Does locally originated routes next hop always 0.0.0.0? - bgp

Does locally originated routes will always have next hop 0.0.0.0? and there is situation the a route that is no locally originated will have 0.0.0.0 as next hop?
If yes, how can I differ between the two? thank you

Locally injected routes will always have a next hop of 0.0.0.0 which means this is local to the router itself (connected), or learned from an IGP and injected into BGP with the 'network' command.
These local routes will always have a weight of 32768 (highest) and will always be preferred.
If it's not one of the two I described above, it won't have 0.0.0.0 as the next hop.

Related

Why can 0.0.0.0 in /etc/hosts block a certain website?

Hereafter we take only ipv4 into account. While looking for a way to block a certain website without any browser plugin, I found this question: Blocking Websites with /etc/hosts. According to the accepted answer, just adding
0.0.0.0 <domain>
to /etc/hosts can block an access to the domain <domain>. And this worked like a charm. But why does this work that way?
Experiments
Assume a website X.com loads some scripts from Y.com, and I added 0.0.0.0 Y.com to /etc/hosts to block the scripts to be loaded.
When I directly type Y.com or 0.0.0.0 in the browser's address bar, it is routable and leads me to my local website localhost:8080.
However, when I access X.com, Y.com is totally blocked. By "totally" I mean Y.com cannot be accessed not due to Timeout nor Not Found nor Forbidden; as far as I inspect Network Monitor in Firefox, the browser doesn't even try to access Y.com in the first place†1, which implies the meaning of 0.0.0.0 here is different from the first result above.
†1: Or, perhaps, it actually tries to access Y.com but returns instantly with no result. If so, I don't understand why it returns instantly without waiting for (dozens of) seconds for timeout.
Questions
In this case, who interprets 0.0.0.0? A browser?
Why does a indirect reference to 0.0.0.0 (Experiment 2) mean "this should be blocked" while a direct access to 0.0.0.0 (Experiment 1) means "this should be connected to the local website"?
0.0.0.0 - Wikipedia gives me a hint, but it doesn't explain in which context a certain meaning is chosen.
Environments:
Firefox 77.0.1 on Arch Linux
My Guess
After posting this question, I did some tests to find one fact:
Although many blog posts and answers on this website say 0.0.0.0 <domain> can be used to block <domain>, actually it does not block the domain. Strictly speaking, it depends. Like a normal entry in /etc/hosts, 0.0.0.0 <domain> just converts an access to <domain> to an access to 0.0.0.0.
Because
0.0.0.0 is same as localhost in this context†2
and an access to 0.0.0.0 is instantaneous†3
, as far as you are not running a webserver on the host, 0.0.0.0 <domain> effectively blocks an access to <domain>.
When you are running a webserver,
An access to <domain>/<file> is effectively blocked if localhost/<file> doesn't exist. Note, however, since the webserver is accessed and returns 404, numerous accesses to <domain>/<file> may slow down your computer.
An unexpected result is observed if localhost/<file> does exist. If you are lucky, it just break the layout of a website. But generally it can be very dangerous.
So, in my guess, 0.0.0.0 <domain> is nothing more than a workaround; it works under limited environments.
†2: I don't yet understand why. Suspected reason: What does Chrome/server do when I use 0.0.0.0 instead of localhost in browser?
†3: For example, ping -c 1 0.0.0.0 returns in a moment. I don't know why. (Perhaps just because an access to a local interface is very fast?)
I'm on Artix linux here. 0.0.0.0 is non-routable for me. The linked wikipedia article says that 0.0.0.0 is a 'non-routable meta address'. It sounds like there's something in your configuration that is doing something (possibly) non-standard, resulting in a direct request for 0.0.0.0 or a website bound to that ip in /etc/hosts going to localhost. That makes sense if it's a 'meta-address' even though it's 'non-routable'. 'meta-address' implies some flexibility with respect to reference. 'non-routable' seems to be a very inflexible notion. But if you look at this SE post, it may actually be a little fuzzier than that:
https://networkengineering.stackexchange.com/questions/40328/what-is-a-routable-ip
I would guess that 'non-routable' in the general case just means you can't have a machine routing packets using that address. There's no reason why merely having it redirect to localhost should cause any problems. But as I said, on my artix linux machine, it appears to just point to nothing - and this is probably the standard behavior.
EDIT - according to RFC 8190 0.0.0.0 refers to "this network". The older RFC 6890 says it means "this host, this network":
https://www.rfc-editor.org/rfc/rfc8190
https://www.rfc-editor.org/rfc/rfc6890
So it sounds like using 0.0.0.0 to refer to localhost is perfectly valid.

Expose node js app with host as localhost on kubernetes

I have spent whole day looking for an answer why my node js app is not reachable from the internet when I run it on Kubernetes with loadbalancer as a service type. The solution was to change host from localhost to 0.0.0.0 in node js server app definition, but I still don’t know why?
I hope this saves one’s time in the future.
When you say that you set the host I guess you mean what the app is told to listen on in the listen function like express app server . listen all intefaces instead of localhost only You can bind to a particular address or leave it open to all by using the 0.0.0.0 mask (the zeros function as a mask for matching rather than a true IP address - https://stackoverflow.com/a/20778887/9705485).
I imagine you had your app running fine locally and were able to access it from your host machine with your localhost configuration. This would be because your local machine would be accessing it in a way that conforms to the mask. Your config was effectively saying only localhost can access this app. So when you ported to Kubernetes then your machine has to go over a network and the incoming connection was then your machine's external/public IP address, which then did not match the localhost mask. So to get it to work you changed the mask to make it open to all IPs.

Command to dump IP route

Is there any way to dump IP route so that I can save this dump in database and then execute the routing commands one by one without having any error. (I am not network guy but working on an application which interacts with the network)
Please note that currently I am using 'ip route list' but getting errors as these commands are not in proper order. Some of the gateways must be reachable first before routing other IP address from these gateways.
with a router, you can use the show ip route static to display the static route, for dynamic route, it has no meaning dump because they are all generate by the router.

Node.js net.createConnection via Promixo

I'm creating a connection via the net module in my Node.js application:
this.stream = net.createConnection(25, host, this._onConnect);
Which works absolutely fine, however I need to send this traffic through Proximo because my connection requires a static IP. I'm not familiar with the net module, so any help would be beneficial.
You shouldn't need to bind to anything or make any modifications to your code. As far as I know providing you've binded to the ip address that proximo gives you:
$ heroku addons:add proximo:development
Adding proximo to sharp-mountain-4005⦠done, v18 ($5/mo)
Your static IP address is 127.0.0.1
Your program will be wrapped in the proximo binary which routes all the TCP packets through the proxy. However you can limit the traffic with https://devcenter.heroku.com/articles/proximo#configuring-the-proximo-wrapper.
From my experience all the proximo setting up is on heroku's command line stuff.

linux add ip route then restore the old routes

I have a small software which connects to a pptp VPN server. It adds a route on if-up.d which routes all traffic through the VPN ip route change default via $PPP_LOCAL dev $IFNAME
Problem is that when I disconnect the VPN/close the software, the pptp connection closes but the routes are not restored. I've also added a delete route command in the if-down.d section to delete this route ip route del default via $PPP_LOCAL dev $IFNAME but my internet stops working. I have to "Disable/Enable networking" to have internet again.
This is a guess since I have no way of testing it, but instead of changing the default-route, could you just add another with a lower metric?

Resources