Networking & Routing

Set Linux Hostname

To set hostname LinuxRouter, do this following command :

● hostnamectl set-hostname LinuxRouter

IP Network Class
Originally, the IPv4 addresses were broken into the following three classes:

● Class A: 0.0.0.0/255.0.0.0
● Class B: 128.0.0.0/255.255.0.0
● Class C: 192.0.0.0/255.255.255.0

Original classes of networks and subnets did not scale well. Networks which did not fit in a class B were often
given a class A. This led to IP addresses going to waste and the creation of CIDR (Classless Inter-Domain
Routing) which uses a numbered bitmask instead of the class bitmask.
Classless Inter-Domain Routing (CIDR)

CIDR network netmasks are more Subnet Mask CIDR Subnet Mask CIDR
flexible, and they do not have to end 255.128.0.0 /9 255.255.240.0 /20
255.192.0.0 /10
on "nibble" boundaries. 255.255.248.0 /21
255.224.0.0 /11 255.255.252.0 /22
255.240.0.0 /12 255.255.254.0 /23
255.248.0.0 /13 255.255.255.0 /24
255.252.0.0 /14 255.255.255.128 /25
255.254.0.0 /15 255.255.255.192 /26
255.255.0.0 /16 255.255.255.224 /27
255.255.128.0 /17 255.255.255.240 /28
255.255.192.0 /18 255.255.255.248 /29
255.255.224.0 /19 255.255.255.252 /30
Command IP Cheat Sheet

ip queries

Sub Command Description

addr Display IP Addresses and property information

ip addr : Show information for all addresses

ip addr show dev enp0s3 :Display information only for device
enp0s3

link Manage and display the state of all network Interfaces

ip link : Show information for all interfaces

ip link show dev enp0s3 : Display information only for device
enp0s3
ip -s link : Display interface statistics
ip queries

Sub Command Description & Tasks

route Display and alter the routing table

ip route : List all of the route entries in the kernel

neigh Show neighbour objects; also known as the ARP table for IPv4

ip neigh : Display neighbour objects

ip neigh show dev enp0s3 : Show the ARP cache for device enp0s3

help ip help : Display ip commands and arguments

ip addr help : Display address commands and arguments
ip link help : Display link commands and arguments
ip neigh help : Display neighbour commands and arguments
ip modifying address & link

Sub Command Description & Tasks

addr add ip addr add 192.168.1.11/24 dev enp0s3

Add address 192.168.1.11 with netmask 24 to device enp0s3

addr del ip addr del 192.168.1.11/24 dev enp0s3

Remove address 192.168.1.11/24 from device enp0s3

link set ip link set enp0s3 up

Bring enp0s3 online

ip link set enp0s3 down

Bring enp0s3 offline
ip managing arp tables

Sub Command Description & Tasks

neigh add Add an entry to the ARP Table :

ip neigh add 192.168.1.12 lladdr 01:02:03:04:05:06 dev enp0s3

Add address 192.168.1.12 with MAC 01:02:03:04:05:06 to enp0s3

neigh del Invalidate an entry

ip neigh del 192.168.1.12 dev enp0s3

Invalidate the entry for 192.168.1.12 on enp0s3

neigh replace Replace, or adds if not defined, an entry to the ARP table

ip neigh replace 192.168.1.12 lladdr 01:02:03:04:05:06 dev

enp0s3
Replace the entry for address 192.168.1.12 to use MAC
01:02:03:04:05:06 on enp0s3
Lab
● Create 3 VM host
● Setup IP Address using subnet 172.16.16.88/29
● Check link status
● Check neighbour MAC & IP Address
ip managing route

Sub Command Description & Tasks

route add Add an entry to the routing table

ip route add default via 192.168.1.1 dev enp0s3

Add a default route (for all addresses) via the local gateway
192.168.1.1 that can be reached on device enp0s3

ip route add 192.168.2.0/24 via 192.168.1.1 dev enp0s3

Manage and display multicast IP addresses
Add a route to 192.168.2.0/24 via the gateway at 192.168.1.1
device enp0s3

route del Delete a routing table entry

ip route del default via 192.168.1.1 dev enp0s3

Delete ip default route

ip route delete 192.168.2.0/24 via 192.168.1.1 dev enp0s3

Delete the route for 192.168.2.0/24 via the gateway at 192.168.1.1
device enp0s3
ip managing route

Sub Command Description & Tasks

route get Display the route an address will take

ip route get 192.168.2.100

Display the route taken for IP 192.168.2.100
Boot Time Network Configuration
● # vim /etc/network/interfaces

auto lo enp0s3 enp0s8

iface lo inet loopback

iface enp0s3 inet static

address 192.168.1.19
Netmask 255.255.255.0

iface enp0s8 inet dhcp

● # systemctl restart networking

Enable IP Forwarding
By default, forwarding IPV4 is disabled on most Linux systems. To configure Linux as a router, do
this :
● Check current state of forwarding
○ # sysctl net.ipv4.ip_forward
● Enable forwarding temporary
○ # echo 1 > /proc/sys/net/ipv4/ip_forward
● Enable forwarding permanent
○ # vim /etc/sysctl.conf

net.ipv4.ip_forward=1
○ # sysctl -p
Lab

● Set hostname according label on picture

● Set IP Address according on picture
● Set Static Routes to help H1 reach H2
Dynamic Routing BGP
BGP ?

Border Gateway Protocol (BGP) is the postal service of the Internet. When someone drops a
letter into a mailbox, the Postal Service processes that piece of mail and chooses a fast,
efficient route to deliver that letter to its recipient. Similarly, when someone submits data via
the Internet, BGP is responsible for looking at all of the available paths that data could travel
and picking the best route, which usually means hopping between autonomous systems
(https://www.cloudflare.com/learning/security/glossary/what-is-bgp/)
How does BGP Work ?
● BGP in networking is based on TCP/IP. It operates on the OSI Transport Layer (Layer 4) to
control the Network Layer (Layer 3).
● Using Autonomous System (AS) Number as router identity
● Each router maintains a routing table controlling how packets are directed.
Lab
BGP on Debian
● Install FRR (https://frrouting.org/)
○ # apt install frr
● Enable BGP Daemon
○ # vim /etc/frr/daemons

bgpd=yes

○ # systemctl restart frr

● Configure BGP
○ # vtysh
○ > write memory
○ > exit
FRR Configuration
# vim /etc/frr/frr.conf

frr version 7.5.1 access-list all seq 5 permit any

frr defaults datacenter
hostname R1 route-map set-nexthop permit 10
no ipv6 forwarding match ip address all
service integrated-vtysh-config set ip next-hop 172.17.1.1

router bgp 1 line vty

bgp router-id 172.17.1.1
neighbor 172.17.1.2 remote-as 2

address-family ipv4 unicast

network 192.168.1.0/24
network 172.17.1.0/30
neighbor 172.17.1.2 route-map set-nexthop out
exit-address-family
FRR configuration
# systemctl restart frr

# vtysh

> write memory

> show running-config

FRR vtysh
vtysh is a shell for FRR daemons or simply CLI Commands for FRR

Useful vtysh command for manage & monitor BGP :

Command

write memory

Show running-config

show bgp summary

show ip route

show ip bgp neighbors 172.17.1.2

Lab ITNSA
Keepalived
● Keepalived provides frameworks for both load balancing and high availability
○ Keepalived implements a set of health checkers to dynamically and adaptively maintain and
manage load balanced server pools according to their health
○ High availability is achieved by the Virtual Redundancy Routing Protocol (VRRP)
● The most basic Keepalived configuration enables a shared IP address between two servers (floating IP
Address)
● For failing-over an IP address from one machine to another
Keepalived Master on Debian
● Install keepalive
○ # apt install keepalived
● Configure Keepalive
○ # vim /etc/keepalived/keepalived.conf
global_defs {
}

vrrp_instance VI_1 {
state MASTER
interface enp0s8
virtual_router_id 10
nopreempt
priority 101
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.99.99.252
}
}
Keepalived Backup on Debian
● Install keepalive
○ # apt install keepalived
● Configure Keepalive
○ # vim /etc/keepalived/keepalived.conf
global_defs {
}

vrrp_instance VI_1 {
state BACKUP
interface enp0s8
virtual_router_id 10
nopreempt
priority 101
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.99.99.252
}
}