Essential Linux System Services and Core Infrastructure Explained

Basic Linux Services

Common system services and their functions are listed:

NTP/Chrony – time synchronization

DHCP – dynamic host configuration, automatic IP address allocation (uses UDP port 63)

DNS – domain name resolution (operates over UDP port 53)

NFS – network file system, enables sharing of file systems across different OS and hardware

Postfix – mail service

rsync – remote data backup service

VPN – virtual private network

FTP Modes and Login

FTP operates in two work modes from the server perspective:

Active mode : the server initiates a data connection from port 20 to a client‑chosen port >1024.

Passive mode : the client initiates the data connection to a server‑chosen high port.

Two login methods are supported:

Anonymous login (username: anonymous, password: any valid email address)

Authorized login (username and password of a remote FTP account)

File transfer can be performed in ASCII mode (text files) or binary mode (all other files).

DHCP Process

The DHCP address acquisition consists of four steps:

Discover : client broadcasts DHCPDISCOVER (source 0.0.0.0, destination 255.255.255.255).

Offer : server replies with DHCPOFFER containing IP, subnet mask, lease time, etc.

Request : client selects an offer and broadcasts DHCPREQUEST to confirm.

Acknowledgement : server sends DHCPACK; client performs ARP conflict detection before using the address.

DNS Query Process

A DNS lookup proceeds through the following stages, stopping as soon as a result is found:

Check local /etc/hosts file.

Check local DNS cache.

Query the primary DNS server configured on the network.

Check the DNS server’s cache.

If needed, forward the query to the ISP’s DNS server.

If no forwarder is set, query one of the 13 root DNS servers.

Return the resolved IP address to the client.

DNS Server Roles

Cache DNS server

Primary (master) DNS server

Secondary (slave) DNS server

Samba Overview

Samba implements the SMB protocol on Linux, providing file and printer sharing between Windows and Linux systems. It follows a client‑server model and enables seamless access to shared resources across heterogeneous environments.

VPN Types

Common VPN implementations include IPSec VPN, PPTP VPN, L2TP VPN, and SSL VPN, each offering different trade‑offs in security, performance, and deployment complexity.

YUM Service Workflow

When installing software with yum, the client contacts a repository, downloads metadata, resolves package dependencies, retrieves the required RPMs, and caches metadata for future use. The repository itself is essentially a file server exposing packages as logical volumes.

Disk Management – LVM

Logical Volume Manager (LVM) abstracts physical storage into a flexible logical layer. Key components:

Physical Volume (PV) – raw storage (disk, partition, RAID, SAN)

Volume Group (VG) – collection of PVs forming a storage pool

Logical Volume (LV) – allocatable units within a VG, can host file systems

Physical Extent (PE) – smallest allocatable unit on a PV (default 4 MiB)

Logical Extent (LE) – counterpart of PE within an LV

Advantages: dynamic resizing, spanning multiple disks, easy addition of new disks, mirroring for redundancy, and simple migration of entire volume groups. Disadvantages: removal of disks requires reducevg (root privilege, not allowed on snapshots), failure of a single disk can affect the whole group, and added abstraction may impact performance.

RAID Levels

Common RAID configurations:

RAID 0 – striping across disks for maximum performance and capacity; no redundancy.

RAID 1 – mirroring; provides highest redundancy but doubles storage cost.

RAID 5 – block-level striping with distributed parity; tolerates a single disk failure while offering a balance of performance and redundancy.

Typical usage scenarios and trade‑offs are described for each level.

iSCSI Storage

iSCSI (Internet Small Computer System Interface) transports SCSI commands over TCP/IP, enabling remote block storage access. Benefits include SAN‑style storage without dedicated cabling, software‑only configuration, and simplified data replication across data centers.

Storage Types

File storage – hierarchical file system with directories and metadata.

Block storage – raw storage blocks presented as virtual disks, suitable for databases or direct OS use.

Object storage – stores data as objects with unique identifiers, accessed via APIs rather than a file hierarchy.

Cloud Computing Basics

Cloud computing delivers on‑demand IT resources (compute, storage, applications) through virtualization and a pay‑as‑you‑go model. Core characteristics include self‑service, broad network access, resource pooling, rapid elasticity, and measured service.

Deployment models:

Private cloud – dedicated to a single organization.

Public cloud – offered to the general public.

Community cloud – shared among a specific group of organizations.

Hybrid cloud – combination of two or more cloud types.

Service models:

IaaS – infrastructure as a service (compute, storage, networking).

PaaS – platform as a service (runtime environments, databases, middleware).

SaaS – software as a service (hosted applications).

Virtualization provides resource isolation and reuse but is not the sole focus of cloud computing.

KVM Overview

KVM (Kernel‑based Virtual Machine) is a Linux kernel module that turns the Linux kernel into a hypervisor, supporting x86, s390, PowerPC, and requiring CPU virtualization extensions. It is fully open source and was incorporated into the kernel starting with version 2.6.20.

System Management – iptables

iptables implements firewall filtering through a series of tables and chains. The five built‑in chains are PREROUTING, INPUT, FORWARD, OUTPUT, and POSTROUTING. The four tables are filter, nat, mangle, and raw, each serving distinct purposes (filter for host‑level filtering, nat for address translation, mangle for packet alteration, raw for early processing).

Packet processing follows a defined order:

Packet arrives at a network interface.

Raw PREROUTING chain (pre‑connection tracking).

Connection tracking (if applicable).

Mangle PREROUTING chain (TOS, TTL modifications).

Nat PREROUTING chain (DNAT).

Routing decision – determine local delivery or forwarding.

If the packet is to be forwarded, it traverses mangle FORWARD → filter FORWARD → mangle POSTROUTING → nat POSTROUTING before leaving the interface. If destined for the local host, it passes through mangle INPUT → filter INPUT → local process → raw OUTPUT → connection tracking → mangle OUTPUT → nat OUTPUT → routing → filter OUTPUT → mangle POSTROUTING → nat POSTROUTING → egress.

Table priority (high to low): raw → mangle → nat → filter.