2.8 KiB
2.8 KiB
🌐 Phase 2: Networking
Goal: Machines communicate — ping, SSH, file transfers, services
🎯 Exercise 1 — Ping & IPs
# Check your network
ip addr show eth0
ip route
# Ping the other lab VM
ping -c 4 10.0.1.2 # From alpine-1 → alpine-2
ping -c 4 10.0.1.1 # From alpine-2 → alpine-1
# Check ARP table
ip neigh
# tcpdump (packet capture) — Alpine needs install first
apk add tcpdump
tcpdump -i eth0 -c 5 icmp &
ping -c 3 10.0.1.2
📝 Questions:
- What's the MAC address of the other VM?
- Can you ping alpine-hop (10.0.1.3) from alpine-1?
- What subnet are you on? How many usable hosts?
🎯 Exercise 2 — SSH Keys
# Step 1 — Generate an SSH key pair
ssh-keygen -t ed25519
# Press Enter for all prompts (no passphrase)
# Step 2 — What just got created?
ls -la ~/.ssh/
# id_ed25519 ← your PRIVATE key (NEVER share this!)
# id_ed25519.pub ← your PUBLIC key (safe to share)
# Step 3 — Copy your public key to alpine-2
ssh-copy-id root@10.0.1.2
# Enter root password for alpine-2 when prompted
# Step 4 — Test passwordless login!
ssh root@10.0.1.2 'hostname; uptime'
# Should work WITHOUT asking for a password 🎉
# Step 5 — See what ssh-copy-id did
ssh root@10.0.1.2 'cat ~/.ssh/authorized_keys'
💡 How it works
Your public key is appended to ~/.ssh/authorized_keys on the target. When you SSH, the server checks if you have the matching private key — no password needed! 🔑
🎯 Exercise 3 — File Transfer (SCP & RSYNC)
# SCP — single files
echo "CCNA study notes" > /root/study.txt
scp /root/study.txt root@10.0.1.2:/root/
# Verify
ssh root@10.0.1.2 'cat /root/study.txt'
# RSYNC — directories (need to install on Alpine)
apk add rsync
rsync -av /root/lab/ root@10.0.1.2:/root/lab-backup/
# Verify the backup
ssh root@10.0.1.2 'ls -la /root/lab-backup/'
📝 Questions:
- What's the difference between
scpandrsync? - What does the
-aflag inrsync -avmean? (hint: checkman rsync)
🎯 Exercise 4 — Network Services
# Check what's listening on your VM
ss -tlnp
# Start a simple HTTP server on alpine-1
python3 -m http.server 8080 &
# Access it from alpine-2
curl http://10.0.1.1:8080/
# See the connection in your server logs
# Kill the server when done
kill %1
🎯 Bonus: CCNA Challenge
# From alpine-1, can you SSH to alpine-hop?
ssh root@10.0.1.3
# Check the routing table
ip route
# Why can alpine-1 reach alpine-hop (10.0.1.3)?
# Why can't alpine-1 reach the internet?
✅ Phase 2 Checklist
- Ping and ARP (
ip neigh) - SSH key generation and passwordless login
- File transfer with
scp/rsync(needapk add rsyncon Alpine!) - Running a network service
Previous: Phase 1 - Walking | Next: Phase 3 - Users and Files