Articles / Linux Routers: A Primer For…

Linux Routers: A Primer For Network Administrators

Linux Routers is a quirky, very personal look at implementing TCP/IP networks using Linux servers by an obvious master of the field. Despite the book's subtitle, however, this book is much better suited for Linux system administrators thrown into the world of network administration than it is for network administrators who are looking to save money on hardware costs by moving to Linux.

After two introductory chapters covering basic system building and networking fundamentals, Mancill discusses more than half a dozen case studies of actual network servers using Linux. This format works wonderfully as an introduction to how systems are really built, but weakens the book's usefulness as a reference.

The first chapter, "Router Building Blocks", covers router hardware, environmental concerns, and Linux distributions appropriate for deployment on routers. Information in this chapter is, by and large, common knowledge among PC hardware people and Linux administrators.

Chapter two, "IP, Ethernet, and Telephony Basics" covers routing, subnetting, network hardware, link-level concerns, and types of long-distance data links, including billing and installation issues. The discussion of subnetting is excellent, but network administrators should already be familiar with subnetting and routing issues. Linux administrators, however, can rapidly learn networking basics from this material.

Chapter three, "Silicon -- A LAN Router" discusses basic system configuration issues, including configuring network adapters and static routes on Linux systems. IP aliasing and various network monitoring tools are discussed. These tools include tcpdump, hunt, ethereal, and mii-diag. These discussions are well written, but perhaps require more networking information than was imparted in the previous chapter. The chapter closes with a detailed discussion of the Linux Router Project.

The discussion of network monitoring tools (especially hunt) covers a lot of security-related information. Mancill, however, does not provide many prescriptions for securing systems, and the use of the insecure telnet protocol continues throughout the rest of the book. Readers are well-advised to consider additional sources of security information before implementing any networked systems.

"Erbium -- An Extranet Router" builds on the previous chapter by discussing dialout capabilities and the 2.4 kernel's netfilter functionality. IP Masquerading and Network Address Translation are covered in depth, but firewalling is not covered until later in the book. For readers interested in deploying more mature software solutions, the 2.2 kernel series's IPchains functionality is covered in a later chapter.

"Zinc -- A Frame Relay Router" covers WAN adapters and their software, primarily the Sangoma WANPIPE. Although this chapter begins to cover the MRTG network monitoring tool and its use in monitoring and debugging network connections, there is no other, more general discussion of network troubleshooting. The book would be greatly improved by the addition of such a section.

Chapter six, "Cesium and Xenon -- Tunneling Routers", covers the use of iproute2 in complex networking situations, the FreeS/WAN virtual private networking product, and IPv6. These discussions are wonderfully detailed descriptions of rarely-used but widely-available tools and protocols, and are invaluable for readers looking to implement any of these technologies.

Chapter seven, "Oxygen -- Internet Router", covers synchronous PPP and more on security, including general security measures, the 2.4 kernel's firewalling features, and failure notification. While these discussions are excellent, the material begins to drift away from router-specific material at this point.

Chapters eight and nine, "Californium -- Satellite Office Router" and "Hafnium -- Internet Services Router", continue this drift. They cover, among other topics, DNS, Web caching, DHCP, SAMBA, and NTP. Relevant material includes strong discussions on traffic shaping, proxying firewalls, and dynamic routing daemons. Chapter 10, "Ye Olde Kernel Shoppe -- Linux 2.2.x" covers, as the title suggests, the Linux 2.2 kernel. The IPChains interface is discussed in depth.

Appendices include the standard references section, information on how to build the Linux kernel and to use VMWare and other tools for testing, and an appendix titled "Ethics and Other Considerations", which covers the aforementioned ethical concerns, the meaning of TCO (Total Cost of Ownership) and the build-or-buy debate. While the material in this appendix may technically be off-topic, both the ethical and practical concerns are interesting and appropriate for budding network administrators.

The book's by-example format is the source of both its strengths and its weaknesses. Because these are case studies, the tools discussed are sometimes arbitrary. In particular, the reliance on proprietary network hardware and its accompanying software makes several chapters less than useful to users of other toolsets. The by-example organization also makes it difficult to find particular material; the book is not a ready reference. Finally, the topic choices are quirky. Relatively few admins will be implementing token ring networks, for example. The absence of sections on network bridging and architecting networks with firewalls are serious deficiencies.

In the end, however, the book is chock-full of technical details and should reward a second reading. Its quirkiness is that of a seasoned network administrator, and the tone is that of such an admin sharing his hard-won knowledge with a novice administrator. While most readers will need supplemental material to cover the gaps, this book may prove valuable for readers newly facing the challenges of network administration on Linux systems.

Recent comments

23 Feb 2003 12:13 Avatar blops

nice review.
very nice points, and the arguments you use (token rings networks ;-) ) are very valid.

nice review.

05 Nov 2002 22:37 Avatar nettec

Linux Router book
I got this book about 6 months ago. I feel that its a decent reference book. I agree that its not an "all in one" and that you do need more reference to feel the gaps. But it did its job and was a decent read..

26 Oct 2002 22:27 Avatar spicerun

I bought this book 2 months ago...
I like this book as I am still reading on it (and also adding some routing abilities on our network). There are times I wish that the author would go a little bit more into detail, but this book is a good one and has been very helpful for me.

Screenshot

Project Spotlight

Kigo Video Converter Ultimate for Mac

A tool for converting and editing videos.

Screenshot

Project Spotlight

Kid3

An efficient tagger for MP3, Ogg/Vorbis, and FLAC files.