TRIBHUVAN UNIVERSITY

INSTITUTE OF SCIENCE AND TECHNOLOGY

BIRENDRA MULTIPLE CAMPUS

Network and System Administration

BIT 451

Submitted by
Aaditya Pageni (BIT 267/077)

Submitted to
Bindu Aryal
1. Design a network using Packet Tracer with two routers connected to switches, each
supporting three PCs, configuring IP addresses, creating two VLANs, and enabling OSPF
routing between the routers.

Devices Needed in Packet Tracer

●​ 2 Routers: Router1, Router2
●​ 2 Switches: Switch1, Switch2
●​ 6 PCs: PC1 to PC6
●​ Copper Straight-through Cables (for PC <-> Switch, Switch <-> Router)

VLAN Subnet Hosts VLAN ID

VLAN 10 192.168.10.0/24 PC1, PC2, PC4, PC5 10

VLAN 20 192.168.20.0/24 PC3, PC6 20

OSPF 192.168.1.0/30 Router1 ↔ Router2 -

Link

Switch1 (connected to Router1):

●​ VLAN 10: PC1, PC2 (Ports Fa0/1, Fa0/2)
●​ VLAN 20: PC3 (Port Fa0/3)
Switch2 (connected to Router2):
●​ VLAN 10: PC4, PC5 (Ports Fa0/1, Fa0/2)
 ●​ VLAN 20: PC6 (Port Fa0/3)
PC IP Assignments
PC IP Address Subnet Mask VLAN

PC1 192.168.10.11 255.255.255.0 10

PC2 192.168.10.12 255.255.255.0 10

PC3 192.168.20.13 255.255.255.0 20

PC4 192.168.10.14 255.255.255.0 10

PC5 192.168.10.15 255.255.255.0 10

PC6 192.168.20.16 255.255.255.0 20

Router1:
●​ G0/0.10 → IP 192.168.10.1 (for VLAN 10)
●​ G0/0.20 → IP 192.168.20.1 (for VLAN 20)
●​ G0/1 → IP 192.168.1.1/30 (OSPF link to Router2)
Router2:
●​ G0/0.10 → IP 192.168.10.2
●​ G0/0.20 → IP 192.168.20.2
●​ G0/1 → IP 192.168.1.2/30
Configure Router-on-a-Stick (Inter-VLAN Routing)
On Router1:
interface g0/0
no shutdown

interface g0/0.10
encapsulation dot1Q 10
ip address 192.168.10.1 255.255.255.0

interface g0/0.20
encapsulation dot1Q 20
ip address 192.168.20.1 255.255.255.0

interface g0/1
ip address 192.168.1.1 255.255.255.252
no shutdown
On Router2:
interface g0/0
no shutdown

interface g0/0.10
encapsulation dot1Q 10
ip address 192.168.10.2 255.255.255.0

interface g0/0.20
encapsulation dot1Q 20
ip address 192.168.20.2 255.255.255.0

interface g0/1
ip address 192.168.1.2 255.255.255.252
no shutdown

Configure VLANs and Trunk on Switches

On Switch1:
vlan 10
vlan 20

interface range fa0/1 - 2

switchport mode access
switchport access vlan 10

interface fa0/3
switchport mode access
switchport access vlan 20

interface fa0/24
switchport mode trunk

On Switch2:
vlan 10
vlan 20

interface range fa0/1 - 2

switchport mode access
switchport access vlan 10

interface fa0/3
switchport mode access
switchport access vlan 20

interface fa0/24
switchport mode trunk

Enable OSPF on Routers

On Router1:
router ospf 1
network 192.168.10.0 0.0.0.255 area 0
network 192.168.20.0 0.0.0.255 area 0
network 192.168.1.0 0.0.0.3 area 0

On Router2:
router ospf 1
network 192.168.10.0 0.0.0.255 area 0
network 192.168.20.0 0.0.0.255 area 0
network 192.168.1.0 0.0.0.3 area 0

Final Testing
●​ ping between PC1 and PC4 (same VLAN, different switch)
●​ ping between PC3 and PC6 (same VLAN 20)
●​ ping between any PC and gateway (e.g., 192.168.10.1)
●​ ping from one router to another via 192.168.1.1 ↔ 192.168.1.2

2.Using Packet Tracer, configure a switch with VLANs 10 and 20, assign ports to each VLAN,
enable inter-VLAN routing using a router, and test connectivity between devices in different
VLANs.
1. Physical Topology
Device Port Connects To

PC1 Fa0/1 Switch

PC2 Fa0/2 Switch

PC3 Fa0/3 Switch

PC4 Fa0/4 Switch

Switch Fa0/5 (trunk port) Router G0/0/0

2. VLAN Creation on Switch

On the Switch:
enable
configure terminal

vlan 10
name VLAN10
vlan 20
name VLAN20

3. Assign Ports to VLANs

interface range fa0/1 - 2
switchport mode access
switchport access vlan 10

interface range fa0/3 - 4

switchport mode access
switchport access vlan 20

4. Configure Trunk Port to Router

interface fa0/24
switchport mode trunk

5. Configure Router Subinterfaces (Router-on-a-Stick)

On the Router:
enable
configure terminal

interface g0/0/0
no shutdown

interface g0/0/0.10
encapsulation dot1Q 10
ip address 192.168.10.1 255.255.255.0

interface g0/0/0.20
encapsulation dot1Q 20
ip address 192.168.20.1 255.255.255.0

6. PC IP Configuration
PC IP Address Subnet Mask Default Gateway
 PC1 192.168.10.11 255.255.255.0 192.168.10.1

PC2 192.168.10.12 255.255.255.0 192.168.10.1

PC3 192.168.20.11 255.255.255.0 192.168.20.1

PC4 192.168.20.12 255.255.255.0 192.168.20.1

7. Test Connectivity
●​ From PC1, ping PC2 → Should succeed (same VLAN)
●​ From PC1, ping PC3 → Should succeed (inter-VLAN routing)
●​ From PC3, ping PC4 → Should succeed (same VLAN)
●​ From PC4, ping PC1 → Should succeed (inter-VLAN routing)​

3. On a Linux server, perform the following tasks:

●​ Create three user accounts (User1, User2, and User3) with specific permissions,
including read/write access to designated directories.
●​ Configure file system quotas for each user to restrict disk usage.
●​ Demonstrate changing file ownership and permission settings using the chmod
and chown commands.

Create Three User Accounts

sudo useradd User1
sudo useradd User2
sudo useradd User3

# Set passwords
sudo passwd User1
sudo passwd User2
sudo passwd User3

2. Create Designated Directories with Specific Permissions

Example:
●​ /data/user1_data for User1
●​ /data/user2_data for User2
●​ /data/user3_data for User3
Create directories:
sudo mkdir -p /data/user1_data
sudo mkdir -p /data/user2_data
sudo mkdir -p /data/user3_data
Set ownership to each user:
sudo chown User1:User1 /data/user1_data
sudo chown User2:User2 /data/user2_data
sudo chown User3:User3 /data/user3_data

Set permissions (read/write access for owner only):

sudo chmod 700 /data/user1_data
sudo chmod 700 /data/user2_data
sudo chmod 700 /data/user3_data

3. Configure File System Quotas

Step 1: Install quota tools (if not already installed):
sudo apt update
sudo apt install quota -y # Debian/Ubuntu

Step 2: Enable quotas on a file system (e.g., /data)

1.​ Edit /etc/fstab to include usrquota for the /data partition:
/dev/sdX /data ext4 defaults,usrquota 0 0

(Replace /dev/sdX with the actual device for /data)

2.​ Remount the partition:
sudo mount -o remount /data

3.​ Create quota database files:

sudo quotacheck -cum /data
sudo quotaon /data

Step 3: Set quotas for each user (e.g., 50MB soft limit, 60MB hard limit):
sudo setquota -u User1 50000 60000 0 0 /data
sudo setquota -u User2 50000 60000 0 0 /data
sudo setquota -u User3 50000 60000 0 0 /data

Step 4: Verify quotas:

sudo repquota /data
4. Demonstrate chown and chmod
Create a sample file:
sudo touch /data/user1_data/sample.txt
Change ownership to User1:
sudo chown User1:User1 /data/user1_data/sample.txt
Set permissions to rw-r----- (read/write for owner, read for group):
sudo chmod 640 /data/user1_data/sample.txt

4. Configure Postfix as a basic mail server on a Linux server: Set up email accounts for two users
(e.g., [email protected], [email protected]), test sending and receiving emails, and
troubleshoot delivery issues.
Here's a clear step-by-step guide to configure Postfix as a basic mail server on a Linux server
(suitable for lab or internal testing):

1. Install Postfix
On a Debian/Ubuntu system:
sudo apt update
sudo apt install postfix -y
During installation, select:
●​ General type: Internet Site
●​ System mail name: example.com​

If already installed, reconfigure with:

sudo dpkg-reconfigure postfix

2. Create Email User Accounts

Create two Linux system users that will represent email accounts:
sudo useradd -m hari
sudo passwd hari
sudo useradd -m anaya
sudo passwd anaya
Their email addresses will be:
●​ [email protected]
●​ [email protected]​

3. Configure Postfix for Local Delivery

Ensure Postfix is set to handle mail for the example.com domain locally.
Check /etc/postfix/main.cf for:
myhostname = mail.example.com
mydomain = example.com
myorigin = $mydomain
inet_interfaces = all
inet_protocols = all
 mydestination = $myhostname, localhost.$mydomain, localhost,
$mydomain

Restart Postfix:
sudo systemctl restart postfix

4. Test Sending and Receiving Emails

Switch to hari user and send a test email to anaya:
su - hari
echo "Test email from Hari to Anaya" | mail [email protected]
exit
Check mail for anaya:
su - anaya
mail
Inside the mail program:
●​ Press Enter to read the message
●​ Type q to quit​

5. Explain the Linux booting process with server installation steps.

1. Linux Booting Process (Step-by-Step)

The Linux boot process consists of several stages:
BIOS/UEFI Initialization
●​ When the system powers on, the BIOS/UEFI performs hardware checks (POST - Power On Self
Test).
●​ It identifies bootable devices (hard disks, USBs, CD/DVD, etc.).
●​ It loads the bootloader from the boot device.​

Bootloader (GRUB)
●​ GRUB (GRand Unified Bootloader) is the most common Linux bootloader.
●​ It presents a menu to choose the OS (if multiple OS are installed).
●​ Loads the selected kernel into memory.
Kernel Initialization
●​ The Linux kernel is loaded.
●​ It initializes hardware drivers, memory management, and mounts the root filesystem.
●​ The kernel starts the first user-space process, typically init or systemd.​

init/systemd Process
●​ init (older systems) or systemd (modern systems) takes over.
 ●​ It starts system services as defined by runlevels or targets.
●​ Manages service dependencies and startup order.​

Runlevel/Target Services
●​ Essential services like networking, SSH, firewalls, etc., are started.
●​ The system reaches a target state such as multi-user mode or graphical mode.

Login Prompt
●​ Finally, the user is presented with a terminal login (CLI) or a graphical login screen (GUI).​

2. Linux Server Installation Steps (Typical Process)

Boot from Installation Media
●​ Insert bootable USB/DVD with the Linux server ISO (e.g., Ubuntu Server, CentOS, RHEL).
●​ Power on and boot from this media.​

Select Installation Options

●​ Choose language and keyboard layout.
●​ Select Install Server option.
Partition Disks
●​ Choose automatic or manual partitioning.
●​ Create partitions for:
○​ / (root)
○​ swap
○​ /boot (optional)
○​ /home (optional)​

●​ For production, LVM or RAID is recommended.​

Set Hostname and Users

●​ Define the server hostname.
●​ Set a root password.
●​ Create additional admin/user accounts.​

Package and Software Selection

●​ Select server-specific software:
○​ OpenSSH server
○​ Web server (optional)
○​ Database server (optional)
 ●​ Minimal installation recommended for security.​

Network Configuration
●​ Set static or dynamic IP addressing.
●​ Configure hostname and DNS (optional).
Install Bootloader
●​ GRUB is typically installed automatically on the main disk.​

Complete Installation and Reboot

●​ Installation completes.
●​ Remove installation media.
●​ Reboot the system.
Post-Installation Setup
●​ Login to the server.
Run updates:​
​
sudo apt update && sudo apt upgrade -y # Debian/Ubuntu

5 Explain the steps to configure HTTP-APACHE server for Linux virtual hosting of the website
www.tu.edu.np.

1. Install Apache Web Server

On Ubuntu/Debian:
sudo apt update
sudo apt install apache2 -y
2. Create a Directory for Your Website
sudo mkdir -p /var/www/tu.edu.np/public_html
Set permissions:
sudo chown -R $USER:$USER /var/www/tu.edu.np/public_html
sudo chmod -R 755 /var/www
3. Create a Sample index.html
echo "<h1>Welcome to www.tu.edu.np!</h1>" | sudo tee
/var/www/tu.edu.np/public_html/index.html
4. Create Apache Virtual Host Configuration File
On Ubuntu (site-available structure):
sudo nano /etc/apache2/sites-available/tu.edu.np.conf

Add the following:

<VirtualHost *:80>
ServerAdmin [email protected]
ServerName www.tu.edu.np
DocumentRoot /var/www/tu.edu.np/public_html
ErrorLog ${APACHE_LOG_DIR}/tu.edu.np_error.log
CustomLog ${APACHE_LOG_DIR}/tu.edu.np_access.log combined
</VirtualHost>

5. Enable the Site (Ubuntu Only)

sudo a2ensite tu.edu.np.conf
sudo systemctl reload apache2

Disable default site (optional):

sudo a2dissite 000-default.conf
6. Restart Apache Service
Ubuntu/Debian:
sudo systemctl restart apache2
Enable on boot:
sudo systemctl enable apache2 # Ubuntu
7. (Optional) Update /etc/hosts for Testing Without DNS
On your local machine (not the server), add:
<server-ip> www.tu.edu.np
Example:
192.168.1.100 www.tu.edu.np
Now visit http://www.tu.edu.np in your browser.
Verify Apache Virtual Host
apachectl -S
Should show:
*:80 is a NameVirtualHost
default server www.tu.edu.np (/etc/apache2/sites-enabled/tu.edu.np.conf:1)
Test It
●​ Open browser: http://www.tu.edu.np
●​ Or: curl http://www.tu.edu.np

8. Set up a backup solution on a Linux server using rsync: Create a daily backup script for
critical files (/etc, /home) and configure rsync to synchronize backups to a remote server or
storage device.

Step 1: Install rsync (if not installed)

sudo apt update
sudo apt install rsync -y
Step 2: Create Daily Backup Script
Example script: /usr/local/bin/daily_backup.sh
#!/bin/bash
BACKUP_SRC="/etc /home"
BACKUP_DST="[email protected]:/backups/$(hostname)"
rsync -avz --delete $BACKUP_SRC $BACKUP_DST
Make script executable:
sudo chmod +x /usr/local/bin/daily_backup.sh
Assumptions:
●​ Remote backup server IP: 192.168.1.100
●​ SSH keys are set up for backupuser to avoid password prompts
Step 3: Automate with Cron
Edit crontab:
crontab -e
Add:
0 2 * * * /usr/local/bin/daily_backup.sh
This runs the backup daily at 2:00 AM.
Step 4: Test the Backup Manually
/usr/local/bin/daily_backup.sh

7. Configure SNMP on a router or switch to enable SNMP version 2c and use snmpwalk to
retrieve and display system description and interface details in packet tracer.

Step 1: SNMP Configuration on Router/Switch

On the device:

enable
configure terminal

hostname R1
interface GigabitEthernet0/0
ip address 192.168.1.1 255.255.255.0
no shutdown

snmp-server community public RO

snmp-server location ServerRoom
snmp-server contact [email protected]

Where:

●​ public = SNMP community string (can be changed for security

●​ RO = Read-Only access​

Step 2: Use snmpwalk (In Real Linux System)

Assuming the router IP is 192.168.1.1, run:

snmpwalk -v2c -c public 192.168.1.1 sysDescr

snmpwalk -v2c -c public 192.168.1.1 ifDescr

Where:

●​ sysDescr = Retrieves system description​

●​ ifDescr = Lists interface descriptions​