8

I am trying to understand what is the local routing table.

If I add a random address in it with the following command:

sudo ip route add to local <any-ip-address> dev <network interface>

Now I can ping this address, but no interface listed by ifconfig uses this address.

Example:

$ ping 192.168.22.22 -w 1
PING 192.168.22.22 (192.168.22.22) 56(84) bytes of data.

--- 192.168.22.22 ping statistics ---
1 packets transmitted, 0 received, 100% packet loss, time 0ms

$ sudo ip route add to local 192.168.22.22 dev wlp2s0
$ ping 192.168.22.22 -w 1
PING 192.168.22.22 (192.168.22.22) 56(84) bytes of data.
64 bytes from 192.168.22.22: icmp_seq=1 ttl=64 time=0.018 ms
64 bytes from 192.168.22.22: icmp_seq=2 ttl=64 time=0.015 ms

--- 192.168.22.22 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 999ms
rtt min/avg/max/mdev = 0.015/0.016/0.018/0.004 ms

It feels that it works as a loopback, but from ifconfig, the lo interface still has only the 127.0.0.1 address. If I check this table ip route ls table local I see the following:

$ ip route ls table local
broadcast 127.0.0.0 dev lo  proto kernel  scope link  src 127.0.0.1
local 127.0.0.0/8 dev lo  proto kernel  scope host  src 127.0.0.1
local 127.0.0.1 dev lo  proto kernel  scope host  src 127.0.0.1
broadcast 127.255.255.255 dev lo  proto kernel  scope link  src 127.0.0.1
broadcast 192.168.0.0 dev wlp2s0  proto kernel  scope link  src 192.168.0.13
local 192.168.0.13 dev wlp2s0  proto kernel  scope host  src 192.168.0.13
broadcast 192.168.0.255 dev wlp2s0  proto kernel  scope link  src 192.168.0.13
local 192.168.22.22 dev wlp2s0  scope host
broadcast 192.168.122.0 dev virbr0  proto kernel  scope link  src 192.168.122.1
local 192.168.122.1 dev virbr0  proto kernel  scope host  src 192.168.122.1
broadcast 192.168.122.255 dev virbr0  proto kernel  scope link  src 192.168.122.1

So what is the local table and in witch scenario should I use it?

I read somewhere that it is for broadcast and addresses hosted by the local machine but I don't understand why do we need a special table for it and when should I add any entry to this table.

Thanks

poige
  • 9,171
  • 2
  • 24
  • 50
Lilás
  • 213
  • 1
  • 3
  • 5

3 Answers3

8

First of all as some available on internet info explains "The local table is a special routing table maintained by the kernel".

If you feeling really brave today you can even get some bits of information locally, here's how:

man ip -- since that was the command you've been tinkering with it makes sense to expect its manual should have some hints on the matter. You should clearly observe now there're so-called SEE ALSO section. Let's look into it attentively -- among other things it shamelessly mentions 2 possible candidates for further inquiry in regards:

  1. ip-route(8)
  2. ip-rule(8)

All in all we have now somewhat:

man 8 ip-route's:

local - the destinations are assigned to this host. The packets are looped back and delivered locally.

Actually, one other table always exists, which is invisible but even more important. It is the local table (ID 255). This table consists of routes for local and broadcast addresses. The kernel maintains this table automatically and the administrator usually need not modify it or even look at it.

man 8 ip-rule's:

At startup time the kernel configures the default RPDB consisting of three rules:

  1. Priority: 0, Selector: match anything, Action: lookup routing table local (ID 255). The local table is a special routing table containing high priority control routes for local and broadcast addresses.

I personally feel satisfied with the info some authors put into cited manuals but if you're still hungry I guess now you know how to fish.

poige
  • 9,171
  • 2
  • 24
  • 50
  • 1
    Thanks, I was also wondering in which use case scenario the local table could be used by an application – Lilás May 20 '17 at 15:28
  • "The kernel maintains this table automatically and the administrator usually need not modify it or even look at it." © – poige May 20 '17 at 15:43
  • @Lilás I believe the confusion stems from the assumption that "Local" routing table is used for routing packets originating from the userland, which obviously is not the case as the answer points out. Infact it is the top priority table for any routing. – Madhuchhanda Mandal Jul 11 '20 at 17:06
3

poige's answer covers that the local routing table is 1) special, 2)highest priority and 3) is maintained by the kernel, but it doesn't answer the question "What is the local routing table used for?", which I will try to explain.

Local loopbacks

local 127.0.0.0/8 dev lo  proto kernel  scope host  src 127.0.0.1
local 127.0.0.1 dev lo  proto kernel  scope host  src 127.0.0.1

These routes specify that any address in the 127.*.*.* space will point back to the machine. The 127.*.*.* space is specially designated in the IETF spec to always be loopback addresses. To understand why 127.0.0.0/8 maps to 127.*.*.*, you have to understand CIDR notation if you are not already familiar with it.

127.0.0.0/8 - This block is assigned for use as the Internet host loopback address. A datagram sent by a higher-level protocol to an
address anywhere within this block loops back inside the host. This
is ordinarily implemented using only 127.0.0.1/32 for loopback. As
described in [RFC1122], Section 3.2.1.3, addresses within the entire 127.0.0.0/8 block do not legitimately appear on any network anywhere.

Broadcasts

broadcast 127.0.0.0 dev lo  proto kernel  scope link  src 127.0.0.1
broadcast 127.255.255.255 dev lo  proto kernel  scope link  src 127.0.0.1
broadcast 192.168.0.0 dev wlp2s0  proto kernel  scope link  src 192.168.0.13
broadcast 192.168.0.255 dev wlp2s0  proto kernel  scope link  src 192.168.0.13
broadcast 192.168.122.0 dev virbr0  proto kernel  scope link  src 192.168.122.1
broadcast 192.168.122.255 dev virbr0  proto kernel  scope link  src 192.168.122.1

Typically, a packet is sent to a single destination IP. However, there are times where it is useful to send the same packet to a block of IPs of a subnet (for example, your computer could send a special packet to all the addresses within your router subnet to discover network printers, which respond to the special packet). A broadcast address is a special address that functions like sending to all addresses in the subnet. Conventionally, these are usually the first and last address in the subnet.

Local routes in different subnets

local 192.168.0.13 dev wlp2s0  proto kernel  scope host  src 192.168.0.13
local 192.168.122.1 dev virbr0  proto kernel  scope host  src 192.168.122.1

Lastly, the remaining addresses are the machine's address on each of these subnets. For example, a device (192.168.0.14) on the 192.168.0.0/24 subnet would reach your machine by sending packets to 192.168.0.13.

User defined

local 192.168.22.22 dev wlp2s0  scope host

This is the last route that's not accounted for, which I assume was added manually by you.

Wesley
  • 131
  • 2
2

The local routing table allow the system to route to the appropriate interface to reach an address. Routes are selected using the most specific (smallest subnet) route. However, you testing routes handled by loopback address.

Ping is responded to at the interface level, and does not require a listening process. when pinging an address which is assigned to an interface on the host, the network short-circuits routing to the loop-back interface. Routing to the loopback interface prevents remote servers from snooping the traffic. As you have assigned the route to a local interace, ping will be responed to by the loopback interface.

Normally you the routing table will have the following routes:

  • default (0.0.0.0/0): The route to the router which will route traffic to otherwise unknown addresses. This is the route used to connect to the internet. This should route directly to a router, although there are ways to route indirectly by specifying an intermediate router.

  • 192.0.2.0/24: (Optional, only useful with multiple interfaces) Where 192.0.2.0 is the network address for a remote subnet, and /24 is the size of the nework. Again this will route to a router. This is only required if the route is routed by router other than the router for the enclosing subnet

  • 192.0.2.0/24: (Standard). values as described above) Provides a route to the attached network. The interface's IP address must be in the subnet. This routes to the router servicing the subnet. However, connections to other hosts in subnet will be routed directly unless overridden by a more specific route.

  • 127.0.0.1/8: (Standard). This is the loopback address attached to the loopback psuedo-interface. These addresses should never be seen on a real interface.

There are other specialized routes such a point-to-point and blackhole. These are rarely used.

BillThor
  • 27,354
  • 3
  • 35
  • 69
  • you're completely missing the point here – poige May 20 '17 at 01:07
  • @poige I've clarified the first paragraph, which leads to the second paragraph. The questioner is not testing the local routing table. – BillThor May 20 '17 at 01:10
  • still wrong. It looks like you're not familiar with Linux routing – poige May 20 '17 at 01:12
  • @poige I am very familiar with routing and have used it to perform a number of tricks. The questioner is pinging the loopback interface due to his routing entries. – BillThor May 20 '17 at 01:14
  • Well, if so, why did you mention `192.0.2.0/24`, *etc*, for e. g.? This is completely unrelated to the matter – poige May 20 '17 at 01:15
  • @poige Becaue the questioner wanted to know the use of the local routing table. His tests just don't work. – BillThor May 20 '17 at 01:16
  • `local` routing table isn't related in a way to `192.0.2.0`. You're messing things up – poige May 20 '17 at 01:18
  • @poige 192.0.2.0 is a subnet set aside for documentation. In a real case it would be replaced with a real address.such as 10.4.0.0/10 or 10.0.0.0./24 – BillThor May 20 '17 at 01:20
  • Anyway, there's no purpose to mention it. It just clutters the answer and isn't any helpful. – poige May 20 '17 at 01:21
  • 2
    Thanks you all for your reply. My question doesn't concern what is routing or a loopback interface, in Linux there are some predefined routing tables (local, main, default, unspec, see http://linux-ip.net/html/routing-tables.html) and the question refers to the local table in Linux, what it is and for what it is used. – Lilás May 20 '17 at 15:34