Hi there! Today we are going to learn more about routing tables in Linux using a task. So let's get right into it.
Task
In this task we have three systems (nodecli , nodecli2 , nodecli3) and using concepts of subnet , netmask and routing table we are going to make a environment where A can ping to both B and C and vice-versa but B and C can't ping each other.
Let's Start
So to do this we first need to assign particular IP and netmask.We can assign IP manually using
ifconfig <interface_name> <IP/subent>
So we have three system :
- nodecli (System A) - 192.168.43.11/27
- nodecli2 (System B) - 192.168.43.101/27
- nodecli3 (System C) - 192.168.43.201/27
Now comes the main trick all these will not be able to ping each other being in a different subnet. So we need to modify each one's routing table so as to achieve the objective so let's see how it can be done.
We can add route to routing table using route add -net <network_name/subnet> <interface_name>
Here are the rule added to each of three machines.
Now what it does is that System A (nodecli) now knows the route to both B and C. but System B (nodecli2) and System C (nodecli3) only knows route to A and not to each other.
So now if we try to ping from these systems let's see what happens.
You can see nodecli2 (192.168.43.101) and nodecli3 (192.168.43.201) can not ping to each other but can ping to nodecli (192.168.43.11).
We have achieved what we wanted.
How it works ?
Now let's get some understanding of the routing tables.When we ping , a network packet is created by the system and will be sent to interface card and transmitted to the network. But how system gets to know when to create the packet and when not to ? Yes, the answer is Routing table. What actually happens is that when we try to ping an IP, the system checks if there is a route to the destination IP in the routing table?
If there is the packet will be created and transmitted but if there is not route to destination IP then the packet won't even be created by the system. It will directly say "Network Unreachable" which is shown in above screenshots.
Let me show this by a demo using same environment we have built above.What we are going to do is that in nodecli2 (192.168.43.101) we will try to ping two IPs
IP which is in the routing table but has not been assigned to any system.
IP which is not in the routing table
And let's see what we get.
NOTE : Knowledge of subnets and netmask is required to understand properly
If you observe this above screenshot nodecli2's routing table knows the route to IPs in range 192.168.43.0 - 192.168.43.31 and 192.168.43.96 - 192.168.43.127
So when we try to ping 192.168.43.105 and because it falls in the routing range the packet is create and transmitted by the system as you can see but because the host is down or IP is not assigned to any system it does not get a reply back and thus we get "Host unreachable" error.
But when we try to ping 192.168.43.145 which is not in the routable range the system doesn't even create a packet and directly says "network unreachable"
This is how the routing table works and we can use it to modify it to suit our use cases.That's it for this one