Unix: Getting from here to there (routing basics)

Posted by Unknown Sabtu, 10 Agustus 2013 0 komentar
http://www.itworld.com/networking/367760/unix-getting-here-there-routing-basics

You need to understanding routing tables if you're going to do any kind of network troubleshooting. Let's take a look at what Linux commands can tell you about how your system is making connections.

What is routing? It's the set of rules that govern how you make connections to other systems. Any time you make a connection from one system to another system -- whether you're sending email, transferring a set of files or logging in with ssh -- you're routing. And, since most connections aren't direct (in other words, they're travelling through one or more system en route to the target), most of the time you're going to be crossing a router -- or maybe a long series of routers -- to get there.
To view the routing table on a Linux system, use the netstat -rn command. The output of this command will tell you how connections you initiate are going to be handled. The routing table on most Linux systems will look something like this:
$ netstat -rn
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0
0.0.0.0 192.168.0.1 0.0.0.0 UG 0 0 0 eth0
The fields in this output are:
Destination -- where the connections are headed. This can be a specific network, one particular system or everything not covered by some other routing entry (i.e., the default).
Gateway -- where those connections first have to go before being sent to the ultimate destination. This can be a local router or a "0.0.0.0" (no router involved) kind of entry.
Genmask -- the network mask that determines what systems are covered by your destination.
Flags -- indicators that tell you more about each routing table entry (e.g., whether it's a gateway).
MSS -- maximum segment size
Window -- size of packet that can be transmitted
irtt -- initial round trip time
Iface -- the network interface that is involved
For several of these settings, a size of 0 means that the default value is being used.
Now, let's examine this output line by line.

Line 1

First, 192.168.0.0 is the local network. How do you know this? Well, with a gateway of 0.0.0.0, connections clearly aren't going through another system.

  0.0.0.0 in this position in the routing table means your system will send packets directly to the target system (i.e., not through a router).
You can confirm that your system is, indeed, on the 192.168.0.0/24 network by running ifconfig.
$ ifconfig
eth0 Link encap:Ethernet HWaddr 00:16:35:69:BD:79
inet addr:192.168.0.11 Bcast:192.168.0.255 Mask:255.255.255.0
inet6 addr: fe88::211:35aa:fe66:bd79/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:64419467 errors:0 dropped:0 overruns:0 frame:1
TX packets:62220642 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:4012707801 (3.7 GiB) TX bytes:382601808 (364.8 MiB)
Interrupt:217 Memory:fdef0000-fdf00000

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:433441 errors:0 dropped:0 overruns:0 frame:0
TX packets:433441 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:36036194 (34.3 MiB) TX bytes:36036194 (34.3 MiB)
The lo entry represents the loopback interface. If you have additional network interfaces, you will need to add the -a option to have them reported as well.
The network mask or "Genmask" of 255.255.255.0 tells us that our address space for this route is 192.168.0.0/24. The use of 192.168.0.0 is not surprising for a small LAN. It's one of the three internal IP ranges that anyone can use and the one that is the one most commonly used on small routers. The destination address of 192.168.0.0 with the 255.255.255.0 mask means any address between 192.168.0.1 and 192.168.0.254 (i.e., the local network) would be on the same LAN.
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
...
Notice the netmask is 255.255.255.0. So, this is the route you will use for any connections to other systems on the same LAN. The interface, which is likely the only one of this system, is eth0. And the flag set to U tells you this route is up.
Flags can have various values, although the most commonly seen are U and G. Here they are with some of the other flags you might see.

  • U - route is up
  • H - target is a host (i.e., only that host can be reached through that route)
  • G - route is to a gateway
  • R - reinstate route for dynamic routing
  • D - dynamically installed by daemon or redirect
  • M - modified from routing daemon or redirect
  • A - installed by addrconf
  • C - cache entry
  • !
 - reject route

Line 2

$ netstat -rn
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
...
169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0
...

The 169.254.0.0 entry requires some explanation. This is a link-local address -- a special address defined in RFC 5735 for link-local addressing. Its appearance in your netstat output doesn't mean it's being used. It just shows up unless you take steps to remove it. A link-local address is an Internet Protocol address that is intended only for communications within the segment of a local network (a link) or a point-to-point connection that a host is connected to. Routers do not forward packets with link-local addresses.
You can add NOZEROCONF=yes at the end of your /etc/sysconfig/network file to remove this additional route, though it does no harm being there.
$ cat /etc/sysconfig/network
NETWORKING=yes
NETWORKING_IPV6=no
HOSTNAME=vader.aacc.edu

Line 3

Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
...
0.0.0.0 192.168.0.1 0.0.0.0 UG 0 0 0 eth0
0.0.0.0 is your default route. This is where connections are routed whenever those connections aren't headed for the local network segment or other specific routes. If you use the command netstat -r (without the -n option) , the word "default" will appear in place of 0.0.0.0. The -n option suppresses translation of addresses to symbolic names.
$ netstat -r
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
192.168.0.0 * 255.255.255.0 U 0 0 0 eth0
169.254.0.0 * 255.255.0.0 U 0 0 0 eth0
default pix 0.0.0.0 UG 0 0 0 eth0
This also shows the name of the gateway -- appearently a Cisco PIX router.
Think of the default route as "everywhere else". In this case, we can see that to connect to systems anywhere other than the local network, we have to go through 192.168.0.1. Most network admins will use the .1 address of each LAN for its router -- a very is a sensible convention.
So, if your connection is headed anywhere else, you need to go through the gateway listed in the second column -- generally your default router.
The flags for the default route line clearly include G, confirming that this is a router or "gateway".

Using traceroute

If you want to see the specific route that a connection might take and get an idea how well that route performs, then traceroute is the command to use. This command will display each hop that a connection might take and will show you how long each hop takes.

  The traceroute command does this by sending a number of echo request packets (like ping does) but with varying time-to-live (TTL) settings so that it can calculate the time that each hop requires. For example, for the first hop, the TTL is set to 1. For the second hop, it's set to 2, etc.
$ traceroute world.std.com
traceroute to world.std.com (192.74.137.5), 30 hops max, 40 byte packets
1 * * *
2 gig0-8.umcp-core.net.ums.edu (136.160.255.33) 2.634 ms 2.632 ms 2.610 ms
3 ten2-0.stpaul-core.net.ums.edu (136.160.255.198) 3.515 ms 3.508 ms 3.486 ms
4 te4-3.ccr01.bwi01.atlas.cogentco.com (38.104.12.17) 4.169 ms 4.163 ms 4.143
ms
5 te4-2.ccr01.phl01.atlas.cogentco.com (154.54.2.174) 6.268 ms 6.262 ms
te3-3.ccr01.phl01.atlas.cogentco.com (154.54.83.221) 6.950 ms
6 te0-0-0-19.mpd21.jfk02.atlas.cogentco.com (154.54.2.110) 9.835 ms
te0-0-0-7.ccr22.jfk02.atlas.cogentco.com (154.54.31.53) 8.937 ms 8.925 ms
7 te0-1-0-4.ccr22.bos01.atlas.cogentco.com (154.54.6.9) 14.768 ms
te0-2-0-6.ccr22.bos01.atlas.cogentco.com (154.54.44.58) 14.129 ms te0-1-0-
2.ccr21.bos01.atlas.cogentco.com (154.54.44.6) 14.740 ms
8 te4-1.mag01.bos01.atlas.cogentco.com (154.54.43.50) 14.450 ms
te7-1.mag02.bos01.atlas.cogentco.com (154.54.7.42) 13.859 ms
te4-1.mag01.bos01.atlas.cogentco.com
(154.54.43.50) 14.816 ms
9 vl3884.na31.b000502-0.bos01.atlas.cogentco.com (38.20.55.82) 18.336 ms 16.398
ms 16.699 ms
10 cogent.bos.ma.towerstream.com (38.104.186.82) 13.925 ms 13.840 ms 13.720 ms
11 g6-2.cr.bos1.ma.towerstream.com (64.119.143.81) 21.495 ms 15.647 ms 15.458 ms
12 69.38.149.18 (69.38.149.18) 33.680 ms 33.602 ms 33.419 ms
13 64.119.137.154 (64.119.137.154) 31.961 ms 30.079 ms *
14 world.std.com (192.74.137.5) 34.695 ms 34.698 ms 34.159 ms
The ping command is popularly used to test connectivity with a remote system and verifies that you can (or can't) reach the remote system.

Route Caching

The route -Cn command displays routing cache information. This shows routes associated with active connections. Linux caches this information so that it can route packets faster.
route -Cn
Kernel IP routing cache
Source Destination Gateway Flags Metric Ref Use Iface
192.168.0.3 192.168.0.6 192.168.0.6 il 0 0 13 lo
192.168.0.6 204.111.97.254 192.168.0.1 0 0 0 eth0
192.168.0.6 204.111.97.254 192.168.0.1 0 2 0 eth0
192.168.0.6 204.111.97.254 192.168.0.1 0 0 4 eth0
192.168.0.6 192.168.0.3 192.168.0.3 0 1 0 eth0
204.111.97.254 192.168.0.6 192.168.0.6 l 0 0 79 lo

Rejecting connections


You can also specifically reject specific network connections using route commands.

  Using a command such as this one, you would redirect connections to a system you don't want to permit to your loopback interface.
# route add 66.55.44.33 gw 127.0.0.1 lo
To reverse this, you would do this:
# route delete 66.55.44.33
You could also do block connections to a particular system or subnet using a command such as these:
# route add -host 66.55.44.33 reject
# route add -net 66.55.44.0/24 reject

Wrap Up


Managing routing configuration on Linux systems is relatively easy, but a good handle on what the basic commands can tell you and do for you is essential.
TERIMA KASIH ATAS KUNJUNGAN SAUDARA
Judul: Unix: Getting from here to there (routing basics)
Ditulis oleh Unknown
Rating Blog 5 dari 5
Semoga artikel ini bermanfaat bagi saudara. Jika ingin mengutip, baik itu sebagian atau keseluruhan dari isi artikel ini harap menyertakan link dofollow ke http://androidjapane.blogspot.com/2013/08/unix-getting-from-here-to-there-routing.html. Terima kasih sudah singgah membaca artikel ini.

0 komentar:

Posting Komentar

Trik SEO Terbaru support Online Shop Baju Wanita - Original design by Bamz | Copyright of android japan.