Previously, we learned about IPv6 routing[1]. Now we continue to delve into the basics of IPv4 routing in Linux. We will start with an overview of hardware, the operating system, and the basics of IPv4 addresses, and next week we will continue learning how to configure them and test routing.
LAN Router Hardware
Linux is actually a network operating system, and it has always had built-in network capabilities from the very beginning. Building a LAN router is much simpler than building a gateway router to connect your LAN to the internet. You shouldn’t be overly obsessed with security or firewall rules; handling Network Address Translation (NAT) can still be quite complex, and NAT is a pain point of IPv4. Why not abandon IPv4 and switch to IPv6? This would make the work of network administrators much easier.
Getting a bit off-topic. Theoretically, your Linux router is a small machine with at least two network interfaces. Linux Gizmos has a large list of single-board computers: 98 open-spec, hacker-friendly SBCs[2]. You can use an old laptop or desktop computer. You can also use a compact computer like the ZaReason Zini or System76 Meerkat, although these are a bit pricey, costing around $600. However, they are sturdy and reliable, and you won’t waste money on a Windows license.
If the requirements for the router are not high, using a Raspberry Pi 3 Model B as a router is a very good choice. It has a 10/100 Ethernet port, an onboard 2.4GHz 802.11n wireless card, and it also has four USB ports, allowing you to plug in multiple USB network cards. The USB 2.0 and low-speed onboard network cards may bottleneck the Raspberry Pi on your network, but you can’t expect too much from it (after all, it only costs $35, and it has no storage or power supply). It supports many styles of Linux, so you can choose to use your favorite version. The Debian-based Raspberry Pi is my favorite.
Operating System
You can install a simplified version of your favorite Linux on your chosen hardware because custom router operating systems, such as OpenWRT, Tomato, DD-WRT, Smoothwall, Pfsense, etc., all have their own non-standard interfaces. My point is that there is no need to complicate things; they don’t help you much. Try to use standard Linux tools because you only need to learn them once.
The network installation image for Debian is about 300MB in size and supports multiple architectures, including ARM, i386, amd64, and armhf. The server network installation image for Ubuntu is also less than 50MB, so you can control which packages you want to install. Fedora, Mageia, and openSUSE also provide streamlined network installation images. If you need inspiration, you can browse Distrowatch[3].
What Can a Router Do?
What do we need a network router for? A router connects different networks. Without routing, each network is isolated from one another, and all the sadness and loneliness cannot be shared with anyone; all nodes can only age alone. Suppose you have a 192.168.1.0/24 and a 192.168.2.0/24 network. Without a router, your two networks cannot communicate with each other. These are Class C private addresses, each with 254 available network addresses. Using ipcalc can easily give you this information:
$ ipcalc 192.168.1.0/24
Address: 192.168.1.0 11000000.10101000.00000001. 00000000
Netmask: 255.255.255.0 = 24 11111111.11111111.11111111. 00000000
Wildcard: 0.0.0.255 00000000.00000000.00000000. 11111111
=>
Network: 192.168.1.0/24 11000000.10101000.00000001. 00000000
HostMin: 192.168.1.1 11000000.10101000.00000001. 00000001
HostMax: 192.168.1.254 11000000.10101000.00000001. 11111110
Broadcast: 192.168.1.255 11000000.10101000.00000001. 11111111
Hosts/Net: 254 Class C, Private Internet
I like the binary output information of ipcalc because it visually represents how the mask works. The first three octets represent the network address, and the fourth octet is the host address. Therefore, when you assign host addresses, you will “cover” the network address part and only use the remaining host part. Your two networks have different network addresses, which is why they cannot communicate without a router.
Each octet has a total of 256 bytes, but they do not provide 256 host addresses because the first and last values, 0 and 255, are reserved. 0 is the network identifier, and 255 is the broadcast address, so there are only 254 host addresses. ipcalc can help you easily calculate these.
Of course, this does not mean you cannot have a host address ending in 0 or 255. Suppose you have a 16-bit prefix:
$ ipcalc 192.168.0.0/16
Address: 192.168.0.0 11000000.10101000. 00000000.00000000
Netmask: 255.255.0.0 = 16 11111111.11111111.00000000.00000000
Wildcard: 0.0.255.255 00000000.00000000.11111111.11111111
=>
Network: 192.168.0.0/16 11000000.10101000.00000000.00000000
HostMin: 192.168.0.1 11000000.10101000.00000000.00000001
HostMax: 192.168.255.254 11000000.10101000.11111111.11111110
Broadcast: 192.168.255.255 11000000.10101000.11111111.11111111
Hosts/Net: 65534 Class C, Private Internet
ipcalc lists your first and last host addresses, which are 192.168.0.1 and 192.168.255.254. You can have host addresses ending in 0 or 255, such as 192.168.1.0 and 192.168.0.255, because they fall between the minimum and maximum host addresses.
No matter whether your address block is private or public, this principle applies equally. Don’t hesitate to use ipcalc to help you calculate addresses.
CIDR
CIDR (Classless Inter-Domain Routing) extends IPv4 with variable-length subnet masks. CIDR allows for finer segmentation of network space. We will use ipcalc to demonstrate:
$ ipcalc 192.168.1.0/22
Address: 192.168.1.0 11000000.10101000.000000 01.00000000
Netmask: 255.255.252.0 = 22 11111111.11111111.111111 00.00000000
Wildcard: 0.0.3.255 00000000.00000000.000000 11.11111111
=>
Network: 192.168.0.0/22 11000000.10101000.000000 00.00000000
HostMin: 192.168.0.1 11000000.10101000.000000 00.00000001
HostMax: 192.168.3.254 11000000.10101000.000000 11.11111110
Broadcast: 192.168.3.255 11000000.10101000.000000 11.11111111
Hosts/Net: 1022 Class C, Private Internet
The network mask is not limited to an entire octet; it can span the third and fourth octets, and the subnet portion can range from 0 to 3, rather than strictly from 0 to 255. The number of available host addresses is not necessarily a multiple of 8, as it is defined by the entire octet.
I’ll leave you with homework to review how CIDR and IPv4 address space are allocated among public, private, and reserved blocks; this homework will help you better understand routing. Once you master the relevant knowledge of addresses, configuring routers will no longer be a complex task.
Start with Understanding IP Addresses and CIDR Charts[4], IPv4 Private Address Space and Filtering[5], and IANA IPv4 Address Space Registration[6]. Next, we will learn how to create and manage routers.
Learn more about Linux through the free course “Linux Introduction”[7] from the Linux Foundation and edX.
via: https://www.linux.com/learn/intro-to-linux/2018/2/linux-lan-routing-beginners-part-1
Author: Carla Schroder[9] Translator: qhwdw Proofreader: wxy
This article is originally compiled by LCTT and honorably published by Linux China