ACC SHELL
<html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>Chapter 21. Basic Networking</title><link rel="stylesheet" href="susebooks.css" type="text/css"><meta name="generator" content="DocBook XSL Stylesheets V1.75.2"><link rel="home" href="index.html" title="Documentation"><link rel="up" href="part.reference.services.html" title="Part V. Services"><link rel="prev" href="part.reference.services.html" title="Part V. Services"><link rel="next" href="cha.slp.html" title="Chapter 22. SLP Services in the Network"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="navheader"><table width="100%" summary="Navigation header" border="0" class="bctable"><tr><td width="80%"><div class="breadcrumbs"><p><a href="index.html"> Documentation</a><span class="breadcrumbs-sep"> > </span><a href="book.opensuse.reference.html">Reference</a><span class="breadcrumbs-sep"> > </span><a href="part.reference.services.html">Services</a><span class="breadcrumbs-sep"> > </span><strong><a accesskey="p" title="Part V. Services" href="part.reference.services.html"><span>◀</span></a> <a accesskey="n" title="Chapter 22. SLP Services in the Network" href="cha.slp.html"><span>▶</span></a></strong></p></div></td></tr></table></div><div class="chapter" title="Chapter 21. Basic Networking"><div class="titlepage"><div><div><h2 class="title"><a name="cha.basicnet"></a>Chapter 21. Basic Networking<span class="permalink"><a alt="Permalink" title="Copy Permalink" href="#cha.basicnet">¶</a></span></h2></div></div></div><div class="toc"><p><b>Contents</b></p><dl><dt><span class="sect1"><a href="cha.basicnet.html#sec.basicnet.addresses">21.1. IP Addresses and Routing</a></span></dt><dt><span class="sect1"><a href="cha.basicnet.html#sec.basicnet.ipv6">21.2. IPv6—The Next Generation Internet</a></span></dt><dt><span class="sect1"><a href="cha.basicnet.html#sec.basicnet.nameres">21.3. Name Resolution</a></span></dt><dt><span class="sect1"><a href="cha.basicnet.html#sec.basicnet.yast">21.4. Configuring a Network Connection with YaST</a></span></dt><dt><span class="sect1"><a href="cha.basicnet.html#sec.basicnet.nm">21.5. NetworkManager</a></span></dt><dt><span class="sect1"><a href="cha.basicnet.html#sec.basicnet.manconf">21.6. Configuring a Network Connection Manually</a></span></dt><dt><span class="sect1"><a href="cha.basicnet.html#sec.smpppd">21.7. smpppd as Dial-up Assistant</a></span></dt></dl></div><a class="indexterm" name="id474463"></a><a class="indexterm" name="id474467"></a><div class="abstract" title="Abstract"><p class="title"><b>Abstract</b></p><p>
Linux offers the necessary networking tools and features for integration
into all types of network structures. Network access using a network
card, modem or other device can be configured with YaST. Manual
configuration is also possible. In this chapter only the fundamental
mechanisms and the relevant network configuration files are covered.
</p></div><a class="indexterm" name="id474486"></a><a class="indexterm" name="id474491"></a><p>
Linux and other Unix operating systems use the TCP/IP protocol. It is not
a single network protocol, but a family of network protocols that offer
various services. The protocols listed in
<a class="xref" href="cha.basicnet.html#tab.net.allg.tcpproto" title="Table 21.1. Several Protocols in the TCP/IP Protocol Family">Table 21.1, “Several Protocols in the TCP/IP Protocol Family”</a>, are provided for the purpose of
exchanging data between two machines via TCP/IP. Networks combined by
TCP/IP, comprising a worldwide network, are also referred to as <span class="quote">“<span class="quote">the
Internet.</span>”</span>
</p><p>
<a class="indexterm" name="id474518"></a> RFC stands for <span class="emphasis"><em>Request for Comments</em></span>.
RFCs are documents that describe various Internet protocols and
implementation procedures for the operating system and its applications.
The RFC documents describe the setup of Internet protocols. To expand your
knowledge of any of the protocols, refer to the appropriate RFC documents.
These are available at <a class="ulink" href="http://www.ietf.org/rfc.html" target="_top">http://www.ietf.org/rfc.html</a>.
</p><div class="table"><a name="tab.net.allg.tcpproto"></a><p class="title"><b>Table 21.1. Several Protocols in the TCP/IP Protocol Family</b><span class="permalink"><a alt="Permalink" title="Copy Permalink" href="#tab.net.allg.tcpproto">¶</a></span></p><div class="table-contents"><table summary="Several Protocols in the TCP/IP Protocol Family" border="1"><colgroup><col><col></colgroup><thead><tr><th>
<p>
Protocol
</p>
</th><th>
<p>
Description
</p>
</th></tr></thead><tbody><tr><td>
<p>
TCP <a class="indexterm" name="id474588"></a>
</p>
</td><td>
<p>
Transmission Control Protocol: a connection-oriented secure protocol.
The data to transmit is first sent by the application as a stream of
data and converted into the appropriate format by the operating
system. The data arrives at the respective application on the
destination host in the original data stream format it was initially
sent. TCP determines whether any data has been lost or jumbled during
the transmission. TCP is implemented wherever the data sequence
matters.
</p>
</td></tr><tr><td>
<p>
UDP <a class="indexterm" name="id474622"></a>
</p>
</td><td>
<p>
User Datagram Protocol: a connectionless, insecure protocol. The data
to transmit is sent in the form of packets generated by the
application. The order in which the data arrives at the recipient is
not guaranteed and data loss is possible. UDP is suitable for
record-oriented applications. It features a smaller latency period
than TCP.
</p>
</td></tr><tr><td>
<p>
ICMP <a class="indexterm" name="id474655"></a>
</p>
</td><td>
<p>
Internet Control Message Protocol: Essentially, this is not a
protocol for the end user, but a special control protocol that issues
error reports and can control the behavior of machines participating
in TCP/IP data transfer. In addition, it provides a special echo mode
that can be viewed using the program ping.
</p>
</td></tr><tr><td>
<p>
IGMP <a class="indexterm" name="id474688"></a>
</p>
</td><td>
<p>
Internet Group Management Protocol: This protocol controls machine
behavior when implementing IP multicast.
</p>
</td></tr></tbody></table></div></div><br class="table-break"><a class="indexterm" name="id474714"></a><p>
As shown in <a class="xref" href="cha.basicnet.html#fig.net.allg.OSI" title="Figure 21.1. Simplified Layer Model for TCP/IP">Figure 21.1, “Simplified Layer Model for TCP/IP”</a>, data exchange takes place
in different layers. The actual network layer is the insecure data
transfer via IP (Internet protocol). On top of IP, TCP (transmission
control protocol) guarantees, to a certain extent, security of the data
transfer. The IP layer is supported by the underlying hardware-dependent
protocol, such as ethernet.
</p><div class="figure"><a name="fig.net.allg.OSI"></a><p class="title"><b>Figure 21.1. Simplified Layer Model for TCP/IP</b><span class="permalink"><a alt="Permalink" title="Copy Permalink" href="#fig.net.allg.OSI">¶</a></span></p><div class="figure-contents"><div class="mediaobject"><table border="0" summary="manufactured viewport for HTML img" cellspacing="0" cellpadding="0" width="75%"><tr><td><img src="images/net_allg_OSI.png" width="100%" alt="Simplified Layer Model for TCP/IP"></td></tr></table></div></div></div><br class="figure-break"><p>
The diagram provides one or two examples for each layer. The layers are
ordered according to <span class="emphasis"><em>abstraction levels</em></span>. The lowest
layer is very close to the hardware. The uppermost layer, however, is
almost a complete abstraction from the hardware. Every layer has its own
special function. The special functions of each layer are mostly implicit
in their description. The data link and physical layers represent the
physical network used, such as ethernet.
</p><a class="indexterm" name="id474790"></a><p>
Almost all hardware protocols work on a packet-oriented basis. The data to
transmit is collected into <span class="emphasis"><em>packets</em></span> (it cannot be sent
all at once). The maximum size of a TCP/IP packet is approximately 64 KB.
Packets are normally quite smaller, as the network hardware can be a
limiting factor. The maximum size of a data packet on an ethernet is about
fifteen hundred bytes. The size of a TCP/IP packet is limited to this
amount when the data is sent over an ethernet. If more data is
transferred, more data packets need to be sent by the operating system.
</p><p>
For the layers to serve their designated functions, additional information
regarding each layer must be saved in the data packet. This takes place in
the <span class="emphasis"><em>header</em></span> of the packet. Every layer attaches a
small block of data, called the protocol header, to the front of each
emerging packet. A sample TCP/IP data packet traveling over an ethernet
cable is illustrated in <a class="xref" href="cha.basicnet.html#fig.net.allg.TCPPaket" title="Figure 21.2. TCP/IP Ethernet Packet">Figure 21.2, “TCP/IP Ethernet Packet”</a>. The proof
sum is located at the end of the packet, not at the beginning. This
simplifies things for the network hardware. <a class="indexterm" name="id474826"></a>
</p><div class="figure"><a name="fig.net.allg.TCPPaket"></a><p class="title"><b>Figure 21.2. TCP/IP Ethernet Packet</b><span class="permalink"><a alt="Permalink" title="Copy Permalink" href="#fig.net.allg.TCPPaket">¶</a></span></p><div class="figure-contents"><div class="mediaobject"><table border="0" summary="manufactured viewport for HTML img" cellspacing="0" cellpadding="0" width="75%"><tr><td><img src="images/net_allg_TCPPaket.png" width="100%" alt="TCP/IP Ethernet Packet"></td></tr></table></div></div></div><br class="figure-break"><p>
When an application sends data over the network, the data passes through
each layer, all implemented in the Linux kernel except the physical layer.
Each layer is responsible for preparing the data so it can be passed to
the next layer. The lowest layer is ultimately responsible for sending the
data. The entire procedure is reversed when data is received. Like the
layers of an onion, in each layer the protocol headers are removed from
the transported data. Finally, the transport layer is responsible for
making the data available for use by the applications at the destination.
In this manner, one layer only communicates with the layer directly above
or below it. For applications, it is irrelevant whether data is
transmitted via a 100 Mbit/s FDDI network or via a 56-Kbit/s modem line.
Likewise, it is irrelevant for the data line which kind of data is
transmitted, as long as packets are in the correct format.
</p><div class="sect1" title="21.1. IP Addresses and Routing"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="sec.basicnet.addresses"></a>21.1. IP Addresses and Routing<span class="permalink"><a alt="Permalink" title="Copy Permalink" href="#sec.basicnet.addresses">¶</a></span></h2></div></div></div><a class="indexterm" name="id474904"></a><a class="indexterm" name="id474909"></a><a class="indexterm" name="id474917"></a><p>
The discussion in this section is limited to IPv4 networks. For
information about IPv6 protocol, the successor to IPv4, refer to
<a class="xref" href="cha.basicnet.html#sec.basicnet.ipv6" title="21.2. IPv6—The Next Generation Internet">Section 21.2, “IPv6—The Next Generation Internet”</a>.
</p><div class="sect2" title="21.1.1. IP Addresses"><div class="titlepage"><div><div><h3 class="title"><a name="sec.basicnet.addresses.ip"></a>21.1.1. IP Addresses<span class="permalink"><a alt="Permalink" title="Copy Permalink" href="#sec.basicnet.addresses.ip">¶</a></span></h3></div></div></div><p>
Every computer on the Internet has a unique 32-bit address. These 32
bits (or 4 bytes) are normally written as illustrated in the second row
in <a class="xref" href="cha.basicnet.html#aus.net.allg.ipaddress" title="Example 21.1. Writing IP Addresses">Example 21.1, “Writing IP Addresses”</a>.
</p><div class="example"><a name="aus.net.allg.ipaddress"></a><p class="title"><b>Example 21.1. Writing IP Addresses</b><span class="permalink"><a alt="Permalink" title="Copy Permalink" href="#aus.net.allg.ipaddress">¶</a></span></p><div class="example-contents"><pre class="screen">IP Address (binary): 11000000 10101000 00000000 00010100
IP Address (decimal): 192. 168. 0. 20</pre></div></div><br class="example-break"><p>
In decimal form, the four bytes are written in the decimal number
system, separated by periods. The IP address is assigned to a host or a
network interface. It can be used only once throughout the world. There
are exceptions to this rule, but these are not relevant to the following
passages.
</p><a class="indexterm" name="id474973"></a><p>
The points in IP addresses indicate the hierarchical system. Until the
1990s, IP addresses were strictly categorized in classes. However, this
system proved too inflexible and was discontinued. Now,
<span class="emphasis"><em>classless routing</em></span> (CIDR, classless interdomain
routing) is used.
</p></div><div class="sect2" title="21.1.2. Netmasks and Routing"><div class="titlepage"><div><div><h3 class="title"><a name="sec.basicnet.addresses.route"></a>21.1.2. Netmasks and Routing<span class="permalink"><a alt="Permalink" title="Copy Permalink" href="#sec.basicnet.addresses.route">¶</a></span></h3></div></div></div><a class="indexterm" name="id475002"></a><a class="indexterm" name="id475011"></a><a class="indexterm" name="id475019"></a><p>
Netmasks are used to define the address range of a subnetwork. If two
hosts are in the same subnetwork, they can reach each other directly. If
they are not in the same subnetwork, they need the address of a gateway
that handles all the traffic for the subnetwork. To check if two IP
addresses are in the same subnet, simply <span class="quote">“<span class="quote">AND</span>”</span> both
addresses with the netmask. If the result is identical, both IP
addresses are in the same local network. If there are differences, the
remote IP address, and thus the remote interface, can only be reached
over a gateway.
</p><p>
To understand how the netmask works, look at
<a class="xref" href="cha.basicnet.html#tab.net.allg.netmask" title="Example 21.2. Linking IP Addresses to the Netmask">Example 21.2, “Linking IP Addresses to the Netmask”</a>. The netmask consists of 32
bits that identify how much of an IP address belongs to the network. All
those bits that are <code class="literal">1</code> mark the corresponding bit in
the IP address as belonging to the network. All bits that are
<code class="literal">0</code> mark bits inside the subnetwork. This means that
the more bits are <code class="literal">1</code>, the smaller the subnetwork is.
Because the netmask always consists of several successive
<code class="literal">1</code> bits, it is also possible to just count the number
of bits in the netmask. In <a class="xref" href="cha.basicnet.html#tab.net.allg.netmask" title="Example 21.2. Linking IP Addresses to the Netmask">Example 21.2, “Linking IP Addresses to the Netmask”</a> the
first net with 24 bits could also be written as
<code class="literal">192.168.0.0/24</code>.
</p><div class="example"><a name="tab.net.allg.netmask"></a><p class="title"><b>Example 21.2. Linking IP Addresses to the Netmask</b><span class="permalink"><a alt="Permalink" title="Copy Permalink" href="#tab.net.allg.netmask">¶</a></span></p><div class="example-contents"><pre class="screen">
IP address (192.168.0.20): 11000000 10101000 00000000 00010100
Netmask (255.255.255.0): 11111111 11111111 11111111 00000000
---------------------------------------------------------------
Result of the link: 11000000 10101000 00000000 00000000
In the decimal system: 192. 168. 0. 0
IP address (213.95.15.200): 11010101 10111111 00001111 11001000
Netmask (255.255.255.0): 11111111 11111111 11111111 00000000
---------------------------------------------------------------
Result of the link: 11010101 10111111 00001111 00000000
In the decimal system: 213. 95. 15. 0</pre></div></div><br class="example-break"><p>
To give another example: all machines connected with the same ethernet
cable are usually located in the same subnetwork and are directly
accessible. Even when the subnet is physically divided by switches or
bridges, these hosts can still be reached directly.
</p><p>
IP addresses outside the local subnet can only be reached if a gateway
is configured for the target network. In the most common case, there is
only one gateway that handles all traffic that is external. However, it
is also possible to configure several gateways for different subnets.
</p><p>
If a gateway has been configured, all external IP packets are sent to
the appropriate gateway. This gateway then attempts to forward the
packets in the same manner—from host to host—until it
reaches the destination host or the packet's TTL (time to live) expires.
</p><div class="table"><a name="net.allg.spezial.net"></a><p class="title"><b>Table 21.2. Specific Addresses</b><span class="permalink"><a alt="Permalink" title="Copy Permalink" href="#net.allg.spezial.net">¶</a></span></p><div class="table-contents"><table summary="Specific Addresses" border="1"><colgroup><col><col></colgroup><thead><tr><th>
<p>
Address Type
</p>
</th><th>
<p>
Description
</p>
</th></tr></thead><tbody><tr><td>
<p>
Base Network Address <a class="indexterm" name="id475162"></a>
</p>
</td><td>
<p>
This is the netmask AND any address in the network, as shown in
<a class="xref" href="cha.basicnet.html#tab.net.allg.netmask" title="Example 21.2. Linking IP Addresses to the Netmask">Example 21.2, “Linking IP Addresses to the Netmask”</a> under
<code class="literal">Result</code>. This address cannot be assigned to any
hosts.
</p>
</td></tr><tr><td>
<p>
Broadcast Address <a class="indexterm" name="id475201"></a>
</p>
</td><td>
<p>
This basically says, <span class="quote">“<span class="quote">Access all hosts in this
subnetwork.</span>”</span> To generate this, the netmask is inverted in
binary form and linked to the base network address with a logical
OR. The above example therefore results in 192.168.0.255. This
address cannot be assigned to any hosts.
</p>
</td></tr><tr><td>
<p>
Local Host <a class="indexterm" name="id475237"></a>
</p>
</td><td>
<p>
The address <code class="systemitem">127.0.0.1</code> is
assigned to the <span class="quote">“<span class="quote">loopback device</span>”</span> on each host. A
connection can be set up to your own machine with this address and
with all addresses from the complete
<code class="systemitem">127.0.0.0/8</code>
loopback network as defined with IPv4. With IPv6 there is just one
loopback address (<code class="systemitem">::1</code>).
</p>
</td></tr></tbody></table></div></div><br class="table-break"><p>
Because IP addresses must be unique all over the world, you cannot just
select random addresses. There are three address domains to use if you
want to set up a private IP-based network. These cannot get any
connection from the rest of the Internet, because they cannot be
transmitted over the Internet. These address domains are specified in
RFC 1597 and listed in <a class="xref" href="cha.basicnet.html#tab.net.allg.privat.net" title="Table 21.3. Private IP Address Domains">Table 21.3, “Private IP Address Domains”</a>.
<a class="indexterm" name="id475297"></a>
</p><div class="table"><a name="tab.net.allg.privat.net"></a><p class="title"><b>Table 21.3. Private IP Address Domains</b><span class="permalink"><a alt="Permalink" title="Copy Permalink" href="#tab.net.allg.privat.net">¶</a></span></p><div class="table-contents"><table summary="Private IP Address Domains" border="1"><colgroup><col><col></colgroup><thead><tr><th>
<p>
Network/Netmask
</p>
</th><th>
<p>
Domain
</p>
</th></tr></thead><tbody><tr><td>
<p>
<code class="systemitem">10.0.0.0</code>/<code class="systemitem">255.0.0.0</code>
</p>
</td><td>
<p>
<code class="systemitem">10.x.x.x</code>
</p>
</td></tr><tr><td>
<p>
<code class="systemitem">172.16.0.0</code>/<code class="systemitem">255.240.0.0</code>
</p>
</td><td>
<p>
<code class="systemitem">172.16.x.x</code> –
<code class="systemitem">172.31.x.x</code>
</p>
</td></tr><tr><td>
<p>
<code class="systemitem">192.168.0.0</code>/<code class="systemitem">255.255.0.0</code>
</p>
</td><td>
<p>
<code class="systemitem">192.168.x.x</code>
</p>
</td></tr></tbody></table></div></div><br class="table-break"></div></div><div class="sect1" title="21.2. IPv6—The Next Generation Internet"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="sec.basicnet.ipv6"></a>21.2. IPv6—The Next Generation Internet<span class="permalink"><a alt="Permalink" title="Copy Permalink" href="#sec.basicnet.ipv6">¶</a></span></h2></div></div></div><a class="indexterm" name="id475481"></a><a class="indexterm" name="id475489"></a><p>
Due to the emergence of the WWW (World Wide Web), the Internet has
experienced explosive growth, with an increasing number of computers
communicating via TCP/IP in the past fifteen years. Since Tim Berners-Lee
at CERN (<a class="ulink" href="http://public.web.cern.ch" target="_top">http://public.web.cern.ch</a>) invented the WWW in
1990, the number of Internet hosts has grown from a few thousand to about
a hundred million.
</p><p>
As mentioned, an IPv4 address consists of only 32 bits. Also, quite a few
IP addresses are lost—they cannot be used due to the way in which
networks are organized. The number of addresses available in your subnet
is two to the power of the number of bits, minus two. A subnetwork has,
for example, 2, 6, or 14 addresses available. To connect 128 hosts to the
Internet, for example, you need a subnetwork with 256 IP addresses, from
which only 254 are usable, because two IP addresses are needed for the
structure of the subnetwork itself: the broadcast and the base network
address.
</p><p>
Under the current IPv4 protocol, DHCP or NAT (network address
translation) are the typical mechanisms used to circumvent the potential
address shortage. Combined with the convention to keep private and public
address spaces separate, these methods can certainly mitigate the
shortage. The problem with them lies in their configuration, which is a
chore to set up and a burden to maintain. To set up a host in an IPv4
network, you need a number of address items, such as the host's own IP
address, the subnetmask, the gateway address and maybe a name server
address. All these items need to be known and cannot be derived from
somewhere else.
</p><p>
With IPv6, both the address shortage and the complicated configuration
should be a thing of the past. The following sections tell more about the
improvements and benefits brought by IPv6 and about the transition from
the old protocol to the new one.
</p><div class="sect2" title="21.2.1. Advantages"><div class="titlepage"><div><div><h3 class="title"><a name="sec.basicnet.ipv6.adv"></a>21.2.1. Advantages<span class="permalink"><a alt="Permalink" title="Copy Permalink" href="#sec.basicnet.ipv6.adv">¶</a></span></h3></div></div></div><p>
The most important and most visible improvement brought by the new
protocol is the enormous expansion of the available address space. An
IPv6 address is made up of 128 bit values instead of the traditional 32
bits. This provides for as many as several quadrillion IP addresses.
</p><p>
However, IPv6 addresses are not only different from their predecessors
with regard to their length. They also have a different internal
structure that may contain more specific information about the systems
and the networks to which they belong. More details about this are found
in <a class="xref" href="cha.basicnet.html#sec.basicnet.ipv6.address" title="21.2.2. Address Types and Structure">Section 21.2.2, “Address Types and Structure”</a>.
</p><p>
The following is a list of some other advantages of the new protocol:
</p><div class="variablelist"><dl><dt><span class="term">Autoconfiguration</span></dt><dd><p>
IPv6 makes the network <span class="quote">“<span class="quote">plug and play</span>”</span> capable, which
means that a newly set up system integrates into the (local) network
without any manual configuration. The new host uses its automatic
configuration mechanism to derive its own address from the
information made available by the neighboring routers, relying on a
protocol called the <span class="emphasis"><em>neighbor discovery</em></span> (ND)
protocol. This method does not require any intervention on the
administrator's part and there is no need to maintain a central
server for address allocation—an additional advantage over
IPv4, where automatic address allocation requires a DHCP server or
the usage of ARP and 169.254.0.0/16 addresses.
</p><p>
Nevertheless if a router is connected to a switch, the router should
send periodic advertisements with flags telling the hosts of a network
how they should interact with each other. For more information, see
RFC 2462 and the <code class="systemitem">radvd.conf(5)</code> manpage, and
RFC 3315.
</p></dd><dt><span class="term">Mobility</span></dt><dd><p>
IPv6 makes it possible to assign several addresses to one network
interface at the same time. This allows users to access several
networks easily, something that could be compared with the
international roaming services offered by mobile phone companies:
when you take your mobile phone abroad, the phone automatically logs
in to a foreign service as soon as it enters the corresponding area,
so you can be reached under the same number everywhere and are able
to place an outgoing call just like in your home area.
</p></dd><dt><span class="term">Secure Communication</span></dt><dd><p>
With IPv4, network security is an add-on function. IPv6 includes
IPsec as one of its core features, allowing systems to communicate
over a secure tunnel to avoid eavesdropping by outsiders on the
Internet.
</p></dd><dt><span class="term">Backward Compatibility</span></dt><dd><p>
Realistically, it would be impossible to switch the entire Internet
from IPv4 to IPv6 at one time. Therefore, it is crucial that both
protocols are able to coexist not only on the Internet, but also on
one system. This is ensured by compatible addresses (IPv4 addresses
can easily be translated into IPv6 addresses) and through the use of
a number of tunnels. See <a class="xref" href="cha.basicnet.html#sec.basicnet.ipv6.coexist" title="21.2.3. Coexistence of IPv4 and IPv6">Section 21.2.3, “Coexistence of IPv4 and IPv6”</a>.
Also, systems can rely on a <span class="emphasis"><em>dual stack IP</em></span>
technique to support both protocols at the same time, meaning that
they have two network stacks that are completely separate, such that
there is no interference between the two protocol versions.
</p></dd><dt><span class="term">Custom Tailored Services through Multicasting</span></dt><dd><p>
With IPv4, some services, such as SMB, need to broadcast their
packets to all hosts in the local network. IPv6 allows a much more
fine-grained approach by enabling servers to address hosts through
<span class="emphasis"><em>multicasting</em></span>—by addressing a number of
hosts as parts of a group (which is different from addressing all
hosts through <span class="emphasis"><em>broadcasting</em></span> or each host
individually through <span class="emphasis"><em>unicasting</em></span>). Which hosts
are addressed as a group may depend on the concrete application.
There are some predefined groups to address all name servers (the
<span class="emphasis"><em>all name servers multicast group</em></span>), for example,
or all routers (the <span class="emphasis"><em>all routers multicast
group</em></span>).
</p></dd></dl></div></div><div class="sect2" title="21.2.2. Address Types and Structure"><div class="titlepage"><div><div><h3 class="title"><a name="sec.basicnet.ipv6.address"></a>21.2.2. Address Types and Structure<span class="permalink"><a alt="Permalink" title="Copy Permalink" href="#sec.basicnet.ipv6.address">¶</a></span></h3></div></div></div><p>
As mentioned, the current IP protocol is lacking in two important
aspects: there is an increasing shortage of IP addresses and configuring
the network and maintaining the routing tables is becoming a more
complex and burdensome task. IPv6 solves the first problem by expanding
the address space to 128 bits. The second one is countered by
introducing a hierarchical address structure, combined with
sophisticated techniques to allocate network addresses, as well as
<span class="emphasis"><em>multihoming</em></span> (the ability to assign several
addresses to one device, giving access to several networks).
</p><p>
When dealing with IPv6, it is useful to know about three different types
of addresses:
</p><div class="variablelist"><dl><dt><span class="term">Unicast</span></dt><dd><p>
Addresses of this type are associated with exactly one network
interface. Packets with such an address are delivered to only one
destination. Accordingly, unicast addresses are used to transfer
packets to individual hosts on the local network or the Internet.
</p></dd><dt><span class="term">Multicast</span></dt><dd><p>
Addresses of this type relate to a group of network interfaces.
Packets with such an address are delivered to all destinations that
belong to the group. Multicast addresses are mainly used by certain
network services to communicate with certain groups of hosts in a
well-directed manner.
</p></dd><dt><span class="term">Anycast</span></dt><dd><p>
Addresses of this type are related to a group of interfaces. Packets
with such an address are delivered to the member of the group that is
closest to the sender, according to the principles of the underlying
routing protocol. Anycast addresses are used to make it easier for
hosts to find out about servers offering certain services in the
given network area. All servers of the same type have the same
anycast address. Whenever a host requests a service, it receives a
reply from the server with the closest location, as determined by the
routing protocol. If this server should fail for some reason, the
protocol automatically selects the second closest server, then the
third one, and so forth.
</p></dd></dl></div><p>
An IPv6 address is made up of eight four-digit fields, each representing
16 bits, written in hexadecimal notation. They are separated by colons
(<code class="literal">:</code>). Any leading zero bytes within a given field may
be dropped, but zeros within the field or at its end may not. Another
convention is that more than four consecutive zero bytes may be
collapsed into a double colon. However, only one such
<code class="literal">::</code> is allowed per address. This kind of shorthand
notation is shown in <a class="xref" href="cha.basicnet.html#aus.netz.ipv6.add" title="Example 21.3. Sample IPv6 Address">Example 21.3, “Sample IPv6 Address”</a>, where all
three lines represent the same address.
</p><div class="example"><a name="aus.netz.ipv6.add"></a><p class="title"><b>Example 21.3. Sample IPv6 Address</b><span class="permalink"><a alt="Permalink" title="Copy Permalink" href="#aus.netz.ipv6.add">¶</a></span></p><div class="example-contents"><pre class="screen">fe80 : 0000 : 0000 : 0000 : 0000 : 10 : 1000 : 1a4
fe80 : 0 : 0 : 0 : 0 : 10 : 1000 : 1a4
fe80 : : 10 : 1000 : 1a4</pre></div></div><br class="example-break"><p>
Each part of an IPv6 address has a defined function. The first bytes
form the prefix and specify the type of address. The center part is the
network portion of the address, but it may be unused. The end of the
address forms the host part. With IPv6, the netmask is defined by
indicating the length of the prefix after a slash at the end of the
address. An address, as shown in <a class="xref" href="cha.basicnet.html#aus.netz.ipv6.addpre" title="Example 21.4. IPv6 Address Specifying the Prefix Length">Example 21.4, “IPv6 Address Specifying the Prefix Length”</a>,
contains the information that the first 64 bits form the network part of
the address and the last 64 form its host part. In other words, the
<code class="literal">64</code> means that the netmask is filled with 64 1-bit
values from the left. Just like with IPv4, the IP address is combined
with AND with the values from the netmask to determine whether the host
is located in the same subnetwork or in another one.
</p><div class="example"><a name="aus.netz.ipv6.addpre"></a><p class="title"><b>Example 21.4. IPv6 Address Specifying the Prefix Length</b><span class="permalink"><a alt="Permalink" title="Copy Permalink" href="#aus.netz.ipv6.addpre">¶</a></span></p><div class="example-contents"><pre class="screen">fe80::10:1000:1a4/64</pre></div></div><br class="example-break"><p>
IPv6 knows about several predefined types of prefixes. Some of these are
shown in <a class="xref" href="cha.basicnet.html#tab.net.allg.ipv6.prefix" title="Table 21.4. Various IPv6 Prefixes">Table 21.4, “Various IPv6 Prefixes”</a>.
</p><div class="table"><a name="tab.net.allg.ipv6.prefix"></a><p class="title"><b>Table 21.4. Various IPv6 Prefixes</b><span class="permalink"><a alt="Permalink" title="Copy Permalink" href="#tab.net.allg.ipv6.prefix">¶</a></span></p><div class="table-contents"><table summary="Various IPv6 Prefixes" border="1"><colgroup><col><col></colgroup><thead><tr><th>
<p>
Prefix (hex)
</p>
</th><th>
<p>
Definition
</p>
</th></tr></thead><tbody><tr><td>
<p>
<code class="systemitem">00</code>
</p>
</td><td>
<p>
IPv4 addresses and IPv4 over IPv6 compatibility addresses. These
are used to maintain compatibility with IPv4. Their use still
requires a router able to translate IPv6 packets into IPv4 packets.
Several special addresses, such as the one for the loopback device,
have this prefix as well.
</p>
</td></tr><tr><td>
<p>
<code class="systemitem">2</code> or
<code class="systemitem">3</code> as the
first digit
</p>
</td><td>
<p>
Aggregatable global unicast addresses. As is the case with IPv4, an
interface can be assigned to form part of a certain subnetwork.
Currently, there are the following address spaces:
<code class="systemitem">2001::/16</code> (production
quality address space) and
<code class="systemitem">2002::/16</code> (6to4 address
space).
</p>
</td></tr><tr><td>
<p>
<code class="systemitem">fe80::/10</code>
</p>
</td><td>
<p>
Link-local addresses. Addresses with this prefix should not be
routed and should therefore only be reachable from within the same
subnetwork.
</p>
</td></tr><tr><td>
<p>
<code class="systemitem">fec0::/10</code>
</p>
</td><td>
<p>
Site-local addresses. These may be routed, but only within the
network of the organization to which they belong. In effect, they
are the IPv6 equivalent of the current private network address
space, such as <code class="systemitem">10.x.x.x</code>.
</p>
</td></tr><tr><td>
<p>
<code class="systemitem">ff</code>
</p>
</td><td>
<p>
These are multicast addresses.
</p>
</td></tr></tbody></table></div></div><br class="table-break"><p>
A unicast address consists of three basic components:
</p><div class="variablelist"><dl><dt><span class="term">Public Topology</span></dt><dd><p>
The first part (which also contains one of the prefixes mentioned
above) is used to route packets through the public Internet. It
includes information about the company or institution that provides
the Internet access.
</p></dd><dt><span class="term">Site Topology</span></dt><dd><p>
The second part contains routing information about the subnetwork to
which to deliver the packet.
</p></dd><dt><span class="term">Interface ID</span></dt><dd><p>
The third part identifies the interface to which to deliver the
packet. This also allows for the MAC to form part of the address.
Given that the MAC is a globally unique, fixed identifier coded into
the device by the hardware maker, the configuration procedure is
substantially simplified. In fact, the first 64 address bits are
consolidated to form the <code class="literal">EUI-64</code> token, with the
last 48 bits taken from the MAC, and the remaining 24 bits containing
special information about the token type. This also makes it possible
to assign an <code class="literal">EUI-64</code> token to interfaces that do
not have a MAC, such as those based on PPP or ISDN.
</p></dd></dl></div><p>
On top of this basic structure, IPv6 distinguishes between five
different types of unicast addresses:
</p><div class="variablelist"><dl><dt><span class="term"><code class="systemitem">::</code> (unspecified) </span></dt><dd><p>
This address is used by the host as its source address when the
interface is initialized for the first time—when the address
cannot yet be determined by other means.
</p></dd><dt><span class="term"><code class="systemitem">::1</code> (loopback) </span></dt><dd><p>
The address of the loopback device.
</p></dd><dt><span class="term">IPv4 Compatible Addresses</span></dt><dd><p>
The IPv6 address is formed by the IPv4 address and a prefix
consisting of 96 zero bits. This type of compatibility address is
used for tunneling (see
<a class="xref" href="cha.basicnet.html#sec.basicnet.ipv6.coexist" title="21.2.3. Coexistence of IPv4 and IPv6">Section 21.2.3, “Coexistence of IPv4 and IPv6”</a>) to allow IPv4
and IPv6 hosts to communicate with others operating in a pure IPv4
environment.
</p></dd><dt><span class="term">IPv4 Addresses Mapped to IPv6</span></dt><dd><p>
This type of address specifies a pure IPv4 address in IPv6 notation.
</p></dd><dt><span class="term">Local Addresses</span></dt><dd><p>
There are two address types for local use:
</p><div class="variablelist"><dl><dt><span class="term">link-local</span></dt><dd><p>
This type of address can only be used in the local subnetwork.
Packets with a source or target address of this type should not be
routed to the Internet or other subnetworks. These addresses
contain a special prefix
(<code class="systemitem">fe80::/10</code>)
and the interface ID of the network card, with the middle part
consisting of zero bytes. Addresses of this type are used during
automatic configuration to communicate with other hosts belonging
to the same subnetwork.
</p></dd><dt><span class="term">site-local</span></dt><dd><p>
Packets with this type of address may be routed to other
subnetworks, but not to the wider Internet—they must remain
inside the organization's own network. Such addresses are used for
intranets and are an equivalent of the private address space
defined by IPv4. They contain a special prefix
(<code class="systemitem">fec0::/10</code>),
the interface ID, and a 16 bit field specifying the subnetwork ID.
Again, the rest is filled with zero bytes.
</p></dd></dl></div></dd></dl></div><p>
As a completely new feature introduced with IPv6, each network interface
normally gets several IP addresses, with the advantage that several
networks can be accessed through the same interface. One of these
networks can be configured completely automatically using the MAC and a
known prefix with the result that all hosts on the local network can be
reached as soon as IPv6 is enabled (using the link-local address). With
the MAC forming part of it, any IP address used in the world is unique.
The only variable parts of the address are those specifying the
<span class="emphasis"><em>site topology</em></span> and the <span class="emphasis"><em>public
topology</em></span>, depending on the actual network in which the host
is currently operating.
</p><p>
For a host to go back and forth between different networks, it needs at
least two addresses. One of them, the <span class="emphasis"><em>home address</em></span>,
not only contains the interface ID but also an identifier of the home
network to which it normally belongs (and the corresponding prefix). The
home address is a static address and, as such, it does not normally
change. Still, all packets destined to the mobile host can be delivered
to it, regardless of whether it operates in the home network or
somewhere outside. This is made possible by the completely new features
introduced with IPv6, such as <span class="emphasis"><em>stateless
autoconfiguration</em></span> and <span class="emphasis"><em>neighbor
discovery</em></span>. In addition to its home address, a mobile host
gets one or more additional addresses that belong to the foreign
networks where it is roaming. These are called
<span class="emphasis"><em>care-of</em></span> addresses. The home network has a facility
that forwards any packets destined to the host when it is roaming
outside. In an IPv6 environment, this task is performed by the
<span class="emphasis"><em>home agent</em></span>, which takes all packets destined to the
home address and relays them through a tunnel. On the other hand, those
packets destined to the care-of address are directly transferred to the
mobile host without any special detours.
</p></div><div class="sect2" title="21.2.3. Coexistence of IPv4 and IPv6"><div class="titlepage"><div><div><h3 class="title"><a name="sec.basicnet.ipv6.coexist"></a>21.2.3. Coexistence of IPv4 and IPv6<span class="permalink"><a alt="Permalink" title="Copy Permalink" href="#sec.basicnet.ipv6.coexist">¶</a></span></h3></div></div></div><p>
The migration of all hosts connected to the Internet from IPv4 to IPv6
is a gradual process. Both protocols will coexist for some time to come.
The coexistence on one system is guaranteed where there is a
<span class="emphasis"><em>dual stack</em></span> implementation of both protocols. That
still leaves the question of how an IPv6 enabled host should communicate
with an IPv4 host and how IPv6 packets should be transported by the
current networks, which are predominantly IPv4 based. The best solutions
offer tunneling and compatibility addresses (see
<a class="xref" href="cha.basicnet.html#sec.basicnet.ipv6.address" title="21.2.2. Address Types and Structure">Section 21.2.2, “Address Types and Structure”</a>).
</p><p>
IPv6 hosts that are more or less isolated in the (worldwide) IPv4
network can communicate through tunnels: IPv6 packets are encapsulated
as IPv4 packets to move them across an IPv4 network. Such a connection
between two IPv4 hosts is called a <span class="emphasis"><em>tunnel</em></span>. To
achieve this, packets must include the IPv6 destination address (or the
corresponding prefix) as well as the IPv4 address of the remote host at
the receiving end of the tunnel. A basic tunnel can be configured
manually according to an agreement between the hosts' administrators.
This is also called <span class="emphasis"><em>static tunneling</em></span>.
</p><p>
However, the configuration and maintenance of static tunnels is often
too labor-intensive to use them for daily communication needs.
Therefore, IPv6 provides for three different methods of
<span class="emphasis"><em>dynamic tunneling</em></span>:
</p><div class="variablelist"><dl><dt><span class="term">6over4</span></dt><dd><p>
IPv6 packets are automatically encapsulated as IPv4 packets and sent
over an IPv4 network capable of multicasting. IPv6 is tricked into
seeing the whole network (Internet) as a huge local area network
(LAN). This makes it possible to determine the receiving end of the
IPv4 tunnel automatically. However, this method does not scale very
well and is also hampered by the fact that IP multicasting is far
from widespread on the Internet. Therefore, it only provides a
solution for smaller corporate or institutional networks where
multicasting can be enabled. The specifications for this method are
laid down in RFC 2529.
</p></dd><dt><span class="term">6to4</span></dt><dd><p>
With this method, IPv4 addresses are automatically generated from
IPv6 addresses, enabling isolated IPv6 hosts to communicate over an
IPv4 network. However, a number of problems have been reported
regarding the communication between those isolated IPv6 hosts and the
Internet. The method is described in RFC 3056.
</p></dd><dt><span class="term">IPv6 Tunnel Broker</span></dt><dd><p>
This method relies on special servers that provide dedicated tunnels
for IPv6 hosts. It is described in RFC 3053.
</p></dd></dl></div></div><div class="sect2" title="21.2.4. Configuring IPv6"><div class="titlepage"><div><div><h3 class="title"><a name="sec.basicnet.ipv6.config"></a>21.2.4. Configuring IPv6<span class="permalink"><a alt="Permalink" title="Copy Permalink" href="#sec.basicnet.ipv6.config">¶</a></span></h3></div></div></div><a class="indexterm" name="id476472"></a><a class="indexterm" name="id476480"></a><a class="indexterm" name="id476493"></a><p>
To configure IPv6, you normally do not need to make any changes on the
individual workstations. IPv6 is enabled by default. You can disable it
during installation in the network configuration step described in
Section “Network Configuration” (Chapter 1, <i>Installation with YaST</i>, ↑Start-Up). To disable or enable
IPv6 on an installed system, use the YaST <span class="guimenu">Network
Settings</span> module. On the <span class="guimenu">Global Options</span> tab,
check or uncheck the <span class="guimenu">Enable IPv6</span> option as necessary.
To enable or disable IPv6 manually, edit
<code class="filename">/etc/modprobe.d/50-ipv6.conf</code> and restart the
system. If you want to enable it temporarily until the next reboot,
enter <span class="command"><strong>modprobe</strong></span> <code class="option">-i ipv6</code> as
<code class="systemitem">root</code>. It is basically
impossible to unload the ipv6 module once loaded.
</p><p>
Because of the autoconfiguration concept of IPv6, the network card is
assigned an address in the <span class="emphasis"><em>link-local</em></span> network.
Normally, no routing table management takes place on a workstation. The
network routers can be queried by the workstation, using the
<span class="emphasis"><em>router advertisement protocol</em></span>, for what prefix and
gateways should be implemented. The radvd program can be used to set up
an IPv6 router. This program informs the workstations which prefix to
use for the IPv6 addresses and which routers. Alternatively, use
zebra/quagga for automatic configuration of both addresses and routing.
</p><p>
Consult the ifcfg-tunnel (5) man page to get information about how to
set up various types of tunnels using the
<code class="filename">/etc/sysconfig/network</code> files.
</p></div><div class="sect2" title="21.2.5. For More Information"><div class="titlepage"><div><div><h3 class="title"><a name="sec.basicnet.ipv6.moreinfo"></a>21.2.5. For More Information<span class="permalink"><a alt="Permalink" title="Copy Permalink" href="#sec.basicnet.ipv6.moreinfo">¶</a></span></h3></div></div></div><p>
The above overview does not cover the topic of IPv6 comprehensively. For
a more in-depth look at the new protocol, refer to the following online
documentation and books:
</p><div class="variablelist"><dl><dt><span class="term"><a class="ulink" href="http://www.ipv6.org/" target="_top">http://www.ipv6.org/</a>
</span></dt><dd><p>
The starting point for everything about IPv6.
</p></dd><dt><span class="term"><a class="ulink" href="http://www.ipv6day.org" target="_top">http://www.ipv6day.org</a>
</span></dt><dd><p>
All information needed to start your own IPv6 network.
</p></dd><dt><span class="term"><a class="ulink" href="http://www.ipv6-to-standard.org/" target="_top">http://www.ipv6-to-standard.org/</a>
</span></dt><dd><p>
The list of IPv6-enabled products.
</p></dd><dt><span class="term"><a class="ulink" href="http://www.bieringer.de/linux/IPv6/" target="_top">http://www.bieringer.de/linux/IPv6/</a>
</span></dt><dd><p>
Here, find the Linux IPv6-HOWTO and many links related to the topic.
</p></dd><dt><span class="term">RFC 2640</span></dt><dd><p>
The fundamental RFC about IPv6.
</p></dd><dt><span class="term">IPv6 Essentials</span></dt><dd><p>
A book describing all the important aspects of the topic is
<span class="emphasis"><em>IPv6 Essentials</em></span> by Silvia Hagen (ISBN
0-596-00125-8).
</p></dd></dl></div></div></div><div class="sect1" title="21.3. Name Resolution"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="sec.basicnet.nameres"></a>21.3. Name Resolution<span class="permalink"><a alt="Permalink" title="Copy Permalink" href="#sec.basicnet.nameres">¶</a></span></h2></div></div></div><a class="indexterm" name="id476712"></a><a class="indexterm" name="id476717"></a><p>
DNS assists in assigning an IP address to one or more names and assigning
a name to an IP address. In Linux, this conversion is usually carried out
by a special type of software known as bind. The machine that takes care
of this conversion is called a <span class="emphasis"><em>name server</em></span>. The
names make up a hierarchical system in which each name component is
separated by a period. The name hierarchy is, however, independent of the
IP address hierarchy described above.
</p><p>
Consider a complete name, such as
<code class="systemitem">jupiter.example.com</code>, written in
the format
<code class="systemitem">hostname.domain</code>. A
full name, referred to as a <span class="emphasis"><em>fully qualified domain
name</em></span> (FQDN), consists of a hostname and a domain name
(<code class="systemitem">example.com</code>). The
latter also includes the <span class="emphasis"><em>top level domain</em></span> or TLD
(<code class="systemitem">com</code>).
</p><a class="indexterm" name="id476773"></a><p>
TLD assignment has become quite confusing for historical reasons.
Traditionally, three-letter domain names are used in the USA. In the rest
of the world, the two-letter ISO national codes are the standard. In
addition to that, longer TLDs were introduced in 2000 that represent
certain spheres of activity (for example,
<code class="systemitem">.info</code>,
<code class="systemitem">.name</code>,
<code class="systemitem">.museum</code>).
</p><p>
In the early days of the Internet (before 1990), the file
<code class="filename">/etc/hosts</code> was used to store the names of all the
machines represented over the Internet. This quickly proved to be
impractical in the face of the rapidly growing number of computers
connected to the Internet. For this reason, a decentralized database was
developed to store the hostnames in a widely distributed manner. This
database, similar to the name server, does not have the data pertaining
to all hosts in the Internet readily available, but can dispatch requests
to other name servers.
</p><a class="indexterm" name="id476818"></a><p>
The top of the hierarchy is occupied by <span class="emphasis"><em>root name
servers</em></span>. These root name servers manage the top level domains
and are run by the Network Information Center (NIC). Each root name
server knows about the name servers responsible for a given top level
domain. Information about top level domain NICs is available at
<a class="ulink" href="http://www.internic.net" target="_top">http://www.internic.net</a>.
</p><a class="indexterm" name="id476841"></a><p>
DNS can do more than just resolve hostnames. The name server also knows
which host is receiving e-mails for an entire domain—the
<span class="emphasis"><em>mail exchanger (MX)</em></span>.
</p><a class="indexterm" name="id476858"></a><p>
For your machine to resolve an IP address, it must know about at least
one name server and its IP address. Easily specify such a name server
with the help of YaST. If you have a modem dial-up connection, you may
not need to configure a name server manually at all. The dial-up protocol
provides the name server address as the connection is made.
<span>The configuration of name server access with
openSUSE® is described in
<a class="xref" href="cha.basicnet.html#sec.basicnet.yast.change.host" title="21.4.1.4. Configuring Hostname and DNS">Section 21.4.1.4, “Configuring Hostname and DNS”</a>. Setting up your own
name server is described in <a class="xref" href="cha.dns.html" title="Chapter 23. The Domain Name System">Chapter 23, <i>The Domain Name System</i></a>.</span>
</p><a class="indexterm" name="id476892"></a><p>
The protocol <code class="literal">whois</code> is closely related to DNS. With
this program, quickly find out who is responsible for any given domain.
</p><div class="note"><table border="0" cellpadding="3" cellspacing="0" width="100%" summary="Note: MDNS and .local Domain Names"><tr class="head"><td width="32"><img alt="[Note]" src="admon/note.png"></td><th align="left">MDNS and .local Domain Names</th></tr><tr><td colspan="2" align="left" valign="top"><p>
The <code class="literal">.local</code> top level domain is treated as link-local
domain by the resolver. DNS requests are send as multicast DNS requests
instead of normal DNS requests. If you already use the
<code class="literal">.local</code> domain in your nameserver configuration, you
must switch this option off in <code class="filename">/etc/host.conf</code>. For
more information, see the <code class="filename">host.conf</code> manual page.
</p><p>
If you want to switch off MDNS during installation, use
<code class="literal">nomdns=1</code> as a boot parameter.
</p><p>
For more information on multicast DNS, see
<a class="ulink" href="http://www.multicastdns.org" target="_top">http://www.multicastdns.org</a>.
</p></td></tr></table></div></div><div class="sect1" title="21.4. Configuring a Network Connection with YaST"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="sec.basicnet.yast"></a>21.4. Configuring a Network Connection with YaST<span class="permalink"><a alt="Permalink" title="Copy Permalink" href="#sec.basicnet.yast">¶</a></span></h2></div></div></div><a class="indexterm" name="idx.networks_integrating"></a><a class="indexterm" name="id476988"></a><p>
There are many supported networking types on Linux. Most of them use
different device names and the configuration files are spread over several
locations in the file system. For a detailed overview of the aspects of
manual network configuration, see <a class="xref" href="cha.basicnet.html#sec.basicnet.manconf" title="21.6. Configuring a Network Connection Manually">Section 21.6, “Configuring a Network Connection Manually”</a>.
</p><p>
<span>During installation on a laptop (where NetworkManager is active
by default) YaST configures all interfaces that have been
detected.</span> If NetworkManager is not
active, only the first interface with link up (with a network cable
connected) is automatically configured. Additional hardware can be
configured any time on the installed system. The following sections
describe the network configuration for all types of network connections
supported by openSUSE.
</p><div class="sect2" title="21.4.1. Configuring the Network Card with YaST"><div class="titlepage"><div><div><h3 class="title"><a name="sec.basicnet.yast.netcard"></a>21.4.1. Configuring the Network Card with YaST<span class="permalink"><a alt="Permalink" title="Copy Permalink" href="#sec.basicnet.yast.netcard">¶</a></span></h3></div></div></div><a class="indexterm" name="id477032"></a><a class="indexterm" name="id477041"></a><a class="indexterm" name="id477049"></a><a class="indexterm" name="id477058"></a><p>
To configure your wired or wireless network card in YaST, select
<span class="guimenu">Network Devices</span>+<span class="guimenu">Network
Settings</span>. After starting the module, YaST
displays the <span class="guimenu">Network Settings</span> dialog with four tabs:
<span class="guimenu">Global Options</span>, <span class="guimenu">Overview</span>,
<span class="guimenu">Hostname/DNS</span> and <span class="guimenu">Routing</span>.
</p><p>
The <span class="guimenu">Global Options</span> tab allows you to set general
networking options such as the use of NetworkManager, IPv6 and general DHCP
options. For more information, see
<a class="xref" href="cha.basicnet.html#sec.basicnet.yast.netcard.global" title="21.4.1.1. Configuring Global Networking Options">Section 21.4.1.1, “Configuring Global Networking Options”</a>.
</p><p>
The <span class="guimenu">Overview</span> tab contains information about installed
network interfaces and configurations. Any properly detected network card
is listed with its name. You can manually configure new cards, remove or
change their configuration in this dialog. If you want to manually
configure a card that was not automatically detected, see
<a class="xref" href="cha.basicnet.html#sec.basicnet.yast.netcard.man" title="21.4.1.3. Configuring an Undetected Network Card">Section 21.4.1.3, “Configuring an Undetected Network Card”</a>. If you want to
change the configuration of an already configured card, see
<a class="xref" href="cha.basicnet.html#sec.basicnet.yast.netcard.change" title="21.4.1.2. Changing the Configuration of a Network Card">Section 21.4.1.2, “Changing the Configuration of a Network Card”</a>.
</p><p>
The <span class="guimenu">Hostname/DNS</span> tab allows to set the hostname of the
machine and name the servers to be used. For more information, see
<a class="xref" href="cha.basicnet.html#sec.basicnet.yast.change.host" title="21.4.1.4. Configuring Hostname and DNS">Section 21.4.1.4, “Configuring Hostname and DNS”</a>.
</p><p>
The <span class="guimenu">Routing</span> tab is used for the configuration of
routing. See <a class="xref" href="cha.basicnet.html#sec.basicnet.yast.change.route" title="21.4.1.5. Configuring Routing">Section 21.4.1.5, “Configuring Routing”</a> for more
information.
</p><div class="figure"><a name="fig.yast2.neticard"></a><p class="title"><b>Figure 21.3. Configuring Network Settings</b><span class="permalink"><a alt="Permalink" title="Copy Permalink" href="#fig.yast2.neticard">¶</a></span></p><div class="figure-contents"><div class="mediaobject"><table border="0" summary="manufactured viewport for HTML img" cellspacing="0" cellpadding="0" width="75%"><tr><td><img src="images/yast2_net_icard.png" width="100%" alt="Configuring Network Settings"></td></tr></table></div></div></div><br class="figure-break"><div class="sect3" title="21.4.1.1. Configuring Global Networking Options"><div class="titlepage"><div><div><h4 class="title"><a name="sec.basicnet.yast.netcard.global"></a>21.4.1.1. Configuring Global Networking Options<span class="permalink"><a alt="Permalink" title="Copy Permalink" href="#sec.basicnet.yast.netcard.global">¶</a></span></h4></div></div></div><p>
The <span class="guimenu">Global Options</span> tab of the YaST <span class="guimenu">Network
Settings</span> module allows you to set important global networking
options, such as the use of NetworkManager, IPv6 and DHCP client options. These
settings are applicable for all network interfaces.
</p><p>
In the <span class="guimenu">Network Setup Method</span> choose the way network
connections are managed. If you want a NetworkManager desktop applet to manage
connections for all interfaces, choose <span class="guimenu">User Controlled with
NetworkManager</span>. This option is well suited for switching between
multiple wired and wireless networks. If you do not run a desktop
environment (GNOME or KDE), or if your computer is a Xen server, virtual
system, or provides network services such as DHCP or DNS in your
network, use the <span class="guimenu">Traditional Method with ifup</span>. If
NetworkManager is used, <span class="command"><strong>nm-applet</strong></span> should be used to configure
network options and the <span class="guimenu">Overview</span>,
<span class="guimenu">Hostname/DNS</span> and <span class="guimenu">Routing</span> tabs of
the <span class="guimenu">Network Settings</span> module are disabled. For more
information on NetworkManager, see Chapter <i>Using NetworkManager</i> (↑Start-Up).
</p><p>
In the <span class="guimenu">IPv6 Protocol Settings</span> choose whether you want
to use the IPv6 protocol. It is possible to use IPv6 together with IPv4.
By default, IPv6 is activated. However, in networks not using IPv6
protocol, response times can be faster with IPv6 protocol disabled. If
you want to disable IPv6, uncheck the <span class="guimenu">Enable IPv6</span>
option. This disables autoload of the kernel module for IPv6. This will
be applied after reboot.
</p><p>
In the <span class="guimenu">DHCP Client Options</span> configure options for the
DHCP client. The <span class="guimenu">DHCP Client Identifier</span> must be
different for each DHCP client on a single network. If left empty, it
defaults to the hardware address of the network interface. However, if
you are running several virtual machines using the same network
interface and, therefore, the same hardware address, specify a unique
free-form identifier here.
</p><p>
The <span class="guimenu">Hostname to Send</span> specifies a string used for the
hostname option field when dhcpcd sends messages to DHCP server. Some
DHCP servers update name server zones (forward and reverse records)
according to this hostname (Dynamic DNS). Also, some DHCP servers
require the <span class="guimenu">Hostname to Send</span> option field to contain
a specific string in the DHCP messages from clients. Leave
<code class="literal">AUTO</code> to send the current hostname (that is the one
defined in <code class="filename">/etc/HOSTNAME</code>). Leave the option field
empty for not sending any hostname. If yo do not want to change the
default route according to the information from DHCP,
uncheck <span class="guimenu">Change Default Route via DHCP</span>.
</p></div><div class="sect3" title="21.4.1.2. Changing the Configuration of a Network Card"><div class="titlepage"><div><div><h4 class="title"><a name="sec.basicnet.yast.netcard.change"></a>21.4.1.2. Changing the Configuration of a Network Card<span class="permalink"><a alt="Permalink" title="Copy Permalink" href="#sec.basicnet.yast.netcard.change">¶</a></span></h4></div></div></div><p>
To change the configuration of a network card, select a card from the
list of the detected cards in <span class="guimenu">Network
Settings</span>+<span class="guimenu">Overview</span> in YaST
and click <span class="guimenu">Edit</span>. The <span class="guimenu">Network Card
Setup</span> dialog appears in which to adjust the card configuration
using the <span class="guimenu">General</span>, <span class="guimenu">Address</span> and
<span class="guimenu">Hardware</span> tabs. For information about wireless card
configuration, see <a class="xref" href="cha.wireless.wlan.html#sec.wireless.wlan.yast2" title="32.5. Configuration with YaST">Section 32.5, “Configuration with YaST”</a>.
</p><div class="sect4" title="21.4.1.2.1. Configuring IP Addresses"><div class="titlepage"><div><div><h5 class="title"><a name="sec.basicnet.yast.change.address"></a>21.4.1.2.1. Configuring IP Addresses<span class="permalink"><a alt="Permalink" title="Copy Permalink" href="#sec.basicnet.yast.change.address">¶</a></span></h5></div></div></div><a class="indexterm" name="id477382"></a><p>
You can set the IP address of the network card or the way its IP
address is determined in the <span class="guimenu">Address</span> tab of the
<span class="guimenu">Network Card Setup</span> dialog. Both IPv4 and IPv6
addresses are supported. The network card can have <span class="guimenu">No IP
Address</span> (which is useful for bonding devices), a
<span class="guimenu">Statically Assigned IP Address</span> (IPv4 or IPv6) or a
<span class="guimenu">Dynamic Address</span> assigned via <span class="guimenu">DHCP</span>
or <span class="guimenu">Zeroconf</span> or both.
</p><p>
If using <span class="guimenu">Dynamic Address</span>, select whether to use
<span class="guimenu">DHCP Version 4 Only</span> (for IPv4), <span class="guimenu">DHCP
Version 6 Only</span> (for IPv6) or <span class="guimenu">DHCP Both Version 4 and
6</span>.
</p><p>
If possible, the first network card with link that is available during
the installation is automatically configured to use automatic address
setup via DHCP.
<span>In case of laptop computers where NetworkManager is
active by default, all network cards are configured.</span>
</p><p>
DHCP should also be used if you are using a DSL line but with no static
IP assigned by the ISP (Internet Service Provider). If you decide to
use DHCP, configure the details in <span class="guimenu">DHCP Client
Options</span> in the <span class="guimenu">Global Options</span> tab of the
<span class="guimenu">Network Settings</span> dialog of the YaST network card
configuration module. If you have a virtual host setup where different
hosts communicate through the same interface, an <span class="guimenu">DHCP Client
Identifier</span> is necessary to distinguish them.
</p><p>
DHCP is a good choice for client configuration but it is not ideal for
server configuration. To set a static IP address, proceed as follows:
</p><div class="procedure"><ol class="procedure" type="1"><li><p>
Select a card from the list of detected cards in the
<span class="guimenu">Overview</span> tab of the YaST network card
configuration module and click <span class="guimenu">Edit</span>.
</p></li><li><p>
In the <span class="guimenu">Address</span> tab, choose <span class="guimenu">Statically
Assigned IP Address</span>.
</p></li><li><p>
Enter the <span class="guimenu">IP Address</span>. Both IPv4 and IPv6 addresses
can be used. Enter the network mask in <span class="guimenu">Subnet
Mask</span>. If the IPv6 address is used, use <span class="guimenu">Subnet
Mask</span> for prefix length in format <code class="literal">/64</code>.
</p><p>
Optionally, you can enter a fully qualified
<span class="guimenu">Hostname</span> for this address, which will be written
to the <code class="filename">/etc/hosts</code> configuration file.
</p></li><li><p>
Click <span class="guimenu">Next</span>.
</p></li><li><p>
To activate the configuration, click <span class="guimenu">OK</span>.
</p></li></ol></div><p>
If you use the static address, the name servers and default gateway are
not configured automatically. To configure name servers, proceed as
described in <a class="xref" href="cha.basicnet.html#sec.basicnet.yast.change.host" title="21.4.1.4. Configuring Hostname and DNS">Section 21.4.1.4, “Configuring Hostname and DNS”</a>. To
configure a gateway, proceed as described in
<a class="xref" href="cha.basicnet.html#sec.basicnet.yast.change.route" title="21.4.1.5. Configuring Routing">Section 21.4.1.5, “Configuring Routing”</a>.
</p></div><div class="sect4" title="21.4.1.2.2. Configuring Aliases"><div class="titlepage"><div><div><h5 class="title"><a name="sec.basicnet.yast.configure.aliases"></a>21.4.1.2.2. Configuring Aliases<span class="permalink"><a alt="Permalink" title="Copy Permalink" href="#sec.basicnet.yast.configure.aliases">¶</a></span></h5></div></div></div><a class="indexterm" name="id477614"></a><p>
One network device can have multiple IP addresses, called aliases.
</p><div class="note"><table border="0" cellpadding="3" cellspacing="0" width="100%" summary="Note: Aliases Are a Compatibility Feature"><tr class="head"><td width="32"><img alt="[Note]" src="admon/note.png"></td><th align="left">Aliases Are a Compatibility Feature</th></tr><tr><td colspan="2" align="left" valign="top"><p>
These so-called aliases resp. labels work with IPv4 only. With IPv6
they will be ignored. Using <span class="command"><strong>iproute2</strong></span> network
interfaces can have one or more addresses.
</p></td></tr></table></div><p>
Using YaST to set an alias for your network card, proceed as follows:
</p><div class="procedure"><ol class="procedure" type="1"><li><p>
Select a card from the list of detected cards in the
<span class="guimenu">Overview</span> tab of the YaST network card
configuration module and click <span class="guimenu">Edit</span>.
</p></li><li><p>
In the <span class="guimenu">Address</span>+<span class="guimenu">Additional
Addresses</span> tab, click <span class="guimenu">Add</span>.
</p></li><li><p>
Enter <span class="guimenu">Alias Name</span>, <span class="guimenu">IP Address</span>,
and <span class="guimenu">Netmask</span>. Do not include the interface name in
the alias name.
</p></li><li><p>
Click <span class="guimenu">OK</span>.
</p></li><li><p>
Click <span class="guimenu">Next</span>.
</p></li><li><p>
To activate the configuration, click <span class="guimenu">OK</span>.
</p></li></ol></div></div><div class="sect4" title="21.4.1.2.3. Changing the Device Name and Udev Rules"><div class="titlepage"><div><div><h5 class="title"><a name="sec.basicnet.yast.change.udev"></a>21.4.1.2.3. Changing the Device Name and Udev Rules<span class="permalink"><a alt="Permalink" title="Copy Permalink" href="#sec.basicnet.yast.change.udev">¶</a></span></h5></div></div></div><p>
It is possible to change the device name of the network card when it is
used. It is also possible to determine whether the network card should
be identified by udev via its hardware (MAC) address or via the bus ID.
The later option is preferable in large servers to ease hot swapping of
cards. To set these options with YaST, proceed as follows:
</p><div class="procedure"><ol class="procedure" type="1"><li><p>
Select a card from the list of detected cards in the
<span class="guimenu">Overview</span> tab of the YaST <span class="guimenu">Network
Settings</span> module and click <span class="guimenu">Edit</span>.
</p></li><li><p>
Go to the <span class="guimenu">Hardware</span> tab. The current device name is
shown in <span class="guimenu">Udev Rules</span>. Click
<span class="guimenu">Change</span>.
</p></li><li><p>
Select whether udev should identify the card by its <span class="guimenu">MAC
Address</span> or <span class="guimenu">Bus ID</span>. The current MAC
address and bus ID of the card are shown in the dialog.
</p></li><li><p>
To change the device name, check the <span class="guimenu">Change Device
Name</span> option and edit the name.
</p></li><li><p>
Click <span class="guimenu">OK</span> and <span class="guimenu">Next</span>.
</p></li><li><p>
To activate the configuration, click <span class="guimenu">OK</span>.
</p></li></ol></div></div><div class="sect4" title="21.4.1.2.4. Changing Network Card Kernel Driver"><div class="titlepage"><div><div><h5 class="title"><a name="sec.basicnet.yast.change.driver"></a>21.4.1.2.4. Changing Network Card Kernel Driver<span class="permalink"><a alt="Permalink" title="Copy Permalink" href="#sec.basicnet.yast.change.driver">¶</a></span></h5></div></div></div><p>
For some network cards, several kernel drivers may be available. If the
card is already configured, YaST allows you to select a kernel driver
to be used from a list of available suitable drivers. It is also
possible to specify options for the kernel driver. To set these options
with YaST, proceed as follows:
</p><div class="procedure"><ol class="procedure" type="1"><li><p>
Select a card from the list of detected cards in the
<span class="guimenu">Overview</span> tab of the YaST Network Settings module
and click <span class="guimenu">Edit</span>.
</p></li><li><p>
Go to the <span class="guimenu">Hardware</span> tab.
</p></li><li><p>
Select the kernel driver to be used in <span class="guimenu">Module
Name</span>. Enter any options for the selected driver in
<span class="guimenu">Options</span> in the form <span class="command"><strong>
<em class="replaceable"><code>option</code></em>=<em class="replaceable"><code>value</code></em>
</strong></span>. If more options are used, they should be space-separated.
</p></li><li><p>
Click <span class="guimenu">OK</span> and <span class="guimenu">Next</span>.
</p></li><li><p>
To activate the configuration, click <span class="guimenu">OK</span>.
</p></li></ol></div></div><div class="sect4" title="21.4.1.2.5. Activating the Network Device"><div class="titlepage"><div><div><h5 class="title"><a name="sec.basicnet.yast.change.start"></a>21.4.1.2.5. Activating the Network Device<span class="permalink"><a alt="Permalink" title="Copy Permalink" href="#sec.basicnet.yast.change.start">¶</a></span></h5></div></div></div><a class="indexterm" name="id478012"></a><p>
If you use the traditional method with ifup, you can configure your
device to either start during boot, on cable connection, on card
detection, manually or never. To change device start-up, proceed as
follows:
</p><div class="procedure"><ol class="procedure" type="1"><li><p>
In YaST select a card from the list of detected cards in
<span class="guimenu">Network Devices</span>+<span class="guimenu">Network
Settings</span> and click <span class="guimenu">Edit</span>.
</p></li><li><p>
In the <span class="guimenu">General</span> tab, select the desired entry from
<span class="guimenu">Device Activation</span>.
</p><p>
Choose <span class="guimenu">At Boot Time</span> to start the device during the
system boot. With <span class="guimenu">On Cable Connection</span>, the
interface is watched for any existing physical connection. With
<span class="guimenu">On Hotplug</span>, the interface is set as soon as
available. It is similar to the <span class="guimenu">At Boot Time</span>
option, and only differs in the fact that no error occurs if the
interface is not present at boot time. Choose
<span class="guimenu">Manually</span> to control the interface manually with
<span class="command"><strong>ifup</strong></span>. Choose <span class="guimenu">Never</span> to not start
the device at all. The <span class="guimenu">On NFSroot</span> is similar to
<span class="guimenu">At Boot Time</span>, but the interface does not shut down
with the <span class="command"><strong>rcnetwork stop</strong></span> command. Use this if you
use an nfs or iscsi root file system.
</p></li><li><p>
Click <span class="guimenu">Next</span>.
</p></li><li><p>
To activate the configuration, click <span class="guimenu">OK</span>.
</p></li></ol></div><p>
Usually, only the system administrator can activate and deactivate
network interfaces. If you want any user to be able to activate this
interface via KInternet, select <span class="guimenu">Enable Device Control for
Non-root User via KInternet</span>.
</p></div><div class="sect4" title="21.4.1.2.6. Setting Up Maximum Transfer Unit Size"><div class="titlepage"><div><div><h5 class="title"><a name="id478160"></a>21.4.1.2.6. Setting Up Maximum Transfer Unit Size<span class="permalink"><a alt="Permalink" title="Copy Permalink" href="#id478160">¶</a></span></h5></div></div></div><p>
You can set a maximum transmission unit (MTU) for the interface. MTU
refers to the largest allowed packet size in bytes. A higher MTU brings
higher bandwidth efficiency. However, large packets can block up a slow
interface for some time, increasing the lag for further packets.
</p><div class="procedure"><ol class="procedure" type="1"><li><p>
In YaST select a card from the list of detected cards in
<span class="guimenu">Network Devices</span>+<span class="guimenu">Network
Settings</span> and click <span class="guimenu">Edit</span>.
</p></li><li><p>
In the <span class="guimenu">General</span> tab, select the desired entry from
the <span class="guimenu">Set MTU</span> list.
</p></li><li><p>
Click <span class="guimenu">Next</span>.
</p></li><li><p>
To activate the configuration, click <span class="guimenu">OK</span>.
</p></li></ol></div></div><div class="sect4" title="21.4.1.2.7. Configuring the Firewall"><div class="titlepage"><div><div><h5 class="title"><a name="sec.basicnet.yast.change.fire"></a>21.4.1.2.7. Configuring the Firewall<span class="permalink"><a alt="Permalink" title="Copy Permalink" href="#sec.basicnet.yast.change.fire">¶</a></span></h5></div></div></div><p>
Without having to enter the detailed firewall setup as described in
Section “Configuring the Firewall with YaST” (Chapter 14, <i>Masquerading and Firewalls</i>, ↑Security Guide), you can
determine the basic firewall setup for your device as part of the
device setup. Proceed as follows:
</p><div class="procedure"><ol class="procedure" type="1"><li><p>
Open the YaST <span class="guimenu">Network Devices</span>+<span class="guimenu">Network Settings</span> module. In the
<span class="guimenu">Overview</span> tab, select a card from the list of
detected cards and click <span class="guimenu">Edit</span>.
</p></li><li><p>
Enter the <span class="guimenu">General</span> tab of the <span class="guimenu">Network
Settings</span> dialog.
</p></li><li><p>
Determine the firewall zone to which your interface should be
assigned. The following options are available:
</p><div class="variablelist"><dl><dt><span class="term">Firewall Disabled</span></dt><dd><p>
This option is available only if the firewall is disabled and the
firewall does not run at all. Only use this option if your machine
is part of a greater network that is protected by an outer
firewall.
</p></dd><dt><span class="term">Automatically Assign Zone</span></dt><dd><p>
This option is available only if the firewall is enabled. The
firewall is running and the interface is automatically assigned to
a firewall zone. The zone which contains the keyword
<code class="literal">any</code> or the external zone will be used for such
an interface.
</p></dd><dt><span class="term">Internal Zone (Unprotected)</span></dt><dd><p>
The firewall is running, but does not enforce any rules to protect
this interface. Use this option if your machine is part of a
greater network that is protected by an outer firewall. It is also
useful for the interfaces connected to the internal network, when
the machine has more network interfaces.
</p></dd><dt><span class="term">Demilitarized Zone</span></dt><dd><p>
A demilitarized zone is an additional line of defense in front of
an internal network and the (hostile) Internet. Hosts assigned to
this zone can be reached from the internal network and from the
Internet, but cannot access the internal network.
</p></dd><dt><span class="term">External Zone</span></dt><dd><p>
The firewall is running on this interface and fully protects it
against other—presumably hostile—network traffic. This
is the default option.
</p></dd></dl></div></li><li><p>
Click <span class="guimenu">Next</span>.
</p></li><li><p>
Activate the configuration by clicking <span class="guimenu">OK</span>.
</p></li></ol></div></div></div><div class="sect3" title="21.4.1.3. Configuring an Undetected Network Card"><div class="titlepage"><div><div><h4 class="title"><a name="sec.basicnet.yast.netcard.man"></a>21.4.1.3. Configuring an Undetected Network Card<span class="permalink"><a alt="Permalink" title="Copy Permalink" href="#sec.basicnet.yast.netcard.man">¶</a></span></h4></div></div></div><p>
Your card may not be detected correctly. In this case, the card is not
included in the list of detected cards. If you are sure that your system
includes a driver for your card, you can configure it manually. You can
also configure special network device types, such as bridge, bond, TUN
or TAP. To configure an undetected network card (or a special device)
proceed as follows:
</p><div class="procedure"><ol class="procedure" type="1"><li><p>
In the <span class="guimenu">Network Devices</span>+<span class="guimenu">Network Settings</span>+<span class="guimenu">Overview</span> dialog in YaST click <span class="guimenu">Add</span>.
</p></li><li><p>
In the <span class="guimenu">Hardware</span> dialog, set the <span class="guimenu">Device
Type</span> of the interface from the available options and
<span class="guimenu">Configuration Name</span>. If the network card is a PCMCIA
or USB device, activate the respective check box and exit this dialog
with <span class="guimenu">Next</span>. Otherwise, you can define the kernel
<span class="guimenu">Module Name</span> to be used for the card and its
<span class="guimenu">Options</span>, if necessary.
</p><p>
In <span class="guimenu">Ethtool Options</span>, you can set
<span class="command"><strong>ethtool</strong></span> options used by <span class="command"><strong>ifup</strong></span> for
the interface. See the <span class="command"><strong>ethtool</strong></span> manual page for
available options. If the option string starts with a
<code class="literal">-</code> (for example <code class="literal">-K
<em class="replaceable"><code>interface_name</code></em> rx on</code>), the second
word in the string is replaced with the current interface name.
Otherwise (for example <code class="literal">autoneg off speed 10</code>)
<span class="command"><strong>ifup</strong></span> prepends <code class="literal">-s
<em class="replaceable"><code>interface_name</code></em></code>.
</p></li><li><p>
Click <span class="guimenu">Next</span>.
</p></li><li><p>
Configure any needed options, such as the IP address, device
activation or firewall zone for the interface in the
<span class="guimenu">General</span>, <span class="guimenu">Address</span>, and
<span class="guimenu">Hardware</span> tabs. For more information about the
configuration options, see
<a class="xref" href="cha.basicnet.html#sec.basicnet.yast.netcard.change" title="21.4.1.2. Changing the Configuration of a Network Card">Section 21.4.1.2, “Changing the Configuration of a Network Card”</a>.
</p></li><li><p>
If you selected <span class="guimenu">Wireless</span> as the device type of the
interface, configure the wireless connection in the next dialog.
</p></li><li><p>
Click <span class="guimenu">Next</span>.
</p></li><li><p>
To activate the new network configuration, click
<span class="guimenu">OK</span>.
</p></li></ol></div></div><div class="sect3" title="21.4.1.4. Configuring Hostname and DNS"><div class="titlepage"><div><div><h4 class="title"><a name="sec.basicnet.yast.change.host"></a>21.4.1.4. Configuring Hostname and DNS<span class="permalink"><a alt="Permalink" title="Copy Permalink" href="#sec.basicnet.yast.change.host">¶</a></span></h4></div></div></div><a class="indexterm" name="id478671"></a><p>
If you did not change the network configuration during installation and
the wired card was already available, a hostname was automatically
generated for your computer and DHCP was activated. The same applies to
the name service information your host needs to integrate into a network
environment. If DHCP is used for network address setup, the list of
domain name servers is automatically filled with the appropriate data.
If a static setup is preferred, set these values manually.
</p><p>
To change the name of your computer and adjust the name server search
list, proceed as follows:
</p><div class="procedure"><ol class="procedure" type="1"><li><p>
Go to the <span class="guimenu">Network Settings</span>+<span class="guimenu">Hostname/DNS</span> tab in the
<span class="guimenu">Network Devices</span> module in YaST.
</p></li><li><p>
Enter the <span class="guimenu">Hostname</span> and, if needed, the
<span class="guimenu">Domain Name</span>. The domain is especially important if
the machine is a mail server. Note that the hostname is global and
applies to all set network interfaces.
</p><p>
If you are using DHCP to get an IP address, the hostname of your
computer will be automatically set by the DHCP. You may want to
disable this behavior if you connect to different networks, because
they may assign different hostnames and changing the hostname at
runtime may confuse the graphical desktop. To disable using DHCP to
get an IP address uncheck <span class="guimenu">Change Hostname via DHCP</span>.
</p><p>
<span class="guimenu">Assign Hostname to Loopback IP</span> associates your
hostname with <code class="literal">127.0.0.2</code> (loopback) IP address in
<code class="filename">/etc/hosts</code>. This is an useful option if you want
to have the hostname resolvable at all times, even without active
network.
</p></li><li><p>
In <span class="guimenu">Modify DNS Configuration</span>, select the way the DNS
configuration (name servers, search list, the content of the
<code class="filename">/etc/resolv.conf</code> file) is modified.
</p><p>
If the <span class="guimenu">Use Default Policy</span> option is selected, the
configuration is handled by the <span class="command"><strong>netconfig</strong></span> script
which merges the data defined statically (with YaST or in the
configuration files) with data obtained dynamically (from the DHCP
client or NetworkManager). This default policy is sufficient in most
cases.
</p><p>
If the <span class="guimenu">Only Manually</span> option is selected,
<span class="command"><strong>netconfig</strong></span> is not allowed to modify the
<code class="filename">/etc/resolv.conf</code> file. However, this file can be
edited manually.
</p><p>
If the <span class="guimenu">Custom Policy</span> option is selected, a
<span class="guimenu">Custom Policy Rule</span> string defining the merge policy
should be specified. The string consists of a comma-separated list of
interface names to be considered a valid source of settings. Except
for complete interface names, basic wildcards to match multiple
interfaces are allowed, as well. For example, <code class="literal">eth*
ppp?</code> will first target all eth and then all ppp0-ppp9
interfaces. There are two special policy values that indicate how to
apply the static settings defined in the
<code class="filename">/etc/sysconfig/network/config</code> file:
</p><div class="variablelist"><dl><dt><span class="term"><code class="literal">STATIC</code>
</span></dt><dd><p>
The static settings have to be merged together with the dynamic
settings.
</p></dd><dt><span class="term"><code class="literal">STATIC_FALLBACK</code>
</span></dt><dd><p>
The static settings are used only when no dynamic configuration is
available.
</p></dd></dl></div><p>
For more information, see the <span class="command"><strong>man 8 netconfig</strong></span>.
</p></li><li><p>
Enter the <span class="guimenu">Name Servers</span> and fill in the
<span class="guimenu">Domain Search</span> list. Name servers must be specified
by IP addresses, such as 192.168.1.116, not by hostnames. Names specified in
the <span class="guimenu">Domain Search</span> tab are domain names used for
resolving hostnames without a specified domain. If more than one
<span class="guimenu">Domain Search</span> is used, separate domains with commas
or white space.
</p></li><li><p>
To activate the configuration, click <span class="guimenu">OK</span>.
</p></li></ol></div></div><div class="sect3" title="21.4.1.5. Configuring Routing"><div class="titlepage"><div><div><h4 class="title"><a name="sec.basicnet.yast.change.route"></a>21.4.1.5. Configuring Routing<span class="permalink"><a alt="Permalink" title="Copy Permalink" href="#sec.basicnet.yast.change.route">¶</a></span></h4></div></div></div><a class="indexterm" name="id478940"></a><p>
To make your machine communicate with other machines and other networks,
routing information must be given to make network traffic take the
correct path. If DHCP is used, this information is automatically
provided. If a static setup is used, this data must be added manually.
</p><div class="procedure"><ol class="procedure" type="1"><li><p>
In YaST go to <span class="guimenu">Network Settings</span>+<span class="guimenu">Routing</span>.
</p></li><li><p>
Enter the IP address of the <span class="guimenu">Default Gateway</span> (IPv4
and IPv6 if necessary). The default gateway matches every possible
destination, but if any other entry exists that matches the required
address, use this instead of the default route.
</p></li><li><p>
More entries can be entered in the <span class="guimenu">Routing Table</span>.
Enter the <span class="guimenu">Destination</span> network IP address,
<span class="guimenu">Gateway</span> IP address and the
<span class="guimenu">Netmask</span>. Select the <span class="guimenu">Device</span>
through which the traffic to the defined network will be routed (the
minus sign stands for any device).
To omit any of these values, use the minus sign <code class="literal">-</code>.
To enter a default gateway into the table, use
<code class="literal">default</code> in the <span class="guimenu">Destination</span>
field.
</p><div class="note"><table border="0" cellpadding="3" cellspacing="0" width="100%" summary="Note"><tr class="head"><td width="32"><img alt="[Note]" src="admon/note.png"></td><th align="left"></th></tr><tr><td colspan="2" align="left" valign="top"><p>
If more default routes are used, it is possible to specify the metric
option to determine which route has a higher priority. To specify the
metric option, enter <code class="option">- metric
<em class="replaceable"><code>number</code></em></code> in
<span class="guimenu">Options</span>. The route with the highest metric is used
as default. If the network device is disconnected, its route will be
removed and the next one will be used.
However, the current kernel does not use metric in static routing,
only routing daemons like multipathd do.
</p></td></tr></table></div></li><li><p>
If the system is a router, enable the <span class="guimenu">IP Forwarding</span>
option in the <span class="guimenu">Network Settings</span>.
</p></li><li><p>
To activate the configuration, click <span class="guimenu">OK</span>.
</p></li></ol></div></div></div><div class="sect2" title="21.4.2. Modem"><div class="titlepage"><div><div><h3 class="title"><a name="sec.basicnet.yast.modem"></a>21.4.2. Modem<span class="permalink"><a alt="Permalink" title="Copy Permalink" href="#sec.basicnet.yast.modem">¶</a></span></h3></div></div></div><a class="indexterm" name="id479104"></a><a class="indexterm" name="id479113"></a><a class="indexterm" name="id479121"></a><p>
In the YaST Control Center, access the modem configuration under
<span class="guimenu">Network Devices</span>+<span class="guimenu">Modem</span>. If your modem was not automatically detected, go to the
<span class="guimenu">Modem Devices</span> tab and open the dialog for manual
configuration by clicking <span class="guimenu">Add</span>. Enter the interface to
which the modem is connected under <span class="guimenu">Modem Device</span>.
</p><div class="tip"><table border="0" cellpadding="3" cellspacing="0" width="100%" summary="Tip: CDMA and GPRS Modems"><tr class="head"><td width="32"><img alt="[Tip]" src="admon/tip.png"></td><th align="left">CDMA and GPRS Modems</th></tr><tr><td colspan="2" align="left" valign="top"><p>
Configure supported CDMA and GPRS modems with the YaST
<span class="guimenu">Modem</span> module just as you would configure regular
modems.
</p></td></tr></table></div><div class="figure"><a name="fig.yast2.modem"></a><p class="title"><b>Figure 21.4. Modem Configuration</b><span class="permalink"><a alt="Permalink" title="Copy Permalink" href="#fig.yast2.modem">¶</a></span></p><div class="figure-contents"><div class="mediaobject"><table border="0" summary="manufactured viewport for HTML img" cellspacing="0" cellpadding="0" width="75%"><tr><td><img src="images/yast2_modem.png" width="100%" alt="Modem Configuration"></td></tr></table></div></div></div><br class="figure-break"><p>
If you are behind a private branch exchange (PBX), you may need to enter
a dial prefix. This is often a zero. Consult the instructions that came
with the PBX to find out. Also select whether to use tone or pulse
dialing, whether the speaker should be on and whether the modem should
wait until it detects a dial tone. The last option should not be enabled
if the modem is connected to an exchange.
</p><p>
Under <span class="guimenu">Details</span>, set the baud rate and the modem
initialization strings. Only change these settings if your modem was not
detected automatically or if it requires special settings for data
transmission to work. This is mainly the case with ISDN terminal
adapters. Leave this dialog by clicking <span class="guimenu">OK</span>. To
delegate control over the modem to the normal user without root
permissions, activate <span class="guimenu">Enable Device Control for Non-root User
via KInternet</span>. In this way, a user without administrator
permissions can activate or deactivate an interface. Under <span class="guimenu">Dial
Prefix Regular Expression</span>, specify a regular expression. The
<span class="guimenu">Dial Prefix</span> in KInternet, which can be modified by the
normal user, must match this regular expression. If this field is left
empty, the user cannot set a different <span class="guimenu">Dial Prefix</span>
without administrator permissions.
</p><p>
In the next dialog, select the ISP. To choose from a predefined list of
ISPs operating in your country, select <span class="guimenu">Country</span>.
Alternatively, click <span class="guimenu">New</span> to open a dialog in which to
provide the data for your ISP. This includes a name for the dial-up
connection and ISP as well as the login and password provided by your
ISP. Enable <span class="guimenu">Always Ask for Password</span> to be prompted for
the password each time you connect.
</p><p>
In the last dialog, specify additional connection options:
</p><div class="variablelist"><dl><dt><span class="term"><span class="guimenu">Dial on Demand</span>
</span></dt><dd><p>
If you enable <span class="guimenu">Dial on Demand</span>, set at least one name
server. Use this feature only if your Internet connection is
inexpensive, because there are programs that periodically request data
from the Internet.
</p></dd><dt><span class="term"><span class="guimenu">Modify DNS when Connected</span>
</span></dt><dd><p>
This option is enabled by default, with the effect that the name
server address is updated each time you connect to the Internet.
</p></dd><dt><span class="term"><span class="guimenu">Automatically Retrieve DNS</span>
</span></dt><dd><p>
If the provider does not transmit its domain name server after
connecting, disable this option and enter the DNS data manually.
</p></dd><dt><span class="term"><span class="guimenu">Automatically Reconnect</span>
</span></dt><dd><p>
If this options is enabled, the connection is automatically
reestablished after failure.
</p></dd><dt><span class="term"><span class="guimenu">Ignore Prompts</span>
</span></dt><dd><p>
This option disables the detection of any prompts from the dial-up
server. If the connection build-up is slow or does not work at all,
try this option.
</p></dd><dt><span class="term"><span class="guimenu">External Firewall Interface</span>
</span></dt><dd><p>
Selecting this option activates the firewall and sets the interface as
external. This way, you are protected from outside attacks for the
duration of your Internet connection.
</p></dd><dt><span class="term"><span class="guimenu">Idle Time-Out (seconds)</span>
</span></dt><dd><p>
With this option, specify a period of network inactivity after which
the modem disconnects automatically.
</p></dd><dt><span class="term"><span class="guimenu">IP Details</span>
</span></dt><dd><p>
This opens the address configuration dialog. If your ISP does not
assign a dynamic IP address to your host, disable <span class="guimenu">Dynamic IP
Address</span> then enter your host's local IP address and the
remote IP address. Ask your ISP for this information. Leave
<span class="guimenu">Default Route</span> enabled and close the dialog by
selecting <span class="guimenu">OK</span>.
</p></dd></dl></div><p>
Selecting <span class="guimenu">Next</span> returns to the original dialog, which
displays a summary of the modem configuration. Close this dialog with
<span class="guimenu">OK</span>.
</p></div><div class="sect2" title="21.4.3. ISDN"><div class="titlepage"><div><div><h3 class="title"><a name="sec.basicnet.yast.isdn"></a>21.4.3. ISDN<span class="permalink"><a alt="Permalink" title="Copy Permalink" href="#sec.basicnet.yast.isdn">¶</a></span></h3></div></div></div><a class="indexterm" name="id479468"></a><a class="indexterm" name="id479477"></a><a class="indexterm" name="id479485"></a><a class="indexterm" name="id479494"></a><p>
Use this module to configure one or several ISDN cards for your system.
If YaST did not detect your ISDN card, click on <span class="guimenu">Add</span>
in the <span class="guimenu">ISDN Devices</span> tab and manually select your card.
Multiple interfaces are possible, but several ISPs can be configured for
one interface. In the subsequent dialogs, set the ISDN options necessary
for the proper functioning of the card.
</p><div class="figure"><a name="fig.yast2.isdn"></a><p class="title"><b>Figure 21.5. ISDN Configuration</b><span class="permalink"><a alt="Permalink" title="Copy Permalink" href="#fig.yast2.isdn">¶</a></span></p><div class="figure-contents"><div class="mediaobject"><table border="0" summary="manufactured viewport for HTML img" cellspacing="0" cellpadding="0" width="75%"><tr><td><img src="images/yast2_isdn.png" width="100%" alt="ISDN Configuration"></td></tr></table></div></div></div><br class="figure-break"><p>
In the next dialog, shown in <a class="xref" href="cha.basicnet.html#fig.yast2.isdn" title="Figure 21.5. ISDN Configuration">Figure 21.5, “ISDN Configuration”</a>, select the
protocol to use. The default is <span class="guimenu">Euro-ISDN (EDSS1)</span>, but
for older or larger exchanges, select <span class="guimenu">1TR6</span>. If you are
in the US, select <span class="guimenu">NI1</span>. Select your country in the
relevant field. The corresponding country code then appears in the field
next to it. Finally, provide your <span class="guimenu">Area Code</span> and the
<span class="guimenu">Dial Prefix</span> if necessary. If you do not want to log
all your ISDN traffic, uncheck the <span class="guimenu">Start ISDN Log</span>
option.
</p><p>
<span class="guimenu">Activate Device</span> defines how the ISDN interface should
be started: <span class="guimenu">At Boot Time</span> causes the ISDN driver to be
initialized each time the system boots. <span class="guimenu">Manually</span>
requires you to load the ISDN driver as <code class="systemitem">root</code> with the command
<span class="command"><strong>rcisdn start</strong></span>. <span class="guimenu">On Hotplug</span>, used for
PCMCIA or USB devices, loads the driver after the device is plugged in.
When finished with these settings, select <span class="guimenu">OK</span>.
</p><p>
In the next dialog, specify the interface type for your ISDN card and add
ISPs to an existing interface. Interfaces may be either the
<code class="systemitem">SyncPPP</code> or the <code class="systemitem">RawIP</code>
type, but most ISPs operate in the <code class="systemitem">SyncPPP</code> mode,
which is described below.
</p><div class="figure"><a name="fig.yast2.isdn_interface"></a><p class="title"><b>Figure 21.6. ISDN Interface Configuration</b><span class="permalink"><a alt="Permalink" title="Copy Permalink" href="#fig.yast2.isdn_interface">¶</a></span></p><div class="figure-contents"><div class="mediaobject"><table border="0" summary="manufactured viewport for HTML img" cellspacing="0" cellpadding="0" width="75%"><tr><td><img src="images/yast2_isdn_interface.png" width="100%" alt="ISDN Interface Configuration"></td></tr></table></div></div></div><br class="figure-break"><p>
The number to enter for <span class="guimenu">My Phone Number</span> depends on
your particular setup:
</p><div class="variablelist"><dl><dt><span class="term">ISDN Card Directly Connected to Phone Outlet</span></dt><dd><p>
A standard ISDN line provides three phone numbers (called multiple
subscriber numbers, or MSNs). If the subscriber asked for more, there
may be up to 10. One of these MSNs must be entered here, but without
your area code. If you enter the wrong number, your phone operator
automatically falls back to the first MSN assigned to your ISDN line.
</p></dd><dt><span class="term">ISDN Card Connected to a Private Branch Exchange<a class="indexterm" name="id479726"></a></span></dt><dd><p>
Again, the configuration may vary depending on the equipment
installed:
</p><div class="orderedlist"><ol class="orderedlist" type="1"><li><p>
Smaller private branch exchanges (PBX) built for home purposes
mostly use the Euro-ISDN (EDSS1) protocol for internal calls. These
exchanges have an internal S0 bus and use internal numbers for the
equipment connected to them.
</p><p>
Use one of the internal numbers as your MSN. You should be able to
use at least one of the exchange's MSNs that have been enabled for
direct outward dialing. If this does not work, try a single zero.
For further information, consult the documentation delivered with
your phone exchange.
</p></li><li><p>
Larger phone exchanges designed for businesses normally use the 1TR6
protocol for internal calls. Their MSN is called EAZ and usually
corresponds to the direct-dial number. For the configuration under
Linux, it should be sufficient to enter the last digit of the EAZ.
As a last resort, try each of the digits from 1 to 9.
</p></li></ol></div></dd></dl></div><p>
For the connection to be terminated just before the next charge unit is
due, enable <span class="guimenu">ChargeHUP</span>. However, remember that may not
work with every ISP. You can also enable channel bundling (multilink PPP)
by selecting the corresponding option. Finally, you can enable the
firewall for your link by selecting <span class="guimenu">External Firewall
Interface</span> and <span class="guimenu">Restart Firewall</span>. To enable
the normal user without administrator permissions to activate or
deactivate the interface, select the <span class="guimenu">Enable Device Control for
Non-root User via KInternet</span>.
</p><p>
<span class="guimenu">Details</span> opens a dialog in which to implement more
complex connection schemes which are not relevant for normal home users.
Leave the <span class="guimenu">Details</span> dialog by selecting
<span class="guimenu">OK</span>.
</p><p>
In the next dialog, configure IP address settings. If you have not been
given a static IP by your provider, select <span class="guimenu">Dynamic IP
Address</span>. Otherwise, use the fields provided to enter your
host's local IP address and the remote IP address according to the
specifications of your ISP. If the interface should be the default route
to the Internet, select <span class="guimenu">Default Route</span>. Each host can
only have one interface configured as the default route. Leave this
dialog by selecting <span class="guimenu">Next</span>.
</p><p>
The following dialog allows you to set your country and select an ISP.
The ISPs included in the list are call-by-call providers only. If your
ISP is not in the list, select <span class="guimenu">New</span>. This opens the
<span class="guimenu">Provider Parameters</span> dialog in which to enter all the
details for your ISP. When entering the phone number, do not include any
blanks or commas among the digits. Finally, enter your login and the
password as provided by the ISP. When finished, select
<span class="guimenu">Next</span>.
</p><p>
To use <span class="guimenu">Dial on Demand</span> on a stand-alone workstation,
specify the name server (DNS server) as well. Most ISPs support dynamic
DNS, which means the IP address of a name server is sent by the ISP each
time you connect. For a single workstation, however, you still need to
provide a placeholder address like
<code class="systemitem">192.168.22.99</code>. If your ISP
does not support dynamic DNS, specify the name server IP addresses of the
ISP. If desired, specify a time-out for the connection—the period
of network inactivity (in seconds) after which the connection should be
automatically terminated. Confirm your settings with
<span class="guimenu">Next</span>. YaST displays a summary of the configured
interfaces. To activate these settings, select <span class="guimenu">OK</span>.
</p></div><div class="sect2" title="21.4.4. Cable Modem"><div class="titlepage"><div><div><h3 class="title"><a name="sec.basicnet.yast.cablemodem"></a>21.4.4. Cable Modem<span class="permalink"><a alt="Permalink" title="Copy Permalink" href="#sec.basicnet.yast.cablemodem">¶</a></span></h3></div></div></div><a class="indexterm" name="id479887"></a><a class="indexterm" name="id479896"></a><a class="indexterm" name="id479904"></a><p>
In some countries it is quite common to access the Internet through the
TV cable network. The TV cable subscriber usually gets a modem that is
connected to the TV cable outlet on one side and to a computer network
card on the other (using a 10Base-TG twisted pair cable). The cable modem
then provides a dedicated Internet connection with a fixed IP address.
</p><p>
Depending on the instructions provided by your ISP, when configuring the
network card either select <span class="guimenu">Dynamic Address</span> or
<span class="guimenu">Statically Assigned IP Address</span>. Most providers today
use DHCP. A static IP address often comes as part of a special business
account.
</p><p>
For further information about the configuration of cable modems, read the
Support Database article on the topic, which is available online at
<a class="ulink" href="http://en.opensuse.org/SDB:Setting_Up_an_Internet_Connection_via_Cable_Modem_with_SuSE_Linux_8.0_or_Higher" target="_top">http://en.opensuse.org/SDB:Setting_Up_an_Internet_Connection_via_Cable_Modem_with_SuSE_Linux_8.0_or_Higher</a>.
</p></div><div class="sect2" title="21.4.5. DSL"><div class="titlepage"><div><div><h3 class="title"><a name="sec.basicnet.yast.xdsl"></a>21.4.5. DSL<span class="permalink"><a alt="Permalink" title="Copy Permalink" href="#sec.basicnet.yast.xdsl">¶</a></span></h3></div></div></div><a class="indexterm" name="id479954"></a><a class="indexterm" name="id479962"></a><a class="indexterm" name="id479971"></a><p>
To configure your DSL device, select the <span class="guimenu">DSL</span> module
from the YaST <span class="guimenu">Network Devices</span> section. This YaST
module consists of several dialogs in which to set the parameters of DSL
links based on one of the following protocols:
</p><div class="itemizedlist"><ul class="itemizedlist" type="bullet"><li class="listitem" style="list-style-type: disc"><p>
PPP over Ethernet (PPPoE)
</p></li><li class="listitem" style="list-style-type: disc"><p>
PPP over ATM (PPPoATM)
</p></li><li class="listitem" style="list-style-type: disc"><p>
CAPI for ADSL (Fritz Cards)
</p></li><li class="listitem" style="list-style-type: disc"><p>
Point-to-Point Tunneling Protocol (PPTP)—Austria
</p></li></ul></div><p>
In the <span class="guimenu">DSL Devices</span> tab of the <span class="guimenu">DSL
Configuration Overview</span> dialog, you will find a list of
installed DSL devices. To change the configuration of a DSL device,
select it in the list and click <span class="guimenu">Edit</span>. If you click
<span class="guimenu">Add</span>, you can manually configure a new DSL device.
</p><p>
The configuration of a DSL connection based on PPPoE or PPTP requires
that the corresponding network card be set up in the correct way. If you
have not done so yet, first configure the card by selecting
<span class="guimenu">Configure Network Cards</span> (see
<a class="xref" href="cha.basicnet.html#sec.basicnet.yast.netcard" title="21.4.1. Configuring the Network Card with YaST">Section 21.4.1, “Configuring the Network Card with YaST”</a>). In the case of a DSL
link, addresses may be assigned automatically but not via DHCP, which is
why you should not enable the option <span class="guimenu">Dynamic Address</span>.
Instead, enter a static dummy address for the interface, such as
<code class="systemitem">192.168.22.1</code>. In
<span class="guimenu">Subnet Mask</span>, enter
<code class="systemitem">255.255.255.0</code>. If you are
configuring a stand-alone workstation, leave <span class="guimenu">Default
Gateway</span> empty.
</p><div class="tip"><table border="0" cellpadding="3" cellspacing="0" width="100%" summary="Tip"><tr class="head"><td width="32"><img alt="[Tip]" src="admon/tip.png"></td><th align="left"></th></tr><tr><td colspan="2" align="left" valign="top"><p>
Values in <span class="guimenu">IP Address</span> and <span class="guimenu">Subnet
Mask</span> are only placeholders. They are only needed to initialize
the network card and do not represent the DSL link as such.
</p></td></tr></table></div><p>
In the first DSL configuration dialog (see
<a class="xref" href="cha.basicnet.html#fig.yast2.adsl" title="Figure 21.7. DSL Configuration">Figure 21.7, “DSL Configuration”</a>), select the <span class="guimenu">PPP
Mode</span> and the <span class="guimenu">Ethernet Card</span> to which the DSL
modem is connected (in most cases, this is
<code class="systemitem">eth0</code>). Then use
<span class="guimenu">Activate Device</span> to specify whether the DSL link should
be established during the boot process. Click <span class="guimenu">Enable Device
Control for Non-root User via KInternet</span> to authorize the normal
user without root permissions to activate or deactivate the interface
with KInternet.
</p><p>
In the next dialog select your country and choose from a number of ISPs
operating in it. The details of any subsequent dialogs of the DSL
configuration depend on the options set so far, which is why they are
only briefly mentioned in the following paragraphs. For details on the
available options, read the detailed help available from the dialogs.
</p><div class="figure"><a name="fig.yast2.adsl"></a><p class="title"><b>Figure 21.7. DSL Configuration</b><span class="permalink"><a alt="Permalink" title="Copy Permalink" href="#fig.yast2.adsl">¶</a></span></p><div class="figure-contents"><div class="mediaobject"><table border="0" summary="manufactured viewport for HTML img" cellspacing="0" cellpadding="0" width="75%"><tr><td><img src="images/yast2_adsl.png" width="100%" alt="DSL Configuration"></td></tr></table></div></div></div><br class="figure-break"><p>
To use <span class="guimenu">Dial on Demand</span> on a stand-alone workstation,
also specify the name server (DNS server). Most ISPs support dynamic
DNS—the IP address of a name server is sent by the ISP each time
you connect. For a single workstation, however, provide a placeholder
address like <code class="systemitem">192.168.22.99</code>. If
your ISP does not support dynamic DNS, enter the name server IP address
provided by your ISP.
</p><p>
<span class="guimenu">Idle Time-Out (seconds)</span> defines a period of network
inactivity after which to terminate the connection automatically. A
reasonable time-out value is between 60 and 300 seconds. If <span class="guimenu">Dial
on Demand</span> is disabled, it may be useful to set the time-out to
zero to prevent automatic hang-up.
</p><p>
<a class="indexterm" name="id480223"></a> <a class="indexterm" name="id480234"></a> <a class="indexterm" name="id480245"></a> The configuration of T-DSL is very similar to the DSL setup.
Just select <span class="guimenu">T-Online</span> as your provider and YaST opens
the T-DSL configuration dialog. In this dialog, provide some additional
information required for T-DSL—the line ID, the T-Online number,
the user code and your password. All of these should be included in the
information you received after subscribing to T-DSL.
</p><a class="indexterm" name="id480263"></a></div></div><div class="sect1" title="21.5. NetworkManager"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="sec.basicnet.nm"></a>21.5. NetworkManager<span class="permalink"><a alt="Permalink" title="Copy Permalink" href="#sec.basicnet.nm">¶</a></span></h2></div></div></div><a class="indexterm" name="id480291"></a><p>
NetworkManager is the ideal solution for laptops and other portable computers. With
NetworkManager, you do not need to worry about configuring network interfaces and
switching between networks when you are moving.
</p><div class="sect2" title="21.5.1. NetworkManager and ifup"><div class="titlepage"><div><div><h3 class="title"><a name="sec.basicnet.nm.comparison"></a>21.5.1. NetworkManager and ifup<span class="permalink"><a alt="Permalink" title="Copy Permalink" href="#sec.basicnet.nm.comparison">¶</a></span></h3></div></div></div><p>
However, NetworkManager is not a suitable solution for all cases, so you can still
choose between the traditional method for managing network connections
(ifup) and NetworkManager. If you want to manage your network connection with NetworkManager,
enable NetworkManager in the YaST Network Settings module as described in
Section “Enabling NetworkManager” (Chapter 5, <i>Using NetworkManager</i>, ↑Start-Up) and configure your network connections
with NetworkManager. For a list of use cases and a detailed description how to
configure and use NetworkManager, refer to Chapter <i>Using NetworkManager</i> (↑Start-Up).
</p><p>
Some differences between ifup and NetworkManager include:
</p><div class="variablelist"><dl><dt><span class="term"><code class="systemitem">root</code> Privileges</span></dt><dd><p>
If you use NetworkManager for network setup, you can easily switch, stop or
start your network connection at any time from within your desktop
environment using an applet. NetworkManager also makes it possible to change and
configure wireless card connections without requiring <code class="systemitem">root</code>
privileges. For this reason, NetworkManager is the ideal solution for a mobile
workstation.
</p><p>
Traditional configuration with ifup also provides some ways to switch,
stop or start the connection with or without user intervention, like
user-managed devices. However, this always requires <code class="systemitem">root</code>
privileges to change or configure a network device. This is often a
problem for mobile computing, where it is not possible to preconfigure
all the connection possibilities.
</p></dd><dt><span class="term">Types of Network Connections</span></dt><dd><p>
Both traditional configuration and NetworkManager can handle network connections
with a wireless network (with WEP, WPA-PSK, and WPA-Enterprise
access), dial-up and wired networks using DHCP and static
configuration. They also support connection through VPN.
</p><p>
NetworkManager tries to keep your computer connected at all times using the best
connection available. If the network cable is accidentally
disconnected, it tries to reconnect. It can find the network with the
best signal strength from the list of your wireless connections and
automatically use it to connect. To get the same functionality with
ifup, a great deal of configuration effort is required.
</p></dd></dl></div></div><div class="sect2" title="21.5.2. NetworkManager Functionality and Configuration Files"><div class="titlepage"><div><div><h3 class="title"><a name="sec.basicnet.nm.functionality"></a>21.5.2. NetworkManager Functionality and Configuration Files<span class="permalink"><a alt="Permalink" title="Copy Permalink" href="#sec.basicnet.nm.functionality">¶</a></span></h3></div></div></div><p>
The individual network connection settings created with NetworkManager are stored
in configuration profiles. The <span class="emphasis"><em>system</em></span> connections
configured with either NetworkManager or YaST can be found in
<code class="filename">/etc/sysconfig/network/ifcfg-*</code>. Any user-defined
connections are stored in GConf for GNOME or
<code class="filename">$HOME/.kde4/share/apps/networkmanagement/*</code> for KDE.
</p><p>
In case no profile is configured, NetworkManager automatically creates one and
names it <code class="literal">Auto $INTERFACE-NAME</code>. That is made in an
attempt to work without any configuration for as many cases as (securely)
possible. If the automatically created profiles do not suit your needs,
use the network connection configuration dialogs provided by KDE or GNOME
to modify them as desired. For more information, refer to
Section “Configuring Network Connections” (Chapter 5, <i>Using NetworkManager</i>, ↑Start-Up).
</p></div><div class="sect2" title="21.5.3. Controlling and Locking Down NetworkManager Features"><div class="titlepage"><div><div><h3 class="title"><a name="sec.basicnet.nm.policykit"></a>21.5.3. Controlling and Locking Down NetworkManager Features<span class="permalink"><a alt="Permalink" title="Copy Permalink" href="#sec.basicnet.nm.policykit">¶</a></span></h3></div></div></div><p>
On centrally administered machines, certain NetworkManager features can be
controlled or disabled with PolicyKit, for example if a user is allowed to
modify administrator defined connections or if a user is allowed to
define his own network configurations. To view or change the respective
NetworkManager policies, start the graphical <span class="guimenu">Authorizations</span> tool
for PolicyKit. In the tree on the left side, find them below the
<span class="guimenu">network-manager-settings</span> entry. For an introduction to
PolicyKit and details on how to use it, refer to
Chapter <i>PolicyKit</i> (↑Security Guide).
</p></div></div><div class="sect1" title="21.6. Configuring a Network Connection Manually"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="sec.basicnet.manconf"></a>21.6. Configuring a Network Connection Manually<span class="permalink"><a alt="Permalink" title="Copy Permalink" href="#sec.basicnet.manconf">¶</a></span></h2></div></div></div><a class="indexterm" name="idx.networks_configuring"></a><a class="indexterm" name="idx.configuring_networks_manually"></a><p>
Manual configuration of the network software should always be the last
alternative. Using YaST is recommended. However, this background
information about the network configuration can also assist your work with
YaST.
</p><p>
When the Kernel detects a network card and creates a corresponding network
interface, it assigns the device a name depending on the order of device
discovery, or order of the loading of the Kernel modules. The default
Kernel device names are only predictable in very simple or tightly
controlled hardware environments. Systems which allow adding or removing
hardware during runtime or support automatic configuration of devices
cannot expect stable network device names assigned by the Kernel across
reboots.
</p><p>
However, all system configuration tools rely on persistent interface
names. This problem is solved by udev. The udev persistent net generator
(<code class="filename">/lib/udev/rules.d/75-persistent-net-generator.rules</code>)
generates a rule matching the hardware (using its hardware address by
default) and assigns a persistently unique interface for the hardware. The
udev database of network interfaces is stored in the file
<code class="filename">/etc/udev/rules.d/70-persistent-net.rules</code>. Every line
in the file describes one network interface and specifies its persistent
name. System administrators can change the assigned names by editing the
<code class="literal">NAME=""</code> entries. The persistent rules can also be
modified using YaST.
</p><p>
<a class="xref" href="cha.basicnet.html#tab.net.script.conf" title="Table 21.5. Manual Network Configuration Scripts">Table 21.5, “Manual Network Configuration Scripts”</a> summarizes the most important
scripts involved in the network configuration.
</p><div class="table"><a name="tab.net.script.conf"></a><p class="title"><b>Table 21.5. Manual Network Configuration Scripts</b><span class="permalink"><a alt="Permalink" title="Copy Permalink" href="#tab.net.script.conf">¶</a></span></p><div class="table-contents"><table summary="Manual Network Configuration Scripts" border="1"><colgroup><col><col></colgroup><thead><tr><th>
<p>
Command
</p>
</th><th>
<p>
Function
</p>
</th></tr></thead><tbody><tr><td>
<p>
<span class="command"><strong>ifup, ifdown, ifstatus</strong></span>
</p>
</td><td>
<p>
The <code class="literal">if</code> scripts start or stop network interfaces,
or return the status of the specified interface. For more
information, see the <code class="systemitem">ifup</code> manual page.
</p>
</td></tr><tr><td>
<p>
<span class="command"><strong>rcnetwork</strong></span>
</p>
</td><td>
<p>
The <code class="literal">rcnetwork</code> script can be used to start, stop or
restart all network interfaces (or just a specified one). Use
<span class="command"><strong>rcnetwork stop</strong></span> to stop, <span class="command"><strong>rcnetwork
start</strong></span> to start and <span class="command"><strong>rcnetwork restart</strong></span> to
restart network interfaces. If you want to stop, start or restart
just one interface, use the command followed by the interface name,
for example <span class="command"><strong>rcnetwork restart eth0</strong></span>.
The <span class="command"><strong>rcnetwork status</strong></span> command displays the state of
the interfaces, their IP addresses and whether a DHCP client is
running. With <span class="command"><strong>rcnetwork stop-all-dhcp-clients</strong></span> and
<span class="command"><strong>rcnetwork restart-all-dhcp-clients</strong></span> you can stop or
restart DHCP clients running on network interfaces.
</p>
</td></tr></tbody></table></div></div><br class="table-break"><p>
For more information about udev and persistent device names, see
<a class="xref" href="cha.udev.html" title="Chapter 19. Dynamic Kernel Device Management with udev">Chapter 19, <i>Dynamic Kernel Device Management with <code class="systemitem">udev</code></i></a>.
</p><div class="sect2" title="21.6.1. Configuration Files"><div class="titlepage"><div><div><h3 class="title"><a name="sec.basicnet.manconf.files"></a>21.6.1. Configuration Files<span class="permalink"><a alt="Permalink" title="Copy Permalink" href="#sec.basicnet.manconf.files">¶</a></span></h3></div></div></div><a class="indexterm" name="id480726"></a><a class="indexterm" name="idx.networks_configuration_files"></a><p>
This section provides an overview of the network configuration files and
explains their purpose and the format used.
</p><div class="sect3" title="21.6.1.1. /etc/sysconfig/network/ifcfg-*"><div class="titlepage"><div><div><h4 class="title"><a name="sec.basicnet.manconf.files.ifcfg"></a>21.6.1.1. <code class="filename">/etc/sysconfig/network/ifcfg-*</code><span class="permalink"><a alt="Permalink" title="Copy Permalink" href="#sec.basicnet.manconf.files.ifcfg">¶</a></span></h4></div></div></div><p>
These files contain the configurations for network interfaces. They
include information such as the start mode and the IP address. Possible
parameters are described in the manual page of
<code class="systemitem">ifup</code>. Additionally, most variables from the
<code class="filename">dhcp</code> and <code class="filename">wireless</code> files can be
used in the <code class="filename">ifcfg-*</code> files if a general setting
should be used for only one interface. However, most of the
<code class="filename">/etc/sysconfig/network/config</code> variables are global
and cannot be overridden in ifcfg-files. For example
<code class="systemitem">NETWORKMANAGER</code> or
<code class="systemitem">NETCONFIG_*</code> variables are global.
</p><p>
For <code class="filename">ifcfg.template</code>, see
<a class="xref" href="cha.basicnet.html#sec.basicnet.manconf.files.config-etc" title="21.6.1.2. /etc/sysconfig/network/config, /etc/sysconfig/network/dhcp, and /etc/sysconfig/network/wireless">Section 21.6.1.2, “<code class="filename">/etc/sysconfig/network/config</code>, <code class="filename">/etc/sysconfig/network/dhcp</code>, and <code class="filename">/etc/sysconfig/network/wireless</code>”</a>.
</p><a class="indexterm" name="id480806"></a></div><div class="sect3" title="21.6.1.2. /etc/sysconfig/network/config, /etc/sysconfig/network/dhcp, and /etc/sysconfig/network/wireless"><div class="titlepage"><div><div><h4 class="title"><a name="sec.basicnet.manconf.files.config-etc"></a>21.6.1.2. <code class="filename">/etc/sysconfig/network/config</code>, <code class="filename">/etc/sysconfig/network/dhcp</code>, and <code class="filename">/etc/sysconfig/network/wireless</code><span class="permalink"><a alt="Permalink" title="Copy Permalink" href="#sec.basicnet.manconf.files.config-etc">¶</a></span></h4></div></div></div><a class="indexterm" name="id480835"></a><a class="indexterm" name="id480844"></a><a class="indexterm" name="id480852"></a><p>
The file <code class="filename">config</code> contains general settings for the
behavior of <span class="command"><strong>ifup</strong></span>, <span class="command"><strong>ifdown</strong></span> and
<span class="command"><strong>ifstatus</strong></span>. <code class="filename">dhcp</code> contains settings
for DHCP and <code class="filename">wireless</code> for wireless LAN cards. The
variables in all three configuration files are commented. Some of the
variables from <code class="filename">/etc/sysconfig/network/config</code> can
also be used in <code class="filename">ifcfg-*</code> files, where they are given
a higher priority. The
<code class="filename">/etc/sysconfig/network/ifcfg.template</code> file lists
variables that can be specified in a per interface scope. However, most
of the <code class="filename">/etc/sysconfig/network/config</code> variables are
global and cannot be overridden in ifcfg-files. For example,
<code class="systemitem">NETWORKMANAGER</code> or
<code class="systemitem">NETCONFIG_*</code> variables are global.
</p></div><div class="sect3" title="21.6.1.3. /etc/sysconfig/network/routes and /etc/sysconfig/network/ifroute-*"><div class="titlepage"><div><div><h4 class="title"><a name="id480916"></a>21.6.1.3. <code class="filename">/etc/sysconfig/network/routes</code> and <code class="filename">/etc/sysconfig/network/ifroute-*</code><span class="permalink"><a alt="Permalink" title="Copy Permalink" href="#id480916">¶</a></span></h4></div></div></div><a class="indexterm" name="idx.routing"></a><a class="indexterm" name="id480936"></a><a class="indexterm" name="id480944"></a><a class="indexterm" name="id480953"></a><p>
The static routing of TCP/IP packets is determined here. All the static
routes required by the various system tasks can be entered in the
<code class="filename">/etc/sysconfig/network/routes</code> file: routes to a
host, routes to a host via a gateway and routes to a network. For each
interface that needs individual routing, define an additional
configuration file:
<code class="filename">/etc/sysconfig/network/ifroute-*</code>. Replace
<code class="literal">*</code> with the name of the interface. The entries in the
routing configuration files look like this: <a class="indexterm" name="id480980"></a>
</p><pre class="screen"># Destination Dummy/Gateway Netmask Device
#
127.0.0.0 0.0.0.0 255.255.255.0 lo
204.127.235.0 0.0.0.0 255.255.255.0 eth0
default 204.127.235.41 0.0.0.0 eth0
207.68.156.51 207.68.145.45 255.255.255.255 eth1
192.168.0.0 207.68.156.51 255.255.0.0 eth1</pre><p>
The route's destination is in the first column. This column may contain
the IP address of a network or host or, in the case of
<span class="emphasis"><em>reachable</em></span> name servers, the fully qualified network
or hostname.
</p><p>
The second column contains the default gateway or a gateway through
which a host or network can be accessed. The third column contains the
netmask for networks or hosts behind a gateway. For example, the mask is
<code class="systemitem">255.255.255.255</code> for a host
behind a gateway.
</p><p>
The fourth column is only relevant for networks connected to the local
host such as loopback, Ethernet, ISDN, PPP and dummy device. The device
name must be entered here.
</p><p>
An (optional) fifth column can be used to specify the type of a route.
Columns that are not needed should contain a minus sign
<code class="literal">-</code> to ensure that the parser correctly interprets the
command. For details, refer to the <code class="systemitem">routes(5)</code>
man page.
</p><p>
The unified format for IPv4 and IPv6 now looks as follows:
</p><pre class="screen">
<em class="replaceable"><code>prefix</code></em>/<em class="replaceable"><code>length</code></em> <em class="replaceable"><code>gateway</code></em> - [<em class="replaceable"><code>interface</code></em>]
</pre><p>
And the so-called compatibility format looks accordingly:
</p><pre class="screen"><em class="replaceable"><code>prefix</code></em> <em class="replaceable"><code>gateway</code></em> <em class="replaceable"><code>length</code></em> [<em class="replaceable"><code>interface</code></em>]
</pre><p>
For IPv4 you still can use the old format with netmask:
</p><pre class="screen"><em class="replaceable"><code>ipv4-network</code></em> <em class="replaceable"><code>gateway</code></em> <em class="replaceable"><code>ipv4-netmask</code></em> [<em class="replaceable"><code>interface</code></em>]
</pre><p>
The following examples are equivalent:
</p><pre class="screen">2001:db8:abba:cafe::/64 2001:db8:abba:cafe::dead - eth0
208.77.188.0/24 208.77.188.166 - eth0
2001:db8:abba:cafe:: 2001:db8:abba:cafe::dead 64 eth0
208.77.188.0 208.77.188.166 24 eth0
208.77.188.0 208.77.188.166 255.255.255.0 eth0
</pre><a class="indexterm" name="id481114"></a></div><div class="sect3" title="21.6.1.4. /etc/resolv.conf"><div class="titlepage"><div><div><h4 class="title"><a name="id481122"></a>21.6.1.4. <code class="filename">/etc/resolv.conf</code><span class="permalink"><a alt="Permalink" title="Copy Permalink" href="#id481122">¶</a></span></h4></div></div></div><a class="indexterm" name="id481128"></a><p>
The domain to which the host belongs is specified in this file (keyword
<code class="systemitem">search</code>). Also listed is the status of the name
server address to access (keyword <code class="systemitem">nameserver</code>).
Multiple domain names can be specified in the file. When resolving a
name that is not fully qualified, an attempt is made to generate one by
attaching the individual <code class="systemitem">search</code> entries.
Multiple name servers can be specified in multiple lines, each beginning
with <code class="systemitem">nameserver</code>. Comments are preceded by
<code class="literal">#</code> signs. <a class="xref" href="cha.basicnet.html#dat.netz.etc.resolv.conf" title="Example 21.5. /etc/resolv.conf">Example 21.5, “<code class="filename">/etc/resolv.conf</code>”</a>
shows what <code class="filename">/etc/resolv.conf</code> could look like.
<a class="indexterm" name="id481170"></a> <a class="indexterm" name="id481182"></a>
</p><p>
However, the <code class="filename">/etc/resolv.conf</code> should not be edited
by hand. Instead, it is generated by the <span class="command"><strong>netconfig</strong></span>
script. To define static DNS configuration without using YaST, edit
the appropriate variables manually in the
<code class="filename">/etc/sysconfig/network/config</code> file:
</p><div class="variablelist"><dl><dt><span class="term"><code class="systemitem">NETCONFIG_DNS_STATIC_SEARCHLIST</code>
</span></dt><dd><p>
list of DNS domain names used for hostname lookup
</p></dd><dt><span class="term"><code class="systemitem">NETCONFIG_DNS_STATIC_SERVERS</code>
</span></dt><dd><p>
list of name server IP addresses to use for hostname lookup
</p></dd><dt><span class="term"><code class="systemitem">NETCONFIG_DNS_FORWARDER</code>
</span></dt><dd><p>
defines the name of the DNS forwarder that has to be configured
</p></dd></dl></div><p>
To disable DNS configuration using netconfig, set
<code class="literal">NETCONFIG_DNS_POLICY=''</code>. For more information about
<span class="command"><strong>netconfig</strong></span>, see <span class="command"><strong>man 8 netconfig</strong></span>.
</p><div class="example"><a name="dat.netz.etc.resolv.conf"></a><p class="title"><b>Example 21.5. <code class="filename">/etc/resolv.conf</code></b><span class="permalink"><a alt="Permalink" title="Copy Permalink" href="#dat.netz.etc.resolv.conf">¶</a></span></p><div class="example-contents"><pre class="screen"># Our domain
search example.com
#
# We use dns.example.com (192.168.1.116) as nameserver
nameserver 192.168.1.116</pre></div></div><br class="example-break"></div><div class="sect3" title="21.6.1.5. /sbin/netconfig"><div class="titlepage"><div><div><h4 class="title"><a name="sec.basicnet.manconf.netconfig"></a>21.6.1.5. <code class="filename">/sbin/netconfig</code><span class="permalink"><a alt="Permalink" title="Copy Permalink" href="#sec.basicnet.manconf.netconfig">¶</a></span></h4></div></div></div><p>
<span class="command"><strong>netconfig</strong></span> is a modular tool to manage additional
network configuration settings. It merges statically defined settings
with settings provided by autoconfiguration mechanisms as DHCP or PPP
according to a predefined policy. The required changes are applied to
the system by calling the netconfig modules that are responsible for
modifying a configuration file and restarting a service or a similar
action.
</p><p>
<span class="command"><strong>netconfig</strong></span> recognizes three main actions. The
<span class="command"><strong>netconfig modify</strong></span> and <span class="command"><strong>netconfig
remove</strong></span> commands are used by daemons such as DHCP or PPP to
provide or remove settings to netconfig. Only the <span class="command"><strong>netconfig
update</strong></span> command is available for the user:
</p><div class="variablelist"><dl><dt><span class="term"><span class="command"><strong>modify</strong></span>
</span></dt><dd><p>
The <span class="command"><strong>netconfig modify</strong></span> command modifies the current
interface and service specific dynamic settings and updates the
network configuration. Netconfig reads settings from standard input
or from a file specified with the <code class="option">--lease-file
<em class="replaceable"><code>filename</code></em></code> option and internally
stores them until a system reboot (or the next modify or remove
action). Already existing settings for the same interface and service
combination are overwritten. The interface is specified by the
<code class="option">-i <em class="replaceable"><code>interface_name</code></em></code>
parameter. The service is specified by the <code class="option">-s
<em class="replaceable"><code>service_name</code></em></code> parameter.
</p></dd><dt><span class="term"><span class="command"><strong>remove</strong></span>
</span></dt><dd><p>
The <span class="command"><strong>netconfig remove</strong></span> command removes the dynamic
settings provided by a modificatory action for the specified
interface and service combination and updates the network
configuration. The interface is specified by the <code class="option">-i
<em class="replaceable"><code>interface_name</code></em></code> parameter. The
service is specified by the <code class="option">-s
<em class="replaceable"><code>service_name</code></em></code> parameter.
</p></dd><dt><span class="term"><span class="command"><strong>update</strong></span>
</span></dt><dd><p>
The <span class="command"><strong>netconfig update</strong></span> command updates the network
configuration using current settings. This is useful when the policy
or the static configuration has changed. Use the <code class="option">-m
<em class="replaceable"><code>module_type</code></em></code> parameter, if you
want to update a specified service only
(<code class="systemitem">dns</code>, <code class="systemitem">nis</code>, or
<code class="systemitem">ntp</code>).
</p></dd></dl></div><p>
The netconfig policy and the static configuration settings are defined
either manually or using YaST in the
<code class="filename">/etc/sysconfig/network/config</code> file. The dynamic
configuration settings provided by autoconfiguration tools as DHCP or
PPP are delivered directly by these tools with the <span class="command"><strong>netconfig
modify</strong></span> and <span class="command"><strong>netconfig remove</strong></span> actions. NetworkManager
also uses <span class="command"><strong>netconfig modify</strong></span> and <span class="command"><strong>netconfig
remove</strong></span> actions. When NetworkManager is enabled, netconfig (in policy
mode <code class="literal">auto</code>) uses only NetworkManager settings, ignoring settings
from any other interfaces configured using the traditional ifup method.
If NetworkManager does not provide any setting, static settings are used as a
fallback. A mixed usage of NetworkManager and the traditional ifup method is not
supported.
</p><p>
For more information about <span class="command"><strong>netconfig</strong></span>, see
<span class="command"><strong>man 8 netconfig</strong></span>.
</p></div><div class="sect3" title="21.6.1.6. /etc/hosts"><div class="titlepage"><div><div><h4 class="title"><a name="sec.basicnet.manconf.hosts"></a>21.6.1.6. <code class="filename">/etc/hosts</code><span class="permalink"><a alt="Permalink" title="Copy Permalink" href="#sec.basicnet.manconf.hosts">¶</a></span></h4></div></div></div><a class="indexterm" name="id481520"></a><p>
In this file, shown in <a class="xref" href="cha.basicnet.html#dat.netz.etc.hosts" title="Example 21.6. /etc/hosts">Example 21.6, “<code class="filename">/etc/hosts</code>”</a>, IP
addresses are assigned to hostnames. If no name server is implemented,
all hosts to which an IP connection will be set up must be listed here.
For each host, enter a line consisting of the IP address, the fully
qualified hostname, and the hostname into the file. The IP address must
be at the beginning of the line and the entries separated by blanks and
tabs. Comments are always preceded by the <code class="literal">#</code> sign.
</p><div class="example"><a name="dat.netz.etc.hosts"></a><p class="title"><b>Example 21.6. <code class="filename">/etc/hosts</code></b><span class="permalink"><a alt="Permalink" title="Copy Permalink" href="#dat.netz.etc.hosts">¶</a></span></p><div class="example-contents"><pre class="screen">127.0.0.1 localhost
192.168.2.100 jupiter.example.com jupiter
192.168.2.101 venus.example.com venus</pre></div></div><br class="example-break"></div><div class="sect3" title="21.6.1.7. /etc/networks"><div class="titlepage"><div><div><h4 class="title"><a name="id481563"></a>21.6.1.7. <code class="filename">/etc/networks</code><span class="permalink"><a alt="Permalink" title="Copy Permalink" href="#id481563">¶</a></span></h4></div></div></div><a class="indexterm" name="id481569"></a><p>
Here, network names are converted to network addresses. The format is
similar to that of the <code class="filename">hosts</code> file, except the
network names precede the addresses. See
<a class="xref" href="cha.basicnet.html#dat.netz.networks" title="Example 21.7. /etc/networks">Example 21.7, “<code class="filename">/etc/networks</code>”</a>.
</p><div class="example"><a name="dat.netz.networks"></a><p class="title"><b>Example 21.7. <code class="filename">/etc/networks</code></b><span class="permalink"><a alt="Permalink" title="Copy Permalink" href="#dat.netz.networks">¶</a></span></p><div class="example-contents"><pre class="screen">loopback 127.0.0.0
localnet 192.168.0.0</pre></div></div><br class="example-break"></div><div class="sect3" title="21.6.1.8. /etc/host.conf"><div class="titlepage"><div><div><h4 class="title"><a name="id481609"></a>21.6.1.8. <code class="filename">/etc/host.conf</code><span class="permalink"><a alt="Permalink" title="Copy Permalink" href="#id481609">¶</a></span></h4></div></div></div><a class="indexterm" name="id481615"></a><p>
Name resolution—the translation of host and network names via the
<span class="emphasis"><em>resolver</em></span> library—is controlled by this file.
This file is only used for programs linked to libc4 or libc5. For
current glibc programs, refer to the settings in
<code class="filename">/etc/nsswitch.conf</code>. A parameter must always stand
alone in its own line. Comments are preceded by a <code class="literal">#</code>
sign. <a class="xref" href="cha.basicnet.html#tab.netz.param.hostconf" title="Table 21.6. Parameters for /etc/host.conf">Table 21.6, “Parameters for /etc/host.conf”</a> shows the parameters
available. A sample <code class="filename">/etc/host.conf</code> is shown in
<a class="xref" href="cha.basicnet.html#dat.netz.etc.hostconf" title="Example 21.8. /etc/host.conf">Example 21.8, “<code class="filename">/etc/host.conf</code>”</a>.
</p><div class="table"><a name="tab.netz.param.hostconf"></a><p class="title"><b>Table 21.6. Parameters for /etc/host.conf</b><span class="permalink"><a alt="Permalink" title="Copy Permalink" href="#tab.netz.param.hostconf">¶</a></span></p><div class="table-contents"><table summary="Parameters for /etc/host.conf" border="1"><colgroup><col><col></colgroup><tbody><tr><td align="left">
<p>
order <span class="emphasis"><em>hosts</em></span>, <span class="emphasis"><em>bind</em></span>
</p>
</td><td align="left">
<p>
Specifies in which order the services are accessed for the name
resolution. Available arguments are (separated by blank spaces or
commas):
</p>
</td></tr><tr><td align="left">
<p></p>
</td><td align="left">
<p>
<span class="emphasis"><em>hosts</em></span>: searches the
<code class="filename">/etc/hosts</code> file
</p>
</td></tr><tr><td align="left">
<p></p>
</td><td align="left">
<p>
<span class="emphasis"><em>bind</em></span>: accesses a name server
</p>
</td></tr><tr><td align="left">
<p></p>
</td><td align="left">
<p>
<span class="emphasis"><em>nis</em></span>: uses NIS
</p>
</td></tr><tr><td align="left">
<p>
multi <span class="emphasis"><em>on</em></span>/<span class="emphasis"><em>off</em></span>
</p>
</td><td align="left">
<p>
Defines if a host entered in <code class="filename">/etc/hosts</code> can
have multiple IP addresses.
</p>
</td></tr><tr><td align="left">
<p>
nospoof <span class="emphasis"><em>on</em></span> spoofalert
<span class="emphasis"><em>on</em></span>/<span class="emphasis"><em>off</em></span>
</p>
</td><td align="left">
<p>
These parameters influence the name server
<span class="emphasis"><em>spoofing</em></span> but do not exert any influence on the
network configuration.
</p>
</td></tr><tr><td align="left">
<p>
trim <span class="emphasis"><em>domainname</em></span>
</p>
</td><td align="left">
<p>
The specified domain name is separated from the hostname after
hostname resolution (as long as the hostname includes the domain
name). This option is useful only if names from the local domain
are in the <code class="filename">/etc/hosts</code> file, but should still
be recognized with the attached domain names.
</p>
</td></tr></tbody></table></div></div><br class="table-break"><div class="example"><a name="dat.netz.etc.hostconf"></a><p class="title"><b>Example 21.8. <code class="filename">/etc/host.conf</code></b><span class="permalink"><a alt="Permalink" title="Copy Permalink" href="#dat.netz.etc.hostconf">¶</a></span></p><div class="example-contents"><pre class="screen"># We have named running
order hosts bind
# Allow multiple address
multi on</pre></div></div><br class="example-break"></div><div class="sect3" title="21.6.1.9. /etc/nsswitch.conf"><div class="titlepage"><div><div><h4 class="title"><a name="id481885"></a>21.6.1.9. <code class="filename">/etc/nsswitch.conf</code><span class="permalink"><a alt="Permalink" title="Copy Permalink" href="#id481885">¶</a></span></h4></div></div></div><a class="indexterm" name="id481890"></a><p>
The introduction of the GNU C Library 2.0 was accompanied by the
introduction of the <span class="emphasis"><em>Name Service Switch</em></span> (NSS).
Refer to the <code class="systemitem">nsswitch.conf(5)</code> man page and
<span class="emphasis"><em>The GNU C Library Reference Manual</em></span> for details.
<a class="indexterm" name="id481915"></a>
</p><p>
The order for queries is defined in the file
<code class="filename">/etc/nsswitch.conf</code>. A sample
<code class="filename">nsswitch.conf</code> is shown in
<a class="xref" href="cha.basicnet.html#dat.netz.nsswitchconf" title="Example 21.9. /etc/nsswitch.conf">Example 21.9, “<code class="filename">/etc/nsswitch.conf</code>”</a>. Comments are preceded by
<code class="literal">#</code> signs. In this example, the entry under the
<code class="filename">hosts</code> database means that a request is sent to
<code class="filename">/etc/hosts</code> (<code class="option">files</code>) via
DNS.
</p><div class="example"><a name="dat.netz.nsswitchconf"></a><p class="title"><b>Example 21.9. <code class="filename">/etc/nsswitch.conf</code></b><span class="permalink"><a alt="Permalink" title="Copy Permalink" href="#dat.netz.nsswitchconf">¶</a></span></p><div class="example-contents"><pre class="screen">passwd: compat
group: compat
hosts: files dns
networks: files dns
services: db files
protocols: db files
netgroup: files
automount: files nis</pre></div></div><br class="example-break"><p>
The <span class="quote">“<span class="quote">databases</span>”</span> available over NSS are listed in
<a class="xref" href="cha.basicnet.html#tab.netz.nnswitch.db" title="Table 21.7. Databases Available via /etc/nsswitch.conf">Table 21.7, “Databases Available via /etc/nsswitch.conf”</a>. In addition,
<code class="literal">automount</code>, <code class="literal">bootparams</code>,
<code class="literal">netmasks</code> and <code class="literal">publickey</code> are
expected in the near future. <a class="indexterm" name="id481998"></a> The configuration options for NSS databases are listed in
<a class="xref" href="cha.basicnet.html#tab.netz.nnswitch.conf" title="Table 21.8. Configuration Options for NSS “Databases”">Table 21.8, “Configuration Options for NSS <span class="quote">“<span class="quote">Databases</span>”</span>”</a>.
</p><div class="table"><a name="tab.netz.nnswitch.db"></a><p class="title"><b>Table 21.7. Databases Available via /etc/nsswitch.conf</b><span class="permalink"><a alt="Permalink" title="Copy Permalink" href="#tab.netz.nnswitch.db">¶</a></span></p><div class="table-contents"><table summary="Databases Available via /etc/nsswitch.conf" border="1"><colgroup><col><col></colgroup><tbody><tr><td align="left">
<p>
<code class="option">aliases</code>
</p>
</td><td align="left">
<p>
Mail aliases implemented by <code class="filename">sendmail</code>; see
<span class="command"><strong>man</strong></span> <code class="option">5 aliases</code>.
</p>
</td></tr><tr><td align="left">
<p>
<code class="option">ethers</code>
</p>
</td><td align="left">
<p>
Ethernet addresses.
</p>
</td></tr><tr><td align="left">
<p>
<code class="option">group</code>
</p>
</td><td align="left">
<p>
For user groups used by <code class="filename">getgrent</code>. See also the
man page for <span class="command"><strong>group</strong></span>.
</p>
</td></tr><tr><td align="left">
<p>
<code class="option">hosts</code>
</p>
</td><td align="left">
<p>
For hostnames and IP addresses, used by
<code class="filename">gethostbyname</code> and similar functions.
</p>
</td></tr><tr><td align="left">
<p>
<code class="option">netgroup</code>
</p>
</td><td align="left">
<p>
Valid host and user lists in the network for the purpose of
controlling access permissions; see the
<code class="systemitem">netgroup(5)</code> man page.
</p>
</td></tr><tr><td align="left">
<p>
<code class="option">networks</code>
</p>
</td><td align="left">
<p>
Network names and addresses, used by
<code class="filename">getnetent</code>.
</p>
</td></tr><tr><td align="left">
<p>
<code class="option">passwd</code>
</p>
</td><td align="left">
<p>
User passwords, used by <code class="filename">getpwent</code>; see the
<code class="systemitem">passwd(5)</code> man page.
</p>
</td></tr><tr><td align="left">
<p>
<code class="option">protocols</code>
</p>
</td><td align="left">
<p>
Network protocols, used by <code class="filename">getprotoent</code>; see
the <code class="systemitem">protocols(5)</code> man page.
</p>
</td></tr><tr><td align="left">
<p>
<code class="option">rpc</code>
</p>
</td><td align="left">
<p>
Remote procedure call names and addresses, used by
<code class="filename">getrpcbyname</code> and similar functions.
</p>
</td></tr><tr><td align="left">
<p>
<code class="option">services</code>
</p>
</td><td align="left">
<p>
Network services, used by <code class="filename">getservent</code>.
</p>
</td></tr><tr><td align="left">
<p>
<code class="option">shadow</code>
</p>
</td><td align="left">
<p>
Shadow passwords of users, used by <code class="filename">getspnam</code>;
see the <code class="option">shadow(5)</code> man page.
</p>
</td></tr></tbody></table></div></div><br class="table-break"><div class="table"><a name="tab.netz.nnswitch.conf"></a><p class="title"><b>Table 21.8. Configuration Options for NSS <span class="quote">“<span class="quote">Databases</span>”</span></b><span class="permalink"><a alt="Permalink" title="Copy Permalink" href="#tab.netz.nnswitch.conf">¶</a></span></p><div class="table-contents"><table summary="Configuration Options for NSS Databases" border="1"><colgroup><col><col></colgroup><tbody><tr><td align="left">
<p>
<code class="option">files</code>
</p>
</td><td align="left">
<p>
directly access files, for example,
<code class="filename">/etc/aliases</code>
</p>
</td></tr><tr><td align="left">
<p>
<code class="option">db</code>
</p>
</td><td align="left">
<p>
access via a database
</p>
</td></tr><tr><td align="left">
<p>
<code class="option">nis</code>, <code class="option">nisplus</code>
</p>
</td><td align="left">
<p>
NIS, see also Chapter <i>Using NIS</i> (↑Security Guide)
</p>
</td></tr><tr><td align="left">
<p>
<code class="option">dns</code>
</p>
</td><td align="left">
<p>
can only be used as an extension for <code class="option">hosts</code> and
<code class="option">networks</code>
</p>
</td></tr><tr><td align="left">
<p>
<code class="option">compat</code>
</p>
</td><td align="left">
<p>
can only be used as an extension for <code class="option">passwd</code>,
<code class="option">shadow</code> and <code class="option">group</code>
</p>
</td></tr></tbody></table></div></div><br class="table-break"></div><div class="sect3" title="21.6.1.10. /etc/nscd.conf"><div class="titlepage"><div><div><h4 class="title"><a name="id482520"></a>21.6.1.10. <code class="filename">/etc/nscd.conf</code><span class="permalink"><a alt="Permalink" title="Copy Permalink" href="#id482520">¶</a></span></h4></div></div></div><a class="indexterm" name="id482526"></a><p>
This file is used to configure nscd (name service cache daemon). See the
<code class="systemitem">nscd(8)</code> and
<code class="systemitem">nscd.conf(5)</code> man pages. By default, the system
entries of <code class="option">passwd</code> and <code class="option">groups</code> are
cached by nscd. This is important for the performance of directory
services, like NIS and LDAP, because otherwise the network connection
needs to be used for every access to names or groups.
<code class="option">hosts</code> is not cached by default, because the mechanism
in nscd to cache hosts makes the local system unable to trust forward
and reverse lookup checks. Instead of asking nscd to cache names, set up
a caching DNS server.
</p><p>
If the caching for <code class="option">passwd</code> is activated, it usually
takes about fifteen seconds until a newly added local user is
recognized. Reduce this waiting time by restarting nscd with the command
<span class="command"><strong>rcnscd</strong></span> <code class="option">restart</code>.
</p></div><div class="sect3" title="21.6.1.11. /etc/HOSTNAME"><div class="titlepage"><div><div><h4 class="title"><a name="id482580"></a>21.6.1.11. <code class="filename">/etc/HOSTNAME </code><span class="permalink"><a alt="Permalink" title="Copy Permalink" href="#id482580">¶</a></span></h4></div></div></div><a class="indexterm" name="id482586"></a><p>
This contains the fully qualified hostname with the domain name
attached. This file is read by several scripts while the machine is
booting. It must contain only one line (in which the hostname is set).
</p><a class="indexterm" name="id482600"></a></div></div><div class="sect2" title="21.6.2. Testing the Configuration"><div class="titlepage"><div><div><h3 class="title"><a name="sec.basicnet.manconf.testing"></a>21.6.2. Testing the Configuration<span class="permalink"><a alt="Permalink" title="Copy Permalink" href="#sec.basicnet.manconf.testing">¶</a></span></h3></div></div></div><p>
Before you write your configuration to the configuration files, you can
test it. To set up a test configuration, use the <span class="command"><strong>ip</strong></span>
command. To test the connection, use the <span class="command"><strong>ping</strong></span> command.
Older configuration tools, <span class="command"><strong>ifconfig</strong></span> and
<span class="command"><strong>route</strong></span>, are also available.
</p><p>
The commands <span class="command"><strong>ip</strong></span>, <span class="command"><strong>ifconfig</strong></span> and
<span class="command"><strong>route</strong></span> change the network configuration directly
without saving it in the configuration file. Unless you enter your
configuration in the correct configuration files, the changed network
configuration is lost on reboot.
</p><div class="sect3" title="21.6.2.1. Configuring a Network Interface with ip"><div class="titlepage"><div><div><h4 class="title"><a name="sec.basicnet.manconf.ip"></a>21.6.2.1. Configuring a Network Interface with ip<span class="permalink"><a alt="Permalink" title="Copy Permalink" href="#sec.basicnet.manconf.ip">¶</a></span></h4></div></div></div><a class="indexterm" name="id482665"></a><p>
<span class="command"><strong>ip</strong></span> is a tool to show and configure network devices,
routing, policy routing, and tunnels.
</p><p>
<span class="command"><strong>ip</strong></span> is a very complex tool. Its common syntax is
<span class="command"><strong>ip</strong></span> <code class="option"><em class="replaceable"><code>options</code></em>
<em class="replaceable"><code>object</code></em>
<em class="replaceable"><code>command</code></em></code>. You can work with the
following objects:
</p><div class="variablelist"><dl><dt><span class="term">link</span></dt><dd><p>
This object represents a network device.
</p></dd><dt><span class="term">address</span></dt><dd><p>
This object represents the IP address of device.
</p></dd><dt><span class="term">neighbour</span></dt><dd><p>
This object represents a ARP or NDISC cache entry.
</p></dd><dt><span class="term">route</span></dt><dd><p>
This object represents the routing table entry.
</p></dd><dt><span class="term">rule</span></dt><dd><p>
This object represents a rule in the routing policy database.
</p></dd><dt><span class="term">maddress</span></dt><dd><p>
This object represents a multicast address.
</p></dd><dt><span class="term">mroute</span></dt><dd><p>
This object represents a multicast routing cache entry.
</p></dd><dt><span class="term">tunnel</span></dt><dd><p>
This object represents a tunnel over IP.
</p></dd></dl></div><p>
If no command is given, the default command is used (usually
<span class="command"><strong>list</strong></span>).
</p><p>
Change the state of a device with the command <span class="command"><strong>ip link
set</strong></span> <code class="option"><em class="replaceable"><code>device_name</code></em></code> <span class="command"><strong><em class="replaceable"><code>command</code></em></strong></span>.
For example, to deactivate device eth0, enter <span class="command"><strong>ip link
set</strong></span> <code class="option">eth0 down</code>. To activate it again, use
<span class="command"><strong>ip link set</strong></span> <code class="option">eth0 up</code>.
</p><p>
After activating a device, you can configure it. To set the IP address,
use <span class="command"><strong>ip addr
add</strong></span> <code class="option"><em class="replaceable"><code>ip_address</code></em> + dev
<em class="replaceable"><code>device_name</code></em></code>. For example, to set the
address of the interface eth0 to 192.168.12.154/30 with standard
broadcast (option <code class="option">brd</code>), enter <span class="command"><strong>ip
addr</strong></span> <code class="option">add 192.168.12.154/30 brd + dev
eth0</code>.
</p><p>
To have a working connection, you must also configure the default
gateway. To set a gateway for your system, enter <span class="command"><strong>ip route
add</strong></span> <code class="option">gateway_ip_address</code>. To translate one
IP address to another, use <span class="command"><strong>nat</strong></span>: <span class="command"><strong>ip route add
nat</strong></span> <code class="option">ip_address</code> <span class="command"><strong>via</strong></span> <code class="option">other_ip_address</code>.
</p><p>
To display all devices, use <span class="command"><strong>ip link ls</strong></span>. To display
the running interfaces only, use <span class="command"><strong>ip link ls up</strong></span>. To
print interface statistics for a device, enter <span class="command"><strong>ip -s link
ls</strong></span> <code class="option">device_name</code>. To view addresses of
your devices, enter <span class="command"><strong>ip addr</strong></span>. In the output of the
<span class="command"><strong>ip addr</strong></span>, also find information about MAC addresses of
your devices. To show all routes, use <span class="command"><strong>ip route show</strong></span>.
</p><p>
For more information about using ip, enter
<span class="command"><strong>ip</strong></span> <code class="option">help</code> or see the
<code class="systemitem">ip(8)</code> man page. The <code class="option">help</code>
option is also available for all ip objects. If, for example, you need
help for <span class="command"><strong>ip</strong></span> <code class="option">addr</code>, enter
<span class="command"><strong>ip</strong></span> <code class="option">addr help</code>. Find the ip
manual in
<code class="filename">/usr/share/doc/packages/iproute2/ip-cref.pdf</code>.
</p></div><div class="sect3" title="21.6.2.2. Testing a Connection with ping"><div class="titlepage"><div><div><h4 class="title"><a name="sec.basicnet.manconf.testingping"></a>21.6.2.2. Testing a Connection with ping<span class="permalink"><a alt="Permalink" title="Copy Permalink" href="#sec.basicnet.manconf.testingping">¶</a></span></h4></div></div></div><a class="indexterm" name="id483014"></a><a class="indexterm" name="id483023"></a><p>
The <span class="command"><strong>ping</strong></span> command is the standard tool for testing
whether a TCP/IP connection works. It uses the ICMP protocol to send a
small data packet, ECHO_REQUEST datagram, to the destination host,
requesting an immediate reply. If this works, <span class="command"><strong>ping</strong></span>
displays a message to that effect, which indicates that the network link
is basically functioning.
</p><p>
<span class="command"><strong>ping</strong></span> does more than only test the function of the
connection between two computers: it also provides some basic
information about the quality of the connection. In
<a class="xref" href="cha.basicnet.html#ex.basicnet.manconf.ping" title="Example 21.10. Output of the Command ping">Example 21.10, “Output of the Command ping”</a>, you can see an example
of the <span class="command"><strong>ping</strong></span> output. The second-to-last line contains
information about the number of transmitted packets, packet loss, and
total time of <span class="command"><strong>ping</strong></span> running.
</p><p>
As the destination, you can use a hostname or IP address, for example,
<span class="command"><strong>ping</strong></span> <code class="option">example.com</code> or
<span class="command"><strong>ping</strong></span> <code class="option">192.168.3.100</code>. The program sends
packets until you press
<span class="keycap">Ctrl</span>+<span class="keycap">C</span>.
</p><p>
If you only need to check the functionality of the connection, you can
limit the number of the packets with the <code class="option">-c</code> option. For
example to limit ping to three packets, enter
<span class="command"><strong>ping</strong></span> <code class="option">-c 3 example.com</code>.
</p><div class="example"><a name="ex.basicnet.manconf.ping"></a><p class="title"><b>Example 21.10. Output of the Command ping</b><span class="permalink"><a alt="Permalink" title="Copy Permalink" href="#ex.basicnet.manconf.ping">¶</a></span></p><div class="example-contents"><pre class="screen">ping -c 3 example.com
PING example.com (192.168.3.100) 56(84) bytes of data.
64 bytes from example.com (192.168.3.100): icmp_seq=1 ttl=49 time=188 ms
64 bytes from example.com (192.168.3.100): icmp_seq=2 ttl=49 time=184 ms
64 bytes from example.com (192.168.3.100): icmp_seq=3 ttl=49 time=183 ms
--- example.com ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2007ms
rtt min/avg/max/mdev = 183.417/185.447/188.259/2.052 ms</pre></div></div><br class="example-break"><p>
The default interval between two packets is one second. To change the
interval, ping provides the option <code class="option">-i</code>. For example, to
increase the ping interval to ten seconds, enter
<span class="command"><strong>ping</strong></span> <code class="option">-i 10 example.com</code>.
</p><p>
In a system with multiple network devices, it is sometimes useful to
send the ping through a specific interface address. To do so, use the
<code class="option">-I</code> option with the name of the selected device, for
example, <span class="command"><strong>ping</strong></span> <code class="option">-I wlan1
example.com</code>.
</p><p>
For more options and information about using ping, enter
<span class="command"><strong>ping</strong></span> <code class="option">-h</code> or see the
<code class="systemitem">ping (8)</code> man page.
</p><div class="tip"><table border="0" cellpadding="3" cellspacing="0" width="100%" summary="Tip: Pinging IPv6 Addresses"><tr class="head"><td width="32"><img alt="[Tip]" src="admon/tip.png"></td><th align="left">Pinging IPv6 Addresses</th></tr><tr><td colspan="2" align="left" valign="top"><p>
For IPv6 addresses use the <span class="command"><strong>ping6</strong></span> command. Note, to
ping link-local addresses, you must specify the interface with
<code class="option">-I</code>. The following command works, if the address is
reachable via <code class="literal">eth1</code>:
</p><pre class="screen">ping6 -I eth1 fe80::117:21ff:feda:a425</pre></td></tr></table></div></div><div class="sect3" title="21.6.2.3. Configuring the Network with ifconfig"><div class="titlepage"><div><div><h4 class="title"><a name="sec.basicnet.manconf.testingifconfig"></a>21.6.2.3. Configuring the Network with ifconfig<span class="permalink"><a alt="Permalink" title="Copy Permalink" href="#sec.basicnet.manconf.testingifconfig">¶</a></span></h4></div></div></div><a class="indexterm" name="id483212"></a><p>
<span class="command"><strong>ifconfig</strong></span> is a network configuration tool.
</p><div class="note"><table border="0" cellpadding="3" cellspacing="0" width="100%" summary="Note: ifconfig and ip"><tr class="head"><td width="32"><img alt="[Note]" src="admon/note.png"></td><th align="left">ifconfig and ip</th></tr><tr><td colspan="2" align="left" valign="top"><p>
The ifconfig tool is obsolete. Use ip instead. In contrast to ip, you
can use ifconfig only for interface configuration. It limits interface
names to 9 characters.
</p></td></tr></table></div><p>
Without arguments, ifconfig displays the status of the currently active
interfaces. As you can see in
<a class="xref" href="cha.basicnet.html#ex.basicnet.manconf.ifconfig" title="Example 21.11. Output of the ifconfig Command">Example 21.11, “Output of the ifconfig Command”</a>, ifconfig has very
well-arranged and detailed output. The output also contains information
about the MAC address of your device (the value of
<code class="option">HWaddr</code>) in the first line.
</p><div class="example"><a name="ex.basicnet.manconf.ifconfig"></a><p class="title"><b>Example 21.11. Output of the ifconfig Command</b><span class="permalink"><a alt="Permalink" title="Copy Permalink" href="#ex.basicnet.manconf.ifconfig">¶</a></span></p><div class="example-contents"><pre class="screen">eth0 Link encap:Ethernet HWaddr 00:08:74:98:ED:51
inet6 addr: fe80::208:74ff:fe98:ed51/64 Scope:Link
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:634735 errors:0 dropped:0 overruns:4 frame:0
TX packets:154779 errors:0 dropped:0 overruns:0 carrier:1
collisions:0 txqueuelen:1000
RX bytes:162531992 (155.0 Mb) TX bytes:49575995 (47.2 Mb)
Interrupt:11 Base address:0xec80
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:8559 errors:0 dropped:0 overruns:0 frame:0
TX packets:8559 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:533234 (520.7 Kb) TX bytes:533234 (520.7 Kb)
wlan1 Link encap:Ethernet HWaddr 00:0E:2E:52:3B:1D
inet addr:192.168.2.4 Bcast:192.168.2.255 Mask:255.255.255.0
inet6 addr: fe80::20e:2eff:fe52:3b1d/64 Scope:Link
UP BROADCAST NOTRAILERS RUNNING MULTICAST MTU:1500 Metric:1
RX packets:50828 errors:0 dropped:0 overruns:0 frame:0
TX packets:43770 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:45978185 (43.8 Mb) TX bytes:7526693 (7.1 MB)</pre></div></div><br class="example-break"><p>
For more options and information about using ifconfig, enter
<span class="command"><strong>ifconfig</strong></span> <code class="option">-h</code> or see the
<code class="systemitem">ifconfig (8)</code> man page.
</p></div><div class="sect3" title="21.6.2.4. Configuring Routing with route"><div class="titlepage"><div><div><h4 class="title"><a name="id483300"></a>21.6.2.4. Configuring Routing with route<span class="permalink"><a alt="Permalink" title="Copy Permalink" href="#id483300">¶</a></span></h4></div></div></div><a class="indexterm" name="id483305"></a><p>
<span class="command"><strong>route</strong></span> is a program for manipulating the IP routing
table. You can use it to view your routing configuration and to add or
remove routes.
</p><div class="note"><table border="0" cellpadding="3" cellspacing="0" width="100%" summary="Note: route and ip"><tr class="head"><td width="32"><img alt="[Note]" src="admon/note.png"></td><th align="left">route and ip</th></tr><tr><td colspan="2" align="left" valign="top"><p>
The program route is obsolete. Use ip instead.
</p></td></tr></table></div><p>
route is especially useful if you need quick and comprehensible
information about your routing configuration to determine problems with
routing. To view your current routing configuration, enter
<span class="command"><strong>route</strong></span> <code class="option">-n</code> as <code class="systemitem">root</code>.
</p><div class="example"><a name="ex.basicnet.manconf.route"></a><p class="title"><b>Example 21.12. Output of the route -n Command</b><span class="permalink"><a alt="Permalink" title="Copy Permalink" href="#ex.basicnet.manconf.route">¶</a></span></p><div class="example-contents"><pre class="screen">
route -n
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
10.20.0.0 * 255.255.248.0 U 0 0 0 eth0
link-local * 255.255.0.0 U 0 0 0 eth0
loopback * 255.0.0.0 U 0 0 0 lo
default styx.exam.com 0.0.0.0 UG 0 0 0 eth0</pre></div></div><br class="example-break"><p>
For more options and information about using route, enter
<span class="command"><strong>route</strong></span> <code class="option">-h</code> or see the
<code class="systemitem">route (8)</code> man page.
</p></div></div><div class="sect2" title="21.6.3. Start-Up Scripts"><div class="titlepage"><div><div><h3 class="title"><a name="sec.basicnet.manconf.scripts"></a>21.6.3. Start-Up Scripts<span class="permalink"><a alt="Permalink" title="Copy Permalink" href="#sec.basicnet.manconf.scripts">¶</a></span></h3></div></div></div><a class="indexterm" name="id483400"></a><p>
Apart from the configuration files described above, there are also
various scripts that load the network programs while the machine is
booting. These are started as soon as the system is switched to one of
the <span class="emphasis"><em>multiuser runlevels</em></span>. Some of these scripts are
described in <a class="xref" href="cha.basicnet.html#tab.netz.start.skripte" title="Table 21.9. Some Start-Up Scripts for Network Programs">Table 21.9, “Some Start-Up Scripts for Network Programs”</a>.
</p><div class="table"><a name="tab.netz.start.skripte"></a><p class="title"><b>Table 21.9. Some Start-Up Scripts for Network Programs</b><span class="permalink"><a alt="Permalink" title="Copy Permalink" href="#tab.netz.start.skripte">¶</a></span></p><div class="table-contents"><table summary="Some Start-Up Scripts for Network Programs" border="1"><colgroup><col><col></colgroup><tbody><tr><td align="left">
<p>
<code class="filename">/etc/init.d/network</code> <a class="indexterm" name="id483458"></a>
</p>
</td><td align="left">
<p>
This script handles the configuration of the network interfaces. If
the <span class="command"><strong>network</strong></span> service was not started, no network
interfaces are implemented.
</p>
</td></tr><tr><td align="left">
<p>
<code class="filename">/etc/init.d/xinetd</code> <a class="indexterm" name="id483500"></a>
</p>
</td><td align="left">
<p>
Starts xinetd. xinetd can be used to make server services available
on the system. For example, it can start vsftpd whenever an FTP
connection is initiated.
</p>
</td></tr><tr><td align="left">
<p>
<code class="filename">/etc/init.d/rpcbind</code> <a class="indexterm" name="id483538"></a>
</p>
</td><td align="left">
<p>
Starts the rpcbind utility that converts RPC program numbers to
universal addresses. It is needed for RPC services, such as an NFS
server.
</p>
</td></tr><tr><td align="left">
<p>
<code class="filename">/etc/init.d/nfsserver</code> <a class="indexterm" name="id483577"></a>
</p>
</td><td align="left">
<p>
Starts the NFS server.
</p>
</td></tr><tr><td align="left">
<p>
<code class="filename">/etc/init.d/postfix</code> <a class="indexterm" name="id483615"></a>
</p>
</td><td align="left">
<p>
Controls the postfix process.
</p>
</td></tr><tr><td align="left">
<p>
<code class="filename">/etc/init.d/ypserv</code> <a class="indexterm" name="id483652"></a>
</p>
</td><td align="left">
<p>
Starts the NIS server.
</p>
</td></tr><tr><td align="left">
<p>
<code class="filename">/etc/init.d/ypbind</code> <a class="indexterm" name="id483690"></a>
</p>
</td><td align="left">
<p>
Starts the NIS client.
</p>
</td></tr></tbody></table></div></div><br class="table-break"><a class="indexterm" name="id483719"></a><a class="indexterm" name="id483725"></a></div></div><div class="sect1" title="21.7. smpppd as Dial-up Assistant"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="sec.smpppd"></a>21.7. smpppd as Dial-up Assistant<span class="permalink"><a alt="Permalink" title="Copy Permalink" href="#sec.smpppd">¶</a></span></h2></div></div></div><a class="indexterm" name="idx.Internet_smpppd"></a><a class="indexterm" name="idx.Internet_dial-up"></a><p>
Some home users do not have a dedicated line connecting them to the
Internet. Instead, they use dial-up connections. Depending on the dial-up
method (ISDN or DSL), the connection is controlled by ipppd or pppd.
Basically, all that needs to be done to go online is to start these
programs correctly.
</p><p>
If you have a flat-rate connection that does not generate any additional
costs for the dial-up connection, simply start the respective daemon.
Control the dial-up connection with a desktop applet or a command-line
interface. If the Internet gateway is not the host you are using, you
might want to control the dial-up connection by way of a network host.
</p><p>
This is where smpppd (SUSE Meta PPP Daemon) is involved. It provides a
uniform interface for auxiliary programs and acts in two directions.
First, it programs the required pppd or ipppd and controls its dial-up
properties. Second, it makes various providers available to the user
programs and transmits information about the current status of the
connection. As smpppd can also be controlled by way of the network, it is
suitable for controlling dial-up connections to the Internet from a
workstation in a private subnetwork.
</p><div class="sect2" title="21.7.1. Configuring smpppd"><div class="titlepage"><div><div><h3 class="title"><a name="id483804"></a>21.7.1. Configuring smpppd<span class="permalink"><a alt="Permalink" title="Copy Permalink" href="#id483804">¶</a></span></h3></div></div></div><p>
The connections provided by smpppd are automatically configured by
YaST. The actual dial-up programs KInternet and cinternet are also
preconfigured. Manual settings are only required to configure additional
features of smpppd such as remote control.
</p><p>
The configuration file of smpppd is
<code class="filename">/etc/smpppd.conf</code>. By default, it does not enable
remote control. The most important options of this configuration file
are:
</p><a class="indexterm" name="id483823"></a><div class="variablelist"><dl><dt><span class="term">open-inet-socket = <em class="replaceable"><code>yes|no</code></em>
</span></dt><dd><p>
To control smpppd via the network, set this option to
<code class="literal">yes</code>. smpppd listens on port
<code class="literal">3185</code>. If this parameter is set to
<code class="literal">yes</code>, the parameters
<code class="literal">bind-address</code>, <code class="literal">host-range</code> and
<code class="literal">password</code> must be set accordingly.
</p></dd><dt><span class="term">bind-address = <em class="replaceable"><code>ip address</code></em>
</span></dt><dd><p>
If a host has several IP addresses, use this parameter to determine at
which IP address smpppd should accept connections. The default is to
listen at all addresses.
</p></dd><dt><span class="term">host-range = <em class="replaceable"><code>min ip</code></em><em class="replaceable"><code>max ip</code></em>
</span></dt><dd><p>
The parameter <code class="literal">host-range</code> defines a network range.
Hosts whose IP addresses are within this range are granted access to
smpppd. All hosts not within this range are denied access.
</p></dd><dt><span class="term">password = <em class="replaceable"><code>password</code></em>
</span></dt><dd><p>
By assigning a password, limit the clients to authorized hosts. As
this is a plain-text password, you should not overrate the security it
provides. If no password is assigned, all clients are permitted to
access smpppd.
</p></dd><dt><span class="term">slp-register = <em class="replaceable"><code>yes|no</code></em>
</span></dt><dd><p>
With this parameter, the smpppd service can be announced in the
network via SLP.
</p></dd></dl></div><p>
More information about smpppd is available in the
<code class="systemitem">smpppd(8)</code> and
<code class="systemitem">smpppd.conf(5)</code> man pages.
</p></div><div class="sect2" title="21.7.2. Configuring KInternet and cinternet for Remote Use"><div class="titlepage"><div><div><h3 class="title"><a name="id483978"></a>21.7.2. Configuring KInternet and cinternet for Remote Use<span class="permalink"><a alt="Permalink" title="Copy Permalink" href="#id483978">¶</a></span></h3></div></div></div><a class="indexterm" name="id483983"></a><a class="indexterm" name="id483992"></a><p>
KInternet and cinternet can be used to control a local or remote smpppd.
cinternet is the command-line counterpart to the graphical KInternet. To
prepare these utilities for use with a remote smpppd, edit the
configuration file <code class="filename">/etc/smpppd-c.conf</code> manually or
using KInternet. This file only uses four options:
</p><a class="indexterm" name="id484010"></a><div class="variablelist"><dl><dt><span class="term">sites = <em class="replaceable"><code>list of sites</code></em>
</span></dt><dd><p>
<em class="replaceable"><code>list of sites</code></em> where the front-ends search
for smpppd. The front-ends test the options in the order specified
here. <code class="literal">local</code> orders the establishment of a
connection to the local smpppd. <code class="literal">gateway</code> points to
an smpppd on the gateway. <code class="literal">config-file</code> indicates
that the connection should be established to the smpppd specified in
the <code class="systemitem">server</code> and <code class="systemitem">port</code>
options in <code class="filename">/etc/smpppd-c.conf</code>.
<code class="literal">slp</code> orders the front-ends to connect to an smpppd
found via SLP.
</p></dd><dt><span class="term">server = <em class="replaceable"><code>server</code></em>
</span></dt><dd><p>
The host on which smpppd runs.
</p></dd><dt><span class="term">port = <em class="replaceable"><code>port</code></em>
</span></dt><dd><p>
The port on which smpppd runs.
</p></dd><dt><span class="term">password = <em class="replaceable"><code>password</code></em>
</span></dt><dd><p>
The password selected for smpppd.
</p></dd></dl></div><p>
If smpppd is active, try to access it. For example, with
<span class="command"><strong>cinternet</strong></span> <code class="option">--verbose --interface-list</code>.
In case of difficulties at this point, refer to the
<code class="systemitem">smpppd-c.conf(5)</code> and
<code class="systemitem">cinternet(8)</code> man pages.
</p><a class="indexterm" name="id484150"></a><a class="indexterm" name="id484155"></a></div></div></div><div class="navfooter"><table width="100%" summary="Navigation footer" border="0" class="bctable"><tr><td width="80%"><div class="breadcrumbs"><p><a href="index.html"> Documentation</a><span class="breadcrumbs-sep"> > </span><a href="book.opensuse.reference.html">Reference</a><span class="breadcrumbs-sep"> > </span><a href="part.reference.services.html">Services</a><span class="breadcrumbs-sep"> > </span><strong><a accesskey="p" title="Part V. Services" href="part.reference.services.html"><span>◀</span></a> <a accesskey="n" title="Chapter 22. SLP Services in the Network" href="cha.slp.html"><span>▶</span></a></strong></p></div></td></tr></table></div></body></html>
ACC SHELL 2018