4. Internet Router configuration¶
The Internet Router is the gateway between the Synthetic Internet (SI) and the internal network (or, network under test).
The Internet Router includes some configuration beyond packet-forwarding, so that it decrements IP packets’ time-to-live (TTL) field, giving the resulting traffic the illusion of more routing hops than are actually present in the SI. It adjusts packets’ TTLs using firewall rules, which can be examined using the command
>>> iptables -t mangle -n -L
The firewall rules are assigned in the first place by associating a TTL decrement value with each IP subnet that contains one or more IP addresses in the SI.
In order to do this, the Internet Router needs to know the IP subnets
for which it will change TTL values. These are the subnets for the
Synthetic Internet’s IP addresses, which are enumerated on
that host in /usr/local/tg/etc/ipfakes. While these are the
actual IP addresses on the SI, the size of the subnet containing them
is defined on the Internet Router, in
/usr/local/tg/etc/sysconfig/si-ttldec (the MASKLEN setting).
The location of the SI’s IP addresses on the Internet Router is also
defined in the same file (the IPFAKES settings).
To configure TTL decrementing:
Get the configuration file locations
>>> source /usr/local/tg/etc/sysconfig/si-ttldec
Copy the SI’s
ipfakes/directory onto the Internet Router>>> scp -R si:/usr/local/tg/etc/ipfakes $IPFAKES
Start the TTL decrementing
>>> systemctl start SkaionTTLDecrement.service
Reload the TTL decrementing configuration
>>> systemctl restart SkaionTTLDecrement.service
Stop the TTL decrementing
>>> systemctl stop SkaionTTLDecrement.service