Differences between revisions 1 and 3 (spanning 2 versions)
Revision 1 as of 2021-11-18 21:47:14
Size: 845
Editor: DominicRicottone
Comment:
Revision 3 as of 2023-07-19 15:21:28
Size: 1459
Editor: DominicRicottone
Comment:
Deletions are marked like this. Additions are marked like this.
Line 9: Line 9:
== Connections ==

----



== Name Resolution ==

See [[Linux/DNS|here]].

----



== Routing ==

By default, the Linux kernel will not forward [[Protocols/IP|IP]] packets (i.e. will not NAT).

This is overridden like:

{{{
#works until reboot
sudo sh -c 'echo 1 > /proc/sys/net/ipv4/ip_forward'

#permanently
sudo sh -c 'echo "net.ipv4.ip_forward = 1" >> /etc/sysctl.conf'
}}}

----
Line 10: Line 42:

Linux has some special conventions and protocols around TCP/IP sockets.
Line 17: Line 47:
On modern Linux systems, ports 1 through 1024 are '''privileged''' and can only be bound by processes running as `root`. Ports 1 through 1024 are '''privileged''' and can only be bound by root processes.

To adjust this range (i.e. to lower the privileged range and allow a non-root process use of port 80), try:

{{{
#works until reboot
sudo sh -c "echo 80 > /proc/sys/net/ipv4/ip_unprivileged_port_start"

#permanent
sudo sh -c 'echo "net.ipv4.ip_unprivileged_port_start=80" >> /etc/sysctl.conf'
}}}

Linux Networking

Contents

  1. Linux Networking
    1. Connections
    2. Name Resolution
    3. Routing
    4. Ports
      1. Privileged Ports
    5. Unix Sockets

Connections

Name Resolution

See here.

Routing

By default, the Linux kernel will not forward IP packets (i.e. will not NAT).

This is overridden like: 

#works until reboot
sudo sh -c 'echo 1 > /proc/sys/net/ipv4/ip_forward'

#permanently
sudo sh -c 'echo "net.ipv4.ip_forward = 1" >> /etc/sysctl.conf'

Ports

Privileged Ports

Ports 1 through 1024 are privileged and can only be bound by root processes.

To adjust this range (i.e. to lower the privileged range and allow a non-root process use of port 80), try: 

#works until reboot
sudo sh -c "echo 80 > /proc/sys/net/ipv4/ip_unprivileged_port_start"

#permanent
sudo sh -c 'echo "net.ipv4.ip_unprivileged_port_start=80" >> /etc/sysctl.conf'

Unix Sockets

Linux offers a file-like object that can act like TCP/IP sockets for inter-process communication. These are known as Unix sockets.

Some advantages to a Unix socket over a traditional TCP/IP socket are:

  • as first class file-like objects, Unix sockets obey file permissions
  • Unix sockets are only addressable on the local file system, mitigating some security concerns

  • because there is no routing beyond filesystem lookups, Unix sockets can be faster

CategoryRicottone

Linux/Networking (last edited 2023-07-19 15:23:36 by DominicRicottone)