equivalent of cisco no ip classless command on Linux

Message

inhibitor · Post by **inhibitor** » Tue Apr 08, 2014 2:09 pm

Hello guys ,

Can somebody tell me how can I get similar behavior as do following Cisco command on Linux ?

# no ip classless

What according this link http://www.techexams.net/forums/ccna-cc ... sless.html do following

For example If I have next routing table

Code: Select all

# ip route list
172.28.60.0/22 dev eth0  proto kernel  scope link  src 172.28.61.222 
default via 172.28.60.1 dev eth0

If a packet comes in is destined for 172.28.64.100 then this packet is dropped . If packet is destined for 200.200.200.1, then this packet will be routed out the default route. Because the classfull portion 200.200.200 is not in the routing table.

If I do this, is it ok ?

Code: Select all

iptables -A OUTPUT -d 172.28.60.0/22 -j ACCEPT
iptables -A OUTPUT -d 172.28.0.0/16   -j DROP

Which range of IPs should i drop to get same behavior ?
Or its possible to get same behavior using other tools than iptables etc. iproute2 ?

I have limited knowledge of routing an networking so any idea helps . Thank you ...

Ralphred · Post by **Ralphred** » Thu Apr 10, 2014 11:26 am

All the iptables and routing behaviour I've seen in linux seems to work the same as a Cisco device with ip classless set, but it's not something I've ever considered too much.

Code: Select all

iptables -A OUTPUT -d 172.28.60.0/22 -j ACCEPT
iptables -A OUTPUT -d 172.28.0.0/16   -j DROP

Dropping the whole class B after allowing your /22's worth of it through in iptables is acceptable, would stop it getting routed via the gateway and mimic no ip classless at the same time.

Putting a static route for the whole class B to a dead end, with a higher metric than the actual route to your /22's worth, could appear to mimic in the same way; but it's mimicing it by being a broken routing table, albeit by design, without actually dropping the packets, and that makes me feel... uncomfortable.

AngelKnight · Post by **AngelKnight** » Sun Apr 13, 2014 5:25 pm

@inhibitor: Linux L3 forwarding is classless by default.

inhibitor wrote: For example If I have next routing table
Code: Select all
# ip route list
172.28.60.0/22 dev eth0  proto kernel  scope link  src 172.28.61.222 
default via 172.28.60.1 dev eth0
If a packet comes in is destined for 172.28.64.100 then this packet is dropped . If packet is destined for 200.200.200.1, then this packet will be routed out the default route. Because the classfull portion 200.200.200 is not in the routing table.

If you're asking if this will be the result, the answer is it will not: 172.28.64.100 will probably hit the default route and be forwarded to the listed destination.

If you're saying you're actually experiencing this behavior on a modern Linux box, then there's something unusual and more information will be needed in order to help you. Try attaching the output of "ip route show table all"

inhibitor · Post by **inhibitor** » Wed Apr 16, 2014 8:01 am

@AngelKnight

No I am not experiencing this behavior . But I would like . I would like to change default Linux behavior from ip classless to no ip classless .
And I was not sure how can I set it and if it's possible to do with iptables , iproute2 or any other tool .