Understanding Route Table
Whenever we are talking about networking or pinging to different networks we are unaware of how things are actually working in the background.
So today I would like to break down the concept behind the networking and I will be creating a network from which we can ping to Google DNS but not to Facebook. This might not sound like a great idea but the concept covered would be of profound importance.
Before beginning, I would like to discuss some terminologies that are very important and are used every day in networking which might help you to understand the concepts behind it more accurately.
- Switch: Switch is a component that allows a system to connect to a different computer in the same network.
- Router: A router is a component in the computer or a separate device that allows a system to connect to a different system of a different network.
- Routing table: Routing table is like a data table maintained by a computer that lays down the rules about connecting to different systems or networks.
- Packet: Whenever we are pinging to different machines our system creates a packet. If the connection is not allowed by the rules of the routing table then this packet is not created.
- Gateway: The gateway is the place in the network from which the computer connects to the internet or some other network. Without knowing the gateway it is not possible for the system to connect to the internet.
- Network Card: A network card is a hardware component of the computer that connects a computer to a computer network.
I am going to use RedHat Enterprise Linux 8.3 today but don’t worry, this practice that I am about to show is not Operating System specific.
In order to see the routing table present in the Operating System, type the following command
There is a lot of information so let’s break it down. The main components are the Destination IP Address, Gateway, Genmask also known as netmask, Flags, Metric, and Network Card Interface(Iface).
The destination IP tells about the range of IP that the routing table allows connecting to. The gateway performs the same task as I mentioned above.
The Genmask or the netmask helps in getting the name of the network from the destination IP. Netmask is a concept of interest on its own so I won’t dwell on it deeper since there is not much need for it today.
The Iface tells the name of the network card. In our case, we are using the enp0s3 network card(Ethernet).
We know that 8.8.8.8 is a Google DNS IP address but to prove that we are going to use nslookup command which actually a network administration command-line tool for querying the Domain Name System (DNS) to obtain a domain name or IP address mapping, or other DNS records.
Similarly, we can also find Facebook IP addresses using the same command.
157.240.16.35 is the IP of the Facebook server and the connection is working just like it is supposed to.
To show the importance of the Route Table in making this connection, let’s just drop the rule which is allowing the above IP to be communicated.
So the rule I dropped had the information about the gateway and the destination IP. That rule was allowing my system to connect to the internet i.e Google Domain Name Server, Facebook server or any other IP on the internet that is working.
But you don’t need to take my word for it. Let’s try pinging the Google DNS and the Facebook server again.
Now we can see that the server is unreachable although I have complete internet connectivity as before.
As I mentioned earlier there is no issue with the internet connectivity. When we ping, the system goes to the routing table, and since there is no rule to connect to the given IP it simply denies the permission to even try to connect. This means the network packet is not even created in such a scenario.
So since I established the fact that without a properly configured route table we cannot access the internet, let us understand the importance of the gateway.
Now I would be adding a new rule to the Route Table.
So now I specifically added the google server IP to my route table. However, you can notice the gateway is not yet updated.
Let’s try pinging to google again.
Oh, another error. But this time it doesn’t say “Destination Host Unreachable”. This means the packet is being created.
This proves the point that since the rule is added in the Route table regarding the destination IP of the google server the packet is created. The error we got here was because of the incorrect gateway configuration.
So let’s clear it up too.
So the new rule is just like the rule I added before it and the only difference is the fact that the gateway is configured now.
So let’s try pinging again.
Nice!!! So it’s working great like before. So since the internet connectivity is great and I am able to reach Google DNS. Let’s try pinging to the Facebook server again.
What? Well, this was expected since the Facebook server is not allowed in the Route Table since we explicitly allowed only the destination IP of Google.
So we configured a custom route table that allows only certain IP connections to be made.
Conclusion
So we broke a very prominent myth here that having internet access allows us to connect to any website on the internet. This is not completely the case. Since today we had internet connectivity at all times yet we were unable to ping to the server until we configured the Route table.
Networking is one of the most interesting topics in technology there is so much going on when we just power on our system or click a link that opens another webpage.
