Fondamenti di Internet: “forwarding dei pacchetti e tabelle di routing”

Fondamenti di Internet:
“forwarding dei pacchetti e tabelle
di routing”
http://netgroup.uniroma2.it/
How to unsubscribe from a Mailing List
•  Connect to the Mailing List management site
•  Insert the password (if you have forgotten
require it by mail)
•  Unsubscribe from the ML
Example: http://lists.uniroma2.it/index.html
…or in some case is used the unsubscribe mail
Example: [email protected]
Forwarding and routing
•  Forwarding: relaying of packets from one
network interface to another using informations
stored in the routing table(s)
•  Routing: selection of the best path through the
nodes of a complex network. Set up routes into
the routing table(s)
Static and dynamic routing
•  Static routing: manual configuration of routes in
the routing table(s); suitable for small networks
(e.g ten nodes)
•  Dynamic routing: using of specific routing
protocols to automatically configure the routing
tables of nodes
  Distance vector
  Link state
Managing routing tables, linux case
How to?... IProute2 !!! 
The command:
ip route <options>
Show the routing table:
ip route show
ip route show
10.0.0.0/30 dev sl0 proto kernel scope link src 10.0.0.1
192.168.100.0/24 dev eth0 proto kernel scope link src 192.168.100.41
160.80.0.0/16 dev eth1 proto kernel scope link src 160.80.103.105
default via 160.80.80.1 dev eth1
Enabling packet forwarding in linux kernel (enabled in netkit):
# echo 1 > /proc/sys/net/ipv4/ip_forward
Setting up static routes
•  Local forwarding: routes automatically recorded
in the routing table at the address configuration
of a network interface…why?
•  Static routes:
# ip route add NETWORK/MASK via NEXT_HOP
•  Example:
# ip route add 192.168.1.0/24 via 10.0.0.1
IPROUTE2 Summary
Comando
Significato
ip link set dev eth1 up
Abilita l’interfaccia eth1
ip address add 192.168.1.1/24 dev eth1
Assegna l’indirizzo 192.168.1.1
all’interfaccia di rete eth1.
Imposta una regola della tabella di
routing per il forwarding in locale dei
pacchetti destinati ad host appartenent
alla rete 192.168.1.0/24
ip route add 10.0.0.0/24 via 192.168.1.1
Imposta una rotta verso la sottorete
10.0.0.0/24
ip link show
Visualizza lo stato di tutte le interfacce
ip address show
Visualizza gli indirizzi associati alle
varie interfacce della macchina
ip route show
Visualizza la tabella di routing
Exercise 1
Configure the two machines to communicate each other
PC1
In all exercises is used the network 160.80.0.0/16
PC2
Exercise 2
160.80.0.1/24
160.80.1.1/24
Router 1
160.80.0.2/24
PC1
160.80.1.2/24
PC2
What is the behavior of Router1 that must forward
a packet directed to 160.80.1.2 ?
Forwarding Decision (Router1) 1/2
Net
Netmask
Next HOP
Interface
160.80.1.0
255.255.255.0
local
eth0
160.80.2.0
255.255.255.0
local
eth1
160.80.2.2
AND
255.255.255.0
=
160.80.2.0
10100000
01010000
00000010
00000010
11111111
11111111
11111111
00000000
10100000
01010000
00000010
00000000
160.80.2.0 is equal to Net address ? (160.80.1.0)
NO
Go to the next entry of the routing table
Forwarding Decision (Router1) 2/2
Net
Netmask
Next HOP
Interface
160.80.1.0
255.255.255.0
local
eth0
160.80.2.0
255.255.255.0
local
eth1
160.80.2.2 10100000
AND
11111111
255.255.255.0
=
10100000
160.80.2.0
01010000
00000010
00000010
11111111
11111111
00000000
01010000
00000010
00000000
160.80.2.0 is equal to Net address ? (160.80.2.0)
YES
Forward to next hop (local forwarding) using interface eth1
Exercise 3
160.80.0.1/24
160.80.2.1/24
160.80.3.1/24
160.80.2.2/24
Router 1
Router 2
160.80.3.2/24
PC1
160.80.0.2/24
PC2
Forwarding Decision (Router1)
Net
Netmask
Next HOP
Interface
160.80.0.0
255.255.255.0
local
eth0
160.80.2.0
255.255.255.0
local
eth1
160.80.0.0
255.255.0.0
160.80.2.2
eth1
Both the entries are verified….what happens???
Longest prefix match
entry with the bigger netmask wins!
Exercise 4
160.80.0.65/26
160.80.0.1/26
160.80.0.66/26
160.80.0.130/26
Router 3
160.80.0.193/26
160.80.0.129/26
160.80.0.2/26
Router 1
Router 2
160.80.0.194/26
PC2
PC2
Default gateway
•  It’s clear if you understand Longest Prefix Match
rule
•  So this entry:
Net
Netmask
Next HOP
Interface
0.0.0.0
0.0.0.0
160.80.1.1
eth0
▫  is always verified
▫  but used only when there are no other more
specific routes