RHCE Series (i): How to set up and test static network routing

Red Hat certified Engineer, a Red Hat certified engineer, is a RHCE certification, Red Hat contributes to the enterprise community with open source operating systems and software, and it also provides training, support, and consulting services to the company.

This RHCE is a performance test (codenamed EX300) for senior system administrators of Red Hat Enterprise Linux (RHEL) systems with more skills, knowledge and capabilities.

Important: Red Hat Certified system ADMINISTRATOR,RHCSA is required before obtaining RHCE certification.

Static routes in Red Hat Enterprise Linux 7

One of the wonders of modern networks is that there are a lot of devices available that can connect a group of computers, whether in a small number of machines in a room or in a building, city, country, or continent.

However, in order for these to be implemented effectively in any situation, the network packets need to be routed, or in other words, their path from source to destination needs to follow a certain rule.

Static routing is the process of specifying a route for a network package, rather than using the default gateway provided by the network device. Unless a static route is specified, the network packet is directed to the default gateway, while static routes are based on other paths defined by predefined criteria, such as packet destinations.

We will consider the following scenarios in this guide. We have a RHEL 7, connected to Router 1th [192.168.0.1] to access the Internet and other machines in the 192.168.0.0/24.

The second router (router 2nd) has two network cards: ENP0S3 also connects to router 1th to access the Internet and communicates with RHEL 7 and other machines on the same network, while another network card (ENP0S8) is used to authorize access to the 10.0.0.0/24 network where the internal services are located, such as the web or database server.

In this article we will focus on setting up the routing table in RHEL 7 to ensure that it accesses the Internet through router 1th and accesses the internal network through router 2nd.

In RHEL 7, you can configure and display devices and routes with IP commands from the command line. These changes can take effect on the running system in a timely manner, but because they are not saved after a reboot, we will use the IFCFG-ENP0SX and ROUTE-ENP0SX files in the/etc/sysconfig/network-scripts directory to permanently Save our configuration.

First, let's print out the current routing table:

# IP Route Show

From the above output, we can draw the following conclusions:

The IP of the default gateway is 192.168.0.1 and can be accessed through the network card ENP0S3.

When the system starts, it enables the zeroconf route to 169.254.0.0/16 (only in this case). That is, if the machine is set to obtain an IP address through DHCP, but for some reason it fails, it is automatically assigned to an address in the above network segment. This line means that the route allows us to connect through ENP0S3 and other machine machines that do not have the IP address successfully obtained from the DHCP server.

Last but not least, we can also connect to other machines in the 192.168.0.0/24 network via IP address 192.168.0.18 enp0s3.

Here are some typical tasks you need to do in such a configuration. Unless otherwise noted, the following tasks are performed on router 2nd.

Ensure that all network cards are properly installed:

# IP Link Show

If a NIC is disabled, start it:

# IP link set dev enp0s8 up

Assign an IP address in the 10.0.0.0/24 network to it:

# ip addr Add 10.0.0.17 dev Enp0s8

Oh! We have assigned an incorrect IP address. We need to delete the previously assigned one and add the correct address (10.0.0.18):

# ip addr del 10.0.0.17 dev Enp0s8

# ip addr Add 10.0.0.18 dev Enp0s8

Now, note that you can only add a route through the gateway to the destination network that the gateway needs to have access to. For this reason, we need to assign an IP address to ENP0S3 in the 192.168.0.0/24 range so that our RHEL 7 can connect to it:

# ip addr Add 192.168.0.19 dev enp0s3

Finally, we need to enable packet forwarding:

# echo "1" >/proc/sys/net/ipv4/ip_forward

and deactivate/Cancel the firewall (from now on, we'll cover packet filtering in the next article):

# Systemctl Stop Firewalld

# systemctl Disable FIREWALLD

Back to our RHEL 7 (192.168.0.18), let's configure a route through 192.168.0.19 (Enp0s3 of Router 2nd) to 10.0.0.0/24:

# IP route add 10.0.0.0/24 via 192.168.0.19

After that, the routing table looks like this:

# IP Route Show

Similarly, add the corresponding route in the machine where you are trying to connect to the 10.0.0.0/24 network:

# IP route add 192.168.0.0/24 via 10.0.0.18

You can use ping to test the basic connection:

Run in RHEL 7:

# ping-c 4 10.0.0.20

10.0.0.20 is the IP address of a Web server in the 10.0.0.0/24 network.

Running in the Web server (10.0.0.20)

# ping-c 192.168.0.18

192.168.0.18 is the IP address of our RHEL 7 machine.

In addition, we can also use tcpdump (need to install via Yum install tcpdump) to check TCP bidirectional communication between the Web servers in our RHEL 7 and 10.0.0.20.

First enable logging in the first machine:

# tcpdump-qnnvvv-i ENP0S3 Host 10.0.0.20

On another terminal on the same system, let's connect to port 80th on the Web server via Telnet (assuming Apache is listening on the port, otherwise the correct listening port should be used in the command below):

# telnet 10.0.0.20 80

By looking at two-way communication between our RHEL 7 (192.168.0.18) and Web server (10.0.0.20), we can see that the connection has been initialized correctly.

Please note that these changes will be lost when you restart the system. If you want to keep them permanently, you need to edit the following files in the same system that we run the commands above (if they don't exist).

Although for our test example is not strict, you need to know that/etc/sysconfig/network contains some system-wide network parameters. A typical/etc/sysconfig/network looks similar to the following:

# Enable Networking on the This system?

Networking=yes

# Hostname. Should match the value In/etc/hostname

Hostname=yourhostnamehere

# Default Gateway

Gateway=xxx.xxx.xxx.xxx

# Device used to connect to default gateway. Replace X with the appropriate number.

Gatewaydev=enp0sx

When you need to set specific variables and values for each NIC (as we did on router 2nd), you need to edit/etc/sysconfig/network-scripts/ifcfg-enp0s3 and/etc/sysconfig/ NETWORK-SCRIPTS/IFCFG-ENP0S8 file.

Here's our example,

Type=ethernet

Bootproto=static

ipaddr=192.168.0.19

netmask=255.255.255.0

gateway=192.168.0.1

Name=enp0s3

Onboot=yes

And

Type=ethernet

Bootproto=static

ipaddr=10.0.0.18

netmask=255.255.255.0

gateway=10.0.0.1

Name=enp0s8

Onboot=yes

It corresponds to ENP0S3 and ENP0S8 respectively.

Because we want to route our client machines (192.168.0.18), we need to edit the/ETC/SYSCONFIG/NETWORK-SCRIPTS/ROUTE-ENP0S3:

10.0.0.0/24 via 192.168.0.19 Dev ENP0S3

Now reboot your system, you can see the routing rule in the routing table.

Summarize

In this article we describe the static routes for Red Hat Enterprise Linux 7. Although the scenarios may be different, the examples presented here illustrate the principles required and the steps to perform the task.

Free pick up Brother Lian IT Education Original Linux Operations Engineer video/Detailed Linux tutorials, details of the website customer service: http://www.lampbrother.net/linux/

or hooking up with Q2430675018.

Welcome to the Linux Communication Group 478068715

RHCE Series (i): How to set up and test static network routing