Network setup which will be able to ping GOOGLE but not FACEBOOK over the same system.
Networking : Networking refers to the total process of creating and using computer networks, with respect to hardware, protocols and software, including wired and wireless technology.
For connecting any device over network one should must have good knowledge of routing table and then only you can put your hands into networking else, there are many myths in the markets for networking concepts.
Here, we are goin to create a small setup which will allow us to ping Google but not facebook by manipulating our system’s routing table.
Routing table : In computer networking a routing table or routing information base (RIB), is a data table stored in a router or a network host that lists the routes to particular network destinations. The routing table contains information about the topology of the network immediately around it.
We have a command [route -n] to check the routing table of my RedHat Linux system.
Basically, routing table consists of several rules as per our systems need
stating that to which destination IP our system will be able to generate packets and will be able to ping (i.e able to get the response back).
Now, What is the difference between being able to genrate network packets and being able to ping?
To explain in simplest way…
When the destination IP falls in the range of source IP then only the system will generate network packets though it will not be able to ping as the destination IP may not belong to the same network .
So, to ping an IP which does not belongs to same network we need a router.
Now, the question arises that how should we determine whether the IP belongs from same network or different network?
We can determine this with the help of netmask of the system.
Without deep diving into the concept and working of netmask, I would like to
tell you that with netmask you can know the exact and accurate network name whether it belongs from same network or different .
Yet there is also some classes concept (Class A, Class B, Class C) in networking for doing so but it’s not much accurate.
Moving towards the network setup you will learn some more networking concepts.
As in image 1, the routing table has a destination IP 0.0.0.0 with respective gateway and netmask IP which states that the source can generate network packets and able to ping any destination IP across the globe.
In the image 2 shown below, as the routing table has destination IP 0.0.0.0 , we are able to ping to Google as well as Facebook from the same system.
But we want to put some constraints for the system such that the source IP should be able to generate network packets or ping to some specific destination IP’s only.
So, lets delete the rule which allows to ping all destination IP’s
by using command [route del -net 0.0.0.0] as shown in image 3 below.
NOTE: If we don’t delete the rule we will not be able to put a constraint
for the routing table. After this we can set the rules according to us in the routing table .Later on you can add this rule again.
Now, if we try to ping Google public DNS IP 126.96.36.199. it shows that the network is unreachable as there is no rule in the routing table stating the network range under which the Google DNS IP comes. (image 4)
Now, we will add a rule to the routing table which allows to generate network packets for the the Google public DNS IP 188.8.131.52. (shown in image 5 )
For this we have to set the destination IP as 184.108.40.206 as the Google public DNS
IP 220.127.116.11 comes under the network range 18.104.22.168 — 22.214.171.124 and will allow the system to generate network packets.
Now if you try to ping Google public DNS IP 126.96.36.199. you can see that the network packet are getting generated but not able to ping, showing Destination Host Unreachable (image 6).
This is because there is no rule in the routing table which states the
Router/Gateway IP as the system IP and Google DNS IP both belongs to two different networks.
Now to find the Gateway IP of your router use the command given below.
[grep “nameserver” /etc/resolv.conf]
From the above image we can see that 192.168.43.1 is our Gateway IP.
Now we will set the rule stating the Gateway IP of your router with the desired destination IP and netmask. Use command:
[route add -net 188.8.131.52 netmask 255.255.255.0 gw 192.168.43.1 (network_card_name) ]
Now if we try to ping, are able to ping Google DNS IP 184.108.40.206 successfully as shown in image 9.
Now the requirement is that the system IP should not be able to ping to Facebook.
To get the public DNS IP of any website use following command (shown in image 10) :
[dig +short www.facebook.com]
Now, when we try to ping Facebook DNS IP 220.127.116.11 it states that network is unreachable, as there is no rule in the routing table stating the network range under which the Facebook DNS IP comes (image 11).
Now, we will add a rule in the routing table which will allow the system to generate network packets for Facebook DNS IP by stating its network range and netmask (image 12).
[route add -net 18.104.22.168 netmask 255.255.255.0 (network_card_name)]
Now in image 113, you will notice that in the command we have not used the gateway option (gw) to add Gateway IP as we did in the case of Google.
This means that the Source IP will be able to generate network packets but will not be able to ping as the gateway IP was not specified and hence, two different networks cannot ping.
As shown earlier the system was able to ping Google as well as Facebook but now it can only ping Google. This completes our network setup.