Playing with Linux Routing Tables (Part : 2)

Playing with Linux Routing Tables (Part : 2)

Hi there! Today we are going to learn more about routing tables in Linux using a task. So let's get right into it.

Task

In this task we have three systems (nodecli , nodecli2 , nodecli3) and using concepts of subnet , netmask and routing table we are going to make a environment where A can ping to both B and C and vice-versa but B and C can't ping each other.

autodraw 12_30_2020.png

Let's Start

So to do this we first need to assign particular IP and netmask.We can assign IP manually using

ifconfig <interface_name> <IP/subent>

So we have three system :

  • nodecli (System A) - 192.168.43.11/27
  • nodecli2 (System B) - 192.168.43.101/27
  • nodecli3 (System C) - 192.168.43.201/27

VirtualBox_Absible Node CLI_30_12_2020_14_24_34.png

VirtualBox_Ansible CLI 2_30_12_2020_14_24_48.png

VirtualBox_Ansible CLI 3_30_12_2020_14_24_57.png

Now comes the main trick all these will not be able to ping each other being in a different subnet. So we need to modify each one's routing table so as to achieve the objective so let's see how it can be done.

We can add route to routing table using route add -net <network_name/subnet> <interface_name>

Here are the rule added to each of three machines.

VirtualBox_Absible Node CLI_30_12_2020_14_29_32.png

VirtualBox_Ansible CLI 2_30_12_2020_14_29_46.png

VirtualBox_Ansible CLI 3_30_12_2020_14_29_55.png

Now what it does is that System A (nodecli) now knows the route to both B and C. but System B (nodecli2) and System C (nodecli3) only knows route to A and not to each other.

So now if we try to ping from these systems let's see what happens.

VirtualBox_Absible Node CLI_30_12_2020_14_32_27.png

VirtualBox_Ansible CLI 2_30_12_2020_14_32_39.png

VirtualBox_Ansible CLI 3_30_12_2020_14_32_50.png

You can see nodecli2 (192.168.43.101) and nodecli3 (192.168.43.201) can not ping to each other but can ping to nodecli (192.168.43.11).

We have achieved what we wanted.

How it works ?

Now let's get some understanding of the routing tables.When we ping , a network packet is created by the system and will be sent to interface card and transmitted to the network. But how system gets to know when to create the packet and when not to ? Yes, the answer is Routing table. What actually happens is that when we try to ping an IP, the system checks if there is a route to the destination IP in the routing table?

If there is the packet will be created and transmitted but if there is not route to destination IP then the packet won't even be created by the system. It will directly say "Network Unreachable" which is shown in above screenshots.

Let me show this by a demo using same environment we have built above.What we are going to do is that in nodecli2 (192.168.43.101) we will try to ping two IPs

  1. IP which is in the routing table but has not been assigned to any system.

  2. IP which is not in the routing table

And let's see what we get.

VirtualBox_Ansible CLI 2_30_12_2020_14_35_11.png

NOTE : Knowledge of subnets and netmask is required to understand properly

If you observe this above screenshot nodecli2's routing table knows the route to IPs in range 192.168.43.0 - 192.168.43.31 and 192.168.43.96 - 192.168.43.127

So when we try to ping 192.168.43.105 and because it falls in the routing range the packet is create and transmitted by the system as you can see but because the host is down or IP is not assigned to any system it does not get a reply back and thus we get "Host unreachable" error.

But when we try to ping 192.168.43.145 which is not in the routable range the system doesn't even create a packet and directly says "network unreachable"

This is how the routing table works and we can use it to modify it to suit our use cases.That's it for this one

Thanks for your time.See you next time....!!

Did you find this article valuable?

Support Written Wisdom by becoming a sponsor. Any amount is appreciated!