The named.rev file

Learning Linux networking is not as tough as it seems. Knowing where to start can make a world of difference, and Larry Mintz is here to take you on a networking ride that will ensure you know what to look for and which tools to use.

In this Daily Drill Down, we’ll dive into the heart of networking. I’ll discuss setting up a LAN, setting up a TCP/IP network, and writing the files you need.
We’ll assume that Linux is being set up for a LAN and that you work for a company called
You might be familiar with Red Hat’s Linuxconf tool. This tool is a user-friendly GUI that allows the administrator to configure, graphically, many aspects of a networking environment. The Linuxconf GUI writes to the following scripts:
  • Networking | Name Server Specification: This section writes to /etc/resolv.conf.
  • Networking | Basic Host Information: This section writes to /etc/HOSTNAME.
  • Networking | Misc | Information About Other Networks: This section writes information about your network to /etc/networks.

How does TCP/IP work?
TCP/IP is constructed of four layers:
  • The Application layer
  • The Transport layer
  • The Internet layer
  • The Network Access layer

These layers are logical rather than physical. All network transactions move throughout these layers as they travel through the hardware (cables, LAN cards, and computers).

Here are some specifics about each layer:
  • The Application layer handles everything that is not TCP/IP.
  • The Transport layer handles data routing and delivery, including session initiation, error control, and sequence checking.
  • The Internet layer is responsible for data addressing, transmission, and packet fragmentation and reassembly (IP protocol).
  • The Network Access layer is responsible for transmitting data across the network, including determining how to access the physical medium.

TCP/IP protocols
I’ve briefly described how TCP/IP is logically layered, but there’s still more to discuss. Let's look at the numerous protocols that make up TCP/IP:
  • TCP (Transmission Control Protocol): This is a connection-based service, which means that sending and receiving are dedicated.
  • UDP (User Datagram Protocol): This is a connectionless service, which means that you send data with an address but you don’t know whether your mail arrives.

Then there are the routing protocols:
  • IP (Internet Protocol): This protocol handles the actual transmission of data.
  • ICMP (Internet Control Message Protocol): This protocol handles messages for IP.
  • RIP (Routing Information Protocol): This protocol determines the best routing method for delivering a message.
  • OSPF (Open Shortest Path First): This is another method for delivering messages.

These are the network address protocols:
  • ARP (Address Resolution Protocol): This protocol determines the unique numeric addresses of machines on the network.
  • DNS (Domain Name Service): This protocol determines numeric addresses from machine names.
  • RARP (Reverse Address Resolution Protocol): This protocol determines the addresses of machines on the network but in a reverse order from ARP.

These are the user-based services:
  • BootP (Boot Protocol): This protocol boots a network by reading information from a server.
  • FTP (File Transfer Protocol): This protocol allows the transfer of files across a network. FTP is not secure because it sends and receives unencrypted, plain-text passwords.
  • Telnet: This protocol allows users to remotely log in to another machine. Like FTP, it is not secure.

Finally, there are the gateway-based services:
  • EGP (Exterior Gateway Protocol): This protocol governs the transfer of routing information for external networks.
  • GGP (Gateway-to-Gateway Protocol): This protocol handles the routing of information between gateways.
  • IGP (Interior Gateway Protocol): This protocol handles the routing of information for internal networks.

What is the inet daemon?
When Linux starts up network services, the inet superserver activates Internet tools and services that make life a whole lot easier for you. The inet superserver is actually a daemon that activates other daemons via the /etc/inetd.conf file. This file is shown here:
# Modified for RHS Linux by Marc Ewing <>
# <service_name> <sock_type> <proto> <flags> <user> <server_path> <args>
# Echo, discard, daytime, and chargen are used primarily for testing.
# To reread this file after changes, just do a 'killall -HUP inetd'
# These are standard services.
ftp   stream   tcp   nowait   root   /usr/sbin/tcpd   in.ftpd -l –a
telnet   stream   tcp   nowait   root   /usr/sbin/tcpd   in.telnetd
ftp   stream   tcp   nowait   root   /usr/sbin/tcpd   in.ftpd -l –a
telnet   stream   tcp   nowait   root   /usr/sbin/tcpd   in.telnetd
The inetd system is no longer used in the Red Hat 7.0 release. The latest versions of many other Linux distributions, however, still use this system.
A bit of explanation about how this file is put together is in order: <proto> refers to transport protocol; <args> is the command line you give the service upon startup; <flags> refer to dgrams only.

You should use a wait flag if the service is single-threaded; this means that the service will read all the dgrams that come at a specified time and then wait for more. If none arrive, the service will time out. Examples are talk and comsat. You should use a nowait flag for services that read dgrams continuously.

The inetd superserver is a script. When you boot your computer, it calls this script. The script from the Red Hat 6.1 distribution is shown here:
# processname: inetd
# pidfile: /var/run/
# config: /etc/sysconfig/network
config: /etc/inetd.conf

# Source function library.
. /etc/rc.d/init.d/functions

# Get config.
. /etc/sysconfig/network

# Check that networking is up.
if [ ${NETWORKING} = "no" ]
   exit 0

[ -f /usr/sbin/inetd ] || exit 0


# See how we were called.
case "$1" in
   echo -n "Starting INET services: "
   daemon inetd

   [ $RETVAL -eq 0 ] && touch /var/lock/subsys/inet
   echo -n "Stopping INET services: "
   killproc inetd

   [ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/inet
   status inetd
    $0 stop
   $0 start
   killall -HUP inetd
   echo "Usage: inet {start|stop|status|restart|reload}"
   exit 1

exit $REVAL

If networking is possible, then inetd goes to the start option and executes /usr/sbin/inetd using /etc/ined.conf.

What are the most common services?
The /etc/services file lists all the Internet and networking services available to Linux. A partial listing of this file is shown here:
# /etc/services:
# $Id: services,v 1.4 1997/05/20 19:41:21 tobias Exp $

# Network services, Internet style

tcpmux      1/tcp      # TCP port service multiplexer
echo      7/tcp    
echo      7/udp 
discard   9/tcp      sink null
discard   9/udp      sink null
systat      11/tcp      users
daytime   13/tcp    
daytime   13/udp    
netstat   15/tcp    
qotd      17/tcp      quote
msp      18/tcp      # message send protocol
msp      18/udp     # message send protocol
chargen   19/tcp      ttytst source
chargen   19/udp      ttytst source
ftp-data   20/tcp    
ftp      21/tcp    
fsp      21/udp      fspd
ssh      22/tcp      # SSH Remote Login Protocol
ssh      22/udp      # SSH Remote Login Protocol
telnet      23/ 


These are the services available to Linux. The first column represents the service. The second column represents <port>/<protocol>; <protocol> is either tcp or udp. The third column represents alternative service names. The ports listed are the common ones.
It is a common fallacy to assume that out-of-the-box-Linux is a completely secure OS. Linux can be turned into a much more secure OS than most others without the use of third-party applications. One step toward that end is to comment out nearly (if not all) services in the /etc/services file.
Configuring the kernel and hardware
Now I’ll show you how to configure the Linux kernel for networking. I’m basing the kernel compilation on kernel-2.2.12-20 (Red Hat 6.1). Issue the following command (unless you’re in superuser mode):
su root

Then issue these commands:
cd /usr/src/linux
make xconfig

Next, go to the Network options and check off the following items in order to set up a basic LAN:
  • <y> Packet socket: This option allows you to use tcpdump. It acts as an interface between the hardware and the software.
  • <y> Routing messages: This option allows you to read network information, which could be useful for debugging purposes.
  • <y> Network firewalls: This option is a must if any computer in the network has a firewall.
  • <Y> TCP/IP networking: This option is absolutely necessary in order for a TCP/IP network to work. If it is turned off, you will have an IPX network.
  • <Y> IP multicasting: This option allows multiple addressing of computers at once by a single machine.
  • <Y>/<M> IP: advanced router: This option allows any one of your boxes to be a router (that is, a computer that forwards and redistributes network packets).
  • <Y>/<M> IP:verbose route monitoring: This option allows debugging.
  • <Y> IP: Kernel level autoconfiguration: This option configures IP addresses with the kernel automatically.
  • <Y> IP firewalling: This option sets a Linux box as packet-filter firewall.
  • <Y>/<M> IP Masquerading: This option allows a computer to send information to the outside world by piggybacking on a firewall's IP.
  • <Y> Reverse ARP: This function enables the Reverse Address Resolution Protocol (RARP). RARP is used by diskless clients and X terminals to inquire about their IP addresses.

Next, go to the Ethernet section and check off the appropriate software for your LAN cards. Or if you have ARCnet devices or token ring devices, check off the appropriate software for your cards.

Once you’ve completed this task, you’re ready to move on to network device support. Check off the following items:
  • <y> Networking device support
  • <y> Loopback device
  • <Y> Ethernet tap device: Allows you to write raw data to the file /dev/tap<m>, where <m> is the number of taps.
  • <y> FDDI drivers
  • <y> Slip
An Ethernet tap is a device that provides packet reception and transmission for user-space programs. Ethernet taps can read and write packets to a tap device and then into a file for analysis. This data can be used to determine how efficiently your network is performing.
You might want to know how to create the /dev/tap0 file. At the prompt, type:
mknod /dev/tap0 c 36 16

Of course, you can create more than one tap. To make three taps, you type at the prompt:
mknod /dev/tap0 c 36 16
mknod /dev/tap1 c 36 17
mknod /dev/tap2 c 36 18

or, in general:
mknod /dev/tap<m> c 36 <n> (n=16,17,18... for m=0,1..)

Next, you must connect the tap. Let’s suppose you have the IP number and want to tap it. You would type:
ifconfig tap

You can also tap ARP. At the prompt, type:
ifconfig tap arp

Now your Ethertap is all set. You’ll have to write a C program to read and write the data to a file.

If any computer on your network has multiple ports to the outside world, go to the Character Devices section and check off the following items:
  • <y> Support for more than four serial ports
  • <y>/<m> Cyclades multi-card mux support
  • <y> Stallion multi-card serial support
  • <y>/<m> Stallion Easy IO or EC8/32 support
  • <y>/<m> Stallion EC8/64 ONboard Brumby support
  • <y>/<m> Specialx I08 special card support

Leave the Network File System section alone. Save the kernel. Then, issue the following commands:
make dep
make bzdisk

Once you’ve copied the file to a clean disk, reboot the system. If no problems show up, enter the following command:
dd if= /dev/fd0 of=linux-2.2.12-2

Back up your old kernel, copy the new kernel over the present one in /boot, and run this command:

Create the modules with these commands:
make modules
make modules_install

We included firewall support for network protection. I suggest that if you don't want to compile IP Masquerading and IP Routing into the kernel, you compile them as modules. You never know when these options might be useful.

The section covering character devices is somewhat obvious. If you plan to run an ISP, you’ll probably want to include one of these options in your kernel. If you have no direct use for character devices, you can compile them as modules. It all depends on the size and scope of your network.

Linux can’t find my network card!
What happens if Linux does not find your network card? You can pass parameters in the append command to the /etc/lilo.conf file. The parameters to use are:

The first four parameters are numerical. The last one is the device name.

Since we’re going to be installing multiple cards, you must add the reserve command in lilo to probe for the card. For example, if you had an Ethernet board at 0x240 as eth1, you would pass these parameters to the kernel:

The reserve option makes sure that no other driver will access the board’s IO space when it probes all the installed devices.

An alternative—if you know how to do network coding—is to insert the parameters in the file /usr/src/linux-x.y.z/drivers/net/Space.c.

TCP/IP configuration
Now, I‘ll describe how to set up the interfaces as well as how to manually configure networking hosts and network files. I’ll show you how to configure and route through a gateway.

The first step is to choose an IP from your own country's NIC center. There are six classes of networks:
  • Class A: Networks ranging from to 127.0.00
  • Class B: Networks ranging from 128.0.0 to
  • Class C: Networks ranging from to
  • Classes D, E, F: Networks ranging from to

For the sake of argument, let’s suppose your company will go with a Class C network. Your NIC gives you the IP range of to The subnet mask is

Next, you will have to subnet the IP range. Then, you must set up the /etc/host file. The file looks like this:
#Host file for linux_stuff company.
# IP   FQDN            aliases   localhost
#   store   store-if1   head_branch.linux_stuff   head_branch   software.linux_stuff   software   internet.linux_stuff   internet   sales.linux_stuff   sales

#   store-if2   accounting.linux_stuff   accounting   complaints.linux_stuff   refund


Hostnames may be Fully Qualified Domain Names (FQDNs) or relative to the local domain. Next, add the following line to the /etc/host.conf file:
order hosts

In this fictitious company, there are subnets. So, to the file /etc/networks we add the following:
#/etc/networks for the linux_stuff company


It is important to have different IP addresses for the networks and hosts; problems can occur if the addresses are the same.

After you’ve set up these files, you must connect the interfaces. You can use ifconfig and route, or you can use Linuxconf. I’ll discuss two types of setups: single-interface setups and multiple-interface setups.

Single-interface setup
In the single-interface setup, we’ll connect one eth0 interface to one network and many hosts. In the multiple-interface setup, we’ll connect multiple interfaces (eth0, eth1, ppp0, pp1) to many networks and many hosts.

For a single-interface setup, we’ll first connect the loopback device. At the prompt, type:
ifconfig lo

This corresponds to the first line in the /etc/hosts file.

Next, connect the Ethernet interface to the network. To connect to the Ethernet interface, type:
ifconfig eth0 store

Now type:
ifconfig eth0

and you’ll get these results:
eth0 Link encap 10Mps Ethernet HWadrr 00:00:C090:B3:42
 inet addr: Bcast192.3.1.255 Mask
 RX packets 0 errors 0 dropped 0 overrun 0
 TX packets 0 errors 0 dropped 0 overrun 0

We can overrun these values by using different options with ifconfig.

Next, we have to tell eth0 which network it will be routing through. At the prompt, type:
route add -net netmask eth0 up

You might be wondering what route is doing and which net it is detecting. Basically, the kernel checks all the interfaces and compares the destination address (tech-support-net) to the network part of the interface address. The only interface that matches is eth0.

The -net option is for networks, and the -host option is for hosts. Another way of doing this is to type:
route add technical-support-net netmask eth0

Next, let’s suppose that, instead of adding a network, you want to add one host:
route add -host netmask eth0

You might think that using the -host option is tedious. It is. The method below works just as well:
route add head_branch netmask eth0

Now ping it:
ping store
Ping: store: 64 byte packets
 64 bytes from icmp_seq=0 time=
 64 bytes from icmp_seq=0
 64 bytes from icmp_seq=0 time=
 64 bytes from icmp_seq=0

If you don't see this response, your network is broken. If you get unusual packet losses, you could have a hardware problem. If you receive any packets, use netstat to check your configuration. Ifconfg should tell you if any packets were sent out on the interface.

Suppose you want to route through a gateway. Sometimes two or more Ethernets are connected to each other, or they can be connected to the outside world (that is, the Internet). In our example, we want to create a gateway between the host store and customer-support-net.

In any case, you must provide additional information to the routing table. Our gateway is the store; we’ll assume that you’ve already configured it properly. You use the gw option of the route command to create a gateway. At the prompt, type:
route add default customer-support-net gw store

Multiple-interface setup
Suppose your company,, decides it needs more routing done. This requires more IP addresses. Below you will see four Ethernet segments and three ppp lines for the employees. One line is the mail server, and the other two are for surfing the Internet. It is your job to connect them. First, you would type:
ifconfig eth0 store
ifconfig eth1 head_office
ifconfig eth2 software
ifconfig eth3 sales

Then, you would enter:
route add tech-support netmask eth0 
route add accounting netmask eth1
route add research-support-net netmask eth2
route add customer-support-net netmask eth3
route add email default netmask ppp0
route add surf_line netmask ppp1
route add surf_line2 netmask ppp2

This would, more or less, set up much of the network for linux_stuff. But there are two final issues that we need to deal with: routing through multiple gateways and setting up multiple gateways.

The command sequence to configure a gateway between store-if1 and store-if2 is as follows:
ifconfig eth0 store-if1
ifconfig eth1 store-if2
route add tech-support-net
route add customer-support-net
route add research-net

Suppose you want the store to route through customer-support-net and tech-support-net, and you want the software to route through tech-support-net and research-net. This is how you would do it:
route add customer-support-net gw store
route add tech-support-net gw store
route add software tech-support-net gw software
route add software

Name service and resolver configuration
In the /etc/resolv.conf file, write the following lines:

Next, we’ll create the master files for our fictitious company. Here is a sample of a truncated file:
; formerly NS.INTERNIC.NET
.      3600000 IN NS A.ROOT-SERVERS.NET.
; formerly NS1.ISI.EDU
.      3600000  NS B.ROOT-SERVERS.NET.
; formerly C.PSI.NET
.      3600000  NS C.ROOT-SERVERS.NET.
; formerly TERP.UMD.EDU
.      3600000  NS D.ROOT-SERVERS.NET.
; formerly NS.NASA.GOV

Next, we’ll create the named.local file:
@   IN SOA
      16   ;serial
     86400  ;refresh once per day
      3600   ;refresh
      3600000  ; expire 42 days
      360000  ; minimum 100 hrs
   IN NS
   IN PTR localhost.

Then, we’ll set up the SOA file called named.hosts:
@   IN SOA
      16   ;serial
      86400  ;refresh once per day
      3600   ;refresh
      3600000  ; expire 42 days
      604800  ; minimum 1 week
   IN NS
;local mail is distributed on email
    IN MX 10 email
; loopback address
localhost.  IN A
;main linux store Ethernet
store   IN A
store-if1  IN CNAME store
store-if2  IN A
head_branch IN A
software  IN A
internet  IN A
accounting  IN A
complaints  IN A

There’s one last file to set up, and that is the named.rev file:
; named.rev does reverse lookup
@   IN SOA
      16   ;serial
      86400  ;refresh once per day
      3600   ;refresh
      3600000  ; expire 42 days
      604800  ; minimum 1 week
   IN NS
1.1 IN PTR
2.1 IN PTR
3.1 IN PTR
4.1 IN PTR
1.2 IN PTR
2.2 IN PTR
3.2 IN_PTR

To restart your network, use /usr/sbin/ndc. To verify that it is working, use nslookup and dnswalk. Dnswalk will walk you every step of the way through the process and report whether the network is up.

I hope you learned something about networking from this Daily Drill Down. I showed you how to configure your kernel and set up software interfaces for the hardware. I also explained the /etc/services file and the inetd superserver.
The authors and editors have taken care in preparation of the content contained herein but make no expressed or implied warranty of any kind and assume no responsibility for errors or omissions. No liability is assumed for any damages. Always have a verified backup before making any changes.

Editor's Picks