| The Server page,
about operating our Linux
box as a server. |
| Bringing up a *nix
host as a local
area (or wider) network Server. Your *nix box can easily have the role of a backbone machine, giving services to your entire LAN. It can run virtually (Cygwin for Windows, kernel on top of a kernel) or physically on a computer. It can exist in the local area network, the internet, a virtual private network and so on. Choices are plentyful. Services Overview: Terminal Services Network Filesystem Services Ftp, Web, Mail, News, Irc, Messaging, Peer-to-peer services Gui Services Internet Connection Share Gateway & Firewall Name Services Authentication Services Sql Services Proxy Services Supercomputers 1st) Terminal Services Terminal services is the most easy task of your new Linux box. These services are often brought up automatically by your Distro wizard. A non-academic definition of terminal services would be: Services that can be reached in a network and let you function a remote machine As If you were there. Remote Shell can be achieved through telnet or ssh servers Remote Command can be achieved through rsh, or ssh. Remote Copy can be achieved throu rcp or scp (scp is a feature inside the SSH pproject) Access can be restricted to specific users, among which only a portion, or just one may operate as "root" in the Terminal Server. Depending on your shell client (not the server) you can operate a mouse, too. As we see, SSH serves all purposes, plus secure connection technology: Host authentication, data encryption and network tunneling! SSH offers also X11 forwarding, meaning passing the X11 display network protocol through the already established secure connection. 2nd) Network Filesystem Services Reading this you might have thouhght of Ftp, but this is not the case. Ftp is a powerful tool but, as it states by itself, it is only a File Transfer Protocol. Network Filesystem is a service that expands your simple disk operations in the network, extending your filesystem tree to remote machines. It's like Having it here, instead of Being there (like in the terminal service case) The server shares directories that are accessible locally, giving either general permissions, or specific in a per user basis. There are two major protocols: NFS The Network File System protocol, traditional to UNIX, developed by Sun Microsystems. SMB The Session Message Block protocol, developed by Microsoft. If we merge the Printer Services here we can also say that: SMB also shares printers. LPD (Line Printer Daemon) is a Unix way of sharing printers. CUPS (Common Unix Printing System) is another Unix Way. You can configure CUPS remotely from a web browser, if permitted. Some more work has to be done for there services, but this task pays back very well. You can share printers and folders, as well as the entire /home directory. And you can configure it to be as secure as you want 3rd) Ftp, Web, Mail, News, Irc, Messaging, Peer-to-peer services Some years ago, a new market-motivated type of networks appeared: the Intranets. Intranet is a Local Or Wide Area Network that gives the impression that is the Internet, simply because it uses the same services that can be found in the Internet, like the ones in the title of the paragraph. The Internet is the easiest network that an average user can be in: You just need a modem, an ISP account and you are there. The dial-up wizard and the ppp deamon are the only tools accessible to the user, who learns to use this network without ever realizing how complex the mechanism of this "Internet" "thing" is. When this user finds work in any corporation's office, the easiest way to make him productive is to give him/her the same "tools" he is used to in the past. So, the classic Bulletin Board Systems of the past, as well as other custom communication programs have given their places to: Ftp servers to transfer files and maintain "public" upload/download dirs Web servers to browse and exchange information News servers to read/post articles Mail servers to send/receive messages Irc servers to chat in rooms Messengers to chat when online, without rooms. Peer to peer applications for exchanging data Broadcast servers to "tune" to tv or radio channels Game servers to setup games/tournaments Q: Game server for a corporate environment? A: Definetly, if your "corporation" is an Internet Cafe! Apache is a Web Server and a good example of an Open-Source Project used even in "Corporate" unix environments. QMail and Sendmail are some mail server options. Nntpd is a fine News Server. Irc servers are in reality very old projects developed primary as experiments by student programmers in universities. Using or not using an Intranet remember this for history: The Intranets do nothing more than using a culture that originated from the Internet. 4rth) Gui Services Keep in mind that thie "Gui Services" definition is not "correct" but makes the point. Running an X Server in your *nix or not box, you can call Gui applications (X Clients is a better definition) from a *nix server, provided that you can be authenticated. There is a controversy here: The Client runs the X Server. The Server runs the X Clients. This obscure inversion exists because we see the issue from the application's point of view. An X Client is a program that runs in graphics mode using the X protocol, therefore needs an X Server in the target display. So, when hearing "X Server" think "Display Manager". As we know by now, X is a network-transparent project, therefore, the target display can be local or remote. Do Not misunderstand the Gui service. It Is Not a remote control in a remote graphics environment. In Remote control, Only One graphics service can be used, and the server MUST be in Graphics Mode. In our case, the server may or may not be in Graphics mode locally, serving one/many users, and in addition it can initialize as many X clients and desktops as its processing power can handle. Q: How can it be? A: Renember modularity? The X Server runs in the client computers. Clients run the graphics environments. So, the GUI programs (Xclients) use the Xwindow network transparent protocol to connect to other clients XServer (i.e. Display Manager). This is hard to understand for a *nix newbie, but as time passes, he will end up asking why these fine capabilities don't exist in other O.Systems. The VNC (Virtual Network Computing) servers can be configured to act as XServers, with or without an actual XServer on the server side. Additionally, following the Unix tradition, VNC servers spawn as many times as needed on the servers! 5th Internet Connection Sharing Gateway & Firewall Gurus will laugh at this definition, but thanks to Microsoft, it is widely spread among users. "Gateway" is a generic word that defines a host that extends a network to another. It can be a Router, a Mail Gateway etc. For a *nix server, Int.Con.Sharing is in reality IP Masquerading. Our Linux (for example Server) is directly connected to the Internet, via modem, ISDN, DSL etc. and all the clients use this server as a gateway, meaning that they direct all network requests there. Then, the server masquerades the client's IP, sends the request to the Internet as it were its own, and knows in which host to redirect the data back to. It is not very easy to do, but it can be done without restarting the server, and the configuration to do this always (meaning after rebooting) is trivial. The Gateway can at the same time combined with a firewall with ease. In fact, this is the most common use for Linux systems at homes. Users that are either heavily attached to the computer environments they are used to, or can't do eitherwise due to specific applications they need to work with, use the stability of a Linux system to protect their network from intruders. IpTables is the firewalling method in Linux now, and is directly attached to the kernel, meaning that If this is all you think Linux can do for you, you can set up a server with just 80 Mb of Operating System disk space! Considering that the days that even home networks can stay always online (see ADSL) have come, having a OpenSource Free *nix system that CAN stay up for months serving us, might be the best solution. OpenBsd would be a dream OS for this task. So, start learning.
6th Name Services Look at the etc/hosts and /etc/resolve.conf links in the ConfigMe page for some extensive info. A Name Server resolves the internet requests in the textual format we are used to (i.e. http://www.hol.gr) and returns the real 32 bit network adress (in our case: 194.30.220.30). A Name Server is practical, either for big LANs or simply to increase the clients speed in the Internet, since having a DNS server inside our LAN can be 1000 times faster in name resolving. Our local DNS can synchronize its database with the ones in the Internet, and might be a best of a solution inside company networks. "named" is the deamon for name services in Linux. Samba offers a WINS service for Microsoft Networks, in a *nix server. 7th Authentication Services Either sharing an entire /home directory in our network or just some shares, if authentication is centralized, we can have a very flexible way of using our network at home. For example, we don't need to create users in each host. Technologies I know are two: NIS (Network Information Services) is the Unix way. The Samba package offers an auth. service too,but I need to search more on this. Thus, authentication can be centralized in a single *nix server, serving both *nix and non *nix Op.Systems. 8th) Sql Services Sharing a data structure (like a database) is one of the primary needs for a network. In simple and small networks, just the file can be shared with a network filesystem mechanism (Not ftp) and the queries or additions can be a task for each host to do directly to the file. But in big networks, this method can easily create "bottleneck" results. So, the solution is to return to the good old client/server method. Structured Query Language is what a server needs to communicate with the clients, and upon queried for additions to/results from the database, only the requested portion of data is travelling through the network. Although this language is easy to understand as well as compact, creating such a server needs some attention, considering primarily compatibility between client/server. So, if you are using Microsoft Access in client hosts, check whether you can use the MySQL open source project, or rely on Server suites from Microsoft, (like BackOffice) Oracle etc..
9th Proxy Services Remember the old days all of us BBS users had a single IP address and set up a proxy server to download for us? And later when we had actually our own IP address (PPP was finally mainstream) but needed to find faster ways to download? We used proxy servers also! Proxy servers act as intermediate nodes between our host and the internet, dowloading for us and additionally providing security and cashing. Proxy servers do not seem that impressive now that we have our fast lines with so many security options, but there might be a catch here. Think of a scenario, with you and a netbook somewhere in the city, accessing the internet through a wireless lan Access Point. The Access Point may or may not offer encryption through a passkey. If it doesn't, it's obvious that a security measure must be applied. But, even if it does, although not so obvious, a security measure must be applied too, because the signal is encrypted only in the wireless portion of the internet share! The wireless encryption stops when the network access becomes cable-driven, and most access points end up to a switch leading to an ADSL line! At home we have every reason to trust our network switch and ADSL line, but in public places we have none! That's where a SSH Socks-Proxy server comes in the scenario. Although there are sites offering this option, we can actually think about an always-on GNU/Linux box at our home that would also offer ssh UNIX shell, X and/or VNC Services, file services etc. So, when thinking about the vast capabilities of your Linux Server @ home, think also about a proxy-encryption role! 10th Supercomputers ---------------------- Note: This paragraph has to be rewritten from scatch -------- SSI (single system image) and Clustering have to be mentioned Layer of operation (kernel layer or application layer) has to be mentioned considering ssi implementation methods. underware, middleware, applications OpenMosix as a kernel level modification, Seti@home as an application level addon. ---------------------- Old paragraph (raw) ------------------------------------------------------------------------------- When not "rendering" a 3d scene or playing games, millions of instructions are just wasted. When you are writing two paragraphs in your favorite word processor and thinking for an hour, your 1.5 Ghz Duron is actually doing millions of loops waiting for an event to happen (keystroke, mouse movement etc.). Projects have been created to use the processor time we have to "spare" for calculations that would normally need a cluster of processors in most expensive hardware. Seti@Home is one of the projects that uses our computer like a node of a parallel cluster. The cheapest parallel supercomputer in life is the Internet. That is primarily because it is the individual user who has paid for his/her computer, because connecting to the "hive" is very simple and easy, as stated in the 3rd paragraph, and because millions of users are online constantly. The difficult situation in this collective computer is that it is dynamic in a disturbing way. When we go offline, or worse, turn off our computers, the processing power of the whole dicreases. This supercomputer is, therefore, constantly changing. Seti@home gives us some work that is been processed while we are offline and gets the results back when we go online again. There are many more projects like this one, and this kind of use for our computer makes us more aware that we are part of a community. Furthermore, Local Area Network Supercomputers became a reality in Linux back in '98, using dozens of old 486 and Pentiums. I will have to recall some data to be specific about this, so please have some patience. In addition, Linux is used to create "Render Farms". In this case, home computers connected to a network, run custom renderers that calculate small pieces of tasks and return the whole result to the workstation that requested it. --------------------------------------------------- |