Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 7 years ago.
Improve this question
Could you please explain the following basic ip routing table:
Destination Gateway Genmask Flags Metric Ref Use Iface
10.80.0.0 192.176.20.1 255.255.255.0 UG 0 0 0 eth0
192.176.100.0 * 255.255.255.0 U 0 0 0 int1
10.1.1.0 192.176.20.1 255.255.255.0 UG 0 0 0 eth0
10.13.1.0 192.176.100.1 255.255.255.0 UG 0 0 0 int1
192.176.0.0 * 255.255.0.0 U 1 0 0 eth0
default 192.176.20.2 0.0.0.0 UG 0 0 0 eth0
Well you have 2 local interfaces on the router; eth0 and int1. I guess it's easiest to go through line by line of the routing table.
Destination Gateway Genmask Flags Metric Ref Use Iface
10.80.0.0 192.176.20.1 255.255.255.0 UG 0 0 0 eth0
This states that any packet with a destination of 10.80.0.0/24 will be sent out eth0 using a gateway of 192.176.20.1.
Destination Gateway Genmask Flags Metric Ref Use Iface
192.176.100.0 * 255.255.255.0 U 0 0 0 int1
This states that any packet with a destination of 192.176.100.0/24 will be sent out int1 without using a gateway.
Destination Gateway Genmask Flags Metric Ref Use Iface
10.1.1.0 192.176.20.1 255.255.255.0 UG 0 0 0 eth0
This states that any packet with a destination of 10.1.1.0/24 will be sent out eth0 using a gateway of 192.176.20.1.
Destination Gateway Genmask Flags Metric Ref Use Iface
10.13.1.0 192.176.100.1 255.255.255.0 UG 0 0 0 int1
This states that any packet with a destination of 10.13.1.0/24 will be sent out int1 using a gateway of 192.176.100.1.
Destination Gateway Genmask Flags Metric Ref Use Iface
192.176.0.0 * 255.255.0.0 U 1 0 0 eth0
This states that any packet with a destination of 192.176.0.0/16 will be sent out eth0 without using a gateway.
Destination Gateway Genmask Flags Metric Ref Use Iface
default 192.176.20.2 0.0.0.0 UG 0 0 0 eth0
This states that any packet that doesn't match any of the above routes will be forwarded out eth0 with a gateway of 192.176.20.2. Most likely a route to the internet (also called Gateway of Last Resort, if I'm not mistaken).
If you need more information, don't hesitate to ask.
Extra info on the specifics: http://www.cyberciti.biz/faq/what-is-a-routing-table/
Destination = the address of the network that the packet is headed to
The "default" means that if the destination is not found in any of the other rules, than use this rule.
Genmask = The subnet mask
If there is more than one address in the routing table that works for the outgoing packet, the rule with the higher subnet mask will be used. If those are tied, then metric comes into play but that will be different based on what protocol is being used.
Interface = On-board connection
For example, the laptop I am on currently has three interfaces:
Ethernet card
Wireless card
Bluetooth
Routers generally have at least 2 interfaces for each side, 1 for each network they are a part of. For most home routers, 1 interface is part of your home network and the other is part of the external network (usually the internet) headed toward your ISP.
Gateway = Next hop
This is where the packet will be sent if the destination is not on the same network as the sender.
If the value is "*" or "On-link" or the address of the current device... these all mean the same thing. It means that the packet is addressed to a device that is directly reachable by the current host. In other words, they're on the same network so the gateway won't actually be used because the host will know the data link layer (MAC) address of the destination and be able to send it directly there. These values are just used for human readability in this case.
As for the process of sending a packet:
Destination and Genmask are used to figure out which rules are a
match for the destination address of the outgoing packet.
Interface is used to decide what communication device on the machine
to send it through.
Gateway is the address of the device on the same network that it will
send the packet to.
Related
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 5 years ago.
Improve this question
I use NetworkManager to connect to VPN servers. My VPN has multiple servers, so I configured a dozen or so profiles. NetworkManager allows you to connect to multiple VPNs at once; if I do this, the routing table can end up with multiple default routes.
What does Linux do in this situation?
Is there any way to configure it so that it'll pick faster gateways?
Example (partial table):
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 10.8.8.1 0.0.0.0 UG 50 0 0 tun0
0.0.0.0 10.7.7.1 0.0.0.0 UG 51 0 0 tun1
0.0.0.0 10.8.8.1 0.0.0.0 UG 52 0 0 tun2
0.0.0.0 10.7.7.1 0.0.0.0 UG 53 0 0 tun3
0.0.0.0 10.8.8.1 0.0.0.0 UG 54 0 0 tun4
0.0.0.0 192.168.50.1 0.0.0.0 UG 100 0 0 enp0s31f6
Your extra gateways have different metric (and possibly have different tables, post ip rule show and ip route list table TTT where TTT are all tables mentioned by ip rule show). Metric is documented in man 8 route http://man7.org/linux/man-pages/man8/route.8.html
metric M
set the metric field in the routing table (used by routing
daemons) to M. If this option is not specified the metric for
inet6 (IPv6) address family defaults to '1', for inet (IPv4)
it defaults to '0'. You should always specify an explicit
metric value to not rely on those defaults - they also differ
from iproute2.
Metric The 'distance' to the target (usually counted in hops).
Rules are https://serverfault.com/questions/648276/routing-selection-specificity-vs-metric:
Single routing table... In this case, the kernel chooses:
the most specific route;
if there are multiple equally specific routes, the one with the smallest kernel metric.
So, when there are no multiple routing tables, linux will use only one reachable gateway with lowest metric (it probably will not use gateway from offline network interface).
Is there any way to configure it so that it'll pick faster gateways?
No, when the gateway is not used, you can't check how fast it is. Also you can't afford personal computer to have own AS to legally have several gateways which can connect your single IP to the internet. (So, picking different gateway will break all your TCP and UDP connections, as you will use different IP address in the internet).
Route command output:
$ route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.2.10 0.0.0.0 UG 0 0 0 eth0
192.168.2.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
$
From the above output the following are the doubts I have:
What is 0.0.0.0 means in destination and gateway column
If the packet is sent from 192.168.2.36 ip, what is the gateway for that. It use 192.168.2.10 or 0.0.0.0
Lets consider I have one more network with ip 192.168.1.0. If the packet is sent from any of the host from this network, what is the
gateway for that ip.
What is default gateway.
On the first line, 0.0.0.0 in Genmask means there is no mask, i.e. in combination with a destination of 0.0.0.0, it means all destinations (the default gateway definition). On the second line, 0.0.0.0 in the gateway column means no gateway (directly connected the local subnet).
When routing, it does not matter where you are sending from, but where you are sending to.
Packets sent to network 192.168.1.0 will be routed using gateway 192.168.2.10, since the first line is the only one that matches destination 192.169.1.0.
192.168.2.10 (see answer 1).
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 4 years ago.
Improve this question
In Lab we have two hosts say A and B.
host A has two NIC and host B has single NIC (see below diagram for network topology)
NIC-1 of host A is connected to lab network and
NIC-2 of host A is connected directly (end-to-end) to host B
----------
| | -> NIC1 ------> Lab Network (10.203.194.0/24)
| | (eth0 - 10.203.194.247/24)
| host A | ----------
| | -> NIC2 -------> NIC1 | host B |
----------- (eth1 - 10.203.209.230/24) -----------
(eth0 - 10.203.194.163/24)
From host A, I was able to ping 'lab network' whereas I couldn't connect/ping host B (10.203.194.163). I find a routing table of host A has default gw to lab network.
What changes were required to connect Lab network and host B FROM host A.
I can go for a bridge connection connecting both eth0 and eth1 interface in host A; but I don't prefer that option because host B should not recieve any packet specific to lab network and that is the reason I did not connect host B directly to lab network.
I am looking for some routing option that is specific to the destination/source and the interface has to be decided based on that.
Finally, I was able to resolve the issue by simply adding the rule in the route table.
$>route add –host 10.203.194.163 dev eth1
and now my routing table looks like:
Destination Gateway Genmask Flags MSS Windows irtt Iface
10.203.194.163 0.0.0.0 255.255.255.255 UH 0 0 0 eth1
10.203.194.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
0.0.0.0 10.203.194.1 0.0.0.0 UG 0 0 0 eth0
and when I ping from host B to host A and running tcpdump on eth0, I won't get any ICMP packets and in eth1 I can see all ICMP packets from host B :)
A server with double interfaces.
One(eht0) is used for WAN which provides http/ssh services for internet users.
The other(eth1) is used to receive multicast data from intranet.
218.108.132.177 is public network gateway.
125.210.198.1 is private network gateway.
233.49.3.*/24 is multicast address.
10.0.11.*/24 is the source of multicast data.
When the route table is like below, ffmpeg can't read the udp data from eth1, ffmpeg hung up:
rrca#rcasnap02:~$ route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
218.108.132.176 * 255.255.255.252 U 0 0 0 eth0
125.210.198.0 * 255.255.255.240 U 0 0 0 eth1
default 218.108.132.177 0.0.0.0 UG 100 0 0 eth0
default 125.210.198.1 0.0.0.0 UG 100 0 0 eth1
or
rrca#rcasnap02:~$ route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
218.108.132.176 * 255.255.255.252 U 0 0 0 eth0
125.210.198.0 * 255.255.255.240 U 0 0 0 eth1
default 218.108.132.177 0.0.0.0 UG 100 0 0 eth0
10.0.11.0 125.210.198.1 0.0.0.0 UG 100 0 0 eth1
or
rrca#rcasnap02:~$ route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
218.108.132.176 * 255.255.255.252 U 0 0 0 eth0
125.210.198.0 * 255.255.255.240 U 0 0 0 eth1
default 218.108.132.177 0.0.0.0 UG 100 0 0 eth0
233.49.3.0 125.210.198.1 255.255.255.0 UG 100 0 0 eth1
I want to the ffmpeg work right,but now I think the two default route in route table disturb eachother, and I take a try, when the public gateway route is deleted, or the private gateway route is at the head of public default gateway route, ffmpeg works well, I think it read multicast from eth1.But the route table is not thus, ffmpeg can't read data from eth1, I think it read data on eth0(which is not private network interface).
How to do ffmpeg works well with two interfaces at the same time?
You need to configure the correct route for multicast traffic. The kernel does an origin check on all incoming multicast traffic: if it arrives on a different interface from the one it would use to send such traffic it's dropped.
Just set a route for multicast on your eth1 interface:
# route add -net 224.0.0.0/8 dev eth1
Alternatively, disable the origin checking:
# echo 0 > /proc/sys/net/ipv4/conf/eth1/rp_filter
While the answer is correct in that a route is required, I had to route 224.0.0.0/4 (which includes up to 239.255.255.255) as my device was sending the video stream to 239.255.42.42
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 6 years ago.
Improve this question
I have a system with 2 interfaces eth0, and eth1.
eth0 is 192.168.0.250 and connected to gateway 192.168.0.2.
eth1 is connected to 192.123.123.10 via a swtich.
I am trying to route packets from 192.123.123.10 to gateway 192.168.0.2, which means I need to route 192.123.123.x packets coming into eth1 interface out via eth0 interface.
I set ip_forward file to 1.
I ran this command:
route add -net 192.123.0.0 netmask 255.255.255.0 dev eth0
route add default gw 192.168.0.2
I can ping from 129.123.123.10 to 192.168.0.250, but I can't ping to 192.168.0.2
I think the packets are not being forwarded to eth0.
My routing table looks something like this:
gteway Genmask Flags Ref Iface
192.123.123.0 * 255.255.255.0 U eth1
192.168.0.0 * 255.255.255.0 U eth0
192.123.0.0 * 255.255.255.0 U eth0
default 192.168.0.2 0.0.0.0 UG eth0
Can anyone tell me what is missing?
Thank you in advance.
You are missing your back path route.
The host 192.168.0.2 see packet coming from 192.123.123.10 but he doesn't know how to route the reply packet back since it doesn't have the return route.
You can do two things:
1- create a route on 192.168.0.2 machine to handle traffic directed to 192.123.123.0/24
2- NAT on your 192.168.0.250 host with the command below:
iptables -t nat -A POSTROUTING -s 129.123.123.0/24 -j SNAT --to-source 192.168.0.250
It's not your routing table on this system that you need to be concerned about. It's the routing tables of the other systems. 192.168.0.2 knows nothing about the 192.123.X.X network being routed to 192.168.0.250. Similarly the hosts on 192.123.X.X need to route the 192.168.X.X network over to 192.123.123.10.
I'm fairly certain this can be achieved using iptables and port forwarding rules. There is some more information here http://www.revsys.com/writings/quicktips/nat.html about how to forward packets between interfaces.