Playing with Linux Routing Tables

Playing with Linux Routing Tables

Hi people! Today we are going to do a simple but useful task using Linux routing tables. So let's get into it.

What is Routing?

Routing is a means of sending an IP packet from one point to another. For instance, when you send a message to your friend. How does it reach the destination?

Our system sends the packets that carry our message to our gateway. This gateway then forwards the packets to another gateway or router and the process continues until the packet reaches our friend's system.All this information on how packets are to be forwarded is stored in a kernel structure called a Routing Table.

Moreover, the system will create a network packet for the destination only if the IP falls in the range of the entries in the routing table otherwise packet will not even be created.

Here in below screenshot because I have deleted rule to access google.com from the routing table the packet will not be created and will directly say the network is unreachable

But when I try to ping 192.168.43.222 which doesn't exist but because its entry is in the routing table the packets will be created and sent.

VirtualBox_Ansible Controller Redhat_22_12_2020_15_49_12.png

Task

Now that we know what is routing table and what it is used for, let's do our task. So in this task, we try to manipulate the routing table in a way so that it can only access the Google servers.

Let's Start

So by default in Linux, we can ping all the servers around the world if we have proper connectivity. This is by default in the routing table. We can check the routing table using

route -n

or

ip route show

"route -n" has more human-readable syntax so we will go with that for this tutorial. So our initial routing table looks like this.

VirtualBox_Ansible Controller Redhat_22_12_2020_13_32_52.png

The first entry in the routing table says if we want to go to any IP in the world then we forward the request to our gateway which 192.168.43.1

So we need to delete this rule from the table. To delete the rule we can use

route -del -net 0.0.0.0/0

So now our rule has been removed.

VirtualBox_Ansible Controller Redhat_22_12_2020_13_34_00.png

Now we are cut-off from the internet completely.

VirtualBox_Ansible Controller Redhat_22_12_2020_13_34_53.png

VirtualBox_Ansible Controller Redhat_22_12_2020_13_35_41.png

Now if we want to connect only to google server then we can add a specific rule in the routing table which allows only google server IPs.But if you try to find the IP of google.com you will notice that IP keeps on changing.

It may be due to clusters of load balancers or similar used by Google to manage the huge amount of traffic it gets. We can use nslookup to check the IPs of google.

VirtualBox_Ansible Controller Redhat_22_12_2020_13_48_50.png

Here you can see it mostly ranges in 172.217.0.0/16 and 216.58.0.0/0, so we need to add these IP ranges in the routing table. We can do this by using

route add -net <IP_range> gw <gateway> <interface_name>

Here the pic of same.

VirtualBox_Ansible Controller Redhat_22_12_2020_13_36_36.png

VirtualBox_Ansible Controller Redhat_22_12_2020_13_38_20.png

Now let's test if it works.

VirtualBox_Ansible Controller Redhat_22_12_2020_13_39_11.png

VirtualBox_Ansible Controller Redhat_22_12_2020_13_40_51.png

As you can see now we can access the Google server but not any other like Facebook. So this completes our task.

This can useful in scenarios where admins want to restrict the access of the users to only some particular websites or similar. Yes, this also can be done with the firewalls but this is also another option if you need.

Thanks for your time. See you next time... !!

Did you find this article valuable?

Support Written Wisdom by becoming a sponsor. Any amount is appreciated!