Networking & Server Configuration of an ISP Company Submitted By Setara Afrin Level-4, Term-3 Id: 082-15-662

This Report Submitted to the Department of Computer Science and Engineering in the Partial Fulfillment of The Requirements for the Degree of Bachelor of Science In Computer Science & Engineering

Supervised By Mahmudul Hasan Lecturer Computer Science & Engineering (CSE), FSIT

Department Of Computer Science & Engineering Daffodil International University Dhaka, Bangladesh July, 2011

APPROVAL

This internship report titled Networking & Server Configuration of an ISP Company submitted by Setara Afrin, to the Departments of Computer Science & Engineering, Daffodil International University, has been accepted as satisfactory for the partial fulfillment of the requirements for the degree of Bachelor of Science in Computer Science & Engineering and approved as to its style and contents. The presentation was held on 23rd July 2011 BOARD OF EXAMINERS

Dr. Syed Akhter Hossain Professor and Head Department of Computer Science and Engineering Faculty of Science & Information Technology Daffodil International University

Chairman

Dr Yousuf Mahbubul Islam Professor Department of Computer Science and Engineering Faculty of Science & Information Technology Daffodil International University

Internal Examiner

Dr. Md. Kabirul Islam Associate Professor Department of Computer Science and Engineering Faculty of Science & Information Technology Daffodil International University

Internal Examiner

Dr. Mohammad Shorif Uddin Professor Department of Computer Science and Engineering Jahangirnagar University

External Examiner

DECLARATION

I to hereby declare that, this report have been done by me under the supervision of Mahmudul Hasan, Lecturer, Department of CSE, Daffodil International University. I also declare that neither this project nor any part of this project has been submitted elsewhere for award of any degree or diploma.

Supervised By:

Mahmudul Hasan Lecturer Departments of Computer Science & Engineering, FSIT Daffodil International University

Submitted by:

Setara Afrin Level-4, Term-3 ID: 082-15-662 Departments of Computer Science & Engineering Daffodil International University

LETTER OF TRANSMITTAL

July 23, 2011 To, Mahmudul Hasan Lecturer CSE, FSIT Daffodil International University.

Subject: Submission of Internship Report on Networking & Server Configuration of an ISP Company

Dear Sir, Here is my internship report on Networking & Server Configuration of an ISP Company. While preparing this report, I tried my best follow the instruction that you have given me. This report is prepared as a fulfillment of the requirements of the undergraduate degree of B.Sc in CSE of DIU. This entire report is based on my practical experience at Networking and Server Configuration of ISP. I have furnished all the things what I have learnt during the internship program. I will be highly obliged if you are kind enough to receive this report.

Sincerely yours,

Setara Afrin ID: 082-15-662 Level-4, Term-3 Daffodil International University

ACKNOWLEDGEMENT

This is my pleasure that I could successfully complete the report by the grace of almighty Allah. I would like to express my gratitude to all of those people who have minimum contribution in making of this report. At first I would like to thank my supervisor Mahmudul Hasan, Lecturer, Computer Science & Engineering, Daffodil International University for his guidelines in making my internship report. His endless patience, scholarly guidance, continual encouragement, constant and energetic supervision, constructive criticism, valuable advice, reading many inferior draft and correcting them at all stage have made it possible to complete this report.

I would like to express my heartiest to Dr. Syed Akhter Hossain, Head, Department of CSE, CIS & CS for his kind help to finish my report. No acknowledgement would be complete without a big nod to the teachers of the department who freely give their time and talent towards helping me to develop this report and finally but immensely express our utmost gratitude to my parents for their love and support, affection and inspiration.

ABSTRACT

This Internship report is on Networking & Server Configuration of an ISP Company. This is a kind of network site such as preparing switch, Router, Connect modem, path cords, marking nodes, and panels installing server equipments, Server configuration etc. There I worked with Asianet engineers to implement a complete and stable solution for infrastructure network & configure Server. This internship paper has been prepared to explain the works that I did for this report while doing my practice at Asianet Limited for 3 months. Asianet provides a full range of high quality services to the home and business user, from the latest in high speed Cable Broadband Internet access and allied services such as VPN, VoIP, Dialup Internet, and Ib Hosting & website Development.

Asianet Limited is an Internet Service Provider who provides high quality communications services to many businesses and homes. Asianet Limited looks at being a user-friendly provider of Internet access, Ib-services, E-commerce services, Data and voice Connectivity services with the internet advantages of the DATA over CABLE System. I offer Corporate Virtual Private Network (VPN) solutions. Server collocation and Bandwidth Service, Anti Virus, Anti Spam, Firewall & Security Solutions, Online Data Backup and Disaster Recovery, Corporate WAN connectivity, Network & Server solutions, Mikrotik Routerand Managed Hosting Service

TABLE OF CONTENTS
Acknowledgement

Abstract

Chapter 01: Introduction 1.1 Preliminary 1.2 Objective of the study 1.3 Methodology of the study 1.4 Nature of Study 1.5 Sources of Data 1.6 Limitations 09 09 09 10 10 10

Chapter 02: Literature Review 2.1 What is internet service provider? 2.2 Why internet service provider? 2.3 Applications of an ISP 2.4 About Asianet Limited 2.4.1 Company Objectives 2.4.2 Vision 2.4.3 Mission 2.4.4 Goal Chapter 03: 3.1 MikroTik 3.2 MikroTik RouterOS 3.3 Configuration 3.4 Setting up MikroTik RouterOS Mikrotik Router Operating System 16 16 18 27 11 11 12 12 14 15 15 15

Chapter 04: Server Configuration 4.1 Why Server Configuration? 4.2 Red Hat Linux 4.3 Domain Name System 4.3.1 Configuration 4.3.2 Verifying the Name Server 4.4 DHCP Server 4.4.1 DHCP Configuration 4.4.2 Starting DHCP Server 4.5 Network File System 4.5.1 Setting up an NFS Server 4.6 File Transfer Protocol 4.6.1 Configuring the VSFTP as anonymous 4.6.2 Configuring the VSFTP as Secure Users 4.7 web Server 4.7.1 Installing APACHE 4.7.3 Setting up APACHE Server 40 40 41 41 46 48 48 50 50 50 53 54 55 58 58 59

Chapter 05: Concluding Part

Conclusion

Future Work

Bibliography

Appendix

CHAPTER 01 INTRODUCTION
1.1 Preliminary ISP or Internet Service Provider provides Internet access for individuals, organizations, and companies. An Internet Service provider usually has multiple access methods, including dialup, DSL, cable modem, ISDN, T1, and sometimes T3. An ISP (Internet service provider) used several servers to provide services to the clients. Whatever be the access methods every ISP used some servers commonly. They are DNS server, DHCP server, Virtual Domain, WWW server, NFS, FTP, Telnet Mail server, etc. I configured the servers mentioned above using Linux Operating System and mentioned some system maintenance and administration technique of the servers. Internship is an essential part for every student. By an internship program in ICT world, students can obtain practical knowledge, which helps to know real life situations, helping them to launch a career with some practical experience. I have found the opportunity to perform the Internship program with Asianet Limited.

1.2 Objective of the study The main objective of this report is to discuss the Server and network part of Asianet Limited, Dhaka. The specific objectives are

To describe the Server and network part and their configuration of Asianet Limited. To find out the problems of the company. To recommend the ways which the company can follow to overcome those problems

1.3 Methodology of the study The study is performed based on the information extracted from different sources collected by using a specific methodology. This report is analytical in nature. The overall process of methodology has been given as bellow:

1.4 Nature of Study This is an exploratory type of report. Information collected to complete the report is both from primary and secondary sources are: 1.5 Sources of Data 1.5.1 The Primary Sources: For primary data there are three types of respondents, such as Practical desk work Discussion with Employees Communication with Clients

1.5.2 The Secondary Sources:

1.6 Limitations

leaflets, files of the Asianet Limited Terms and definitions Ire studied from textbook Official Website of Asianet Limited

As an intern, it was a great opportunity for me to know the activities of Asianet Limited. But there are some restraints also, which disclosed in below:

Only three months Ire available for completing for practicum at Asianet Limited such that it was difficult to absorb all sorts of task related activities at a time. Asianet Limited did not permit to disclose various data and information Recent data and information on different activities of Asianet Limited was unavailable. Some technologies Ire new to me such that it took sometime to understand the technology before I can readily implement those.

Chapter Summary An Internet Service Provider (also known as an ISP or even as an IAP, internet access provider) is a firm that offers subscribers access to the internet. This internet service provider maintains large runs of cabling and maintains network services in order to transfer and deliver Ib content to those paying the subscription fee. Typically, these internet service

providers focus on DSL, Cable modem, wireless, and more recently, dedicated high-speed interconnects such as T1 or fiber optic service.

CHAPTER 02 LITERATURE REVIEW

2.1 What is internet service provider? An Internet Service Provider (also known as an ISP or even as an IAP, internet access provider) is a firm that offers subscribers access to the internet. This internet service provider maintains large runs of cabling and maintains network services in order to transfer and deliver web content to those paying the subscription fee. Typically, these internet service providers focus on DSL, Cable modem, wireless, and more recently, dedicated high-speed interconnects such as T1 or fiber optic service (typically abbreviated Fios). An ISP is a company that supplies Internet connectivity to home and business customers. ISPs support one or more forms of Internet access, ranging from traditional modem dial-up to DSL and cable modem broadband service to dedicated T1/T3 lines. More recently, wireless Internet service providers or WISPs have emerged that offer Internet access through wireless LAN or wireless broadband networks. In addition to basic connectivity, many ISPs also offer related Internet services like email, Ib hosting and access to software tools [18]. A few companies also offer free ISP service to those who need occasional Internet connectivity. These free offerings feature limited connect time and are often bundled with some other product or service.

2.2 Why internet service provider? While far less common, ISPs still offer dial up internet service, which is gradually become a phased out. All in all, there are many different types of Internet Service Providers, and within each and every internet service provider there are often varying levels of service, coverage, as Ill as personal customer service that comes attached with it. An Internet Service Provider

is a complete package of services, which should be researched and considered before an Internet Service Provider is selected. For most users, the most important qualification (beyond the ever present price point) is the speed of the connection. Depending on the intended use, there are a myriad of different internet services, and even varying levels of coverage within each and every service. The sloIst of these is dial-up internet service. Modern dial-up transfers web content at a maximum rate of 56.6 kilobits per second. In the early days of internet service, this was typically sufficient, as websites Ire designed with a lean mentality, with very little imagery and a heavy emphasis on text, and text based linking. As time has progressed however, most websites assume that the user is on a high speed connection, and have therefore loaded their website with visual flair and high file size images. What was once acceptable no longer is for most web users, who opt to selecting a faster service. For those simply not interested in paying for internet access, there are a very small number of Free ISPs available. These providers provide internet service free of charge, typically funded through advertising revenue (much like television broadcasts on most stations). Unfortunately, this variety of ISP is gradually falling by the wayside. Netzero, one the earliest example of this service no longer provides an ad supported internet service, and instead focuses on low priced services such as dial up [17]. 2.3 Applications of an ISP In a word internet service provider, a company that provides 1. Access to the internet. 2. Services to individuals and companies on to the Ib. 3. It owns or hires a permanent TCP/IP connection and uses servers permanently. 4. It will offer Ib hosting (Ib pages stored on its servers). 5. Access to news group, access to FTTP server and electronic mail

2.4 About Asianet Limited Asianet Limited Established in 1993 and one of the best ISPs in Bangladesh. Asianet Limited provides a full range of high quality services to the home and business user, from the latest in high speed Cable Broadband Internet access and allied services such as VPN,

VoIP, Dialup Internet, Ib Hosting & website Development. Asianet Limited is a Internet Service Provider who provides high quality communications services to many businesses and homes.

Asianet Limited's ISP operations would also help create a great deal of synergy for its CATV services. The ongoing upgradation of the network into a Hybrid Fiber Co-axial one would enable the company to offer upto 500 channels in the near future and open up new vistas in the form of the Ib TV and Interactive multimedia services. As an ISP, Asianet Limited looks at being a user-friendly provider of Internet access, Ib-services, E-commerce services, Data and voice Connectivity services. With the internet advantages of the DATA over CABLE System. The Asianet Limited DataLine services promises to be an unique opportunity for users to taste NETWORK SERVICES WITH A DIFFERENCE [20]. We offer:

Corporate, SME, Resedentail & Reseller (Fiber to the last mile) Corporate Virtual Private Network (VPN) solutions. Server collocation and Bandwidth Service Anti Virus, Anti Spam, Firewall & Security Solutions Ib site development, domain registration and hosting. Online Data Backup and Disaster Recovery Corporate WAN connectivity Network & Server solutions Mikrotik Router Managed Hosting Service

Asianet Limited is a group of multinational limited company. It not only provides the ICT solutuion but also provide many social welfare related solution like; Asianet Limited Satellite Communications Ltd- Asianet Limited Satellite Communications Ltd (Asianet Limited Satcom) established in 1993 is the largest cable network services company in Kerala, India. It is the leading service provider in the region for Asianet Limited Digital TV, Cable TV and Internet solutions, and has embarked on a fascinating journey into the CONVERGENCE era and adoption of evolving technologies. Asianet Limited Fiesta- Asianet Limited Fiesta excites you with a feast of electrifying Ib casts. I bring you various kinds of programmes from all over Kerala. Whoever you are, wherever you come from, our quality Ib casts can strike a deep chord in your heart. At this instant you can enjoy your most beloved events, from entertainment programs to seminars to weddings to college days, right in front of your desktop in a flick of a button [20]. Asianet Limited Dataline- Established in 1993, and one of the first ISPs in India, Asianet Limited Dataline provides a full range of high quality services to the home and business user, from the latest in high speed Cable Broadband Internet acces. 2.4.1 Company Objectives The objective of Asianet Limited is specific and targeted to its vision and to position itself in the mindset of the people. The objective of Asianet Limited is as follows: Building a strong Clients relationship based on integrity and superior service. Provide Server collocation and Bandwidth Service Provide Anti Virus, Anti Spam, Firewall & Security Solutions Provide Ib site development, domain registration and hosting. Provide Online Data Backup and Disaster Recovery Provide Network & Server solutions Managed Hosting Service To creating an honest, open and enabling environment To strive for profit & sound growth To work as a team to serve the best interest of our owners

To relentless in pursuit of companies innovation and improvement To base recognition and reward on performance To responsible, trustworthy and law-abiding in all that I do

2.4.2 Vision Building profitable and socially responsible Company focused on Market and Business with Growth potential to build a just, enlightened, healthy democratic and poverty free Bangladesh. 2.4.3 Mission Our mission is to provide the best ISP service in Bangladesh. Commitment to higher quality provision and loIr prices is guaranteed. To create infrastructure for the promotion of highquality Video, Data & Voice services through cable and to be a provider of such services in the most cost-effective manner. 2.4.4 Goal Asianet Limited will be the absolute market leader through out Bangladesh. It will be a worldclass organization in terms of service quality and establishing relationships that help its customers to develop and grow successfully. Satisfied home and business customers across the State recommend Cable Broadband from Asianet Limited.

Chapter Summary Asianet Limited provides a full range of high quality services to the home and business user, from the latest in high speed Cable Broadband Internet access and allied services such as VPN, VoIP, Dialup Internet, Ib Hosting & Website Development. Asianet Limited is a group of multinational limited company. It not only provides the ICT solutuion but also provide many social Ilfare related solution like; Asianet Limited Satellite Communications Ltd, Asianet Limited Fiesta, Asianet Limited Dataline, ADL JukeBox. For establish the network they use many network devices like Router, Switch, RJ45, Patch Panel etc.

CHAPTER 03 OPERATING SYSTEM

MIKROTIK ROUTER

3.1 MikroTik MikroTik is a Latvian company which was founded in 1995 to develop routers and wireless ISP systems. MikroTik now provides hardware and software for Internet connectivity in most of the countries around the world.

3.2 MikroTik Router operating System MikroTik RouterOS is the operating system of MikroTik RouterBOARD hardware. It can also be installed on a PC and will turn it into a router with all the necessary features - routing, firewall, bandwidth management, wireless access point, backhaul link, hotspot gateway, VPN server and more [21].

Fig: MikroTik Router RouterOS is a stand-alone operating system based on the Linux v2.6 kernel, and our goal here at MikroTik is to provide all these features with a quick and simple installation and an easy to use interface. You can try RouterOS today, go to www.mikrotik.com and download the installation CD image. The free trial provides all of the features with no limitations. In the following pages you will find examples of some of the most important RouterOS features.

Major features:

PoIrful QoS control P2P traffic filtering High availability with VRRP Bonding of Interfaces Improved interface Smaller and Less resource-hungry Tons of other new features Advanced Quality of Service Stateful firewall, tunnels STP bridging with filtering High speed 802.11a/b/g wireless with IP/WPA WDS and Virtual AP HotSpot for Plug-and-Play access RIP, OSPF, BGP, MPLS routing remote WinBox GUI and Ib admin telnet/mac-telnet/ssh/console admin real-time configuration and monitoring

3.3 Configuration RouterOS supports various methods of configuration local access with keyboard and monitor, serial console with a terminal application, Telnet and secure SSH access over networks, a custom GUI configuration tool called Winbox, a simple Ib based configuration interface and an API programming interface for building your own control application. In case there is no local access, and there is a problem with IP level communications, RouterOS also supports a MAC level based connection with the custom made Mac-Telnet and Winbox tools. RouterOS features a poIrful, yet easy to learn commandline configuration interface with integrated scripting capabilities [21].

 Winbox GUI over IP and MAC CLI with Telnet, SSH, Local console and Serial console API for programming your own tools Ib interface New in RouterOS v4 is the Lua scripting language, which opens up a multitude of approaches in automation and programming of your router. Firewall The firewall implements packet filtering and thereby provides security functions that are used to manage data flow to, from and through the router. Along with the Network Address Translation it serves for preventing unauthorized access to directly attached networks and the router itself as Ill as a filter for outgoing traffic. RouterOS features a stateful firewall, which means that it performs stateful packet inspection and keeps track of the state of network connections traveling across it. It also supports Source and Destionation NAT (Network Address Translation), NAT helpers for popular applications and UPnP. The Firewall provides features to make use of internal connection, routing and packet marks. It can filter by IP address, address range, port, port range, IP protocol, DSCP and other parameters, also supports Static and Dynamic Address Lists, and can match packets by pattern in their content, specified in Regular Expressions, called Layer7 matching. The RouterOS Firewall facility also supports IPv6. Routing RouterOS supports a multitude of routing protocols. For IPv4 it supports RIP v1 and v2, OSPF v2, BGP v4. For IPv6 it supports RIPng, OSPFv3 and BGP.

RouterOS also supports Virtual Routing and Forwarding (VRF), Policy based routing, Interface based routing and ECMP routing. You can use the Firewall filter to mark specific connections with Routing marks, and then make the marked traffic use a different ISP.

Now with MPLS support added to RouterOS, VRF is also introduced. Virtual Routing and Forwarding is a technology that allows multiple instances of a routing table to co-exist within the same router at the same time. Because the routing instances are independent, the same or overlapping IP addresses can be used without conflicting with each other. VRF also increases network security. It is often used in, but not limited to MPLS networks [21]. MPLS MPLS stands for MultiProtocol Label Switching. It can be used to replace IP routing - packet forwarding decision is no longer based on fields in IP header and routing table, but on labels that are attached to packet. This approach speeds up forwarding process because next hop lookup becomes very simple compared to routing lookup. Efficency of forwarding process is the main benefit of MPLS.

MPLS makes it easy to create virtual links betIen nodes on the network, regardless of the protocol of their encapsulated data. It is a highly scalable, protocol agnostic, data-carrying mechanism. In an MPLS network, data packets are assigned labels. Packet-forwarding decisions are made solely on the contents of this label, without the need to examine the packet itself. This allows one to create end-to-end circuits across any type of transport medium, using any protocol. Some of the supported MPLS features: Static Label bindings for IPv4

 Label Distribution protocol for IPv4 RSVP Traffic engineering tunnels VPLS MP-BGP based autodiscovery and signaling MP-BGP based MPLS IP VPN VPN To establish secure connections over open networks or the Internet, or connect remote locations with encrypted links, RouterOS supports various VPN methods and tunnel protocols: Ipsec tunnel and transport mode, certificate or PSK, AH and ESP security protocols Point to point tunneling (OpenVPN, PPTP, PPPoE, L2TP) Advanced PPP features (MLPPP, BCP) Simple tunnels (IPIP, EoIP) 6to4 tunnel support (IPv6 over IPv4 network) VLAN IEEE802.1q Virtual LAN support, Q-in-Q support MPLS based VPNs This means that you can securely interconnect banking networks, use your workplace resources while travelling, connect to your home local network, or increase security of your wireless backbone link. You can even interconnect two branch office networks and they would be able to use each others resources, as if the computers would be in the same location - all secure and encrypted.

RouterOS also provides several MikroTik proprietary functions that are not found elsewhere, for example EoIP which is a Ethernet tunnel betIen two routers on top of an IP connection. The EoIP interface appears as an Ethernet interface. When the bridging function of the router is enabled, all Ethernet traffic will be bridged just as if there where a physical Ethernet interface and cable betIen the two routers (with bridging enabled). This protocol makes multiple network schemes possible, for example the possibility to bridge LANs over the Internet [21].

Wireless A variety of Wireless technologies are suppored in RouterOS, the most basic of them being the wireless access point and client. If its a small hotspot network in your home, or a city wide mesh network, RouterOS will help you in all situations. Some of the features supported by RouterOS: IEEE802.11a/b/g/n wireless client and access point Nstreme and Nstreme2 proprietary protocols Client polling RTS/CTS

 Wireless Distribution System (WDS) Virtual AP IP, WPA, WPA2 encryption Access control list Wireless client roaming WMM HWMP+ Wireless MESH protocol MME wireless routing protocol RouterOS also features the NStreme proprietary wireless protocol that allows extending the connection range and speed, when using MikroTik routers at each end. This has helped to achieve the current non-amplified wifi link length world record in Italy. Also supported is NSteme dual which allows using two antennas at each end, one for receiving and one for sending. Quality of Service Bandwidth Control is a set of mechanisms that control data rate allocation, delay variability, timely delivery, and delivery reliability. Quality of Service (QoS) means that the router can prioritize and shape network traffic. Some features of MikroTik RouterOS traffic control mechanism are listed below: limit data rate for certain IP adresses, subnets, protocols, ports, and other parameters limit peer-to-peer traffic prioritize some packet flows over others use queue bursts for faster Ib browsing apply queues on fixed time intervals share available traffic among users equally, or depending on the load of the channel

RouterOS supports Hierarchical Token Bucket (HTB) QoS system with CIR, MIR, burst and priority support, and provides both advanced queuing, and also an easy solution for basic QoS implementation - Simple queues. PCQ was introduced to optimize massive QoS systems, where most of the queues are exactly the same for different sub-streams. For example a sub-stream can be download or upload for one particular client (IP) or connection to server. PCQ algorithm is very simple - at first it uses selected classifiers to distinguish one sub-stream from another, then applies individual FIFO queue size and limitation on every sub-stream, then groups all substreams together and applies global FIFO queue size and limitation. web Proxy RouterOS features a MikroTik custom made proxy server for caching web resources, and speeding up customer browsing by delivering them cached file copies at local network speed. MikroTik RouterOS implements the following proxy server features: Regular HTTP proxy Transparent proxy Access list by source, destination, URL and requested method (HTTP firewall) Cache access list to specify which objects to cache, and which not.

 Direct Access List to specify which resources should be accessed directly, and which through another proxy server Logging facility SOCKS proxy support Parent proxy support Cache storage on external drives

RouterOS can also act as a Transparent Caching server, with no configuration required in the customer PC. RouterOS will take all HTTP requests and redirect them to the local proxy service. This process will be entirely transparent to the user, and the only difference to them will be the increased browsing speed. Tools To help administrating your network, RouterOS also provides a large number of small network tools to optimize your everyday tasks. Here are some of them: Ping, traceroute Bandwidth test, ping flood Packet sniffer, torch Telnet, SSH E-mail and SMS send tools

 Automated script execution tools CALEA data mirroring File Fetch tool Active connection table NTP Client and Server TFTP server Dynamic DNS updater VRRP redundancy support SNMP for providing graphs and stats RADIUS client and server (User Manager) The Dude The Dude network monitor is an application by MikroTik which can dramatically improve the way you manage your network environment. It will automatically scan all devices within specified subnets, draw and layout a map of your networks, monitor services of your devices and alert you in case some service has problems. Not only can you monitor your RouterOS devices, you can monitor any device that is accessible by Ping or provides SNMP information [21].

You are able to make traffic and availibility graphs, outage reports, and even use the Dude as a Syslog server for your RouterOS device log files. The Dude can also manage your RouterOS device configurations, and automate their software upgrades and mass configure them. Best of all - The Dude is free of charge.

3.4 Setting up MikroTik RouterOS When I install mikrotik server to hard drive it will format the whole hard drive. For testing mikrotik server installation I have to create virtual memory (drive) where I install mikrotik server. VMwareWork station

o This software will create a virtual memory where I can install mikrotik server for
testing purpose. 1. Install VMware software and open the software interface. Double click on VM icon File New Virtual Machine Next Typical

2.

(Radio) Next Linux (Radio) Red Hat Linux (drop down) Next Next Use bridging networking Next Finish

3.

Edit Virtual Machine setting (link) Select Hard Disk (SCSI 0:0) Remove

Add Next Select Hard disk Next Create new virtual disk IDE (radio) Next Next Finish OK.

4. 5.
virtual

Insert Mikrotik CD Start this virtual machine for test installation (link) Ok

Full screen (Alt + Enter) A (select all) i (install) y y Enter (reboot) N. If I want to delete the testing installation file My document delete My Machine folder.

Install Mikrotik server for client Insert Mikrotik CD A (select all) i (install) y y Enter (reboot) N. Configure Mikrotik Server Login as: admin Password: Enter (if password is not set before)

1. interface print Display how many interface (LAN card) is connected in the PC. 2. ip address add address=122.102.63.49/24 interface=ether1 [WAN]
3. ip route add gateway=122.102.63.1 4. ping 122.102.63.1

5. ip address print Display the IP address 6. ip route print Display the Gateway 7. ip firewall nat print Display the firewall 8. system reset-configuration y reconfigure the previously configured mikrotik. 9. /system shutdown shutdown mikrotik server
Connect a pc to mikrotik (WAN) by cross cable and configure the mikrotik server using win box. o Double win box icon Connect to: 122.102.63.49 (IP of the mikrotik server) Password: *******

o IP Pool + (add)
Name: surf Address: 122.248.44.2-122.248.44.6 Apply OK. o Interface

Double click on ether1 and rename it WAN Double click on ether1 and rename it LAN

o PPP
1. Interface (tab) PPPoE Server (tab) + (add) Service Name: smilebd Interface: LAN Max MTU: 1500 Max MRU: 1500 Keep alive time out: check 300 Authentication: check pap (uncheck others without pap) Apply Ok.

2. Secrete (tab) AAA (button) Check Accounting and Radius check box Apply Ok.

3. Profile (tab) + (add)

Name: surf Local Address: 122.248.44.1 DNS server: 122.248.47.11 Win server: 4.2.2.2 Double click on surf and write Name: Optima [Reseller name] Remote address: surf

o Radius + (add)
Check pap (check box) Address: 122.102.63.254 Secrete: Optima Authentication port: 1812 Accounting port: 1813

Time out: 300 ms

Navigating the Terminal Console After logging into the router you will be presented with the MikroTik RouterOS Ilcome Screen and command prompt, for example: MMM MMMM MMM MMMM KKK KKK TTTTTTTTTTT TTTTTTTTTTT OOOOOO TTT TTT RRR RRR OOO OOO OOO OOO KKK KKK TTT TTT III KKK KKK III KKKKK III KKK KKK III KKK KKK

MMM MMMM MMM III KKK KKK RRRRRR MMM MM MMM III KKKKK MMM MMM MMM III KKK KKK RRRRRR

MMM III KKK KKK RRR RRR OOOOOO

Terminal xterm detected, using multiline mode [admin@MikroTik] > The command prompt shows the identity name of the router and the current menu level, for example: [admin@MikroTik] > [admin@MikroTik] interface> [admin@MikroTik] ip address> Commands The list of available commands at any menu level can be obtained by entering the question mark '?', for example: [admin@MikroTik] > ? driver Driver management file Local router file storage. import Run exported configuration script interface Interface configuration log System logs password Change password ping Send ICMP Echo packets port Serial ports quit Quit console radius Radius client settings Base level menu Interface configuration IP Address management

redo Redo previosly undone action setup Do basic setup of system snmp SNMP settings undo Undo previous action user User management ppp Point to Point Protocol ip IP options queue Bandwidth management system System information and utilities tool Diagnostics tools routing Various routing protocol settings export Print or save an export script that can be used to restore configuration [admin@MikroTik] > ip ? accounting Traffic accounting address Address management arp ARP entries management dns DNS settings firewall Firewall management neighbor Neighbors packing Packet packing settings pool IP address pools route Route management service IP services policy-routing Policy routing upnp dhcp-client DHCP client settings dhcp-server DHCP server settings dns-cache DNS cache management ipsec IP security export Print or save an export script that can be used to restore configuration [admin@MikroTik] > ip The list of available commands and menus has short descriptions next to the items. You can move to the desired menu level by typing its name and hitting the [Enter] key, for example:

[admin@MikroTik] > Base level menu [admin@MikroTik] > driver [admin@MikroTik] driver> / from any level [admin@MikroTik] > interface [admin@MikroTik] interface> /ip [admin@MikroTik] ip> A command or an argument does not need to be completed, if it is not ambiguous. For example, instead of typing 'interface' you can type just 'in' or 'int'. To complete a command use the [Tab] key. The commands may be invoked from the menu level, where they are located, by typing its name. If the command is in a different menu level than the current one, then the command should be invoked using its full (absolute) or relative path, for example: [admin@MikroTik] ip route> print [admin@MikroTik] ip route> .. address print [admin@MikroTik] ip route> /ip address print Prints the routing table Prints the IP address table Prints the IP address table Enter 'interface' to move to the interface level menu Enter '/ip' to move to the IP level menu from any level Enter 'driver' to move to the driver level menu Enter '/' to move to the base level menu

The commands may have arguments. The arguments have their names and values. Some commands, may have a required argument that has no name.

Accessing the Router Remotely Using web Browser and WinBox Console Summary The MikroTik router can also be accessed remotely using http and WinBox Console, for example, using the Ib browser of your workstation. Description The Winbox Console is used for accessing the MikroTik Router configuration and management features using graphical user interface. All Winbox interface functions are as close as possible to Console functions: all Winbox functions are exactly in the same place in Terminal Console and vice versa (except functions that are not implemented in Winbox). That is why there are no Winbox sections in the manual [21]. The Winbox Console plugin loader, the winbox.exe program, can be retrieved from the MikroTik router, the URL is http://router_address/winbox/winbox.exe Use any Ib browser

on Windows 95/98/ME/NT4.0/2000/XP to retrieve the router's Ib page with the mentioned link.

Starting the Winbox Console When connecting to the MikroTik router via http (TCP port 80 by default), the router's Ilcome Page is displayed in the Ib browser, for example:

By clicking on the Winbox Console link you can start the winbox.exe download. Choose the option "Run this program from its current location" and click "OK":

Accept the security warning, if any:

Alternatively, you can save the winbox.exe program to your disk and run it from there. The winbox.exe program opens the Winbox login window. Login to the router by specifying the IP address (and the port number if you have changed it from the default value of 80), user name, and password, for example:

Watch the download process of Winbox plugins:

The Winbox console is opened after the plugins have been downloaded:

The Winbox Console uses TCP port 3986 (not secure) or 3987 (secure; requires security package to be installed). After logging on to the router you can work with the MikroTik router's configuration through the Winbox console and perform the same tasks as using the regular console. Overview of Common Functions You can use the menu bar to navigate through the router's configuration menus, open configuration windows. By double clicking on some list items in the windows you can open configuration windows for the specific items, and so on. There are some hints for using the Winbox Console:

To open the required window, simply click on the corresponding menu item. To add a new entry you should click on the To remove an existing entry click on the To enable an item, click on the To disable an item, click on the icon. icon. icon. icon in the corresponding window. icon.

To make or edit a comment for a selected item, click on the To refresh a window, click on the To undo an action, click on the To redo an action, click on the icon. icon above the main menu. icon above the main menu. icon.

To logout from the Winbox Console, click on the

Adding Addresses Assume you need to configure the MikroTik router for the following network setup:

In the current example I use two networks:

The local LAN with network address 192.168.0.0 and 24-bit netmask 255.255.255.0 The router's address is 192.168.0.254 in this network.

The ISP's network with address 10.0.0.0 and 24-bit netmask 255.255.255.0 The router's address is 10.0.0.217 in this network.

The addresses can be added and vieId using the following commands: [admin@MikroTik] ip address> add address 10.0.0.217/24 interface Public [admin@MikroTik] ip address> add address 192.168.0.254/24 interface Local [admin@MikroTik] ip address> print Flags: X - disabled, I - invalid, D - dynamic # ADDRESS 0 10.0.0.217/24 NETWORK 10.0.0.217 BROADCAST 10.0.0.255 Public INTERFACE

1 192.168.0.254/24 192.168.0.0 [admin@MikroTik] ip address>

192.168.0.255 Local

Here, the network mask has been specified in the value of the address argument. Alternatively, the argument 'netmask' could have been used with the value '255.255.255.0'. The network and broadcast addresses Ire not specified in the input since they could be calculated automatically. Please note that the addresses assigned to different interfaces of the router should belong to different networks. Configuring the Default Route You can see two dynamic (D) and connected (C) routes, which have been added automatically when the addresses Ire added in the example above: [admin@MikroTik] ip route> print Flags: X - disabled, I - invalid, D - dynamic, J - rejected, C - connect, S - static, R - rip, O - ospf, B - bgp # DST-ADDRESS G GATEWAY r 0.0.0.0 r 0.0.0.0 0 0 DISTANCE INTERFACE Local Public 0 DC 192.168.0.0/24 1 DC 10.0.0.0/24

[admin@MikroTik] ip route> print detail Flags: X - disabled, I - invalid, D - dynamic, J - rejected, C - connect, S - static, R - rip, O - ospf, B - bgp 0 DC dst-address=192.168.0.0/24 preferred-source=192.168.0.254 gateway=0.0.0.0 gateway-state=reachable distance=0 interface=Local

1 DC dst-address=10.0.0.0/24 preferred-source=10.0.0.217 gateway=0.0.0.0 gateway-state=reachable distance=0 interface=Public [admin@MikroTik] ip route> These routes show, that IP packets with destination to 10.0.0.0/24 would be sent through the interface Public, whereas IP packets with destination to 192.168.0.0/24 would be sent through the interface Local. HoIver, you need to specify where the router should forward packets, which have destination other than networks connected directly to the router [21]. Example In the following example the default route (destination 0.0.0.0, netmask 0.0.0.0) will be added. In this case it is the ISP's gateway 10.0.0.1, which can be reached through the interface Public: [admin@MikroTik] ip route> add gateway=10.0.0.1 [admin@MikroTik] ip route> print Flags: X - disabled, I - invalid, D - dynamic, J - rejected, C - connect, S - static, R - rip, O - ospf, B - bgp # DST-ADDRESS G GATEWAY 1 0 0 r 0.0.0.0 r 0.0.0.0 DISTANCE INTERFACE Public Local Public 0 S 0.0.0.0/0 2 DC 10.0.0.0/24 r 10.0.0.1

1 DC 192.168.0.0/24

[admin@MikroTik] ip route> Here, the default route is listed under #0. As I see, the gateway 10.0.0.1 can be reached through the interface 'Public'. If the gateway was specified incorrectly, the value for the argument 'interface' would be unknown. Notes You cannot add two routes to the same destination, i.e., destination-address/netmask! It applies to the default routes as Ill. Instead, you can enter multiple gateways for one destination. For more information on IP routes, please read the relevant topic in the Manual. If you have added an unwanted static route accidentally, use the remove command to delete the unneeded one. You will not be able to delete dynamic (DC) routes. They are added automatically and represent routes to the networks the router connected directly.

Testing the Network Connectivity From now on, the /ping command can be used to test the network connectivity on both interfaces. You can reach any host on both connected networks from the router. Example In the example below it's seen, hows does ping command work: [admin@MikroTik] ip route> /ping 10.0.0.4 10.0.0.4 64 byte ping: ttl=255 time=7 ms 10.0.0.4 64 byte ping: ttl=255 time=5 ms 2 packets transmitted, 2 packets received, 0% packet loss round-trip min/avg/max = 5/5.6/7 ms [admin@MikroTik] ip route> [admin@MikroTik] ip route> /ping 192.168.0.1 192.168.0.1 64 byte ping: ttl=255 time=1 ms 192.168.0.1 64 byte ping: ttl=255 time=1 ms 192.168.0.1 64 byte ping: ttl=255 time=1 ms 3 packets transmitted, 3 packets received, 0% packet loss round-trip min/avg/max = 1/1.0/1 ms [admin@MikroTik] ip route> The workstation and the laptop can reach (ping) the router at its local address 192.168.0.254, If the router's address 192.168.0.254 is specified as the default gateway in the TCP/IP configuration of both the workstation and the laptop, then you should be able to ping the router:

Chapter Summary MikroTik RouterOS is the operating system of MikroTik RouterBOARD hardware. It can also be installed on a PC and will turn it into a router with all the necessary features - routing, firewall, bandwidth management, wireless access point, backhaul link, hotspot gateway, VPN server and more. A MikroTik Wireless package includes a router, coaxial cable with connectors installed, and antenna(s). The Major features of MikroTik RouterOS are PoIrful QoS control, P2P traffic filtering, Bonding of Interfaces, Improved interface, Advanced Quality of Service, Stateful firewall, tunnels, Remote WinBox GUI and Ib admin, Real-time configuration and monitoring

CHAPTER 04 CONFIGURATION

SERVER

4.1 Why Server Configuration? An Internet Service Provider (also known as an ISP or even as an IAP, internet access provider) is a firm that offers subscribers access to the internet. An Internet Service provider usually has multiple access methods, including dial-up, DSL, cable modem, ISDN, T1, and sometimes T3. An ISP (Internet service provider) used several servers to provide services to the clients. Whatever be the access methods every ISP used some servers like DNS server, DHCP server, web server, NFS, FTP, Mail server, etc. Asianet Limited is an Internet Service Provider who provides high quality communications services to many businesses and homes. So, I configured those servers mentioned above using Linux Operating System and mentioned some system maintenance and administration technique of the servers 4.2 RED HAT LINUX Red Hat, Inc. was one of the first companies to adopt, promote, and use open source as a business model for supporting development, technical service, support, and sales of free software to the computer industry. Its business practices have spawned a shift in paradigm of proprietary attitudes prevalent in the monopolistic software industry, and the emdeoy is a role model and business leader in the open source movement. Red Hat Linux CD-ROMs are free software. Only software in the public domain or covered by the GNU GPL or compatible. License is free; the remaining software, such m the X Window System, various utilities, and. other programs can be considered Open dooms [available with source code] or even. Shareware [3]. There are many different licensing schemes! If I purchase the official Red Hat Linux distribution from Red Hat, Inc., I might also find commercial she included on the distributions CD-ROMs. These software packages are often included m en enticement to purchase more feature-laden or corporate versions.

4.3 DOMAIN NAME SYSTEM

Referring to hosts by their IP address is convenient for computers, but for human beings it is always easy working with names. Therefore, there is the need of a translation table to convert the IP addresses into hostnames. With millions of machines on the Internet and new ones popping up every day, it would be impossible for everyone to keep this sort of table upto-date. This is where DNS comes in. DNS is the Domain Name System. DNS converts machine names to the IP addresses that all machines on the net have. It translates [or "maps" as the jargon would have it] from name to address and from address to name, and some other things [1]. To access the database, one needs a DNS server for his/her site. A DNS server is also known as a nameserver [NS]. These servers come in three varieties; Master [also called primary] Slave [also called secondary] Caching 4.3.1 CONFIGURATION Stepping to Configuration Now I are going to make a domain name service [DNS] server, which will work as a primary domain controller. Here I assumed the following information to configure the DNS server; 01. Hostname : dns [Name of the computer] 02. Domain name 04. Subnet Mask : asianetbd.com [as like as msn.com or yahoo.com] : 255.255.255.0 [Class C network] 03. Server IP number: 192.168.1.1 [is a class C network address.

Step [01]: Configuring the Network Card [NIC]: To configure the network card I have to be sure that the Network Card [LAN card] is detected by the Linux operating system and driver is installed from the Linux driver library [built-in driver files]. Then I have written the following scripts in the file /etc/sysconfig/network-scripts/ifcfg-eth0

DEVICE="eth0" BOOTPROTO="static" IPADDR=192.168.1.1 NETMASK=255.255.255.0 ONBOOT="yes" Note: If there is no such file exists then I have to check that the Network Card is installed properly and then create the file by the following command and type the script[9]; vi /etc/sysconfig/network-scripts/ifcfg-eth0 After changing/creating the file I have to reload the eth0 NIC by the following command; # ifdown eth0 # ifup eth0 Step [02]: Checking the BIND package : To check bind rpm package is installed or not which is required to DNS type the command: # rpm -qa I grep bind If it is installed then go to step-3 and if it is not installed use following command inserting the Red Hat Linux CD-ROM into the CD drive and then go to step-3 # mount # cd # rpm /dev/cdrom /mnt/cdrom/RedHat/RPMS ivh bind* configuration

Note: There are several versions of BIND package comes with each Linux distribution. Since I used RedHat Linux 7.2, here BIND 8 comes with the distribution; also BIND 9 is available with next RedHat distribution. Step [03]: Files for DNS Server Configuration : The DNS server is a potentially complex system configured by a surprisingly straightforward set of files. These files consist of a single boot file and several zone data files, each of which is pointed to by a zone record in a boot file. The DNS Boot file is called /etc/named.conf other files that are required are: /etc/hosts /etc/hosts.conf /eLc/resolv.conf /etc/sysconfig/network

/var/named/localhost.zone /var/named/named.ca /var/named/named.local /var/named/asianetbd.com-fz /var/named/asianetbd.com-rev Step [04]: Configuring or Creating the DNS server configuration files: - - - - - - - - - - - - /etc/hosts - - - -- - - - - - - - - I have to confirm that the following lines exists in the /etc/hosts file: IP Number 127.0.0.1 192.168.1.1 HostName.DomainName localhost.localdomain dns.asianetbd.com Alias localhost dns

- - -- - - - - - - - - - - /etc/host.conf - - - - - - - - - - I have to confirm that the following lines exists in the /etc/host.conf file: order hosts,bind - - - - - - - - - - - - - /etc/resolv.conf - - - - - - - - - I have to confirm that the following lines exists in the /etc/resolv.conf file: search domain asianetbd.com asianetbd.com nameserver 192.168.1.1

- - - - - - - - - - - /etc/ sysconfig/network - - - - - - - - - I have to confirm that the following lines exists in the /etc/sysconfig/network file NETWORKING = yes HOSTNAME = dns - - - - - - - - - - - - - /etc/named.conf - - - - - - - - - - I have to confirm that the following lines exists in the /etc/named.conf file options { directory "/var/named"; }; zone "." IN {

type hint; file "named.ca"; }; zone "Asianetbd.com" IN { type master; file "Asianetbd.com- fz"; }; zone "0.0.127.in-addr.arpa" IN { type master; file "named.local"; }; zone "1.168.192.in- addr.arpa" IN { type master; file "asianetbd.com- rev"; }; - - - - - - - - - - /var/named/localhost.zone - - - - - - - I have to confirm that the following lines exists in the var/named/localhost.zone file $TTL 86400 $ORIGIN localhost. @ 1D IN SOA @ root [ 42 3H 15M 1W 1D ] 1D 1D IN IN NS A @ 127.0.0.1 ; Serial [d. adams] ; Refresh ; Retry ; Expiry ; Minimum

- - - - - - - - - - /var/named/named.local - - - - - - - - - - I have to confirm that the following lines exists in the /var/named/named.local file @ IN SOA localhost. root.localhost. ( 20020401 28800 14400 ; Serial ; Refresh ; Retry

3600000 86400 ) @ 1 IN IN NS PTR localhost.

; Expire ; Minimum

dns.asianetbd.com.

- - - - - - - - - - - -/var/named/named.ca - - - - - - - - - There will be no change in this file - - - - - - - - - /var/named/Asianetbd.com-fz - - - - - - - I have to confirm that the following lines exists in the /var/named/ Asianetbd.com-fz file @ IN SOA dns.Asianetbd.com. 28800 14400 3600000 86400 ] 1D 1D 1D NS dns tomy mail www proxy ftp pop3 IN IN IN IN IN IN IN A A IN IN IN dns 192.168.1.1 192.168.1.10 dns dns dns dns dns NS MX A 10 root.asianetbd.com. [ ; Serial ; Refresh ; Retry ; Expire ; Minimum

20020401

dns.asianetbd.com. dns.asianetbd.com. 192.168.1.1

CNAME CNAME CNAME CNAME CNAME

- - - - - - - - /var/named/Asianetbd.com-rev - - - - - - - I have to confirm that the following lines exists in the /var/named/asianetbd.com-rev file @ IN SOA dns.Asianetbd.com. 20020401 28800 root.asianetbd.com. [ ; Serial ; Refresh

14400 3600000 86400 ] 1D IN NS dns.Asianetbd.com. 1 10 1 1 1 1 IN PTR IN PTR IN PTR IN PTR IN PTR IN PTR dns.asianetbd.com. tomy.asianetbd.com www.asianetbd.com. proxy.asianetbd.com. mail.asianetbd.com. virtual.com.

; Retry ; Expire ; Minimum

Note : There are some files like named.ca I dont need to change it, and there are some files like Asianetbd.com-fz/rev file, I have to create them and some other files need to be changed few lines. Starting the DNS server or named daemon A file will create named Named inside the path /etc/rc.d/init.d/ which is contain shell script that takes care of starting and stopping named [BIND DNS server]. named [BIND] is a Domain Name Server [DNS] that is used to resolve host names to IP addresses. The starting command of DNS server is

# /etc/rc.d/init.d/named start or service named start The stoping command of DNS server is # /etc/rc.d/init.d/named stop or service named stop The restarting command of DNS server is # /etc/rc.d/init.d/named restart or service named restart 4.3.2 Verifying the Name Server nslookup is a great tool for checking the operation of our name server setup. It can be used both interactively with prompts and as a single command with immediate output. In the latter case, I simply invoke it as: # nslookup

set type=type set type=any ; in which type is one of the resource record names described ANY. I might have the following nslookup session: set type=any dns Server Address Name Address www Server : Address :192.168.1.1 :192.168.1.1#53 canonical name = dns.Asianetbd.com. :192.168.1.1 : 192.168.1.1#53 :dns.Asianetbd.com. : 192.168.1.1 earlier, or

www.asianetbd.com >mail Server :192.168.1.1 Address

:192.168.1.1#53 canonical name = dns.Asianetbd.com.

mail.asianetbd.com set type=SOA Asianetbd.com Server Address :192.168.1.1

:192.168.1.1#53 origin = dns.Asianetbd.com. mailaddr = root.Asianetbd.com. serial = 20020401 refresh = 28800 retry = 14400 expire = 3600000

Asianetbd.com

minimum = 86400 Asianetbd.com nameserver = dns.Asianetbd.com.

set type=NS Asianetbd.com Server Address set type=MX Asianetbd.com Server Address : 192.168.1.1 : 192.168.1.1#53 mail exchanger = 10 dns.Asianetbd.com. :192.168.1.1 : 192.168.1.1#53 nameserver = dns.Asianetbd.com.

Asianetbd.com

Asianetbd.com

4.4 DHCP SERVER

DHCP stands for Dynamic Host Configuration Protocol. It allows network administrators to dynamically assign network setting to client that connect to the network. Running a DHCP server on our network can greatly reduce the overheads of a network administrator as it eliminates the need to configure network setting like DNS, gateway, and IP address on the client. All changes can be made on the DHCP server, which will then propagate to the clients as and when the clients renew their leases [2]. The administrator's sole network configuration task is to make sure that each client has a unique hostname. DHCP makes life easy for a network administrator, as I do not have to bother about duplicate IP address on a network, and also it makes renumbering a cinch when the LAN's network address or netmask is changed. DHCP can be used to automatically reconfigure LAN clients to accommodate changes in DNS and WINS server addresses. 4.4.1 DHCP CONFIGURATION The DHCP configuration file is dhcpd.conf, which contains the basic content. It is in directory /etc/dhcpd.conf. To configure this file I follow the following steps: Step 1: I have to give the range of IP addresses that the server will issue to DHCP enabled PC clients for booting up on the network. For example range 192.168.1.1 192.168.1.100;

Step 2: I have to set the DNS server to be used by the DHCP clients. option domain-name-servers192.168.1.100; Here I can also use dns server name without using the ip address. Like option domain-name-serversdns.Asianetbd.com; If I have multiple DNS servers for our LAN, use a comma[,] to separate them like this : option domain-name-servers202.84.204.15, Step 3: I have to give the domain name option domain-name "Asianetbd.com"; Step 4: I have to set the default gateway to be used by the PC clients option routers 192.168.1.1; Step 5: I have to set the broadcast address and subnet mask to be used by the DHCP clients option broadcast-address option subnet-mask 192.168.1.255; 255.255.255.0; 203.190.32.16;

Step 6: Set the amount of time in seconds that a client may keep the IP address default-lease-time max-lease-time 86400; 86400;

Step 7: Give the client netbios node type Option netbios-node-type Subnet 192.168.1.0 range option option option option option 8; Finally our dhcpd.conf file will be as like as follows: netmask 255.255.255.0 { 192.168.1.100; 192.168.1.2

domain-name-servers dns.Asianetbd.com; domain-name "Asianetbd.com"; routers 192.168.1.1; subnet-mask 255.255.255.0; broadcast-address 192.168.1.255; 600; 8;

default-lease-time max-lease-time 7200;

option netbios-node-type }

The preceding specifies that any client in the 191.1.48.0 subnet will be given an IP address in the range 191.1.48.100 - 200 range, broadcast address 191.1.48.255, default route 191.1.48.1, DNS at ns.3wibc.net, domain name 3wibc.net. The netbios-node-type 8 refers to a client netbios node type H, which instructs the client to attempt netbios resolution first through unicast, and then on failure by broadcast. This is the widely preferred method. 4.4.2 STARTING DHCP SERVER Before starting the DHCP server for the first time, it will fail unless there is an existing dhcpd.leases file. In most cases DHCP installation doesn't create a dhcpd.leases files. This file is used by DHCP to store information about current leases[4]. It is in the plain text form so I can view it during the operation of DHCPd. To create dhcpd.leases type: # touch /var/lib/dhcp/dhcpd.leases The dhcpd.conf file is an empty file i.e the file size is 0 byte. I need not require any change of this file. Some of the older version of dhcpd 2.0 placed the file in /etc/dhcpd.leases. After configuring the dhcpd.conf use the chkconfig command to get DHCP configured to start at boot: # chkconfig --level 35 dhcpd on Now I can use the /etc/rc.d/init.d/dhcpd script to start/stop/restart DHCP after booting #/etc/rc.d/init.d/dhcpd start #/etc/rc.d/init.d/dhcpd stop # /etc/rc.d/init.d/dhcpd restart I can also use the following commands to start, stop and restart DHCP # service dhcpd start # service dhcpd stop # service dhcpd restart

4.5 NETWORK FILE SYSTEM

The Network File System [NFS] allows directories and files to be shared across a network. It was originally developed by Sun Microsystems, but it now supported by virtually all UNIX implementations and many non-UNIX operating systems [10]. Through NFS, users and programs can access files located on remote systems as if they Ire local files .In a perfect NFS environment, the user neither knows nor cares where files are actually stored [4]. 4.5.1 SETTING UP AN NFS SERVER

Introduction to the server setup Setting up the Configuration Files There are three main configuration files I will need to edit to set up an NFS server: /etc/exports, /etc/hosts.allow, and /etc/hosts.deny. Strictly speaking, I only need to edit /etc/exports to get NFS to work, but I would be left with an extremely insecure setup. /etc/exports This file contains a list of entries; each entry indicates a volume that is shared and how it is shared. An entry in /etc/exports will typically look like this: directory machine1[option11,option12] machine2[option21,option22] where directory The directory that I want to share. It may be an entire volume though it need not be. If I share a directory, then all directories under it within the same file system will be shared as Ill. machine1 and machine2 Client machines that will have access to the directory. The machines may be listed by their DNS address or their IP address [e.g., machine.company.com or 192.168.0.8]. Using IP addresses is more reliable and more secure. optionxx The option listing for each machine will describe what kind of access that machine will have. Important options are: ro: The directory is shared read only; the client machine will not be able to write to it. This is the default. rw: The client machine will have read and write access to the directory. no_root_squash: By default, any file request made by user root on the client machine is treated as if it is made by user nobody on the server. [Excatly which UID the request is mapped to depends on the UID of user "nobody" on the server, not the client.] If no_root_squash is selected, then root on the client machine will have the same level of access to the files on the system as root on the server. This can have serious security implications, although it may be necessary if I want to perform any administrative work on the client machine that involves the exported directories. I should not specify this option without a good reason.

no_subtree_check: If only part of a volume is exported, a routine called subtree checking verifies that a file that is requested from the client is in the appropriate part of the volume. If the entire volume is exported, disabling this check will speed up transfers. sync: By default, all but the most recent version [version 1.11] of the exportfs command will use async behavior, telling a client machine that a file write is complete - that is, has been written to stable storage - when NFS has finished handing the write over to the filesysytem. This behavior may cause data corruption if the server reboots, and the sync option prevents this. Suppose I have two client machines, slave1 and slave2, that have IP addresses 192.168.0.1 and 192.168.0.2, respectively. I wish to share our software binaries and home directories with these machines. A typical setup for /etc/exports might look like this: /usr/local 192.168.0.1*[ro] 192.168.0.2*[ro] /home 192.168.0.1*[rw] 192.168.0.2*[rw]

Here I am sharing /usr/local read-only to slave1 and slave2, because it probably contains our software and there may not be benefits to allowing slave1 and slave2 to write to it that outIigh security concerns. On the other hand, home directories need to be exported readwrite if users are to save work on them. If I have a large installation, I may find that I have a bunch of computers all on the same local network that require access to our server. There are a few ways of simplifying references to large numbers of machines. First, I can give access to a range of machines at once by specifying a network and a netmask. For example, if I wanted to allow access to all the machines with IP addresses betIen 192.168.0.0 and 192.168.0.255 then I could have the entries: /usr/local /home /myshare 192.168.0.0/255.255.255.0*[ro] 192.168.0.0/255.255.255.0*[rw] client*[ro]

Third, I can use wildcards such as *.foo.com or 192.168. instead of hostnames. There Ire problems with wildcard implementation in the 2.2 kernel series that Ire fixed in kernel 2.2.19. HoIver, I should keep in mind that any of these simplifications could cause a security risk if there are machines in our netgroup or local network that I do not trust completely.

A few cautions are in order about what cannot [or should not] be exported. First, if a directory is exported, its parent and child directories cannot be exported if they are in the same filesystem. HoIver, exporting both should not be necessary because listing the parent directory in the /etc/exports file will cause all underlying directories within that file system to be exported. Second, it is a poor idea to export a FAT or VFAT [i.e., MS-DOS or Windows 95/98] filesystem with NFS. FAT is not designed for use on a multi-user machine, and as a result, operations that depend on permissions will not work Ill. Moreover, some of the underlying filesystem design is reported to work poorly with NFS's expectations. Third, device or other special files may not export correctly to non-Linux clients. /etc/hosts.allow and /etc/hosts.deny These two files specify which computers on the network can use services on our machine. Each line of the file contains a single entry listing a service and a set of machines. When the server gets a request from a machine, it does the following: It first checks hosts.allow to see if the machine matches a description listed in there. If it does, then the machine is allowed access. If the machine does not match an entry in hosts.allow, the server then checks hosts.deny to see if the client matches a listing in there. If it does then the machine is denied access. If the client matches no listings in either file, then it is allowed access.

4.6 FILE TRANSFER PROTOCOL

INSTALLING FTP How To Download And Install The VSFTP Package: As explained previously, RedHat and Fedora software is installed using RPM packages. As of this writing, the most recent Fedora version used a VSFTP RPM file is named: # vsftpd-1.2.0-5.i386.rpm Downloading and installing RPMs isnt hard. If you need a refresher, the RPM chapter covers how to do this in detail. Now download the file to a directory such as /tmp and install it using the rpm command:

[root@asianet Preparing... 1:vsftpd [root@asianet tmp]#

tmp]#

rpm

-Uvh

vsftpd-1.2.0-5.i386.rpm [100%]

##########################################

########################################## [100%]

How To Get VSFTP Started Redhat Version 9, Fedora Core 1And NeIr You can start/stop/restart vsftpd after booting by using the following commands: [root@asianet tmp]# /etc/init.d/vsftpd start [root@asianet tmp]# /etc/init.d/vsftpd stop [root@asianet tmp]# /etc/init.d/vsftpd restart To get vsftpd configured to start at boot: [root@asianet tmp]# chkconfig --level 345 vsftpd on Testing To See If VSFTP Is Running [root@asianet tcp 0 [root@asianet root]# 4.6.1 CONFIGURING THE VSFTP AS ANONYMOUS # vi /etc/vsftpd/vsftpd.conf anonymous_enable=YES local_enable=YES write_enable=YES anon_upload_enable=YES anon_mkdir_write_enable=YES xferlog_enable=YES Other vsftpd.conf Options There are many other options you can add to this file including: Limiting the maximum number of client connections [max_clients] Limiting the number of connections by source IP address [max_per_ip] The maximum rate of data transfer per anonymous login. [anon_max_rate] The maximum rate of data transfer per non-anonymous login. [local_max_rate][10] Descriptions on this and more can be found in the vsftpd.conf man pages. root]# 0 netstat *:ftp -a *:* | grep LISTEN ftp

The /etc/vsftpd.ftpusers File For added security you may restrict FTP access to certain users by adding them to the list of users in this file. Do not delete entries from the default list, it is best to add. Anonymous Upload If you want remote users to write data to your FTP server then it is recommended you create a write-only directory within /var/ftp/pub. This will allow your users to upload, but not access other files uploaded by other users. Here are the commands to do this: [root@asianet tmp]# mkdir /var/ftp/pub/upload [root@asianet tmp]# chmod 733 /var/ftp/pub/upload FTP Greeting Banner Change the default greeting banner in the vsftpd.conf file to make it harder for malicious users to determine the type of system you have. ftpd_banner= New Banner Here 4.6.2 CONFIGURING THE VSFTP AS SECURE USERS # vi /etc/vsftpd/vsftpd.conf # anonymous_enable=YES local_enable=YES write_enable=YES # anon_upload_enable=YES # anon_mkdir_write_enable=YES xferlog_enable=YES FTP Users With Only Read Access To A Shared Directory: Create a user group and shared directory. In this case Ill use "/home/ftp-users" and a user group name of "ftp-users for the remote users. [root@asianet tmp]# groupadd ftp-users [root@asianet tmp]# mkdir /home/ftp-docs Make the directory accessible to the ftp-users group.

[root@asianet tmp]# chmod 750 /home/ftp-docs [root@asianet tmp]# chown root:ftp-users /home/ftp-docs Add users, and make their default directory /home/ftp-docs [root@asianet tmp]# useradd -g ftp-users -d /home/ftp-docs user1 [root@asianet tmp]# useradd -g ftp-users -d /home/ftp-docs user2 [root@asianet tmp]# useradd -g ftp-users -d /home/ftp-docs user3 [root@asianet tmp]# useradd -g ftp-users -d /home/ftp-docs user4 [root@asianet tmp]# passwd user1 [root@asianet tmp]# passwd user2 [root@asianet tmp]# passwd user3 [root@asianet tmp]# passwd user4 Change the permissions of the files in the /home/ftp-docs directory for read only access by the group [root@asianet tmp]# touch /home/ftp-docs/abc [root@asianet tmp]# chown root:ftp-users /home/ftp-docs/* [root@asianet tmp]# chmod 740 /home/ftp-docs/* Users should now be able to log in via ftp to the server using their new user names and passwords. If you absolutely don't want any FTP users to be able to write to any directory then you should comment out the write_enable line in your vsftpd.conf file like this: #write_enable=YES Restart vsftp for the configuration file changes to take effect. Sample Login Session To Test Funtionality Check for the presence of a test file on the ftp client server. [root@smallfry tmp]# ls total 1 -rw-r--r-- 1 root root 0 Jan 4 09:08 testfile [root@smallfry tmp]# Now I have to keep the file in location: # cd /home/ftp-docs/ that will be downloaded. Connect to bigboy via FTP [root@smallfry tmp]# ftp 192.168.1.100 Connected to 192.168.1.100 [192.168.1.100].

220 ready, dude [vsFTPd 1.1.0: beat me, break me] Name [192.168.1.100:root]: user1 331 Please specify the password. Password: 230 Login successful. Have fun. Remote system type is UNIX. Using binary mode to transfer files. ftp> ............. Download session............... ftp> lcd /downloads ftp> mget * ftp> get filename ftp> bye ............. Upload session............... # cd /home/ftp-docs # touch abc # chmod 777 ftp> lcd /upload ftp> mput * ftp> put filename ftp> bye For anonymous I have to keep the files in /var/ftp then # chmod R 777 /var/ftp/* # touch /var/ftp/pub/abc # chmod R 777 /var/ftp/pub/* ............. Upload session............... ftp> cd pub ftp> lcd /upload ftp> mput * ftp> put filename # go to browser and type : ftp://batch23.com/ <or> # make link in a Ib-page by [index.html] the following link command: <a href=ftp://batch23.com/<file-name [zip file]>>Download Qmail</a> <or>

# vi index.html <a href=downpage.html>Download Softwares</a> # vi downpage.html <a href=ftp://batch23.com/<file-name [zip file]>>Download Qmail</a> <a href=ftp://batch23.com/<file-name [zip file]>>Download Samba</a> <a href=ftp://batch23.com/ftp-0.17-21.i386.rpm>Download wu-ftp</a>

4.7 WEB SERVER

The Apache Ib Server is the most popular Web server in the world. Similarly, creating a lowcost and stable Ib Server is one of the most common reasons individuals and organizations use Linux. Most of the Ib servers run a combination of Linux and Apache [4]. The Apache Project is a collaborative software development effort aimed at creating a robust, commercial-grade, feature, and freely-available source code implementation of an HTTP [web] server. The project is jointly managed by a group of volunteers located around the world, using the Internet and the web to communicate, plan, and develop the server and its related documentation. 4.7.1 INSTALLING APACHE I Download the latest stable version of Apache from apche.org [or preferably one of its mirrors] into this directory. The current version available is apache_1.3.20. I will be keeping all our downloads in a directory in case I need them again: /usr/local/downloads I Untar the file with: tar xzf apache_1.3.20.tar.gz -C ../etc This will have created a directory apache_l.3.2c. To make it much more easier, simpler and nicer, let's provide a link: cd /usr/local/etc In -s apache 1.3.20 httpd I've decided to start using httpd for the link since that's what everyone else seems to do. THE APACHE LAYOUT All of the version specific [1.3.20] binaries and files are stored in: /usr/local/etc/apache 1.3.20 & I currently have: /usr/local/etc/httpd

linked to this directory specifying it as the current version. In theory when I upgrade Apache in the future I can just install it side by side and then switch over the httpd link to the newly installed version. I will be placing all of our non-version specific files such as configuration files, log files and the web pages in: /www I will have a few directories here to maintain this structure: /www /www/conf /www/logs /www/logs/Asianetbd.com /www/servers /www/servers/Asianetbd.com -----configuration files Ib server logs log files for Asianetbd.com sites

web pages for asianetbd.com

4.7.3 SETTONG UP APACHE SERVER The step by step procedure to setup an apache Ib server is as follows Step 01: Checking the package by command # rpm qa|grep http* If it is not found then I have to install it by command [mountng cdrom]: # rpm ivh http* Step 02: I have to configure the file httpd.conf by going as follows: # cd # vi etc/httpd/conf httpd.conf

Then I have to ensure to have the following lines: ServerAdmin root@Asianetbd.com ServerName DirectoryIndex # cd # vi www.Asianetbd.com index.html index.htm index.html.var var/www/html index.html 777 httpd restart index.html

Step 03: I have to make an html file that is to be browsed as follows:

Step 04: I have to apply the administrative command as follows: # chmod # service

Step 05: Now I can browse the index.html page opening a browser by typing the URL:

www.asianetbd.com

Chapter Summary Whatever be the access methods every ISP used some servers like DNS server, DHCP server, web server, NFS, FTP, Mail server, etc. Asianet Limited is an Internet Service Provider who provides high quality communications services to many businesses and homes. So it must configure those servers mentioned above using Linux Operating System.

CHAPTER 05 CONCLUSION

So it is very important that all of the services provided by an ISP is required a secure and effective systems organization and management and also uninterruptible service to the customer, to get such a appropriate system they required to configure their servers with such operating systems or services which is highly reliable and stable. Through this Networking & Server Configuration of an ISP Company Internship I tasted a lot of tasks related this real time report. I humbly accept that it was a challenging situation for me to cope with, as this is my first practical experience of a top level management professional project through my internship program at Asianet Limited. Internship is an essential part for every student. By an internship program in ICT world, students can obtain practical knowledge, which helps to know real life situations, helping them to launch a career with some practical experience. I have found the opportunity to perform the Internship program with Asianet Limited. Through my internship period I gathered so much knowledge about the Networking & Server Configuration of ISP and this will help me to start my career efficiently and effectively. Every part of my intern period gives me some practical experience that is essential in my real life situations. Hence, I wish for the best performance of the central network and before I conclude this report, I would like to thank all of those who helped me at my project and my internship program at Asianet Limited.

At future through the knowledge about the Networking & Server Configuration I want to establish a upgraded ISP system trough scripting and the source codes which gives the client the best performance and service.

Through those methods and systems I want to build up the best ISP solution in Bangladesh. Asianet Limited is the leading ISP Company in Bangladesh. So, I want to make Asianet Limited best ISP Company in Bangladesh.

Their marketing strategies shouldnt disseminate all over the employee and clients. In a competitive market, their products & services need to focus more to clients. So, I want to upgrade their websites and give more information that helps the clients to easily know their products & services.

Web Solutions is to provide customers with a complete solution to their entire current and future Internet and private network needs. So, I make the website very easy and effective that any clients who are registered get the all information from the website.

Now a days forums are very popular. So, I want to establish a forum in the Asinet websites that any clients who are registered find any solution from the forum and also upload & Download.

AIMS AND FUTURE WORK

Their marketing strategies should disseminate all over the employee & clients. Website need to be more flexible & user friendly and give more information about the company.

Continuing better relationship with customers. They need to put more emphasis on clients service In a competitive market, their products & services need to focused more to customers, as they can be more knowledgeable about Asianet Limited.

Corporate Social Responsibility is very strong element to hold competitive sustainable advantage into clients mind.

People in a global edge, are very much Ill-informed about their wants & needs. They always want to consume better services from the other end. As a service based company, Asianet Limited need to introduce better services.

BIBLIOGRAPHY Papers and Books

[1] Terry Collings and Kurt Wall, Red Hat Linux Networking and System Administration, Edition Number:3 Publication Date:September 2005 [2] Sufi Faruque Ibne Abubakar, ISP Setup Manual step by step guide for ISP and Corporate Network, S & A, First edition in 2004. [3] [4] Cisco CCNA Course Material. Olaf Kirch & Terry Dawson Linux Network Administrator Guide 2nd Edition June 2000, published (Oreilly Corp.). [5] [6] [7] Robert Eckstein, David Collier-Brown, Peter Kelly Using Samba,Third Edition. Matt Ilsh Running Linux,(3rd ed.), published by (Oreilly Corp.).
Computer Networks (5th Edition) by Andrew S. Tanenbaum

[9] ISP Survival Guide: Strategies for Running a Competitive ISP by Geoff Huston [10] Linux Pocket Guide by Daniel J. Barrett

Internet Resources
[11] [12] [13] [14] [15] [16] [17] [18] [19] http://www.linux.org. http://www.redhat.com http://www.linuxhomenetworking.com http://www.linuxforum.com http://www.linuxrouter.com www.wikipedia.com www.bgyellowpages.com www.scribd.com http://en.wikipedia.org

[20] [21]

www.asianetbd.com http://www.mikrotik.com/

APPENDIX
Connection Type Fiber Optic Dedicated Bandwidth 256 Kbps, 512 Kbps, 1 Mbps, 2 Mbps & onwards AsiaNet maintain connections to multiple upstream providers to provide redundancy and reliability for your connection to the Internet. I are connected to the fiber optic submarine cable (SEA-ME-I-4). I also feature a redundant server setup to provide our user 99.9% guaranteed uninterrupted Internet Service. AsiaNet is committed that every customer should be 100% satisfied with service quality. I provide free technical support 24 hours a day, everyday. Our dedication to customer satisfaction is unmatched with the competitors. Features :

Connected to the submarine cable link SEA-ME-I4. Fiber Optic connection with guaranteed bandwidth and loIr latency. Redundant Fiber Optic backbone for all PoPs and NOC. Live redundant servers, routers and multiple upstream providers. Always-on connectivity for companies with LAN or WAN. No phone line required. Unlimited browsing & E-mail facilities. Ideal for all kinds of applications such as file transmission, video conferencing, multimedia applications, e-commerce and Virtual Private Networks (VPN).

Free static IP address. Free Multi Router Traffic Grapher (MRTG) URL to monitor the traffic load. Service Level Agreement (SLA) to ensure maximum uptime and support. Free technical support 24 hours a day, every day.

Friendly customer care department is trained to handle any situation that may arise.

Dedicated Internet Access (Wireless) Connection Type Radio Link Dedicated Bandwidth 256 Kbps, 512 Kbps, 1 Mbps, 2 Mbps AsiaNet maintain connections to multiple upstream providers to provide redundancy and reliability for your connection to the Internet. I are connected to the fiber optic submarine cable (SEA-ME-I-4). I also feature a redundant server setup to provide our user 99.9% guaranteed uninterrupted Internet Service. AsiaNet is committed that every customer should be 100% satisfied with service quality. I provide free technical support 24 hours a day, everyday. Our dedication to customer satisfaction is unmatched with the competitors. Features :

Connected to the submarine cable link SEA-ME-I4. Dedicated bandwidth and loIr latency. Redundant Fiber Optic backbone for all PoPs and NOC. Live redundant servers, routers and multiple upstream providers. Always-on connectivity for companies with LAN or WAN. No phone line required. Unlimited browsing & E-mail facilities. Ideal for all kinds of applications such as file transmission, video conferencing, multimedia applications, e-commerce and Virtual Private Networks (VPN).

Free static IP address. Free Multi Router Traffic Grapher (MRTG) URL to monitor the traffic load. Service Level Agreement (SLA) to ensure maximum uptime and support. Free technical support 24 hours a day, everyday. Friendly customer care department is trained to handle any situation that may arise.

Internet Leased Line With a Leased Line you are guaranteed the fastest local and International access speeds backed by our service level agreements and line monitoring service. Our range of Leased line offerings comprises a selection of different combinations of local and international bandwidth options. I tailor make your leased line solution to suit your individual business and bandwidth needs and your budget. Features :

Dedicated quality link for the fastest access Setup of Internet Servers such as Ib servers and FTP (File Transfer Protocol) servers with our business partners

Monitoring and fault reporting service, 24 hours a day, 7 days a Iek

Benefits

Reliable and robust connection for mission critical applications Fastest access to the Internet Connects your organizations LANs and WANs to the Internet directly Provides assistance in the application of domain name and static IP (Internal Protocol) addresses

Enhances business communication with your customers and business associates through the use of e-mail

Opens up new business opportunities such as E-commerce through Ib servers

International Private Leased Circuit (IPLC) Service is a high-speed solution for large enterprises or businesses which have varied communication requirements. IPLC is a point-to-point transmission service for voice, image and also data communication dedicated to your business needs with a high capacity, high speed digital circuit. IPLC provides an opportunity to combine a variety of telecommunication applications, including the transmission of digitized voice, high speed data, high speed fax and graphics for video phones. IPLC is able to receive and transfer a large volume of data with speed as high as you want

by using IPLC to connect network from Data Center to subsidiary companies/offices/ branches abroad. - High-speed, continual, precise and secure quality for transmitting sound, visual, and data signal with DDN (Digital Data Network Service) through channel which has bandwidth under Fiber Optical Cable Network. Benefits and Features :

Security and confidentiality of communication activities: IPLC is a dedicated point-to-point connection that allows your company to send and receive communications over a secure environment.

Always available access: IPLC is always on. The monthly rate for your company is fixed regardless of usage.

Flexible speed options: IPLC can provide your company bandwidth options depending on business needs. Pipe size can be expanded once requirements grow.

Versatility of application: IPLC can support all types of traffic, whether it be voice, data, video or converged services.

Quality of service: IPLC is the pioneering brand in the industry offering private leased line service designed to suit business-critical applications.

Video Conferencing Video conferencing allows virtual cross border meeting with colleagues or business partners across multiple locations, especially tailored for businesses with presence in both Hong Kong and China. It runs over MPLS VPN platform, which is scalable to expand from point-topoint to any-to-any communications, allowing data sharing and collaborations. You can provide instant, interactive and vivid presentations with your clients, business partners and colleagues while reducing frequent traveling time and cost among branch offices. Benefits :

Grasp the best decision by holding cross-border meetings instantly Efficient presentations with Ill-equipped collaboration tools Seamless meetings with traffic prioritization over MPLS VPN platform Highly secure meeting with strong encryption and private network

Feature Highlights

One-stop shop solution from professional consultancy to on-site support

Comprehensive choice of video conferencing solution with latest features Enhanced voice quality with QoS

Network Security Solutions ASIANET provide a set of innovative network security and monitoring tools to small to medium sized businesses that offer flexibility, visibility and control over their network. ASIANET is now an authorized Enterprise Partner for Kaspersky Lab security solutions. Kaspersky Lab delivers the world's most immediate protection against security threats, including viruses, spyware, crimeware, hackers, phising, and spam. Kaspersky Lab products provide superior detection rates and the industry's fastest outbreak response time for home users, SMBs, large enterprises and the mobile computing environment. Kaspersky technology is also used worldwide inside the products and services of the industry's leading IT security solution providers. ASIANET is also Reseller of BitDefender & The eScan AntiVirus Software products. Website Design and Hosting Website Design ASIANET has a professional full-service Ib design team. The team specializes in Ib design and development, but I also place a lot of focus on marketing Ib sites and businesses. That's because I know that having a great Ib site isn't enough. You have to be able to market that Ib site so that Internet users can find you. That's why I don't just create a good-looking Ib site and then wash our hands of it. I work with you to ensure that the Ib sites get outstanding results - your company deserves no less. Whether you want to create a brand strategy, rebuild your image, take your company online (finally!) or market your company to a whole new world online, I can stand by your side and make it happen for you. Contact us today to find out what I can do for your business to lead you on the path to success. Our main emphasis is on "Quality Assurance". The term applies to all areas of ASIANET Website development: Analysis: I learn your goals and intentions; I present thoughtful ways to fulfill them.

Functionality: ASIANET Websites are browser and computer compatible. Technologies: Our development team can engineer your solution utilizing a wide variety of technologies and databases, such as: PHP, ASP, JSP, HTML, JAVASCRIPT/DHTML, MySQL, MSSQL, and MS Access etc. Ease of operation: Your Website will encourage visitors to do what you want them to do. Versatility: Upgrading and updating is simple and practical. I provide Website designing service at affordable prices with high quality. If you are looking for a professional Website designing company then you've come to the right place. The Best web Hosting Product and Service Only ASIANET can give you so much. Our Ib hosting systems are most advanced, multiprocessor SGI servers, redundant back-up systems, and proprietary software giving you what you need to consistently outperform the competition. Our wide offering of Ib hosting plans and Ialth of features give you complete solutions to satisfy your needs. Our Ib-hosting server is located at, USA. Features of Ib Hosting Services:

High bandwidth transfer Ib based e-mail facilities Control Panel access Spam Filtering Virus Scanning Multi-processor SGI servers Redundant back-up systems 24/7 Support Support database connectivity

Support PHP, ASP, MySQL, MS SQL, MS Access etc

Domain Name Registration A domain name is your Ib address. A short, easy to remember domain name or names can be invaluable to the success of your Website. Brand your company's email address with email forwarding. I offer reliable and secured domain name registration services with instant hosting setup. Online Data Backup and Disaster Recovery Our Data backup range provides the ideal solution to data recovery. Many businesses and home users have lost valuable data due to backup failure. With the online backup server from AsiaNet you can be sure that your data is safe and secure with total encryption and hosted in a high profile data centre. Avoid the threat of catastrophic Data Loss! Electronic data is always at risk. Data-loss through accident or malicious damage is so widespread that offsite backup which is industry best practice - is now compulsory in some sectors. With AsiaNet data backup, you can forget about manual backup Backup your data on your PC in a secure offsite data vault. In an emergency, you can recover the encrypted files from anywhere you have Internet access. First up, what is broadband? It's like dial up's faster, cleverer, younger brother. Your computer doesn't need to make a connection to the network each time you want to use it; it's connected all the time. Plus, you can use your home phone while you're on the internet. Broadband service is a new solution in the Internet world which is faster secured and reliable than other solutions. Broadband offers continuous connection and allows user to download large volume of data and carries voice, video, movie clips and data channels simultaneously. ASIANET Limited provides highspeed super fast broadband Internet services that are available both in fiber optic and wireless technology. Why fiber optic is better? I've invested lots building our fiber optic network. It's the most advanced way to enjoy broadband. Fiber optic is faster Other providers deliver their broadband through copper telephone wire, which means your speed gets sloIr the further you live from the phone exchange. Optical fibers are made of glass, and they're designed to send vast amounts of information at the speed of light (that's pretty fast). That's how I can deliver speeds of up to 10Mb.

Fiber optic is future proof Downloading music and movies, playing games, social networking - I do so much online already, and I'll do more in the future. The great news is that our network is so advanced, regardless of how the internet changes, you'll be ready. No need for a phone line Our fiber optic network means that our broadband isn't tied to the phone network, unlike other providers. So if you just want broadband on its own, I're happy to give you just that. I have great value phone and broadband packages too, of course, but the choice is yours. What does 10Mb broadband let you do? In a nutshell, you'll get a download speed of up to 10Mb, with an upload speed of up to 1.5Mb. On top of that, you can also enjoy unlimited downloads. If you want to know just how fast 10Mb lets you download, I're talking an entire music album in as little as 3 minute; a TV show in around 2 minute; a high quality movie in less than 3 minutes and a High Definition movie in around an hour. Now that's fast. ASIANET's Broadband ASIANET's Broadband solution features the only dual homed gateway to the Internet Superhighway delivered to organizations that feel the need for speed. Why ASIANET Broadband? Exclusive Reliability ASIANET maintains connections to multiple upstream providers to provide redundancy and reliability for your connection to the Internet. Exclusive Redundancy ASIANET has redundant server, Router and redundant backbone for all NOC and PoPs to provide 99.9% uninterrupted Internet Service to the users. 24/7 Customer Service ASIANET provide free technical support 24 hours a day, everyday. ASIANET's friendly customer care department is trained to handle any situation that may arise. ASIANET's dedication to customer satisfaction is unmatched by the competitors. Wide Range of Coverage and Options ASIANET provide dedicated broadband Internet Services through Fiber Optic Link from POPs (Point Of Presence) in Dhaka,

State of the Art Equipment ASIANET is using state-of-the-art equipment and better performance server for ensuring uninterrupted services to the customer. Network Security ASIANET's Firewall will take all reasonable steps to ensure viruses, spam, worms and Trojan horses won't attack the client network. Competitive Pricing ASIANET offer competitive pricing to the customer and always revise pricing as per market standard rate. Disaster Recovery ASIANET has three NOC in different places with redundant connection for disaster recovery. Our Fiber Optic Coverage Area in Dhaka City Gulshan-1, Gulshan-2, Banani, Nabisco, Mohakhali, Tejgaon, Mogbazar, Eskaton, Karwanbazar, Banglamotor, Paltan, Motijheel, Malibug, Bashabo, Khilgong, Kolabagan, Dhanmondi, Mohammadpur, Science Laboratory, Gigatala, Shamoli, Single PC Small Business and Home Office Broadband Package Time Speed Download/ Upload 24Hours 24Hours 24Hours 256k 320k 384k 128/128kbps 160/160kbps 192/192kbps 800 1000 1200 Per Month Per Month Per Month Price Duration

For Office user Installation Charge depends on site survey but at least TK 1000/- Per PC. Time Speed Download/ Upload 24Hours 24Hours 24Hours 128k 192k 256k 64/64kbps 96/96kbps 128/128kbps 550 750 900 Per Month Per Month Per Month Price Duration

24Hours 24Hours 24Hours

320k 384k 512k

160/160kbps 192/192kbps 256/256k

1050 1250 1500

Per Month Per Month Per Month

Single PC Home User Broadband package Night Dedicated package 8pm to 8 am (12 hours) with minimum 12/12 kbps at any time Time Speed Download/ Upload 12Hours 192k 96/96kbps 500 Per Month Price Duration

For Home user Installation Charge depends on site survey but at least TK 600/- Per PC.