1 file2 ------------upload multiple files

==========================================================================

Extra :

1>> selinux permission restrict while uploading file
#sestatus

#setenforce 0

#getsebool -a | grep ftp  [collect ftp boolean ]

#setsebool -P allow_ftpd_anon_write on

#setsebool -P ftp_home_dir on

Now try to upload file


upload using ftp affected by following SEsecurity
1> file base permission
2> SELinux

===========================================================================

2>> create chroot environment

1> #vim /etc/vsftpd/vsftpd.conf

chroot_local_user = YES
Or
List particular users

chroot_list_enable = YES
chroot_list_file = /etc/vsftpd/chroot_list

:wq

2> #vim /etc/vsftpd/chroot_list
alex

:wq

3> #service vsftpd restart

============================================================================

3>> advance options

Need to add these line manually in conf file

I > restrict FTP service to particular interface

listen_address = 192.168.0.10

II> hide gid/uids
hide_ids = YES

III> Disable dowload permission
download_enable = no

IV> define download speed
anon_max_rate = 1656116 [ byte ]
loacl_max_rate = 10000 [ byte ]

V> maxinum connection
max_clients = 1

VI> maximum connection per IP
max_per_ip = 1

VII> banner file
banner_file = /etc/vsftpd/ftp

[ you can ref manual for more option
#man vsftpd.conf

============================================================================