Michael W Lucas - Networking for Systems Administrators

More Tech Books from Michael W Lucas

Absolute BSD

Absolute OpenBSD (1 st and 2 nd edition)

Cisco Routers for the Desperate (1 st and 2 nd edition)

PGP and GPG

Absolute FreeBSD

Network Flow Analysis

the IT Mastery Series

SSH Mastery

DNSSEC Mastery

Sudo Mastery

FreeBSD Mastery: Storage Essentials

Networking for Systems Administrators

Tarsnap Mastery (coming Feb 2014)

The people who most deserve thanks for this book are the folks who struggled through me learning networking as I stood between them and what they wanted to accomplish. Every one of you brought me some horrible issue that educated me even as you ranted and cried and begged for me to fix the problem. I learn slowly, and you suffered for it. Thank you. Fortunately, suffering builds character, so you got something out of it and I dont have to feel too bad.

This book had a crew of excellent technical reviewers. Some of them have an understanding of networking that crushes mine. Others knew nothing about networking, but were able to tell me when I confused them. Both are invaluable. They are, in alphabetical order: Alexiei Bottino, Donald Cooley, Fred Crowson, Michael Dexter, Dominik Douville-Blanger, Edwin Groothuis, Josh Grosse, Bryan Irvine, Chris Josephes, Frank Moore, Kurt Mosiejczuk, Scott Murphy, Chris Parr, Martin Pugh, Mike OConnor, A.J. Reese, Amanda Robinson, Jim Salter, Justin Sherrill, Carsten Strotmann, Grant Taylor, and Giovanni Torres. You all had excellent advice and lots of really good recommendations. Those recommendations would have made this book four times longer, but they really were excellent.

This book was made possible through hardware purchased from iX Systems (http://www.ixsystems.com). Well, not exactly possible. More like a heck of a lot easier than trying to keep a maddening mishmash of recycled debris booting without bursting into great fountains of toxic flame.

And a special thanks to the people whove thrown a few bucks into my Tilted Windmill Press tip jar. You folks make writing for a living a lot more realistic.

For Liz

Dear systems administrators: the firewall people dont want to talk to you, either.

Its nothing personal. We all share the goal of delivering service to users, but once you break that goal down into meaningful parts our teams completely diverge. Our tools differ. Our equipment differs. We even think differently. Sysadmins care about bytes, network administrators measure everything in bits. Network equipment might be built on computer hardware, but its very specialized hardware that doesnt have any of the tools that systems administrators take for granted. Servers have network interfaces, but not nearly enough of them to do anything interesting.

Neither one understands how the other can possibly perform their job without the basic tools their platform offers.

Both roles require a high degree of specialization, especially in modern enterprises. The firewall administrator doesnt have time to dig into the specifics of the latest version of whatever operating system youre using. You dont have time to figure out why the newest version of the big firewall is mangling your carefully-crafted HTTP headers.

This is all complicated stuff. While I spend more time in systems administration than network engineering, Ive filled both roles in the last twenty years. Each time I switch from one hat to the other I spend a few weeks catching up with the latest annoyances.

The end result? The network folks blame the servers. The server people blame the network. Often the blame gets personal. Its the sysadmins fault! If the firewall crew knew what they were doing, this wouldnt happen! Meanwhile the helpdesk folkscorrectlyblame everyone for not making customers stop whining. Ive been in organizations where the only thing that prevented open warfare between IT teams was a shortage of sharp stabby objects.

Even in the best environments, differing expertise and priorities make both jobs more difficult than they have to be. Many organizations avoid this warfare by applying trouble tickets, workflow, and meetings. Lots and lots of brain-numbing meetings.

It doesnt have to be this way.

A systems administrator cant learn the ins and outs of each version of networking gear any more than a network administrator can learn the ins and out of the latest generation of your operating system. Neither one of you has the time to keep up with this constantly changing information on top of your own area of expertise.

A network administrator canand shouldlearn the basics of how a server operates. Every network administrator should understand the basics of user access control and privileges, processes, services and daemons, basic installation and removal of software, and so on. But this information varies wildly between operating system platforms. Sometimes its a language differenceUnix-like operating systems have daemons, while Microsoft systems have services. Sometimes even closely related operating systems have very different ways to handle similar tasks, such as the myriad ways of installing software on various Unix-like operating systems, or even on one operating system! The network administrator might learn the basics of the operating systems in your organization, but this knowledge wont carry forward to her next assignment.

Systems administrators can learn the basics of networking, however. And this knowledge will serve you no matter what organization you work with or what sort of network gear your organization uses. You dont need to know how to configure a router or a firewall or any other network devicetheyre all ephemeral anyway.

But basic TCP/IP knowledge endures. While people add new protocols all the time, these are incremental changes and easily mastered. Its much easier to teach a systems administrator the basics of networking than it is to teach a network administrator the basics of systems administration, and that knowledge will last your entire career.

Understanding the network saves you time. You wont wonder if a network change has been madeyoull check it yourself. You wont call to see if a problem is inside your networkyoull look and find out. Youll quickly determine if problems exist on your systems, on your network, or outside your network.

Most network administrators quickly learn which systems administrators understand basic networking and which dont. When Im a network administrator Im happy to work with the sysadmins that dont ask me if Ive opened that firewall port or if theres a problem between here and our office in Farawayistan. Being asked When will the link to Farawayistan be fixed? might be harder to answer, but it does save a loop in the conversation.

If Im a network administrator with a whole stack of issues to resolve, but I know that you speak from evidence when you say This traffic isnt reaching my server, Ill address your problem before everyone elses. Theres a really good chance that I can fix your problem quickly because you provide me with actual information. If my phone is ringing like mad and everything seems to have collapsed, resolving your problem might solve problems for a whole bunch of other people.

Make yourself the most valued member of your systems administration team. Take a couple hours to read this book, learn a little networking, and become a bridge to other critical IT groups.

Well start by discussing network principles, and then go into detail on how to view or use those principles on multiple operating systems. This book covers Windows, Linux (CentOS and Debian), and BSD platforms, but the principles and tools run on just about any modern networked operating system, including portable devices like phones and tablets.