[Novalug] simple route issue - howto
Sat Dec 31 17:06:12 EST 2016
Great and appreciated 101 networking lesson. Thanks for taking the time to
write and share it.
On Dec 31, 2016 1:51 PM, "Stephen Cicirelli via Novalug" <
> This is a somewhat long and simplified accounting on some basic
> networking that I hope will help.
> The simplistic and unhelpful answer to Walt's question is you need a
> 3rd device (or much more complex and advanced: you need two IP
> addresses on the computer assuming all computers in question are on
> the same switch/wireless SSID).
> This should show why the 3rd device is needed
> Computer alpha has:
> IP 192.168.1.10
> mask 255.255.255.0 (also called /24 indicating that there are 24 bits
> masking the ip)
> The IP is broken down into network and node, the mask tells you what
> is what. Since /24 is the easy case (and relevant) we will stick with
> 192.168.1 is the network
> 10 is the node address
> in the real world: 1020 main st., fairfax va
> main st., fairfax va is the network
> 1020 is the node address
> When you are on the same subnet as another host (1-254 in this case)
> you don't route anywhere you just talk on the line. Much like if you
> want to go to the neighbors house at 1022 you just walk next door. No
> car or on ramps (routes)
> Thus you can :ping 192.168.1.x and provided that x exists and is
> running you will get a response.
> The same is true for systems on the other subnet - 192.168.2.20 /24
> computer beta has 192.168.2.20 255.255.255.0
> 192.168.2 is the network
> 20 is the node address
> in the real world: 2020 elm st. fairfax, va
> elm st., fairfax va is the network
> 2020 is the node address
> beta can talk to any computer on 192.168.2.[1-254] without routing
> one could walk to any house on the street and visit 2022 without
> getting into the car.
> Again, ping 192.168.2.y will get a response if the y node is up and running
> IF I try: Alpha: ping 192.168.2.20
> I will get either a request timed out or a destination host
> unreachable becuase I don't know how to get there from here.
> This is where routing comes in.
> routing is how you get from subnet A (192.168.1.0/24) to subnet B
> (the zero at the end indicates the start of the subnet (which is
> always 0 for a /24) and for now is helpful notation. This number
> becomes more important with advanced subneting (also refereed to as
> for simple subnet scenarios that most people encounter at home
> (192.168.1.0) the nodes do not need a route - they just need a default
> route (given by the default gateway) - because everything is out the
> default gateway. In our real world analogy this would be the traffic
> light at the end of the street (and of course the only thing here in
> the neighborhood is main st.) and the light would be the router.
> Typically the router IP address on the subnet (aka default gateway) is
> either the first or the last IP (so 1 or 254 in our case). (now you
> see why I used 10 and 20)
> So now we need a router. Let's call it delta. It has two ethernet ports.
> ETH0 - 192.168.1.1
> EHT1 - 192.168.2.1
> (as a side note, a modern professional class router can handle
> multiple IP addresses on a single NIC, but your average linksys or
> dlink with the default firmware cannot)
> So I need gateways on alpha and beta.
> IP 192.168.1.10
> Mask: 255.255.255.0
> Gateway: 192.168.1.1
> IP 192.168.2.20
> Mask: 255.255.255.0
> Gateway: 192.168.2.1
> So now when I'm on computer alpha and I:
> ping 192.168.2.20
> I will get a response. computer alpha will see that 192.168.2 is not
> part of its current subnet of 192.168.1 and so the IP stack will send
> the packet to the default gateway (192.168.1.1) who will then route it
> to the 192.168.2 subnet (on eth1) and it will be sent to the
> destination. The return traffic goes the same way: Beta sees that
> 192.168.1 is not on its network and so sends the packet to 192.168.2.1
> who then handles the routing to send the response.
> Thus far we have not needed to add routes. Indeed, the only one that
> needs a route is the router.
> Back to our real world analogy - I live on main st. and I want to
> visit my friend who lives on elm. I need to get in the car and drive
> to the trafficlight and then the GPS takes me to the traffic light
> that has elm and drops me there. I then get out of my car and wander
> down the (nice pedestrian friendly) street screaming my fool head off
> looking for my friend. When I want to go back home, I get back in the
> car and go to the router - er, trafficlight and GPS my way back to
> main st.
> So why would one need to use route? Typically one wouldn't.
> Typically most homes are on a single network, as we said above, and
> the entire universe is out the default gateway. That's all the system
> needs to know.
> Here is where is gets complex without pictures.
> Let say we have computer gamma:
> 192.168.3.30/24 GW:192.168.3.1
> so this one is set up just like the others on a per subnet basis.
> let us also say we have a new router epsilon
> ETH0 192.168.3.1/24
> ETH1 192.168.1.2/24 <-- note the subnet here is on 192.168.1 and the node
> is 2
> so epsilon talks to and routes subnets with alpha and gamma (no beta)
> So what happens when alpha does: ping 192.168.30.30
> It fails. Because alpha sends the packet to router gamma (192.168.1.1
> - the default gateway) and it doesn't go anywhere (and yes, there are
> advanced routing configurations that would fix it)
> This is where route would come into play.
> You would put in something like:
> route ADD -net 192.168.3.0 MASK 255.255.255.0 192.168.1.2
> on alpha (note you don't need to do anything for gamma)
> This would tell alpha
> If you have traffic that isn't for 192.168.1.x then send it to the
> default gateway (192.168.1.1) UNLESS it is traffic for subnet
> 192.168.3.w, then send it to 192.168.1.2
> I hope this little tutorial on networking helps folks in general. As
> usual please ask clarifying remarks and I hope everyone has a fabulous
> Happy New Year!
> On Fri, Dec 30, 2016 at 5:45 PM, Walt Smith via Novalug
> <email@example.com> wrote:
> > Hi,
> > I have a simple route problem. I'm probably
> > missing just one thing. TO approach that,
> > I merely tried a number of combinations that
> > theory doesn't seem to cover when actually
> > using commands. It using static routing.
> > ( note most web blogs etc discuss routing between
> > eth0 and eth1, which this is not )
> > The idea is I CAN assign 192.168.1.1 to the
> > eth0 interface, and route with netmask 255.255.255.0
> > and access any devices on several "routers" with
> > 192.168.1.x addresses.
> > I CAN also do the same with a 192.168.2.1 IF address on
> > eth0 and access ( web and ping ) say a 192.168.2.10.
> > I CANNOT access Both a 1.x and 2.x boxes
> > ( say cheap routers ).
> > I wish to do so.
> > SO what do I need to do ?
> > ??
> > ----------------
> > see below for various merged examples for readablilty . . . .
> > I'm aware that route and ifconfig can
> > assume certain parameters and auto-include them
> > when the user/script gives info: for example,
> > route can assume a netmask, or a -net option
> > in certain conditions. It can also perform
> > an entry by setting an IP for an interface
> > such as eth0.
> > So below is an expanded version of efforts that
> > might be tried ( not all at one time, but one at a time
> > in various combos to try to understand in what order
> > route and ifconfig do things.
> > [root@CentOS68 waltech]# route add -net 192.168.0.0 netmask 255.255.0.0
> > [root@CentOS68 waltech]# route
> > Kernel IP routing table
> > Destination Gateway Genmask Flags Metric Ref Use
> > 184.108.40.206 * 255.255.255.255 UH 0 0 0
> > 192.168.2.1 192.168.1.1 255.255.255.255 UGH 0 0 0
> > 192.168.2.0 * 255.255.255.0 U 0 0 0
> > 192.168.2.0 192.168.1.1 255.255.255.0 UG 0 0 0
> > 192.168.1.0 * 255.255.255.0 U 0 0 0
> > 192.168.1.0 192.168.1.1 255.255.255.0 UG 0 0 0
> > 192.168.0.0 * 255.255.0.0 U 0 0 0
> > default * 0.0.0.0 U 0 0 0
> > [root@CentOS68 waltech]#
> > [root@CentOS68 waltech]# ifconfig
> > eth0 Link encap:Ethernet HWaddr 00:0C:F1:8B:DF:79
> > inet addr:192.168.1.1 Bcast:192.168.1.255 Mask:255.255.255.0
> > inet6 addr: fe80::20c:f1ff:fe8b:df79/64 Scope:Link
> > UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
> > RX packets:5558 errors:0 dropped:0 overruns:0 frame:0
> > TX packets:4801 errors:0 dropped:0 overruns:0 carrier:0
> > collisions:0 txqueuelen:1000
> > RX bytes:3231777 (3.0 MiB) TX bytes:490218 (478.7 KiB)
> > ppp0 Link encap:Point-to-Point Protocol
> > inet addr:220.127.116.11 P-t-P:18.104.22.168
> > UP POINTOPOINT RUNNING NOARP MULTICAST MTU:552 Metric:1
> > RX packets:7932 errors:4 dropped:0 overruns:0 frame:0
> > TX packets:8563 errors:0 dropped:0 overruns:0 carrier:0
> > collisions:0 txqueuelen:3
> > RX bytes:2945795 (2.8 MiB) TX bytes:693102 (676.8 KiB)
> > ----
> > The government is lawless, not the press (people).
> > ( [Supreme Court] Justice Douglas re: The Pentagon Papers )
> > **********************************************************************
> > The Novalug mailing list is hosted by firemountain.net.
> > To unsubscribe or change delivery options:
> > http://www.firemountain.net/mailman/listinfo/novalug
> The Novalug mailing list is hosted by firemountain.net.
> To unsubscribe or change delivery options:
More information about the Novalug