Project Title

Setting up the computing

and networking
infrastructure for Orascom
FS

Team Member : TUTORS:

Naimi Intissar Mr. Tarek Ben Younes

Ayed Karim Mr. Anis Zouaoui

Hidri Mejda Mr. Med Yassine Hassen

El jaziri Achraf Mrs. Maissa Boujelben

Zriba Mayssa

Sidy Med Kutam

Ben Khemis Karem

Academic year: 2014/2015

 Acknowledgements

As stated SIR ISAAC NEWTON: "If I have seen further it is by

standing on the shoulders of giants"

We wish to express our sincere thanks:

To MsSlimen Ines for making yourself available and checking up on us

throughout the research period.

To Mr. Ben younestarek for his supervise and his support , all the time
he has granted us and for all the advice he has given us.

To all members of the jury.

To all those who, directly or indirectly, helped us to finalize this work.

P a g e 2 | 71
 Table of Contents
GENERAL INTRODUCTION ............................................................................................................................ 6
CHAPTER I: NEEDS ANALYSIS ...................................................................................................................... 7
1. INTRODUCTION ....................................................................................................................................... 7
2. PROJECT CONTEXT ................................................................................................................................ 7
3. PROBLEMATIC ......................................................................................................................................... 7
THOSE ARE THE QUESTIONS, WE ANSWER IN THE REST OF THIS REPORT. ............................... 7
4. NEEDS .......................................................................................................................................................... 8
5. SOLUTIONS ................................................................................................................................................ 9
A. FIREWALL................................................................................................................................................ 13
B. DHCP SERVICE ....................................................................................................................................... 14
C. DNS SERVICE .......................................................................................................................................... 14
D. WEB SERVICE .......................................................................................................................................... 14
E. MAIL SERVICE ......................................................................................................................................... 15
F. VOIP SERVICE ......................................................................................................................................... 16
G. FTP SERVICE ........................................................................................................................................... 18
H. NETWORK MONITORING : ........................................................................................................................ 18
I. BACKUP ................................................................................................................................................... 19
J. SQL DATABASE SOLUTION ...................................................................................................................... 20
I. DIRECTORY ............................................................................................................................................. 20
K. VPN ........................................................................................................................................................ 21
L. IDS / IPS ................................................................................................................................................. 21
6. CONCLUSION .......................................................................................................................................... 22
CHAPTER II: DESIGN ..................................................................................................................................... 23
1. INTRODUCTION ........................................................................................................................................ 23
2. ARCHITECTURE ....................................................................................................................................... 23
Global architecture ..................................................................................................................................... 23
3. NETWORKING PLAN ................................................................................................................................ 25
4. DEPLOYMENT .......................................................................................................................................... 26
A. DHCP server ....................................................................................................................................... 26
B. DNS server .......................................................................................................................................... 28
C. Web server ....................................................................................................................................... 28
All Servers ................................................................................................................................................... 29
 Load Balancers ................................................................................................................................... 29
Load Balancer #1 ........................................................................................................................................ 30
Load Balancer #2 ........................................................................................................................................ 34
Web Cluster ................................................................................................................................................. 34
D. Mail Server ...................................................................................................................................... 35
E. Database server ................................................................................................................................... 36
 CREATING AND USING A DATABASE...................................................................................................... 36
F. VoIP ..................................................................................................................................................... 38
G. FTP service ..................................................................................................................................... 46
 INSTALLING FTP SERVER:......................................................................................................................... 46
H. LDAP Server ................................................................................................................................... 46
I. Baucla .................................................................................................................................................. 47
J. Nagios .................................................................................................................................................. 49
6. CONCLUSION ........................................................................................................................................... 54
CHAPTER III: IMPLEMENTATION ............................................................................................................. 55

P a g e 3 | 71
 1. INTRODUCTION ........................................................................................................................................ 55
2. TEST ........................................................................................................................................................ 55
A. DHCP server ....................................................................................................................................... 55
B. DNS server .......................................................................................................................................... 56
C. Web service ..................................................................................................................................... 56
WEB SERVER (HTTP, HTTPS): FILES AND DATA MUST BE SECURED AND ALWAYS AVAILABLE .................... 60
 WEB AUTHENTICATION USING LDAP AND APACHE :............................................................... 61
D. Network Monitoring Test ................................................................................................................ 61
E. MySQL test .......................................................................................................................................... 62
FTP service test ........................................................................................................................................... 63
F. Bacula .................................................................................................................................................. 64
G. Open vpn ......................................................................................................................................... 66
GENERAL CONCLUSION ............................................................................................................................... 69
BIBLIOGRAPHY : ............................................................................................................................................. 70

Table of Figures

Figure 1- Configuration fo range of ipv6………………………………………………………………… 27

Figure 2- Configuration fo range of ipv4………………………………………………………………… 27
Figure 3- Login into Piranha ………………………………………………………………………………..31
Figure 4- Enable redundancy ………………………………………………………………………………31
Figure 5 : configure Virtual Servers ………………………………………………………………………32
Figure 6 : configure Real Servers …………………………………………………………………………32
Figure 7 : configure Real Servers …………………………………………………………………………33
Figure 8 : configure Https Servers ………………………………………………………………………..33
Figure 9 : create ifcfg-lo:0 ………………………………………………………………………………….35
Figure 10: Interface Reception Mail …………………………………………………………………...….36
Figure 11 : phpMyAdmin interface………………………………………………………………………. 37
Figure 12 Boot page …………………………………………………………………………………………38
Figure 13 Select language ………………………………………………………………………………….38
Figure 14 Network configuration ………………………………………………………………………….39
Figure 15The ROOT password …………………………………………………………………………….39
Figure 16 The Elastix distribution versions ……………………………………………………………..40
Figure 17 Log in page …………………………………………………………………………………….....40
Figure 18 The Elastix initial Admin web login screen………………………………………………….41
Figure 19 Elastix homepage ………………………………………………………………………………..42
Figure 20Adding an organization ………………………………………………………………………….42
Figure 21 the different organization ………………………………………………………………………43
Figure 22 Add user1 ………………………………………………………………………………………….43
Figure 23:the different users………………………………………………………………………………..44
Figure 24 : The X-Lite Softphones ………………………………………………………………………...44
Figure 25The configure page ………………………………………………………………………………45
Figure 26 Properties of Acoount1 …………………………………………………………………………45
Figure 27:FigureLDAP Dashboard interface …………………………………………………………….47
Figure 28 : installation nagios 1 …………………………………………………………………………...49
Figure 29 : Installation nagios 2…………………………………………………………………………...50

P a g e 4 | 71
Figure 30 : Installation nagios 3 …………………………………………………………………………..50
Figure 31 : Authentications ldap nagios ………………………………………………………………..53
Figure 32 :Authentications ldap …………………………………………………………………………..54
Figure 33 :Host address by DHCP server ………………………………………………………………..55
Figure 34 : test DNS IPv4 and IPv6 ………………………………………………………………………..56
Figure 35 : Test Load balancer …………………………………………………………………………….57
Figure 36 :Test Load balancer Master …………………………………………………………………….57
Figure 37 : Test Load balancer …………………………………………………………………………….58
Figure 38 :Test Load balancer Backup …………………………………………………………………..58
Figure 39 : Web Test site via ipv4 …………………………………………………………………………59
Figure 40 : Web Test site via ipv6 …………………………………………………………………………59
Figure 41 : Web Test site via ipvirtual at the same time ………………………………………………60
Figure 42 : Test domine name and HTTPS ………………………………………………………………60
Figure 43 : Web authentication using LDAP Test ……………………………………………………...61
Figure 44 : web interface Nagios hosts ………………………………………………………………….61
Figure 45 : phpMysql Dashboard interface ……………………………………………………………..62
Figure 46 : MySQL user table ……………………………………………………………………………...63
Figure 47 : vsftpd server ……………………………………………………………………………………63
Figure 48 : FileZilla client …………………………………………………………………………………..64
Figure 49 : Open Vpn test …………………………………………………………………………………..66

P a g e 5 | 71
 General introduction

In this new era of technologies of information and Telecommunication, we take to

complete a project as part of the validation of our fourth year.

The project is initiated by Orascom.

Orascom is a leading global engineering and construction contractor primarily focused on
infrastructure, industrial and high-end commercial projects in the Middle East, North Africa,
the United States, and the Pacific Rim for public and private clients. Orascom also develops
and invests in networking opportunities.
Orascom Construction has grown from a small family-run construction business into a global
engineering and construction contractor with projects and investments around the world.
The project consist on providing a multi facet file serving service to all Orascom users and
customers in a secured way, granting also all needed integrity and confidentiality of their data
and would require a fully scaled proof of concept including backbone emulation with all the
services dispatched around the different company sites without omitting the required criteria’s
related to data redundancy, integrity and confidentiality. All the internal company services
should also be provided in the context of this proof of concept.
In this report, we will focus on the important parts of our project. It will be as follows:

In the first chapter (Needs Analysis) we present the host organization, we outline the general
scope of project, we specify our needs and we expose our solutions.

The second chapter (Design) is devoted to the network architecture. In this chapter, we
identify how we divided tasks between us.

The third chapter (Implementation) describes steps of the installation of all technologies used
to realize this project.

We will conclude with a general scope of the project and what we really learned from this
collaborative work.

P a g e 6 | 71
 Chapter I: Needs analysis

1. Introduction
Before starting to implement, we need to know what the needs of our project are
globally and then look for the different solutions, which exist.
In this chapter, we focus on the needs and the solutions.

2. Project Context
Orascom file serving allows users and customers through a backbone to use dedicated
and local services in a secured way. This is important in the way where today services are on
demand and internet is covering the world and security becomes more and more important.
The technologies we used are described below.

3. Problematic
The project Orascom file serving includes the realization of a backbone which ensure the
connectivity between all sites.
This project incorporates also the deployment of all the solutions needed to offer the different
services required to produce and to diffuse all the needs of our clients and users it will also
propose and set up all security solutions to ensure access control, high availability and data
integrity.
-what are exactly the different solutions we need?
-How to configure it?
-What will be the politics of security to adopt to ensure the prevention against attacks?
Those are the questions, we answer in the rest of this report.

P a g e 7 | 71
4. Needs
1) Functional needs
 Architecture conception
 Network deployment
 Service implementation
 Security and protection with high performance.

2) Non Functional needs

 Reliability
 Security
 Performance of data communication
 Speed interaction
3) Technical needs
 Accessibility via internet
 Secure access
 Availability of network
 Web service
 Messaging service
 VoIP service
 Data sharing
 Monitoring service
 Backbone
 Security network
 Firewall for control access network
 Vpn

P a g e 8 | 71
4) Sites details
Our network is divided into seven sites interconnected with a physical switch and each one
will contain at least the following equipment:
 One core router.
 One provider edge router.
 Two customers edge router.
 DNS server
 LDAP server
 A specific server for each site.

5. Solutions
In this part, we will present all solutions adopted.

5.1 Network solutions

Protocols
 Multi-Protocol Label Switching (MPLS)
MPLS provides a mechanism for forwarding packets for any network protocol.
It was originally developed in the late 1990s to provide faster packet forwarding for IP
routers (RFC 3031). Since then its capabilities have expanded massively, for example
to support service creation (VPNs), traffic engineering, network convergence, and
increased resiliency. MPLS is now the standard for many carrier and service provider
networks and its deployment scenarios continue to grow.
Traditional IP networks are connectionless: when a packet is received, the
router determines the next hop using the destination IP address on the packet
alongside information from its own forwarding table. The router's forwarding tables
contain information on the network topology, obtained via an IP routing protocol, such
as OSPF, IS-IS, BGP, RIP or static configuration, which keeps that information
synchronized with changes in the network.

P a g e 9 | 71
MPLS similarly uses IP addresses, either IPv4 or IPv6, to identify end points
and intermediate switches and routers. This makes MPLS networks IP-compatible and
easily integrated with traditional IP networks. However, unlike traditional IP, MPLS
flows are connection-oriented and packets are routed along pre-configured Label
Switched Paths (LSPs).

 Open Shortest Path First (OSPF)

Is a link-state routing protocol for Internet Protocol (IP) networks. It uses a link
state routing algorithm and falls into the group of interior routing protocols, operating
within a single autonomous system (AS). It is defined as OSPF Version 2 in RFC
2328 (1998) for IPv4. The updates for IPv6 are specified as OSPF Version 3 in RFC
5340(2008)
OSPF is perhaps the most widely used interior gateway protocol (IGP) in large
enterprise networks.

 EIGRP Enhanced Interior Gateway Routing Protocol

EIGRP is an advanced communications protocol that helps automate routing
decisions on a computer network. The protocol was designed by Cisco Systems to
accommodate key design changes to the underlying communications protocol used on
the Internet known as IPv4. EIGRP was originally a proprietary protocol, which meant
that it was only available on Cisco routers, but became an open protocol in 2013,
allowing any router manufacturer to use it.
EIGRP allows a router to share information it knows about the network with
neighboring routers within the same logical area known as an autonomous. Contrary
to other well-known routing protocols, such as routing information protocol, EIGRP only
shares information that a neighboring router would not have, rather than sending all of
its information. EIGRP is optimized to help reduce the workload of the router and the
amount of data that needs to be transmitted between routers.

P a g e 10 | 71
Features
 Support for Classless Inter-Domain Routing (CIDR) and variable length subnet
 Masking. Routes are not summarized at the classful network boundary unless
 Auto summary is enabled.
 Support for load balancing on parallel links between sites.
 The ability to use different authentication passwords at different times.
 MD5 authentication between two routers.
 Sends topology changes, rather than sending the entire routing table when a
 Route is changed.
 Periodically checks if a route is available and propagates routing changes to
 Neighboring routers if any changes have occurred.
 Backwards compatibility with the IGRP routing protocols.

 EGP External Getaway Protocols

Border Gateway Protocol BGP is a standardized exterior gateway protocol
designed to exchange routing and reach ability information between autonomous
systems on the Internet.

Features:
 Acquire neighbors
 Monitor neighbors
 Exchange data as update messages
 Refuse all incoming BGP connections
 Start the initialization of event triggers.
 Initiates a TCP connection with its configured BGP peer.
 Listens for a TCP connection from its peer.
 Changes its state to Connect.
 Some of the reasons why a router does not progress from the idle state are:
TCP port 179 is not open. A random TCP port over 1023 is not open. Peer address
configured incorrectly on either router. AS number configured incorrectly on either
router.

P a g e 11 | 71
  Routing Information Protocol (RIP)
The Routing Information Protocol (RIP) is one of the oldest distance-vector routing
protocols, which employs the hop count as a routing metric. RIP prevents routing loops by
implementing a limit on the number of hops allowed in a path from the source to a
destination. The maximum number of hops allowed for RIP is 15. This hop limit,
however, also limits the size of networks that RIP can support. A hop count of 16 is
considered an infinite distance, in other words the route is considered unreachable. RIP
implements the split horizon, route poisoningand holddown mechanisms to prevent
incorrect routing information from being propagated.

RIP version 2 (RIPv2)

This version added several new features.

 External route tags.

 Subnet masks.
 Next hop router addresses.
 Authentication.
 Multicast support.

RIPng

Features

Even though RIPng is a new protocol, a specific effort was made to make RIPng like its
predecessors. Its basic operation is almost entirely the same, and it uses the same overall
algorithm and operation, as described in the general section on RIP operation. RIPng also
does not introduce any specific new features compared to RIP-2, except those needed to
implement RIP on IPv6.

P a g e 12 | 71
  Frame Relay
Frame relay is a standardized wide area network technology that specifies the
physical and logical link layers of digital telecommunications channels using a packet
switching methodology. Originally designed for transport acrossIntegrated Services
Digital Network (ISDN) infrastructure, it may be used today in the context of many other
network interfaces.
With the advent of Ethernet over fiber optics, MPLS, VPNand
dedicated broadband services such as cable mode and DSL, the end may loom for the
frame relay protocol and encapsulation. However many rural areas remain lacking DSL
and cable modem services. In such cases, the least expensive type of non-dial-up
connection remains a 64-kbit/s frame relay line. Thus a retail chain, for instance, may use
frame relay for connecting rural stores into their corporate WAN.

5.2 Service solution

A. Firewall
PfSense

PfSense is a free, open source customized distribution of FreeBSD tailored for

use as a firewall and router.

Features
 Filtering by source and destination IP and port of TCP, UDP traffic.
 Able to limit simultaneous connection on per-rule basis.
 Allow you to filter by the operating System initiating the connection.
 NAT limitation
 Load Balancing
 Reporting and monitoring in real time
 But the capturing traffic originating from the Internet and entering your networkis not
possible.
 IPv6 support.

P a g e 13 | 71
 B. DHCP Service

The DHCP server in pfSense will hand out addresses to DHCP clients and automatically
configure them for network access. By default, the DHCP server is enabled on the LAN
interface.

C. DNS Service
The Domain Name System (DNS) is a hierarchical naming system built on a distributed
database for computers, services, or any resource connected to the Internet or a private
network. It associates various information with domain names assigned to each of the
participating entities.

BIND

BIND (Berkeley Internet Name Domain) is an implementation of the DNS protocols and
provides an openly redistributable reference implementation of the major components of the
Domain Name System, including Domain Name System server, Domain Name System
resolver library and tools for managing and verifying the proper operation of the DNS server.

It provides a robust and stable platform on top of which organizations can build distributed
computing systems with the fully compliant with published DNS standards.

D. Web Service

Apache
The Apache http server is a free software license Developed by The ASF
(Apache Software Foundation) that allows the user of the software the freedom to use
the software for any purpose, to distribute and to modify versions of the software.

P a g e 14 | 71
Features:
 Software license: Open source.
 Operating system support: Apache can run on Windows, Linux, UNIX and Mac OS X.
 Apache virtual host:
The term Virtual Host refers to the practice of running more than one web site
on a single machine. Virtual hosts can be "IP-based", meaning that you have a different
IP address for every web site, or "name-based", meaning that you have multiple names
running on each IP address. The fact that they are running on the same physical server
is not apparent to the end user.
 Apache was one of the first servers to support IP-based virtual hosts right out of the
box. It support both IP-based and name-based virtual hosts.
Apache http server can support IPV6.

E. Mail Service

Every business needs email, but not every business wants an expensivepropriety email
server. If you prefer a free mail server, consider Postfix/Dovecot, an open source email server.
Postfix/Dovecot is a feature-rich email server. It offers advantages over alternatives such as
Sendmail and Exim in areas like security, features, ease of use,and support.

E-mail system Components

 Mail user Agent(MUA)
It is a client application provided by the web server. A client used to compose and read e-mail
(webmail: squire mail or thunderbird).
 Mail transfer Agent(MTA)
Postfix is a free open source mail transfer agent (MTA), a computer program for the routing
and delivery of email. It is intended as a fast, easy-to-administer, and secure alternative to the
widely-used Sendmail MTA which is installed by default with Centos.
It handles both incoming and outgoing SMTP.

P a g e 15 | 71
  Mail delivery Agent(MDA)
Dovecot This IMAP/POP3 server handles requests from users who want to log in and check
their email.
Dovecot's LMTP service functions as the Mail Delivery Agent (MDA) by saving mail files on
the server. It also handles all authorization. It checks users' email addresses and passwords.
We choose the IMAP server because it keeps emails, but you can delete them, however POP
clears the message directly from the server after sending the client (you).
Advantages:
 IPv6 support
 SASL and TLS authentication
 Openldap, database support
 Maildir and mailbox format

Security mail server

Installing SSL Certificate (Secure Server Certificate) to secure communication between
Postfix SMTP server and mail client such as Web mail or thunderbird. Transport Layer
Security (TLS, formerly called SSL) provides this certificate based authentication and
encrypted sessions. An encrypted session protects theinformation that is transmitted with
SMTP mail or with SASL authentication.

F. VoIP service

Elastix

Elastix is an Open Source Software to establish Unified Communications. About

this concept, Elastix goal is to incorporate all the communication alternatives; available at an
enterprise level, into a unique solution.

P a g e 16 | 71
Features
Some of the basic Features of Elastix include:
 Voicemail
 Fax-to-email
 Support for softphones
 Web Interface Configuration
 Virtual conference rooms
 Call recording
 Least Cost Routing
 Extension Roaming
 PBX Interconnection
 Caller ID
 Advance Reports

X-LITE
X-LITE for VoIP Providers is a free softphone client available for Android,
iPhone and Windows. Connect the client to a VoIP Provider to make calls to any mobile or
landline number.

Features
Some of the basic Features of X-LITE include:

 Available for Android, iPhone and Windows

 On Windows choose several popular phone interfaces
 Automatically provision the settings
 Blind Transfers
 Record calls
 Shows personal call log/history
 Supports G.711, GSM and Speex codecs
 Supports standard USB and JABRA headsets (Windows)
 Works with popular VoIP Providers

P a g e 17 | 71
 G. FTP service

VSFTPD

VSFTPD is the default FTP server in the Ubuntu, CentOS, Fedora, NimbleX, Slackware and
RHEL Linux distributions. It is secure and extremely fast. It is stable. VSFTPD is a mature
and trusted solution which supports virtual users with PAM (pluggable authentication
modules).

FileZilla

The FileZilla software program is a free-to-use, allowing a user to transfer files from a local
computer to a remote computer. FileZilla is available as a client version and a server version.
FileZilla is capable of running in Windows, Mac OS X, and Linux. It supports FTP, SFTP,
and FTPS protocols.

H. Network Monitoring :

Nagios
Nagios is a powerful monitoring system that enables organizations to identify and resolve IT
infrastructure problems before they affect critical business processes.

Features

 Monitor your entire IT infrastructure

 Spot problems before they occur

 Know immediately when problems arise

 Detect security breaches

 Plan and budget for IT upgrades

 Reduce downtime and business losses

P a g e 18 | 71
 I. Backup

 the concept
We know that informatics doesn’t go without risks and in an enterprise the data of the clients
and are important to save to avoid any damage that could happen any time, it is why we made
use of backup.
In order to prevent the loss of data in the event of a hard drive failure, user error, disaster or
accident, we choose to configure an archiving tool which is responsible for backing up and
restoring files, folders, databases and hard drives on a network.

This archiving tool that is able to back up data residing on multiple computers on a network.
It uses a client–server model, where the server contacts each client to perform a backup at a
scheduled time.

Bacula

We choose to use Bacula as an archiving tool because of its advantages and it’s the most used
by system administrators.

Bacula is a set of Open Source, computer programs that permit you (or the system
administrator) to manage backup, recovery, and verification of computer data across a
network of computers of different kinds. Bacula is relatively easy to use and very efficient,
while offering many advanced storage management features that make it easy to find and
recover lost or damaged files. In technical terms, it is an Open Source, network based backup
program.
According to Source Forge statistics (rank and downloads), Bacula is by far the most popular
Open Source program backup program.

P a g e 19 | 71
 J. SQL database solution

MySQL

For the SQL DataBase we have chosen MySQL is the world’s most popular open source
database, enabling the cost-effective delivery of reliable, high-performance and scalable Web-
based and embedded database applications..

i. Directory

OpenLDAP
OpenLDAP Software is a free, open source implementation of the Lightweight
Directory Access Protocol (LDAP) developed by the OpenLDAP Project. It is released
under its own BSD-style license called the OpenLDAP Public License. LDAP is a
platform-independent protocol. Several common Linux distributions include
OpenLDAP Software for LDAP support. The software also runs on BSD-variants, as
well as AIX, Android, HP-UX, Mac OS X, Solaris, Microsoft Windows (NT and
derivatives, e.g. 2000, XP, Vista, and Windows 7…).

Features
 DNS-based service location
 Simple Paged Result Control
 Password Modify operation
 Proxy Authorization control
 The Binary Encoding Option
 Modify/Increment extension
 Pre/Post Read controls
 Content Synchronization operation
 Session Tracking Control
 Duplicate Entry Control

P a g e 20 | 71
 K. VPN

A virtual private network (VPN), using encryption and other secure methods, enables a
computer to send and receive data across shared or public networks as if it were directly
connected to the private network, while benefiting from the functionality, security and
management policies of the private network.

This is done by establishing a virtual point-to-point connection through the use of dedicated
connections, encryption, or a combination of the two.

Open vpn

OpenVPN is an open source virtual private network (VPN) product that offers simplified
security, a modular network design and cross-platform portability.

OpenVPN is licensed under the GNU General Public License (GPL).

L. IDS / IPS

Snort
Snort is an open source network intrusion prevention and detection system
(IDS/IPS) developed by Source fire. Combining the benefits of signature, protocol, and
anomaly-based inspection, Snort is the most widely deployed IDS/IPS technology
worldwide. With millions of downloads and nearly 400,000 registered users, Snort has
become the de facto standard for IPS.

Features
 Shell-based user interface with embedded scripting language
 Native IPv6, MPLS support
 More subsystem plugin types such as data acquisition modules, decoders and
 TrafficAnalyzer
 Multithreaded execution model

P a g e 21 | 71
6. Conclusion

In this chapter, we explained in detail the functional and non-functional needs and now we
are going to next phase. The design chapter where we will be discussing the architecture,
networking plan, deployment and finally the change log

P a g e 22 | 71
 Chapter II: Design

1. Introduction

After completing Needs’ Analysis, the following step is the design of our network, we
should first present our architecture, briefly explained the Networking Plan adopted, the
Deployment and we ends with the Change Log.

2. Architecture

Global architecture

Following the identification of each site and it addressing pool, we have to configure for
each site two zones.
 DMZ: In this zone, each site will deploy its different services that will be reached
by other users from other DMZ zone

 LAN: in this zone each machine will be attributed a dynamic address from the
DHCP server.

 WAN: In every site, we have to attribute a WAN interface that will allow us to
communicate with other sites.

P a g e 23 | 71
 Site 3
Site 1 Site 2
DMZ 2 DMZ 3
DMZ 1

DHCP
Directory Monitoring DHCP Directory server
Directory Data Base DNS DNS
DNS Web server server server server Mailing
server server server server
server server server

Host Monitoring Monitoring

Monitoring

CE2
CE2
LAN 1 Pfsense

CE1
DHCP server Site 4
DMZ 4

CE2 PE1 MPLS FTP

Backup frame-relay server DHCP
OSFP v3 MP-BGP DNS Directory
server
SERVER
server

Monitoring

CE2
CE2

CE2
Site 7 CE2

Site 6 Site 5
DMZ 7
DMZ 6 DMZ 5

DNS Directory
server Backup DHCP
server DNS Directory DNS Directory
server SERVER VOIP DHCP
server server server server
SERVER
web server
HOST DHCP Data
Monitoring SERVER Base
Monitoring
server

P a g e 24 | 71
 3. Networking Plan
The backbone-addressing plan
Sites Provider Provider Edge

Site 1 10.20.1.1 10.20.1.2

Site 2 10.20.2.1 10.20.2.2

Site 3 10.20.3.1 10.20.3.2

Site 4 10.20.4.1 10.20.4.2

Site 5 10.20.5.1 10.20.5.2

Site 6 10.20.6.1 10.20.6.2

Site 7 10.20.7.1 10.20.7.2

 sites addressing plan:

PE-CE1 PE-CE2 CE1-CE2 subnet CE- Fw subnet

Sites Vrf1 Vrf 2

Site1 172.16.1.0 172.168.2.0 172.16.3.0 /30 192.168.1.128 /26

2001:0DB8:AAAB:1:: 2001:0DB8:AAAC:1:: /64 192.168.1.192 /64

Site 2 172.16.4.0 172.16.5.0 172.16.6.0 /30 192.168.1.128 /26

2001:0DB8:AAAB:2:: 2001:0DB8:AAAC:2:: /64 192.168.1.192 /64

Site 3 172.16.7.0 172.16.8.0 172.16.9.0 /30 192.168.1.128 /26

2001:0DB8:AAAB:3:: 2001:0DB8:AAAC:3:: /64 192.168.1.192 /64

Site 4 172.16.10.0 172.16.11.0 172.16.12.0 /30 192.168.1.128 /26

2001:0DB8:AAAB:4:: 2001:0DB8:AAAC:4:: /64 192.168.1.192 /64

Site 5 172.16.13.0 172.16.14.2 172.16.15.0 /30 192.168.1.128 /26

2001:0DB8:AAAB:5:: 2001:0DB8:AAAC:5:: /64 192.168.1.192 /64

Site 6 172.16.16.0 172.16.17.0 172.16.18.0 /30 192.168.1.128 /26

P a g e 25 | 71
 2001:0DB8:AAAB:6:: 2001:0DB8:AAAC:7:: /64 192.168.1.192 /64

Site 7 172.16.19.0 172.16.20.0 172.16.21.0 /30 192.168.1.128 /26

2001:0DB8:AAAB:7:: 192.168.1.192

Site LAN DMZ WAN1 WAN2 subnet

Site 1 192.168.1.0/24 192.168.1.64 /26 192.168.1.128/26 192.168.1.192 /26

IPV6 2001:0DB8:AAA1:1:: 2001:0DB8:AAA1:2:: 2001:0DB8:AAA1:3:: 2001:0DB8:AAA1:4:: /64

Site 2 192.168.2.0 192.168.2.64 192.168.2.128 192.168.2.192 /26

2001:0DB8:AAA2:1:: 2001:0DB8:AAA2:2:: 2001:0DB8:AAA2:3:: 2001:0DB8:AAA2:4:: /64

Site3 192.168.3.0 192.168.3.64 192.168.3.128 192.168.3.192 /26
2001:0DB8:AAA3:1:: 2001:0DB8:AAA3:2:: 2001:0DB8:AAA3:3:: 2001:0DB8:AAA3:4:: /64
Site4 192.168.4.0 192.168.4.64 192.168.4.128 192.168.4.192 /26
2001:0DB8:AAA4:1:: 2001:0DB8:AAA4:2:: 2001:0DB8:AAA4:3:: 2001:0DB8:AAA4:4:: /64
Site 5 192.168.5.0 192.168.5.64 192.168.5.128 192.168.5.192 /26
2001:0DB8:AAA5:1:: 2001:0DB8:AAA5:2:: 2001:0DB8:AAA5:3:: 2001:0DB8:AAA5:4:: /64
Site6 192.168.6.0 192.168.6.64 192.168.6.128/26 192.168.6.192 /26
2001:0DB8:AAA6:1:: 2001:0DB8:AAA6:2:: 2001:0DB8:AAA6:3:: 2001:0DB8:AAA6:4:: /64
Site7 192.168.7.0 192.168.7.64 192.168.7.128 192.168.7.192 /26
2001:0DB8:AAA7:1:: 2001:0DB8:AAA7:2:: 2001:0DB8:AAA7:3:: 2001:0DB8:AAA7:4:: /64

4. Deployment

A. DHCP server
The DHCP server page, found under Services > DHCP Server, has a tab for each available
interface. The DHCP daemon can only run on interfaces with a Static IP address, so if a tab
for an interface is not present, check that it is enabled and set with a Static IP.

P a g e 26 | 71
 Figure 1- Configuration fo range of ipv6

Figure 2- Configuration fo range of ipv4

P a g e 27 | 71
 B. DNS server

#yum install Bind

#yum install caching-name server

C. Web server

 Installation

Install apache with this command

Yum install httpd* -y
Edit this file “/etc/httpd/conf/httpd.conf” and create your web page
“/var/www/html/pinterest.html”

 High Availability: Configure Piranha for HTTP, HTTPS :

Piranha is a simple yet powerful tool to manage virtual IP and service with its web-based GUI.

 Web (highly available and load-balanced): High availability must be present in our
network since it serves to eliminate points of failure and can detect faults as they
occur.
 Load Balancing to ensure the load balancing: we implement 3 web server to decrease its
overload when it receives many requests at the same time.
 Web server (HTTP, HTTPS): Files and data must be secured and always available.

We have 3 web servers running on Apache and mounted the same document root to serve the HTTP
content. We also have 2 servers in front of it to become the load balancer and failover to increase high
availability of the two-node web server cluster. The virtual IP will be hold by load balancer (lvs1) with auto
failover to load balancer (lvs2).

We use the following variables:

All servers’ OS: CentOS 6.3 64bit

Web #1: 192.168.1.115 Web #1 ipv6 : 2001 :db8 :aaa1 :2 ::115
Web #2: 192.168.1.113 Web #2 ipv6 : 2001 :db8 :aaa1 :2 ::113
Web #3: 192.168.1.116 Web #3ipv6:2001:db8:aaa1:2:: 114
P a g e 28 | 71
Load balancer #1: 192.168.1.112
: 192.168.100.13
Load balancer #2: 192.168.1.114
: 192.168.100.14
Virtual IPv4: 192.168.1.125
Load balancer #1ipv6:2001:db8:aaa1:2:: 112
Load balancer #2ipv6:2001:db8:aaa1:2:: 114
Virtual IPv6: 2001:db8:aaa1:2:: 125

The Piranha configuration with HTTP and HTTPS load balancing using direct-routing with firewall marks.
HTTP/HTTPS will need to be accessed by users via virtual public IP 192.168.1.125.

All Servers

SELINUX must be turned off on all servers. Change the SELINUX configuration file at
/etc/sysconfig/selinux:

SELINUX=disabled

 Load Balancers

1. All steps should be done in both servers unless specified. We will install Piranha and other
required packages using yum:

$ Yum install piranha ipvsadm –y

2. Open firewall ports as below:

$ iptables -A INPUT -m tcp -p tcp --dport3636-j ACCEPT

$ iptables -A INPUT -m tcp -p tcp --dport80-j ACCEPT
$ iptables -A INPUT -m tcp -p tcp --dport443-j ACCEPT
$ iptables -A INPUT -m tcp -p tcp --dport539-j ACCEPT
$ iptables -A INPUT -m udp -p udp --dport161-j ACCEPT

3. Start all required services and make sure they will auto start if server reboot:

$ service piranha-gui start

$ chkconfig piranha-gui on
$ chkconfig pulse on

P a g e 29 | 71
4. Run following command to set password for user piranha. This will be used when
accessing the web-based configuration tools:

$ piranha-passwd

5. Turn on IP forwarding. Open /etc/sysctl.conf and make sure following line has value 1:

net.ipv4.ip_forward = 1

And run following command to activate it:

$ sysctl -p

6. Check whether iptables is loaded properly as the kernel module:

$ lsmod|grep ip_tables
ip_tables 17733 3 iptable_filter,iptable_mangle,iptable_nat

7. Since we will need to serve HTTP and HTTPS from the same server, we need to group the
traffic to be forwarded to the same destination. To achieve this, we need to mark the packet
using iptables and so it being recognized correctly on the destination server. Set the iptables
rules to mark all packets which destined for the same server as “80”:

$ iptables -t mangle -A PREROUTING -p tcp -d 192.168.1.125/32 --dport 80 -j MARK --set-

mark 80
$ iptables -t mangle -A PREROUTING -p tcp -d 192.168.1.125/32 --dport 443 -j MARK --
set-mark 80

Load Balancer #1

1. Check the IP address is correctly setup:

$ ip a | grep inet
inet 192.168.1.112/26 brd 192.168.1.255 scope global eth0
inet 192.168.100.14/24 brd 192.168.100.255 scope global eth1

2. Login into Piranha at http://192.168.1.112:3636/. Login as user piranha and password

which has been setup in step #4 of Load Balancers section.

P a g e 30 | 71
 Figure 3- Login into Piranha

3. Enable redundancy. Go to Piranha > Redundancy > Enable.

Figure 4- Enable redundancy

4. Enter the IP information as below:

Redundant server public IP : 192.168.1.114

Redundant server private IP : 192.168.100.14
Monitor NIC links for failures : Enabled
Use sync daemon : Enabled

P a g e 31 | 71
Click ‘Accept’

5. Go to Piranha > Virtual Servers > Add > Edit. Add information as below and click
‘Accept':

Figure 5 : configure Virtual Servers

6. Next, go to Real Server. This we will put the IP address of all real servers that serve HTTP.
Fill up all required information as below

Figure 6 : configure Real Servers

P a g e 32 | 71
 Figure 7 : configure Real Servers

7. Now we need to do the similar setup to HTTPS. Just change the port number for
‘Application port’ to 443. For Real Server, change the real server’s destination port to 443

Figure 8 : configure Https Servers

8. Now copy over the script and Piranha configuration file to load balancer #2:

$ scp/etc/sysconfig/ha/lvs.cf lvs2:/etc/sysconfig/ha/lvs.cf

P a g e 33 | 71
9. Restart Pulse to activate the Piranha configuration in LB#1:

$ service pulse restart

Load Balancer #2

In this server, we just need to restart pulse service as below:

$ chkconfig pulse on
$ service pulse restart

Web Cluster

1. On each and every server, we need to install a package called arptables_jf from yum. We
will used this to manage our ARP tables entries and rules:

$ yum install arptables_jf -y

2. Add following rules respectively for every server:

Web1:

arptables -A IN -d 192.168.1.125 -j DROP

arptables -A OUT -d 192.168.1.125 -j mangle --mangle-ip-s 192.168.1.112

Web 2:

arptables -A IN -d 192.168.1.125 -j DROP

arptables -A OUT -d 192.168.1.125 -j mangle --mangle-ip-s 192.168.1.112

Web 3:

arptables -A IN -d 192.168.1.125 -j DROP

arptables -A OUT -d 192.168.1.125 -j mangle --mangle-ip-s 192.168.1.125

3. Enable arptables_jf to start on boot, save the rules and restart the service:

$ service arptables_jf save

$ chkconfig arptables_jf on
$ service arptables_jf restart

4. Add the virtual IP manually into the server using iproute command as below:

$ /sbin/ip addr add 192.168.1.125 dev eth0

P a g e 34 | 71
5. Add following entry into /etc/rc.local to make sure the virtual IP is up after boot:

$ echo '/sbin/ip addr add 192.168.1.125 dev eth0' >>/etc/rc.local

Attention: If you restart the interface that hold virtual IP in this server, you need to execute
step #4 to bring up the virtual IP manually. VIPs cannot be configured to start on boot.

for that reason i create ifcfg-lo:0

Figure 9 : create ifcfg-lo:0

D. Mail Server
These two interfaces represent the sending and the receiving of mails using the
thunderbird client between two distant users which are connected to the Postfix and
Dovecot servers implemented in the site number 3.

P a g e 35 | 71
 Figure 10: Interface Reception Mail

E. Database server

 Creating and Using a Database

#yum –y install mysql-server

#/etc/rc.d/init.d/mysql start

 Clustering
For the beginning we add the three node in this file “/etc/hosts”
Second we download mysql cluster

wget http://download.softagency.net/MySQL/Downloads/MySQL-Cluster-7.0/MySQL-
Cluster-gpl-management-7.0.35-1.rhel5.x86_64.rpm
wget http://download.softagency.net/MySQL/Downloads/MySQL-Cluster-7.0/MySQL-
Cluster-gpl-tools-7.0.34-1.rhel5.x86_64.rpm
rpm -Uhv MySQL-Cluster-gpl-management-7.0.35-1.rhel5.x86_64.rpm
rpm -Uhv MySQL-Cluster-gpl-tools-7.0.34-1.rhel5.x86_64.rpm
Third we download mysql storage
wget http://download.softagency.net/MySQL/Downloads/MySQL-Cluster-7.0/MySQL-
Cluster-gpl-storage-7.0.35-1.rhel5.x86_64.rpm
rpm -Uhv MySQL-Cluster-gpl-storage-7.0.35-1.rhel5.x86_64.rpm

P a g e 36 | 71
Now we install mysql lib

yum install libaio –y

cd /usr/local/src
wget http://dev.mysql.com/get/Downloads/MySQL-Cluster-7.2/MySQL-Cluster-client-gpl-
7.2.8-1.el6.x86_64.rpm/from/http://cdn.mysql.com/
wget http://dev.mysql.com/get/Downloads/MySQL-Cluster-7.2/MySQL-Cluster-shared-gpl-
7.2.8-1.el6.x86_64.rpm/from/http://cdn.mysql.com/
wget http://www.mysql.com/get/Downloads/MySQL-Cluster-7.2/MySQL-Cluster-server-gpl-
7.2.8-1.el6.x86_64.rpm/from/http://cdn.mysql.com/
Install all packages:
rpm -Uhv MySQL-Cluster-*
configuration file /etc/my.cnf

Figure 11 : phpMyAdmin interface

P a g e 37 | 71
 F. VoIP

 Installation
At this point, your machine has correctly booted off the CD, and you can eitherwait and it will
start the installation by itself, or you can press enter and it will commence immediately

Figure 12 Boot page

Select your language using the arrow keys and then press <TAB> to move to
the OK button. Once the OK is highlighted you can then press <SPACE>.

Figure 13 Select language

P a g e 38 | 71
This is one of the screens where you need to use the space bar to select your
options. You definitely need to ACTIVATE ON BOOT and as a minimum select ENABLE
IPv4 support.

Figure 14 Network configuration

The next screen and what you place in here is critical. This is ROOT password
screen and what you enter here needs to be written down.

Figure 15The ROOT password

P a g e 39 | 71
• Once rebooted, you will see the following screen where you can select the Elastix
distribution versions. In this case we shall leave it at the default.

Figure 16 The Elastix distribution versions

• After going through its initial startup script, Elastix is ready for you to configuring and make
changes to the system default.
Once Elastix has been installed, you may log in to Elastix if you need to do any command line
tasks.
Log in to your new Elastix (user: root, password: The one you gave earlier)

Figure 17 Log in page

P a g e 40 | 71
SET-UP ELASTIX
Using your browser, you can connect to https://ipaddress/ (e.g. https:// 192.168.226.133) to
configure Elastix.
You will be presented with the Elastix initial Admin web login screen as illustrated below.

Figure 18 The Elastix initial Admin web login screen

Once logged in, the System Status screen will appear. This screen is the control centre.

P a g e 41 | 71
 Figure 19 Elastix homepage

This screen is for adding an organization which is orascom.com

Figure 20Adding an organization

P a g e 42 | 71
Here we have the different organization

Figure 21 the different organization

Here we'll add two users (user1 & user2)

To fill the information about a user (user1) as name, password

Figure 22 Add user1

P a g e 43 | 71
Here we have the different users

Figure 23:the different users

SET UP X-LITE SOFTPHONE

X-Lite Softphones can be downloaded here:

http://www.counterpath.com/xlitedownload.html

Figure 24 : The X-Lite Softphones

P a g e 44 | 71
After installing the softphone we need to configure the sofphone.
When you start X-Lite 3 for the first time, you will see the following screen.

Figure 25The configure page

Click the Add button.

You will then get the following screen.

Figure 26 Properties of Acoount1

P a g e 45 | 71
This is where you will enter your credential
At the various fields, add the following:
• Display Name: Your Name
• User Name: Your extension number
• Password: The password of the
extension when you created it in Elastix
• Authorization User name: The same as
your User Name or extension
• Domain: Your Elastix IP address

Put a check mark in the Register with domain and receive incoming calls
Make sure the Target Domain Radio Button is marked.
For this purpose, that’s all you need to do and Click apply, OK and close at the next screen.
You are now ready to use the X-Lite softphone.

G. FTP service
 Installing ftp server:
1. Here we describe how we have installed ftp server:
2. #yum install vsftpd
3. #nano /etc/vsftpd/vsftpd.conf
4. #service vsftpd start
5. To test if the configuration is done we check this URL ftp://192.168.4.69/

H. LDAP Server

To install ldap we use this command:

yum install -y openldap-servers openldap-clients

Besides we create a certificate and modified this files with your configuration
“/etc/openldap/slapd.conf”
“/etc/sysconfig/ldap”
“/etc/openldap/ldap.conf”
“/root/root.ldif”

P a g e 46 | 71
Now to use a graphical interface to facility adding user we install phpldapadmin with this
command
Yum install -y phpldapadmin

Figure 27:FigureLDAP Dashboard interface

I. Baucla

 Installation of Bacula & Configuration

On the server

#yum install bacula-server bacula-console

On the client

#yum install bacula-client bacula-console

We have four files to configure on the server

Bacula-dir.conf,bacula-sd.conf,bacula-fd.conf,bconsole.conf

Here is some parts of the files:

P a g e 47 | 71
 Figure 28:Configuration file

We have two files to configure on the client

Bacula-fd.conf,bconsole.conf

Figure 29:Configuration file 2

We use Webmin interface to create jobs :

Figure 30: webmin interface

P a g e 48 | 71
 J. Nagios

 Installation

We decided to use a virtual machine where we installed centos6.3 operating system.

Figure 31 : installation nagios 1

P a g e 49 | 71
Figure 32 : Installation nagios 2

Figure 33 : Installation nagios 3

P a g e 50 | 71
P a g e 51 | 71
P a g e 52 | 71
Now we can access to Nagios interface

Figure 34 : Authentications ldap nagios

P a g e 53 | 71
 Figure 35 :Authentications ldap

6. Conclusion

We explained, in this last chapter, the network architecture of the project. In the next
chapter, we present some interfaces of the installed technologies without forgetting to
tell installing steps.

P a g e 54 | 71
 Chapter III:
Implementation
1. Introduction

This chapter represents the last phase of the project. It goes about the testing phase, the
achievement rate of our project and finishes with personal feedback of all group members so
this chapter show the final results that our effort achieved.

2. Test

A. DHCP server
The DHCP server allow for the first host the first address in the range

Figure 36 :Host address by DHCP server

P a g e 55 | 71
 B. DNS server

Figure 37 : test DNS IPv4 and IPv6

C. Web service

 Test Web cluster

Web (highly available and load-balanced)High availability must be present in our network
since it serves to eliminate points of failure and can detect faults as they occur.

P a g e 56 | 71
Load balancer Master

Figure 38 : Test Load balancer

$ Service pulse restart

$ Tail –f /var/log/messages

Figure 39 :Test Load balancer Master

P a g e 57 | 71
# ipvsadm -l

Figure 40 : Test Load balancer

Test Load balancer Backup

$ Service pulse restart

$ tail –f /var/log/messages

Figure 41 :Test Load balancer Backup

P a g e 58 | 71
Access the web interface via IPv4 :

Figure 42 : Web Test site via ipv4

Access the web interface via IPv6

Figure 43 : Web Test site via ipv6

P a g e 59 | 71
Access the web interface via IP Virtual: 192.168.1.125

Load Balancing to ensure the load balancing: we implement 3 web server to decrease its
overload when it receives many requests at the same time.

Figure 44 : Web Test site via ipvirtual at the same time

Web server (HTTP, HTTPS): Files and data must be secured and always available

Figure 45 : Test domine name and HTTPS

P a g e 60 | 71
  Web authentication using LDAP and Apache :

Figure 46 : Web authentication using LDAP Test

D. Network Monitoring Test

 Test monitoring server:

Hosts

Figure 47 : web interface Nagios hosts

P a g e 61 | 71
 E. MySQL test
PhpMyAdmin is a graphic interface used to manage MySQL database and we can
see in this interface the different components of this interface and the different functions
used to add databases and manage them.

Figure 48 : phpMysql Dashboard interface

P a g e 62 | 71
To verify tables created in MySQL.
#mysql –u root –p

Figure 49 : MySQL user table

FTP service test

Figure 50 : vsftpd server

P a g e 63 | 71
  Testing client side :

Figure 51 : FileZilla client

F. Bacula

Here is a scenario of backup

Figure 52:Creation of schedule

P a g e 64 | 71
 Figure 53:Creation of files to backup

Figure 54:Creation of the client

-Creation of job :

Figure 55:Creation of job

P a g e 65 | 71
 Figure 56:Runnig the job and backup

Figure 57:Backup ok

G. Open vpn

Figure 58 : Open Vpn test

P a g e 66 | 71
 c. Achievement Rate

Web Mailing VoIP Ftp DHC DNS Monitoring Back DataBase Total
P up rate
Naimi 90% 100% 100% 80% 92.5%
Intissar
Ayed Karim 100% 100% 90% 96.6%
Sidy Med 100% 100% 75% 91.6%
koutam
Benkemis 80% 100% 100% 93.3%
Karem
Hidri Mejda 80% 100% 100% 93.3%
Zriba 80% 100% 100% 93.3%
Mayssa
Eljaziri 90% 100% 100% 96.6%
Achraf

d. Personal Feedback

The Orascom project allows us to:

 Have the opportunity to work in group Have the opportunity to realize a project with
new knowledge
 Design a full heterogenic network architecture enabling us to be adapted to an ever
changing technological environment,
 Many prototyping and design strategic for the network architecture, the
interconnection between the sites will lead us to get opinion for doing some specific
research,
 Implementation of many servers with configuration,
 Understanding how to install servers and system related to many services will meets
the needs of the working professional

P a g e 67 | 71
 Learning new technologies of security ( Firewalls, IDS, IPS..)

 We gain experience by making the interconnection of many services and watch it

working on real mode with different network like local and wide range
 This innovative project opportunity let us get experience and make us well
professionals educated that we are prepared to meet the challenges of a rapidly
changing world.

P a g e 68 | 71
 General Conclusion

During this project, we have discovered several network technologies, security, and
use of the various services through the installation and configuration of different servers.
We had the chance to acquire and control new skills in networks and management
systems. That’s why we are able now to develop, deploy, install and implement network
services and assuming responsibility for system configuration management and global
operational preparation of network systems, environments, especially with various operating
systems and configurations, and provide repair and research services to network
problems failure.

P a g e 69 | 71
Bibliography :
[1] https ://openvpn.net/.
[2] https ://www.delafond.org/traducmanfr/man/man8/dhcpd.8.html.
[3] https ://www.dovecot.org/.
[4] https ://www.filezilla.fr.
[5] https ://www.frameip.com/snmp/.
[6] https ://www.httpd.apache.org/.
[7] https ://www.isc.org/downloads/bind/.
[8] https ://www.live555.com/mediaserver.
[9] https ://www.mongodb.org/.
[10] https ://www.mozilla.org/fr/firefox/new/.
[11] https ://www.mysql.fr/.
[12] https ://www.nagios.org/.
[13] https ://www.openldap.org/.
[14] https ://www.openssh.org/.
[15] https ://www.pfsense.org.
[16] https ://www.postfix.org/.

P a g e 70 | 71
P a g e 71 | 71