1
00:00:07,170 --> 00:00:09,420
- So let's talk about routing.

2
00:00:09,420 --> 00:00:11,170
Let's say that this is your server

3
00:00:15,690 --> 00:00:18,370
and this server typically
is connected to a network

4
00:00:20,430 --> 00:00:22,320
but maybe your server is connected

5
00:00:22,320 --> 00:00:23,883
to two different networks.

6
00:00:25,080 --> 00:00:26,020
And right here

7
00:00:29,220 --> 00:00:30,070
there's a router

8
00:00:31,470 --> 00:00:32,620
providing access

9
00:00:33,930 --> 00:00:34,863
to the internet.

10
00:00:37,890 --> 00:00:40,650
Now, how does your server
normally connect to the internet?

11
00:00:40,650 --> 00:00:42,660
Well, if this is the network

12
00:00:42,660 --> 00:00:47,660
let's say 192.168.11.0 slash 24,

13
00:00:48,810 --> 00:00:52,980
then your server needs to note
the IP address of this router

14
00:00:52,980 --> 00:00:56,160
the IP address that it
has on the same network.

15
00:00:56,160 --> 00:01:01,160
So that will be 192.168.11.1 for instance.

16
00:01:01,590 --> 00:01:03,720
And this IP address is going to be set

17
00:01:03,720 --> 00:01:05,190
as the default router.

18
00:01:05,190 --> 00:01:08,760
That means that any packet
that your server generates

19
00:01:08,760 --> 00:01:12,840
which has an IP address that
is not on the local network

20
00:01:12,840 --> 00:01:14,310
will be sent to this IP address.

21
00:01:14,310 --> 00:01:17,400
And this IP address will
forward to the internet.

22
00:01:17,400 --> 00:01:21,030
But, the situation is becoming
a little bit different.

23
00:01:21,030 --> 00:01:24,873
If at the other side there
is some networking as well.

24
00:01:25,860 --> 00:01:28,090
So let's say right here

25
00:01:30,480 --> 00:01:32,460
we have another network.

26
00:01:32,460 --> 00:01:37,460
So maybe your server is
connected to 10.0.0.0 slash 24.

27
00:01:41,100 --> 00:01:46,093
And here we have another
network, 10.9.0.0 slash 24.

28
00:01:47,820 --> 00:01:51,150
Now the thing is that we need to identify

29
00:01:51,150 --> 00:01:53,670
how to get to this specific network

30
00:01:53,670 --> 00:01:56,880
and we need to identify
how to get to this network.

31
00:01:56,880 --> 00:01:58,710
Well, for this network, it's easy.

32
00:01:58,710 --> 00:02:00,570
That's a local route.

33
00:02:00,570 --> 00:02:01,403
For the other network

34
00:02:01,403 --> 00:02:04,380
the 10.9 network, it's not so easy

35
00:02:04,380 --> 00:02:07,500
and we need to create an
entry in the routing table.

36
00:02:07,500 --> 00:02:08,730
How are we going to do that?

37
00:02:08,730 --> 00:02:11,400
Well, by identifying the
IP address of this router

38
00:02:11,400 --> 00:02:13,020
that is going to bring us there.

39
00:02:13,020 --> 00:02:17,940
So 10.0.0.1 might be the IP address.

40
00:02:17,940 --> 00:02:20,550
And then we need to
define the static route.

41
00:02:20,550 --> 00:02:25,550
And the static route
will be 10.9.0.0 slash 24

42
00:02:27,990 --> 00:02:32,990
via 10.0.0.1.

43
00:02:33,150 --> 00:02:36,030
That means that all packets
that have a destination

44
00:02:36,030 --> 00:02:39,900
on the 10.9 network
will be sent to this guy

45
00:02:39,900 --> 00:02:43,170
and this router will make
sure that the packet arrives

46
00:02:43,170 --> 00:02:46,320
at its destination on the other network.

47
00:02:46,320 --> 00:02:49,170
Because if you are going to
send it to the default route

48
00:02:49,170 --> 00:02:51,630
well, you are sending it
in the wrong direction.

49
00:02:51,630 --> 00:02:53,190
So that shouldn't be happening.

50
00:02:53,190 --> 00:02:54,270
And that's what you need to do

51
00:02:54,270 --> 00:02:56,493
in order to configure static routing.

52
00:02:59,280 --> 00:03:00,113
All right,

53
00:03:00,113 --> 00:03:03,930
so let's talk about how we
configure these static routes.

54
00:03:03,930 --> 00:03:06,780
All network nodes are configured
with a default gateway.

55
00:03:06,780 --> 00:03:09,240
That's a standard as you've just seen.

56
00:03:09,240 --> 00:03:10,140
And the default gateway

57
00:03:10,140 --> 00:03:13,830
specifies which node to use
to address external nodes.

58
00:03:13,830 --> 00:03:16,020
So default gateways is simple.

59
00:03:16,020 --> 00:03:18,450
Everything is going to be
sent to the default gateway

60
00:03:18,450 --> 00:03:20,853
default gateway is
taking care of the rest.

61
00:03:22,410 --> 00:03:23,850
To see the default gateway

62
00:03:23,850 --> 00:03:25,893
you can use the ip route show command.

63
00:03:26,730 --> 00:03:29,010
Static routes can be
added to the final route

64
00:03:29,010 --> 00:03:32,280
to a network that is not
behind the default gateway

65
00:03:32,280 --> 00:03:36,270
but as we have seen in the
drawing behind another gateway.

66
00:03:36,270 --> 00:03:38,790
And if you want to add them
in a non-persistent way

67
00:03:38,790 --> 00:03:41,163
you can use the ip route add command.

68
00:03:42,270 --> 00:03:46,538
So that will be a command
like IP route add 192.2.0.0

69
00:03:46,538 --> 00:03:50,130
slash 24 via 10.0.0.10.

70
00:03:50,130 --> 00:03:53,640
That means that 10.0.0.10 needs
to be on the local network

71
00:03:53,640 --> 00:03:55,530
and that is the host that
you are going to address

72
00:03:55,530 --> 00:03:59,223
for all packets that
need to go to 192.2.0.0.

73
00:04:00,060 --> 00:04:03,750
But hey, who cares about
non-persistent static routes?

74
00:04:03,750 --> 00:04:06,780
What you should care about is
the persistent static routes.

75
00:04:06,780 --> 00:04:08,223
So let's talk about those.

76
00:04:09,480 --> 00:04:11,910
On Ubuntu Netplan, static routes are added

77
00:04:11,910 --> 00:04:14,608
as a property of the network
card in the etc Netplan,

78
00:04:14,608 --> 00:04:15,441
whatever dot yaml.

79
00:04:17,880 --> 00:04:22,080
And from there, if you apply
the configuration, the routes

80
00:04:22,080 --> 00:04:24,480
as we can see here, are applied as well.

81
00:04:24,480 --> 00:04:25,410
So it's pretty simple.

82
00:04:25,410 --> 00:04:29,790
You just enter routes to, which
is the destination network

83
00:04:29,790 --> 00:04:32,460
and via, which is the default router

84
00:04:32,460 --> 00:04:33,760
that you are going to use.

85
00:04:35,790 --> 00:04:38,460
On Red Hat, the best way
to add a static route

86
00:04:38,460 --> 00:04:42,060
is by using nmcli connection modify.

87
00:04:42,060 --> 00:04:46,410
That will be a command like
nmcli con modify ens33.

88
00:04:46,410 --> 00:04:47,670
And then you need to be careful

89
00:04:47,670 --> 00:04:51,090
because you need +ipv4.routes.

90
00:04:51,090 --> 00:04:52,500
The plus is adding,

91
00:04:52,500 --> 00:04:56,790
and if you just use ipv4.routes,
nothing is being added.

92
00:04:56,790 --> 00:04:59,190
And then we have the
network and the gateway

93
00:04:59,190 --> 00:05:01,950
all between double quotes.

94
00:05:01,950 --> 00:05:05,190
Don't forget the subnet
mask behind the network

95
00:05:05,190 --> 00:05:06,930
otherwise it won't work.

96
00:05:06,930 --> 00:05:10,920
And alternatively, you can
also use the nmtui utility

97
00:05:10,920 --> 00:05:12,990
to add the static route.

98
00:05:12,990 --> 00:05:14,010
And the result is written

99
00:05:14,010 --> 00:05:16,950
to etc network manager system connections.

100
00:05:16,950 --> 00:05:17,943
Let's check it out.

101
00:05:19,950 --> 00:05:23,580
So let me start with ip route show

102
00:05:23,580 --> 00:05:25,440
where we can see that
there's a default route.

103
00:05:25,440 --> 00:05:27,990
And the default route
is sending all packets

104
00:05:27,990 --> 00:05:30,470
to 192.168.29.2.

105
00:05:31,840 --> 00:05:34,650
Now, ipa is showing that we have

106
00:05:34,650 --> 00:05:38,160
ens33 as a default network connection.

107
00:05:38,160 --> 00:05:38,993
So based on that,

108
00:05:38,993 --> 00:05:43,623
I can use nmcli connection
modify on ens33,

109
00:05:48,570 --> 00:05:51,910
followed by +ipv4.routes

110
00:05:52,980 --> 00:05:56,200
followed by the name of the network

111
00:05:57,690 --> 00:05:59,170
and the default gateway

112
00:06:01,170 --> 00:06:04,683
and the router that we need to
use to address that network.

113
00:06:05,640 --> 00:06:07,920
So that's going to be all.

114
00:06:07,920 --> 00:06:12,920
And do we see that? ip route show?

115
00:06:13,290 --> 00:06:15,660
Well, we don't see it because
it has just been added

116
00:06:15,660 --> 00:06:19,277
to the network cards, and
we need nmcli connection

117
00:06:22,170 --> 00:06:27,170
down on ens33 and up again
to activate the changes.

118
00:06:30,540 --> 00:06:35,540
And now ip route show is
showing the new route.

119
00:06:36,720 --> 00:06:41,130
That's the one going via 29.50.

120
00:06:41,130 --> 00:06:43,410
Now this configuration is written

121
00:06:43,410 --> 00:06:48,410
to etc Network Manager system-connections.

122
00:06:48,720 --> 00:06:50,970
You should notice that
the default location

123
00:06:50,970 --> 00:06:53,760
for these configuration files has changed.

124
00:06:53,760 --> 00:06:56,520
On recent Red Hat, it's
etc network manager.

125
00:06:56,520 --> 00:07:01,520
On old Red Hat, it is etc
sys-config network dash scripts.

126
00:07:01,950 --> 00:07:05,730
Here we can see the configuration
ens33 nm connection.

127
00:07:05,730 --> 00:07:06,910
And if you look at that

128
00:07:07,770 --> 00:07:12,483
then you can see that all the
configuration is right there.

129
00:07:13,650 --> 00:07:16,110
As you can see the connection parameters.

130
00:07:16,110 --> 00:07:19,020
And here we have the
route that was just added.

131
00:07:19,020 --> 00:07:19,853
So that's all.

132
00:07:19,853 --> 00:07:21,903
That's how you add static routes.