Connect to a particular public server you want and restrict others!!
Creating packets and sending them over internet is very critical for security reasons. We might want to establish a connection to Google but not to Facebook. Is it even possible as both the services are publicly accessible?…..Yes it is!!
Just go through this article, you can also make it happen and create a private connection to one of the server you want.
🎗Let’s take a real life example to make it relatable easily. Indian mobile numbers provided by ISP’s are of 10 digits. To make contact to each other, every phone number has to be unique. ISP(Internet service provider) provides the mobile numbers starting from certain fixed digits.
🎗So if both the numbers belong to same ISP(Airtel-to-Airtel),then these can directly can make contact to each other. But if numbers of different ISP (Airtel-to-Jio)want to contact then a router is needed in between. Router is just like an OS ,which contains RAM/CPU,N/w card. One side of router should have same initial digits as provided by Airtel. Other side should have same initial digits as provided by Jio. Now let’s relate this to actual systems b/w which we want to establish the connection.
Basics:
- To establish a connection b/w the operating systems, they should have: Network card with different IP address, physical connectivity.
- If IP addresses belong to same N/w name or range then connection can be made using switch. All the systems which lie within the same n/w constitutes a Local Area Network(LAN).
- If IP addresses belong to different N/w name or range then connection can be made using router.
- N/w name can be only decided using netmask.
✔This is how a N/W name is decided.
🎗 So the systems belonging to same N/W can be connected to a switch, and then this switch can connect to the router. One side of router should have IP which belongs to the same N/W name as of the hosts in a LAN.(ex:192.168.1.1) because switch treats router as a part of the LAN.
🎗Similarly other side of router should have IP as same as the N/W name of its LAN.(ex: 8.8.8.1).
OS used: RHEL8
🎗To make connection between systems of different n/w, router is required. Even if we put router in between(our system and 8.8.8.8),then also one system can’t connect to other system of different range until range-8.8.8.8 lies in range of our system. Routing table is the one which decides whether our system can create packet to communicate to 8.8.8.8,etc. Routing table contains the rules of destination, netmask and router.
Good to go!!
“We want that our system should be able to make connection to Google’s server(8.8.8.8) but not to Facebook’s server(69.171.250.35)”.
To be able to make connection to 8.8.8.8, we need to use a router in between. N/W name of google should be in range of the system from which we want to make connection. So we have to add the rule in the routing table of our system.
By default, our system can connect to all(Destination: 0.0.0.0) the public servers which are available.We need to delete this rule.
route -n #see routing table
route del -net 0.0.0.0 #delete a rule
route add -net 8.8.8.0 netmask 255.255.255 enp0s3 #add a rule
- 8.8.8.0: N/w name for google’s server range
- Netmask: 255.255.255.0
- enp0s3: N/w card name
- Router is also known as Gateway.
🎗Now we can create the packets but now also we can’t get back the reply from 8.8.8.8.This is because our system knows the range/rule we have written in our routing table so our system can create the packet. We have to tell our system the IP of router(192.168.1.1) to which our system will go, as our computer doesn’t know the router.
route add -net 8.8.8.0 netmask 255.255.255.0 gw 192.168.1.1 enp0s3 #add router’s IP address
Yay!! now our system can ping to google as now it knows the router’s IP.
“Here we go! so we can send packets to google but not to Facebook and this is what we wanted”
🎗Feel free to ask if you have any doubt in any of the concepts: LinkedIn 🎗