Simulate multiple router hops with one PC?

How can one Linux server to pretend to route packets through multiple
"routers" for a network simulation? In other words, if I'm on client
10.0.0.2, and go "traceroute 10.0.10.1", I want to get back 10 router
hops but each of those "routers" are all just IPs residing on a single
physical Linux server.

I'm trying to figure out how to use 'route' or 'ip route' or
'iptables' or some form of source routing to do this. I can add as
many IPs as I want to one NIC (eth0:1 10.0.1.1 through eth0:10
10.0.10.1), but the problem comes when I want to do routing: packets
want to go straight from 10.0.0.1 to 10.0.10.1 without passing through
the intermediate 10.0.1.1, 10.0.2.1, 10.0.3.1, etc. Of course, that's
what you want in the real world, but I'd like to get 10 hops without
configuring 10 separate physical routers. I did find some old kernel
2.4 source routing information, but some of the commands don't seem to
work on my 2.6 kernel.

Is there a way to tell 'ip route' etc that it needs to go through
10.0.1.1, 10.0.2.1, 10.0.3.1, [...], 10.0.9.1 to talk to 10.0.10.1?

Probably still more work that you would like, but how about running 10
virtual machines, with each virtual machine a router in the chain?

BTW, just what are you trying to test with this sort of setup anyway?

rick jones
--
a wide gulf separates "what if" from "if only"
these opinions are mine, all mine; HP might not want them anyway...
feel free to post, OR email to rick.jones2 in hp.com but NOT BOTH...

> Probably still more work that you would like, but how about running 10
> virtual machines, with each virtual machine a router in the chain?

Yeah, that's my last resort if I can't do it any other way...

> BTW, just what are you trying to test with this sort of setup anyway?

Just making sure a device or software behaves the same when talking to
a host on the same subnet, one that's one router hop away, one that's
10 router hops, etc. Plus add in a few spices with NetEm to slow/
reorder/drop/duplicate/etc traffic to see what breaks.

One thing I might try is using the iptables mangle option to mark
packets, then route them based on the mark. Hopefully I can find a way
to make a packet spin 'round 9 times in iptables before it goes out
onto the wire.

On Jun 8, 8:32*am, tylernt <tyle...@gmail.com> wrote:
> > Probably still more work that you would like, but how about running 10
> > virtual machines, with each virtual machine a router in the chain?
>
> Yeah, that's my last resort if I can't do it any other way...
>
> > BTW, just what are you trying to test with this sort of setup anyway?
>
> Just making sure a device or software behaves the same when talking to
> a host on the same subnet, one that's one router hop away, one that's
> 10 router hops, etc. Plus add in a few spices with NetEm to slow/
> reorder/drop/duplicate/etc traffic to see what breaks.
>
> One thing I might try is using the iptables mangle option to mark
> packets, then route them based on the mark. Hopefully I can find a way
> to make a packet spin 'round 9 times in iptables before it goes out
> onto the wire.

I'm thinking you should be able to do it with dummy interfaces, having
not tried it, I don't know if it will work or not. But the basic idea
would be to create numerous dummy devices (9 in your case). Use route
to set the default gateway to point to the first dummy device, then
have each dummy device route to the next (dummy0(10.0.0.1) -> dummy1
(10.0.1.1) -> dummy2(10.0.2.1), etc). When you finally reach the last
dummy, have that point to your primary gateway. Then you should be
able to ping your primary gateway and get 10 hops.

Hello,

(E-Mail Removed) a écrit :
>
> I'm thinking you should be able to do it with dummy interfaces, having
> not tried it, I don't know if it will work or not.

It won't. A dummy interface is a black hole similar to /dev/null.

> have each dummy device route to the next (dummy0(10.0.0.1) -> dummy1

Network devices (interface) do not route. The IP stack does. There is
only one IP stack per node.

>> I'm thinking you should be able to do it with dummy interfaces, having
>> not tried it, I don't know if it will work or not. But the basic idea

Good idea. I tried it (well, with IP aliases like eth0:1 eth0:2 etc),
but couldn't get anywhere.

> There is only one IP stack per node.

This is pretty much where I'm at. I could never figure out how to make
a routed packet turn around and come back in to be routed again. I
suppose I could use two nodes, and let packets bounce back and forth 5
times to get 10 hops... that would scale much better than 1 node per
hop.

tylernt a écrit :
>>> I'm thinking you should be able to do it with dummy interfaces, having
>>> not tried it, I don't know if it will work or not. But the basic idea
>
> Good idea. I tried it (well, with IP aliases like eth0:1 eth0:2 etc),
> but couldn't get anywhere.

An IP alias is nothing more than an extra address on an interface. This
is nowhere close to an extra interface.

> This is pretty much where I'm at. I could never figure out how to make
> a routed packet turn around and come back in to be routed again. I
> suppose I could use two nodes, and let packets bounce back and forth 5
> times to get 10 hops... that would scale much better than 1 node per
> hop.

Wouldn't it be enough to just decrease the TTL of incoming packets by
10, which has the same effect as passing through 10 routers ? This can
be done with the TTL target of iptables. Of course in a traceroute you
would see 10 times the same router.

On Saturday 6 June 2009 00:46, tylernt wrote:

> How can one Linux server to pretend to route packets through multiple
> "routers" for a network simulation? In other words, if I'm on client
> 10.0.0.2, and go "traceroute 10.0.10.1", I want to get back 10 router
> hops but each of those "routers" are all just IPs residing on a single
> physical Linux server.

I'm not sure I get what you want, but have you tried honeyd?

> Wouldn't it be enough to just decrease the TTL of incoming packets by
> 10

Hm, interesting idea.

> I'm not sure I get what you want, but have you tried honeyd?

Another interesting idea.

Unfortunately, I already created a pile of VMs. However it sounds like
I've got a few options if I want to run fewer hosts. Thanks!