Uploaded bygamer007
PPTX, PDF372 views

IP routing in linux

This document discusses IP routing and firewall configuration in Linux. It covers IP forwarding, the routing cache, routing tables, and rule-based routing. It then discusses IP tables, which contain three tables (filter, NAT, mangle) and chains. Each table contains chains and rules to filter, translate, or modify packets. IP chains are used to divert and return packets between the tables. The document provides examples of IPTables and IPChains commands used to manage rules and packet flow.

Embed presentation

Download to read offline
IP Routing in Linux Name:-cyz Class:-TYIF Roll no.:-3415
Agenda •Routing in Linux IP Forwarding Routing Cache Routing table Rule-Based on Routing • IP Table Filter Table NAT Table Mangle Table • IP Chain
Routing in Linux • IP Forwarding IP forwarding also known as Internet routing is a process used to determine which path a packet or datagram can be sent. Forwarding is implemented in the Linux Kernel a task of the IP layer routing is handled on higher layers routing protocols build on top of transport- layer protocols.
Routing in Linux(cont.) • Routing Cache The routing cache is also known as the forwarding information base (FIB). The routing cache stores recently used routing entries in a fast and convenient hash lookup table, and is consulted before the routing tables. If the kernel finds a matching entry during route cache lookup, it will forward the packet immediately and stop traversing the routing tables.
Routing in Linux(cont.) • Routing Table Routing Table are represented by rather complex data structures, which manage entries by using a number of hash tables for different prefix lengths . Each routing table still operates in the traditional and expected fashion.  Linux simply allows you to choose from a number of routing tables, and to traverse routing tables in a user-definable sequence until a matching route is found.
Routing in Linux(cont.) • Rule-Based on Routing  Rule-based Routing are set of rules is used to select which table should be used for what packets Rules a selector and a type selector chooses .  Routing Rules rule-based routing uses a set of rules to decide searched for a suitable entry to forward a packet .
IP Table • IP tables is a user-space application program that allows a system administrator to configure the tables provided by the Linux kernel firewall and the chains and rules it stores. • IP table are contain IP chain and IP chain contain commands. • IP Tables is used to set up, maintain, and inspect the tables of IP packet filter rules in the Linux kernel. IP Table IP chain Command
IP Table • IP Table is contain three types. • Three tables each consists of one or more chains • Filter Table • NAT Table • Mangle Table
Filter Table • Consists of three chains • FORWARD »For packets forwarded from one network interface to another network interface • INPUT »For packets sent to firewall host • OUTPUT »For packets sent by firewall host
NAT Table • NAT – Network Address Translation • PREROUTING »Destination NAT operations • POSTROUTING »Source NAT operations
Mangle Table • Enables the modification of the TOS or the TTL field and used for load balancing when there are multiple firewalls • PREROUTING, OUTPUT chains »Kernel <= 2.4.17 • PREROUTING, INPUT, FOREWARDING, OUTPUT and POSTROUTING chains »Kernel >= 2.4.18
IP Tables Commands • -A , --append Append rule to chain • -D , --delete Delete rule from chain • -I , --insert Insert rule at beginning or at specified sequence number in chain. • -R , --replace Replace rule • -F , --flush Flush all rules • -Z , --zero Zero byte counters in all chains • -L , --list List all rules. Add option --line-numbers for rule number. • -N , --new-chain Create new chain • -X , --delete-chain Delete user defined chain • -P , --policy Set default policy for a chain • -E , --rename-chain Rename a chain
IP Chains • IP Chains Associated with a specific table • A packet can be diverted to a user chain • The packet is returned to the step after it's diversion • Linux IP Firewalling Chains, normally called IP chains, is free software to control the packet filter or firewall capabilities in the 2.2 series of Linux kernels.
IPChains Flow IP Packet checksum sanity DENY Input Chain Route Decision Forward Chain Outpu t Chain ACCEPT Demasquerade DENY DENY Local lo interface
IP Chains Commands • Command Description • -A Add rule to chain • -D Delete rule from chain • -I Insert rule • -R Replace rule • -F Flush all rules • -L List all rules • -N Create new chain • -X Delete user defined chain • -P Set default targe
IP Chains Command • Command Option Description • -s Source address of packet • -d Destination address of packet • -i Interface packet is arriving from • -p Protocol • -j Target to send packet to • -y For -p tcp. Packet is SYN packet. • --icmp-type For -p icmp. • -l Log the packet to syslog. • /var/log/messages Available in Red Hat 6.0+ kernel

More Related Content

PPTX
Advanced Internet of Things firmware engineering with Thingsquare and Contiki...
byAdam Dunkels
 
PPTX
Building the Internet of Things with Thingsquare and Contiki - day 2 part 2
byAdam Dunkels
 
PPTX
Network Layer
byLakshika Rasanjali
 
PPTX
Building day 2 upload Building the Internet of Things with Thingsquare and ...
byAdam Dunkels
 
PPTX
Implementing IPv6 Segment Routing in the Linux kernel
byOlivier Bonaventure
 
PDF
Cef based switching
byIsrael Umana
 
PDF
4. Communication and Network Security
bySam Bowne
 
PPTX
OSPF Configuration
byHafiz Muhammad Attaullah
 
Advanced Internet of Things firmware engineering with Thingsquare and Contiki...
byAdam Dunkels
 
Building the Internet of Things with Thingsquare and Contiki - day 2 part 2
byAdam Dunkels
 
Network Layer
byLakshika Rasanjali
 
Building day 2 upload Building the Internet of Things with Thingsquare and ...
byAdam Dunkels
 
Implementing IPv6 Segment Routing in the Linux kernel
byOlivier Bonaventure
 
Cef based switching
byIsrael Umana
 
4. Communication and Network Security
bySam Bowne
 
OSPF Configuration
byHafiz Muhammad Attaullah
 

What's hot

PPTX
Unleashing the Power of Fabric Orchestrating New Performance Features for SR-...
byLiz Warner
 
PPTX
Advanced Internet of Things firmware engineering with Thingsquare and Contiki...
byAdam Dunkels
 
PPTX
EIGRP, DHCP, OSPF, NAT
byMd. Rakibul Islam
 
PPTX
The Basic Introduction of Open vSwitch
byTe-Yen Liu
 
PDF
Conceptos ipv6, direccionamiento
byEdgardo Scrimaglia
 
PPTX
Part 10 : Routing in IP networks and interdomain routing with BGP
byOlivier Bonaventure
 
PPTX
History of L0phtCrack
bycwysopal
 
PPTX
Building the Internet of Things with Thingsquare and Contiki - day 1, part 2
byAdam Dunkels
 
PDF
Como definir un esquema de direcciones IPv6
byEdgardo Scrimaglia
 
PPTX
computer Netwoks - network layer
bySendhil Kumar
 
PPTX
Making our networking stack truly extensible
byOlivier Bonaventure
 
PPT
Ipx protocol slide share
byMUHAMMED SIDIBEH
 
PDF
L7 64-bit Assembler
bySam Bowne
 
PPTX
Pilot Use Case 3: BoD services over the intercontinental FIBRE infrastructure
byFIBRE Testbed
 
PPT
Link State Protocol
byJignesh Patel
 
PPTX
Sept 2017 boot process
byshahin raj
 
PDF
Mecanismos de transicion pv6
byEdgardo Scrimaglia
 
PDF
Ebpf ovsconf-2016
byCheng-Chun William Tu
 
PPT
Is is
byIrham Nurhalim
 
PPTX
OpenFlow Extensions
byUS-Ignite
 
Unleashing the Power of Fabric Orchestrating New Performance Features for SR-...
byLiz Warner
 
Advanced Internet of Things firmware engineering with Thingsquare and Contiki...
byAdam Dunkels
 
EIGRP, DHCP, OSPF, NAT
byMd. Rakibul Islam
 
The Basic Introduction of Open vSwitch
byTe-Yen Liu
 
Conceptos ipv6, direccionamiento
byEdgardo Scrimaglia
 
Part 10 : Routing in IP networks and interdomain routing with BGP
byOlivier Bonaventure
 
History of L0phtCrack
bycwysopal
 
Building the Internet of Things with Thingsquare and Contiki - day 1, part 2
byAdam Dunkels
 
Como definir un esquema de direcciones IPv6
byEdgardo Scrimaglia
 
computer Netwoks - network layer
bySendhil Kumar
 
Making our networking stack truly extensible
byOlivier Bonaventure
 
Ipx protocol slide share
byMUHAMMED SIDIBEH
 
L7 64-bit Assembler
bySam Bowne
 
Pilot Use Case 3: BoD services over the intercontinental FIBRE infrastructure
byFIBRE Testbed
 
Link State Protocol
byJignesh Patel
 
Sept 2017 boot process
byshahin raj
 
Mecanismos de transicion pv6
byEdgardo Scrimaglia
 
Ebpf ovsconf-2016
byCheng-Chun William Tu
 
Is is
byIrham Nurhalim
 
OpenFlow Extensions
byUS-Ignite
 

Viewers also liked

PPTX
#FluxFlow
byBernardo Najlis
 
PPTX
Telephone system &amp; multiplexing
bygamer007
 
PDF
Clickstream Analysis
byintuitiv.de
 
PDF
Fraud Detection presentation
byHernan Huwyler
 
PPTX
Business intelligence
byRandy L. Archambault
 
PPTX
Market segmentation PPT
byAabhas Rastogi
 
PDF
Business Intelligence Presentation (1/2)
byBernardo Najlis
 
PPTX
Business intelligence ppt
bysujithkylm007
 
#FluxFlow
byBernardo Najlis
 
Telephone system &amp; multiplexing
bygamer007
 
Clickstream Analysis
byintuitiv.de
 
Fraud Detection presentation
byHernan Huwyler
 
Business intelligence
byRandy L. Archambault
 
Market segmentation PPT
byAabhas Rastogi
 
Business Intelligence Presentation (1/2)
byBernardo Najlis
 
Business intelligence ppt
bysujithkylm007
 

Similar to IP routing in linux

PDF
Iptables fundamentals
byram_b17
 
PDF
Firewall Facts
byDAVID RAUDALES
 
PPTX
Iptables the Linux Firewall
bySyed fawad Gillani
 
PDF
IP Tables Ip chains and filetring in system and network administartion
byAlinaGulzar
 
PPTX
IP tables and Filtering
byAisha Talat
 
PPTX
Firewall
bykhalid abdelazim
 
PDF
Iptables Configuration
bystom123
 
PPTX
Ip tables
bynavid ashrafi
 
PDF
Iptables presentation
byEmin Abdul Azeez
 
PPTX
IP Tables And Filtering
bySuperstarRr
 
PPT
Linux Firewall - NullCon Chennai Presentation
byVinoth Sivasubramanan
 
PDF
[2019.01.12] hst iptables 101 to 301
byChia-Hao Tsai
 
PPT
Packet_Filteringfgasdgasdgsagdsgsagasg.ppt
byVerdiFerdiansyah1
 
PPT
Iptables
byleminhvuong
 
PPT
IPTABLES
byTan Huynh Cong
 
PDF
Chapter 6 firewall
bynewbie2019
 
ODP
nftables - the evolution of Linux Firewall
byMarian Marinov
 
PPT
Linux Based Advanced Routing with Firewall and Traffic Control
bysandy_vasan
 
PDF
IPTABLES_linux_Firewall_Administration (1).pdf
bympassword
 
PDF
iptable casestudy by sans.pdf
byAdmin621695
 
Iptables fundamentals
byram_b17
 
Firewall Facts
byDAVID RAUDALES
 
Iptables the Linux Firewall
bySyed fawad Gillani
 
IP Tables Ip chains and filetring in system and network administartion
byAlinaGulzar
 
IP tables and Filtering
byAisha Talat
 
Firewall
bykhalid abdelazim
 
Iptables Configuration
bystom123
 
Ip tables
bynavid ashrafi
 
Iptables presentation
byEmin Abdul Azeez
 
IP Tables And Filtering
bySuperstarRr
 
Linux Firewall - NullCon Chennai Presentation
byVinoth Sivasubramanan
 
[2019.01.12] hst iptables 101 to 301
byChia-Hao Tsai
 
Packet_Filteringfgasdgasdgsagdsgsagasg.ppt
byVerdiFerdiansyah1
 
Iptables
byleminhvuong
 
IPTABLES
byTan Huynh Cong
 
Chapter 6 firewall
bynewbie2019
 
nftables - the evolution of Linux Firewall
byMarian Marinov
 
Linux Based Advanced Routing with Firewall and Traffic Control
bysandy_vasan
 
IPTABLES_linux_Firewall_Administration (1).pdf
bympassword
 
iptable casestudy by sans.pdf
byAdmin621695
 

Recently uploaded

PPTX
Why TPM Succeeds in Some Plants and Struggles in Others | MaintWiz
byMaintWiz Technologies Private Limited
 
PDF
Chemical Hazards at Workplace – Types, Properties & Exposure Routes, CORE-EHS
byCORE EHS
 
PPTX
This Bearing Didn’t Fail Suddenly — How Vibration Data Predicts Failure Month...
byMaintWiz Technologies Private Limited
 
PDF
Computer Graphics Fundamentals (v0p1) - DannyJiang
byDanny Jiang
 
PDF
engineering management chapter 5 ppt presentation
byericaangelatoledo06
 
PDF
Model QP 2025 scheme Q &A- Module 1 and 2.pdf
bySURESHA V
 
PPTX
Unit 1_Importance of modelling(Object oriented concepts).pptx
byVidyaranichougule
 
PDF
Ericsson 6230 Training Module Document.pdf
byMd Bellal Hossain
 
PDF
Module 4 python programming-1BPLCK105B-2025 by Dr.SV.pdf
bySURESHA V
 
PPTX
Batch-1(End Semester) Student Of Shree Durga Tech. PPT.pptx
byrashesw1122s
 
PDF
PROBLEM SLOVING AND PYTHON PROGRAMMING UNIT 3.pdf
byA R SIVANESH M.E., QIP-PG (Cyber Security)., (Ph.D)
 
PPTX
ISO 13485.2016 Awareness's Training material
byPrakashSivan
 
PPTX
Fitting Infiltration Models to Infiltration using Excel (1).pptx
byTomNickoRivera1
 
PPTX
Designing Work for Humans, Not Machines: Human-Centered Maintenance Excellence
byMaintWiz Technologies Private Limited
 
PPTX
uADPF Topology_SFP requirements_locked slides.pptx
byMd Bellal Hossain
 
PPT
Oracle Advanced subquery and types of subquery
bytejaswinikulkarni549
 
PDF
Computer Network Lab Manual ssit -kavya r.pdf or Computer Network Lab Manual ...
bykavya R
 
PDF
Shear Strength of Soil (Direct shear test).pdf
byMahmoodKhalid11
 
PPTX
GET 211- Computing and Software Engineering (1).pptx
byfestusdaniel142
 
PPTX
Introduction to AI and Applications Module-4.pptx
byKalaiselviSubramania2
 
Why TPM Succeeds in Some Plants and Struggles in Others | MaintWiz
byMaintWiz Technologies Private Limited
 
Chemical Hazards at Workplace – Types, Properties & Exposure Routes, CORE-EHS
byCORE EHS
 
This Bearing Didn’t Fail Suddenly — How Vibration Data Predicts Failure Month...
byMaintWiz Technologies Private Limited
 
Computer Graphics Fundamentals (v0p1) - DannyJiang
byDanny Jiang
 
engineering management chapter 5 ppt presentation
byericaangelatoledo06
 
Model QP 2025 scheme Q &A- Module 1 and 2.pdf
bySURESHA V
 
Unit 1_Importance of modelling(Object oriented concepts).pptx
byVidyaranichougule
 
Ericsson 6230 Training Module Document.pdf
byMd Bellal Hossain
 
Module 4 python programming-1BPLCK105B-2025 by Dr.SV.pdf
bySURESHA V
 
Batch-1(End Semester) Student Of Shree Durga Tech. PPT.pptx
byrashesw1122s
 
PROBLEM SLOVING AND PYTHON PROGRAMMING UNIT 3.pdf
byA R SIVANESH M.E., QIP-PG (Cyber Security)., (Ph.D)
 
ISO 13485.2016 Awareness's Training material
byPrakashSivan
 
Fitting Infiltration Models to Infiltration using Excel (1).pptx
byTomNickoRivera1
 
Designing Work for Humans, Not Machines: Human-Centered Maintenance Excellence
byMaintWiz Technologies Private Limited
 
uADPF Topology_SFP requirements_locked slides.pptx
byMd Bellal Hossain
 
Oracle Advanced subquery and types of subquery
bytejaswinikulkarni549
 
Computer Network Lab Manual ssit -kavya r.pdf or Computer Network Lab Manual ...
bykavya R
 
Shear Strength of Soil (Direct shear test).pdf
byMahmoodKhalid11
 
GET 211- Computing and Software Engineering (1).pptx
byfestusdaniel142
 
Introduction to AI and Applications Module-4.pptx
byKalaiselviSubramania2
 

IP routing in linux

  • 1.
    IP Routing inLinux Name:-cyz Class:-TYIF Roll no.:-3415
  • 2.
    Agenda •Routing in Linux IPForwarding Routing Cache Routing table Rule-Based on Routing • IP Table Filter Table NAT Table Mangle Table • IP Chain
  • 3.
    Routing in Linux •IP Forwarding IP forwarding also known as Internet routing is a process used to determine which path a packet or datagram can be sent. Forwarding is implemented in the Linux Kernel a task of the IP layer routing is handled on higher layers routing protocols build on top of transport- layer protocols.
  • 4.
    Routing in Linux(cont.) •Routing Cache The routing cache is also known as the forwarding information base (FIB). The routing cache stores recently used routing entries in a fast and convenient hash lookup table, and is consulted before the routing tables. If the kernel finds a matching entry during route cache lookup, it will forward the packet immediately and stop traversing the routing tables.
  • 5.
    Routing in Linux(cont.) •Routing Table Routing Table are represented by rather complex data structures, which manage entries by using a number of hash tables for different prefix lengths . Each routing table still operates in the traditional and expected fashion.  Linux simply allows you to choose from a number of routing tables, and to traverse routing tables in a user-definable sequence until a matching route is found.
  • 6.
    Routing in Linux(cont.) •Rule-Based on Routing  Rule-based Routing are set of rules is used to select which table should be used for what packets Rules a selector and a type selector chooses .  Routing Rules rule-based routing uses a set of rules to decide searched for a suitable entry to forward a packet .
  • 7.
    IP Table • IPtables is a user-space application program that allows a system administrator to configure the tables provided by the Linux kernel firewall and the chains and rules it stores. • IP table are contain IP chain and IP chain contain commands. • IP Tables is used to set up, maintain, and inspect the tables of IP packet filter rules in the Linux kernel. IP Table IP chain Command
  • 8.
    IP Table • IPTable is contain three types. • Three tables each consists of one or more chains • Filter Table • NAT Table • Mangle Table
  • 9.
    Filter Table • Consistsof three chains • FORWARD »For packets forwarded from one network interface to another network interface • INPUT »For packets sent to firewall host • OUTPUT »For packets sent by firewall host
  • 10.
    NAT Table • NAT– Network Address Translation • PREROUTING »Destination NAT operations • POSTROUTING »Source NAT operations
  • 11.
    Mangle Table • Enablesthe modification of the TOS or the TTL field and used for load balancing when there are multiple firewalls • PREROUTING, OUTPUT chains »Kernel <= 2.4.17 • PREROUTING, INPUT, FOREWARDING, OUTPUT and POSTROUTING chains »Kernel >= 2.4.18
  • 12.
    IP Tables Commands •-A , --append Append rule to chain • -D , --delete Delete rule from chain • -I , --insert Insert rule at beginning or at specified sequence number in chain. • -R , --replace Replace rule • -F , --flush Flush all rules • -Z , --zero Zero byte counters in all chains • -L , --list List all rules. Add option --line-numbers for rule number. • -N , --new-chain Create new chain • -X , --delete-chain Delete user defined chain • -P , --policy Set default policy for a chain • -E , --rename-chain Rename a chain
  • 13.
    IP Chains • IPChains Associated with a specific table • A packet can be diverted to a user chain • The packet is returned to the step after it's diversion • Linux IP Firewalling Chains, normally called IP chains, is free software to control the packet filter or firewall capabilities in the 2.2 series of Linux kernels.
  • 14.
    IPChains Flow IP Packetchecksum sanity DENY Input Chain Route Decision Forward Chain Outpu t Chain ACCEPT Demasquerade DENY DENY Local lo interface
  • 15.
    IP Chains Commands •Command Description • -A Add rule to chain • -D Delete rule from chain • -I Insert rule • -R Replace rule • -F Flush all rules • -L List all rules • -N Create new chain • -X Delete user defined chain • -P Set default targe
  • 16.
    IP Chains Command •Command Option Description • -s Source address of packet • -d Destination address of packet • -i Interface packet is arriving from • -p Protocol • -j Target to send packet to • -y For -p tcp. Packet is SYN packet. • --icmp-type For -p icmp. • -l Log the packet to syslog. • /var/log/messages Available in Red Hat 6.0+ kernel