LPI LPIC-2: Advanced Linux Administration, Kernel, and Network Services

LPIC-2 kernel management: the Linux kernel is modular — the base kernel plus loadable kernel modules (LKMs) that extend functionality. Kernel compilation: download kernel source (kernel.org), configure with make menuconfig (ncurses UI) or make xconfig (GUI), compile with make, install modules with make modules_install, install kernel with make install. /proc filesystem: virtual interface to kernel data — /proc/cpuinfo (processor details), /proc/meminfo (memory usage), /proc/net/dev (network statistics), /proc/sys/ (kernel parameters — adjustable with sysctl). sysctl: view/modify kernel parameters at runtime — sysctl -a (list all), sysctl net.ipv4.ip_forward=1 (enable IP forwarding), persist in /etc/sysctl.conf or /etc/sysctl.d/*.conf. systemd deep dive: unit types (service, socket, timer, target, mount, device), systemctl mask (prevent service from starting even manually), journalctl --disk-usage, --vacuum-size=500M (limit journal disk usage). SysV init legacy: runlevels 0 (halt), 1 (single-user), 2-4 (multi-user), 5 (multi-user with GUI), 6 (reboot) — init scripts in /etc/init.d/, managed with /etc/rc*.d/ symlinks.

LPIC-2 network service configuration. BIND DNS server: /etc/named.conf (global config), zone files define records. Zone file structure: $ORIGIN (default domain), $TTL (time to live for records), SOA record (Start of Authority — serial, refresh, retry, expire, minimum TTL), NS records (name servers), A records (hostname to IPv4), AAAA (IPv6), MX (mail server with priority), CNAME (canonical name alias), PTR (reverse lookup — IP to hostname). Serial number format: YYYYMMDDNN — increment after every zone change. DNS-over-TLS and DNSSEC for security. ISC DHCP server: /etc/dhcp/dhcpd.conf — subnet declarations, range statements, host declarations (static assignment by MAC address), options (routers, domain-name-servers, domain-name). DHCP lease process: DORA (Discover, Offer, Request, Acknowledge). Apache HTTP Server: /etc/httpd/conf/ or /etc/apache2/ — VirtualHost configuration (name-based virtual hosting — multiple websites on one IP), .htaccess (per-directory config — override main config), modules (mod_rewrite for URL rewriting, mod_ssl for HTTPS, mod_proxy for reverse proxy). Nginx: faster than Apache for static files, event-driven architecture, commonly used as reverse proxy in front of application servers.

LPIC-2 advanced security and HA. OpenVPN: SSL/TLS-based VPN — generates PKI (CA, server cert, client cert with easy-rsa), server.conf and client.ovpn configuration files, tun (routed L3) or tap (bridged L2) interface. iptables deep dive: tables (filter — packet filtering, nat — address translation, mangle — packet modification, raw), chains (INPUT, OUTPUT, FORWARD for filter; PREROUTING, POSTROUTING for nat), targets (ACCEPT, DROP, REJECT, LOG, DNAT, SNAT, MASQUERADE). nftables: modern replacement for iptables — table > chain > rule hierarchy, single tool replaces iptables/ip6tables/arptables. Fail2ban: intrusion prevention — monitors log files (SSH auth, Apache access logs) for repeated failed attempts, blocks source IPs with iptables rules after threshold. Linux HA clustering: corosync (messaging layer — cluster communication and quorum), pacemaker (resource manager — manages services, VIP, storage across cluster nodes). DRBD (Distributed Replicated Block Device): real-time block device replication between two nodes — primary/secondary or dual-primary mode, used as shared storage for HA clusters without a SAN.