Accurate Routing Rules for better Connectivity and Security

Hello Everyone,

I am here with the documentation to write accurate routing rules based on our requirements.

In this article, I am going to show how you can write accurate routing rules fro better connectivity and security with a task

Task Description:

🔰 There are 3 Instances named System A, System B, and System C

🔰 Create a network Topology Setup in such a way so that System A can ping to two Systems, System B and System C but both these systems should not be pinging each other without using any security rule [firewall | Security Group Rule]

• We can achieve this requirement by adjusting the routes in the server routing table.
• In Linux, we have a route command to modify the routing table. I'm going to use the route command here

The default Routing Rules are

• The following command sow the routing rules in the Routing Table

route  -n          

System A:

System B:

System C:

• Caution ⚠ : Don't remove this route [0.0.0.0] directly if you are working on a remote host you can't control the remote host anymore. Check my next article/Post for the solution to recover remote host if you accidentally deleted that 0.0.0.0
• Let's add a routing rule for the Local Machine to be connected with the Remote hosts. Run the same command in all the 3 Systems

route add  -net [Public IP of your local Machine]  gw  [gateway of Remote Machine]  netmask  255.255.255.255  [NetworkInterfaceName]        

• I found the public IP of my local Machine It's 157.48.203.83 and It's in the range of 157.48.94.0 /24 so I added the netmask as 255.255.255.0. We can further narrow down the rule for a particular host with the IP address and 255.255.255.255

• Now we can delete the rule 0.0.0.0. Our screen won't pause

route del  -net  0.0.0.0        

• We can't connect with any network cause we delete the route to delete anywhere in the world.

Add routes to connect with System B and System C in System A

• Get the public IP of System B

route add  -net <Public IP of B> gw <Gateway of A> netmask 255.255.255.255 <Network Card Name>        

• Get the public IP of System C

route add  -net <Public IP of C> gw <Gateway of A> netmask 255.255.255.255 <Network Card Name>        

Let's Check the Result

System A can Ping to B and C :

System B can't connect to System C

System C can't connect to System B

Thankyou