In Lab 9 in Networking course, we were requested to do a routing exercise, this is a very helpful practice to understand basics about the way that it works. We learned how different nets can “see” each other and how to set a basic router configuration for this purpose.
The instructions for this Lab were as follows:
Set up THREE networks:
- Network A: 11.0.0.0/8,
- Network B: 172.17.0.0/16, and
- Network C: 192.168.2.0/24
Setup THREE Hosts, one in each network
- Host A: 11.0.0.1
- Host B: 172.17.0.1
- Host C: 192.168.2.1
Setup TWO Linux routers: Router R-ab and R-bc
- Router R-ab: eth0 11.0.0.254, eth1 172.17.0.254
- Router R-bc: eth0 172.17.254.254, eth1 192.168.2.254
Use the ping command to verify that ALL 5 Linux systems (three hosts and two routers) can communicate with each other.
…………………………………………………………………………………………………………………………………………………………………………………………………………
Setting the network
For this we chose 5 machines from our laboratory where 2 of them would do the router roll.
In our Lab, every n minutes the dhcp service is updating/checking the IP Addresses in every host, so, in order to avoid changes in the configuration that we are about to make, is necessary to find the dhclient process and kill it.
# ps aux | grep dhclient | grep -v grep
# kill -9 processnumber
After that, the IP addresses can be set (ifconfig command):
– – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – –
Host A: #ifconfig eth1 11.0.0.1 netmask 255.0.0.0 broadcast 11.255.255.255
– – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – –
Host B: #ifconfig eth1 172.17.0.1 netmask 255.255.0.0 broadcast 172.17.255.255
– – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – –
Host C: #ifconfig eth1 192.168.2.1 netmask 255.255.255.0 broadcast 192.168.2.255
– – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – –
In Router AB:
# ifconfig eth1 172.17.0.254 netmask 255.255.0.0 broadcast 172.17.255.255
# ifconfig eth0 11.0.0.254 netmask 255.0.0.0 broadcast 11.255.255.255
– – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – –
In Router BC:
#ifconfig eth1 172.17.254.254 netmask 255.255.0.0 broadcast 172.17.255.255
#ifconfig eth2 192.168.2.254 netmask 255.255.255.0 broadcast 192.168.2.255
– – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – –
Now the next step is set the routing tables in each machine (route command):
– – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – –
Host A:
# route add -net 172.17.0.0 netmask 255.255.0.0 gw 11.0.0.254
# route add -net 192.168.2.0 netmask 255.255.255.0 gw 11.0.0.254
– – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – –
Host B:
# route add -net 11.0.0.0 netmask 255.0.0.0 gw 172.17.0.254
# route add -net 192.168.2.0 netmask 255.255.255.0 gw 172.17.254.254
– – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – –
Host C:
# route add -net 11.0.0.0 netmask 255.0.0.0 gw 192.168.2.254
# route add -net 172.17.0.0 netmask 255.255.0.0 gw 192.168.2.254
– – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – –
In Router AB: # route add -net 192.168.2.0 netmask 255.255.255.0 gw 172.17.254.254
– – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – –
In Router BC: # route add -net 11.0.0.0 netmask 255.0.0.0 gw 172.17.0.254
– – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – –
Also is necessary turn the IP packet forwarding on in each router, we can do this in the command line (the changes won’t be kept after rebooting):
# echo “1” > /proc/sys/net/ipv4/ip_forward
OR by editing the file: /etc/sysctl.conf (change the net.ipv4.ip_forward value from 0 to 1 in the correspondent line):
# Controls IP packet forwarding
net.ipv4.ip_forward = 1
After that is necessary run this command (in this way the changes will be permanent even after reboot):
#sysctl -p
Here some information about this:
“When IP forwarding is enabled, the operating system kernel will act as a router. For the Linux kernel, the parameter net.ipv4.ip_forward can be set to 1 to enable this behaviour. In FreeBSD, NetBSD and OpenBSD the parameter is net.inet.ip.forwarding.
In most systems, the command sysctl -w parameter=1 will enable the desired behaviour. This will persist until the next reboot. If the behaviour should be enabled whenever the system boots, the line parameter=1 can be added to the file /etc/sysctl.conf.
(From Parameters Section…)
-p Load in sysctl settings from the file specified or /etc/sysctl.conf if none given. Specifying – as filename means reading data from standard input.” [1]
The result network is represented in this diagram:
(click on the figure to enlarge)
…………………………………………………………………………………………………………………………………………………………………………………………………………
Command “route -n”
To see the routing table the command route -n is used (the parameter -n shows numerical addresses instead of trying to determine symbolic host names [2]), as an example, I want to show the routing table of host B in different stages.
It was looking like this just after add the net 11.0.0.0/8:
# route add -net 11.0.0.0 netmask 255.0.0.0 gw 172.17.0.254
# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
172.17.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth1
11.0.0.0 172.17.0.254 255.0.0.0 UG 0 0 0 eth1
I can read it like this:
My net is 172.17.0.0 (no gateway)
I can reach the net 11.0.0.0 trough the gateway 172.17.0.254
Later on, after add the net 192.168.2.0 the routing table was showed like this:
# route add -net 192.168.2.0 netmask 255.255.255.0 gw 172.17.254.254
# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.2.0 172.17.254.254 255.255.255.0 UG 0 0 0 eth1
172.17.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth1
11.0.0.0 172.17.0.254 255.0.0.0 UG 0 0 0 eth1
also readable like: now I can reach the net 192.168.2.0 trough the gateway 172.17.254.254 as well.
At the end we were able to send a successful ping signal to any host in the net.
…………………………………………………………………………………………………………………………………………………………………………………………………………
[1] Wikipedia.
[2] Man pages.
Starting a New Experience: Fedora Linux 