 | Level: Introductory Adam Cormany (acormany@yahoo.com), National Data Center Manager, Scientific Games Corporation
22 Apr 2008 The Internet has played a huge role in the advancement of technology,
business, and everyday life for huge numbers of the world's people. Configuring a computer
to communicate over a network and connecting to the Internet has become an essential task
for administrators. This article shows how to configure a server running IBM® AIX® to connect
to and use the Internet.
As defined in Wikipedia, the Internet
is a worldwide, publicly accessible series of interconnected computer networks that
transmit data by packet switching using the standard Internet Protocol (IP). The Internet
is, in a sense, the largest network in the world and spans the globe many times over.
The Internet and the Web are not the same thing, although people interchange the terms
frequently. The World Wide Web (WWW), or the Web, is a collection of
hypertext documents containing images, audio and video clips, and other files
interlinked and accessed over the Internet.
A simplistic example of the two is when you connect to your Internet Service Provider (ISP)
using a cable modem. Connecting to your ISP using a cable does exactly that: It connects
you to your ISP's network and to the Internet, but you are still not using the Web—not
until you open a Web browser, such as Mozilla Firefox or Apple Safari, and connect to a
Web site.
Configuring TCP/IP and the network adapter
For a server running the AIX operating system to communicate over a network and
connect to the Internet, you must configure the network adapter or, depending
on the system, edit multiple files to set up TCP/IP. However, IBM has made this
task easy with one simple switch inside the System Management Interface Tool
(SMIT).
Before beginning to configure the network adapter, first document the following
information:
- IP address to assign to the network adapter
- Host name of the target server
- Name of the domain of which the target server is a member
- Subnet mask
- Name servers
- Gateway address
To configure a network adapter on a server running AIX, perform the following
steps:
- Log in to the system as
root
or su – to root.
- Start the SMIT program, and then choose Communications
Applications and Services > TCP/IP > Minimum
Configuration & Startup.
Tip: SMIT has many shortcuts, or fast paths,
to allow you to quickly get to the menu or task needed. In
this case, simply typing smitty mktcpip bypasses
having to navigate through the three previous menus.
- Select the network adapter you want to configure from the list shown
in Figure 1, and then click Enter. For this
example, en2 is used.
Figure 1. Available network adapters
After you select the desired network adapter, a new window is built that
displays all the settings you need to configure the network
adapter.
- Taking the information you documented earlier, type the host name, IP
address, subnet mask, domain name, name server IP address, and
default gateway address. If you want the network adapter to start as
soon as you've made your changes, change START Now to Yes,
as shown in Figure 2.
Figure 2. Minimum
configuration settings for the network adapter
- Verify the information you typed, and then click Enter.
AIX makes the changes requested and starts the TCP/IP daemons
(if they haven't already been started). In Figure 3,
note that the TCP/IP daemons were already running, as
en0 and en1 are configured on this AIX system.
Figure 3. Network adapter
changes in progress
- Exit SMIT by clicking either F10 or Esc + 0 (zero).
 |
DNS
A Domain Name System (DNS) server interprets IP addresses into domain names and
locations of other computers or Web sites. Without DNS, you would need to enter
the IP address into a Web browser. For example, if you didn't have access to DNS
and wanted to view IBM's Web site, you would have to type 129.42.18.103
instead of www.ibm.com. DNS eases the use of Web browsing over the
Internet as well as connecting to other servers over a network. It's much easier to
remember www.ibm.com than 129.42.18.103!
Another advantage to using DNS is that from time to time, IP addresses change on
servers. For instance, a server may need to move from one location to another, or a server may be replaced with new equipment. Performing such
moves sometimes requires changing the IP address on the server after it reaches
its new home because of a different network scheme at the new location. When
this happens, it's much easier on users to remember the name of the server instead
of having to remember what the old and new IP address are. If the server move was
successful, users will never know the difference.
As mentioned earlier, when setting up the network adapter, you typed the IP address
location to a name server. This server is your primary DNS server location. It is
wise to have several DNS servers to rely on in case one should fail during an
address lookup. If multiple DNS servers are used, when the server is looking up
an IP or host name to cross-reference, if the first DNS server doesn't have the
information or is unavailable, the lookup request will move to the second DNS
server, and so on.
To add other DNS servers, you must modify the /etc/resolv.conf file.
Listing 1 provides an example of such a file.
Listing 1. An /etc/resolv.conf file
domain ATC-DOMAIN.com
nameserver 10.20.30.23
nameserver 10.20.30.24
nameserver 10.20.30.25
search atc-domain2.com, atc-domain3.com, atc-domain4.com
options debug
|
The sections that follow provide descriptions of each parameter used in Listing 1.
domain
The domain parameter instructs the resolving function
to append <domain name> to the end of the
string to lookup if the string does not end with a .
(period). For example, if the string entered for lookup is ibm, the actual
string that will be used is ibm.ATC-DOMAIN.com.
If no domain is included in the domain parameter (that
is, using ATC-AIX1 rather than ATC-AIX.ATC-DOMAIN.com), the
current server's root domain is assumed.
Note: Only one domain entry can be used in the /etc/resolv.conf file.
nameserver
The nameserver parameter tells the server which
DNS server to resolve IP addresses and host names against. The resolver
queries each name server in the order provided in /etc/resolv.conf until the
IP address has been properly resolved.
Note: Only three name server entries can be used in the /etc/resolv.conf
file.
search
The search parameter provides a list of domains to
the resolver to use when resolving an IP address or host name. Only the
one domain or search
entry can be used. If domain is used,
search will be the value of
domain.
Note: Although you can add several domain names to the
search option, there is a limit of 1,024
characters.
Options
The options parameter provides an extra means of
debugging and adjusts the lookup function to your liking:
Testing the Internet connection
Now that you've configured the network adapter and modified /etc/resolv.conf to your
liking, you can test your Internet connection. There are many ways to test your
connection, so I cover only a couple of the basic, but useful, troubleshooting tools.
The ping command
One of the easiest ways to verify that you've configured your network adapter
correctly and can communicate with the Internet is to ping an IP
address. The ping command is a tool for testing
whether the target is reachable by your server and its network. Basically,
ping sends Internet Control Message Protocol
(ICMP) packets from your server to the destination server, and then receives
a response from the destination server. If the response is received, you have
connectivity to the destination server. Using ping
is a simple and quick way to determine if there is a problem, how fast data
is being sent between servers, and if you have connectivity at all.
The following example confirms that I have connectivity to Google.com's IP
address, 64.233.167.99:
ping 64.233.167.99
PING 64.233.167.99: (64.233.167.99): 56 data bytes
64 bytes from 64.233.167.99: icmp_seq=0 ttl=240 time=40 ms
64 bytes from 64.233.167.99: icmp_seq=1 ttl=240 time=41 ms
64 bytes from 64.233.167.99: icmp_seq=2 ttl=240 time=48 ms
64 bytes from 64.233.167.99: icmp_seq=3 ttl=240 time=40 ms
^C
----64.233.167.99 PING Statistics----
4 packets transmitted, 4 packets received, 0% packet loss
round-trip min/avg/max = 40/42/48 ms
|
Sometimes, however, ping can't be the only tool used
to confirm connectivity to a server, because a server may have ICMP requests
blocked by firewalls. The following example shows ICMP being blocked and
simulating no connectivity to IBM.com's IP address, 129.42.18.103:
ping 129.42.18.103
PING 129.42.18.103: (129.42.18.103): 56 data bytes
^C
----129.42.18.103 PING Statistics----
6 packets transmitted, 0 packets received, 100% packet loss
|
So far, I've only attempted to ping IP addresses. After you've confirmed this
first troubleshooting step, it's also a good test to attempt to ping the actual
host name that is resolved in DNS:
ping google.com
PING google.com: (64.233.167.99): 56 data bytes
64 bytes from 64.233.167.99: icmp_seq=0 ttl=240 time=40 ms
64 bytes from 64.233.167.99: icmp_seq=1 ttl=240 time=43 ms
^C
----google.com PING Statistics----
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max = 40/41/43 ms
|
The traceroute command
Although ping may have failed on one attempt, this
doesn't necessarily mean that you don't have connectivity to the Internet.
The following example shows that ping failed
when trying to communicate with ATC-AIX2:
ping ATC-AIX2
PING ATC-AIX2: (10.20.90.41): 56 data bytes
^C
----10.20.90.41 PING Statistics----
6 packets transmitted, 0 packets received, 100% packet loss
|
Here's the same test using the traceroute command:
traceroute ATC-AIX2
traceroute to ATC-AIX2.ATC-DOMAIN.com (10.20.90.41) from ATC-AIX1.ATC-DOMAIN.com
(10.20.30.40), 30 hops max
outgoing MTU = 1500
1 10.20.30.254 (10.20.30.254) 8 ms 3 ms 3 ms
2 10.20.30.252 (10.20.30.252) 4 ms 4 ms 3 ms
3 19.16.15.240 (19.16.15.240) 5 ms 5 ms 5 ms
4 17.30.11.23 (17.30.11.23) 4 ms 5 ms 4 ms
5 10.20.90.252 (10.20.90.252) 4 ms 5 ms 4 ms
6 10.20.90.252 (10.20.90.254) 8 ms 5 ms 4 ms
7 10.20.90.41 (10.20.90.41) 8 ms 6 ms 5 ms
|
The traceroute command can be a helpful
troubleshooting tool. If your traceroute results
in failure, the output can lead you in the right direction—namely,
which server or network equipment may be blocking your access.
The nslookup and dig commands
With the ping and traceroute
commands, notice that host names were primarily used. Using host names is
helpful for users, because they don't need to memorize difficult IP addresses.
One method to determine whether DNS is in fact working is to use the
name server lookup, or nslookup,
command. Using nslookup can provide host name
information as well as IP addresses associated with the host name. This command
is useful if users report an issue when they try to connect to a server but don't
get a response. In such a situation, it could be that their DNS information isn't
updated and old addresses are being used, which you can use
nslookup to verify quickly.
The following code displays the IP addresses associated with IBM.com:
nslookup ibm.com
Server: ATC-AIX1.ATC-DOMAIN.com
Address: 10.20.30.40
Non-authoritative answer:
Name: ibm.com
Addresses: 129.42.17.103, 129.42.18.103, 129.42.16.103
|
A newer program similar to nslookup is
dig. The dig
command provides the same information as nslookup
but with a fuller view of how DNS is set up for the target:
dig ibm.com
; <<>> DiG 9.2.0 <<>> ibm.com
;; global options: printcmd
;; Got answer:
;; -<<HEADER<<- opcode: QUERY, status: NOERROR, id: 16463
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 13, ADDITIONAL: 13
;; QUESTION SECTION:
;ibm.com. IN A
;; ANSWER SECTION:
ibm.com. 14740 IN A 129.42.16.103
ibm.com. 14740 IN A 129.42.17.103
ibm.com. 14740 IN A 129.42.18.103
;; AUTHORITY SECTION:
. 24402 IN NS I.ROOT-SERVERS.NET.
. 24402 IN NS G.ROOT-SERVERS.NET.
. 24402 IN NS C.ROOT-SERVERS.NET.
. 24402 IN NS F.ROOT-SERVERS.NET.
. 24402 IN NS M.ROOT-SERVERS.NET.
. 24402 IN NS E.ROOT-SERVERS.NET.
. 24402 IN NS L.ROOT-SERVERS.NET.
. 24402 IN NS D.ROOT-SERVERS.NET.
. 24402 IN NS J.ROOT-SERVERS.NET.
. 24402 IN NS H.ROOT-SERVERS.NET.
. 24402 IN NS A.ROOT-SERVERS.NET.
. 24402 IN NS B.ROOT-SERVERS.NET.
. 24402 IN NS K.ROOT-SERVERS.NET.
;; ADDITIONAL SECTION:
I.ROOT-SERVERS.NET. 31808 IN A 192.36.148.17
G.ROOT-SERVERS.NET. 2961 IN A 192.112.36.4
C.ROOT-SERVERS.NET. 36288 IN A 192.33.4.12
F.ROOT-SERVERS.NET. 40867 IN A 192.5.5.241
M.ROOT-SERVERS.NET. 15357 IN A 202.12.27.33
E.ROOT-SERVERS.NET. 26901 IN A 192.203.230.10
L.ROOT-SERVERS.NET. 21568 IN A 199.7.83.42
D.ROOT-SERVERS.NET. 9464 IN A 128.8.10.90
J.ROOT-SERVERS.NET. 35190 IN A 192.58.128.30
H.ROOT-SERVERS.NET. 7936 IN A 128.63.2.53
A.ROOT-SERVERS.NET. 35190 IN A 198.41.0.4
B.ROOT-SERVERS.NET. 29770 IN A 192.228.79.201
K.ROOT-SERVERS.NET. 16473 IN A 193.0.14.129
;; Query time: 3 msec
;; SERVER: 10.20.30.40#53(10.20.30.40)
;; WHEN: Wed Mar 12 17:02:32 2008
;; MSG SIZE rcvd: 492
|
Connect to the Web
After successfully testing the Internet connection and verifying that DNS is
set up correctly by using the ping,
traceroute, and nslookup
commands, you're ready to get on the Web. Simply open your preferred Web
browser, type the Uniform Resource Locator (URL) you want to view (see
Figure 4), and viola! Congratulations: You're on the
Internet and viewing the Web!
Figure 4. Connecting to the Web
Conclusion
Connecting to the Internet and viewing Web sites is easy in AIX. IBM has made
configuration of AIX and network adapters easy. Simply configure your network
adapter, direct DNS to a valid DNS server, and you'll be surfing the Web in no
time! Enjoy!
Resources Learn
Get products and technologies
-
IBM
trial software: Build your next development project with software for download
directly from developerWorks.
Discuss
-
Participate in the AIX and UNIX forums:
About the author | | | Adam Cormany is currently the manager of the National Data Center, but he has also
been a UNIX systems engineer, a UNIX administrator, and operations manager for
Scientific Games Corporation. Adam has worked extensively with AIX as well as in
Solaris and Red Hat Linux administration for more than 10 years. He is an IBM
eServer®-Certified Specialist in pSeries® AIX System Administration.
In addition to administration, Adam has extensive knowledge of shell scripting in
Bash, CSH, and KSH as well as programming in C,
PHP, and Perl. You can reach Adam at acormany@yahoo.com. |
Rate this page
| |
