Ten most frequently used Linux networking services, in enterprise unix networks

 

In this post I am just talking about top 10 networking services that are commonly used in enterprise linux networks. Below are the top 10 Services, and it is worthwhile to know for the beginners to understand the purpose of each service, procedure to manage this service and the corresponding configuration files for each service.

•  ntpd – Network Time Protocol Daemon
• httpd – Hyper Text Transfer Protocol Daemon
• sshd – Secure SHell Daemon
• sendmail – Mail Server Daemon
• snmpd – Simple Network Management Protocol Daemon
• iptables – Network Filtering Protocol Service
• nfsd – Network File System Server Daemon
• nscd – Name Service Cache Daemon
• named – Dynamic Naming Service Server Daemon
• smbd –  Simple Message Block Server Daemon

 

1. ntpd

This service executes the Network Time Protocol (NTP) daemon ntpd.  The purpose is to synchronize the time of the local computer to a NTP server or other reference time source such as a radio or satellite receiver or modem. The NTP system uses two main roles for participating computers: server or client.  Time servers supply time to one or more NTP clients.  NTP clients use the reference time from one or more NTP servers to determine the local time.

 

Service management :

 

# /sbin/service ntpd
usage: /etc/init.d/ntpd {start|stop|restart|condrestart|status}

Configuration File :

/etc/ntp.conf

 

 2. httpd

httpd  is  the  Apache Hyper Text Transfer Protocol (HTTP) server program. It is designed to be run as a standalone daemon process. When used like this it will create a pool  of  child  processes or threads to handle requests.

In  general,  httpd should not be invoked directly, but rather should be invoked via apachectl on Unix-based systems.

The httpd RPM package provides the /usr/sbin/httpd daemon and its configuration files.

 

Service Management:

 

/sbin/service httpd show
Usage: httpd {start|stop|restart|condrestart|reload|status|fullstatus|graceful|help|configtest}

 Configuration file:

/etc/httpd/conf/httpd.conf

 

3. sshd

The sshd (Secure Shell Daemon) service is part of the OpenSSH implementation for Linux that provides authenticated, end-to-end encrypted networked communication. For example, a user on one host can log in to another system without using a password because the sshd service can be configured to use alternate authentication techniques such as exchanging shared-key information.

The openssh-server RPM package provides the /usr/sbin/sshd daemon and its configuration files

Two versions of the SSH communication protocol exist, version 1 and version 2.  Connections between the client and the sshd daemon are made on TCP/IP port 22 by default, using either UDP or TCP protocols.  

 

Service Management:

To manage the sshd service on demand, use the service tool or run the /etc/init.d/sshd script directly:

# /sbin/service sshd help
Usage: /etc/init.d/sshd {start|stop|restart|reload|condrestart|status}
# /etc/init.d/sshd help
Usage: /etc/init.d/sshd {start|stop|restart|reload|condrestart|status}

 

Configuration File for SSHD:

/etc/ssh/sshd_config

 

 

4. Sendmail

This executes Mail Server Daemon which runs as a daemon in the background, listening for incoming mail from other machines.

Sendmail can handle both incoming and outgoing mail. Sendmail  routes mail for the user to the proper delivery program based on the email address. It accepts mail from a user’s mail program, interprets the mail address, rewrites the address into the proper form for the delivery program, and routes the mail to the correct delivery program. Sendmail insulates the end user from these details. If the mail is properly addressed, sendmail will see that it is properly passed on for delivery. Likewise, for incoming mail, send mail interprets the address and either delivers the mail to a user’s mail program or forwards it to another system.

 

Service Management:

Usage:
 /etc/init.d/sendmail {start|stop|restart|condrestart|status}

Configuration File:

/etc/mail/sendmail.cf

 

5. snmpd

The snmpd service is an SNMP(Simple Network Management Protocol) agent which binds to a port and awaits requests from SNMP management software. By using snmp, you can obtain the statistics of the server, which is described by MIB file from remote host.

By default, snmpd listens for incoming SNMP requests on UDP port 161 on all IPv4 interfaces.

The snmpd service is provided by the net-snmp RPM package.

Service Management:

To manage the  service on demand, use the service(8) tool or run the /etc/init.d/snmpd script directly:

# /sbin/service snmpd help
Usage: /etc/init.d/snmpd {start|stop|status|restart|condrestart|reload}
# /etc/init.d/snmpd help
Usage: /etc/init.d/snmpd {start|stop|status|restart|condrestart|reload}

Configuration File:

/etc/snmp/snmpd.conf

 

6.iptables

 

The iptables utility controls the network packet filtering code in the Linux kernel. If you need to set up firewalls and/or IP masquerading, you should install this tool.

The iptables feature is used to set up, maintain, and inspect the tables of IP packet filter rules in the Linux kernel. Several different tables may be defined. Each table contains a number of built-in chains and may also contain user-defined chains.

Each chain is a list of rules which can match a set of packets. Each rule specifies what to do with a packet that matches. This is called a ‘target’, which may be a jump to a user-defined chain in the same table.

RPM package name: iptables

Service Management

# service iptables
Usage: /etc/init.d/iptables {start|stop|restart|condrestart|status|panic|save}

 

Configuration File

/etc/sysconfig/iptables          – iptables rules
/etc/sysconfig/iptables-config   – iptables configuration

 

7. nfsd

The Network File System (NFS) is a server/client based networking protocol. NFS daemons are composed by nfsd, rpc.mountd, rpc.rquotad, rpc.lockd

– Daemon nfsd: nfsd handles client requests from remote systems. Multiple copies of this daemon are usually run so that several requests can be handled simultaneously. However, too many copies of nfsd can increase the demand for CPU time to the point where a drop in performance results. For the best performance the number of copies of nfsd should be set to four. 

– Daemon rpc.mountd: rpc.mountd handles mount requests from remote systems. 

– Daemon rpc.rquotad: It is a rpc server which returns quotas for a user of a local file system which is NFS-mounted onto a remote machine.

– Daemon rpc.lockd: rpc.lockd manages file locking on NFS client and server machines. 

In order to run NFS service, the portmap daemon must run.

Service Management:

Usage: nfs {start|stop|status|restart|reload|condrestart}

Configuration File:

/etc/exports

 

8. nscd

This is the Name Service Cache Daemon. It takes care of group and password lookups for running programs and then caches the lookup results for the next query for services that can experience slowness in picking up changes such as NIS or LDAP. If you’re running these services, you may want to run nscd.

This daemon can cache the data for name services, /etc/hosts, DNS, NIS, NIS+ or so. This is only for local users on the machine, because the cache is realized by wrapping the functions in glibc, remote user can never use this cache. It takes a time to change the cache even when the original DNS data is changed, therefore be careful to use this daemon.

 

Service Management:

Usage: /etc/init.d/nscd {start|stop|status|restart|reload|condrestart}

Configuration File:

/etc/nscd.conf

 

9. named

named actually executed DNS ( Dynamic naming Service) server daemon. It converts host names to IP addresses and vice versa. There are several different kinds of DNS servers, such as primary server, slave server and cached server etc. Its data is stored in the  directory /var/named.The data stored in the DNS is identified by domain names that are organized as a tree according to organizational or administrative boundaries

 

Service Management

# /sbin/service named
Usage: /etc/init.d/named {start|stop|status|restart|condrestart|reload|probe}

Configuration File

/etc/named.conf

 

 

10. smbd

The Samba software suite is a collection of programs that implements the SMB protocol for UNIX systems. This protocol is also known as the Common Internet File System (CIFS).  The NetBIOS protocol is implemented by the nmbd daemon.

The SMB server daemon smbd provides file sharing and printing services to Windows clients. The server provides file space and printer services to clients via the SMB/CIFS protocol. The nmbd daemon is a  NetBIOS  name server  that provides NetBIOS naming services to clients . It understands and can reply to NetBIOS over IP name service requests,  like  those  produced  by SMB/CIFS clients (windows).

 

Service Control

# /sbin/service smb
Usage: /etc/init.d/smb {start|stop|restart|reload|status|condrestart}

Configuration File

/etc/samba/smb.conf