What is the local routing table used for?
I am trying to understand what is the local routing table.
If I add a random address in it with the following command:
sudo ip route add to local <any-ip-address> dev <network interface>
Now I can ping this address, but no interface listed by ifconfig uses this address.
Example:
$ ping 192.168.22.22 -w 1
PING 192.168.22.22 (192.168.22.22) 56(84) bytes of data.
--- 192.168.22.22 ping statistics ---
1 packets transmitted, 0 received, 100% packet loss, time 0ms
$ sudo ip route add to local 192.168.22.22 dev wlp2s0
$ ping 192.168.22.22 -w 1
PING 192.168.22.22 (192.168.22.22) 56(84) bytes of data.
64 bytes from 192.168.22.22: icmp_seq=1 ttl=64 time=0.018 ms
64 bytes from 192.168.22.22: icmp_seq=2 ttl=64 time=0.015 ms
--- 192.168.22.22 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 999ms
rtt min/avg/max/mdev = 0.015/0.016/0.018/0.004 ms
It feels that it works as a loopback, but from ifconfig, the lo interface still has only the 127.0.0.1 address. If I check this table ip route ls table local
I see the following:
$ ip route ls table local
broadcast 127.0.0.0 dev lo proto kernel scope link src 127.0.0.1
local 127.0.0.0/8 dev lo proto kernel scope host src 127.0.0.1
local 127.0.0.1 dev lo proto kernel scope host src 127.0.0.1
broadcast 127.255.255.255 dev lo proto kernel scope link src 127.0.0.1
broadcast 192.168.0.0 dev wlp2s0 proto kernel scope link src 192.168.0.13
local 192.168.0.13 dev wlp2s0 proto kernel scope host src 192.168.0.13
broadcast 192.168.0.255 dev wlp2s0 proto kernel scope link src 192.168.0.13
local 192.168.22.22 dev wlp2s0 scope host
broadcast 192.168.122.0 dev virbr0 proto kernel scope link src 192.168.122.1
local 192.168.122.1 dev virbr0 proto kernel scope host src 192.168.122.1
broadcast 192.168.122.255 dev virbr0 proto kernel scope link src 192.168.122.1
So what is the local table and in witch scenario should I use it?
I read somewhere that it is for broadcast and addresses hosted by the local machine but I don't understand why do we need a special table for it and when should I add any entry to this table.
Thanks
Solution 1:
First of all as some available on internet info explains "The local table is a special routing table maintained by the kernel".
If you feeling really brave today you can even get some bits of information locally, here's how:
man ip
-- since that was the command you've been tinkering with it makes sense to expect its manual should have some hints on the matter. You should clearly observe now there're so-called SEE ALSO section. Let's look into it attentively -- among other things it shamelessly mentions 2 possible candidates for further inquiry in regards:
ip-route(8)
ip-rule(8)
All in all we have now somewhat:
man 8 ip-route
's:
local
- the destinations are assigned to this host. The packets are looped back and delivered locally.
…
Actually, one other table always exists, which is invisible but even more important. It is the
local
table (ID 255
). This table consists of routes for local and broadcast addresses. The kernel maintains this table automatically and the administrator usually need not modify it or even look at it.
man 8 ip-rule
's:
At startup time the kernel configures the default RPDB consisting of three rules:
- Priority: 0, Selector: match anything, Action: lookup routing table
local
(ID 255
). Thelocal
table is a special routing table containing high priority control routes for local and broadcast addresses.
I personally feel satisfied with the info some authors put into cited manuals but if you're still hungry I guess now you know how to fish.
Solution 2:
The local routing table allow the system to route to the appropriate interface to reach an address. Routes are selected using the most specific (smallest subnet) route. However, you testing routes handled by loopback address.
Ping is responded to at the interface level, and does not require a listening process. when pinging an address which is assigned to an interface on the host, the network short-circuits routing to the loop-back interface. Routing to the loopback interface prevents remote servers from snooping the traffic. As you have assigned the route to a local interace, ping will be responed to by the loopback interface.
Normally you the routing table will have the following routes:
default (0.0.0.0/0): The route to the router which will route traffic to otherwise unknown addresses. This is the route used to connect to the internet. This should route directly to a router, although there are ways to route indirectly by specifying an intermediate router.
192.0.2.0/24: (Optional, only useful with multiple interfaces) Where 192.0.2.0 is the network address for a remote subnet, and /24 is the size of the nework. Again this will route to a router. This is only required if the route is routed by router other than the router for the enclosing subnet
192.0.2.0/24: (Standard). values as described above) Provides a route to the attached network. The interface's IP address must be in the subnet. This routes to the router servicing the subnet. However, connections to other hosts in subnet will be routed directly unless overridden by a more specific route.
127.0.0.1/8: (Standard). This is the loopback address attached to the loopback psuedo-interface. These addresses should never be seen on a real interface.
There are other specialized routes such a point-to-point and blackhole. These are rarely used.
Solution 3:
poige's answer covers that the local routing table is 1) special, 2)highest priority and 3) is maintained by the kernel, but it doesn't answer the question "What is the local routing table used for?", which I will try to explain.
Local loopbacks
local 127.0.0.0/8 dev lo proto kernel scope host src 127.0.0.1
local 127.0.0.1 dev lo proto kernel scope host src 127.0.0.1
These routes specify that any address in the 127.*.*.*
space will point back to the machine. The 127.*.*.*
space is specially designated in the IETF spec to always be loopback addresses. To understand why 127.0.0.0/8 maps to 127.*.*.*
, you have to understand CIDR notation if you are not already familiar with it.
127.0.0.0/8 - This block is assigned for use as the Internet host loopback address. A datagram sent by a higher-level protocol to an
address anywhere within this block loops back inside the host. This
is ordinarily implemented using only 127.0.0.1/32 for loopback. As
described in [RFC1122], Section 3.2.1.3, addresses within the entire 127.0.0.0/8 block do not legitimately appear on any network anywhere.
Broadcasts
broadcast 127.0.0.0 dev lo proto kernel scope link src 127.0.0.1
broadcast 127.255.255.255 dev lo proto kernel scope link src 127.0.0.1
broadcast 192.168.0.0 dev wlp2s0 proto kernel scope link src 192.168.0.13
broadcast 192.168.0.255 dev wlp2s0 proto kernel scope link src 192.168.0.13
broadcast 192.168.122.0 dev virbr0 proto kernel scope link src 192.168.122.1
broadcast 192.168.122.255 dev virbr0 proto kernel scope link src 192.168.122.1
Typically, a packet is sent to a single destination IP. However, there are times where it is useful to send the same packet to a block of IPs of a subnet (for example, your computer could send a special packet to all the addresses within your router subnet to discover network printers, which respond to the special packet). A broadcast address is a special address that functions like sending to all addresses in the subnet. Conventionally, these are usually the first and last address in the subnet.
Local routes in different subnets
local 192.168.0.13 dev wlp2s0 proto kernel scope host src 192.168.0.13
local 192.168.122.1 dev virbr0 proto kernel scope host src 192.168.122.1
Lastly, the remaining addresses are the machine's address on each of these subnets. For example, a device (192.168.0.14) on the 192.168.0.0/24 subnet would reach your machine by sending packets to 192.168.0.13.
User defined
local 192.168.22.22 dev wlp2s0 scope host
This is the last route that's not accounted for, which I assume was added manually by you.