Linux Networking

How to configure multiple routes in Linux.

Two interfaces are configured and want to configure seperate gateway for each of the interfaces. This is possible with ‘ip route’ feature. If ip route feature is not there, this can be enabled from kernel using command:-

#make menuconfig
Once after that enable [*] IP: policy routing

My Interfaces and configurations.

eth2
Two networks, I have added.
10.245.7.112/29
Range :- 10.245.7.113 – 10.245.7.118
Gateway:-10.245.7.113

eth0
10.240.11.0/24
Range:- 10.240.11.1 – 10.240.11.254
Gateway:-10.240.11.51

Add IPtable routing table as below:-
echo “1 <rouuting table name> ” >> /etc/iproute2/rt_tables

Following create routing table
>>
ip route add 10.240.11.0/24 dev eth0 src 10.240.11.51 table admin
ip route add default via 10.240.11.254 dev eth0 table admin

Following add rule to o/s
>>
ip rule add from 10.240.11.0/24 table admin
ip rule add to 10.240.11.0/24 table admin
How to verify.

#ip r s t admin
10.240.11.0/24 dev eth0 scope link src 10.240.11.51
default via 10.240.11.254 dev eth0

#ip r s t main
10.245.7.112/29 dev eth2 proto kernel scope link src 10.245.7.115
10.240.11.0/24 dev eth0 proto kernel scope link src 10.240.11.51
169.254.0.0/16 dev eth0 scope link metric 1002
169.254.0.0/16 dev eth2 scope link metric 1003
default via 10.245.7.113 dev eth2 proto static

# ip route show dev eth0
10.240.11.0/24 proto kernel scope link src 10.240.11.51
169.254.0.0/16 scope link metric 1002

# ip route show dev eth2
10.245.7.112/29 proto kernel scope link src 10.245.7.115
169.254.0.0/16 scope link metric 1003
default via 10.245.7.113 proto static

# ip rule show
0: from all lookup local
32764: from all to 10.240.11.0/24 lookup admin
32765: from 10.240.11.0/24 lookup admin
32766: from all lookup main
32767: from all lookup default

 

 

How to disble IPv6 

# vi /etc/sysctl.conf

Put the following entry to disable IPv6 for all adapter.

net.ipv6.conf.all.disable_ipv6 = 1

For particular adapter. (If the network card name is eno16777736).

net.ipv6.conf.eno16777736.disable_ipv6 = 1

To reflect the changes by executing the following command.

# sysctl -p

 

Find public IP from private IP- When NAT is configured.

curl ident.me
curl ifconfig.me
curl tnx.nl/ip
curl icanhazip.com
curl ipecho.net/plain
curl ip.appspot.com
curl whatsmyip.akamai.com

curl -w "%{url_effective}" -sSL  -o /dev/null  http://<IP> ..To find any redirects.
 

Network Goes down intermittent.

This is a bug. To fix this, execute the below command.
#systemctl restart NetworkManager
Ref url:- https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1461015
 

tcpdump command line options

-i interface
–interface=interface
Listen on interface. If unspecified, tcpdump searches the system interface list for the lowest numbered, configured up interface (excluding loopback), which may turn out to be, for example, “eth0”.
On Linux systems with 2.2 or later kernels, an interface argument of “any” can be used to capture packets from all interfaces. Note that captures on the “any” device will not be done in promiscuous mode.
If the -D flag is supported, an interface number as printed by that flag can be used as the interface argument.

-q
Quick (quiet?) output. Print less protocol information so output lines are shorter.

-s snaplen
–snapshot-length=snaplen
Snarf snaplen bytes of data from each packet rather than the default of 262144 bytes. Packets truncated because of a limited snapshot are indicated in the output with “[|proto]”, where proto is the name of the protocol level at which the truncation has occurred. Note that taking larger snapshots both increases the amount of time it takes to process packets and, effectively, decreases the amount of packet buffering. This may cause packets to be lost. You should limit snaplen to the smallest number that will capture the protocol information you’re interested in. Setting snaplen to 0 sets it to the default of 262144, for backwards compatibility with recent older versions of tcpdump.

-n
Don’t convert addresses (i.e., host addresses, port numbers, etc.) to names.

-q
Quick (quiet?) output. Print less protocol information so output lines are shorter.

-vvv
Even more verbose output. For example, telnet SB … SE options are printed in full. With -X Telnet options are printed in hex as well.

-xx
When parsing and printing, in addition to printing the headers of each packet, print the data of each packet, including its link level header, in hex.

-XX
When parsing and printing, in addition to printing the headers of each packet, print the data of each packet, including its link level header, in hex and ASCII.

examples

tcpdump -i <Interface Name> -qs -n dst <Destination Server IP> and port not <Port No>
tcpdump -nni <Interface Name> -e -xx -XX port not <Port No>
tcpdump -qn -r <Read from file>
tcpdump port not 22 -w <Write to file>
tcpdump -vvv “icmp” -w pingout2.pcap

 

url:-

http://www.tcpdump.org/tcpdump_man.html

https://forum.ivorde.com/tcpdump-xx-xx-dump-packet-header-and-data-in-hex-and-ascii-format-t19790.html

http://serverfault.com/questions/38626/how-can-i-read-pcap-files-in-a-friendly-format

 

NAT Types

DNAT
Use : Forward a packet. Used in prerouting
Command.
iptables -A PREROUTING -i eth0 -p tcp –dport 80 -j DNAT –to-destination $eth0:8082
Forward all packats destined to 8082 to port 80.

SNAT
Use : NAT output to particular IP.
iptables -t nat -A POSTROUTING -o eth1 -j SNAT –to-source x.x.x.x
Forward all outbound from eth1 to x.x.x.x

Masquerade:-
iptables -t nat -A POSTROUTING -s 192.168.100.0/24 -o eth0 -j MASQUERADE
NThe MASQUERADE target lets you give it an interface, and whatever address is on that interface is the address that is applied to all the outgoing packets.
Ex :- When linux machine is a router for one or more machines on a local subnet and they need to access the Internet using the public address of the linux machine

URL : http://jensd.be/343/linux/forward-a-tcp-port-to-another-ip-or-port-using-nat-with-iptables
url : http://www.revsys.com/writings/quicktips/nat.html

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s