lab – static-routing - roma tre universityimpianti/vlab/public_doc/vlab-static-routing... · an...
TRANSCRIPT
lab – static-routing
static routes configuration
step1 – description of the networkhigh level view
r1 100.0.0.8/30
195.11.14.0/24 200.1.1.0/24
r2
pc1 pc2
step1 – description of the networkconfiguration details
collision domain A
r1 r2
collision domain C
collision domain B
pc1 pc2
eth0 eth0
eth0
eth1eth1
eth0
195.11.14.0/24 200.1.1.0/24
100.0.0.8/30
.5 .7
.1.1
.9 .10
step2 - creating the vm’s
user@localhost:~$ vstart pc1 --eth0=A --newuser@localhost:~$ vstart pc2 --eth0=C --new
two vm’s are routers, each one connected with two collision domains
user@localhost:~$ vstart r1 --eth0=A --eth1=B --newuser@localhost:~$ vstart r2 --eth0=C --eth1=B --new
two vm’s are pc’s, each one connected with one collision domain only
A
r1 r2
C
B
pc1 pc2
eth0 eth0
eth0
eth1eth1
eth0
step3 - ip interfaces configuration pc1:~# ifconfig eth0 195.11.14.5 up
pc2:~# ifconfig eth0 200.1.1.7 up
r1:~# ifconfig eth0 195.11.14.1 upr1:~# ifconfig eth1 100.0.0.9 netmask 255.255.255.252
broadcast 100.0.0.11 up
r2:~# ifconfig eth0 200.1.1.1 upr2:~# ifconfig eth1 100.0.0.10 netmask 255.255.255.252
broadcast 100.0.0.10 up
r1 r2
pc1 pc2
eth0 eth0
eth0
eth1eth1
eth0
195.11.14.5
100.0.0.9
195.11.14.1
200.1.1.7
200.1.1.1
100.0.0.10
step3 - ip interfaces configuration: testpc1:~# ping 195.11.14.1PING 195.11.14.1 (195.11.14.1): 56 data bytes64 bytes from 195.11.14.1: icmp_seq=0 ttl=255 time=4.1 ms64 bytes from 195.11.14.1: icmp_seq=1 ttl=255 time=1.2 ms64 bytes from 195.11.14.1: icmp_seq=2 ttl=255 time=1.1 ms64 bytes from 195.11.14.1: icmp_seq=3 ttl=255 time=1.1 ms--- 195.11.14.1 ping statistics ---4 packets transmitted, 4 packets received, 0% packet lossround-trip min/avg/max = 1.1/1.8/4.1 ms
interfaces on the same domain can be reached
r1 r2
pc1 pc2
eth0 eth0
eth0
eth1eth1
eth0
195.11.14.5
100.0.0.9
195.11.14.1
200.1.1.7
200.1.1.1
100.0.0.10
step3 - ip interfaces configuration: testpc1:~# ping 100.0.0.9PING 100.0.0.9 (100.0.0.9): 56 data bytesping: sendto: Network is unreachableping: wrote 100.0.0.9 64 chars, ret=-1ping: sendto: Network is unreachableping: wrote 100.0.0.9 64 chars, ret=-1--- 100.0.0.9 ping statistics ---2 packets transmitted, 0 packets received, 100% packet loss
interfaces on different domains cannot be reached!
can you say why?
r1 r2
pc1 pc2
eth0 eth0
eth0
eth1eth1
eth0
195.11.14.5
100.0.0.9
195.11.14.1
200.1.1.7
200.1.1.1
100.0.0.10
step3 - inspecting the routing tables
pc1:~# routeKernel IP routing tableDestination Gateway Genmask Flags Metric Ref Use Iface195.11.14.0 * 255.255.255.0 U 0 0 0 eth0
r1:~# routeKernel IP routing tableDestination Gateway Genmask Flags Metric Ref Use Iface100.0.0.8 * 255.255.255.252 U 0 0 0 eth1195.11.14.0 * 255.255.255.0 U 0 0 0 eth0
both routers and pc’s do not know how to reach networks that are not directly connected to them
directly connected networks are automatically inserted into the routing table when the corresponding ip interface is brought up
this is a common behavior of all ip devices (even real-world routers!)
step4 - pc’s default routes
pc1:~# route add default gw 195.11.14.1pc1:~# routeKernel IP routing tableDestination Gateway Genmask Flags Metric Ref Use Iface195.11.14.0 * 255.255.255.0 U 0 0 0 eth0default 195.11.14.1 0.0.0.0 UG 0 0 0 eth0
pc2:~# route add default gw 200.1.1.1pc2:~# routeKernel IP routing tableDestination Gateway Genmask Flags Metric Ref Use Iface200.1.1.0 * 255.255.255.0 U 0 0 0 eth0default 200.1.1.1 0.0.0.0 UG 0 0 0 eth0
to fix the problem we could specify the default route on the pc’s: “through this gateway (ip number) you can reach all other networks”
step4 - pc’s default routes: testpc1:~# ping 100.0.0.9PING 100.0.0.9 (100.0.0.9): 56 data bytes64 bytes from 100.0.0.9: icmp_seq=0 ttl=255 time=36.6 ms64 bytes from 100.0.0.9: icmp_seq=1 ttl=255 time=1.1 ms64 bytes from 100.0.0.9: icmp_seq=2 ttl=255 time=1.1 ms--- 100.0.0.9 ping statistics ---3 packets transmitted, 3 packets received, 0% packet lossround-trip min/avg/max = 1.1/12.9/36.6 ms
“backbone interface” of r1 is reachable.
r1 r2
pc1 pc2
eth0 eth0
eth0
eth1eth1
eth0
195.11.14.5
100.0.0.9
195.11.14.1
200.1.1.7
200.1.1.1
100.0.0.10
step4 - pc’s default routes: testpc1:~# ping 100.0.0.10PING 100.0.0.10 (100.0.0.10): 56 data bytes
--- 100.0.0.10 ping statistics ---3 packets transmitted, 0 packets received, 100% packet loss
interfaces on r2 seem NOT reachable!!!
can you say way?
r1 r2
pc1 pc2
eth0 eth0
eth0
eth1eth1
eth0
195.11.14.5
100.0.0.9
195.11.14.1
200.1.1.7
200.1.1.1
100.0.0.10
step4 - let’s inspect the network
r2:~# tcpdump -i eth1device eth1 entered promiscuous modetcpdump: listening on eth117:06:52.848961 arp who-has 100.0.0.10 tell 100.0.0.917:06:52.848961 arp reply 100.0.0.10 is-at fe:fd:64:0:0:a17:06:52.848961 195.11.14.5 > 100.0.0.10: icmp: echo request (DF)17:06:53.799071 195.11.14.5 > 100.0.0.10: icmp: echo request (DF)17:06:58.799067 195.11.14.5 > 100.0.0.10: icmp: echo request (DF)5 packets received by filter0 packets dropped by kerneldevice eth1 left promiscuous mode
does echo request packet arrive to r2? let’s check...
while pinging from pc1 100.0.0.10 sniff on interface eth1 of r2
echo requests are arriving since they are captured by tcpdump!
step4 - a look to the routing table of r2r2:~# routeKernel IP routing tableDestination Gateway Genmask Flags Metric Ref Use Iface100.0.0.8 * 255.255.255.252 U 0 0 0 eth1200.1.1.0 * 255.255.255.0 U 0 0 0 eth0
address of pc1 is 195.11.14.5r2 does not know how to reach such an address.
echo requests arrive to r2 but r2 does not know where echo replies should be forwarded!
you should teach r2 how to reach pc1!
you may insert a static route into the routing table of r2
step5 - static routes configuration
r2:~# routeKernel IP routing tableDestination Gateway Genmask Flags Metric Ref Use Iface100.0.0.8 * 255.255.255.252 U 0 0 0 eth1200.1.1.0 * 255.255.255.0 U 0 0 0 eth0195.11.14.0 100.0.0.9 255.255.255.0 UG 0 0 0 eth1
network 195.11.14.0... ...with netmask255.255.255.0...
... is reachable through 100.0.0.9...
... on interface eth1
r2:~# route add -net 195.11.14.0 netmask 255.255.255.0 gw 100.0.0.9 eth1
step5 - static routes configuration
r1:~# route add -net 200.1.1.0 netmask 255.255.255.0 gw 100.0.0.10 eth1r1:~# routeKernel IP routing tableDestination Gateway Genmask Flags Metric Ref Use Iface100.0.0.8 * 255.255.255.252 U 0 0 0 eth1200.1.1.0 100.0.0.10 255.255.255.0 UG 0 0 0 eth1195.11.14.0 * 255.255.255.0 U 0 0 0 eth0
an analogous configuration should be performed on router r2
step5 – static routes configuration: testpc1:~# ping 200.1.1.7PING 200.1.1.7 (200.1.1.7): 56 data bytes64 bytes from 200.1.1.7: icmp_seq=0 ttl=253 time=2.6 ms64 bytes from 200.1.1.7: icmp_seq=1 ttl=253 time=2.1 ms
--- 200.1.1.7 ping statistics ---2 packets transmitted, 2 packets received, 0% packet lossround-trip min/avg/max = 2.1/2.3/2.6 ms
pc2:~# ping 195.11.14.5PING 195.11.14.5 (195.11.14.5): 56 data bytes64 bytes from 195.11.14.5: icmp_seq=0 ttl=253 time=2.0 ms64 bytes from 195.11.14.5: icmp_seq=1 ttl=253 time=2.1 ms
--- 195.11.14.5 ping statistics ---2 packets transmitted, 2 packets received, 0% packet lossround-trip min/avg/max = 2.0/2.0/2.1 ms
both pc’s can reach each other
exercisescan you give a command for a static route that is equivalent to a default route?
pc1:~# route add -net netmask gw eth0? ? ?
not all the routing tables contain a default route; the network of this lab is so simple that routers r1 and r2 can be also configured using exclusively default routes
try such a configuration and test it