Detailed explanation of routing configuration in Linux system with multiple network cards

Routing configuration commands under Linux 1. Add host routing route add -host 192.168.1.11 dev eth0 route add -host 192.168.1.12 gw 192.168.1.1 2. Add network routing route add -net 192.168.1.11 netmask 255.255.255.0 eth0 route add -net 192.168.1.11 netmask 255.255.255.0 gw 192.168.1.1 route add -net 192.168.1.0/24 eth0 route add -net 192.168.1.0/24 gw 192.168.1.1 3. Add a default gateway route add default gw 192.168.1.1 4. Delete a route route del -host 192.168.1.11 dev eth0 5. Delete the default route route del default gw 192.168.1.1 Several ways to configure permanent routing under Linux 1. Add routing information in `/etc/rc.local` route add -net 192.168.1.0/24 dev eth0 # or route add -net 192.168.1.0 netmask 255.255.255.0 gw 192.168.1.1 2. Add in `/etc/sysconfig/network` GATEWAY=[gateway IP or gateway network card name] 3. `/etc/sysconfig/static-routes` any net 192.168.1.0/24 gw 192.168.1.1 # or any net 192.168.1.0 netmask 255.255.255.0 gw 192.168.1.1 4. Enable IP forwarding 1. Temporary opening echo "1" > /proc/sys/net/ipv4/ip_forward 2. Permanently open vim /etc/sysctl.conf Modify `net.ipv4.ip_forward=1` Experiment: Configuring a dual-NIC host to use both the intranet and the Internet The background of this experiment is a problem that the author encountered in practice. This experiment tries to restore the network environment at that time. Just take a note and share it with classmates who encounter this problem. Unfortunately, I don’t have any hardware now (T＿T)...I can only use VMware Workstation and eNSP to simulate the experimental environment. Background As shown in the topology below, if `client` node is removed, the intranet and the extranet are isolated networks. But the actual situation is that `client` node needs to access both external and internal network resources, and `client` can only configure one default route. If the default route is configured on the external network card, `client` can access the resources of the `172.16.2.0/24` network and the external network, but cannot access the rest of the internal network resources; if the default route is configured on the internal network card, `client` can fully access the internal network resources, but cannot access the external network resources. How to solve it? Experimental environment VMware Workstation Pro 4 minimally installed CentOS 7.3 virtual machines Huawei eNSP Simulator Experimental topology Remove the `client` node, and the intranet and the extranet are isolated networks. The external network is `10.0.0.0/16` , which represents the operator's access network; The intranet network is `172.16.0.0/16` , which represents the intranet part (for security reasons, this part does not allow direct access to the Internet). in: `client` is a host with two network cards, and the network segments of the two network cards are `10.0.0.0/16` and `172.16.2.0/24` respectively; `server2` is a server in the `172.16.2.0/24` network segment; `server3` is a server in the `172.16.3.0/24` network segment; `server4` is a server in the `172.16.4.0/24` network segment. Network Planning IP Allocation

Routing configuration commands under Linux

1. Add host routing

route add -host 192.168.1.11 dev eth0
route add -host 192.168.1.12 gw 192.168.1.1

2. Add network routing

route add -net 192.168.1.11 netmask 255.255.255.0 eth0
route add -net 192.168.1.11 netmask 255.255.255.0 gw 192.168.1.1
route add -net 192.168.1.0/24 eth0
route add -net 192.168.1.0/24 gw 192.168.1.1

3. Add a default gateway

route add default gw 192.168.1.1

4. Delete a route

route del -host 192.168.1.11 dev eth0

5. Delete the default route

route del default gw 192.168.1.1

Several ways to configure permanent routing under Linux

1. Add routing information in /etc/rc.local

route add -net 192.168.1.0/24 dev eth0
# or route add -net 192.168.1.0 netmask 255.255.255.0 gw 192.168.1.1

2. Add in /etc/sysconfig/network

GATEWAY=[gateway IP or gateway network card name]

3. /etc/sysconfig/static-routes

any net 192.168.1.0/24 gw 192.168.1.1
# or any net 192.168.1.0 netmask 255.255.255.0 gw 192.168.1.1

4. Enable IP forwarding

1. Temporary opening

echo "1" > /proc/sys/net/ipv4/ip_forward

2. Permanently open

vim /etc/sysctl.conf

Modify net.ipv4.ip_forward=1

Experiment: Configuring a dual-NIC host to use both the intranet and the Internet

The background of this experiment is a problem that the author encountered in practice. This experiment tries to restore the network environment at that time. Just take a note and share it with classmates who encounter this problem.

Unfortunately, I don’t have any hardware now (T＿T)...I can only use VMware Workstation and eNSP to simulate the experimental environment.

Background

As shown in the topology below, if client node is removed, the intranet and the extranet are isolated networks.

But the actual situation is that client node needs to access both external and internal network resources, and client can only configure one default route. If the default route is configured on the external network card, client can access the resources of the 172.16.2.0/24 network and the external network, but cannot access the rest of the internal network resources; if the default route is configured on the internal network card, client can fully access the internal network resources, but cannot access the external network resources.
How to solve it?

Experimental environment

VMware Workstation Pro
4 minimally installed CentOS 7.3 virtual machines
Huawei eNSP Simulator

Experimental topology

Remove the client node, and the intranet and the extranet are isolated networks.

The external network is 10.0.0.0/16 , which represents the operator's access network;

The intranet network is 172.16.0.0/16 , which represents the intranet part (for security reasons, this part does not allow direct access to the Internet).

in:

client is a host with two network cards, and the network segments of the two network cards are 10.0.0.0/16 and 172.16.2.0/24 respectively;
server2 is a server in the 172.16.2.0/24 network segment;
server3 is a server in the 172.16.3.0/24 network segment;
server4 is a server in the 172.16.4.0/24 network segment.

Network Planning

IP Allocation

Node Name	IP address	Subnet Mask	Remark
client	10.0.0.101	255.255.0.0	Client's external network card
client	172.16.2.101	255.255.255.0	Client's internal network card
Server2	172.16.2.11	255.255.255.0	A server in the 172.16.2.0/24 network segment
Server3	172.16.3.11	255.255.255.0	A server on the 172.16.3.0/24 network segment
Server4	172.16.4.11	255.255.255.0	A server in the 172.16.4.0/24 network segment
Intranet router	172.16.2.254	255.255.255.0	Gateway of 172.16.2.0/24
	172.16.3.254	255.255.255.0	Gateway of 172.16.3.0/24
	172.16.4.254	255.255.255.0	Gateway of 172.16.4.0/24

Virtual machine network card type

Network Name	VMware NIC Type	Network Range
Carrier Network	bridging	10.0.0.0/16
VMnet2	Host only	172.16.2.0/24
VMnet3	Host only	172.16.3.0/24
VMnet4	Host only	172.16.4.0/24

How to implement the intranet router?

VMnet2, VMnet3, and VMnet4 are all in host-only mode. Under normal circumstances, only computers within their networks can communicate. How can we achieve communication among the three networks?

The answer is to use the Cloud in Huawei eNSP simulator. Cloud devices can be used to connect the router in the eNSP and the network card of the VMware virtual machine.

Configure the intranet environment

Configuring eNSP's router

interface	IP address	Subnet Mask
G0/0/0	172.16.2.254	255.255.255.0
G0/0/1	172.16.3.254	255.255.255.0
G0/0/2	172.16.4.254	255.255.255.0

<huawei>system-view
[huawei]int g0/0/0
[Huawei-GigabitEthernet0/0/0]ip address 172.16.2.254 255.255.255.0
[Huawei-GigabitEthernet0/0/0]quit
[huawei]int g0/0/1
[Huawei-GigabitEthernet0/0/1]ip address 172.16.3.254 255.255.255.0
[Huawei-GigabitEthernet0/0/1]quit
[huawei]int g0/0/2
[Huawei-GigabitEthernet0/0/2]ip address 172.16.4.254 255.255.255.0
[Huawei-GigabitEthernet0/0/2]quit
[huawei]

Modify the IP address of the virtual machine

client

Network card name	IP address	Subnet Mask	Default Gateway	Remark
ens33	10.0.0.101	255.255.0.0	10.0.0.1	External network card
ens37	172.16.2.101	255.255.255.0		Intranet network card

server2

Network card name	IP address	Subnet Mask	Default Gateway	Remark
ens33	172.16.2.11	255.255.255.0	172.16.2.254

server3

Network card name	IP address	Subnet Mask	Default Gateway	Remark
ens33	172.16.3.11	255.255.255.0	172.16.3.254

server4

Network card name	IP address	Subnet Mask	Default Gateway	Remark
ens33	172.16.4.11	255.255.255.0	172.16.4.254

Build HTTP service on the server

Take server2 as an example:

Creating a simple HTTP service using Python

cd ~
echo "server2" > index.html
python -m SimpleHTTPServer 8080

Controlled trials

Access the external network on client

ping www.baidu.com -c 4

Access server2 on client

ping 172.16.2.11 -c 4

Access server3 on client

ping 172.16.3.11 -c 4

Access server4 on client

ping 172.16.4.11 -c 4

In the control test, it can be seen that when client configures the default gateway on the external network card, client with dual network cards can normally access 172.16.2.0/24 part of the external network and the internal network, while 172.16.3.0/24 and 172.16.4.0/24 cannot be accessed.

Why can client access 172.16.2.0/24 network but not the rest of the 172.16.0.0/16 network?
Because client is located in the 172.16.2.0/24 network, communication is carried out within the network, and the data packets do not need to be sent to other networks. Of course, the default gateway does not work.
When client communicates with the rest of the network in 172.16.0.0/16 , client 's routing table does not record the path to the destination address, so client can only send the data packet to the default gateway. From then on, the data packet and the real destination address are "going in opposite directions". Of course, the result of ping is that the network is unreachable.

Routing Configuration

View the routing table on client

route

Add a route on client

route add -net 172.16.0.0/16 gw 172.16.2.254

For permanent configuration, add routing information in /etc/rc.local

route add -net 172.16.0.0/16 gw 172.16.2.254

View the routing table

route

Experimental Results

Checking connectivity

ping www.baidu.com -c 4

ping 172.16.2.11 -c 4

ping 172.16.3.11 -c 4

ping 172.16.4.11 -c 4

Access to internal and external network resources

curl http://www.baidu.com/

curl http://172.16.2.11:8080/index.html

curl http://172.16.3.11:8080/index.html

curl http://172.16.4.11:8080/index.html

The solution is very simple, just one command.

However, the principles, concepts, and theories behind this command require us to delve deeper!

The above is the full content of this article. I hope it will be helpful for everyone’s study. I also hope that everyone will support 123WORDPRESS.COM.

You may also be interested in:

How to use Crontab to access a certain routing address regularly in Linux
How to modify IP, DNS and routing command line configuration in Linux
A detailed introduction to Linux routing table
How to add permanent static routing in Linux
Building a Router with Linux
A LINUX soft router that supports hybrid multi-line access
Using Linux as a router in an enterprise network
Analysis of two implementation methods for adding static routing in Linux

<<: Tutorial on using prepare, execute and deallocate statements in MySQL

>>: How to use JS to check if an element is within the viewport

Linux virtual memory settings tutorial and practice

Recommend

Detailed explanation of how to effectively store IP addresses in MySQL and how to convert between string IP and numerical values

When looking at High Performance MySQL Version 3 ...

Detailed explanation of routing configuration in Linux system with multiple network cards

Linux virtual memory settings tutorial and practice

How to encapsulate timer components in Vue3

UDP simple server client code example

How to deploy Go web applications using Docker

URL Rewrite Module 2.1 URL Rewrite Module Rule Writing

Several ways to encrypt and decrypt MySQL (summary)

CSS removes the dotted border generated when clicking a link. Compatible with browsers that meet W3C standards

Linux method example to view all information of the process

MySQL multi-table query detailed explanation

Detailed explanation of MySQL combined index method

Recommend

Detailed explanation of how to effectively store IP addresses in MySQL and how to convert between string IP and numerical values

Vue implements the full selection function

Some understanding of absolute and relative positioning of page elements

How to configure /var/log/messages in Ubuntu system log

It's the end of the year, is your MySQL password safe?

Vue Element front-end application development table list display

Introduction and use of Javascript generator

Three ways of html+css layout (natural layout/flow layout/positioning layout)

How to monitor multiple JVM processes in Zabbix

The concept and characteristics of MySQL custom variables

Detailed explanation of Nginx static service configuration (root and alias instructions)

How to implement real-time polygon refraction with threejs

A brief analysis of different ways to configure static IP addresses in RHEL8

Vue implements zoom in, zoom out and drag function

The implementation process of Linux process network traffic statistics